StakeSquid/ethereum-rpc-docker
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

some progress

Browse Source
This commit is contained in:
Para Dox
2025-04-10 14:43:11 +07:00
parent 5ce47e35dd
commit 20e9d26d44
219 changed files with 20641 additions and 43567 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
op/geth/base-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
base-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BASE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BASE_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10596:10596"
- "10596:10596/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10422:10422
- 10422:10422/udp
volumes:
#- ${BASE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-base-mainnet-op-geth-archive-leveldb-hash}:/data
- base-mainnet-op-geth-archive-leveldb-hash:/data
- ${BASE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-base-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=base-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10596"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.base-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/base-mainnet-archive"
- "traefik.http.services.base-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/base-mainnet-archive`)"
- "traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.middlewares=base-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=base-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10422
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.base-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/base-mainnet-archive
- traefik.http.services.base-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/base-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/base-mainnet-archive`)}
- traefik.http.routers.base-mainnet-op-geth-archive-leveldb-hash.middlewares=base-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
base-mainnet-archive-node:
image: ${BASE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BASE_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15422:15422
- 15422:15422/udp
environment:
- OP_NODE_NETWORK=base-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://base-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15422
- OP_NODE_P2P_LISTEN_UDP_PORT=15422
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
base-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15596:15596"
- "15596:15596/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=base-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://base-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15596"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15596"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
base-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: base
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/base-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
base-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BASE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BASE_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10422:10422"
- "10422:10422/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10422:10422
- 10422:10422/udp
volumes:
#- ${BASE_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-base-mainnet-op-geth-pruned-pebble-path}:/data
- base-mainnet-op-geth-pruned-pebble-path:/data
- ${BASE_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-base-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=base-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10422"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.base-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/base-mainnet"
- "traefik.http.services.base-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/base-mainnet`)"
- "traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.middlewares=base-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=base-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10422
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.base-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/base-mainnet
- traefik.http.services.base-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/base-mainnet`)}
- ${NO_SSL:+traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/base-mainnet`)}
- traefik.http.routers.base-mainnet-op-geth-pruned-pebble-path.middlewares=base-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
base-mainnet-node:
image: ${BASE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BASE_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15422:15422
- 15422:15422/udp
environment:
- OP_NODE_NETWORK=base-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://base-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15422
- OP_NODE_P2P_LISTEN_UDP_PORT=15422
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
base-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15422:15422"
- "15422:15422/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=base-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://base-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15422"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15422"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
base-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: base
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/base-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
base-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BASE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BASE_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10910:10910"
- "10910:10910/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10022:10022
- 10022:10022/udp
volumes:
#- ${BASE_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-base-sepolia-op-geth-archive-leveldb-hash}:/data
- base-sepolia-op-geth-archive-leveldb-hash:/data
- ${BASE_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-base-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=base-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10910"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.base-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/base-sepolia-archive"
- "traefik.http.services.base-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/base-sepolia-archive`)"
- "traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.middlewares=base-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=base-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10022
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.base-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/base-sepolia-archive
- traefik.http.services.base-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/base-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/base-sepolia-archive`)}
- traefik.http.routers.base-sepolia-op-geth-archive-leveldb-hash.middlewares=base-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
base-sepolia-archive-node:
image: ${BASE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BASE_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15022:15022
- 15022:15022/udp
environment:
- OP_NODE_NETWORK=base-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://base-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15022
- OP_NODE_P2P_LISTEN_UDP_PORT=15022
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
base-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15910:15910"
- "15910:15910/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=base-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://base-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15910"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15910"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
base-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: base-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/base-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
base-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BASE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BASE_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10022:10022"
- "10022:10022/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10022:10022
- 10022:10022/udp
volumes:
#- ${BASE_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-base-sepolia-op-geth-pruned-pebble-path}:/data
- base-sepolia-op-geth-pruned-pebble-path:/data
- ${BASE_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-base-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=base-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10022"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.base-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/base-sepolia"
- "traefik.http.services.base-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/base-sepolia`)"
- "traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.middlewares=base-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=base-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10022
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.base-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/base-sepolia
- traefik.http.services.base-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/base-sepolia`)}
- ${NO_SSL:+traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/base-sepolia`)}
- traefik.http.routers.base-sepolia-op-geth-pruned-pebble-path.middlewares=base-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
base-sepolia-node:
image: ${BASE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BASE_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15022:15022
- 15022:15022/udp
environment:
- OP_NODE_NETWORK=base-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://base-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15022
- OP_NODE_P2P_LISTEN_UDP_PORT=15022
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
base-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15022:15022"
- "15022:15022/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=base-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://base-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15022"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15022"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
base-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: base-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/blast-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,132 +1,139 @@
# use at your own risk
services:
blast-mainnet-archive:
image: blastio/blast-geth:v1.1.0-mainnet
image: ${BLAST_GETH_IMAGE:-blastio/blast-geth}:${BLAST_MAINNET_GETH_VERSION:-v1.1.0-mainnet}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10683:10683"
- "10683:10683/udp"
entrypoint: ["/bin/sh", "-c", "[ ! -d /data/geth ] && /usr/local/bin/geth init /config/genesis.json; exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10769:10769
- 10769:10769/udp
volumes:
#- ${BLAST_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-blast-mainnet-op-geth-archive-leveldb-hash}:/data
- blast-mainnet-op-geth-archive-leveldb-hash:/data
- ${BLAST_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-blast-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
- ./blast/mainnet:/config
env_file:
- ./blast/mainnet.env
environment:
- "GETH_DATADIR=/data"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10683"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
- "GETH_ROLLUP_SEQUENCERHTTP=https://sequencer.blast.io"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.blast-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/blast-mainnet-archive"
- "traefik.http.services.blast-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-mainnet-archive`)"
- "traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.middlewares=blast-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=blast-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10769
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.blast-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/blast-mainnet-archive
- traefik.http.services.blast-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/blast-mainnet-archive`)}
- traefik.http.routers.blast-mainnet-op-geth-archive-leveldb-hash.middlewares=blast-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
blast-mainnet-archive-node:
image: ${BLAST_NODE_IMAGE:-blastio/blast-optimism}:${BLAST_MAINNET_NODE_VERSION:-v1.1.0-mainnet}
ports:
- 15769:15769
- 15769:15769/udp
environment:
- OP_NODE_NETWORK=blast-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://blast-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15769
- OP_NODE_P2P_LISTEN_UDP_PORT=15769
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=consensus-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
blast-mainnet-archive-node:
image: blastio/blast-optimism:v1.1.0-mainnet
expose:
- 8545
- 7300
- 6060
ports:
- "15683:15683"
- "15683:15683/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
- ./blast/mainnet:/config
stop_grace_period: 30s
env_file:
- ./blast/mainnet.env
environment:
- "OP_NODE_ROLLUP_CONFIG=/config/rollup.json"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://blast-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15683"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15683"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
blast-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: blast
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/blast-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,132 +1,141 @@
# use at your own risk
services:
blast-mainnet:
image: blastio/blast-geth:v1.1.0-mainnet
image: ${BLAST_GETH_IMAGE:-blastio/blast-geth}:${BLAST_MAINNET_GETH_VERSION:-v1.1.0-mainnet}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10769:10769"
- "10769:10769/udp"
entrypoint: ["/bin/sh", "-c", "[ ! -d /data/geth ] && /usr/local/bin/geth init /config/genesis.json; exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10769:10769
- 10769:10769/udp
volumes:
#- ${BLAST_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-blast-mainnet-op-geth-pruned-pebble-path}:/data
- blast-mainnet-op-geth-pruned-pebble-path:/data
- ${BLAST_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-blast-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
- ./blast/mainnet:/config
env_file:
- ./blast/mainnet.env
environment:
- "GETH_DATADIR=/data"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10769"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
- "GETH_ROLLUP_SEQUENCERHTTP=https://sequencer.blast.io"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.blast-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/blast-mainnet"
- "traefik.http.services.blast-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-mainnet`)"
- "traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.middlewares=blast-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=blast-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10769
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.blast-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/blast-mainnet
- traefik.http.services.blast-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-mainnet`)}
- ${NO_SSL:+traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/blast-mainnet`)}
- traefik.http.routers.blast-mainnet-op-geth-pruned-pebble-path.middlewares=blast-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
blast-mainnet-node:
image: ${BLAST_NODE_IMAGE:-blastio/blast-optimism}:${BLAST_MAINNET_NODE_VERSION:-v1.1.0-mainnet}
ports:
- 15769:15769
- 15769:15769/udp
environment:
- OP_NODE_NETWORK=blast-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://blast-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15769
- OP_NODE_P2P_LISTEN_UDP_PORT=15769
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=consensus-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
blast-mainnet-node:
image: blastio/blast-optimism:v1.1.0-mainnet
expose:
- 8545
- 7300
- 6060
ports:
- "15769:15769"
- "15769:15769/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
- ./blast/mainnet:/config
stop_grace_period: 30s
env_file:
- ./blast/mainnet.env
environment:
- "OP_NODE_ROLLUP_CONFIG=/config/rollup.json"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://blast-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15769"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15769"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
blast-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: blast
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

228
op/geth/blast-sepolia-op-geth-pruned-pebble-hash.yml
View File

@@ -1,132 +1,140 @@
# use at your own risk
services:
blast-sepolia:
image: blastio/blast-geth:sepolia-v1.2.3
image: ${BLAST_GETH_IMAGE:-blastio/blast-geth}:${BLAST_SEPOLIA_GETH_VERSION:-sepolia-v1.2.3}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10591:10591"
- "10591:10591/udp"
entrypoint: ["/bin/sh", "-c", "[ ! -d /data/geth ] && /usr/local/bin/geth init /config/genesis.json; exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10591:10591
- 10591:10591/udp
volumes:
#- ${BLAST_SEPOLIA_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-blast-sepolia-op-geth-pruned-pebble-hash}:/data
- blast-sepolia-op-geth-pruned-pebble-hash:/data
- ${BLAST_SEPOLIA_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-blast-sepolia-op-geth-pruned-pebble-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
- ./blast/sepolia:/config
env_file:
- ./blast/sepolia.env
environment:
- "GETH_DATADIR=/data"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10591"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
- "GETH_ROLLUP_SEQUENCERHTTP=https://sequencer.s2.testblast.io"
- "GETH_OVERRIDE_ECOTONE_TIME=1713999600"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.blast-sepolia-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/blast-sepolia"
- "traefik.http.services.blast-sepolia-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.entrypoints=websecure"
- "traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.tls.certresolver=myresolver"
- "traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-sepolia`)"
- "traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.middlewares=blast-sepolia-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=blast-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10591
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.blast-sepolia-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/blast-sepolia
- traefik.http.services.blast-sepolia-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/blast-sepolia`)}
- ${NO_SSL:+traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.rule=PathPrefix(`/blast-sepolia`)}
- traefik.http.routers.blast-sepolia-op-geth-pruned-pebble-hash.middlewares=blast-sepolia-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist
blast-sepolia-node:
image: ${BLAST_NODE_IMAGE:-blastio/blast-optimism}:${BLAST_SEPOLIA_NODE_VERSION:-sepolia-v1.2.3}
ports:
- 15591:15591
- 15591:15591/udp
environment:
- OP_NODE_NETWORK=blast-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://blast-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15591
- OP_NODE_P2P_LISTEN_UDP_PORT=15591
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=consensus-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
blast-sepolia-node:
image: blastio/blast-optimism:sepolia-v1.2.3
expose:
- 8545
- 7300
- 6060
ports:
- "15591:15591"
- "15591:15591/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
- ./blast/sepolia:/config
stop_grace_period: 30s
env_file:
- ./blast/sepolia.env
environment:
- "OP_NODE_ROLLUP_CONFIG=/config/rollup.json"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://blast-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15591"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15591"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_ECOTONE_TIME=1713999600"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
blast-sepolia-op-geth-pruned-pebble-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: blast-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/bob-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
bob-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BOB_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10046:10046"
- "10046:10046/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10347:10347
- 10347:10347/udp
volumes:
#- ${BOB_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-bob-mainnet-op-geth-archive-leveldb-hash}:/data
- bob-mainnet-op-geth-archive-leveldb-hash:/data
- ${BOB_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-bob-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=bob-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10046"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.bob-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/bob-mainnet-archive"
- "traefik.http.services.bob-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet-archive`)"
- "traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.middlewares=bob-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=bob-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10347
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/bob-mainnet-archive
- traefik.http.services.bob-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/bob-mainnet-archive`)}
- traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.middlewares=bob-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
bob-mainnet-archive-node:
image: ${BOB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BOB_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15347:15347
- 15347:15347/udp
environment:
- OP_NODE_NETWORK=bob-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://bob-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15347
- OP_NODE_P2P_LISTEN_UDP_PORT=15347
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
bob-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15046:15046"
- "15046:15046/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=bob-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://bob-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15046"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15046"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
bob-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/bob-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
bob-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${BOB_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10347:10347"
- "10347:10347/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10347:10347
- 10347:10347/udp
volumes:
#- ${BOB_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-bob-mainnet-op-geth-pruned-pebble-path}:/data
- bob-mainnet-op-geth-pruned-pebble-path:/data
- ${BOB_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-bob-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=bob-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10347"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/bob-mainnet"
- "traefik.http.services.bob-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet`)"
- "traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.middlewares=bob-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=bob-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10347
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/bob-mainnet
- traefik.http.services.bob-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/bob-mainnet`)}
- traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.middlewares=bob-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
bob-mainnet-node:
image: ${BOB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${BOB_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15347:15347
- 15347:15347/udp
environment:
- OP_NODE_NETWORK=bob-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://bob-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15347
- OP_NODE_P2P_LISTEN_UDP_PORT=15347
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
bob-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15347:15347"
- "15347:15347/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=bob-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://bob-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15347"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15347"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
bob-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

139
op/geth/boba-mainnet-op-geth-pruned.yml Normal file
View File

@@ -0,0 +1,139 @@
# use at your own risk
services:
boba-mainnet:
image: ${BOBA_GETH_IMAGE:-us-docker.pkg.dev/boba-392114/bobanetwork-tools-artifacts/images/geth}:${BOBA_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10022:10022
- 10022:10022/udp
volumes:
- ${BOBA_MAINNET_OP_GETH_PRUNED_DATA:-boba-mainnet-op-geth-pruned}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=boba-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10022
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=
- --state.scheme=
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.boba-mainnet-op-geth-pruned-stripprefix.stripprefix.prefixes=/boba-mainnet
- traefik.http.services.boba-mainnet-op-geth-pruned.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.boba-mainnet-op-geth-pruned.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.boba-mainnet-op-geth-pruned.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.boba-mainnet-op-geth-pruned.rule=Host(`$DOMAIN`) && PathPrefix(`/boba-mainnet`)}
- ${NO_SSL:+traefik.http.routers.boba-mainnet-op-geth-pruned.rule=PathPrefix(`/boba-mainnet`)}
- traefik.http.routers.boba-mainnet-op-geth-pruned.middlewares=boba-mainnet-op-geth-pruned-stripprefix, ipwhitelist
boba-mainnet-node:
image: ${BOBA_NODE_IMAGE:-us-docker.pkg.dev/boba-392114/bobanetwork-tools-artifacts/images/node}:${BOBA_MAINNET_NODE_VERSION:-v1.6.18}
ports:
- 15022:15022
- 15022:15022/udp
environment:
- OP_NODE_NETWORK=boba-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://boba-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15022
- OP_NODE_P2P_LISTEN_UDP_PORT=15022
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
boba-mainnet-op-geth-pruned:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

140
op/geth/boba-sepolia-op-geth-pruned.yml Normal file
View File

@@ -0,0 +1,140 @@
# use at your own risk
services:
boba-sepolia:
image: ${BOBA_GETH_IMAGE:-us-docker.pkg.dev/boba-392114/bobanetwork-tools-artifacts/images/geth}:${BOBA_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10901:10901
- 10901:10901/udp
volumes:
- ${BOBA_SEPOLIA_OP_GETH_PRUNED_DATA:-boba-sepolia-op-geth-pruned}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=boba-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10901
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=
- --state.scheme=
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.boba-sepolia-op-geth-pruned-stripprefix.stripprefix.prefixes=/boba-sepolia
- traefik.http.services.boba-sepolia-op-geth-pruned.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.boba-sepolia-op-geth-pruned.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.boba-sepolia-op-geth-pruned.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.boba-sepolia-op-geth-pruned.rule=Host(`$DOMAIN`) && PathPrefix(`/boba-sepolia`)}
- ${NO_SSL:+traefik.http.routers.boba-sepolia-op-geth-pruned.rule=PathPrefix(`/boba-sepolia`)}
- traefik.http.routers.boba-sepolia-op-geth-pruned.middlewares=boba-sepolia-op-geth-pruned-stripprefix, ipwhitelist
boba-sepolia-node:
image: ${BOBA_NODE_IMAGE:-us-docker.pkg.dev/boba-392114/bobanetwork-tools-artifacts/images/node}:${BOBA_SEPOLIA_NODE_VERSION:-v1.6.18}
ports:
- 15901:15901
- 15901:15901/udp
environment:
- OP_NODE_NETWORK=boba-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://boba-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15901
- OP_NODE_P2P_LISTEN_UDP_PORT=15901
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
boba-sepolia-op-geth-pruned:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

166
op/geth/celo-alfajores-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,166 @@
# use at your own risk
services:
celo-alfajores-archive:
image: ${CELO_GETH_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth}:${CELO_ALFAJORES_GETH_VERSION:-celo-v2.0.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10457:10457
- 10457:10457/udp
volumes:
- ${CELO_ALFAJORES_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-celo-alfajores-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=celo-alfajores
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10457
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.celo-alfajores-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/celo-alfajores-archive
- traefik.http.services.celo-alfajores-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/celo-alfajores-archive`)}
- ${NO_SSL:+traefik.http.routers.celo-alfajores-op-geth-archive-leveldb-hash.rule=PathPrefix(`/celo-alfajores-archive`)}
- traefik.http.routers.celo-alfajores-op-geth-archive-leveldb-hash.middlewares=celo-alfajores-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
celo-alfajores-archive-node:
image: ${CELO_NODE_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/node}:${CELO_ALFAJORES_NODE_VERSION:-celo-v2.0.0}
ports:
- 15457:15457
- 15457:15457/udp
environment:
- OP_NODE_NETWORK=celo-alfajores
- OP_NODE_L1_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://celo-alfajores-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15457
- OP_NODE_P2P_LISTEN_UDP_PORT=15457
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_HOLESKY_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_HOLESKY_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_HOLESKY_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_HOLESKY_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
- NODE_IMAGE=us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/op-node
- NODE_VERSION=celo-v2.0.0
- OP_NODE_ALTDA_ENABLED=true
- OP_NODE_ALTDA_DA_SERVICE=true
- OP_NODE_ALTDA_VERIFY_ON_READ=false
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
celo-alfajores-archive-relay:
image: ${CELO_EIGENDA_PROXY_IMAGE:-ghcr.io/layr-labs/eigenda-proxy}:${CELO_ALFAJORES_EIGENDA_PROXY_VERSION:-v1.6.4}
ports:
- 20457:20457
- 20457:20457/udp
environment:
- EIGENDA_PROXY_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- EIGENDA_PROXY_PORT=20457
- EIGENDA_PROXY_IMAGE=ghcr.io/layr-labs/eigenda-proxy
- EIGENDA_PROXY_VERSION=v1.6.4
- EIGENDA_PROXY_EIGENDA_STATUS_QUERY_TIMEOUT=45m
- EIGENDA_PROXY_EIGENDA_MAX_BLOB_LENGTH=32MiB
- EIGENDA_PROXY_EIGENDA_CONFIRMATION_DEPTH=1
- EIGENDA_PROXY_EIGENDA_GRPC_DISABLE_TLS=false
networks:
- chains
volumes:
- ${CELO_ALFAJORES_OP_GETH_ARCHIVE_LEVELDB_HASH__EIGENDA_DATA:-celo-alfajores-op-geth-archive-leveldb-hash_eigenda}:/data
restart: unless-stopped
volumes:
celo-alfajores-op-geth-archive-leveldb-hash:
celo-alfajores-op-geth-archive-leveldb-hash_eigenda:
x-upstreams:
- chain: celo-alfajores
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

168
op/geth/celo-alfajores-op-geth-pruned-pebble-path.yml Normal file
View File

@@ -0,0 +1,168 @@
# use at your own risk
services:
celo-alfajores:
image: ${CELO_GETH_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth}:${CELO_ALFAJORES_GETH_VERSION:-celo-v2.0.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10457:10457
- 10457:10457/udp
volumes:
- ${CELO_ALFAJORES_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-celo-alfajores-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=celo-alfajores
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10457
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.celo-alfajores-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/celo-alfajores
- traefik.http.services.celo-alfajores-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.celo-alfajores-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/celo-alfajores`)}
- ${NO_SSL:+traefik.http.routers.celo-alfajores-op-geth-pruned-pebble-path.rule=PathPrefix(`/celo-alfajores`)}
- traefik.http.routers.celo-alfajores-op-geth-pruned-pebble-path.middlewares=celo-alfajores-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
celo-alfajores-node:
image: ${CELO_NODE_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/node}:${CELO_ALFAJORES_NODE_VERSION:-celo-v2.0.0}
ports:
- 15457:15457
- 15457:15457/udp
environment:
- OP_NODE_NETWORK=celo-alfajores
- OP_NODE_L1_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://celo-alfajores:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15457
- OP_NODE_P2P_LISTEN_UDP_PORT=15457
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_HOLESKY_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_HOLESKY_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_HOLESKY_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_HOLESKY_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
- NODE_IMAGE=us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/op-node
- NODE_VERSION=celo-v2.0.0
- OP_NODE_ALTDA_ENABLED=true
- OP_NODE_ALTDA_DA_SERVICE=true
- OP_NODE_ALTDA_VERIFY_ON_READ=false
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
celo-alfajores-relay:
image: ${CELO_EIGENDA_PROXY_IMAGE:-ghcr.io/layr-labs/eigenda-proxy}:${CELO_ALFAJORES_EIGENDA_PROXY_VERSION:-v1.6.4}
ports:
- 20457:20457
- 20457:20457/udp
environment:
- EIGENDA_PROXY_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- EIGENDA_PROXY_PORT=20457
- EIGENDA_PROXY_IMAGE=ghcr.io/layr-labs/eigenda-proxy
- EIGENDA_PROXY_VERSION=v1.6.4
- EIGENDA_PROXY_EIGENDA_STATUS_QUERY_TIMEOUT=45m
- EIGENDA_PROXY_EIGENDA_MAX_BLOB_LENGTH=32MiB
- EIGENDA_PROXY_EIGENDA_CONFIRMATION_DEPTH=1
- EIGENDA_PROXY_EIGENDA_GRPC_DISABLE_TLS=false
networks:
- chains
volumes:
- ${CELO_ALFAJORES_OP_GETH_PRUNED_PEBBLE_PATH__EIGENDA_DATA:-celo-alfajores-op-geth-pruned-pebble-path_eigenda}:/data
restart: unless-stopped
volumes:
celo-alfajores-op-geth-pruned-pebble-path:
celo-alfajores-op-geth-pruned-pebble-path_eigenda:
x-upstreams:
- chain: celo-alfajores
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

166
op/geth/celo-mainnet-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,166 @@
# use at your own risk
services:
celo-mainnet-archive:
image: ${CELO_GETH_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth}:${CELO_MAINNET_GETH_VERSION:-celo-v2.0.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10993:10993
- 10993:10993/udp
volumes:
- ${CELO_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-celo-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=celo-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10993
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.celo-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/celo-mainnet-archive
- traefik.http.services.celo-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/celo-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.celo-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/celo-mainnet-archive`)}
- traefik.http.routers.celo-mainnet-op-geth-archive-leveldb-hash.middlewares=celo-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
celo-mainnet-archive-node:
image: ${CELO_NODE_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/node}:${CELO_MAINNET_NODE_VERSION:-celo-v2.0.0}
ports:
- 15993:15993
- 15993:15993/udp
environment:
- OP_NODE_NETWORK=celo-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://celo-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15993
- OP_NODE_P2P_LISTEN_UDP_PORT=15993
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
- NODE_IMAGE=us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/op-node
- NODE_VERSION=celo-v2.0.0
- OP_NODE_ALTDA_ENABLED=true
- OP_NODE_ALTDA_DA_SERVICE=true
- OP_NODE_ALTDA_VERIFY_ON_READ=false
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
celo-mainnet-archive-relay:
image: ${CELO_EIGENDA_PROXY_IMAGE:-ghcr.io/layr-labs/eigenda-proxy}:${CELO_MAINNET_EIGENDA_PROXY_VERSION:-v1.6.4}
ports:
- 20993:20993
- 20993:20993/udp
environment:
- EIGENDA_PROXY_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- EIGENDA_PROXY_PORT=20993
- EIGENDA_PROXY_IMAGE=ghcr.io/layr-labs/eigenda-proxy
- EIGENDA_PROXY_VERSION=v1.6.4
- EIGENDA_PROXY_EIGENDA_STATUS_QUERY_TIMEOUT=45m
- EIGENDA_PROXY_EIGENDA_MAX_BLOB_LENGTH=32MiB
- EIGENDA_PROXY_EIGENDA_CONFIRMATION_DEPTH=1
- EIGENDA_PROXY_EIGENDA_GRPC_DISABLE_TLS=false
networks:
- chains
volumes:
- ${CELO_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH__EIGENDA_DATA:-celo-mainnet-op-geth-archive-leveldb-hash_eigenda}:/data
restart: unless-stopped
volumes:
celo-mainnet-op-geth-archive-leveldb-hash:
celo-mainnet-op-geth-archive-leveldb-hash_eigenda:
x-upstreams:
- chain: celo
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

168
op/geth/celo-mainnet-op-geth-pruned-pebble-path.yml Normal file
View File

@@ -0,0 +1,168 @@
# use at your own risk
services:
celo-mainnet:
image: ${CELO_GETH_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/geth}:${CELO_MAINNET_GETH_VERSION:-celo-v2.0.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10993:10993
- 10993:10993/udp
volumes:
- ${CELO_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-celo-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=celo-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10993
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.celo-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/celo-mainnet
- traefik.http.services.celo-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.celo-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/celo-mainnet`)}
- ${NO_SSL:+traefik.http.routers.celo-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/celo-mainnet`)}
- traefik.http.routers.celo-mainnet-op-geth-pruned-pebble-path.middlewares=celo-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
celo-mainnet-node:
image: ${CELO_NODE_IMAGE:-us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/node}:${CELO_MAINNET_NODE_VERSION:-celo-v2.0.0}
ports:
- 15993:15993
- 15993:15993/udp
environment:
- OP_NODE_NETWORK=celo-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://celo-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15993
- OP_NODE_P2P_LISTEN_UDP_PORT=15993
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
- NODE_IMAGE=us-west1-docker.pkg.dev/devopsre/celo-blockchain-public/op-node
- NODE_VERSION=celo-v2.0.0
- OP_NODE_ALTDA_ENABLED=true
- OP_NODE_ALTDA_DA_SERVICE=true
- OP_NODE_ALTDA_VERIFY_ON_READ=false
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
celo-mainnet-relay:
image: ${CELO_EIGENDA_PROXY_IMAGE:-ghcr.io/layr-labs/eigenda-proxy}:${CELO_MAINNET_EIGENDA_PROXY_VERSION:-v1.6.4}
ports:
- 20993:20993
- 20993:20993/udp
environment:
- EIGENDA_PROXY_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- EIGENDA_PROXY_PORT=20993
- EIGENDA_PROXY_IMAGE=ghcr.io/layr-labs/eigenda-proxy
- EIGENDA_PROXY_VERSION=v1.6.4
- EIGENDA_PROXY_EIGENDA_STATUS_QUERY_TIMEOUT=45m
- EIGENDA_PROXY_EIGENDA_MAX_BLOB_LENGTH=32MiB
- EIGENDA_PROXY_EIGENDA_CONFIRMATION_DEPTH=1
- EIGENDA_PROXY_EIGENDA_GRPC_DISABLE_TLS=false
networks:
- chains
volumes:
- ${CELO_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH__EIGENDA_DATA:-celo-mainnet-op-geth-pruned-pebble-path_eigenda}:/data
restart: unless-stopped
volumes:
celo-mainnet-op-geth-pruned-pebble-path:
celo-mainnet-op-geth-pruned-pebble-path_eigenda:
x-upstreams:
- chain: celo
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

139
op/geth/fraxtal-mainnet-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,139 @@
# use at your own risk
services:
fraxtal-mainnet-archive:
image: ${FRAXTAL_GETH_IMAGE:-ghcr.io/fraxfinance/fraxtal-geth}:${FRAXTAL_MAINNET_GETH_VERSION:-v1.101503.1-frax-1.2.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10282:10282
- 10282:10282/udp
volumes:
- ${FRAXTAL_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-fraxtal-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=fraxtal-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10282
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.fraxtal-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/fraxtal-mainnet-archive
- traefik.http.services.fraxtal-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/fraxtal-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.fraxtal-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/fraxtal-mainnet-archive`)}
- traefik.http.routers.fraxtal-mainnet-op-geth-archive-leveldb-hash.middlewares=fraxtal-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
fraxtal-mainnet-archive-node:
image: ${FRAXTAL_NODE_IMAGE:-ghcr.io/fraxfinance/fraxtal-node}:${FRAXTAL_MAINNET_NODE_VERSION:-v1.12.2-frax-1.1.0}
ports:
- 15282:15282
- 15282:15282/udp
environment:
- OP_NODE_NETWORK=fraxtal-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://fraxtal-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15282
- OP_NODE_P2P_LISTEN_UDP_PORT=15282
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
fraxtal-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

141
op/geth/fraxtal-mainnet-op-geth-pruned-pebble-path.yml Normal file
View File

@@ -0,0 +1,141 @@
# use at your own risk
services:
fraxtal-mainnet:
image: ${FRAXTAL_GETH_IMAGE:-ghcr.io/fraxfinance/fraxtal-geth}:${FRAXTAL_MAINNET_GETH_VERSION:-v1.101503.1-frax-1.2.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10282:10282
- 10282:10282/udp
volumes:
- ${FRAXTAL_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-fraxtal-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=fraxtal-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10282
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.fraxtal-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/fraxtal-mainnet
- traefik.http.services.fraxtal-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.fraxtal-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/fraxtal-mainnet`)}
- ${NO_SSL:+traefik.http.routers.fraxtal-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/fraxtal-mainnet`)}
- traefik.http.routers.fraxtal-mainnet-op-geth-pruned-pebble-path.middlewares=fraxtal-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
fraxtal-mainnet-node:
image: ${FRAXTAL_NODE_IMAGE:-ghcr.io/fraxfinance/fraxtal-node}:${FRAXTAL_MAINNET_NODE_VERSION:-v1.12.2-frax-1.1.0}
ports:
- 15282:15282
- 15282:15282/udp
environment:
- OP_NODE_NETWORK=fraxtal-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://fraxtal-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15282
- OP_NODE_P2P_LISTEN_UDP_PORT=15282
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
fraxtal-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

140
op/geth/fraxtal-testnet-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,140 @@
# use at your own risk
services:
fraxtal-testnet-archive:
image: ${FRAXTAL_GETH_IMAGE:-ghcr.io/fraxfinance/fraxtal-geth}:${FRAXTAL_TESTNET_GETH_VERSION:-v1.101503.1-frax-1.2.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10370:10370
- 10370:10370/udp
volumes:
- ${FRAXTAL_TESTNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-fraxtal-testnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=fraxtal-testnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10370
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.fraxtal-testnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/fraxtal-testnet-archive
- traefik.http.services.fraxtal-testnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/fraxtal-testnet-archive`)}
- ${NO_SSL:+traefik.http.routers.fraxtal-testnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/fraxtal-testnet-archive`)}
- traefik.http.routers.fraxtal-testnet-op-geth-archive-leveldb-hash.middlewares=fraxtal-testnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
fraxtal-testnet-archive-node:
image: ${FRAXTAL_NODE_IMAGE:-ghcr.io/fraxfinance/fraxtal-node}:${FRAXTAL_TESTNET_NODE_VERSION:-v1.12.2-frax-1.1.0}
ports:
- 15370:15370
- 15370:15370/udp
environment:
- OP_NODE_NETWORK=fraxtal-testnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://fraxtal-testnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15370
- OP_NODE_P2P_LISTEN_UDP_PORT=15370
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
fraxtal-testnet-op-geth-archive-leveldb-hash:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

142
op/geth/fraxtal-testnet-op-geth-pruned-pebble-path.yml Normal file
View File

@@ -0,0 +1,142 @@
# use at your own risk
services:
fraxtal-testnet:
image: ${FRAXTAL_GETH_IMAGE:-ghcr.io/fraxfinance/fraxtal-geth}:${FRAXTAL_TESTNET_GETH_VERSION:-v1.101503.1-frax-1.2.0}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10370:10370
- 10370:10370/udp
volumes:
- ${FRAXTAL_TESTNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-fraxtal-testnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=fraxtal-testnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10370
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.fraxtal-testnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/fraxtal-testnet
- traefik.http.services.fraxtal-testnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.fraxtal-testnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/fraxtal-testnet`)}
- ${NO_SSL:+traefik.http.routers.fraxtal-testnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/fraxtal-testnet`)}
- traefik.http.routers.fraxtal-testnet-op-geth-pruned-pebble-path.middlewares=fraxtal-testnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
fraxtal-testnet-node:
image: ${FRAXTAL_NODE_IMAGE:-ghcr.io/fraxfinance/fraxtal-node}:${FRAXTAL_TESTNET_NODE_VERSION:-v1.12.2-frax-1.1.0}
ports:
- 15370:15370
- 15370:15370/udp
environment:
- OP_NODE_NETWORK=fraxtal-testnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://fraxtal-testnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15370
- OP_NODE_P2P_LISTEN_UDP_PORT=15370
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
fraxtal-testnet-op-geth-pruned-pebble-path:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/hashkeychain-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
hashkeychain-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${HASHKEYCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${HASHKEYCHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10113:10113"
- "10113:10113/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10188:10188
- 10188:10188/udp
volumes:
#- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-hashkeychain-mainnet-op-geth-archive-leveldb-hash}:/data
- hashkeychain-mainnet-op-geth-archive-leveldb-hash:/data
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-hashkeychain-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=hashkeychain-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10113"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.hashkeychain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet-archive"
- "traefik.http.services.hashkeychain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-mainnet-archive`)"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.middlewares=hashkeychain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=hashkeychain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10188
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet-archive
- traefik.http.services.hashkeychain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/hashkeychain-mainnet-archive`)}
- traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.middlewares=hashkeychain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
hashkeychain-mainnet-archive-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15188:15188
- 15188:15188/udp
environment:
- OP_NODE_NETWORK=hashkeychain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://hashkeychain-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15188
- OP_NODE_P2P_LISTEN_UDP_PORT=15188
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
hashkeychain-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15113:15113"
- "15113:15113/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=hashkeychain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://hashkeychain-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15113"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15113"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
hashkeychain-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: hashkey
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/hashkeychain-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
hashkeychain-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${HASHKEYCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${HASHKEYCHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10188:10188"
- "10188:10188/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10188:10188
- 10188:10188/udp
volumes:
#- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-hashkeychain-mainnet-op-geth-pruned-pebble-path}:/data
- hashkeychain-mainnet-op-geth-pruned-pebble-path:/data
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-hashkeychain-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=hashkeychain-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10188"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.hashkeychain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet"
- "traefik.http.services.hashkeychain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-mainnet`)"
- "traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.middlewares=hashkeychain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=hashkeychain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10188
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet
- traefik.http.services.hashkeychain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-mainnet`)}
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/hashkeychain-mainnet`)}
- traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.middlewares=hashkeychain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
hashkeychain-mainnet-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15188:15188
- 15188:15188/udp
environment:
- OP_NODE_NETWORK=hashkeychain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://hashkeychain-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15188
- OP_NODE_P2P_LISTEN_UDP_PORT=15188
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
hashkeychain-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15188:15188"
- "15188:15188/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=hashkeychain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://hashkeychain-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15188"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15188"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
hashkeychain-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: hashkey
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/ink-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
ink-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${INK_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10713:10713"
- "10713:10713/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10271:10271
- 10271:10271/udp
volumes:
#- ${INK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-mainnet-op-geth-archive-leveldb-hash}:/data
- ink-mainnet-op-geth-archive-leveldb-hash:/data
- ${INK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=ink-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10713"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.ink-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-mainnet-archive"
- "traefik.http.services.ink-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet-archive`)"
- "traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.middlewares=ink-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=ink-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10271
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-mainnet-archive
- traefik.http.services.ink-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/ink-mainnet-archive`)}
- traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.middlewares=ink-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
ink-mainnet-archive-node:
image: ${INK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${INK_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15271:15271
- 15271:15271/udp
environment:
- OP_NODE_NETWORK=ink-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://ink-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15271
- OP_NODE_P2P_LISTEN_UDP_PORT=15271
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
ink-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15713:15713"
- "15713:15713/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=ink-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://ink-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15713"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15713"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
ink-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: ink
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/ink-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
ink-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${INK_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10271:10271"
- "10271:10271/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10271:10271
- 10271:10271/udp
volumes:
#- ${INK_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-mainnet-op-geth-pruned-pebble-path}:/data
- ink-mainnet-op-geth-pruned-pebble-path:/data
- ${INK_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=ink-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10271"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.ink-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-mainnet"
- "traefik.http.services.ink-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet`)"
- "traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.middlewares=ink-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=ink-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10271
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-mainnet
- traefik.http.services.ink-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet`)}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/ink-mainnet`)}
- traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.middlewares=ink-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
ink-mainnet-node:
image: ${INK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${INK_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15271:15271
- 15271:15271/udp
environment:
- OP_NODE_NETWORK=ink-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://ink-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15271
- OP_NODE_P2P_LISTEN_UDP_PORT=15271
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
ink-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15271:15271"
- "15271:15271/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=ink-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://ink-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15271"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15271"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
ink-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: ink
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/ink-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
ink-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${INK_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10659:10659"
- "10659:10659/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10869:10869
- 10869:10869/udp
volumes:
#- ${INK_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-sepolia-op-geth-archive-leveldb-hash}:/data
- ink-sepolia-op-geth-archive-leveldb-hash:/data
- ${INK_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=ink-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10659"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.ink-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-sepolia-archive"
- "traefik.http.services.ink-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-archive`)"
- "traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.middlewares=ink-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=ink-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10869
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-sepolia-archive
- traefik.http.services.ink-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/ink-sepolia-archive`)}
- traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.middlewares=ink-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
ink-sepolia-archive-node:
image: ${INK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${INK_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15869:15869
- 15869:15869/udp
environment:
- OP_NODE_NETWORK=ink-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://ink-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15869
- OP_NODE_P2P_LISTEN_UDP_PORT=15869
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
ink-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15659:15659"
- "15659:15659/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=ink-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://ink-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15659"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15659"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
ink-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/ink-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
ink-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${INK_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10869:10869"
- "10869:10869/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10869:10869
- 10869:10869/udp
volumes:
#- ${INK_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-sepolia-op-geth-pruned-pebble-path}:/data
- ink-sepolia-op-geth-pruned-pebble-path:/data
- ${INK_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=ink-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10869"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.ink-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-sepolia"
- "traefik.http.services.ink-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia`)"
- "traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.middlewares=ink-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=ink-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10869
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-sepolia
- traefik.http.services.ink-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/ink-sepolia`)}
- traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.middlewares=ink-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
ink-sepolia-node:
image: ${INK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${INK_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15869:15869
- 15869:15869/udp
environment:
- OP_NODE_NETWORK=ink-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://ink-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15869
- OP_NODE_P2P_LISTEN_UDP_PORT=15869
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
ink-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15869:15869"
- "15869:15869/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=ink-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://ink-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15869"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15869"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
ink-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/lisk-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
lisk-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${LISK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${LISK_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10157:10157"
- "10157:10157/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10971:10971
- 10971:10971/udp
volumes:
#- ${LISK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-lisk-mainnet-op-geth-archive-leveldb-hash}:/data
- lisk-mainnet-op-geth-archive-leveldb-hash:/data
- ${LISK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-lisk-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=lisk-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10157"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/lisk-mainnet-archive"
- "traefik.http.services.lisk-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-archive`)"
- "traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.middlewares=lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=lisk-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10971
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/lisk-mainnet-archive
- traefik.http.services.lisk-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/lisk-mainnet-archive`)}
- traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.middlewares=lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
lisk-mainnet-archive-node:
image: ${LISK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${LISK_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15971:15971
- 15971:15971/udp
environment:
- OP_NODE_NETWORK=lisk-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://lisk-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15971
- OP_NODE_P2P_LISTEN_UDP_PORT=15971
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
lisk-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15157:15157"
- "15157:15157/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=lisk-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://lisk-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15157"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15157"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
lisk-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/lisk-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
lisk-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${LISK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${LISK_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10971:10971"
- "10971:10971/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10971:10971
- 10971:10971/udp
volumes:
#- ${LISK_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-lisk-mainnet-op-geth-pruned-pebble-path}:/data
- lisk-mainnet-op-geth-pruned-pebble-path:/data
- ${LISK_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-lisk-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=lisk-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10971"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.lisk-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/lisk-mainnet"
- "traefik.http.services.lisk-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet`)"
- "traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.middlewares=lisk-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=lisk-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10971
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/lisk-mainnet
- traefik.http.services.lisk-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/lisk-mainnet`)}
- traefik.http.routers.lisk-mainnet-op-geth-pruned-pebble-path.middlewares=lisk-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
lisk-mainnet-node:
image: ${LISK_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${LISK_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15971:15971
- 15971:15971/udp
environment:
- OP_NODE_NETWORK=lisk-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://lisk-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15971
- OP_NODE_P2P_LISTEN_UDP_PORT=15971
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
lisk-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15971:15971"
- "15971:15971/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=lisk-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://lisk-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15971"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15971"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
lisk-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

234
op/geth/lisk-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,147 @@
# use at your own risk
services:
lisk-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${LISK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${LISK_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10457:10457"
- "10457:10457/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10490:10490
- 10490:10490/udp
volumes:
#- ${LISK_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-lisk-sepolia-op-geth-archive-leveldb-hash}:/data
- lisk-sepolia-op-geth-archive-leveldb-hash:/data
- ${LISK_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-lisk-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=lisk-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10457"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.lisk-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/lisk-sepolia-archive"
- "traefik.http.services.lisk-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-sepolia-archive`)"
- "traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.middlewares=lisk-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=lisk-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10490
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.lisk-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/lisk-sepolia-archive
- traefik.http.services.lisk-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/lisk-sepolia-archive`)}
- traefik.http.routers.lisk-sepolia-op-geth-archive-leveldb-hash.middlewares=lisk-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
lisk-sepolia-archive-node:
build:
context: ./op
dockerfile: node.Dockerfile
args:
OP_REPO: https://github.com/ethereum-optimism/optimism.git
OP_VERSION: v1.12.1
OP_PATCH: lisk/sepolia/node.patch
ports:
- 15490:15490
- 15490:15490/udp
environment:
- OP_NODE_NETWORK=lisk-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://lisk-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15490
- OP_NODE_P2P_LISTEN_UDP_PORT=15490
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
lisk-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.1
expose:
- 8545
- 7300
- 6060
ports:
- "15457:15457"
- "15457:15457/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=lisk-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://lisk-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15457"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15457"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
lisk-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

234
op/geth/lisk-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,149 @@
# use at your own risk
services:
lisk-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${LISK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${LISK_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10490:10490"
- "10490:10490/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10490:10490
- 10490:10490/udp
volumes:
#- ${LISK_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-lisk-sepolia-op-geth-pruned-pebble-path}:/data
- lisk-sepolia-op-geth-pruned-pebble-path:/data
- ${LISK_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-lisk-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=lisk-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10490"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.lisk-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/lisk-sepolia"
- "traefik.http.services.lisk-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-sepolia`)"
- "traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.middlewares=lisk-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=lisk-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10490
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.lisk-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/lisk-sepolia
- traefik.http.services.lisk-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-sepolia`)}
- ${NO_SSL:+traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/lisk-sepolia`)}
- traefik.http.routers.lisk-sepolia-op-geth-pruned-pebble-path.middlewares=lisk-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
lisk-sepolia-node:
build:
context: ./op
dockerfile: node.Dockerfile
args:
OP_REPO: https://github.com/ethereum-optimism/optimism.git
OP_VERSION: v1.12.1
OP_PATCH: lisk/sepolia/node.patch
ports:
- 15490:15490
- 15490:15490/udp
environment:
- OP_NODE_NETWORK=lisk-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://lisk-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15490
- OP_NODE_P2P_LISTEN_UDP_PORT=15490
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
lisk-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.1
expose:
- 8545
- 7300
- 6060
ports:
- "15490:15490"
- "15490:15490/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=lisk-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://lisk-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15490"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15490"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
lisk-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/mantle-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,132 +1,139 @@
# use at your own risk
services:
mantle-mainnet-archive:
image: mantlenetworkio/mantle-op-geth:v1.1.1
image: ${MANTLE_GETH_IMAGE:-mantlenetworkio/mantle-geth}:${MANTLE_MAINNET_GETH_VERSION:-v1.1.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10055:10055"
- "10055:10055/udp"
entrypoint: ["/bin/sh", "-c", "[ ! -d /data/geth ] && /usr/local/bin/geth init /config/genesis.json; exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10067:10067
- 10067:10067/udp
volumes:
#- ${MANTLE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mantle-mainnet-op-geth-archive-leveldb-hash}:/data
- mantle-mainnet-op-geth-archive-leveldb-hash:/data
- ${MANTLE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mantle-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
- ./mantle/mainnet:/config
env_file:
- ./mantle/mainnet.env
environment:
- "GETH_DATADIR=/data"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10055"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mantle-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-mainnet-archive"
- "traefik.http.services.mantle-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-mainnet-archive`)"
- "traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.middlewares=mantle-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mantle-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10067
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mantle-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-mainnet-archive
- traefik.http.services.mantle-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/mantle-mainnet-archive`)}
- traefik.http.routers.mantle-mainnet-op-geth-archive-leveldb-hash.middlewares=mantle-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
mantle-mainnet-archive-node:
image: ${MANTLE_NODE_IMAGE:-mantlenetworkio/mantle-node}:${MANTLE_MAINNET_NODE_VERSION:-v1.1.1}
ports:
- 15067:15067
- 15067:15067/udp
environment:
- OP_NODE_NETWORK=mantle-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mantle-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15067
- OP_NODE_P2P_LISTEN_UDP_PORT=15067
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mantle-mainnet-archive-node:
image: mantlenetworkio/mantle-op-node:v1.1.1
expose:
- 8545
- 7300
- 6060
ports:
- "15055:15055"
- "15055:15055/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
- ./mantle/mainnet:/config
stop_grace_period: 30s
env_file:
- ./mantle/mainnet.env
environment:
- "OP_NODE_ROLLUP_CONFIG=/config/rollup.json"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mantle-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15055"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15055"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mantle-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/mantle-mainnet-op-geth-pruned-leveldb-hash.yml
View File

@@ -1,132 +1,139 @@
# use at your own risk
services:
mantle-mainnet:
image: mantlenetworkio/mantle-op-geth:v1.1.1
image: ${MANTLE_GETH_IMAGE:-mantlenetworkio/mantle-geth}:${MANTLE_MAINNET_GETH_VERSION:-v1.1.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10067:10067"
- "10067:10067/udp"
entrypoint: ["/bin/sh", "-c", "[ ! -d /data/geth ] && /usr/local/bin/geth init /config/genesis.json; exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10067:10067
- 10067:10067/udp
volumes:
#- ${MANTLE_MAINNET_OP_GETH_PRUNED_LEVELDB_HASH_DATA:-mantle-mainnet-op-geth-pruned-leveldb-hash}:/data
- mantle-mainnet-op-geth-pruned-leveldb-hash:/data
- ${MANTLE_MAINNET_OP_GETH_PRUNED_LEVELDB_HASH_DATA:-mantle-mainnet-op-geth-pruned-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
- ./mantle/mainnet:/config
env_file:
- ./mantle/mainnet.env
environment:
- "GETH_DATADIR=/data"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10067"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mantle-mainnet-op-geth-pruned-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-mainnet"
- "traefik.http.services.mantle-mainnet-op-geth-pruned-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-mainnet`)"
- "traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.middlewares=mantle-mainnet-op-geth-pruned-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mantle-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10067
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mantle-mainnet-op-geth-pruned-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-mainnet
- traefik.http.services.mantle-mainnet-op-geth-pruned-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-mainnet`)}
- ${NO_SSL:+traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.rule=PathPrefix(`/mantle-mainnet`)}
- traefik.http.routers.mantle-mainnet-op-geth-pruned-leveldb-hash.middlewares=mantle-mainnet-op-geth-pruned-leveldb-hash-stripprefix, ipwhitelist
mantle-mainnet-node:
image: ${MANTLE_NODE_IMAGE:-mantlenetworkio/mantle-node}:${MANTLE_MAINNET_NODE_VERSION:-v1.1.1}
ports:
- 15067:15067
- 15067:15067/udp
environment:
- OP_NODE_NETWORK=mantle-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mantle-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15067
- OP_NODE_P2P_LISTEN_UDP_PORT=15067
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mantle-mainnet-node:
image: mantlenetworkio/mantle-op-node:v1.1.1
expose:
- 8545
- 7300
- 6060
ports:
- "15067:15067"
- "15067:15067/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
- ./mantle/mainnet:/config
stop_grace_period: 30s
env_file:
- ./mantle/mainnet.env
environment:
- "OP_NODE_ROLLUP_CONFIG=/config/rollup.json"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mantle-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15067"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15067"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mantle-mainnet-op-geth-pruned-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

140
op/geth/mantle-sepolia-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,140 @@
# use at your own risk
services:
mantle-sepolia-archive:
image: ${MANTLE_GETH_IMAGE:-mantlenetworkio/mantle-geth}:${MANTLE_SEPOLIA_GETH_VERSION:-v1.1.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10358:10358
- 10358:10358/udp
volumes:
- ${MANTLE_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mantle-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=mantle-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10358
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mantle-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-sepolia-archive
- traefik.http.services.mantle-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.mantle-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/mantle-sepolia-archive`)}
- traefik.http.routers.mantle-sepolia-op-geth-archive-leveldb-hash.middlewares=mantle-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
mantle-sepolia-archive-node:
image: ${MANTLE_NODE_IMAGE:-mantlenetworkio/mantle-node}:${MANTLE_SEPOLIA_NODE_VERSION:-v1.1.1}
ports:
- 15358:15358
- 15358:15358/udp
environment:
- OP_NODE_NETWORK=mantle-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mantle-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15358
- OP_NODE_P2P_LISTEN_UDP_PORT=15358
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
mantle-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

140
op/geth/mantle-sepolia-op-geth-pruned-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,140 @@
# use at your own risk
services:
mantle-sepolia:
image: ${MANTLE_GETH_IMAGE:-mantlenetworkio/mantle-geth}:${MANTLE_SEPOLIA_GETH_VERSION:-v1.1.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10358:10358
- 10358:10358/udp
volumes:
- ${MANTLE_SEPOLIA_OP_GETH_PRUNED_LEVELDB_HASH_DATA:-mantle-sepolia-op-geth-pruned-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=mantle-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10358
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mantle-sepolia-op-geth-pruned-leveldb-hash-stripprefix.stripprefix.prefixes=/mantle-sepolia
- traefik.http.services.mantle-sepolia-op-geth-pruned-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-pruned-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-pruned-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mantle-sepolia-op-geth-pruned-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mantle-sepolia`)}
- ${NO_SSL:+traefik.http.routers.mantle-sepolia-op-geth-pruned-leveldb-hash.rule=PathPrefix(`/mantle-sepolia`)}
- traefik.http.routers.mantle-sepolia-op-geth-pruned-leveldb-hash.middlewares=mantle-sepolia-op-geth-pruned-leveldb-hash-stripprefix, ipwhitelist
mantle-sepolia-node:
image: ${MANTLE_NODE_IMAGE:-mantlenetworkio/mantle-node}:${MANTLE_SEPOLIA_NODE_VERSION:-v1.1.1}
ports:
- 15358:15358
- 15358:15358/udp
environment:
- OP_NODE_NETWORK=mantle-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mantle-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15358
- OP_NODE_P2P_LISTEN_UDP_PORT=15358
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
mantle-sepolia-op-geth-pruned-leveldb-hash:
x-upstreams:
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/metal-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
metal-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${METAL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${METAL_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10324:10324"
- "10324:10324/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10821:10821
- 10821:10821/udp
volumes:
#- ${METAL_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-metal-mainnet-op-geth-archive-leveldb-hash}:/data
- metal-mainnet-op-geth-archive-leveldb-hash:/data
- ${METAL_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-metal-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=metal-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10324"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.metal-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/metal-mainnet-archive"
- "traefik.http.services.metal-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-mainnet-archive`)"
- "traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.middlewares=metal-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=metal-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10821
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.metal-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/metal-mainnet-archive
- traefik.http.services.metal-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/metal-mainnet-archive`)}
- traefik.http.routers.metal-mainnet-op-geth-archive-leveldb-hash.middlewares=metal-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
metal-mainnet-archive-node:
image: ${METAL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${METAL_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15821:15821
- 15821:15821/udp
environment:
- OP_NODE_NETWORK=metal-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://metal-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15821
- OP_NODE_P2P_LISTEN_UDP_PORT=15821
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
metal-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15324:15324"
- "15324:15324/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=metal-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://metal-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15324"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15324"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
metal-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/metal-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
metal-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${METAL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${METAL_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10821:10821"
- "10821:10821/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10821:10821
- 10821:10821/udp
volumes:
#- ${METAL_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-metal-mainnet-op-geth-pruned-pebble-path}:/data
- metal-mainnet-op-geth-pruned-pebble-path:/data
- ${METAL_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-metal-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=metal-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10821"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.metal-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/metal-mainnet"
- "traefik.http.services.metal-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-mainnet`)"
- "traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.middlewares=metal-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=metal-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10821
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.metal-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/metal-mainnet
- traefik.http.services.metal-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-mainnet`)}
- ${NO_SSL:+traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/metal-mainnet`)}
- traefik.http.routers.metal-mainnet-op-geth-pruned-pebble-path.middlewares=metal-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
metal-mainnet-node:
image: ${METAL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${METAL_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15821:15821
- 15821:15821/udp
environment:
- OP_NODE_NETWORK=metal-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://metal-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15821
- OP_NODE_P2P_LISTEN_UDP_PORT=15821
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
metal-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15821:15821"
- "15821:15821/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=metal-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://metal-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15821"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15821"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
metal-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/metal-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
metal-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${METAL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${METAL_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10770:10770"
- "10770:10770/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10701:10701
- 10701:10701/udp
volumes:
#- ${METAL_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-metal-sepolia-op-geth-archive-leveldb-hash}:/data
- metal-sepolia-op-geth-archive-leveldb-hash:/data
- ${METAL_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-metal-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=metal-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10770"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.metal-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/metal-sepolia-archive"
- "traefik.http.services.metal-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-sepolia-archive`)"
- "traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.middlewares=metal-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=metal-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10701
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.metal-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/metal-sepolia-archive
- traefik.http.services.metal-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/metal-sepolia-archive`)}
- traefik.http.routers.metal-sepolia-op-geth-archive-leveldb-hash.middlewares=metal-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
metal-sepolia-archive-node:
image: ${METAL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${METAL_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15701:15701
- 15701:15701/udp
environment:
- OP_NODE_NETWORK=metal-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://metal-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15701
- OP_NODE_P2P_LISTEN_UDP_PORT=15701
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
metal-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15770:15770"
- "15770:15770/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=metal-sepolia"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://metal-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15770"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15770"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
metal-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/metal-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
metal-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${METAL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${METAL_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10701:10701"
- "10701:10701/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10701:10701
- 10701:10701/udp
volumes:
#- ${METAL_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-metal-sepolia-op-geth-pruned-pebble-path}:/data
- metal-sepolia-op-geth-pruned-pebble-path:/data
- ${METAL_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-metal-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=metal-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10701"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.metal-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/metal-sepolia"
- "traefik.http.services.metal-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-sepolia`)"
- "traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.middlewares=metal-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=metal-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10701
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.metal-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/metal-sepolia
- traefik.http.services.metal-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/metal-sepolia`)}
- ${NO_SSL:+traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/metal-sepolia`)}
- traefik.http.routers.metal-sepolia-op-geth-pruned-pebble-path.middlewares=metal-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
metal-sepolia-node:
image: ${METAL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${METAL_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15701:15701
- 15701:15701/udp
environment:
- OP_NODE_NETWORK=metal-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://metal-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15701
- OP_NODE_P2P_LISTEN_UDP_PORT=15701
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
metal-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15701:15701"
- "15701:15701/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=metal-sepolia"
- "OP_NODE_SYNCMODE=consensus-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://metal-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15701"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15701"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
metal-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/mode-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
mode-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${MODE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${MODE_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10430:10430"
- "10430:10430/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10054:10054
- 10054:10054/udp
volumes:
#- ${MODE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mode-mainnet-op-geth-archive-leveldb-hash}:/data
- mode-mainnet-op-geth-archive-leveldb-hash:/data
- ${MODE_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mode-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=mode-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10430"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mode-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mode-mainnet-archive"
- "traefik.http.services.mode-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-mainnet-archive`)"
- "traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.middlewares=mode-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mode-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10054
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mode-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mode-mainnet-archive
- traefik.http.services.mode-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/mode-mainnet-archive`)}
- traefik.http.routers.mode-mainnet-op-geth-archive-leveldb-hash.middlewares=mode-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
mode-mainnet-archive-node:
image: ${MODE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${MODE_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15054:15054
- 15054:15054/udp
environment:
- OP_NODE_NETWORK=mode-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mode-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15054
- OP_NODE_P2P_LISTEN_UDP_PORT=15054
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mode-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15430:15430"
- "15430:15430/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=mode-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mode-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15430"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15430"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mode-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/mode-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
mode-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${MODE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${MODE_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10054:10054"
- "10054:10054/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10054:10054
- 10054:10054/udp
volumes:
#- ${MODE_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-mode-mainnet-op-geth-pruned-pebble-path}:/data
- mode-mainnet-op-geth-pruned-pebble-path:/data
- ${MODE_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-mode-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=mode-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10054"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mode-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/mode-mainnet"
- "traefik.http.services.mode-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-mainnet`)"
- "traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.middlewares=mode-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mode-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10054
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mode-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/mode-mainnet
- traefik.http.services.mode-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-mainnet`)}
- ${NO_SSL:+traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/mode-mainnet`)}
- traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-path.middlewares=mode-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
mode-mainnet-node:
image: ${MODE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${MODE_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15054:15054
- 15054:15054/udp
environment:
- OP_NODE_NETWORK=mode-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mode-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15054
- OP_NODE_P2P_LISTEN_UDP_PORT=15054
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mode-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15054:15054"
- "15054:15054/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=mode-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mode-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15054"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15054"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mode-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/mode-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
mode-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${MODE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${MODE_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10835:10835"
- "10835:10835/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10308:10308
- 10308:10308/udp
volumes:
#- ${MODE_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mode-sepolia-op-geth-archive-leveldb-hash}:/data
- mode-sepolia-op-geth-archive-leveldb-hash:/data
- ${MODE_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-mode-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=mode-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10835"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mode-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mode-sepolia-archive"
- "traefik.http.services.mode-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-sepolia-archive`)"
- "traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.middlewares=mode-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mode-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10308
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mode-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/mode-sepolia-archive
- traefik.http.services.mode-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/mode-sepolia-archive`)}
- traefik.http.routers.mode-sepolia-op-geth-archive-leveldb-hash.middlewares=mode-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
mode-sepolia-archive-node:
image: ${MODE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${MODE_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15308:15308
- 15308:15308/udp
environment:
- OP_NODE_NETWORK=mode-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mode-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15308
- OP_NODE_P2P_LISTEN_UDP_PORT=15308
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mode-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15835:15835"
- "15835:15835/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=mode-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mode-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15835"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15835"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mode-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: mode-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/mode-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
mode-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${MODE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${MODE_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10308:10308"
- "10308:10308/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10308:10308
- 10308:10308/udp
volumes:
#- ${MODE_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-mode-sepolia-op-geth-pruned-pebble-path}:/data
- mode-sepolia-op-geth-pruned-pebble-path:/data
- ${MODE_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-mode-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=mode-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10308"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.mode-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/mode-sepolia"
- "traefik.http.services.mode-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-sepolia`)"
- "traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.middlewares=mode-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=mode-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10308
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.mode-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/mode-sepolia
- traefik.http.services.mode-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-sepolia`)}
- ${NO_SSL:+traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/mode-sepolia`)}
- traefik.http.routers.mode-sepolia-op-geth-pruned-pebble-path.middlewares=mode-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
mode-sepolia-node:
image: ${MODE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${MODE_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15308:15308
- 15308:15308/udp
environment:
- OP_NODE_NETWORK=mode-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://mode-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15308
- OP_NODE_P2P_LISTEN_UDP_PORT=15308
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
mode-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15308:15308"
- "15308:15308/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=mode-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://mode-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15308"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15308"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
mode-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: mode-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/op-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
op-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${OP_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10399:10399"
- "10399:10399/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10687:10687
- 10687:10687/udp
volumes:
#- ${OP_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-mainnet-op-geth-archive-leveldb-hash}:/data
- op-mainnet-op-geth-archive-leveldb-hash:/data
- ${OP_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=op-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10399"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.op-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/op-mainnet-archive"
- "traefik.http.services.op-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-archive`)"
- "traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.middlewares=op-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=op-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10687
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/op-mainnet-archive
- traefik.http.services.op-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/op-mainnet-archive`)}
- traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.middlewares=op-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
op-mainnet-archive-node:
image: ${OP_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${OP_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15687:15687
- 15687:15687/udp
environment:
- OP_NODE_NETWORK=op-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://op-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15687
- OP_NODE_P2P_LISTEN_UDP_PORT=15687
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
op-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15399:15399"
- "15399:15399/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=op-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://op-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15399"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15399"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
op-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/op-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
op-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${OP_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10687:10687"
- "10687:10687/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10687:10687
- 10687:10687/udp
volumes:
#- ${OP_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-mainnet-op-geth-pruned-pebble-path}:/data
- op-mainnet-op-geth-pruned-pebble-path:/data
- ${OP_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=op-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10687"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-mainnet"
- "traefik.http.services.op-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet`)"
- "traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.middlewares=op-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=op-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10687
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-mainnet
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/op-mainnet`)}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.middlewares=op-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
op-mainnet-node:
image: ${OP_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${OP_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15687:15687
- 15687:15687/udp
environment:
- OP_NODE_NETWORK=op-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://op-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15687
- OP_NODE_P2P_LISTEN_UDP_PORT=15687
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
op-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15687:15687"
- "15687:15687/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=op-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://op-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15687"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15687"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
op-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/op-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
op-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${OP_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10257:10257"
- "10257:10257/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10981:10981
- 10981:10981/udp
volumes:
#- ${OP_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-sepolia-op-geth-archive-leveldb-hash}:/data
- op-sepolia-op-geth-archive-leveldb-hash:/data
- ${OP_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=op-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10257"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.op-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/op-sepolia-archive"
- "traefik.http.services.op-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/op-sepolia-archive`)"
- "traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.middlewares=op-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=op-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10981
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.op-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/op-sepolia-archive
- traefik.http.services.op-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/op-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/op-sepolia-archive`)}
- traefik.http.routers.op-sepolia-op-geth-archive-leveldb-hash.middlewares=op-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
op-sepolia-archive-node:
image: ${OP_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${OP_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15981:15981
- 15981:15981/udp
environment:
- OP_NODE_NETWORK=op-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://op-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15981
- OP_NODE_P2P_LISTEN_UDP_PORT=15981
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
op-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15257:15257"
- "15257:15257/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=op-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://op-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15257"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15257"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
op-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: optimism-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/op-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
op-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${OP_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10981:10981"
- "10981:10981/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10981:10981
- 10981:10981/udp
volumes:
#- ${OP_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-sepolia-op-geth-pruned-pebble-path}:/data
- op-sepolia-op-geth-pruned-pebble-path:/data
- ${OP_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=op-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10981"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.op-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-sepolia"
- "traefik.http.services.op-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/op-sepolia`)"
- "traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.middlewares=op-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=op-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10981
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.op-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-sepolia
- traefik.http.services.op-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/op-sepolia`)}
- ${NO_SSL:+traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/op-sepolia`)}
- traefik.http.routers.op-sepolia-op-geth-pruned-pebble-path.middlewares=op-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
op-sepolia-node:
image: ${OP_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${OP_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15981:15981
- 15981:15981/udp
environment:
- OP_NODE_NETWORK=op-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://op-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15981
- OP_NODE_P2P_LISTEN_UDP_PORT=15981
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
op-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15981:15981"
- "15981:15981/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=op-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://op-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15981"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15981"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
op-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: optimism-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/snax-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
snax-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${SNAX_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SNAX_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10249:10249"
- "10249:10249/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10332:10332
- 10332:10332/udp
volumes:
#- ${SNAX_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-snax-mainnet-op-geth-archive-leveldb-hash}:/data
- snax-mainnet-op-geth-archive-leveldb-hash:/data
- ${SNAX_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-snax-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=snax-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10249"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.snax-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/snax-mainnet-archive"
- "traefik.http.services.snax-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/snax-mainnet-archive`)"
- "traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.middlewares=snax-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=snax-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10332
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.snax-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/snax-mainnet-archive
- traefik.http.services.snax-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/snax-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/snax-mainnet-archive`)}
- traefik.http.routers.snax-mainnet-op-geth-archive-leveldb-hash.middlewares=snax-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
snax-mainnet-archive-node:
image: ${SNAX_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SNAX_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15332:15332
- 15332:15332/udp
environment:
- OP_NODE_NETWORK=snax-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://snax-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15332
- OP_NODE_P2P_LISTEN_UDP_PORT=15332
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
snax-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15249:15249"
- "15249:15249/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=snax-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://snax-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15249"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15249"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
snax-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/snax-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
snax-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${SNAX_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SNAX_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10332:10332"
- "10332:10332/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10332:10332
- 10332:10332/udp
volumes:
#- ${SNAX_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-snax-mainnet-op-geth-pruned-pebble-path}:/data
- snax-mainnet-op-geth-pruned-pebble-path:/data
- ${SNAX_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-snax-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=snax-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10332"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.snax-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/snax-mainnet"
- "traefik.http.services.snax-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/snax-mainnet`)"
- "traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.middlewares=snax-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=snax-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10332
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.snax-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/snax-mainnet
- traefik.http.services.snax-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/snax-mainnet`)}
- ${NO_SSL:+traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/snax-mainnet`)}
- traefik.http.routers.snax-mainnet-op-geth-pruned-pebble-path.middlewares=snax-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
snax-mainnet-node:
image: ${SNAX_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SNAX_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15332:15332
- 15332:15332/udp
environment:
- OP_NODE_NETWORK=snax-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://snax-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15332
- OP_NODE_P2P_LISTEN_UDP_PORT=15332
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
snax-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15332:15332"
- "15332:15332/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=snax-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://snax-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15332"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15332"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
snax-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

140
op/geth/soneium-minato-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,140 @@
# use at your own risk
services:
soneium-minato-archive:
image: ${SONEIUM_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SONEIUM_MINATO_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10702:10702
- 10702:10702/udp
volumes:
- ${SONEIUM_MINATO_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-soneium-minato-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=soneium-minato
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10702
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.soneium-minato-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/soneium-minato-archive
- traefik.http.services.soneium-minato-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-minato-archive`)}
- ${NO_SSL:+traefik.http.routers.soneium-minato-op-geth-archive-leveldb-hash.rule=PathPrefix(`/soneium-minato-archive`)}
- traefik.http.routers.soneium-minato-op-geth-archive-leveldb-hash.middlewares=soneium-minato-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
soneium-minato-archive-node:
image: ${SONEIUM_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SONEIUM_MINATO_NODE_VERSION:-v1.12.2}
ports:
- 15702:15702
- 15702:15702/udp
environment:
- OP_NODE_NETWORK=soneium-minato
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://soneium-minato-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15702
- OP_NODE_P2P_LISTEN_UDP_PORT=15702
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
soneium-minato-op-geth-archive-leveldb-hash:
x-upstreams:
- chain: soneium-minato
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

142
op/geth/soneium-minato-op-geth-pruned-pebble-path.yml Normal file
View File

@@ -0,0 +1,142 @@
# use at your own risk
services:
soneium-minato:
image: ${SONEIUM_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SONEIUM_MINATO_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10702:10702
- 10702:10702/udp
volumes:
- ${SONEIUM_MINATO_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-soneium-minato-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=soneium-minato
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10702
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.soneium-minato-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/soneium-minato
- traefik.http.services.soneium-minato-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-minato-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-minato`)}
- ${NO_SSL:+traefik.http.routers.soneium-minato-op-geth-pruned-pebble-path.rule=PathPrefix(`/soneium-minato`)}
- traefik.http.routers.soneium-minato-op-geth-pruned-pebble-path.middlewares=soneium-minato-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
soneium-minato-node:
image: ${SONEIUM_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SONEIUM_MINATO_NODE_VERSION:-v1.12.2}
ports:
- 15702:15702
- 15702:15702/udp
environment:
- OP_NODE_NETWORK=soneium-minato
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://soneium-minato:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15702
- OP_NODE_P2P_LISTEN_UDP_PORT=15702
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
soneium-minato-op-geth-pruned-pebble-path:
x-upstreams:
- chain: soneium-minato
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/swell-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
swell-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${SWELL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SWELL_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10863:10863"
- "10863:10863/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10312:10312
- 10312:10312/udp
volumes:
#- ${SWELL_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-swell-mainnet-op-geth-archive-leveldb-hash}:/data
- swell-mainnet-op-geth-archive-leveldb-hash:/data
- ${SWELL_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-swell-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=swell-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10863"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.swell-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/swell-mainnet-archive"
- "traefik.http.services.swell-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/swell-mainnet-archive`)"
- "traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.middlewares=swell-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=swell-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10312
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.swell-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/swell-mainnet-archive
- traefik.http.services.swell-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/swell-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/swell-mainnet-archive`)}
- traefik.http.routers.swell-mainnet-op-geth-archive-leveldb-hash.middlewares=swell-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
swell-mainnet-archive-node:
image: ${SWELL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SWELL_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15312:15312
- 15312:15312/udp
environment:
- OP_NODE_NETWORK=swell-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://swell-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15312
- OP_NODE_P2P_LISTEN_UDP_PORT=15312
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
swell-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15863:15863"
- "15863:15863/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=swell-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://swell-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15863"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15863"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
swell-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: swell
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/swell-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
swell-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${SWELL_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${SWELL_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10312:10312"
- "10312:10312/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10312:10312
- 10312:10312/udp
volumes:
#- ${SWELL_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-swell-mainnet-op-geth-pruned-pebble-path}:/data
- swell-mainnet-op-geth-pruned-pebble-path:/data
- ${SWELL_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-swell-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=swell-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10312"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.swell-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/swell-mainnet"
- "traefik.http.services.swell-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/swell-mainnet`)"
- "traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.middlewares=swell-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=swell-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10312
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.swell-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/swell-mainnet
- traefik.http.services.swell-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/swell-mainnet`)}
- ${NO_SSL:+traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/swell-mainnet`)}
- traefik.http.routers.swell-mainnet-op-geth-pruned-pebble-path.middlewares=swell-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
swell-mainnet-node:
image: ${SWELL_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${SWELL_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15312:15312
- 15312:15312/udp
environment:
- OP_NODE_NETWORK=swell-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://swell-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15312
- OP_NODE_P2P_LISTEN_UDP_PORT=15312
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
swell-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15312:15312"
- "15312:15312/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=swell-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://swell-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15312"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15312"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
swell-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: swell
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/unichain-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
unichain-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${UNICHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10789:10789"
- "10789:10789/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10954:10954
- 10954:10954/udp
volumes:
#- ${UNICHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-unichain-mainnet-op-geth-archive-leveldb-hash}:/data
- unichain-mainnet-op-geth-archive-leveldb-hash:/data
- ${UNICHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-unichain-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=unichain-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10789"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/unichain-mainnet-archive"
- "traefik.http.services.unichain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-archive`)"
- "traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.middlewares=unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=unichain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10954
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/unichain-mainnet-archive
- traefik.http.services.unichain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/unichain-mainnet-archive`)}
- traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.middlewares=unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
unichain-mainnet-archive-node:
image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${UNICHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15954:15954
- 15954:15954/udp
environment:
- OP_NODE_NETWORK=unichain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15954
- OP_NODE_P2P_LISTEN_UDP_PORT=15954
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
unichain-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15789:15789"
- "15789:15789/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=unichain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15789"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15789"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
unichain-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: unichain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/unichain-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
unichain-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${UNICHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10954:10954"
- "10954:10954/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10954:10954
- 10954:10954/udp
volumes:
#- ${UNICHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-mainnet-op-geth-pruned-pebble-path}:/data
- unichain-mainnet-op-geth-pruned-pebble-path:/data
- ${UNICHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=unichain-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10954"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-mainnet"
- "traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet`)"
- "traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=unichain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10954
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-mainnet
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/unichain-mainnet`)}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
unichain-mainnet-node:
image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${UNICHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15954:15954
- 15954:15954/udp
environment:
- OP_NODE_NETWORK=unichain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15954
- OP_NODE_P2P_LISTEN_UDP_PORT=15954
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
unichain-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15954:15954"
- "15954:15954/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=unichain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15954"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15954"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
unichain-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: unichain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/unichain-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
unichain-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${UNICHAIN_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10589:10589"
- "10589:10589/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10226:10226
- 10226:10226/udp
volumes:
#- ${UNICHAIN_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-unichain-sepolia-op-geth-archive-leveldb-hash}:/data
- unichain-sepolia-op-geth-archive-leveldb-hash:/data
- ${UNICHAIN_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-unichain-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=unichain-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10589"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.unichain-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/unichain-sepolia-archive"
- "traefik.http.services.unichain-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-sepolia-archive`)"
- "traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.middlewares=unichain-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=unichain-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10226
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.unichain-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/unichain-sepolia-archive
- traefik.http.services.unichain-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/unichain-sepolia-archive`)}
- traefik.http.routers.unichain-sepolia-op-geth-archive-leveldb-hash.middlewares=unichain-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
unichain-sepolia-archive-node:
image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${UNICHAIN_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15226:15226
- 15226:15226/udp
environment:
- OP_NODE_NETWORK=unichain-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://unichain-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15226
- OP_NODE_P2P_LISTEN_UDP_PORT=15226
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
unichain-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15589:15589"
- "15589:15589/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=unichain-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://unichain-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15589"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15589"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
unichain-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: unichain-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/unichain-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
unichain-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${UNICHAIN_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10226:10226"
- "10226:10226/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10226:10226
- 10226:10226/udp
volumes:
#- ${UNICHAIN_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-sepolia-op-geth-pruned-pebble-path}:/data
- unichain-sepolia-op-geth-pruned-pebble-path:/data
- ${UNICHAIN_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=unichain-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10226"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.unichain-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-sepolia"
- "traefik.http.services.unichain-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-sepolia`)"
- "traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.middlewares=unichain-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=unichain-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10226
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.unichain-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-sepolia
- traefik.http.services.unichain-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-sepolia`)}
- ${NO_SSL:+traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/unichain-sepolia`)}
- traefik.http.routers.unichain-sepolia-op-geth-pruned-pebble-path.middlewares=unichain-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
unichain-sepolia-node:
image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${UNICHAIN_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15226:15226
- 15226:15226/udp
environment:
- OP_NODE_NETWORK=unichain-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://unichain-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15226
- OP_NODE_P2P_LISTEN_UDP_PORT=15226
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
unichain-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15226:15226"
- "15226:15226/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=unichain-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://unichain-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15226"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15226"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
unichain-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: unichain-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/worldchain-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
worldchain-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${WORLDCHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10162:10162"
- "10162:10162/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10096:10096
- 10096:10096/udp
volumes:
#- ${WORLDCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-worldchain-mainnet-op-geth-archive-leveldb-hash}:/data
- worldchain-mainnet-op-geth-archive-leveldb-hash:/data
- ${WORLDCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-worldchain-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=worldchain-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10162"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/worldchain-mainnet-archive"
- "traefik.http.services.worldchain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet-archive`)"
- "traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.middlewares=worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=worldchain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10096
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/worldchain-mainnet-archive
- traefik.http.services.worldchain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/worldchain-mainnet-archive`)}
- traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.middlewares=worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
worldchain-mainnet-archive-node:
image: ${WORLDCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${WORLDCHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15096:15096
- 15096:15096/udp
environment:
- OP_NODE_NETWORK=worldchain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://worldchain-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15096
- OP_NODE_P2P_LISTEN_UDP_PORT=15096
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
worldchain-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15162:15162"
- "15162:15162/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=worldchain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://worldchain-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15162"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15162"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
worldchain-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: worldchain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/worldchain-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
worldchain-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${WORLDCHAIN_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10096:10096"
- "10096:10096/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10096:10096
- 10096:10096/udp
volumes:
#- ${WORLDCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-worldchain-mainnet-op-geth-pruned-pebble-path}:/data
- worldchain-mainnet-op-geth-pruned-pebble-path:/data
- ${WORLDCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-worldchain-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=worldchain-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10096"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/worldchain-mainnet"
- "traefik.http.services.worldchain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet`)"
- "traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.middlewares=worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=worldchain-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10096
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/worldchain-mainnet
- traefik.http.services.worldchain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet`)}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/worldchain-mainnet`)}
- traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.middlewares=worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
worldchain-mainnet-node:
image: ${WORLDCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${WORLDCHAIN_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15096:15096
- 15096:15096/udp
environment:
- OP_NODE_NETWORK=worldchain-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://worldchain-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15096
- OP_NODE_P2P_LISTEN_UDP_PORT=15096
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
worldchain-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15096:15096"
- "15096:15096/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=worldchain-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://worldchain-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15096"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15096"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
worldchain-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: worldchain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/worldchain-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
worldchain-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${WORLDCHAIN_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10720:10720"
- "10720:10720/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10620:10620
- 10620:10620/udp
volumes:
#- ${WORLDCHAIN_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-worldchain-sepolia-op-geth-archive-leveldb-hash}:/data
- worldchain-sepolia-op-geth-archive-leveldb-hash:/data
- ${WORLDCHAIN_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-worldchain-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=worldchain-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10720"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.worldchain-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/worldchain-sepolia-archive"
- "traefik.http.services.worldchain-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-sepolia-archive`)"
- "traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.middlewares=worldchain-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=worldchain-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10620
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.worldchain-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/worldchain-sepolia-archive
- traefik.http.services.worldchain-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/worldchain-sepolia-archive`)}
- traefik.http.routers.worldchain-sepolia-op-geth-archive-leveldb-hash.middlewares=worldchain-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
worldchain-sepolia-archive-node:
image: ${WORLDCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${WORLDCHAIN_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15620:15620
- 15620:15620/udp
environment:
- OP_NODE_NETWORK=worldchain-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://worldchain-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15620
- OP_NODE_P2P_LISTEN_UDP_PORT=15620
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
worldchain-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15720:15720"
- "15720:15720/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=worldchain-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://worldchain-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15720"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15720"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
worldchain-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: worldchain-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/worldchain-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
worldchain-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${WORLDCHAIN_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10620:10620"
- "10620:10620/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10620:10620
- 10620:10620/udp
volumes:
#- ${WORLDCHAIN_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-worldchain-sepolia-op-geth-pruned-pebble-path}:/data
- worldchain-sepolia-op-geth-pruned-pebble-path:/data
- ${WORLDCHAIN_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-worldchain-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=worldchain-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10620"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.worldchain-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/worldchain-sepolia"
- "traefik.http.services.worldchain-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-sepolia`)"
- "traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.middlewares=worldchain-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=worldchain-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10620
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.worldchain-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/worldchain-sepolia
- traefik.http.services.worldchain-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-sepolia`)}
- ${NO_SSL:+traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/worldchain-sepolia`)}
- traefik.http.routers.worldchain-sepolia-op-geth-pruned-pebble-path.middlewares=worldchain-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
worldchain-sepolia-node:
image: ${WORLDCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${WORLDCHAIN_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15620:15620
- 15620:15620/udp
environment:
- OP_NODE_NETWORK=worldchain-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://worldchain-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15620
- OP_NODE_P2P_LISTEN_UDP_PORT=15620
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
worldchain-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15620:15620"
- "15620:15620/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=worldchain-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://worldchain-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15620"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15620"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
worldchain-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain: worldchain-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

146
op/geth/zircuit-garfield-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,146 @@
# use at your own risk
services:
zircuit-garfield-archive:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_GARFIELD_GETH_VERSION:-8c1510f239424270a5d5967e1eaeecebe172208f}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10397:10397
- 10397:10397/udp
volumes:
- ${ZIRCUIT_GARFIELD_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zircuit-garfield-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-garfield
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_GARFIELD_WS_SECRET}@${ZIRCUIT_GARFIELD_ETH_STATS_SERVER}:${ZIRCUIT_GARFIELD_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10397
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-garfield-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zircuit-garfield-archive
- traefik.http.services.zircuit-garfield-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-garfield-archive`)}
- ${NO_SSL:+traefik.http.routers.zircuit-garfield-op-geth-archive-leveldb-hash.rule=PathPrefix(`/zircuit-garfield-archive`)}
- traefik.http.routers.zircuit-garfield-op-geth-archive-leveldb-hash.middlewares=zircuit-garfield-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
zircuit-garfield-archive-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_GARFIELD_NODE_VERSION:-8c1510f239424270a5d5967e1eaeecebe172208f}
ports:
- 15397:15397
- 15397:15397/udp
environment:
- OP_NODE_NETWORK=zircuit-garfield
- OP_NODE_L1_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-garfield-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15397
- OP_NODE_P2P_LISTEN_UDP_PORT=15397
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_HOLESKY_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_HOLESKY_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_HOLESKY_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_HOLESKY_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-garfield-op-geth-archive-leveldb-hash:
x-upstreams:
- chain: zircuit-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

146
op/geth/zircuit-garfield-op-geth-pruned-pebble-hash.yml Normal file
View File

@@ -0,0 +1,146 @@
# use at your own risk
services:
zircuit-garfield:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_GARFIELD_GETH_VERSION:-8c1510f239424270a5d5967e1eaeecebe172208f}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10397:10397
- 10397:10397/udp
volumes:
- ${ZIRCUIT_GARFIELD_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-zircuit-garfield-op-geth-pruned-pebble-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-garfield
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_GARFIELD_WS_SECRET}@${ZIRCUIT_GARFIELD_ETH_STATS_SERVER}:${ZIRCUIT_GARFIELD_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10397
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-garfield-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/zircuit-garfield
- traefik.http.services.zircuit-garfield-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-pruned-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-pruned-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-garfield-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-garfield`)}
- ${NO_SSL:+traefik.http.routers.zircuit-garfield-op-geth-pruned-pebble-hash.rule=PathPrefix(`/zircuit-garfield`)}
- traefik.http.routers.zircuit-garfield-op-geth-pruned-pebble-hash.middlewares=zircuit-garfield-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist
zircuit-garfield-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_GARFIELD_NODE_VERSION:-8c1510f239424270a5d5967e1eaeecebe172208f}
ports:
- 15397:15397
- 15397:15397/udp
environment:
- OP_NODE_NETWORK=zircuit-garfield
- OP_NODE_L1_ETH_RPC=${ETHEREUM_HOLESKY_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-garfield:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15397
- OP_NODE_P2P_LISTEN_UDP_PORT=15397
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_HOLESKY_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_HOLESKY_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_HOLESKY_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_HOLESKY_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-garfield-op-geth-pruned-pebble-hash:
x-upstreams:
- chain: zircuit-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

146
op/geth/zircuit-mainnet-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,146 @@
# use at your own risk
services:
zircuit-mainnet-archive:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_MAINNET_GETH_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10688:10688
- 10688:10688/udp
volumes:
- ${ZIRCUIT_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zircuit-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-mainnet
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_MAINNET_WS_SECRET}@${ZIRCUIT_MAINNET_ETH_STATS_SERVER}:${ZIRCUIT_MAINNET_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10688
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zircuit-mainnet-archive
- traefik.http.services.zircuit-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.zircuit-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/zircuit-mainnet-archive`)}
- traefik.http.routers.zircuit-mainnet-op-geth-archive-leveldb-hash.middlewares=zircuit-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
zircuit-mainnet-archive-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15688:15688
- 15688:15688/udp
environment:
- OP_NODE_NETWORK=zircuit-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15688
- OP_NODE_P2P_LISTEN_UDP_PORT=15688
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- chain: zircuit-mainnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

146
op/geth/zircuit-mainnet-op-geth-pruned-pebble-hash.yml Normal file
View File

@@ -0,0 +1,146 @@
# use at your own risk
services:
zircuit-mainnet:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_MAINNET_GETH_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10688:10688
- 10688:10688/udp
volumes:
- ${ZIRCUIT_MAINNET_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-zircuit-mainnet-op-geth-pruned-pebble-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-mainnet
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_MAINNET_WS_SECRET}@${ZIRCUIT_MAINNET_ETH_STATS_SERVER}:${ZIRCUIT_MAINNET_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10688
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-mainnet-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/zircuit-mainnet
- traefik.http.services.zircuit-mainnet-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-pruned-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-pruned-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-mainnet-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-mainnet`)}
- ${NO_SSL:+traefik.http.routers.zircuit-mainnet-op-geth-pruned-pebble-hash.rule=PathPrefix(`/zircuit-mainnet`)}
- traefik.http.routers.zircuit-mainnet-op-geth-pruned-pebble-hash.middlewares=zircuit-mainnet-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist
zircuit-mainnet-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15688:15688
- 15688:15688/udp
environment:
- OP_NODE_NETWORK=zircuit-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15688
- OP_NODE_P2P_LISTEN_UDP_PORT=15688
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-mainnet-op-geth-pruned-pebble-hash:
x-upstreams:
- chain: zircuit-mainnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

147
op/geth/zircuit-testnet-op-geth-archive-leveldb-hash.yml Normal file
View File

@@ -0,0 +1,147 @@
# use at your own risk
services:
zircuit-testnet-archive:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_TESTNET_GETH_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10357:10357
- 10357:10357/udp
volumes:
- ${ZIRCUIT_TESTNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zircuit-testnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-testnet
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_TESTNET_WS_SECRET}@${ZIRCUIT_TESTNET_ETH_STATS_SERVER}:${ZIRCUIT_TESTNET_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10357
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-testnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zircuit-testnet-archive
- traefik.http.services.zircuit-testnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-testnet-archive`)}
- ${NO_SSL:+traefik.http.routers.zircuit-testnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/zircuit-testnet-archive`)}
- traefik.http.routers.zircuit-testnet-op-geth-archive-leveldb-hash.middlewares=zircuit-testnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
zircuit-testnet-archive-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_TESTNET_NODE_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
ports:
- 15357:15357
- 15357:15357/udp
environment:
- OP_NODE_NETWORK=zircuit-testnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-testnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15357
- OP_NODE_P2P_LISTEN_UDP_PORT=15357
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-testnet-op-geth-archive-leveldb-hash:
x-upstreams:
- chain: zircuit-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

147
op/geth/zircuit-testnet-op-geth-pruned-pebble-hash.yml Normal file
View File

@@ -0,0 +1,147 @@
# use at your own risk
services:
zircuit-testnet:
image: ${ZIRCUIT_GETH_IMAGE:-zircuit1/l2-geth}:${ZIRCUIT_TESTNET_GETH_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 8551
ports:
- 10357:10357
- 10357:10357/udp
volumes:
- ${ZIRCUIT_TESTNET_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-zircuit-testnet-op-geth-pruned-pebble-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- GETH_OP_NETWORK=zircuit-testnet
- GETH_ETHSTATS=d${DOMAIN}:${ZIRCUIT_TESTNET_WS_SECRET}@${ZIRCUIT_TESTNET_ETH_STATS_SERVER}:${ZIRCUIT_TESTNET_ETH_STATS_SERVER_PORT}
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10357
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=hash
- --syncmode=snap
- --gcmode=full
- --circuit-capacity-check=false
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zircuit-testnet-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/zircuit-testnet
- traefik.http.services.zircuit-testnet-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-pruned-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-pruned-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zircuit-testnet-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zircuit-testnet`)}
- ${NO_SSL:+traefik.http.routers.zircuit-testnet-op-geth-pruned-pebble-hash.rule=PathPrefix(`/zircuit-testnet`)}
- traefik.http.routers.zircuit-testnet-op-geth-pruned-pebble-hash.middlewares=zircuit-testnet-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist
zircuit-testnet-node:
image: ${ZIRCUIT_NODE_IMAGE:-zircuit1/node}:${ZIRCUIT_TESTNET_NODE_VERSION:-e81568966f2a42a57b1347fb1dffdd5257dde73a}
ports:
- 15357:15357
- 15357:15357/udp
environment:
- OP_NODE_NETWORK=zircuit-testnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zircuit-testnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15357
- OP_NODE_P2P_LISTEN_UDP_PORT=15357
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
restart: unless-stopped
volumes:
zircuit-testnet-op-geth-pruned-pebble-hash:
x-upstreams:
- chain: zircuit-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- name: zirc_getQuarantineHistory
- name: zirc_getQuarantined
- name: zirc_isQuarantined

226
op/geth/zora-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,139 @@
# use at your own risk
services:
zora-mainnet-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${ZORA_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${ZORA_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10066:10066"
- "10066:10066/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10714:10714
- 10714:10714/udp
volumes:
#- ${ZORA_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zora-mainnet-op-geth-archive-leveldb-hash}:/data
- zora-mainnet-op-geth-archive-leveldb-hash:/data
- ${ZORA_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zora-mainnet-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=zora-mainnet"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10066"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.zora-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zora-mainnet-archive"
- "traefik.http.services.zora-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-mainnet-archive`)"
- "traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.middlewares=zora-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=zora-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10714
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zora-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zora-mainnet-archive
- traefik.http.services.zora-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-mainnet-archive`)}
- ${NO_SSL:+traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.rule=PathPrefix(`/zora-mainnet-archive`)}
- traefik.http.routers.zora-mainnet-op-geth-archive-leveldb-hash.middlewares=zora-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
zora-mainnet-archive-node:
image: ${ZORA_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${ZORA_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15714:15714
- 15714:15714/udp
environment:
- OP_NODE_NETWORK=zora-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zora-mainnet-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15714
- OP_NODE_P2P_LISTEN_UDP_PORT=15714
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
zora-mainnet-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15066:15066"
- "15066:15066/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=zora-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://zora-mainnet-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15066"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15066"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
zora-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

226
op/geth/zora-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,141 @@
# use at your own risk
services:
zora-mainnet:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${ZORA_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${ZORA_MAINNET_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10714:10714"
- "10714:10714/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10714:10714
- 10714:10714/udp
volumes:
#- ${ZORA_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-zora-mainnet-op-geth-pruned-pebble-path}:/data
- zora-mainnet-op-geth-pruned-pebble-path:/data
- ${ZORA_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-zora-mainnet-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=zora-mainnet"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10714"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.zora-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/zora-mainnet"
- "traefik.http.services.zora-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-mainnet`)"
- "traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.middlewares=zora-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=zora-mainnet
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10714
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zora-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/zora-mainnet
- traefik.http.services.zora-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-mainnet`)}
- ${NO_SSL:+traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.rule=PathPrefix(`/zora-mainnet`)}
- traefik.http.routers.zora-mainnet-op-geth-pruned-pebble-path.middlewares=zora-mainnet-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
zora-mainnet-node:
image: ${ZORA_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${ZORA_MAINNET_NODE_VERSION:-v1.12.2}
ports:
- 15714:15714
- 15714:15714/udp
environment:
- OP_NODE_NETWORK=zora-mainnet
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zora-mainnet:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15714
- OP_NODE_P2P_LISTEN_UDP_PORT=15714
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
zora-mainnet-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15714:15714"
- "15714:15714/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=zora-mainnet"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://zora-mainnet:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15714"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15714"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
zora-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/zora-sepolia-op-geth-archive-leveldb-hash.yml
View File

@@ -1,131 +1,140 @@
# use at your own risk
services:
zora-sepolia-archive:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${ZORA_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${ZORA_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10308:10308"
- "10308:10308/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10083:10083
- 10083:10083/udp
volumes:
#- ${ZORA_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zora-sepolia-op-geth-archive-leveldb-hash}:/data
- zora-sepolia-op-geth-archive-leveldb-hash:/data
- ${ZORA_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-zora-sepolia-op-geth-archive-leveldb-hash}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=zora-sepolia"
- "GETH_GCMODE=archive"
- "GETH_SYNCMODE=full"
- "GETH_STATE_SCHEME=hash"
- "GETH_DB_ENGINE=leveldb"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10308"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.zora-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zora-sepolia-archive"
- "traefik.http.services.zora-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545"
- "traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure"
- "traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver"
- "traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-sepolia-archive`)"
- "traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.middlewares=zora-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=zora-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10083
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=leveldb
- --state.scheme=hash
- --syncmode=full
- --gcmode=archive
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zora-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/zora-sepolia-archive
- traefik.http.services.zora-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-sepolia-archive`)}
- ${NO_SSL:+traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.rule=PathPrefix(`/zora-sepolia-archive`)}
- traefik.http.routers.zora-sepolia-op-geth-archive-leveldb-hash.middlewares=zora-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipwhitelist
zora-sepolia-archive-node:
image: ${ZORA_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${ZORA_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15083:15083
- 15083:15083/udp
environment:
- OP_NODE_NETWORK=zora-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zora-sepolia-archive:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15083
- OP_NODE_P2P_LISTEN_UDP_PORT=15083
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
zora-sepolia-archive-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15308:15308"
- "15308:15308/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=zora-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://zora-sepolia-archive:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15308"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15308"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
zora-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex

227
op/geth/zora-sepolia-op-geth-pruned-pebble-path.yml
View File

@@ -1,131 +1,142 @@
# use at your own risk
services:
zora-sepolia:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth:v1.101503.1
image: ${ZORA_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/geth}:${ZORA_SEPOLIA_GETH_VERSION:-v1.101503.1}
user: root
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
expose:
- 8545
- 6060
- 8551
ports:
- "10083:10083"
- "10083:10083/udp"
entrypoint: ["/bin/sh", "-c", "exec /usr/local/bin/geth \"$@\""]
restart: unless-stopped
stop_grace_period: 3m
- 10083:10083
- 10083:10083/udp
volumes:
#- ${ZORA_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-zora-sepolia-op-geth-pruned-pebble-path}:/data
- zora-sepolia-op-geth-pruned-pebble-path:/data
- ${ZORA_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-zora-sepolia-op-geth-pruned-pebble-path}:/data
- /slowdisk:/slowdisk
- .jwtsecret:/jwtsecret:ro
environment:
- "GETH_DATADIR=/data"
- "GETH_OP_NETWORK=zora-sepolia"
- "GETH_GCMODE=full"
- "GETH_SYNCMODE=snap"
- "GETH_STATE_SCHEME=path"
- "GETH_DB_ENGINE=pebble"
- "GETH_NAT=extip:${IP}"
- "GETH_PORT=10083"
- "GETH_WS_PORT=8545"
- "GETH_HTTP=true"
- "GETH_HTTP_ADDR=0.0.0.0"
- "GETH_HTTP_VHOSTS=*"
- "GETH_WS=true"
- "GETH_WS_ADDR=0.0.0.0"
- "GETH_WS_ORIGINS=*"
- "GETH_HTTP_API=eth,net,debug,admin,web3"
- "GETH_AUTHRPC_JWTSECRET=/jwtsecret"
- "GETH_AUTHRPC_ADDR=0.0.0.0"
- "GETH_AUTHRPC_VHOSTS=*"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.zora-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/zora-sepolia"
- "traefik.http.services.zora-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545"
- "traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure"
- "traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver"
- "traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-sepolia`)"
- "traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.middlewares=zora-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist"
networks:
- GETH_OP_NETWORK=zora-sepolia
entrypoint: [/bin/sh, -c, exec /usr/local/bin/geth "$@"]
command:
- --datadir=/data
- --port=10083
- --bind=0.0.0.0
- --nat=extip:${IP}
- --http
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --ws.origins=*
- --ws.addr=0.0.0.0
- --http.addr=0.0.0.0
- --maxpeers=50
- --http.api=web3,net,eth,debug,admin
- --ws.api=web3,net,eth,debug,admin
- --rpc.gascap=600000000
- --rpc.returndatalimit=10000000
- --rpc.txfeecap=0
- --db.engine=pebble
- --state.scheme=path
- --syncmode=snap
- --gcmode=full
networks:
- chains
restart: unless-stopped
stop_grace_period: 5m
labels:
- traefik.enable=true
- traefik.http.middlewares.zora-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/zora-sepolia
- traefik.http.services.zora-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && PathPrefix(`/zora-sepolia`)}
- ${NO_SSL:+traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.rule=PathPrefix(`/zora-sepolia`)}
- traefik.http.routers.zora-sepolia-op-geth-pruned-pebble-path.middlewares=zora-sepolia-op-geth-pruned-pebble-path-stripprefix, ipwhitelist
zora-sepolia-node:
image: ${ZORA_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/node}:${ZORA_SEPOLIA_NODE_VERSION:-v1.12.2}
ports:
- 15083:15083
- 15083:15083/udp
environment:
- OP_NODE_NETWORK=zora-sepolia
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L2_ENGINE_RPC=http://zora-sepolia:8551
- OP_NODE_P2P_LISTEN_TCP_PORT=15083
- OP_NODE_P2P_LISTEN_UDP_PORT=15083
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
networks:
- chains
zora-sepolia-node:
image: us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node:v1.12.2
expose:
- 8545
- 7300
- 6060
ports:
- "15083:15083"
- "15083:15083/udp"
entrypoint: [ "op-node" ]
restart: unless-stopped
volumes:
- .jwtsecret:/jwtsecret:ro
stop_grace_period: 30s
environment:
- "OP_NODE_NETWORK=zora-sepolia"
- "OP_NODE_SYNCMODE=execution-layer"
- "OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}"
- "OP_NODE_L2_ENGINE_AUTH=/jwtsecret"
- "OP_NODE_L2_ENGINE_RPC=http://zora-sepolia:8551"
- "OP_NODE_LOG_LEVEL=info"
- "OP_NODE_METRICS_ADDR=0.0.0.0"
- "OP_NODE_METRICS_ENABLED=true"
- "OP_NODE_METRICS_PORT=7300"
- "OP_NODE_P2P_LISTEN_IP=0.0.0.0"
- "OP_NODE_P2P_LISTEN_TCP_PORT=15083"
- "OP_NODE_P2P_LISTEN_UDP_PORT=15083"
- "OP_NODE_RPC_ADDR=0.0.0.0"
- "OP_NODE_P2P_ADVERTISE_IP=${IP}"
- "OP_NODE_RPC_PORT=8545"
- "OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log"
- "OP_NODE_VERIFIER_L1_CONFS=0"
- "OP_NODE_STATIC_PEERS="
- "OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}"
- "OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}"
- "OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}"
- "OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}"
- "OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400"
networks:
- chains
volumes:
restart: unless-stopped
volumes:
zora-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
chain: $${CHAIN}
labels:
provider: $${PROVIDER}
- chain:
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
connection:
generic:
rpc:
url: "$${RPC_URL}"
ws:
frameSize: 20Mb
msgSize: 50Mb
url: "$${WS_URL}"
enabled:
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex