diff --git a/README.md b/README.md
index 909bf624..fb220193 100644
--- a/README.md
+++ b/README.md
@@ -10,8 +10,6 @@ Wireguard-Server: Paste wireguard wg0.conf from wireguard-server to wireguard/co
```
git clone https://github.com/cventastic/POKT_DOKT.git
-git submodule update --init --recursive
-git pull --recurse-submodules
cd POKT_DOKT
git reset --hard origin/main && git pull && chown 1005:1001 -R chains/ bootstrap_skript/ && chmod u+x bootstrap_skript/pokt_mainnet.shdocker-compose up -d
```
@@ -63,8 +61,8 @@ Check if there is a file here /traefic/letsencrypt/acme.json if yes, you have to
Otherwise traefik will not issue the certificate for an existing domain.
#### TODO !!!!
-alles uebr traefik aufen lassen?
mal alle geth clients mit erigon vergleichen
+LOGFILES
General Monitoring
Bootstrapping from Snapshots
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..85de7f4a
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,345 @@
+version: '3.1'
+
+services:
+
+### TRAEFIK
+# Basic Auth not working. Problems with parsing var from .env
+ traefik:
+ image: traefik:latest
+ container_name: traefik
+ restart: always
+ ports:
+ - "443:443"
+ - "127.0.0.1:8080:8080"
+# networks:
+# - $NET_POKT
+ command:
+ - "--api=true"
+ - "--api.insecure=true"
+ - "--api.dashboard=true"
+ - "--log.level=DEBUG"
+ - "--providers.docker=true"
+ - "--providers.docker.exposedbydefault=false"
+ - "--entrypoints.websecure.address=:443"
+ - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
+ # TESTING
+ # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+ - "--certificatesresolvers.myresolver.acme.email=$MAIL"
+ - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+ volumes:
+ - "./traefik/letsencrypt:/letsencrypt"
+ - "/var/run/docker.sock:/var/run/docker.sock:ro"
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.auth.basicauth.users=$AUTH_HTTP"
+
+### NODES
+ geth-goerli:
+ image: ethereum/client-go:latest
+ expose:
+ - "8545"
+ - "8546"
+ - "30303"
+ volumes:
+ - geth-goerli:/.goerli
+ command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3"
+# networks:
+# - $NET_POKT
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.geth-goerli-stripprefix.stripprefix.prefixes=/goerli"
+ - "traefik.http.services.geth-goerli.loadbalancer.server.port=8545"
+ - "traefik.http.routers.geth-goerli.entrypoints=websecure"
+ - "traefik.http.routers.geth-goerli.tls.certresolver=myresolver"
+ - "traefik.http.routers.geth-goerli.rule=Host(`$HOSTIP`) && PathPrefix(`/goerli`)"
+ - "traefik.http.routers.geth-goerli.middlewares=geth-goerli-stripprefix, auth"
+
+ geth-rinkeby:
+ image: ethereum/client-go:latest
+ expose:
+ - "8545"
+ - "8546"
+ - "30303"
+ volumes:
+ - geth-rinkeby:/.rinkeby
+ command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3"
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.geth-rinkeby-stripprefix.stripprefix.prefixes=/rinkeby"
+ - "traefik.http.services.geth-rinkeby.loadbalancer.server.port=8545"
+ - "traefik.http.routers.geth-rinkeby.entrypoints=websecure"
+ - "traefik.http.routers.geth-rinkeby.tls.certresolver=myresolver"
+ - "traefik.http.routers.geth-rinkeby.rule=Host(`$HOSTIP`) && PathPrefix(`/rinkeby`)"
+ - "traefik.http.routers.geth-rinkeby.middlewares=geth-rinkeby-stripprefix, auth"
+
+ geth-ropsten:
+ image: ethereum/client-go:latest
+ expose:
+ - "8545"
+ - "8546"
+ - "30303"
+ volumes:
+ - geth-ropsten:/.ropsten
+ command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3"
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.geth-ropsten-stripprefix.stripprefix.prefixes=/ropsten"
+ - "traefik.http.services.geth-ropsten.loadbalancer.server.port=8545"
+ - "traefik.http.routers.geth-ropsten.entrypoints=websecure"
+ - "traefik.http.routers.geth-ropsten.tls.certresolver=myresolver"
+ - "traefik.http.routers.geth-ropsten.rule=Host(`$HOSTIP`) && PathPrefix(`/ropsten`)"
+ - "traefik.http.routers.geth-ropsten.middlewares=geth-ropsten-stripprefix, auth"
+
+ geth-mainnet:
+ image: ethereum/client-go:latest
+ expose:
+ - "8545"
+ - "8546"
+ - "30303"
+ volumes:
+ - geth-mainnet:/.mainnet
+ command: "--http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .mainnet --verbosity 3"
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.geth-mainnet-stripprefix.stripprefix.prefixes=/geth"
+ - "traefik.http.services.geth-mainnet.loadbalancer.server.port=8545"
+ - "traefik.http.routers.geth-mainnet.entrypoints=websecure"
+ - "traefik.http.routers.geth-mainnet.tls.certresolver=myresolver"
+ - "traefik.http.routers.geth-mainnet.rule=Host(`$HOSTIP`) && PathPrefix(`/geth`)"
+ - "traefik.http.routers.geth-mainnet.middlewares=geth-mainnet-stripprefix, auth"
+
+ erigon-trace:
+ image: thorax/erigon
+ expose:
+ - "30303"
+ - "30304"
+ - "9090"
+ volumes:
+ - erigon-trace:/home/erigon/.local/share/erigon
+ command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+
+ rpcdaemon:
+ image: thorax/erigon:latest
+ command: rpcdaemon --datadir=/home/erigon/.local/share/erigon --private.api.addr=erigon-trace:9090 --txpool.api.addr=erigon-trace:9090 --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.api=eth,debug,net,trace --ws
+ pid: service:erigon-trace # Use erigon's PID namespace. It's required to open Erigon's DB from another process (RPCDaemon local-mode)
+ volumes:
+ - erigon-trace:/home/erigon/.local/share/erigon
+ expose:
+ - "8545"
+ restart: unless-stopped
+ depends_on:
+ - "erigon-trace"
+# networks:
+# - $NET_POKT
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.rpcdaemon-stripprefix.stripprefix.prefixes=/erigon"
+ - "traefik.http.services.rpcdaemon.loadbalancer.server.port=8545"
+ - "traefik.http.routers.rpcdaemon.entrypoints=websecure"
+ - "traefik.http.routers.rpcdaemon.tls.certresolver=myresolver"
+ - "traefik.http.routers.rpcdaemon.rule=Host(`$HOSTIP`) && PathPrefix(`/erigon`)"
+ - "traefik.http.routers.rpcdaemon.middlewares=rpcdaemon-stripprefix, auth"
+
+ avalanche:
+ image: avaplatform/avalanchego
+ expose:
+ - "8545"
+ - "8546"
+ - "30303"
+ volumes:
+ - avalanche:/root/.avalanche
+ command: "/avalanchego/build/avalanchego --http-host="
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.avalanche-stripprefix.stripprefix.prefixes=/avalanche"
+ - "traefik.http.services.avalanche.loadbalancer.server.port=8545"
+ - "traefik.http.routers.avalanche.entrypoints=websecure"
+ - "traefik.http.routers.avalanche.tls.certresolver=myresolver"
+ - "traefik.http.routers.avalanche.rule=Host(`$HOSTIP`) && PathPrefix(`/avalanche`)"
+ - "traefik.http.routers.avalanche.middlewares=avalanche-stripprefix, auth"
+
+ pocket-testnet:
+ image: poktnetwork/pocket-core:stagenet-latest
+ ports:
+ - "127.0.0.1:8082:8081"
+ - "127.0.0.1:26657:26656"
+ expose:
+ - 26656
+ - 8081
+ command: pocket start --seeds=$POCKET_TEST_SEEDS --testnet
+ #command: pocket start --simulateRelay
+ environment:
+ - POCKET_CORE_KEY=$POCKET_CORE_KEY_TEST
+ - POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE_TEST
+ volumes:
+ - ./chains/chains_testnet.json:/home/app/.pocket/config/chains.json
+ - pocket-testnet:/home/app/.pocket
+# networks:
+# - $NET_POKT
+ restart: unless-stopped
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.pocket-testnet-stripprefix.stripprefix.prefixes=/pokttest"
+ - "traefik.http.services.pocket-testnet.loadbalancer.server.port=8081"
+ - "traefik.http.routers.pocket-testnet.entrypoints=websecure"
+ - "traefik.http.routers.pocket-testnet.tls.certresolver=myresolver"
+ - "traefik.http.routers.pocket-testnet.rule=Host(`$HOSTIP`) && PathPrefix(`/pokttest`)"
+ - "traefik.http.routers.pocket-testnet.middlewares=pocket-mainnet-stripprefix, auth"
+
+ pocket-mainnet:
+ image: poktnetwork/pocket-core:stagenet-latest
+ ports:
+ - "127.0.0.1:8081:8081"
+ - "127.0.0.1:26656:26656"
+ expose:
+ - 26656
+ - 8081
+ #command: /home/app/.pocket/pokt_mainnet.sh && pocket start --seeds=$POCKET_MAIN_SEEDS --mainnet
+ command: pocket start --simulateRelay
+ environment:
+ - POCKET_CORE_KEY=$POCKET_CORE_KEY
+ - POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE
+ - POCKET_SNAPSHOT=$POCKET_SNAPSHOT
+ volumes:
+ - ./chains/chains_mainnet.json:/home/app/.pocket/config/chains.json
+ - ./bootstrap_skript/pokt_mainnet.sh:/home/app/.pocket/pokt_mainnet.sh
+ - pocket-mainnet:/home/app/.pocket
+# networks:
+# - $NET_POKT
+ labels:
+ - "traefik.enable=true"
+ - "traefik.http.middlewares.pocket-mainnet-stripprefix.stripprefix.prefixes=/pokt"
+ - "traefik.http.services.pocket-mainner.loadbalancer.server.port=8081"
+ - "traefik.http.routers.pocket-mainnet.entrypoints=websecure"
+ - "traefik.http.routers.pocket-mainnet.tls.certresolver=myresolver"
+ - "traefik.http.routers.pocket-mainnet.rule=Host(`$HOSTIP`) && PathPrefix(`/pokt`)"
+ - "traefik.http.routers.pocket-mainnet.middlewares=pocket-mainnet-stripprefix, auth"
+ restart: unless-stopped
+
+
+### WIREGUARD
+
+ wireguard:
+ image: lscr.io/linuxserver/wireguard
+ container_name: wireguard
+ cap_add:
+ - NET_ADMIN
+ - SYS_MODULE
+ environment:
+ - PUID=$PUID
+ - PGID=$PGID
+ volumes:
+ - ./wireguard/config/wg0.conf:/config/wg0.conf
+ - /lib/modules:/lib/modules
+ # Expose prometheus port
+ expose:
+ - 9090
+ ports:
+ - $SERVERPORT:$SERVERPORT/udp
+ sysctls:
+ - net.ipv4.conf.all.src_valid_mark=1
+ restart: unless-stopped
+
+
+### MONITORING
+
+ prometheus:
+ image: prom/prometheus:v2.30.3
+ container_name: prometheus
+ volumes:
+ - ./prometheus:/etc/prometheus
+ - prometheus_data:/prometheus
+ command:
+ - '--config.file=/etc/prometheus/prometheus.yml'
+ - '--storage.tsdb.path=/prometheus'
+ - '--web.console.libraries=/etc/prometheus/console_libraries'
+ - '--web.console.templates=/etc/prometheus/consoles'
+ - '--storage.tsdb.retention.time=200h'
+ - '--web.enable-lifecycle'
+ restart: unless-stopped
+ network_mode: "service:wireguard"
+ labels:
+ org.label-schema.group: "monitoring"
+ depends_on:
+ - wireguard
+
+ nodeexporter:
+ image: prom/node-exporter:v1.2.2
+ container_name: nodeexporter
+ volumes:
+ - /proc:/host/proc:ro
+ - /sys:/host/sys:ro
+ - /:/rootfs:ro
+ command:
+ - '--path.procfs=/host/proc'
+ - '--path.rootfs=/rootfs'
+ - '--path.sysfs=/host/sys'
+ - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
+ restart: unless-stopped
+ expose:
+ - 9100
+ labels:
+ org.label-schema.group: "monitoring"
+
+ cadvisor:
+ image: gcr.io/cadvisor/cadvisor:v0.42.0
+ container_name: cadvisor
+ privileged: true
+ devices:
+ - /dev/kmsg:/dev/kmsg
+ volumes:
+ - /:/rootfs:ro
+ - /var/run:/var/run:ro
+ - /sys:/sys:ro
+ - /var/lib/docker:/var/lib/docker:ro
+ #- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux
+ restart: unless-stopped
+ expose:
+ - 8080
+ labels:
+ org.label-schema.group: "monitoring"
+
+ pushgateway:
+ image: prom/pushgateway:v1.4.2
+ container_name: pushgateway
+ restart: unless-stopped
+ expose:
+ - 9091
+ labels:
+ org.label-schema.group: "monitoring"
+
+### VOLUMES
+
+volumes:
+ geth-goerli:
+ geth-rinkeby:
+ geth-ropsten:
+ geth-mainnet:
+ erigon-trace:
+ avalanche:
+ pocket-testnet:
+ pocket-mainnet:
+ prometheus_data:
+
+### NETWORKS
+
+#networks:
+# pocket:
+# driver: bridge
+# monitor-net:
+# driver: bridge
\ No newline at end of file
diff --git a/wireguard/config/wg0.conf b/wireguard/config/wg0.conf
new file mode 100644
index 00000000..e69de29b