diff --git a/arb/nitro/arbitrum-one-nitro-pruned-pebble-hash--fireeth.yml b/arb/nitro/arbitrum-one-nitro-pruned-pebble-hash--fireeth.yml index e8326f72..de158bb7 100644 --- a/arb/nitro/arbitrum-one-nitro-pruned-pebble-hash--fireeth.yml +++ b/arb/nitro/arbitrum-one-nitro-pruned-pebble-hash--fireeth.yml @@ -100,7 +100,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://arbitrum-one:10010 + - --relayer-source=http://arbitrum-one:14317 restart: unless-stopped depends_on: - arbitrum-one diff --git a/bsc/bsc/bsc-mainnet-bsc-pruned-pebble-path--fireeth.yml b/bsc/bsc/bsc-mainnet-bsc-pruned-pebble-path--fireeth.yml index 7768ec19..abb2f270 100644 --- a/bsc/bsc/bsc-mainnet-bsc-pruned-pebble-path--fireeth.yml +++ b/bsc/bsc/bsc-mainnet-bsc-pruned-pebble-path--fireeth.yml @@ -104,7 +104,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://bsc-mainnet:10010 + - --relayer-source=http://bsc-mainnet:12037 restart: unless-stopped depends_on: - bsc-mainnet diff --git a/ethereum/geth/ethereum-mainnet-geth-pruned-leveldb-hash--nimbus--fireeth.yml b/ethereum/geth/ethereum-mainnet-geth-pruned-leveldb-hash--nimbus--fireeth.yml index 72c0938a..a1fc066c 100644 --- a/ethereum/geth/ethereum-mainnet-geth-pruned-leveldb-hash--nimbus--fireeth.yml +++ b/ethereum/geth/ethereum-mainnet-geth-pruned-leveldb-hash--nimbus--fireeth.yml @@ -107,7 +107,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://ethereum-mainnet:10010 + - --relayer-source=http://ethereum-mainnet:10455 restart: unless-stopped depends_on: - ethereum-mainnet diff --git a/ethereum/geth/ethereum-mainnet-geth-pruned-pebble-path--nimbus--fireeth.yml b/ethereum/geth/ethereum-mainnet-geth-pruned-pebble-path--nimbus--fireeth.yml index a8882015..79e0b043 100644 --- a/ethereum/geth/ethereum-mainnet-geth-pruned-pebble-path--nimbus--fireeth.yml +++ b/ethereum/geth/ethereum-mainnet-geth-pruned-pebble-path--nimbus--fireeth.yml @@ -107,7 +107,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://ethereum-mainnet:10010 + - --relayer-source=http://ethereum-mainnet:12023 restart: unless-stopped depends_on: - ethereum-mainnet diff --git a/op/geth/base-mainnet-op-geth-pruned-pebble-path--fireeth.yml b/op/geth/base-mainnet-op-geth-pruned-pebble-path--fireeth.yml index 87c236c7..e4f20de3 100644 --- a/op/geth/base-mainnet-op-geth-pruned-pebble-path--fireeth.yml +++ b/op/geth/base-mainnet-op-geth-pruned-pebble-path--fireeth.yml @@ -110,7 +110,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://base-mainnet:10010 + - --relayer-source=http://base-mainnet:11422 restart: unless-stopped depends_on: - base-mainnet diff --git a/op/geth/op-mainnet-op-geth-pruned-pebble-path--fireeth.yml b/op/geth/op-mainnet-op-geth-pruned-pebble-path--fireeth.yml new file mode 100644 index 00000000..30039168 --- /dev/null +++ b/op/geth/op-mainnet-op-geth-pruned-pebble-path--fireeth.yml @@ -0,0 +1,243 @@ +--- + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/op-mainnet-op-geth-pruned-pebble-path--fireeth.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/op-mainnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: 10m + max-file: '3' + +services: + op-mainnet: + image: ${OP_FIREETH_IMAGE:-ghcr.io/streamingfast/firehose-ethereum}:${OP_MAINNET_FIREETH_VERSION:-v2.11.9-optimism-v1.101503.4-op-node.v1.13.2} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 12687:12687 + - 12687:12687/udp + expose: + - 8545 + - 8551 + - 10010 + environment: + - GETH_OP_NETWORK=op-mainnet + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://mainnet-sequencer.optimism.io + entrypoint: [sh, -c, exec fireeth start reader-node --reader-node-arguments "$*", _] + command: + - --datadir=/data + - --db.engine=pebble + - --gcmode=full + - --maxpeers=50 + - --nat=extip:${IP} + - --port=12687 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=path + - --syncmode=full + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${OP_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-mainnet-op-geth-pruned-pebble-path}:/data + - ./op/op/mainnet:/config + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-mainnet + - traefik.http.services.op-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet`) || Path(`/op-mainnet/`))} + - ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Path(`/op-mainnet`) || Path(`/op-mainnet/`)} + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.middlewares=op-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist + + op-mainnet-firehose: + image: ${OP_FIREETH_IMAGE:-ghcr.io/streamingfast/firehose-ethereum}:${OP_MAINNET_FIREETH_VERSION:-v2.11.9-optimism-v1.101503.4-op-node.v1.13.2} + expose: + - 10015 + - 10014 + environment: + - ${OP_MAINNET_FIREETH_BLOCKS_STORE:-/firehose-data/storage/merged-blocks} + entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] + command: + - --log-to-file=false + - --relayer-source=http://op-mainnet:12687 + restart: unless-stopped + depends_on: + - op-mainnet + networks: + - chains + volumes: + - ${OP_MAINNET_FIREETH_DATA:-op-mainnet-fireeth}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.scheme=h2c + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.service=op-mainnet-op-geth-pruned-pebble-path-firehose + - traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.port=10015 + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.tls.certresolver=myresolver} + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.rule=Host(`op-mainnet-firehose.${DOMAIN}`) + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.middlewares=ipallowlist + + op-mainnet-events: + image: ${OP_FIREETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${OP_MAINNET_FIREETH_VERSION:-v1.101503.4} + expose: + - 10016 + entrypoint: [sh, -c, exec fireeth start substreams-tier-1 substreams-tier-2 $@, _] + command: + - --common-live-blocks-addr=http://op-mainnet-firehose:10014 + - --log-to-file=false + - --substreams-rpc-endpoints=${OP_MAINNET_FIREETH_ARCHIVE_RPC} + restart: unless-stopped + depends_on: + - op-mainnet + networks: + - chains + volumes: + - ${OP_MAINNET_FIREETH_DATA:-op-mainnet-fireeth}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.scheme=h2c + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.service=op-mainnet-op-geth-pruned-pebble-path-events + - traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.port=10016 + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.tls.certresolver=myresolver} + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.rule=Host(`op-mainnet-events.${DOMAIN}`) + - traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.middlewares=ipallowlist + + op-mainnet-node: + image: ${OP_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${OP_MAINNET_NODE_VERSION:-v1.13.2} + ports: + - 17687:17687 + - 17687:17687/udp + environment: + - OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://op-mainnet:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_NETWORK=op-mainnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=17687 + - OP_NODE_P2P_LISTEN_UDP_PORT=17687 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - op-mainnet + networks: + - chains + volumes: + - ./op/op/mainnet:/config + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + +volumes: + op-mainnet-op-geth-pruned-pebble-path: + op-mainnet-op-geth-pruned-pebble-path_fireeth: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: optimism + method-groups: + enabled: + - debug + - filter + methods: + disabled: + # not compatible with path state scheme + - name: debug_traceBlockByHash + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file diff --git a/op/geth/unichain-mainnet-op-geth-pruned-pebble-path--fireeth.yml b/op/geth/unichain-mainnet-op-geth-pruned-pebble-path--fireeth.yml new file mode 100644 index 00000000..b4a31e1d --- /dev/null +++ b/op/geth/unichain-mainnet-op-geth-pruned-pebble-path--fireeth.yml @@ -0,0 +1,241 @@ +--- + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/unichain-mainnet-op-geth-pruned-pebble-path--fireeth.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/unichain-mainnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: 10m + max-file: '3' + +services: + unichain-mainnet: + image: ${UNICHAIN_FIREETH_IMAGE:-ghcr.io/streamingfast/firehose-ethereum}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v2.11.9-optimism-v1.101503.4-op-node.v1.13.2} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 10954:10954 + - 10954:10954/udp + expose: + - 8545 + - 8551 + - 10010 + environment: + - GETH_OP_NETWORK=unichain-mainnet + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.unichain.org + entrypoint: [sh, -c, exec fireeth start reader-node --reader-node-arguments "$*", _] + command: + - --datadir=/data + - --db.engine=pebble + - --gcmode=full + - --maxpeers=50 + - --nat=extip:${IP} + - --port=10954 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=path + - --syncmode=full + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${UNICHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-mainnet-op-geth-pruned-pebble-path}:/data + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-mainnet + - traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`))} + - ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`)} + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist + + unichain-mainnet-firehose: + image: ${UNICHAIN_FIREETH_IMAGE:-ghcr.io/streamingfast/firehose-ethereum}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v2.11.9-optimism-v1.101503.4-op-node.v1.13.2} + expose: + - 10015 + - 10014 + environment: + - ${UNICHAIN_MAINNET_FIREETH_BLOCKS_STORE:-/firehose-data/storage/merged-blocks} + entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] + command: + - --log-to-file=false + - --relayer-source=http://unichain-mainnet:10954 + restart: unless-stopped + depends_on: + - unichain-mainnet + networks: + - chains + volumes: + - ${UNICHAIN_MAINNET_FIREETH_DATA:-unichain-mainnet-fireeth}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.scheme=h2c + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.service=unichain-mainnet-op-geth-pruned-pebble-path-firehose + - traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.port=10015 + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.tls.certresolver=myresolver} + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.rule=Host(`unichain-mainnet-firehose.${DOMAIN}`) + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.middlewares=ipallowlist + + unichain-mainnet-events: + image: ${UNICHAIN_FIREETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v1.101503.4} + expose: + - 10016 + entrypoint: [sh, -c, exec fireeth start substreams-tier-1 substreams-tier-2 $@, _] + command: + - --common-live-blocks-addr=http://unichain-mainnet-firehose:10014 + - --log-to-file=false + - --substreams-rpc-endpoints=${UNICHAIN_MAINNET_FIREETH_ARCHIVE_RPC} + restart: unless-stopped + depends_on: + - unichain-mainnet + networks: + - chains + volumes: + - ${UNICHAIN_MAINNET_FIREETH_DATA:-unichain-mainnet-fireeth}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.scheme=h2c + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.service=unichain-mainnet-op-geth-pruned-pebble-path-events + - traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.port=10016 + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.tls.certresolver=myresolver} + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.rule=Host(`unichain-mainnet-events.${DOMAIN}`) + - traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.middlewares=ipallowlist + + unichain-mainnet-node: + image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${UNICHAIN_MAINNET_NODE_VERSION:-v1.13.2} + ports: + - 15954:15954 + - 15954:15954/udp + environment: + - OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_NETWORK=unichain-mainnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=15954 + - OP_NODE_P2P_LISTEN_UDP_PORT=15954 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - unichain-mainnet + networks: + - chains + volumes: + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + +volumes: + unichain-mainnet-op-geth-pruned-pebble-path: + unichain-mainnet-op-geth-pruned-pebble-path_fireeth: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: unichain + method-groups: + enabled: + - debug + - filter + methods: + disabled: + # not compatible with path state scheme + - name: debug_traceBlockByHash + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file diff --git a/polygon/bor/polygon-mainnet-bor-pruned-pebble-path--fireeth.yml b/polygon/bor/polygon-mainnet-bor-pruned-pebble-path--fireeth.yml index f36e1999..f8f7bd26 100644 --- a/polygon/bor/polygon-mainnet-bor-pruned-pebble-path--fireeth.yml +++ b/polygon/bor/polygon-mainnet-bor-pruned-pebble-path--fireeth.yml @@ -105,7 +105,7 @@ services: entrypoint: [sh, -c, exec fireeth start firehose index-builder relayer merger $@, _] command: - --log-to-file=false - - --relayer-source=http://polygon-mainnet:10010 + - --relayer-source=http://polygon-mainnet:14961 restart: unless-stopped depends_on: - polygon-mainnet diff --git a/portainer.yml b/portainer.yml index 04ece6c9..ef9974dd 100644 --- a/portainer.yml +++ b/portainer.yml @@ -3,12 +3,9 @@ services: portainer: image: portainer/agent:2.27.1 container_name: portainer-agent - ports: - - 1001:9001 volumes: - /var/run/docker.sock:/var/run/docker.sock #- /var/lib/docker/volumes:/var/lib/docker/volumes - - /:/host:ro + #- /:/host:ro restart: unless-stopped - networks: - - monitoring + network_mode: "service:wireguard" diff --git a/solana/agave/solana-mainnet-agave-pruned-rocksdb--firesol.yml b/solana/agave/solana-mainnet-agave-pruned-rocksdb--firesol.yml new file mode 100644 index 00000000..f7c9b770 --- /dev/null +++ b/solana/agave/solana-mainnet-agave-pruned-rocksdb--firesol.yml @@ -0,0 +1,198 @@ +--- + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:solana/agave/solana-mainnet-agave-pruned-rocksdb--firesol.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/solana-mainnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: 10m + max-file: '3' + +services: + solana-mainnet-client: + image: ${SOLANA_FIRESOL_IMAGE:-ghcr.io/streamingfast/firehose-solana}:${SOLANA_MAINNET_FIRESOL_VERSION:-v1.1.3} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 12990:12990 + - 12990:12990/udp + - 72990-73010:72990-73010 + expose: + - 8899:8899 + entrypoint: [sh, -c, exec firesol start reader-node --reader-node-arguments "poller 0 $@", _] + command: + - --block-verification-method=unified-scheduler + - --dynamic-port-range=72990-73010 + - --entrypoint=entrypoint.mainnet-beta.solana.com:8001 + - --entrypoint=entrypoint2.mainnet-beta.solana.com:8001 + - --entrypoint=entrypoint3.mainnet-beta.solana.com:8001 + - --entrypoint=entrypoint4.mainnet-beta.solana.com:8001 + - --entrypoint=entrypoint5.mainnet-beta.solana.com:8001 + - --expected-genesis-hash=5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d + - --full-rpc-api + - --gossip-port=12990 + - --known-validator=7Np41oeYqPefeNQEHSv1UDhYrehxin3NStELsSKCT4K2 + - --known-validator=CakcnaRDHka2gXyfbEd2d3xsvkJkqsLw2akB3zsN1D2S + - --known-validator=DE1bawNcRJB9rVm3buyMVfr8mBEoyyu73NBovf2oXJsJ + - --known-validator=GdnSyH3YtwcxFvQrVVJMm1JhTS4QVX7MFsX56uJLUfiZ + - --limit-ledger-size=50000000 + - --log=- + - --no-poh-speed-test + - --no-voting + - --private-rpc + - --rpc-bind-address=0.0.0.0 + - --rpc-port=8899 + - --skip-poh-verify + - --skip-startup-ledger-verification + - --unified-scheduler-handler-threads=12 + - --use-snapshot-archives-at-startup=when-newest + - --wal-recovery-mode=skip_any_corrupted_record + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${SOLANA_MAINNET_AGAVE_PRUNED_ROCKSDB_DATA:-solana-mainnet-agave-pruned-rocksdb}:/ledger + - /slowdisk:/slowdisk + logging: *logging-defaults + + solana-mainnet: + image: nginx + environment: + PROXY_HOST: solana-mainnet-client + RPC_PATH: '' + RPC_PORT: 8899 + WS_PATH: '' + WS_PORT: 8899 + restart: unless-stopped + depends_on: + - solana-mainnet-client + networks: + - chains + volumes: + - ./nginx-proxy:/etc/nginx/templates + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.middlewares.solana-mainnet-agave-pruned-rocksdb-stripprefix.stripprefix.prefixes=/solana-mainnet + - traefik.http.services.solana-mainnet-agave-pruned-rocksdb.loadbalancer.server.port=80 + - ${NO_SSL:-traefik.http.routers.solana-mainnet-agave-pruned-rocksdb.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.solana-mainnet-agave-pruned-rocksdb.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.solana-mainnet-agave-pruned-rocksdb.rule=Host(`$DOMAIN`) && (Path(`/solana-mainnet`) || Path(`/solana-mainnet/`))} + - ${NO_SSL:+traefik.http.routers.solana-mainnet-agave-pruned-rocksdb.rule=Path(`/solana-mainnet`) || Path(`/solana-mainnet/`)} + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb.middlewares=solana-mainnet-agave-pruned-rocksdb-stripprefix, ipallowlist + + solana-mainnet-firehose: + image: ${SOLANA_FIRESOL_IMAGE:-ghcr.io/streamingfast/firehose-solana}:${SOLANA_MAINNET_FIRESOL_VERSION:-v1.1.3} + expose: + - 10015 + - 10014 + environment: + - ${SOLANA_MAINNET_FIRESOL_BLOCKS_STORE:-/firehose-data/storage/merged-blocks} + entrypoint: [sh, -c, exec firesol start firehose index-builder relayer merger $@, _] + command: + - --log-to-file=false + - --relayer-source=http://solana-mainnet-client:10010 + restart: unless-stopped + depends_on: + - solana-mainnet + networks: + - chains + volumes: + - ${SOLANA_MAINNET_FIRESOL_DATA:-solana-mainnet-firesol}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.solana-mainnet-agave-pruned-rocksdb-firehose.loadbalancer.server.scheme=h2c + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-firehose.service=solana-mainnet-agave-pruned-rocksdb-firehose + - traefik.http.services.solana-mainnet-agave-pruned-rocksdb-firehose.loadbalancer.server.port=10015 + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-firehose.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-firehose.tls.certresolver=myresolver} + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-firehose.rule=Host(`solana-mainnet-firehose.${DOMAIN}`) + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-firehose.middlewares=ipallowlist + + solana-mainnet-events: + image: ${SOLANA_FIRESOL_IMAGE:-anzaxyz/agave}:${SOLANA_MAINNET_FIRESOL_VERSION:-v2.2.14} + expose: + - 10016 + entrypoint: [sh, -c, exec firesol start substreams-tier-1 substreams-tier-2 $@, _] + command: + - --common-live-blocks-addr=http://solana-mainnet-firehose:10014 + - --log-to-file=false + - --substreams-rpc-endpoints=${SOLANA_MAINNET_FIRESOL_ARCHIVE_RPC} + restart: unless-stopped + depends_on: + - solana-mainnet + networks: + - chains + volumes: + - ${SOLANA_MAINNET_FIRESOL_DATA:-solana-mainnet-firesol}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.solana-mainnet-agave-pruned-rocksdb-events.loadbalancer.server.scheme=h2c + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-events.service=solana-mainnet-agave-pruned-rocksdb-events + - traefik.http.services.solana-mainnet-agave-pruned-rocksdb-events.loadbalancer.server.port=10016 + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-events.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-events.tls.certresolver=myresolver} + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-events.rule=Host(`solana-mainnet-events.${DOMAIN}`) + - traefik.http.routers.solana-mainnet-agave-pruned-rocksdb-events.middlewares=ipallowlist + +volumes: + solana-mainnet-agave-pruned-rocksdb: + solana-mainnet-agave-pruned-rocksdb_firesol: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: + method-groups: + enabled: + - debug + - filter + methods: + disabled: + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes +... \ No newline at end of file diff --git a/solana/agave/solana-testnet-agave-pruned-rocksdb--firesol.yml b/solana/agave/solana-testnet-agave-pruned-rocksdb--firesol.yml new file mode 100644 index 00000000..fb11284a --- /dev/null +++ b/solana/agave/solana-testnet-agave-pruned-rocksdb--firesol.yml @@ -0,0 +1,196 @@ +--- + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:solana/agave/solana-testnet-agave-pruned-rocksdb--firesol.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/solana-testnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: 10m + max-file: '3' + +services: + solana-testnet-client: + image: ${SOLANA_FIRESOL_IMAGE:-ghcr.io/streamingfast/firehose-solana}:${SOLANA_TESTNET_FIRESOL_VERSION:-v1.1.3} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 10369:10369 + - 10369:10369/udp + - 70369-70389:70369-70389 + expose: + - 8899:8899 + entrypoint: [sh, -c, exec firesol start reader-node --reader-node-arguments "poller 0 $@", _] + command: + - --block-verification-method=unified-scheduler + - --dynamic-port-range=70369-70389 + - --entrypoint=entrypoint.testnet.solana.com:8001 + - --entrypoint=entrypoint2.testnet.solana.com:8001 + - --entrypoint=entrypoint3.testnet.solana.com:8001 + - --expected-genesis-hash=4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY + - --full-rpc-api + - --gossip-port=10369 + - --known-validator=5D1fNXzvv5NjV1ysLjirC4WY92RNsVH18vjmcszZd8on + - --known-validator=7XSY3MrYnK8vq693Rju17bbPkCN3Z7KvvfvJx4kdrsSY + - --known-validator=9QxCLckBiJc783jnMvXZubK4wH86Eqqvashtrwvcsgkv + - --known-validator=Ft5fbkqNa76vnsjYNwjDZUXoTWpP7VYm3mtsaQckQADN + - --limit-ledger-size=50000000 + - --log=- + - --no-poh-speed-test + - --no-voting + - --private-rpc + - --rpc-bind-address=0.0.0.0 + - --rpc-port=8899 + - --skip-poh-verify + - --skip-startup-ledger-verification + - --unified-scheduler-handler-threads=12 + - --use-snapshot-archives-at-startup=when-newest + - --wal-recovery-mode=skip_any_corrupted_record + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${SOLANA_TESTNET_AGAVE_PRUNED_ROCKSDB_DATA:-solana-testnet-agave-pruned-rocksdb}:/ledger + - /slowdisk:/slowdisk + logging: *logging-defaults + + solana-testnet: + image: nginx + environment: + PROXY_HOST: solana-testnet-client + RPC_PATH: '' + RPC_PORT: 8899 + WS_PATH: '' + WS_PORT: 8899 + restart: unless-stopped + depends_on: + - solana-testnet-client + networks: + - chains + volumes: + - ./nginx-proxy:/etc/nginx/templates + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.middlewares.solana-testnet-agave-pruned-rocksdb-stripprefix.stripprefix.prefixes=/solana-testnet + - traefik.http.services.solana-testnet-agave-pruned-rocksdb.loadbalancer.server.port=80 + - ${NO_SSL:-traefik.http.routers.solana-testnet-agave-pruned-rocksdb.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.solana-testnet-agave-pruned-rocksdb.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.solana-testnet-agave-pruned-rocksdb.rule=Host(`$DOMAIN`) && (Path(`/solana-testnet`) || Path(`/solana-testnet/`))} + - ${NO_SSL:+traefik.http.routers.solana-testnet-agave-pruned-rocksdb.rule=Path(`/solana-testnet`) || Path(`/solana-testnet/`)} + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb.middlewares=solana-testnet-agave-pruned-rocksdb-stripprefix, ipallowlist + + solana-testnet-firehose: + image: ${SOLANA_FIRESOL_IMAGE:-ghcr.io/streamingfast/firehose-solana}:${SOLANA_TESTNET_FIRESOL_VERSION:-v1.1.3} + expose: + - 10015 + - 10014 + environment: + - ${SOLANA_TESTNET_FIRESOL_BLOCKS_STORE:-/firehose-data/storage/merged-blocks} + entrypoint: [sh, -c, exec firesol start firehose index-builder relayer merger $@, _] + command: + - --log-to-file=false + - --relayer-source=http://solana-testnet-client:10010 + restart: unless-stopped + depends_on: + - solana-testnet + networks: + - chains + volumes: + - ${SOLANA_TESTNET_FIRESOL_DATA:-solana-testnet-firesol}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.solana-testnet-agave-pruned-rocksdb-firehose.loadbalancer.server.scheme=h2c + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-firehose.service=solana-testnet-agave-pruned-rocksdb-firehose + - traefik.http.services.solana-testnet-agave-pruned-rocksdb-firehose.loadbalancer.server.port=10015 + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-firehose.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.solana-testnet-agave-pruned-rocksdb-firehose.tls.certresolver=myresolver} + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-firehose.rule=Host(`solana-testnet-firehose.${DOMAIN}`) + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-firehose.middlewares=ipallowlist + + solana-testnet-events: + image: ${SOLANA_FIRESOL_IMAGE:-anzaxyz/agave}:${SOLANA_TESTNET_FIRESOL_VERSION:-v2.2.14} + expose: + - 10016 + entrypoint: [sh, -c, exec firesol start substreams-tier-1 substreams-tier-2 $@, _] + command: + - --common-live-blocks-addr=http://solana-testnet-firehose:10014 + - --log-to-file=false + - --substreams-rpc-endpoints=${SOLANA_TESTNET_FIRESOL_ARCHIVE_RPC} + restart: unless-stopped + depends_on: + - solana-testnet + networks: + - chains + volumes: + - ${SOLANA_TESTNET_FIRESOL_DATA:-solana-testnet-firesol}:/firehose-data + logging: *logging-defaults + labels: + - traefik.enable=true + - traefik.http.services.solana-testnet-agave-pruned-rocksdb-events.loadbalancer.server.scheme=h2c + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-events.service=solana-testnet-agave-pruned-rocksdb-events + - traefik.http.services.solana-testnet-agave-pruned-rocksdb-events.loadbalancer.server.port=10016 + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-events.entrypoints=grpc + - ${NO_SSL:-traefik.http.routers.solana-testnet-agave-pruned-rocksdb-events.tls.certresolver=myresolver} + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-events.rule=Host(`solana-testnet-events.${DOMAIN}`) + - traefik.http.routers.solana-testnet-agave-pruned-rocksdb-events.middlewares=ipallowlist + +volumes: + solana-testnet-agave-pruned-rocksdb: + solana-testnet-agave-pruned-rocksdb_firesol: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: + method-groups: + enabled: + - debug + - filter + methods: + disabled: + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes +... \ No newline at end of file