diff --git a/avalanche.yml b/avalanche.yml new file mode 100644 index 00000000..8971e667 --- /dev/null +++ b/avalanche.yml @@ -0,0 +1,29 @@ +version: '3.1' + +services: + avalanche: + image: avaplatform/avalanchego + expose: + - "9650" + - "9651" + ports: + - "9651:9651/tcp" + - "9651:9651/udp" + volumes: + - avalanche:/root/.avalanchego + networks: + - chains + command: "/avalanchego/build/avalanchego --http-host=" + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.avalanche-stripprefix.stripprefix.prefixes=/avalanche" + - "traefik.http.services.avalanche.loadbalancer.server.port=8545" + - "traefik.http.routers.avalanche.entrypoints=websecure" + - "traefik.http.routers.avalanche.tls.certresolver=myresolver" + - "traefik.http.routers.avalanche.rule=Host(`$DOMAIN`) && PathPrefix(`/avalanche`)" + - "traefik.http.routers.avalanche.middlewares=avalanche-stripprefix, ipwhitelist" + +volumes: + avalanche: \ No newline at end of file diff --git a/bsc.yml b/bsc.yml new file mode 100644 index 00000000..d253ac2e --- /dev/null +++ b/bsc.yml @@ -0,0 +1,30 @@ +version: '3.1' + +services: + + binance-smart-chain: + image: dysnix/bsc + expose: + - "8545" + - "8546" + - "30303" + volumes: + - bsc_date:/datadir + - ./bsc/config.toml:/config.toml + command: "--cache 18000 --rpc --rpcaddr=\"0.0.0.0\" --rpc.allow-unprotected-txs --txlookuplimit 0 --syncmode snap --config /config.toml --datadir /datadir" + restart: unless-stopped + networks: + - chains + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.bsc-stripprefix.stripprefix.prefixes=/bsc" + - "traefik.http.services.bsc.loadbalancer.server.port=8545" + - "traefik.http.routers.bsc.entrypoints=websecure" + - "traefik.http.routers.bsc.tls.certresolver=myresolver" + - "traefik.http.routers.bsc.rule=Host(`$DOMAIN`) && PathPrefix(`/bsc`)" + - "traefik.http.routers.bsc.middlewares=avalanche-stripprefix, ipwhitelist" + +volumes: + bsc_data: + diff --git a/bsc/config.toml b/bsc/config.toml new file mode 100644 index 00000000..0cca5b12 --- /dev/null +++ b/bsc/config.toml @@ -0,0 +1,65 @@ +[Eth] +NetworkId = 56 +NoPruning = false NoPrefetch = false LightPeers = 100 +UltraLightFraction = 75 TrieTimeout = 100000000000 EnablePreimageRecording = false EWASMInterpreter = "" EVMInterpreter = "" [Eth.Miner] GasFloor = 30000000 +GasCeil = 40000000 +GasPrice = 1000000000 +Recommit = 10000000000 +Noverify = false + +[Eth.TxPool] +Locals = [] +NoLocals = true +Journal = "transactions.rlp" +Rejournal = 3600000000000 +PriceLimit = 1000000000 +PriceBump = 10 +AccountSlots = 512 +GlobalSlots = 10000 +AccountQueue = 256 +GlobalQueue = 5000 +Lifetime = 10800000000000 + +[Eth.GPO] +Blocks = 20 +Percentile = 60 +OracleThreshold = 20 + +[Node] +IPCPath = "geth.ipc" +HTTPHost = "0.0.0.0" +NoUSB = true +InsecureUnlockAllowed = false +HTTPPort = 8545 +HTTPVirtualHosts = ["*"] +HTTPModules = ["eth", "net", "web3", "txpool", "parlia"] +WSPort = 8546 +WSModules = ["net", "web3", "eth"] + +[Node.P2P] +MaxPeers = 30 +NoDiscovery = false +BootstrapNodes = ["enode://1cc4534b14cfe351ab740a1418ab944a234ca2f702915eadb7e558a02010cb7c5a8c295a3b56bcefa7701c07752acd5539cb13df2aab8ae2d98934d712611443@52.71.43.172:30311","enode://28b1d16562dac280dac +aaf45d54516b85bc6c994252a9825c5cc4e080d3e53446d05f63ba495ea7d44d6c316b54cd92b245c5c328c37da24605c4a93a0d099c4@34.246.65.14:30311","enode://5a7b996048d1b0a07683a949662c87c09b55247ce774aeee10bb886892e586e3c +604564393292e38ef43c023ee9981e1f8b335766ec4f0f256e57f8640b079d5@35.73.137.11:30311"] +StaticNodes = ["enode://ace8e3b7e96290392a9c6238e005539dd1d1ca7c18aeedd979087789812e0656407e2c4baabcd83b50d583b583aa959ff42e5c95571d76b84995aad722a9a85c@44.198.55.182:30311","enode://1cda8150a6fe7597ce9f9 +7b9886bc7bda2c3f0b246b509a5783c7dae7e57f831c7288a801ad129d2ffac330494ba75f0f0f62e1d1eba3499feca4ee29c6ae087@3.215.117.86:30311","enode://4b32e474c1aa896c856b916f2feb7af4e49feb6f2ff355896473b44d6723e71a560 +2a610cc0839654ad2f031e5da6e210d880a4cd977a2ec76e64a95c13f49a3@18.206.147.221:30311","enode://6265fbbf7fc2978900abee29ab1f019ccbccaa22e4e1e07149f3607c7d680a1ba006e7bb5cf8901e26d07cad8140799832caa389fc2fe0e +1c6db4fec76946c2e@18.233.226.171:30311","enode://bdbcb42ff17a52af7ac120f23ee86f525ffbd854ce76e54bad858cf741fcd524d0f810be399d437bea939682a919c5af5df31811c43ccc270d04485caf4ddaeb@52.206.226.126:30311","eno +de://93a47b4de28dfd716a3de5481a72916f326b7c31c137d72ac12950c61ec3ee143312d903dbfab916ac0d7a92fedad6fc6f646c16ea009ca893089c9c2f64ec83@18.204.55.80:30311","enode://bb851ac2001f47e7c9a5d08a2fafcfe483c5bd028 +65b3a25901f853cfaec297e1eded6a27f0c0b8fcb59891b6a0846ca92f54e05c1db4b1c9f4dbef5b66062f3@3.88.19.251:30311","enode://d54499eb86df0f28d91906cef4f648360b636f923d58567865b83508fb97d2e95d2ce3e3a594facb73230b9e +19172a534ce5af3f528599d0d1e52632438aa864@44.200.226.84:30311","enode://2d55e48679442a9e3ef2a3edf2854dcb289f8162d57dbda1e82e7576b0708e0670befaa7255f5c9fa8389443a7e7b4ff762c9e7fd33ddf9f21ec9562f03e8945@18.2 +12.135.123:30311","enode://9df97e190f0b82ba7891e0ed556f11f4c1a172c26b2e823e52cfe5722b3df3f1819d2acb87ed0bfeb21fe3aee4ef1ffb8c9227fa7fdf744bfd4f47caad461edf@54.81.89.198:30311"] +ListenAddr = ":30311" +EnableMsgEvents = false + +[Node.HTTPTimeouts] +ReadTimeout = 30000000000 +WriteTimeout = 30000000000 +IdleTimeout = 120000000000 + +[Node.LogConfig] +FilePath = "bsc.log" +MaxBytesSize = 10485760 +Level = "info" +FileRoot = "" \ No newline at end of file diff --git a/docker-compose-rpc.yml b/docker-compose-rpc.yml deleted file mode 100644 index f96889a3..00000000 --- a/docker-compose-rpc.yml +++ /dev/null @@ -1,434 +0,0 @@ -version: '3.1' - -services: - - traefik: - image: traefik:latest - container_name: traefik - restart: always - ports: - - "443:443" - - "127.0.0.1:8080:8080" - command: - - "--api=true" - - "--api.insecure=true" - - "--api.dashboard=true" - - "--log.level=DEBUG" - - "--providers.docker=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.websecure.address=:443" - - "--entryPoints.metrics.address=:8082" - - "--metrics.prometheus.entryPoint=metrics" - - "--certificatesresolvers.myresolver.acme.tlschallenge=true" - # TESTING - # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" - - "--certificatesresolvers.myresolver.acme.email=$MAIL" - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" - volumes: - - "./traefik/letsencrypt:/letsencrypt" - - "/var/run/docker.sock:/var/run/docker.sock:ro" - networks: - - chains - labels: - - "traefik.enable=true" - - ### NODES - geth-goerli: - image: ethereum/client-go:latest - expose: - - "8545" - - "6060" - - "30303" - volumes: - - geth-goerli:/.goerli - networks: - - chains - command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.geth-goerli-stripprefix.stripprefix.prefixes=/goerli" - - "traefik.http.services.geth-goerli.loadbalancer.server.port=8545" - - "traefik.http.routers.geth-goerli.entrypoints=websecure" - - "traefik.http.routers.geth-goerli.tls.certresolver=myresolver" - - "traefik.http.routers.geth-goerli.rule=Host(`$DOMAIN`) && PathPrefix(`/goerli`)" - - "traefik.http.routers.geth-goerli.middlewares=geth-goerli-stripprefix, ipwhitelist" - - geth-rinkeby: - image: ethereum/client-go:latest - expose: - - "8545" - - "6060" - - "30303" - volumes: - - geth-rinkeby:/.rinkeby - networks: - - chains - command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.geth-rinkeby-stripprefix.stripprefix.prefixes=/rinkeby" - - "traefik.http.services.geth-rinkeby.loadbalancer.server.port=8545" - - "traefik.http.routers.geth-rinkeby.entrypoints=websecure" - - "traefik.http.routers.geth-rinkeby.tls.certresolver=myresolver" - - "traefik.http.routers.geth-rinkeby.rule=Host(`$DOMAIN`) && PathPrefix(`/rinkeby`)" - - "traefik.http.routers.geth-rinkeby.middlewares=geth-rinkeby-stripprefix, ipwhitelist" - - geth-ropsten: - image: ethereum/client-go:latest - expose: - - "8545" - - "6060" - - "30303" - volumes: - - geth-ropsten:/.ropsten - networks: - - chains - command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.geth-ropsten-stripprefix.stripprefix.prefixes=/ropsten" - - "traefik.http.services.geth-ropsten.loadbalancer.server.port=8545" - - "traefik.http.routers.geth-ropsten.entrypoints=websecure" - - "traefik.http.routers.geth-ropsten.tls.certresolver=myresolver" - - "traefik.http.routers.geth-ropsten.rule=Host(`$DOMAIN`) && PathPrefix(`/ropsten`)" - - "traefik.http.routers.geth-ropsten.middlewares=geth-ropsten-stripprefix, ipwhitelist" - - xdai: - image: nethermind/nethermind:latest - expose: - - "8545" - - "40444" - ports: - - "40444:40444" - - "40444:40444/udp" - volumes: - - xdai:/nethermind_db/xdai - - ./xdai/xdai.cfg:/xdai.cfg - - ./xdai/xdai.json:/xdai.json - networks: - - chains - command: "--config /xdai.cfg" - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.xdai-stripprefix.stripprefix.prefixes=/xdai" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.services.xdai.loadbalancer.server.port=8545" - - "traefik.http.routers.xdai.entrypoints=websecure" - - "traefik.http.routers.xdai.tls.certresolver=myresolver" - - "traefik.http.routers.xdai.rule=Host(`$DOMAIN`) && PathPrefix(`/xdai`)" - - "traefik.http.routers.xdai.middlewares=xdai-stripprefix, ipwhitelist" - - harmony-mainnet: - build: ./harmony/build - command: bash -c "/harmony.sh && /binary --log.dir /harmony/log --run explorer --run.shard 0 --dns.zone t.hmny.io --http.ip 0.0.0.0 --datadir /harmony" - sysctls: - net.core.somaxconn: 1024 - # net.core.netdev_max_backlog: 65536 - net.ipv4.tcp_tw_reuse: 1 - net.ipv4.tcp_rmem: 4096 65536 16777216 - net.ipv4.tcp_wmem: 4096 65536 16777216 - # net.ipv4.tcp_mem: 65536 131072 262144 - ulimits: - nproc: 65535 - nofile: - soft: 65535 - hard: 65535 - expose: - - "9500" - - "9000" - - "6000" - - "30303" - volumes: - - harmony:/harmony/ - - ./harmony/log:/harmony/log - - ./bootstrap_skript/harmony.sh:/harmony.sh - networks: - - chains - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.harmony-mainnet-stripprefix.stripprefix.prefixes=/harmony" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.services.harmony-mainnet.loadbalancer.server.port=9500" - - "traefik.http.routers.harmony-mainnet.entrypoints=websecure" - - "traefik.http.routers.harmony-mainnet.tls.certresolver=myresolver" - - "traefik.http.routers.harmony-mainnet.rule=Host(`$DOMAIN`) && PathPrefix(`/harmony`)" - - "traefik.http.routers.harmony-mainnet.middlewares=harmony-mainnet-stripprefix, ipwhitelist" - - erigon-trace: - image: thorax/erigon - expose: - - "30303" - - "30304" - - "9090" - volumes: - - erigon-trace:/home/erigon/.local/share/erigon - networks: - - chains - command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061 - restart: unless-stopped - - rpcdaemon: - image: thorax/erigon:latest - command: rpcdaemon --datadir=/home/erigon/.local/share/erigon --private.api.addr=erigon-trace:9090 --txpool.api.addr=erigon-trace:9090 --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.api=eth,erigon,web3,net,debug,trace,txpool --ws - pid: service:erigon-trace # Use erigon's PID namespace. It's required to open Erigon's DB from another process (RPCDaemon local-mode) - volumes: - - erigon-trace:/home/erigon/.local/share/erigon - networks: - - chains - expose: - - "8545" - restart: unless-stopped - depends_on: - - "erigon-trace" - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.rpcdaemon-stripprefix.stripprefix.prefixes=/erigon" - - "traefik.http.services.rpcdaemon.loadbalancer.server.port=8545" - - "traefik.http.routers.rpcdaemon.entrypoints=websecure" - - "traefik.http.routers.rpcdaemon.tls.certresolver=myresolver" - - "traefik.http.routers.rpcdaemon.rule=Host(`$DOMAIN`) && PathPrefix(`/erigon`)" - - "traefik.http.routers.rpcdaemon.middlewares=rpcdaemon-stripprefix, ipwhitelist" - - avalanche: - image: avaplatform/avalanchego - expose: - - "9650" - - "9651" - ports: - - "9651:9651/tcp" - - "9651:9651/udp" - volumes: - - avalanche:/root/.avalanchego - networks: - - chains - command: "/avalanchego/build/avalanchego --http-host=" - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.avalanche-stripprefix.stripprefix.prefixes=/avalanche" - - "traefik.http.services.avalanche.loadbalancer.server.port=8545" - - "traefik.http.routers.avalanche.entrypoints=websecure" - - "traefik.http.routers.avalanche.tls.certresolver=myresolver" - - "traefik.http.routers.avalanche.rule=Host(`$DOMAIN`) && PathPrefix(`/avalanche`)" - - "traefik.http.routers.avalanche.middlewares=avalanche-stripprefix, ipwhitelist" - - pocket-testnet: - image: poktnetwork/pocket-core:stagenet-latest - ports: - - "127.0.0.1:8082:8081" - - "26657:26656" - expose: - - 26656 - - 8081 - command: pocket start --seeds=$POCKET_TEST_SEEDS --testnet - #command: pocket start --simulateRelay - environment: - - POCKET_CORE_KEY=$POCKET_CORE_KEY_TEST - - POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE_TEST - volumes: - - ./chains/chains_testnet.json:/home/app/.pocket/config/chains.json - - pocket-testnet:/home/app/.pocket - networks: - - chains - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.pocket-testnet-stripprefix.stripprefix.prefixes=/pokttest" - - "traefik.http.services.pocket-testnet.loadbalancer.server.port=8081" - - "traefik.http.routers.pocket-testnet.entrypoints=websecure" - - "traefik.http.routers.pocket-testnet.tls.certresolver=myresolver" - - "traefik.http.routers.pocket-testnet.rule=Host(`$DOMAIN`) && PathPrefix(`/pokttest`)" - - "traefik.http.routers.pocket-testnet.middlewares=pocket-testnet-stripprefix, ipwhitelist" - - pocket-mainnet: - image: poktnetwork/pocket-core:stagenet-latest - ports: - - "127.0.0.1:8081:8081" - - "26656:26656" - expose: - - 26656 - - 8081 - command: /home/app/.pocket/pokt_mainnet.sh && pocket start --seeds=$POCKET_MAIN_SEEDS --mainnet - #command: pocket start --simulateRelay - environment: - - POCKET_CORE_KEY=$POCKET_CORE_KEY - - POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE - - POCKET_SNAPSHOT=$POCKET_SNAPSHOT - volumes: - - ./bootstrap_skript/pokt_mainnet.sh:/home/app/.pocket/pokt_mainnet.sh - - ./chains/chains_mainnet.json:/home/app/.pocket/config/chains.json - - ./pokt/config.json:/home/app/.pocket/config/config.json - - pocket-mainnet:/home/app/.pocket - networks: - - chains - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.pocket-mainnet-stripprefix.stripprefix.prefixes=/pokt" - - "traefik.http.services.pocket-mainner.loadbalancer.server.port=8081" - - "traefik.http.routers.pocket-mainnet.entrypoints=websecure" - - "traefik.http.routers.pocket-mainnet.tls.certresolver=myresolver" - - "traefik.http.routers.pocket-mainnet.rule=Host(`$DOMAIN`) && PathPrefix(`/pokt`)" - - "traefik.http.routers.pocket-mainnet.middlewares=pocket-mainnet-stripprefix, ipwhitelist" - restart: unless-stopped - - fusenetstat: - image: fusenet/netstat:1.0.0 - command: "--instance-name 0xeb5Ca1d019e9D8b9aa9C47991993C84d1062628d --role node --parity-version 2.0.1 --fuseapp-version 1.0.0 --netstats-version 1.0.0" - network_mode: "service:fusenet" - restart: unless-stopped - depends_on: - - fusenet - - # wants udp and tcp port bindings on 30303 - fusenet: - image: fusenet/node:2.0.1 - expose: - - "8545" - - "8546" - - "30303" - environment: - - HOME=/home/parity - - PARITY_HOME_DIR=/home/parity/.local/share/io.parity.ethereum - - PARITY_CONFIG_FILE_CHAIN=/home/parity/.local/share/io.parity.ethereum/spec.json - - PARITY_CONFIG_FILE_BOOTNODES=/home/parity/.local/share/io.parity.ethereum/bootnodes.txt - - PARITY_CONFIG_FILE_TEMPLATE=/home/parity/.local/share/io.parity.ethereum/config_template.toml - - PARITY_DATA_DIR=/home/parity/.local/share/io.parity.ethereum/chains - - PARITY_BIN=/usr/local/bin/parity - - PARITY_WRAPPER_SCRIPT=/home/parity/parity_wrapper.sh - volumes: - - /root/fusenet/database:/data - - /root/fusenet/config:/config/custom - networks: - - chains - command: "--role node --parity-args --no-warp --node-key 0xeb5Ca1d019e9D8b9aa9C47991993C84d1062628d --jsonrpc-threads 1 --jsonrpc-server-threads 4" - restart: unless-stopped - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" - - "traefik.http.middlewares.fuse-stripprefix.stripprefix.prefixes=/fuse" - - "traefik.http.services.fuse.loadbalancer.server.port=8545" - - "traefik.http.routers.fuse.entrypoints=websecure" - - "traefik.http.routers.fuse.tls.certresolver=myresolver" - - "traefik.http.routers.fuse.rule=Host(`$DOMAIN`) && PathPrefix(`/fuse`)" - - "traefik.http.routers.fuse.middlewares=fuse-stripprefix, ipwhitelist" - - -### WIREGUARD - - wireguard: - image: lscr.io/linuxserver/wireguard - container_name: wireguard - cap_add: - - NET_ADMIN - - SYS_MODULE - environment: - - PUID=$PUID - - PGID=$PGID - volumes: - - ./wireguard/config/wg0.conf:/config/wg0.conf - - /lib/modules:/lib/modules - networks: - - chains - # Expose prometheus port - expose: - - 9090 - ports: - - $SERVERPORT:$SERVERPORT/udp - sysctls: - - net.ipv4.conf.all.src_valid_mark=1 - restart: unless-stopped - - -### MONITORING - - prometheus: - image: prom/prometheus:v2.30.3 - container_name: prometheus - volumes: - - ./prometheus/prometheus-rpc.yml:/etc/prometheus/prometheus.yml - - prometheus_data:/prometheus - command: - - '--config.file=/etc/prometheus/prometheus.yml' - - '--storage.tsdb.path=/prometheus' - - '--web.console.libraries=/etc/prometheus/console_libraries' - - '--web.console.templates=/etc/prometheus/consoles' - - '--storage.tsdb.retention.time=200h' - - '--web.enable-lifecycle' - restart: unless-stopped - network_mode: "service:wireguard" - labels: - org.label-schema.group: "monitoring" - depends_on: - - wireguard - - nodeexporter: - image: prom/node-exporter:v1.2.2 - container_name: nodeexporter - volumes: - - /proc:/host/proc:ro - - /sys:/host/sys:ro - - /:/rootfs:ro - networks: - - chains - command: - - '--path.procfs=/host/proc' - - '--path.rootfs=/rootfs' - - '--path.sysfs=/host/sys' - - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' - restart: unless-stopped - expose: - - 9100 - labels: - org.label-schema.group: "monitoring" - - cadvisor: - image: gcr.io/cadvisor/cadvisor:v0.42.0 - container_name: cadvisor - privileged: true - devices: - - /dev/kmsg:/dev/kmsg - volumes: - - /:/rootfs:ro - - /var/run:/var/run:ro - - /sys:/sys:ro - - /var/lib/docker:/var/lib/docker:ro - #- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux - networks: - - chains - restart: unless-stopped - expose: - - 8080 - labels: - org.label-schema.group: "monitoring" - -### VOLUMES - -volumes: - xdai: - harmony: - geth-goerli: - geth-rinkeby: - geth-ropsten: - erigon-trace: - avalanche: - pocket-testnet: - pocket-mainnet: - prometheus_data: - -networks: - chains: - driver: bridge - ipam: - config: - - subnet: 192.168.0.1/27 \ No newline at end of file diff --git a/erigon.yml b/erigon.yml new file mode 100644 index 00000000..07936011 --- /dev/null +++ b/erigon.yml @@ -0,0 +1,41 @@ +version: '3.1' + +services: + erigon-trace: + image: thorax/erigon + expose: + - "30303" + - "30304" + - "9090" + volumes: + - erigon-trace:/home/erigon/.local/share/erigon + networks: + - chains + command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061 + restart: unless-stopped + + rpcdaemon: + image: thorax/erigon:latest + command: rpcdaemon --datadir=/home/erigon/.local/share/erigon --private.api.addr=erigon-trace:9090 --txpool.api.addr=erigon-trace:9090 --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.api=eth,erigon,web3,net,debug,trace,txpool --ws + pid: service:erigon-trace # Use erigon's PID namespace. It's required to open Erigon's DB from another process (RPCDaemon local-mode) + volumes: + - erigon-trace:/home/erigon/.local/share/erigon + networks: + - chains + expose: + - "8545" + restart: unless-stopped + depends_on: + - "erigon-trace" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.rpcdaemon-stripprefix.stripprefix.prefixes=/erigon" + - "traefik.http.services.rpcdaemon.loadbalancer.server.port=8545" + - "traefik.http.routers.rpcdaemon.entrypoints=websecure" + - "traefik.http.routers.rpcdaemon.tls.certresolver=myresolver" + - "traefik.http.routers.rpcdaemon.rule=Host(`$DOMAIN`) && PathPrefix(`/erigon`)" + - "traefik.http.routers.rpcdaemon.middlewares=rpcdaemon-stripprefix, ipwhitelist" + +volumes: + erigon-trace_data: \ No newline at end of file diff --git a/evmos.yml b/evmos.yml new file mode 100644 index 00000000..f4c66307 --- /dev/null +++ b/evmos.yml @@ -0,0 +1,29 @@ +version: '3.1' + +services: + + evmos: + image: tharsishq/evmos:latest + expose: + - "8545" + ports: + - "26657:26657" + - "26656:26656" + volumes: + - evmos_data:/root/.evmosd + command: "evmosd start" + networks: + - chains + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.evmos-stripprefix.stripprefix.prefixes=/evmos" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.services.evmos.loadbalancer.server.port=8545" + - "traefik.http.routers.evmos.entrypoints=websecure" + - "traefik.http.routers.evmos.tls.certresolver=myresolver" + - "traefik.http.routers.evmos.rule=Host(`$DOMAIN`) && PathPrefix(`/evmos`)" + - "traefik.http.routers.evmos.middlewares=evmos-stripprefix, ipwhitelist" + +volumes: + evmos_data: \ No newline at end of file diff --git a/fuse.yml b/fuse.yml new file mode 100644 index 00000000..b029701b --- /dev/null +++ b/fuse.yml @@ -0,0 +1,47 @@ +version: '3.1' + +services: + fusenetstat: + image: fusenet/netstat:1.0.0 + command: "--instance-name 0xeb5Ca1d019e9D8b9aa9C47991993C84d1062628d --role node --parity-version 2.0.1 --fuseapp-version 1.0.0 --netstats-version 1.0.0" + network_mode: "service:fusenet" + restart: unless-stopped + depends_on: + - fusenet + + # wants udp and tcp port bindings on 30303 + fusenet: + image: fusenet/node:2.0.1 + expose: + - "8545" + - "8546" + - "30303" + environment: + - HOME=/home/parity + - PARITY_HOME_DIR=/home/parity/.local/share/io.parity.ethereum + - PARITY_CONFIG_FILE_CHAIN=/home/parity/.local/share/io.parity.ethereum/spec.json + - PARITY_CONFIG_FILE_BOOTNODES=/home/parity/.local/share/io.parity.ethereum/bootnodes.txt + - PARITY_CONFIG_FILE_TEMPLATE=/home/parity/.local/share/io.parity.ethereum/config_template.toml + - PARITY_DATA_DIR=/home/parity/.local/share/io.parity.ethereum/chains + - PARITY_BIN=/usr/local/bin/parity + - PARITY_WRAPPER_SCRIPT=/home/parity/parity_wrapper.sh + volumes: + - fusenet_data:/data + - fusenet_config:/config/custom + networks: + - chains + command: "--role node --parity-args --no-warp --node-key 0xeb5Ca1d019e9D8b9aa9C47991993C84d1062628d --jsonrpc-threads 1 --jsonrpc-server-threads 4" + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.fuse-stripprefix.stripprefix.prefixes=/fuse" + - "traefik.http.services.fuse.loadbalancer.server.port=8545" + - "traefik.http.routers.fuse.entrypoints=websecure" + - "traefik.http.routers.fuse.tls.certresolver=myresolver" + - "traefik.http.routers.fuse.rule=Host(`$DOMAIN`) && PathPrefix(`/fuse`)" + - "traefik.http.routers.fuse.middlewares=fuse-stripprefix, ipwhitelist" + +volumes: + fusenet_data: + fusenet_config: \ No newline at end of file diff --git a/goerli.yml b/goerli.yml new file mode 100644 index 00000000..608b3a0f --- /dev/null +++ b/goerli.yml @@ -0,0 +1,26 @@ +version: '3.1' + +services: + geth-goerli: + image: ethereum/client-go:latest + expose: + - "8545" + - "6060" + - "30303" + volumes: + - geth-goerli:/.goerli + networks: + - chains + command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.geth-goerli-stripprefix.stripprefix.prefixes=/goerli" + - "traefik.http.services.geth-goerli.loadbalancer.server.port=8545" + - "traefik.http.routers.geth-goerli.entrypoints=websecure" + - "traefik.http.routers.geth-goerli.tls.certresolver=myresolver" + - "traefik.http.routers.geth-goerli.rule=Host(`$DOMAIN`) && PathPrefix(`/goerli`)" + - "traefik.http.routers.geth-goerli.middlewares=geth-goerli-stripprefix, ipwhitelist" + +volumes: + geth-goerli: \ No newline at end of file diff --git a/harmony.yml b/harmony.yml new file mode 100644 index 00000000..62f5ac2f --- /dev/null +++ b/harmony.yml @@ -0,0 +1,42 @@ +version: '3.1' + +services: + harmony-mainnet: + build: ./harmony/build + command: bash -c "/harmony.sh && /binary --log.dir /harmony/log --run explorer --run.shard 0 --dns.zone t.hmny.io --http.ip 0.0.0.0 --datadir /harmony" + sysctls: + net.core.somaxconn: 1024 + # net.core.netdev_max_backlog: 65536 + net.ipv4.tcp_tw_reuse: 1 + net.ipv4.tcp_rmem: 4096 65536 16777216 + net.ipv4.tcp_wmem: 4096 65536 16777216 + # net.ipv4.tcp_mem: 65536 131072 262144 + ulimits: + nproc: 65535 + nofile: + soft: 65535 + hard: 65535 + expose: + - "9500" + - "9000" + - "6000" + - "30303" + volumes: + - harmony:/harmony/ + - ./harmony/log:/harmony/log + - ./bootstrap_skript/harmony.sh:/harmony.sh + networks: + - chains + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.harmony-mainnet-stripprefix.stripprefix.prefixes=/harmony" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.services.harmony-mainnet.loadbalancer.server.port=9500" + - "traefik.http.routers.harmony-mainnet.entrypoints=websecure" + - "traefik.http.routers.harmony-mainnet.tls.certresolver=myresolver" + - "traefik.http.routers.harmony-mainnet.rule=Host(`$DOMAIN`) && PathPrefix(`/harmony`)" + - "traefik.http.routers.harmony-mainnet.middlewares=harmony-mainnet-stripprefix, ipwhitelist" + +volumes: + harmony: \ No newline at end of file diff --git a/docker-compose.harmony.yml b/monitoring.yml similarity index 70% rename from docker-compose.harmony.yml rename to monitoring.yml index c43a66f3..de88c8a3 100644 --- a/docker-compose.harmony.yml +++ b/monitoring.yml @@ -1,35 +1,6 @@ version: '3.1' services: - harmony-mainnet: - build: ./harmony/build - command: bash -c "/harmony.sh && /binary --log.dir /harmony/log --run.shard 1 --dns.zone t.hmny.io --http.ip 0.0.0.0 --datadir /harmony" - sysctls: - net.core.somaxconn: 1024 - # net.core.netdev_max_backlog: 65536 - net.ipv4.tcp_tw_reuse: 1 - net.ipv4.tcp_rmem: 4096 65536 16777216 - net.ipv4.tcp_wmem: 4096 65536 16777216 - # net.ipv4.tcp_mem: 65536 131072 262144 - ulimits: - nproc: 65535 - nofile: - soft: 65535 - hard: 65535 - expose: - - "9500" - - "9000" - - "6000" - - "9900" - ports: - - 9000:9000/tcp - - 6000:6000/tcp - volumes: - - harmony_data:/harmony/ - - ./harmony/keyfiles:/.hmy/blskeys - - ./harmony/log:/harmony/log - - ./bootstrap_skript/harmony.sh:/harmony.sh - restart: unless-stopped ### WIREGUARD @@ -66,8 +37,9 @@ services: image: prom/prometheus:v2.30.3 container_name: prometheus volumes: - - ./prometheus/prometheus-harmony.yml:/etc/prometheus/prometheus.yml - - prometheus_data:/prometheus + - ./prometheus/prometheus.autodiscover.yml:/etc/prometheus/prometheus.yml:ro + - prometheus_data:/prometheus:rw + - prometheus-docker-sd:/prometheus-docker-sd:ro command: - '--config.file=/etc/prometheus/prometheus.yml' - '--storage.tsdb.path=/prometheus' @@ -82,6 +54,13 @@ services: depends_on: - wireguard + prometheus-docker-sd: + image: "stucky/prometheus-docker-sd:latest" + restart: unless-stopped + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - prometheus-docker-sd:/prometheus-docker-sd:rw + nodeexporter: image: prom/node-exporter:v1.2.2 container_name: nodeexporter @@ -121,6 +100,5 @@ services: ### VOLUMES volumes: - harmony_data: prometheus_data: - + prometheus-docker-sd: diff --git a/pocket.yml b/pocket.yml new file mode 100644 index 00000000..d34ea6b2 --- /dev/null +++ b/pocket.yml @@ -0,0 +1,38 @@ +version: '3.1' + +services: + + pocket-mainnet: + image: poktnetwork/pocket-core:stagenet-latest + ports: + #- "127.0.0.1:8081:8081" + - "26656:26656" + expose: + - 26656 + - 8081 + command: /home/app/.pocket/pokt_mainnet.sh && pocket start --seeds=$POCKET_MAIN_SEEDS --mainnet + #command: pocket start --simulateRelay + environment: + - POCKET_CORE_KEY=$POCKET_CORE_KEY + - POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE + - POCKET_SNAPSHOT=$POCKET_SNAPSHOT + volumes: + - ./bootstrap_skript/pokt_mainnet.sh:/home/app/.pocket/pokt_mainnet.sh + - ./chains/chains_mainnet.json:/home/app/.pocket/config/chains.json + - ./pokt/config.json:/home/app/.pocket/config/config.json + - pocket-mainnet:/home/app/.pocket + networks: + - chains + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.pocket-mainnet-stripprefix.stripprefix.prefixes=/pokt" + - "traefik.http.services.pocket-mainner.loadbalancer.server.port=8081" + - "traefik.http.routers.pocket-mainnet.entrypoints=websecure" + - "traefik.http.routers.pocket-mainnet.tls.certresolver=myresolver" + - "traefik.http.routers.pocket-mainnet.rule=Host(`$DOMAIN`) && PathPrefix(`/pokt`)" + - "traefik.http.routers.pocket-mainnet.middlewares=pocket-mainnet-stripprefix, ipwhitelist" + restart: unless-stopped + +volumes: + pocket-mainnet: \ No newline at end of file diff --git a/polygon-archive.yml b/polygon-archive.yml new file mode 100644 index 00000000..972f62db --- /dev/null +++ b/polygon-archive.yml @@ -0,0 +1,34 @@ +version: '3.1' + +services: + bor: + build: + args: + UPSTREAM_VERSION: v0.2.14 + context: ./polygon/bor + dockerfile: Dockerfile + environment: + - BOOTSTRAP=0 + - ARCHIVE=1 + volumes: + - "bor_data:/datadir" + ports: + - "40303:40303" + - "40303:40303/udp" + depends_on: + - heimdallr + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.bor-stripprefix.stripprefix.prefixes=/polygon-archive" + - "traefik.http.services.bor.loadbalancer.server.port=8545" + - "traefik.http.routers.bor.entrypoints=websecure" + - "traefik.http.routers.bor.tls.certresolver=myresolver" + - "traefik.http.routers.bor.rule=Host(`$DOMAIN`) && PathPrefix(`/polygon-archive`)" + - "traefik.http.routers.bor.middlewares=bor-stripprefix, ipwhitelist" + networks: + - chains + +volumes: + bor_data: \ No newline at end of file diff --git a/polygon-base.yml b/polygon-base.yml new file mode 100644 index 00000000..0f82dc8f --- /dev/null +++ b/polygon-base.yml @@ -0,0 +1,52 @@ +version: '3.1' + +services: + + rabbitmq: + container_name: rabbitmq + image: "rabbitmq:3-alpine" + ports: + - "5672" + restart: unless-stopped + + heimdalld: + build: &ref_0 + args: + UPSTREAM_VERSION: v0.2.7 + context: ./polygon/heimdall + dockerfile: Dockerfile + volumes: + - "heimdall_data:/root/.heimdalld" + ports: + - "26656:26656" + - "127.0.0.1:26657:26657" + depends_on: + - rabbitmq + - geth-mainnet + environment: + - MONIKER=StakeSquid + - SNAPSHOT_URL=https://matic-blockchain-snapshots.s3-accelerate.amazonaws.com/matic-mainnet/heimdall-snapshot-2022-02-20.tar.gz + - BOOTSTRAP=1 + - "ETH1_RPC_URL=http://geth-mainnet:8545/" + restart: unless-stopped + networks: + - chains + + heimdallr: + environment: + - REST_SERVER=1 + - "ETH1_RPC_URL=http://geth-mainnet:8545/" + build: *ref_0 + volumes: + - "heimdall_data:/root/.heimdalld" + ports: + - "1317" + depends_on: + - heimdalld + - geth-mainnet + restart: unless-stopped + networks: + - chains + +volumes: + heimdall_data: diff --git a/polygon-fullnode.yml b/polygon-fullnode.yml new file mode 100644 index 00000000..ae0371c4 --- /dev/null +++ b/polygon-fullnode.yml @@ -0,0 +1,35 @@ +version: '3.1' + +services: + bor: + build: + args: + UPSTREAM_VERSION: v0.2.14 + context: ./polygon/bor + dockerfile: Dockerfile + environment: + - SNAPSHOT_URL=https://matic-blockchain-snapshots.s3-accelerate.amazonaws.com/matic-mainnet/bor-fullnode-snapshot-2022-02-20.tar.gz + - BOOTSTRAP=1 + - ARCHIVE=0 + volumes: + - "bor_data:/datadir" + ports: + - "40303:40303" + - "40303:40303/udp" + depends_on: + - heimdallr + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.bor-stripprefix.stripprefix.prefixes=/polygon" + - "traefik.http.services.bor.loadbalancer.server.port=8545" + - "traefik.http.routers.bor.entrypoints=websecure" + - "traefik.http.routers.bor.tls.certresolver=myresolver" + - "traefik.http.routers.bor.rule=Host(`$DOMAIN`) && PathPrefix(`/polygon`)" + - "traefik.http.routers.bor.middlewares=bor-stripprefix, ipwhitelist" + networks: + - chains + +volumes: + bor_data: \ No newline at end of file diff --git a/polygon/bor/Dockerfile b/polygon/bor/Dockerfile new file mode 100644 index 00000000..ed38040c --- /dev/null +++ b/polygon/bor/Dockerfile @@ -0,0 +1,28 @@ +# Build Bor in a stock Go builder container +FROM golang:1.16-alpine as builder + +# Install packages we need +RUN apk add --no-cache make gcc musl-dev linux-headers git + +# Make a folder to work in +RUN mkdir /bor + +# Grab UPSTREAM_VERSION from Build Args +ARG UPSTREAM_VERSION + +# Clone the repo to that folder +RUN git clone --branch ${UPSTREAM_VERSION} https://github.com/maticnetwork/bor.git /bor + +# Build Bor +RUN cd /bor && make bor + +# Pull Bor into a second stage deploy alpine container +FROM alpine:latest + +RUN apk add --no-cache ca-certificates curl jq +COPY --from=builder /bor/build/bin/bor /usr/local/bin/ + +# Set entrypoint +COPY ./scripts/entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod u+x /usr/local/bin/entrypoint.sh +ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] diff --git a/polygon/bor/scripts/entrypoint.sh b/polygon/bor/scripts/entrypoint.sh new file mode 100755 index 00000000..c29f8868 --- /dev/null +++ b/polygon/bor/scripts/entrypoint.sh @@ -0,0 +1,60 @@ +#!/bin/sh + +# exit script on any error +set -e + +# Set Bor Home Directory +BOR_HOME=/datadir + +# Check for genesis file and download or update it if needed +if [ ! -f "${BOR_HOME}/genesis.json" ]; +then + echo "setting up initial configurations" + cd ${BOR_HOME} + echo "downloading launch genesis file" + wget https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/bor/genesis.json + echo "initializing bor with genesis file" + bor --datadir ${BOR_HOME} init ${BOR_HOME}/genesis.json +else + # Check if genesis file needs updating + cd ${BOR_HOME} + GREPSTRING=$(grep londonBlock genesis.json | wc -l) # v0-2-13 Update + if [ ${GREPSTRING} == 0 ]; + then + echo "Updating Genesis File" + wget https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/bor/genesis.json + bor --datadir ${BOR_HOME} init ${BOR_HOME}/genesis.json + fi +fi + +if [ "${BOOTSTRAP}" == 1 ] && [ -n "${SNAPSHOT_URL}" ] && [ ! -f "${BOR_HOME}/bootstrapped" ]; +then + echo "downloading snapshot from ${SNAPSHOT_URL}" + mkdir -p ${BOR_HOME}/bor/chaindata + wget -c "${SNAPSHOT_URL}" -O - | tar -xz -C ${BOR_HOME}/bor/chaindata && touch ${BOR_HOME}/bootstrapped +fi + +READY=$(curl -s http://heimdalld:26657/status | jq '.result.sync_info.catching_up') +while [[ "${READY}" != "false" ]]; +do + echo "Waiting for heimdalld to catch up." + sleep 30 + READY=$(curl -s heimdalld:26657/status | jq '.result.sync_info.catching_up') +done + +if [ "${ARCHIVE}" == 1 ]; +then + exec bor --port=40303 --maxpeers=${MAXPEERS:-200} --datadir=/datadir --networkid=137 --syncmode=full --gcmode=archive \ + --ipcpath ${BOR_HOME}/bor.ipc --bor.heimdall=http://heimdallr:1317 \ + --txpool.accountslots=16 --txpool.globalslots=131072 --txpool.accountqueue=64 --txpool.globalqueue=131072 \ + --txpool.lifetime='1h30m0s' --miner.gaslimit=200000000 --miner.gastarget=20000000 --miner.gasprice '30000000000' \ + --http --http.addr=0.0.0.0 --http.port=8545 --http.api=eth,net,web3,txpool,bor --http.corsdomain="*" --http.vhosts="*" \ + --ws --ws.addr=0.0.0.0 --ws.port=8545 --ws.api=eth,net,web3,txpool,bor --ws.origins="*" +else + exec bor --port=40303 --maxpeers=${MAXPEERS:-200} --datadir=/datadir --networkid=137 --syncmode=full \ + --ipcpath ${BOR_HOME}/bor.ipc --bor.heimdall=http://heimdallr:1317 \ + --txpool.accountslots=16 --txpool.globalslots=131072 --txpool.accountqueue=64 --txpool.globalqueue=131072 \ + --txpool.lifetime='1h30m0s' --miner.gaslimit=200000000 --miner.gastarget=20000000 --miner.gasprice '30000000000' \ + --http --http.addr=0.0.0.0 --http.port=8545 --http.api=eth,net,web3,txpool,bor --http.corsdomain="*" --http.vhosts="*" \ + --ws --ws.addr=0.0.0.0 --ws.port=8545 --ws.api=eth,net,web3,txpool,bor --ws.origins="*" +fi diff --git a/polygon/geth-mainnet.yml b/polygon/geth-mainnet.yml new file mode 100644 index 00000000..addb2298 --- /dev/null +++ b/polygon/geth-mainnet.yml @@ -0,0 +1,50 @@ +version: '3.1' + +services: + geth-mainnet: + image: ethereum/client-go:stable + expose: + # HTTP server / GraphQL API + - 8545 + ports: + - "30303:30303" + - "30303:30303/udp" + command: + [ + # Blockchain sync mode ("snap", "full" or "light") + "--syncmode=snap", + # Megabytes of memory allocated to internal caching + "--cache=8192", + # Enable the WS-RPC server + "--ws", + "--ws.addr=0.0.0.0", + # Enable the HTTP-RPC server + "--http", + "--http.addr=0.0.0.0", + "--http.vhosts=*", + # Enable GraphQL on the HTTP-RPC server. Note that GraphQL can only be started if an HTTP server is started as well. + "--graphql", + "--graphql.vhosts=*", + # Enable metrics collection and reporting + "--metrics", + # Ethereum mainnet + "--mainnet", + # Maximum number of network peers (network disabled if set to 0) (default: 50) + "--maxpeers=30" + ] + networks: + - chains + volumes: + - "geth-mainnet_data:/root/.ethereum" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.mainnet-stripprefix.stripprefix.prefixes=/mainnet" + - "traefik.http.services.mainnet.loadbalancer.server.port=8545" + - "traefik.http.routers.mainnet.entrypoints=websecure" + - "traefik.http.routers.mainnet.tls.certresolver=myresolver" + - "traefik.http.routers.mainnet.rule=Host(`$DOMAIN`) && PathPrefix(`/mainnet`)" + - "traefik.http.routers.mainnet.middlewares=mainnet-stripprefix, ipwhitelist" + +volumes: + geth-mainnet_data: \ No newline at end of file diff --git a/polygon/heimdall/Dockerfile b/polygon/heimdall/Dockerfile new file mode 100644 index 00000000..41faf7e3 --- /dev/null +++ b/polygon/heimdall/Dockerfile @@ -0,0 +1,28 @@ +# Build and Install Heimdall in a stock Go builder container +FROM golang:1.16-alpine + +# Install packages we need +RUN apk add --no-cache make gcc musl-dev linux-headers git + +# create go src directory and clone heimdall +RUN mkdir -p /root/heimdall + +# Grab UPSTREAM_VERSION from Build Args +ARG UPSTREAM_VERSION + +# Clone hemidall release into folder +RUN git clone --branch ${UPSTREAM_VERSION} https://github.com/maticnetwork/heimdall.git /root/heimdall + +# change work directory +WORKDIR /root/heimdall + +# GOBIN required for go install +ENV GOBIN $GOPATH/bin + +# Make and Install Heimdall +RUN make install + +# Set entrypoint +COPY ./scripts/entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod u+x /usr/local/bin/entrypoint.sh +ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] \ No newline at end of file diff --git a/polygon/heimdall/scripts/entrypoint.sh b/polygon/heimdall/scripts/entrypoint.sh new file mode 100755 index 00000000..56370e8b --- /dev/null +++ b/polygon/heimdall/scripts/entrypoint.sh @@ -0,0 +1,50 @@ +#!/bin/sh [1/1829] + +# exit script on any error +set -e + +# Set Heimdall Home Directory +HEIMDALLD_HOME=/root/.heimdalld + +if [ ! -f "$HEIMDALLD_HOME/config/config.toml" ]; +then + echo "setting up initial configurations" + heimdalld init + cd $HEIMDALLD_HOME/config + + echo "removing autogenerated genesis file" + rm genesis.json + + echo "downloading launch genesis file" + wget https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/without-sentry/heimdall/config/genesis.json + + echo "overwriting toml config lines" + # config.toml + # CORS + sed -i "s#^cors_allowed_origins.*#cors_allowed_origins = [\"*\"]#" config.toml + # SEEDS + sed -i "s#^seeds.*#seeds = \"${BOOTNODES:-"f4f605d60b8ffaaf15240564e58a81103510631c@159.203.9.164:26656,4fb1bc820088764a564d4f66bba1963d47d82329@44.232.55.71:26656"}\"#" config.toml + # heimdall-config.toml + # BOR + sed -i "s#^bor_rpc_url.*#bor_rpc_url = \"http://bor:8545\"#" heimdall-config.toml + # ETH1 + sed -i "s#^eth_rpc_url.*#eth_rpc_url = \"${ETH1_RPC_URL}\"#" heimdall-config.toml + # RABBITMQ + sed -i "s#^amqp_url.*#amqp_url = \"amqp://guest:guest@rabbitmq:5672\"#" heimdall-config.toml +fi + +if [ "${BOOTSTRAP}" == 1 ] && [ -n "${SNAPSHOT_URL}" ] && [ ! -f "$HEIMDALLD_HOME/bootstrapped" ]; +then + echo "downloading snapshot from ${SNAPSHOT_URL}" + mkdir -p ${HEIMDALLD_HOME}/data + wget -c "${SNAPSHOT_URL}" -O - | tar -xz -C ${HEIMDALLD_HOME}/data && touch ${HEIMDALLD_HOME}/bootstrapped +fi + +if [ -n "$REST_SERVER" ]; +then + EXEC="heimdalld rest-server --chain-id=137 --laddr=tcp://0.0.0.0:1317 --max-open=1000 --node=tcp://heimdalld:26657 --trust-node=true" +else + EXEC="heimdalld start --moniker=$MONIKER --fast_sync --p2p.laddr=tcp://0.0.0.0:26656 --p2p.upnp=false --pruning=syncable --rpc.laddr=tcp://0.0.0.0:26657 --with-tendermint=true" +fi + +exec ${EXEC} \ No newline at end of file diff --git a/rinkeby.yml b/rinkeby.yml new file mode 100644 index 00000000..e28913d4 --- /dev/null +++ b/rinkeby.yml @@ -0,0 +1,27 @@ +version: '3.1' + +services: + geth-rinkeby: + image: ethereum/client-go:latest + expose: + - "8545" + - "6060" + - "30303" + volumes: + - geth-rinkeby:/.rinkeby + networks: + - chains + command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.geth-rinkeby-stripprefix.stripprefix.prefixes=/rinkeby" + - "traefik.http.services.geth-rinkeby.loadbalancer.server.port=8545" + - "traefik.http.routers.geth-rinkeby.entrypoints=websecure" + - "traefik.http.routers.geth-rinkeby.tls.certresolver=myresolver" + - "traefik.http.routers.geth-rinkeby.rule=Host(`$DOMAIN`) && PathPrefix(`/rinkeby`)" + - "traefik.http.routers.geth-rinkeby.middlewares=geth-rinkeby-stripprefix, ipwhitelist" + +volumes: + geth-rinkeby: \ No newline at end of file diff --git a/ropsten.yml b/ropsten.yml new file mode 100644 index 00000000..81d2c052 --- /dev/null +++ b/ropsten.yml @@ -0,0 +1,27 @@ +version: '3.1' + +services: + geth-ropsten: + image: ethereum/client-go:latest + expose: + - "8545" + - "6060" + - "30303" + volumes: + - geth-ropsten:/.ropsten + networks: + - chains + command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3 --metrics.addr 0.0.0.0 --pprof.addr 0.0.0.0" + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.middlewares.geth-ropsten-stripprefix.stripprefix.prefixes=/ropsten" + - "traefik.http.services.geth-ropsten.loadbalancer.server.port=8545" + - "traefik.http.routers.geth-ropsten.entrypoints=websecure" + - "traefik.http.routers.geth-ropsten.tls.certresolver=myresolver" + - "traefik.http.routers.geth-ropsten.rule=Host(`$DOMAIN`) && PathPrefix(`/ropsten`)" + - "traefik.http.routers.geth-ropsten.middlewares=geth-ropsten-stripprefix, ipwhitelist" + +volumes: + geth-ropsten: \ No newline at end of file diff --git a/rpc-base.yml b/rpc-base.yml new file mode 100644 index 00000000..50d3e9fd --- /dev/null +++ b/rpc-base.yml @@ -0,0 +1,46 @@ +version: '3.1' + +services: + + traefik: + image: traefik:latest + container_name: traefik + restart: always + expose: + - "8082" + ports: + - "443:443" + - "127.0.0.1:8080:8080" + command: + - "--api=true" + - "--api.insecure=true" + - "--api.dashboard=true" + - "--log.level=DEBUG" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.websecure.address=:443" + - "--entryPoints.metrics.address=:8082" + - "--metrics.prometheus.entryPoint=metrics" + - "--certificatesresolvers.myresolver.acme.tlschallenge=true" + # TESTING + # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.myresolver.acme.email=$MAIL" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + volumes: + - "./traefik/letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + networks: + - chains + #labels: + # - "traefik.enable=true" + # - "prometheus-scrape.enabled=true" + # - "prometheus-scrape.port=8082" + # - "prometheus-scrape.job_name=traefik" + + +networks: + chains: + driver: bridge + ipam: + config: + - subnet: 192.168.0.1/27 \ No newline at end of file diff --git a/xdai.yml b/xdai.yml new file mode 100644 index 00000000..ad8cd0f0 --- /dev/null +++ b/xdai.yml @@ -0,0 +1,31 @@ +version: '3.1' + +services: + xdai: + image: nethermind/nethermind:latest + expose: + - "8545" + - "40444" + ports: + - "40444:40444" + - "40444:40444/udp" + volumes: + - xdai:/nethermind_db/xdai + - ./xdai/xdai.cfg:/xdai.cfg + - ./xdai/xdai.json:/xdai.json + networks: + - chains + command: "--config /xdai.cfg" + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.xdai-stripprefix.stripprefix.prefixes=/xdai" + - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" + - "traefik.http.services.xdai.loadbalancer.server.port=8545" + - "traefik.http.routers.xdai.entrypoints=websecure" + - "traefik.http.routers.xdai.tls.certresolver=myresolver" + - "traefik.http.routers.xdai.rule=Host(`$DOMAIN`) && PathPrefix(`/xdai`)" + - "traefik.http.routers.xdai.middlewares=xdai-stripprefix, ipwhitelist" + +volumes: + xdai: \ No newline at end of file