StakeSquid/ethereum-rpc-docker
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

Merge pull request #1 from cventastic/split

Browse Source 
Split
This commit is contained in:
cventastic
2021-12-27 09:52:17 +00:00
committed by GitHub
parent 14281ced30 276ae8255f
commit 8022717fd2
13 changed files with 603 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
docker-compose.base.yml Normal file
View File

@@ -0,0 +1,100 @@
version: '3.1'
services:
### WIREGUARD
wireguard:
image: lscr.io/linuxserver/wireguard
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=$PUID
- PGID=$PGID
volumes:
- ./wireguard/config/wg0.conf:/config/wg0.conf
- /lib/modules:/lib/modules
# Expose prometheus port
expose:
- 9090
ports:
- $SERVERPORT:$SERVERPORT/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
### MONITORING
prometheus:
image: prom/prometheus:v2.30.3
container_name: prometheus
volumes:
- ./prometheus:/etc/prometheus
- prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention.time=200h'
- '--web.enable-lifecycle'
restart: unless-stopped
network_mode: "service:wireguard"
labels:
org.label-schema.group: "monitoring"
depends_on:
- wireguard
nodeexporter:
image: prom/node-exporter:v1.2.2
container_name: nodeexporter
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
command:
- '--path.procfs=/host/proc'
- '--path.rootfs=/rootfs'
- '--path.sysfs=/host/sys'
- '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
restart: unless-stopped
expose:
- 9100
labels:
org.label-schema.group: "monitoring"
cadvisor:
image: gcr.io/cadvisor/cadvisor:v0.42.0
container_name: cadvisor
privileged: true
devices:
- /dev/kmsg:/dev/kmsg
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker:/var/lib/docker:ro
#- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux
restart: unless-stopped
expose:
- 8080
labels:
org.label-schema.group: "monitoring"
pushgateway:
image: prom/pushgateway:v1.4.2
container_name: pushgateway
restart: unless-stopped
expose:
- 9091
labels:
org.label-schema.group: "monitoring"
### VOLUMES
volumes:
prometheus_data:

105
docker-compose.nodes.yml Normal file
View File

@@ -0,0 +1,105 @@
version: '3.1'
services:
### NODES
geth-goerli:
image: ethereum/client-go:latest
expose:
- "8545"
- "8546"
- "30303"
volumes:
- geth-goerli:/.goerli
command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3"
networks:
- $NET_POKT
geth-rinkeby:
image: ethereum/client-go:latest
expose:
- "8545"
- "8546"
- "30303"
volumes:
- geth-rinkeby:/.rinkeby
command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3"
networks:
- $NET_POKT
restart: unless-stopped
geth-ropsten:
image: ethereum/client-go:latest
expose:
- "8545"
- "8546"
- "30303"
volumes:
- geth-ropsten:/.ropsten
command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3"
networks:
- $NET_POKT
restart: unless-stopped
geth-mainnet:
image: ethereum/client-go:latest
expose:
- "8545"
- "8546"
- "30303"
volumes:
- geth-mainnet:/.mainnet
command: "--http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .mainnet --verbosity 3"
networks:
- $NET_POKT
restart: unless-stopped
erigon-trace:
image: thorax/erigon
expose:
- "30303"
- "30304"
volumes:
- erigon-trace:/home/erigon/.local/share/erigon
command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061
networks:
- $NET_POKT
restart: unless-stopped
rpcdaemon:
image: thorax/erigon:latest
command: rpcdaemon --datadir=/home/erigon/.local/share/erigon --private.api.addr=erigon:9090 --txpool.api.addr=erigon:9090 --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.api=eth,debug,net,trace --ws
pid: service:erigon-trace # Use erigon's PID namespace. It's required to open Erigon's DB from another process (RPCDaemon local-mode)
volumes:
- erigon-trace:/home/erigon/.local/share/erigon
expose:
- "8545"
restart: unless-stopped
depends_on:
- "erigon-trace"
networks:
- $NET_POKT
avalanche:
image: avaplatform/avalanchego
expose:
- "8545"
- "8546"
- "30303"
volumes:
- avalanche:/root/.avalanche
command: "/avalanchego/build/avalanchego --http-host="
networks:
- $NET_POKT
restart: unless-stopped
### VOLUMES
volumes:
geth-goerli:
geth-rinkeby:
geth-ropsten:
geth-mainnet:
erigon-trace:
avalanche:

38
docker-compose.pokt-mainnet.yml Normal file
View File

@@ -0,0 +1,38 @@
version: '3.1'
services:
pocket-mainnet:
image: poktnetwork/pocket-core:stagenet-latest
ports:
- "127.0.0.1:8081:8081"
- "127.0.0.1:26656:26656"
expose:
- 26656
- 8081
command: /home/app/.pocket/pokt_mainnet.sh && pocket start --seeds=$POCKET_MAIN_SEEDS --mainnet
#command: pocket start --simulateRelay
environment:
- POCKET_CORE_KEY=$POCKET_CORE_KEY
- POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE
- POCKET_SNAPSHOT=$POCKET_SNAPSHOT
volumes:
- ./chains/chains_mainnet.json:/home/app/.pocket/config/chains.json
- ./bootstrap_skript/pokt_mainnet.sh:/home/app/.pocket/pokt_mainnet.sh
- pocket-mainnet:/home/app/.pocket
labels:
- "traefik.enable=true"
- "traefik.http.services.myservice.loadbalancer.server.port=8081"
- "traefik.http.routers.pocket-mainnet.rule=Host(`$DOMAIN`)"
- "traefik.http.routers.pocket-mainnet.entrypoints=websecure"
- "traefik.http.routers.pocket-mainnet.tls.certresolver=myresolver"
- "traefik.http.routers.pocket-mainnet.middlewares=auth"
restart: unless-stopped
### VOLUMES
volumes:
pocket-mainnet:

28
docker-compose.pokt-testnet.yml Normal file
View File

@@ -0,0 +1,28 @@
version: '3.1'
services:
pocket-testnet:
image: poktnetwork/pocket-core:stagenet-latest
ports:
- "127.0.0.1:8082:8081"
- "127.0.0.1:26657:26656"
expose:
- 26656
- 8081
command: pocket start --seeds=$POCKET_TEST_SEEDS --testnet
#command: pocket start --simulateRelay
environment:
- POCKET_CORE_KEY=$POCKET_CORE_KEY_TEST
- POCKET_CORE_PASSPHRASE=$POCKET_CORE_PASSPHRASE_TEST
volumes:
- ./chains/chains_testnet.json:/home/app/.pocket/config/chains.json
- pocket-testnet:/home/app/.pocket
restart: unless-stopped
### VOLUMES
volumes:
pocket-testnet:

18
docker-compose.proxy.yml Normal file
View File

@@ -0,0 +1,18 @@
version: '3.1'
services:
haproxy:
image: haproxytech/haproxy-alpine:latest
ports:
- "80:80"
expose:
- 80
environment:
- AUTH_HTTP=$AUTH_HTTP
- MAINNODE=$MAIN_NODE
volumes:
- ./haproxy/:/usr/local/etc/haproxy:ro
restart: unless-stopped

33
docker-compose.traefik.yml Normal file
View File

@@ -0,0 +1,33 @@
version: '3.1'
services:
### TRAEFIK
# Basic Auth not working. Problems with parsing var from .env
traefik:
image: traefik:latest
container_name: traefik
restart: always
ports:
- "443:443"
- "127.0.0.1:8080:8080"
command:
- "--api=true"
- "--api.insecure=true"
- "--api.dashboard=true"
- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
# TESTING
# - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=$MAIL"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
volumes:
- "./traefik/letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.auth.basicauth.users=$AUTH_HTTP"

25
haproxy/avalanche-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/avalanche 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/avalanche 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0

25
haproxy/erigon-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/erigon 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/erigon 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0

25
haproxy/geth-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/geth 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/geth 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0

25
haproxy/goerli-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/goerli 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/goerli 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0

131
haproxy/haproxy.cfg Normal file
View File

@@ -0,0 +1,131 @@
global
nbproc 1
nbthread 2
cpu-map auto:1/1-2 0-1
log /dev/log local0
log /dev/log local1 notice
#chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
external-check
defaults
mode http
log global
option httplog
option http-keep-alive
option dontlognull
option redispatch
option contstats
retries 3
backlog 10000
timeout client 50s
timeout connect 5s
timeout server 50s
timeout tunnel 3600s
timeout http-keep-alive 2s
timeout http-request 15s
timeout queue 30s
timeout tarpit 60s
default-server inter 3s rise 2 fall 3
option forwardfor
listen stats
bind *:9600
stats enable
stats uri /stats
stats realm Haproxy\ Statistics
stats auth pocket:P@ssw0rd00!
frontend rpc-frontend
bind *:80
acl host_is_erigon path_beg /erigon
acl host_is_goerli path_beg /goerli
acl host_is_avalanche path_beg /avalanche
acl host_is_ropsten path_beg /ropsten
acl host_is_geth path_beg /geth
acl host_is_rinkeby path_beg /rinkeby
use_backend erigon if host_is_erigon
use_backend goerli if host_is_goerli
use_backend avalanche if host_is_avalanche
use_backend ropsten if host_is_ropsten
use_backend geth if host_is_geth
use_backend rinkeby if host_is_rinkeby
default_backend backend-no-match
backend backend-no-match
http-request deny deny_status 400
backend erigon
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/erigon-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000
backend goerli
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/goerli-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000
backend rinkeby
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/rinkeby-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000
backend ropsten
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/ropsten-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000
backend avalanche
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/avalanche-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000
backend geth
mode http
balance roundrobin
option external-check
external-check path "/usr/bin:/bin"
external-check command /usr/local/etc/geth-healthcheck.sh
server %[env(MAINNODE)] %[env(MAINNODE)]:80 check inter 10000 fall 3 rise 2 maxconn 2000

25
haproxy/rinkeby-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/rinkeby 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/rinkeby 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0

25
haproxy/ropsten-healthcheck.sh Normal file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
# $1 = Virtual Service IP (VIP)
# $2 = Virtual Service Port (VPT)
# $3 = Real Server IP (RIP)
# $4 = Real Server Port (RPT)
# $5 = Check Source IP
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
VIP=$1
VPT=$2
RIP=$3
RPT=$4
# RPT=8545
# Run curl with appropriate options
curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"eth_syncing","params": [],"id":1}' http://$RIP:$RPT/ropsten 2>/dev/null | jq '.result' -r | grep -q false
exit1=$?
peers=$(curl -s -X POST -u ${AUTH_HTTP} -H "Content-Type: application/json" -m 2 -d '{"jsonrpc":"2.0","method":"net_peerCount","params": [],"id":1}' http://$RIP:$RPT/ropsten 2>/dev/null | jq '.result' -r)
# If any of the above tests failed, then exit 1.
if [[ "$exit1" -ne 0 ]]; then exit 1; fi
if [[ `printf "%d" $peers` == "0" || `printf "%d" $peers` == "1" ]]; then exit 1; fi
exit 0