diff --git a/docker-compose.yml b/docker-compose-rpc.yml similarity index 100% rename from docker-compose.yml rename to docker-compose-rpc.yml diff --git a/docker-compose.nodes.yml b/docker-compose.nodes.yml deleted file mode 100644 index cf8a669c..00000000 --- a/docker-compose.nodes.yml +++ /dev/null @@ -1,92 +0,0 @@ -version: '3.1' - -services: - -### NODES - geth-goerli: - image: ethereum/client-go:latest - expose: - - "8545" - - "8546" - - "30303" - volumes: - - geth-goerli:/.goerli - command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3" - - - geth-rinkeby: - image: ethereum/client-go:latest - expose: - - "8545" - - "8546" - - "30303" - volumes: - - geth-rinkeby:/.rinkeby - command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3" - restart: unless-stopped - - geth-ropsten: - image: ethereum/client-go:latest - expose: - - "8545" - - "8546" - - "30303" - volumes: - - geth-ropsten:/.ropsten - command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3" - restart: unless-stopped - - geth-mainnet: - image: ethereum/client-go:latest - expose: - - "8545" - - "8546" - - "30303" - volumes: - - geth-mainnet:/.mainnet - command: "--http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .mainnet --verbosity 3" - restart: unless-stopped - - erigon-trace: - image: thorax/erigon - expose: - - "30303" - - "30304" - volumes: - - erigon-trace:/home/erigon/.local/share/erigon - command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061 - restart: unless-stopped - - rpcdaemon: - image: thorax/erigon:latest - command: rpcdaemon --datadir=/home/erigon/.local/share/erigon --private.api.addr=erigon:9090 --txpool.api.addr=erigon:9090 --http.addr=0.0.0.0 --http.vhosts=* --http.corsdomain=* --http.api=eth,debug,net,trace --ws - pid: service:erigon-trace # Use erigon's PID namespace. It's required to open Erigon's DB from another process (RPCDaemon local-mode) - volumes: - - erigon-trace:/home/erigon/.local/share/erigon - expose: - - "8545" - restart: unless-stopped - depends_on: - - "erigon-trace" - - avalanche: - image: avaplatform/avalanchego - expose: - - "8545" - - "8546" - - "30303" - volumes: - - avalanche:/root/.avalanche - command: "/avalanchego/build/avalanchego --http-host=" - restart: unless-stopped - - -### VOLUMES - -volumes: - geth-goerli: - geth-rinkeby: - geth-ropsten: - geth-mainnet: - erigon-trace: - avalanche: diff --git a/docker-compose.pokt-mainnet.yml b/docker-compose.pokt-mainnet.yml index cb2446e7..6a1366a9 100644 --- a/docker-compose.pokt-mainnet.yml +++ b/docker-compose.pokt-mainnet.yml @@ -2,6 +2,96 @@ version: '3.1' services: + +### WIREGUARD + wireguard: + image: lscr.io/linuxserver/wireguard + container_name: wireguard + cap_add: + - NET_ADMIN + - SYS_MODULE + environment: + - PUID=$PUID + - PGID=$PGID + volumes: + - ./wireguard/config/wg0.conf:/config/wg0.conf + - /lib/modules:/lib/modules + # Expose prometheus port + expose: + - 9090 + ports: + - $SERVERPORT:$SERVERPORT/udp + sysctls: + - net.ipv4.conf.all.src_valid_mark=1 + restart: unless-stopped + +### MONITORING + prometheus: + image: prom/prometheus:v2.30.3 + container_name: prometheus + volumes: + - ./prometheus:/etc/prometheus + - prometheus_data:/prometheus + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--web.console.libraries=/etc/prometheus/console_libraries' + - '--web.console.templates=/etc/prometheus/consoles' + - '--storage.tsdb.retention.time=200h' + - '--web.enable-lifecycle' + restart: unless-stopped + network_mode: "service:wireguard" + labels: + org.label-schema.group: "monitoring" + depends_on: + - wireguard + + nodeexporter: + image: prom/node-exporter:v1.2.2 + container_name: nodeexporter + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /:/rootfs:ro + command: + - '--path.procfs=/host/proc' + - '--path.rootfs=/rootfs' + - '--path.sysfs=/host/sys' + - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' + restart: unless-stopped + expose: + - 9100 + labels: + org.label-schema.group: "monitoring" + + cadvisor: + image: gcr.io/cadvisor/cadvisor:v0.42.0 + container_name: cadvisor + privileged: true + devices: + - /dev/kmsg:/dev/kmsg + volumes: + - /:/rootfs:ro + - /var/run:/var/run:ro + - /sys:/sys:ro + - /var/lib/docker:/var/lib/docker:ro + #- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux + restart: unless-stopped + expose: + - 8080 + labels: + org.label-schema.group: "monitoring" + + pushgateway: + image: prom/pushgateway:v1.4.2 + container_name: pushgateway + restart: unless-stopped + expose: + - 9091 + labels: + org.label-schema.group: "monitoring" + +### POKT pocket-mainnet: image: poktnetwork/pocket-core:stagenet-latest ports: @@ -28,10 +118,8 @@ services: - "traefik.http.routers.pocket-mainnet.tls.certresolver=myresolver" restart: unless-stopped - ### VOLUMES - volumes: pocket-mainnet: - + prometheus_data: diff --git a/docker-compose.pokt-testnet.yml b/docker-compose.pokt-testnet.yml index 8c022dcc..4578a107 100644 --- a/docker-compose.pokt-testnet.yml +++ b/docker-compose.pokt-testnet.yml @@ -28,6 +28,94 @@ services: - "traefik.enable=true" - "traefik.http.middlewares.ipwhitelist.ipwhitelist.sourcerange=$WHITELIST" +### WIREGUARD + wireguard: + image: lscr.io/linuxserver/wireguard + container_name: wireguard + cap_add: + - NET_ADMIN + - SYS_MODULE + environment: + - PUID=$PUID + - PGID=$PGID + volumes: + - ./wireguard/config/wg0.conf:/config/wg0.conf + - /lib/modules:/lib/modules + # Expose prometheus port + expose: + - 9090 + ports: + - $SERVERPORT:$SERVERPORT/udp + sysctls: + - net.ipv4.conf.all.src_valid_mark=1 + restart: unless-stopped + +### MONITORING + prometheus: + image: prom/prometheus:v2.30.3 + container_name: prometheus + volumes: + - ./prometheus:/etc/prometheus + - prometheus_data:/prometheus + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--web.console.libraries=/etc/prometheus/console_libraries' + - '--web.console.templates=/etc/prometheus/consoles' + - '--storage.tsdb.retention.time=200h' + - '--web.enable-lifecycle' + restart: unless-stopped + network_mode: "service:wireguard" + labels: + org.label-schema.group: "monitoring" + depends_on: + - wireguard + + nodeexporter: + image: prom/node-exporter:v1.2.2 + container_name: nodeexporter + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /:/rootfs:ro + command: + - '--path.procfs=/host/proc' + - '--path.rootfs=/rootfs' + - '--path.sysfs=/host/sys' + - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)' + restart: unless-stopped + expose: + - 9100 + labels: + org.label-schema.group: "monitoring" + + cadvisor: + image: gcr.io/cadvisor/cadvisor:v0.42.0 + container_name: cadvisor + privileged: true + devices: + - /dev/kmsg:/dev/kmsg + volumes: + - /:/rootfs:ro + - /var/run:/var/run:ro + - /sys:/sys:ro + - /var/lib/docker:/var/lib/docker:ro + #- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux + restart: unless-stopped + expose: + - 8080 + labels: + org.label-schema.group: "monitoring" + + pushgateway: + image: prom/pushgateway:v1.4.2 + container_name: pushgateway + restart: unless-stopped + expose: + - 9091 + labels: + org.label-schema.group: "monitoring" + pocket-testnet: image: poktnetwork/pocket-core:stagenet-latest ports: @@ -36,7 +124,6 @@ services: expose: - 26656 - 8081 - - 443 command: pocket start --seeds=$POCKET_TEST_SEEDS --testnet #command: pocket start --simulateRelay environment: @@ -54,7 +141,8 @@ services: - "traefik.http.routers.pocket-testnet.rule=Host(`$TEST_DOMAIN`) && PathPrefix(`/pokttest`)" - "traefik.http.routers.pocket-testnet.middlewares=ipwhitelist" +### VOLUMES volumes: pocket-testnet: - + prometheus_data: diff --git a/docker-compose.proxy.yml b/docker-compose.proxy.yml deleted file mode 100644 index 7df9766f..00000000 --- a/docker-compose.proxy.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: '3.1' - -services: - - haproxy: - image: haproxytech/haproxy-alpine:latest - ports: - - "80:80" - expose: - - 80 - environment: - - AUTH_HTTP=$AUTH_HTTP - - MAINNODE=$MAIN_NODE - volumes: - - ./haproxy/:/usr/local/etc/haproxy:ro - restart: unless-stopped - - diff --git a/docker-compose.traefik.yml b/docker-compose.traefik.yml deleted file mode 100644 index 22e2657c..00000000 --- a/docker-compose.traefik.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: '3.1' - -services: - traefik: - image: traefik:latest - container_name: traefik - restart: always - ports: - - "443:443" - - "127.0.0.1:8080:8080" - command: - - "--api=true" - - "--api.insecure=true" - - "--api.dashboard=true" - - "--log.level=DEBUG" - - "--providers.docker=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.websecure.address=:443" - - "--certificatesresolvers.myresolver.acme.tlschallenge=true" - # TESTING - # - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" - - "--certificatesresolvers.myresolver.acme.email=$MAIL" - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" - volumes: - - "./traefik/letsencrypt:/letsencrypt" - - "/var/run/docker.sock:/var/run/docker.sock:ro" - labels: - - "traefik.enable=true" - - "traefik.http.middlewares.test-ipwhitelist.ipwhitelist.sourcerange=$WHITELIST"