diff --git a/README.md b/README.md
index 8fc5925a..909bf624 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ Tested on Ubuntu 20.04.3 LTS
docker
docker-compose
DNS A-Record pointing to your server
-Paste wireguard wg0.conf from wireguard-server to wireguard/config/wg0.conf
+Wireguard-Server: Paste wireguard wg0.conf from wireguard-server to wireguard/config/wg0.conf
#### Usage
@@ -63,6 +63,7 @@ Check if there is a file here /traefic/letsencrypt/acme.json if yes, you have to
Otherwise traefik will not issue the certificate for an existing domain.
#### TODO !!!!
+alles uebr traefik aufen lassen?
mal alle geth clients mit erigon vergleichen
General Monitoring
diff --git a/docker-compose.yml b/docker-compose.yml
index c0facf16..aae9507a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,6 +2,7 @@ version: '3.1'
services:
+### TRAEFIK
# Basic Auth not working. Problems with parsing var from .env
# traefik:
# image: traefik:latest
@@ -11,7 +12,7 @@ services:
# - "443:443"
# - "127.0.0.1:8080:8080"
# networks:
-# - pocket
+# - $NET_POKT
# command:
# - "--api=true"
# - "--api.insecure=true"
@@ -32,6 +33,7 @@ services:
# - "traefik.enable=true"
# - 'traefik.http.middlewares.auth.basicauth.users=$AUTH_HTTP'
+### NODES
geth-goerli:
image: ethereum/client-go:latest
expose:
@@ -42,7 +44,7 @@ services:
- geth-goerli:/.goerli
command: "--goerli --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .goerli --verbosity 3"
networks:
- - pocket
+ - $NET_POKT
geth-rinkeby:
image: ethereum/client-go:latest
@@ -54,7 +56,7 @@ services:
- geth-rinkeby:/.rinkeby
command: "--rinkeby --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .rinkeby --verbosity 3"
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
geth-ropsten:
@@ -67,7 +69,7 @@ services:
- geth-ropsten:/.ropsten
command: "--ropsten --http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .ropsten --verbosity 3"
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
geth-mainnet:
@@ -80,7 +82,7 @@ services:
- geth-mainnet:/.mainnet
command: "--http --http.api eth,net --http.addr 0.0.0.0 --http.port 8545 --http.vhosts=* --syncmode full --datadir .mainnet --verbosity 3"
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
erigon-trace:
@@ -92,7 +94,7 @@ services:
- erigon-trace:/home/erigon/.local/share/erigon
command: erigon --chain mainnet --metrics --metrics.addr=0.0.0.0 --metrics.port=6060 --private.api.addr=0.0.0.0:9090 --pprof --pprof.addr=0.0.0.0 --pprof.port=6061
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
rpcdaemon:
@@ -106,6 +108,8 @@ services:
restart: unless-stopped
depends_on:
- "erigon-trace"
+ networks:
+ - $NET_POKT
avalanche:
image: avaplatform/avalanchego
@@ -117,7 +121,7 @@ services:
- avalanche:/root/.avalanche
command: "/avalanchego/build/avalanchego --http-host="
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
pocket-testnet:
@@ -137,7 +141,7 @@ services:
- ./chains/chains_testnet.json:/home/app/.pocket/config/chains.json
- pocket-testnet:/home/app/.pocket
networks:
- - pocket
+ - $NET_POKT
restart: unless-stopped
pocket-mainnet:
@@ -159,7 +163,7 @@ services:
- ./bootstrap_skript/pokt_mainnet.sh:/home/app/.pocket/pokt_mainnet.sh
- pocket-mainnet:/home/app/.pocket
networks:
- - pocket
+ - $NET_POKT
# labels:
# - "traefik.enable=true"
# - "traefik.http.services.myservice.loadbalancer.server.port=8081"
@@ -169,6 +173,9 @@ services:
# - "traefik.http.routers.pocket-mainnet.middlewares=auth"
restart: unless-stopped
+
+### WIREGUARD
+
wireguard:
image: lscr.io/linuxserver/wireguard
container_name: wireguard
@@ -179,15 +186,91 @@ services:
- PUID=$PUID
- PGID=$PGID
volumes:
- - .wireguard/config:/config
+ - ./wireguard/config/wg0.conf:/config/wg0.conf
- /lib/modules:/lib/modules
ports:
- $SERVERPORT:$SERVERPORT/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
+ networks:
+ - $NET_MONITOR
+### MONITORING
+ prometheus:
+ image: prom/prometheus:v2.30.3
+ container_name: prometheus
+ volumes:
+ - ./prometheus:/etc/prometheus
+ - prometheus_data:/prometheus
+ command:
+ - '--config.file=/etc/prometheus/prometheus.yml'
+ - '--storage.tsdb.path=/prometheus'
+ - '--web.console.libraries=/etc/prometheus/console_libraries'
+ - '--web.console.templates=/etc/prometheus/consoles'
+ - '--storage.tsdb.retention.time=200h'
+ - '--web.enable-lifecycle'
+ restart: unless-stopped
+ expose:
+ - 9090
+ networks:
+ - $NET_MONITOR
+ labels:
+ org.label-schema.group: "monitoring"
+
+ nodeexporter:
+ image: prom/node-exporter:v1.2.2
+ container_name: nodeexporter
+ volumes:
+ - /proc:/host/proc:ro
+ - /sys:/host/sys:ro
+ - /:/rootfs:ro
+ command:
+ - '--path.procfs=/host/proc'
+ - '--path.rootfs=/rootfs'
+ - '--path.sysfs=/host/sys'
+ - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
+ restart: unless-stopped
+ expose:
+ - 9100
+ networks:
+ - $NET_MONITOR
+ labels:
+ org.label-schema.group: "monitoring"
+
+ cadvisor:
+ image: gcr.io/cadvisor/cadvisor:v0.42.0
+ container_name: cadvisor
+ privileged: true
+ devices:
+ - /dev/kmsg:/dev/kmsg
+ volumes:
+ - /:/rootfs:ro
+ - /var/run:/var/run:ro
+ - /sys:/sys:ro
+ - /var/lib/docker:/var/lib/docker:ro
+ #- /cgroup:/cgroup:ro #doesn't work on MacOS only for Linux
+ restart: unless-stopped
+ expose:
+ - 8080
+ networks:
+ - $NET_MONITOR
+ labels:
+ org.label-schema.group: "monitoring"
+
+ pushgateway:
+ image: prom/pushgateway:v1.4.2
+ container_name: pushgateway
+ restart: unless-stopped
+ expose:
+ - 9091
+ networks:
+ - $NET_MONITOR
+ labels:
+ org.label-schema.group: "monitoring"
+
+### VOLUMES
volumes:
geth-goerli:
@@ -198,8 +281,12 @@ volumes:
avalanche:
pocket-testnet:
pocket-mainnet:
+ prometheus_data:
+
+### NETWORKS
networks:
- pocket:
+ $NET_MONITOR:
+ driver: bridge
+ $NET_POKT:
driver: bridge
-
diff --git a/prometheus/prometheus.yml b/prometheus/prometheus.yml
new file mode 100644
index 00000000..8717b3f1
--- /dev/null
+++ b/prometheus/prometheus.yml
@@ -0,0 +1,42 @@
+global:
+ scrape_interval: 15s
+ evaluation_interval: 15s
+
+ # Attach these labels to any time series or alerts when communicating with
+ # external systems (federation, remote storage, Alertmanager).
+ external_labels:
+ monitor: 'docker-host-alpha'
+
+# Load and evaluate rules in this file every 'evaluation_interval' seconds.
+rule_files:
+ - "alert.rules"
+
+# A scrape configuration containing exactly one endpoint to scrape.
+scrape_configs:
+ - job_name: 'nodeexporter'
+ scrape_interval: 5s
+ static_configs:
+ - targets: ['nodeexporter:9100']
+
+ - job_name: 'cadvisor'
+ scrape_interval: 5s
+ static_configs:
+ - targets: ['cadvisor:8080']
+
+ - job_name: 'prometheus'
+ scrape_interval: 10s
+ static_configs:
+ - targets: ['localhost:9090']
+
+ - job_name: 'pushgateway'
+ scrape_interval: 10s
+ honor_labels: true
+ static_configs:
+ - targets: ['pushgateway:9091']
+
+alerting:
+ alertmanagers:
+ - scheme: http
+ static_configs:
+ - targets:
+ - 'alertmanager:9093'
\ No newline at end of file