StakeSquid/ethereum-rpc-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add op-reth variants: unichain-mainnet, hashkey mainnet+testnet (Superchain op-geth->reth migration); add hashkey mainnet config (chainid 177, mainnet.hsk.xyz) which also fixes the previously-empty geth/erigon mainnet composes

Browse Source 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Claude Agent
2026-06-13 05:41:41 +00:00
parent 405f36d02f
commit cb556f9df8
7 changed files with 854 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
op/erigon/hashkeychain-mainnet-op-erigon-archive-trace.yml
View File

@@ -29,6 +29,22 @@ x-logging-defaults: &logging-defaults
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
hashkeychain-mainnet-op-erigon-init:
image: alpine:3.21
user: root
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache curl wget
mkdir -p /config
[ -f /config/genesis.json ] || curl -fsSL -o /config/genesis.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/genesis.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_CONFIG:-hashkeychain-mainnet-op-erigon-archive-trace_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-op-erigon:
image: ${HASHKEYCHAIN_ERIGON_IMAGE:-testinprod/op-erigon}:${HASHKEYCHAIN_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
@@ -57,15 +73,17 @@ services:
- 8545
- 6060
- 8551
entrypoint: [erigon]
entrypoint: /bin/sh -c '[ ! -d /root/.local/share/erigon/chaindata/mdbx.dat ] && erigon init --datadir /root/.local/share/erigon /config/genesis.json; exec erigon "$@"' --
command:
- --chain=hashkeychain-mainnet
- --bootnodes=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- --bootnodes=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --networkid=177
- --p2p.allowed-ports=31378
- --p2p.allowed-ports=36378
- --port=11378
@@ -84,9 +102,13 @@ services:
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
depends_on:
hashkeychain-mainnet-op-erigon-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_CONFIG:-hashkeychain-mainnet-op-erigon-archive-trace_config}:/config
- ${HASHKEYCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-hashkeychain-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
@@ -105,6 +127,21 @@ services:
- traefik.http.routers.hashkeychain-mainnet-op-erigon-archive-trace.middlewares=hashkeychain-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
hashkeychain-mainnet-op-erigon-node-init:
image: alpine:3.20
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache ca-certificates curl
mkdir -p /config
[ -f /config/rollup.json ] || curl -fsSL -o /config/rollup.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/rollup.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_NODE_CONFIG:-hashkeychain-mainnet-op-erigon-archive-trace_node_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-op-erigon-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.19.0}
ports:
@@ -124,11 +161,12 @@ services:
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_NETWORK=hashkeychain-mainnet
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=16378
- OP_NODE_P2P_LISTEN_UDP_PORT=16378
- OP_NODE_P2P_STATIC=/dns/mainnet-bootnodes.hsk.xyz/tcp/31329/p2p/16Uiu2HAm8itEpr6DRkQhezSWS8WsAGfiLhzv2Y6KK1k2KVGv5PJQ,/dns/mainnet-bootnodes.hsk.xyz/tcp/31330/p2p/16Uiu2HAm79eNjZYakcTmsyifeMQykwArEd6bUU6EQgf3XvCmCKSY,/dns/mainnet-bootnodes.hsk.xyz/tcp/31331/p2p/16Uiu2HAm9WzPWe3szua51vyrj3dZsez89R3fGwAfMexE5568mEyP
- OP_NODE_ROLLUP_CONFIG=/config/rollup.json
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
@@ -138,10 +176,14 @@ services:
entrypoint: [op-node]
restart: unless-stopped
depends_on:
- hashkeychain-mainnet-op-erigon
hashkeychain-mainnet-op-erigon-node-init:
condition: service_completed_successfully
hashkeychain-mainnet-op-erigon:
condition: service_started
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_NODE_CONFIG:-hashkeychain-mainnet-op-erigon-archive-trace_node_config}:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
@@ -159,6 +201,11 @@ services:
volumes:
hashkeychain-mainnet-op-erigon-archive-trace:
hashkeychain-mainnet-op-erigon-archive-trace_config:
hashkeychain-mainnet-op-erigon-archive-trace_node_config:
x-ephemeral-volumes:
- hashkeychain-mainnet-op-erigon-archive-trace_config
x-upstreams:
- id: $${ID}

55
op/geth/hashkeychain-mainnet-op-geth-archive-leveldb-hash.yml
View File

@@ -29,6 +29,22 @@ x-logging-defaults: &logging-defaults
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
hashkeychain-mainnet-archive-init:
image: alpine:3.21
user: root
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache curl wget
mkdir -p /config
[ -f /config/genesis.json ] || curl -fsSL -o /config/genesis.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/genesis.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_CONFIG:-hashkeychain-mainnet-op-geth-archive-leveldb-hash_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-archive:
image: ${HASHKEYCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${HASHKEYCHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
@@ -53,11 +69,12 @@ services:
- 6060
- 8551
environment:
- GETH_OP_NETWORK=hashkeychain-mainnet
- GETH_BOOTNODES=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.hsk.xyz
entrypoint: /bin/sh -c 'exec geth "$@"' --
entrypoint: /bin/sh -c '[ -f /config/genesis.json ] && geth --db.engine=leveldb --gcmode=archive --datadir /data init --state.scheme=hash /config/genesis.json; exec geth "$@"' --
command:
- --bootnodes=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
@@ -66,6 +83,7 @@ services:
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --networkid=177
- --port=14113
- --rpc.gascap=600000000
- --rpc.txfeecap=0
@@ -86,9 +104,13 @@ services:
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
depends_on:
hashkeychain-mainnet-archive-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_CONFIG:-hashkeychain-mainnet-op-geth-archive-leveldb-hash_config}:/config
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-hashkeychain-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
@@ -106,6 +128,21 @@ services:
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/hashkeychain-mainnet-archive`) || Path(`/hashkeychain-mainnet-archive/`)}
- traefik.http.routers.hashkeychain-mainnet-op-geth-archive-leveldb-hash.middlewares=hashkeychain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
hashkeychain-mainnet-archive-node-init:
image: alpine:3.20
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache ca-certificates curl
mkdir -p /config
[ -f /config/rollup.json ] || curl -fsSL -o /config/rollup.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/rollup.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_NODE_CONFIG:-hashkeychain-mainnet-op-geth-archive-leveldb-hash_node_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-archive-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.19.0}
ports:
@@ -124,11 +161,12 @@ services:
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_NETWORK=hashkeychain-mainnet
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=19113
- OP_NODE_P2P_LISTEN_UDP_PORT=19113
- OP_NODE_P2P_STATIC=/dns/mainnet-bootnodes.hsk.xyz/tcp/31329/p2p/16Uiu2HAm8itEpr6DRkQhezSWS8WsAGfiLhzv2Y6KK1k2KVGv5PJQ,/dns/mainnet-bootnodes.hsk.xyz/tcp/31330/p2p/16Uiu2HAm79eNjZYakcTmsyifeMQykwArEd6bUU6EQgf3XvCmCKSY,/dns/mainnet-bootnodes.hsk.xyz/tcp/31331/p2p/16Uiu2HAm9WzPWe3szua51vyrj3dZsez89R3fGwAfMexE5568mEyP
- OP_NODE_ROLLUP_CONFIG=/config/rollup.json
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
@@ -138,10 +176,14 @@ services:
entrypoint: [op-node]
restart: unless-stopped
depends_on:
- hashkeychain-mainnet-archive
hashkeychain-mainnet-archive-node-init:
condition: service_completed_successfully
hashkeychain-mainnet-archive:
condition: service_started
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_NODE_CONFIG:-hashkeychain-mainnet-op-geth-archive-leveldb-hash_node_config}:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
@@ -159,6 +201,11 @@ services:
volumes:
hashkeychain-mainnet-op-geth-archive-leveldb-hash:
hashkeychain-mainnet-op-geth-archive-leveldb-hash_config:
hashkeychain-mainnet-op-geth-archive-leveldb-hash_node_config:
x-ephemeral-volumes:
- hashkeychain-mainnet-op-geth-archive-leveldb-hash_config
x-upstreams:
- id: $${ID}

55
op/geth/hashkeychain-mainnet-op-geth-pruned-pebble-path.yml
View File

@@ -29,6 +29,22 @@ x-logging-defaults: &logging-defaults
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
hashkeychain-mainnet-init:
image: alpine:3.21
user: root
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache curl wget
mkdir -p /config
[ -f /config/genesis.json ] || curl -fsSL -o /config/genesis.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/genesis.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_CONFIG:-hashkeychain-mainnet-op-geth-pruned-pebble-path_config}:/config
logging: *logging-defaults
hashkeychain-mainnet:
image: ${HASHKEYCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${HASHKEYCHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
@@ -53,11 +69,12 @@ services:
- 6060
- 8551
environment:
- GETH_OP_NETWORK=hashkeychain-mainnet
- GETH_BOOTNODES=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.hsk.xyz
entrypoint: /bin/sh -c 'exec geth "$@"' --
entrypoint: /bin/sh -c '[ -f /config/genesis.json ] && geth --db.engine=pebble --gcmode=full --datadir /data init --state.scheme=path /config/genesis.json; exec geth "$@"' --
command:
- --bootnodes=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
@@ -66,6 +83,7 @@ services:
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --networkid=177
- --port=12188
- --rpc.gascap=600000000
- --rpc.txfeecap=0
@@ -86,9 +104,13 @@ services:
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
depends_on:
hashkeychain-mainnet-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_CONFIG:-hashkeychain-mainnet-op-geth-pruned-pebble-path_config}:/config
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-hashkeychain-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
@@ -106,6 +128,21 @@ services:
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.rule=Path(`/hashkeychain-mainnet`) || Path(`/hashkeychain-mainnet/`)}
- traefik.http.routers.hashkeychain-mainnet-op-geth-pruned-pebble-path.middlewares=hashkeychain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
hashkeychain-mainnet-node-init:
image: alpine:3.20
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache ca-certificates curl
mkdir -p /config
[ -f /config/rollup.json ] || curl -fsSL -o /config/rollup.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/rollup.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_NODE_CONFIG:-hashkeychain-mainnet-op-geth-pruned-pebble-path_node_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.19.0}
ports:
@@ -124,11 +161,12 @@ services:
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_NETWORK=hashkeychain-mainnet
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=17188
- OP_NODE_P2P_LISTEN_UDP_PORT=17188
- OP_NODE_P2P_STATIC=/dns/mainnet-bootnodes.hsk.xyz/tcp/31329/p2p/16Uiu2HAm8itEpr6DRkQhezSWS8WsAGfiLhzv2Y6KK1k2KVGv5PJQ,/dns/mainnet-bootnodes.hsk.xyz/tcp/31330/p2p/16Uiu2HAm79eNjZYakcTmsyifeMQykwArEd6bUU6EQgf3XvCmCKSY,/dns/mainnet-bootnodes.hsk.xyz/tcp/31331/p2p/16Uiu2HAm9WzPWe3szua51vyrj3dZsez89R3fGwAfMexE5568mEyP
- OP_NODE_ROLLUP_CONFIG=/config/rollup.json
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
@@ -138,10 +176,14 @@ services:
entrypoint: [op-node]
restart: unless-stopped
depends_on:
- hashkeychain-mainnet
hashkeychain-mainnet-node-init:
condition: service_completed_successfully
hashkeychain-mainnet:
condition: service_started
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_NODE_CONFIG:-hashkeychain-mainnet-op-geth-pruned-pebble-path_node_config}:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
@@ -159,6 +201,11 @@ services:
volumes:
hashkeychain-mainnet-op-geth-pruned-pebble-path:
hashkeychain-mainnet-op-geth-pruned-pebble-path_config:
hashkeychain-mainnet-op-geth-pruned-pebble-path_node_config:
x-ephemeral-volumes:
- hashkeychain-mainnet-op-geth-pruned-pebble-path_config
x-upstreams:
- id: $${ID}

234
op/reth/hashkeychain-mainnet-op-reth-pruned-trace.yml Normal file
View File

@@ -0,0 +1,234 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/hashkeychain-mainnet-op-reth-pruned-trace.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/hashkeychain-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
hashkeychain-mainnet-op-reth-pruned-init:
image: alpine:3.21
user: root
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache curl wget
mkdir -p /config
[ -f /config/genesis.json ] || curl -fsSL -o /config/genesis.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/genesis.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_RETH_PRUNED_TRACE_CONFIG:-hashkeychain-mainnet-op-reth-pruned-trace_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-op-reth-pruned:
image: ${HASHKEYCHAIN_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${HASHKEYCHAIN_MAINNET_RETH_VERSION:-v2.3.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 12151:12151
- 12151:12151/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --bootnodes=enode://5ecd6d2054a58fa00729b73396044a35e6aceeafe58373d2f26b3f50a3934175fb56f8efa538381430889771613beaabf1177805910bbd34e4b4840320914690@mainnet-bootnodes.hsk.xyz:30615,enode://bd244da2a066e15f82d4bfb7f2732c5b5bac44cefb36cefef01a4c0e87e72b42004d012c9a294b8402ebf67491777f280ffbcc93a71157921d6d358b19ddac67@mainnet-bootnodes.hsk.xyz:30616,enode://a5bba6459ac3a075a4a8941478a4ef8d167460191c89632004b17e4b2d7beea52cdc1a2d376f35e996ad44ccac8db25f900700aad6991d015bdc4db072832063@mainnet-bootnodes.hsk.xyz:30617
- --chain=/config/genesis.json
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${HASHKEYCHAIN_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=12151
- --rollup.sequencer-http=https://mainnet.hsk.xyz
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
depends_on:
hashkeychain-mainnet-op-reth-pruned-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_RETH_PRUNED_TRACE_CONFIG:-hashkeychain-mainnet-op-reth-pruned-trace_config}:/config
- ${HASHKEYCHAIN_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-hashkeychain-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet-op-reth-pruned
- traefik.http.services.hashkeychain-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/hashkeychain-mainnet-op-reth-pruned`) || Path(`/hashkeychain-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace.rule=Path(`/hashkeychain-mainnet-op-reth-pruned`) || Path(`/hashkeychain-mainnet-op-reth-pruned/`)}
- traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace.middlewares=hashkeychain-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
hashkeychain-mainnet-op-reth-pruned-node-init:
image: alpine:3.20
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache ca-certificates curl
mkdir -p /config
[ -f /config/rollup.json ] || curl -fsSL -o /config/rollup.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/mainnet/rollup.json"
restart: no
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_RETH_PRUNED_TRACE_NODE_CONFIG:-hashkeychain-mainnet-op-reth-pruned-trace_node_config}:/config
logging: *logging-defaults
hashkeychain-mainnet-op-reth-pruned-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${HASHKEYCHAIN_MAINNET_NODE_VERSION:-v1.19.0}
ports:
- 17151:17151
- 17151:17151/udp
environment:
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_L2_ENGINE_KIND=reth
- OP_NODE_L2_ENGINE_RPC=http://hashkeychain-mainnet-op-reth-pruned:8551
- OP_NODE_L2_SKIP_SYNC_START_CHECK=true
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=17151
- OP_NODE_P2P_LISTEN_UDP_PORT=17151
- OP_NODE_P2P_STATIC=/dns/mainnet-bootnodes.hsk.xyz/tcp/31329/p2p/16Uiu2HAm8itEpr6DRkQhezSWS8WsAGfiLhzv2Y6KK1k2KVGv5PJQ,/dns/mainnet-bootnodes.hsk.xyz/tcp/31330/p2p/16Uiu2HAm79eNjZYakcTmsyifeMQykwArEd6bUU6EQgf3XvCmCKSY,/dns/mainnet-bootnodes.hsk.xyz/tcp/31331/p2p/16Uiu2HAm9WzPWe3szua51vyrj3dZsez89R3fGwAfMexE5568mEyP
- OP_NODE_ROLLUP_CONFIG=/config/rollup.json
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
restart: unless-stopped
depends_on:
hashkeychain-mainnet-op-reth-pruned-node-init:
condition: service_completed_successfully
hashkeychain-mainnet-op-reth-pruned:
condition: service_started
networks:
- chains
volumes:
- ${HASHKEYCHAIN_MAINNET_OP_RETH_PRUNED_TRACE_NODE_CONFIG:-hashkeychain-mainnet-op-reth-pruned-trace_node_config}:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/hashkeychain-mainnet-op-reth-pruned/node
- traefik.http.services.hashkeychain-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=8547
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/hashkeychain-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.hashkeychain-mainnet-op-reth-pruned-trace-node.middlewares=hashkeychain-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
hashkeychain-mainnet-op-reth-pruned-trace:
hashkeychain-mainnet-op-reth-pruned-trace_config:
hashkeychain-mainnet-op-reth-pruned-trace_node_config:
x-ephemeral-volumes:
- hashkeychain-mainnet-op-reth-pruned-trace_config
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: hashkey
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

231
op/reth/hashkeychain-testnet-op-reth-pruned-trace.yml Normal file
View File

@@ -0,0 +1,231 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/hashkeychain-testnet-op-reth-pruned-trace.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/hashkeychain-testnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
hashkeychain-testnet-op-reth-pruned-init:
image: alpine:3.21
user: root
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache curl wget
mkdir -p /config
[ -f /config/genesis.json ] || curl -fsSL -o /config/genesis.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/testnet/genesis.json"
restart: no
networks:
- chains
volumes:
- ./op/hashkeychain/testnet:/config
logging: *logging-defaults
hashkeychain-testnet-op-reth-pruned:
image: ${HASHKEYCHAIN_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${HASHKEYCHAIN_TESTNET_RETH_VERSION:-v2.3.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11964:11964
- 11964:11964/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --bootnodes=enode://0492e74fb10579a3c53a327ee42dc70db35e7e0aebd73793a806afccb86b30acecb8fe9d024e06bb3fd154c678926d884df3ae696c71adcbf1339a5762e19c4d@testnet-bootnodes.hsk.xyz:30303,enode://dba82c6b384844a00a54ecdfcb34c209ea714072558db80512d4c65e760846d054cf3f58a826cba33b6b410498559b7e41b147dfa487f8cba3d25d2b5bb9e7bc@testnet-bootnodes.hsk.xyz:30304
- --chain=/config/genesis.json
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${HASHKEYCHAIN_TESTNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=11964
- --rollup.sequencer-http=https://testnet.hsk.xyz
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
depends_on:
hashkeychain-testnet-op-reth-pruned-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${HASHKEYCHAIN_TESTNET_OP_RETH_PRUNED_TRACE_DATA:-hashkeychain-testnet-op-reth-pruned-trace}:/root/.local/share/reth
- ./op/hashkeychain/testnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-testnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/hashkeychain-testnet-op-reth-pruned
- traefik.http.services.hashkeychain-testnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/hashkeychain-testnet-op-reth-pruned`) || Path(`/hashkeychain-testnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace.rule=Path(`/hashkeychain-testnet-op-reth-pruned`) || Path(`/hashkeychain-testnet-op-reth-pruned/`)}
- traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace.middlewares=hashkeychain-testnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
hashkeychain-testnet-op-reth-pruned-node-init:
image: alpine:3.20
entrypoint: [/bin/sh, -c]
command:
- |
apk add --no-cache ca-certificates curl
mkdir -p /config
[ -f /config/rollup.json ] || curl -fsSL -o /config/rollup.json "https://hashkeychain.s3.ap-southeast-1.amazonaws.com/testnet/rollup.json"
restart: no
networks:
- chains
volumes:
- ./op/hashkeychain/testnet:/config
logging: *logging-defaults
hashkeychain-testnet-op-reth-pruned-node:
image: ${HASHKEYCHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${HASHKEYCHAIN_TESTNET_NODE_VERSION:-v1.19.0}
ports:
- 16964:16964
- 16964:16964/udp
environment:
- OP_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_SEPOLIA_BEACON_ARCHIVER}
- OP_NODE_L1_ETH_RPC=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_SEPOLIA_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_L2_ENGINE_KIND=reth
- OP_NODE_L2_ENGINE_RPC=http://hashkeychain-testnet-op-reth-pruned:8551
- OP_NODE_L2_SKIP_SYNC_START_CHECK=true
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_OVERRIDE_PECTRABLOBSCHEDULE=1742486400
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=16964
- OP_NODE_P2P_LISTEN_UDP_PORT=16964
- OP_NODE_P2P_STATIC=/dns/testnet-bootnodes.hsk.xyz/tcp/9003/p2p/16Uiu2HAmK91SZeGrr7Tv7hKBJsNcbVjzNtZBKmGzq5hLo5AtSoHa,/dns/testnet-bootnodes.hsk.xyz/tcp/9004/p2p/16Uiu2HAmTJHvcpkC8miMRhHr9ionQtEVMbCGshmU2nv4ir5ZA68j
- OP_NODE_ROLLUP_CONFIG=/config/rollup.json
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
restart: unless-stopped
depends_on:
hashkeychain-testnet-op-reth-pruned-node-init:
condition: service_completed_successfully
hashkeychain-testnet-op-reth-pruned:
condition: service_started
networks:
- chains
volumes:
- ./op/hashkeychain/testnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.hashkeychain-testnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/hashkeychain-testnet-op-reth-pruned/node
- traefik.http.services.hashkeychain-testnet-op-reth-pruned-trace-node.loadbalancer.server.port=8547
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/hashkeychain-testnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace-node.rule=PathPrefix(`/hashkeychain-testnet-op-reth-pruned/node`)}
- traefik.http.routers.hashkeychain-testnet-op-reth-pruned-trace-node.middlewares=hashkeychain-testnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
hashkeychain-testnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: hashkey-testnet
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

188
op/reth/unichain-mainnet-op-reth-pruned-trace.yml Normal file
View File

@@ -0,0 +1,188 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/unichain-mainnet-op-reth-pruned-trace.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet-op-reth-pruned:
image: ${UNICHAIN_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${UNICHAIN_MAINNET_RETH_VERSION:-v2.3.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 13073:13073
- 13073:13073/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=unichain
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${UNICHAIN_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=13073
- --rollup.sequencer-http=https://mainnet.unichain.org
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-unichain-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-reth-pruned
- traefik.http.services.unichain-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet-op-reth-pruned`) || Path(`/unichain-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.rule=Path(`/unichain-mainnet-op-reth-pruned`) || Path(`/unichain-mainnet-op-reth-pruned/`)}
- traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.middlewares=unichain-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
unichain-mainnet-op-reth-pruned-node:
image: ${UNICHAIN_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${UNICHAIN_MAINNET_NODE_VERSION:-v1.19.0}
ports:
- 18073:18073
- 18073:18073/udp
environment:
- OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER}
- OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC}
- OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic}
- OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- OP_NODE_L2_ENGINE_AUTH=/jwtsecret
- OP_NODE_L2_ENGINE_KIND=reth
- OP_NODE_L2_ENGINE_RPC=http://unichain-mainnet-op-reth-pruned:8551
- OP_NODE_L2_SKIP_SYNC_START_CHECK=true
- OP_NODE_LOG_LEVEL=info
- OP_NODE_METRICS_ADDR=0.0.0.0
- OP_NODE_METRICS_ENABLED=true
- OP_NODE_METRICS_PORT=7300
- OP_NODE_NETWORK=unichain-mainnet
- OP_NODE_P2P_ADVERTISE_IP=${IP}
- OP_NODE_P2P_LISTEN_IP=0.0.0.0
- OP_NODE_P2P_LISTEN_TCP_PORT=18073
- OP_NODE_P2P_LISTEN_UDP_PORT=18073
- OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true
- OP_NODE_RPC_ADDR=0.0.0.0
- OP_NODE_RPC_PORT=8545
- OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log
- OP_NODE_SYNCMODE=execution-layer
- OP_NODE_VERIFIER_L1_CONFS=0
entrypoint: [op-node]
restart: unless-stopped
depends_on:
- unichain-mainnet-op-reth-pruned
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-reth-pruned/node
- traefik.http.services.unichain-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=8547
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/unichain-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.middlewares=unichain-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...