diff --git a/op/geth/mode-mainnet-op-geth-pruned-pebble-hash.yml b/op/geth/mode-mainnet-op-geth-pruned-pebble-hash.yml new file mode 100644 index 00000000..61e5506f --- /dev/null +++ b/op/geth/mode-mainnet-op-geth-pruned-pebble-hash.yml @@ -0,0 +1,141 @@ +--- + +services: + mode-mainnet: + image: ${MODE_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${MODE_MAINNET_GETH_VERSION:-v1.101503.3} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 12054:12054 + - 12054:12054/udp + expose: + - 8545 + - 8551 + environment: + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.mode.network + entrypoint: /bin/sh -c '[ ! -d /data/geth ] && geth init /config/genesis.json; exec geth "$@"' -- + command: + - --datadir=/data + - --db.engine=pebble + - --gcmode=full + - --maxpeers=50 + - --nat=extip:${IP} + - --networkid=34443 + - --port=12054 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=hash + - --syncmode=snap + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${MODE_MAINNET_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-mode-mainnet-op-geth-pruned-pebble-hash}:/data + - ./op/mode/mainnet:/config + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + labels: + - traefik.enable=true + - traefik.http.middlewares.mode-mainnet-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/mode-mainnet + - traefik.http.services.mode-mainnet-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-hash.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-hash.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && PathPrefix(`/mode-mainnet`)} + - ${NO_SSL:+traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-hash.rule=PathPrefix(`/mode-mainnet`)} + - traefik.http.routers.mode-mainnet-op-geth-pruned-pebble-hash.middlewares=mode-mainnet-op-geth-pruned-pebble-hash-stripprefix, ipwhitelist + + mode-mainnet-node: + image: ${MODE_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${MODE_MAINNET_NODE_VERSION:-v1.13.1} + ports: + - 17054:17054 + - 17054:17054/udp + environment: + - OP_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${ETHEREUM_MAINNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${ETHEREUM_MAINNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://mode-mainnet:8551 + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=17054 + - OP_NODE_P2P_LISTEN_UDP_PORT=17054 + - OP_NODE_ROLLUP_CONFIG=/config/rollup.json + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + networks: + - chains + volumes: + - ./op/mode/mainnet:/config + - .jwtsecret:/jwtsecret:ro + +volumes: + mode-mainnet-op-geth-pruned-pebble-hash: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + chain: + method-groups: + enabled: + - debug + - filter + methods: + disabled: + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file