From e8109f7cfa4756728fbc3c1f9440e11145db2d50 Mon Sep 17 00:00:00 2001 From: goldsquid Date: Sat, 8 Nov 2025 21:11:21 +0700 Subject: [PATCH] opbnb in da ohouse --- ...b-mainnet-op-geth-archive-leveldb-hash.yml | 201 +++++++++++++++++ ...bnb-mainnet-op-geth-pruned-pebble-path.yml | 204 ++++++++++++++++++ ...b-testnet-op-geth-archive-leveldb-hash.yml | 201 +++++++++++++++++ ...bnb-testnet-op-geth-pruned-pebble-path.yml | 204 ++++++++++++++++++ 4 files changed, 810 insertions(+) create mode 100644 op/geth/bnb-mainnet-op-geth-archive-leveldb-hash.yml create mode 100644 op/geth/bnb-mainnet-op-geth-pruned-pebble-path.yml create mode 100644 op/geth/bnb-testnet-op-geth-archive-leveldb-hash.yml create mode 100644 op/geth/bnb-testnet-op-geth-pruned-pebble-path.yml diff --git a/op/geth/bnb-mainnet-op-geth-archive-leveldb-hash.yml b/op/geth/bnb-mainnet-op-geth-archive-leveldb-hash.yml new file mode 100644 index 00000000..3daf8680 --- /dev/null +++ b/op/geth/bnb-mainnet-op-geth-archive-leveldb-hash.yml @@ -0,0 +1,201 @@ +--- +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: "10m" + max-file: "3" + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bnb-mainnet-op-geth-archive-leveldb-hash.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/bnb-mainnet-archive \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' + +services: + bnb-mainnet-archive: + image: ${BNB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BNB_MAINNET_GETH_VERSION:-v1.101603.4} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 11402:11402 + - 11402:11402/udp + expose: + - 8545 + - 6060 + - 8551 + environment: + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://opbnb-mainnet-rpc.bnbchain.org + entrypoint: /bin/sh -c 'exec geth "$@"' -- + command: + - --datadir=/data + - --db.engine=leveldb + - --gcmode=archive + - --maxpeers=50 + - --metrics + - --metrics.addr=0.0.0.0 + - --metrics.port=6060 + - --nat=extip:${IP} + - --opBNBMainnet + - --port=11402 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=hash + - --syncmode=full + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${BNB_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-bnb-mainnet-op-geth-archive-leveldb-hash}:/data + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=6060 + - prometheus-scrape.path=/debug/metrics/prometheus + - traefik.enable=true + - traefik.http.middlewares.bnb-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/bnb-mainnet-archive + - traefik.http.services.bnb-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/bnb-mainnet-archive`) || Path(`/bnb-mainnet-archive/`))} + - ${NO_SSL:+traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/bnb-mainnet-archive`) || Path(`/bnb-mainnet-archive/`)} + - traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash.middlewares=bnb-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist + + bnb-mainnet-archive-node: + image: ${BNB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${BNB_MAINNET_NODE_VERSION:-v1.16.1} + ports: + - 16402:16402 + - 16402:16402/udp + environment: + - OP_NODE_L1_BEACON=${BSC_MAINNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${BSC_MAINNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${BSC_MAINNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${BSC_MAINNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${BSC_MAINNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://bnb-mainnet-archive:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_METRIC_ENABLED=true + - OP_NODE_NETWORK=opBNBMainnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=16402 + - OP_NODE_P2P_LISTEN_UDP_PORT=16402 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - bnb-mainnet-archive + networks: + - chains + volumes: + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=7300 + - prometheus-scrape.path=/metrics + - traefik.enable=true + - traefik.http.middlewares.bnb-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/bnb-mainnet-archive/node + - traefik.http.services.bnb-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=8547 + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bnb-mainnet-archive/node`)} + - ${NO_SSL:+traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/bnb-mainnet-archive/node`)} + - traefik.http.routers.bnb-mainnet-op-geth-archive-leveldb-hash-node.middlewares=bnb-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist + +volumes: + bnb-mainnet-op-geth-archive-leveldb-hash: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: opbnb + method-groups: + enabled: + - debug + - filter + methods: + disabled: + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file diff --git a/op/geth/bnb-mainnet-op-geth-pruned-pebble-path.yml b/op/geth/bnb-mainnet-op-geth-pruned-pebble-path.yml new file mode 100644 index 00000000..a3c00ec0 --- /dev/null +++ b/op/geth/bnb-mainnet-op-geth-pruned-pebble-path.yml @@ -0,0 +1,204 @@ +--- +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: "10m" + max-file: "3" + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bnb-mainnet-op-geth-pruned-pebble-path.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/bnb-mainnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' + +services: + bnb-mainnet: + image: ${BNB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BNB_MAINNET_GETH_VERSION:-v1.101603.4} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 12599:12599 + - 12599:12599/udp + expose: + - 8545 + - 6060 + - 8551 + environment: + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://opbnb-mainnet-rpc.bnbchain.org + entrypoint: /bin/sh -c 'exec geth "$@"' -- + command: + - --allow-insecure-no-tries + - --datadir=/data + - --db.engine=pebble + - --gcmode=full + - --maxpeers=50 + - --metrics + - --metrics.addr=0.0.0.0 + - --metrics.port=6060 + - --nat=extip:${IP} + - --opBNBMainnet + - --port=12599 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=path + - --syncmode=snap + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${BNB_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-bnb-mainnet-op-geth-pruned-pebble-path}:/data + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=6060 + - prometheus-scrape.path=/debug/metrics/prometheus + - traefik.enable=true + - traefik.http.middlewares.bnb-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/bnb-mainnet + - traefik.http.services.bnb-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/bnb-mainnet`) || Path(`/bnb-mainnet/`))} + - ${NO_SSL:+traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path.rule=Path(`/bnb-mainnet`) || Path(`/bnb-mainnet/`)} + - traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path.middlewares=bnb-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist + + bnb-mainnet-node: + image: ${BNB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${BNB_MAINNET_NODE_VERSION:-v1.16.1} + ports: + - 17599:17599 + - 17599:17599/udp + environment: + - OP_NODE_L1_BEACON=${BSC_MAINNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${BSC_MAINNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${BSC_MAINNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${BSC_MAINNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${BSC_MAINNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://bnb-mainnet:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_METRIC_ENABLED=true + - OP_NODE_NETWORK=opBNBMainnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=17599 + - OP_NODE_P2P_LISTEN_UDP_PORT=17599 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - bnb-mainnet + networks: + - chains + volumes: + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=7300 + - prometheus-scrape.path=/metrics + - traefik.enable=true + - traefik.http.middlewares.bnb-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/bnb-mainnet/node + - traefik.http.services.bnb-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=8547 + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bnb-mainnet/node`)} + - ${NO_SSL:+traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/bnb-mainnet/node`)} + - traefik.http.routers.bnb-mainnet-op-geth-pruned-pebble-path-node.middlewares=bnb-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist + +volumes: + bnb-mainnet-op-geth-pruned-pebble-path: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: opbnb + method-groups: + enabled: + - debug + - filter + methods: + disabled: + # not compatible with path state scheme + - name: debug_traceBlockByHash + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file diff --git a/op/geth/bnb-testnet-op-geth-archive-leveldb-hash.yml b/op/geth/bnb-testnet-op-geth-archive-leveldb-hash.yml new file mode 100644 index 00000000..a82e4008 --- /dev/null +++ b/op/geth/bnb-testnet-op-geth-archive-leveldb-hash.yml @@ -0,0 +1,201 @@ +--- +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: "10m" + max-file: "3" + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bnb-testnet-op-geth-archive-leveldb-hash.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/bnb-testnet-archive \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' + +services: + bnb-testnet-archive: + image: ${BNB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BNB_TESTNET_GETH_VERSION:-v1.101603.4} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 10163:10163 + - 10163:10163/udp + expose: + - 8545 + - 6060 + - 8551 + environment: + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://opbnb-testnet-rpc.bnbchain.org + entrypoint: /bin/sh -c 'exec geth "$@"' -- + command: + - --datadir=/data + - --db.engine=leveldb + - --gcmode=archive + - --maxpeers=50 + - --metrics + - --metrics.addr=0.0.0.0 + - --metrics.port=6060 + - --nat=extip:${IP} + - --opBNBTestnet + - --port=10163 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=hash + - --syncmode=full + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${BNB_TESTNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-bnb-testnet-op-geth-archive-leveldb-hash}:/data + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=6060 + - prometheus-scrape.path=/debug/metrics/prometheus + - traefik.enable=true + - traefik.http.middlewares.bnb-testnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/bnb-testnet-archive + - traefik.http.services.bnb-testnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/bnb-testnet-archive`) || Path(`/bnb-testnet-archive/`))} + - ${NO_SSL:+traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash.rule=Path(`/bnb-testnet-archive`) || Path(`/bnb-testnet-archive/`)} + - traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash.middlewares=bnb-testnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist + + bnb-testnet-archive-node: + image: ${BNB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${BNB_TESTNET_NODE_VERSION:-v1.16.1} + ports: + - 15163:15163 + - 15163:15163/udp + environment: + - OP_NODE_L1_BEACON=${BSC_TESTNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${BSC_TESTNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${BSC_TESTNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${BSC_TESTNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${BSC_TESTNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://bnb-testnet-archive:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_METRIC_ENABLED=true + - OP_NODE_NETWORK=opBNBTestnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=15163 + - OP_NODE_P2P_LISTEN_UDP_PORT=15163 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - bnb-testnet-archive + networks: + - chains + volumes: + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=7300 + - prometheus-scrape.path=/metrics + - traefik.enable=true + - traefik.http.middlewares.bnb-testnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/bnb-testnet-archive/node + - traefik.http.services.bnb-testnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=8547 + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bnb-testnet-archive/node`)} + - ${NO_SSL:+traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/bnb-testnet-archive/node`)} + - traefik.http.routers.bnb-testnet-op-geth-archive-leveldb-hash-node.middlewares=bnb-testnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist + +volumes: + bnb-testnet-op-geth-archive-leveldb-hash: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: opbnb-testnet + method-groups: + enabled: + - debug + - filter + methods: + disabled: + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file diff --git a/op/geth/bnb-testnet-op-geth-pruned-pebble-path.yml b/op/geth/bnb-testnet-op-geth-pruned-pebble-path.yml new file mode 100644 index 00000000..70052691 --- /dev/null +++ b/op/geth/bnb-testnet-op-geth-pruned-pebble-path.yml @@ -0,0 +1,204 @@ +--- +x-logging-defaults: &logging-defaults + driver: json-file + options: + max-size: "10m" + max-file: "3" + +# Usage: +# +# mkdir rpc && cd rpc +# +# git init +# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git +# git fetch origin vibe +# git checkout origin/vibe +# +# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret +# +# env +# ... +# IP=$(curl ipinfo.io/ip) +# DOMAIN=${IP}.traefik.me +# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bnb-testnet-op-geth-pruned-pebble-path.yml +# +# docker compose up -d +# +# curl -X POST https://${IP}.traefik.me/bnb-testnet \ +# -H "Content-Type: application/json" \ +# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' + +services: + bnb-testnet: + image: ${BNB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BNB_TESTNET_GETH_VERSION:-v1.101603.4} + sysctls: + # TCP Performance + net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle + net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache + net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers + net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers + net.core.somaxconn: 32768 # Higher connection queue + # Memory/Connection Management + # net.core.netdev_max_backlog: 50000 # Increase network buffer + net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests + net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets + ulimits: + nofile: 1048576 # Max open files (for RPC/WS connections) + user: root + ports: + - 13187:13187 + - 13187:13187/udp + expose: + - 8545 + - 6060 + - 8551 + environment: + - GETH_ROLLUP_DISABLETXPOOLGOSSIP=true + - GETH_ROLLUP_SEQUENCERHTTP=https://opbnb-testnet-rpc.bnbchain.org + entrypoint: /bin/sh -c 'exec geth "$@"' -- + command: + - --allow-insecure-no-tries + - --datadir=/data + - --db.engine=pebble + - --gcmode=full + - --maxpeers=50 + - --metrics + - --metrics.addr=0.0.0.0 + - --metrics.port=6060 + - --nat=extip:${IP} + - --opBNBTestnet + - --port=13187 + - --rpc.gascap=600000000 + - --rpc.txfeecap=0 + - --state.scheme=path + - --syncmode=snap + - --http + - --http.addr=0.0.0.0 + - --http.api=eth,net,web3,debug,admin,txpool,engine + - --http.port=8545 + - --http.vhosts=* + - --ws + - --ws.addr=0.0.0.0 + - --ws.api=eth,net,web3,debug,admin,txpool,engine + - --ws.origins=* + - --ws.port=8545 + - --authrpc.addr=0.0.0.0 + - --authrpc.jwtsecret=/jwtsecret + - --authrpc.vhosts=* + restart: unless-stopped + stop_grace_period: 5m + networks: + - chains + volumes: + - ${BNB_TESTNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-bnb-testnet-op-geth-pruned-pebble-path}:/data + - .jwtsecret:/jwtsecret:ro + - /slowdisk:/slowdisk + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=6060 + - prometheus-scrape.path=/debug/metrics/prometheus + - traefik.enable=true + - traefik.http.middlewares.bnb-testnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/bnb-testnet + - traefik.http.services.bnb-testnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545 + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/bnb-testnet`) || Path(`/bnb-testnet/`))} + - ${NO_SSL:+traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path.rule=Path(`/bnb-testnet`) || Path(`/bnb-testnet/`)} + - traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path.middlewares=bnb-testnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist + + bnb-testnet-node: + image: ${BNB_NODE_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-node}:${BNB_TESTNET_NODE_VERSION:-v1.16.1} + ports: + - 18187:18187 + - 18187:18187/udp + environment: + - OP_NODE_L1_BEACON=${BSC_TESTNET_BEACON_REST} + - OP_NODE_L1_BEACON_ARCHIVER=${BSC_TESTNET_BEACON_ARCHIVER} + - OP_NODE_L1_ETH_RPC=${BSC_TESTNET_EXECUTION_RPC} + - OP_NODE_L1_RPC_KIND=${BSC_TESTNET_EXECUTION_KIND:-basic} + - OP_NODE_L1_TRUST_RPC=${BSC_TESTNET_EXECUTION_TRUST:-false} + - OP_NODE_L2_ENGINE_AUTH=/jwtsecret + - OP_NODE_L2_ENGINE_RPC=http://bnb-testnet:8551 + - OP_NODE_L2_SKIP_SYNC_START_CHECK=true + - OP_NODE_LOG_LEVEL=info + - OP_NODE_METRICS_ADDR=0.0.0.0 + - OP_NODE_METRICS_ENABLED=true + - OP_NODE_METRICS_PORT=7300 + - OP_NODE_METRIC_ENABLED=true + - OP_NODE_NETWORK=opBNBTestnet + - OP_NODE_P2P_ADVERTISE_IP=${IP} + - OP_NODE_P2P_LISTEN_IP=0.0.0.0 + - OP_NODE_P2P_LISTEN_TCP_PORT=18187 + - OP_NODE_P2P_LISTEN_UDP_PORT=18187 + - OP_NODE_ROLLUP_LOAD_PROTOCOL_VERSIONS=true + - OP_NODE_RPC_ADDR=0.0.0.0 + - OP_NODE_RPC_PORT=8545 + - OP_NODE_SNAPSHOT_LOG=/tmp/op-node-snapshot-log + - OP_NODE_SYNCMODE=execution-layer + - OP_NODE_VERIFIER_L1_CONFS=0 + entrypoint: [op-node] + restart: unless-stopped + depends_on: + - bnb-testnet + networks: + - chains + volumes: + - .jwtsecret:/jwtsecret:ro + logging: *logging-defaults + labels: + - prometheus-scrape.enabled=true + - prometheus-scrape.port=7300 + - prometheus-scrape.path=/metrics + - traefik.enable=true + - traefik.http.middlewares.bnb-testnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/bnb-testnet/node + - traefik.http.services.bnb-testnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=8547 + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path-node.entrypoints=websecure} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver} + - ${NO_SSL:-traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bnb-testnet/node`)} + - ${NO_SSL:+traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/bnb-testnet/node`)} + - traefik.http.routers.bnb-testnet-op-geth-pruned-pebble-path-node.middlewares=bnb-testnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist + +volumes: + bnb-testnet-op-geth-pruned-pebble-path: + +x-upstreams: + - id: $${ID} + labels: + provider: $${PROVIDER} + connection: + generic: + rpc: + url: $${RPC_URL} + ws: + frameSize: 20Mb + msgSize: 50Mb + url: $${WS_URL} + chain: opbnb-testnet + method-groups: + enabled: + - debug + - filter + methods: + disabled: + # not compatible with path state scheme + - name: debug_traceBlockByHash + enabled: + - name: txpool_content # TODO: should be disabled for rollup nodes + # standard geth only + - name: debug_getRawBlock + - name: debug_getRawTransaction + - name: debug_getRawReceipts + - name: debug_getRawHeader + - name: debug_getBadBlocks + # non standard geth only slightly dangerous + - name: debug_intermediateRoots + - name: debug_dumpBlock + # standard geth and erigon + - name: debug_accountRange + - name: debug_getModifiedAccountsByNumber + - name: debug_getModifiedAccountsByHash + # non standard geth and erigon + - name: eth_getRawTransactionByHash + - name: eth_getRawTransactionByBlockHashAndIndex +... \ No newline at end of file