StakeSquid/ethereum-rpc-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

deploy: regenerate compose from vibe-node main c56d34414bfa

Browse Source
This commit is contained in:
Claude Agent
2026-06-24 05:20:48 +00:00
parent eb1b37d5c0
commit ee3fbd39e4
39 changed files with 8248 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
op/erigon/bob-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,204 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/bob-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bob-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bob-mainnet-op-erigon:
image: ${BOB_ERIGON_IMAGE:-testinprod/op-erigon}:${BOB_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11071:11071
- 11071:11071/udp
- 31071:31071
- 31071:31071/udp
- 36071:36071
- 36071:36071/udp
expose:
- 8545
- 6060
- 8551
env_file:
- ./op/bob/mainnet.env
entrypoint: [erigon]
command:
- --chain=bob-mainnet
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=31071
- --p2p.allowed-ports=36071
- --port=11071
- --rollup.sequencerhttp=https://bob-mainnet.public.blastapi.io
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BOB_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-bob-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/bob-mainnet-op-erigon
- traefik.http.services.bob-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/bob-mainnet-op-erigon`) || Path(`/bob-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-erigon-archive-trace.rule=Path(`/bob-mainnet-op-erigon`) || Path(`/bob-mainnet-op-erigon/`)}
- traefik.http.routers.bob-mainnet-op-erigon-archive-trace.middlewares=bob-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
bob-mainnet-op-erigon-node:
image: ${BOB_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${BOB_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16071:16071
- 16071:16071/udp
env_file:
- ./op/bob/mainnet.env
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${BOB_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=60808
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://bob-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16071
- KONA_NODE_P2P_LISTEN_UDP_PORT=16071
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- bob-mainnet-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/bob-mainnet-op-erigon/node
- traefik.http.services.bob-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/bob-mainnet-op-erigon/node`)}
- traefik.http.routers.bob-mainnet-op-erigon-archive-trace-node.middlewares=bob-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
bob-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bob
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

200
op/erigon/ink-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,200 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/ink-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-mainnet-op-erigon:
image: ${INK_ERIGON_IMAGE:-testinprod/op-erigon}:${INK_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11990:11990
- 11990:11990/udp
- 31990:31990
- 31990:31990/udp
- 36990:36990
- 36990:36990/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=ink-mainnet
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=31990
- --p2p.allowed-ports=36990
- --port=11990
- --rollup.sequencerhttp=https://rpc-gel.inkonchain.com
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-ink-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/ink-mainnet-op-erigon
- traefik.http.services.ink-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/ink-mainnet-op-erigon`) || Path(`/ink-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-erigon-archive-trace.rule=Path(`/ink-mainnet-op-erigon`) || Path(`/ink-mainnet-op-erigon/`)}
- traefik.http.routers.ink-mainnet-op-erigon-archive-trace.middlewares=ink-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
ink-mainnet-op-erigon-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16990:16990
- 16990:16990/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=57073
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16990
- KONA_NODE_P2P_LISTEN_UDP_PORT=16990
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-mainnet-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/ink-mainnet-op-erigon/node
- traefik.http.services.ink-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/ink-mainnet-op-erigon/node`)}
- traefik.http.routers.ink-mainnet-op-erigon-archive-trace-node.middlewares=ink-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
ink-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

201
op/erigon/ink-sepolia-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,201 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/ink-sepolia-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia-op-erigon:
image: ${INK_ERIGON_IMAGE:-testinprod/op-erigon}:${INK_SEPOLIA_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 14826:14826
- 14826:14826/udp
- 34826:34826
- 34826:34826/udp
- 39826:39826
- 39826:39826/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=ink-sepolia
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=34826
- --p2p.allowed-ports=39826
- --port=14826
- --rollup.sequencerhttp=https://rpc-gel-sepolia.inkonchain.com
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_ERIGON_ARCHIVE_TRACE_DATA:-ink-sepolia-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/ink-sepolia-op-erigon
- traefik.http.services.ink-sepolia-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia-op-erigon`) || Path(`/ink-sepolia-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-erigon-archive-trace.rule=Path(`/ink-sepolia-op-erigon`) || Path(`/ink-sepolia-op-erigon/`)}
- traefik.http.routers.ink-sepolia-op-erigon-archive-trace.middlewares=ink-sepolia-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
ink-sepolia-op-erigon-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 19826:19826
- 19826:19826/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19826
- KONA_NODE_P2P_LISTEN_UDP_PORT=19826
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/ink-sepolia-op-erigon/node
- traefik.http.services.ink-sepolia-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-erigon-archive-trace-node.rule=PathPrefix(`/ink-sepolia-op-erigon/node`)}
- traefik.http.routers.ink-sepolia-op-erigon-archive-trace-node.middlewares=ink-sepolia-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

205
op/erigon/lisk-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,205 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/lisk-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/lisk-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
lisk-mainnet-op-erigon:
image: ${LISK_ERIGON_IMAGE:-testinprod/op-erigon}:${LISK_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 14831:14831
- 14831:14831/udp
- 34831:34831
- 34831:34831/udp
- 39831:39831
- 39831:39831/udp
expose:
- 8545
- 6060
- 8551
entrypoint: /bin/sh -c '[ ! -d /root/.local/share/erigon/chaindata/mdbx.dat ] && erigon init --datadir /root/.local/share/erigon /config/genesis.json; exec erigon "$@"' --
command:
- --bootnodes=enode://87a32fd13bd596b2ffca97020e31aef4ddcc1bbd4b95bb633d16c1329f654f34049ed240a36b449fda5e5225d70fe40bc667f53c304b71f8e68fc9d448690b51@3.231.138.188:30301,enode://ca21ea8f176adb2e229ce2d700830c844af0ea941a1d8152a9513b966fe525e809c3a6c73a2c18a12b74ed6ec4380edf91662778fe0b79f6a591236e49e176f9@184.72.129.189:30301,enode://acf4507a211ba7c1e52cdf4eef62cdc3c32e7c9c47998954f7ba024026f9a6b2150cd3f0b734d9c78e507ab70d59ba61dfe5c45e1078c7ad0775fb251d7735a2@3.220.145.177:30301,enode://8a5a5006159bf079d06a04e5eceab2a1ce6e0f721875b2a9c96905336219dbe14203d38f70f3754686a6324f786c2f9852d8c0dd3adac2d080f4db35efc678c5@3.231.11.52:30301,enode://cdadbe835308ad3557f9a1de8db411da1a260a98f8421d62da90e71da66e55e98aaa8e90aa7ce01b408a54e4bd2253d701218081ded3dbe5efbbc7b41d7cef79@54.198.153.150:30301
- --bootnodes=enode://87a32fd13bd596b2ffca97020e31aef4ddcc1bbd4b95bb633d16c1329f654f34049ed240a36b449fda5e5225d70fe40bc667f53c304b71f8e68fc9d448690b51@3.231.138.188:30301,enode://ca21ea8f176adb2e229ce2d700830c844af0ea941a1d8152a9513b966fe525e809c3a6c73a2c18a12b74ed6ec4380edf91662778fe0b79f6a591236e49e176f9@184.72.129.189:30301,enode://acf4507a211ba7c1e52cdf4eef62cdc3c32e7c9c47998954f7ba024026f9a6b2150cd3f0b734d9c78e507ab70d59ba61dfe5c45e1078c7ad0775fb251d7735a2@3.220.145.177:30301,enode://8a5a5006159bf079d06a04e5eceab2a1ce6e0f721875b2a9c96905336219dbe14203d38f70f3754686a6324f786c2f9852d8c0dd3adac2d080f4db35efc678c5@3.231.11.52:30301,enode://cdadbe835308ad3557f9a1de8db411da1a260a98f8421d62da90e71da66e55e98aaa8e90aa7ce01b408a54e4bd2253d701218081ded3dbe5efbbc7b41d7cef79@54.198.153.150:30301
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --networkid=1135
- --p2p.allowed-ports=34831
- --p2p.allowed-ports=39831
- --port=14831
- --rollup.sequencerhttp=https://rpc.api.lisk.com
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${LISK_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-lisk-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-erigon
- traefik.http.services.lisk-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/lisk-mainnet-op-erigon`) || Path(`/lisk-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-erigon-archive-trace.rule=Path(`/lisk-mainnet-op-erigon`) || Path(`/lisk-mainnet-op-erigon/`)}
- traefik.http.routers.lisk-mainnet-op-erigon-archive-trace.middlewares=lisk-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
lisk-mainnet-op-erigon-node:
image: ${LISK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${LISK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 19831:19831
- 19831:19831/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${LISK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1135
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://lisk-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_BOOTNODES=enr:-Iu4QBCIUw0OhAq5ErARIYBLIr6xPb83OqeFRqlUJGlJ9kWpNECaumPArYWsEFdM_cEKm26JJT_EA52f4dlavBldldgBgmlkgnY0gmlwhCPqq5CJc2VjcDI1NmsxoQLBE74gZyIHkwBEnkI4K7nR4SM2Lytj2VTLqJaj5nQevoN0Y3CCIyuDdWRwgiMs
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19831
- KONA_NODE_P2P_LISTEN_UDP_PORT=19831
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- lisk-mainnet-op-erigon
networks:
- chains
volumes:
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-erigon/node
- traefik.http.services.lisk-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/lisk-mainnet-op-erigon/node`)}
- traefik.http.routers.lisk-mainnet-op-erigon-archive-trace-node.middlewares=lisk-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
lisk-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: lisk
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

204
op/erigon/op-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,204 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/op-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet-op-erigon:
image: ${OP_ERIGON_IMAGE:-testinprod/op-erigon}:${OP_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 12509:12509
- 12509:12509/udp
- 32509:32509
- 32509:32509/udp
- 37509:37509
- 37509:37509/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=op-mainnet
- --datadir=/root/.local/share/erigon
- --db.size.limit=8TB
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=32509
- --p2p.allowed-ports=37509
- --port=12509
- --rollup.historicalrpc=${OP_MAINNET_CLASSIC_ARCHIVE_RPC}
- --rollup.sequencerhttp=https://mainnet-sequencer.optimism.io
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-op-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/op-mainnet-op-erigon
- traefik.http.services.op-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet-op-erigon`) || Path(`/op-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-erigon-archive-trace.rule=Path(`/op-mainnet-op-erigon`) || Path(`/op-mainnet-op-erigon/`)}
- traefik.http.routers.op-mainnet-op-erigon-archive-trace.middlewares=op-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
op-mainnet-op-erigon-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 17509:17509
- 17509:17509/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=17509
- KONA_NODE_P2P_LISTEN_UDP_PORT=17509
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet-op-erigon
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/op-mainnet-op-erigon/node
- traefik.http.services.op-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/op-mainnet-op-erigon/node`)}
- traefik.http.routers.op-mainnet-op-erigon-archive-trace-node.middlewares=op-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

200
op/erigon/soneium-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,200 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/soneium-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/soneium-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
soneium-mainnet-op-erigon:
image: ${SONEIUM_ERIGON_IMAGE:-testinprod/op-erigon}:${SONEIUM_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 13689:13689
- 13689:13689/udp
- 33689:33689
- 33689:33689/udp
- 38689:38689
- 38689:38689/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=soneium-mainnet
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=33689
- --p2p.allowed-ports=38689
- --port=13689
- --rollup.sequencerhttp=https://rpc.soneium.org
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${SONEIUM_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-soneium-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-erigon
- traefik.http.services.soneium-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/soneium-mainnet-op-erigon`) || Path(`/soneium-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-erigon-archive-trace.rule=Path(`/soneium-mainnet-op-erigon`) || Path(`/soneium-mainnet-op-erigon/`)}
- traefik.http.routers.soneium-mainnet-op-erigon-archive-trace.middlewares=soneium-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
soneium-mainnet-op-erigon-node:
image: ${SONEIUM_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${SONEIUM_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18689:18689
- 18689:18689/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${SONEIUM_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1868
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://soneium-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18689
- KONA_NODE_P2P_LISTEN_UDP_PORT=18689
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- soneium-mainnet-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-erigon/node
- traefik.http.services.soneium-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/soneium-mainnet-op-erigon/node`)}
- traefik.http.routers.soneium-mainnet-op-erigon-archive-trace-node.middlewares=soneium-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
soneium-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: soneium
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

200
op/erigon/unichain-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,200 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/unichain-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet-op-erigon:
image: ${UNICHAIN_ERIGON_IMAGE:-testinprod/op-erigon}:${UNICHAIN_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11415:11415
- 11415:11415/udp
- 31415:31415
- 31415:31415/udp
- 36415:36415
- 36415:36415/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=unichain-mainnet
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=31415
- --p2p.allowed-ports=36415
- --port=11415
- --rollup.sequencerhttp=https://mainnet.unichain.org
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-unichain-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-erigon
- traefik.http.services.unichain-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet-op-erigon`) || Path(`/unichain-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-erigon-archive-trace.rule=Path(`/unichain-mainnet-op-erigon`) || Path(`/unichain-mainnet-op-erigon/`)}
- traefik.http.routers.unichain-mainnet-op-erigon-archive-trace.middlewares=unichain-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
unichain-mainnet-op-erigon-node:
image: ${UNICHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${UNICHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16415:16415
- 16415:16415/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${UNICHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=130
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://unichain-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16415
- KONA_NODE_P2P_LISTEN_UDP_PORT=16415
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- unichain-mainnet-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-erigon/node
- traefik.http.services.unichain-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/unichain-mainnet-op-erigon/node`)}
- traefik.http.routers.unichain-mainnet-op-erigon-archive-trace-node.middlewares=unichain-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

200
op/erigon/worldchain-mainnet-op-erigon-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,200 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/erigon/worldchain-mainnet-op-erigon-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/worldchain-mainnet-op-erigon \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
worldchain-mainnet-op-erigon:
image: ${WORLDCHAIN_ERIGON_IMAGE:-testinprod/op-erigon}:${WORLDCHAIN_MAINNET_ERIGON_VERSION:-v2.61.3-0.10.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11629:11629
- 11629:11629/udp
- 31629:31629
- 31629:31629/udp
- 36629:36629
- 36629:36629/udp
expose:
- 8545
- 6060
- 8551
entrypoint: [erigon]
command:
- --chain=worldchain-mainnet
- --datadir=/root/.local/share/erigon
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --p2p.allowed-ports=31629
- --p2p.allowed-ports=36629
- --port=11629
- --rollup.sequencerhttp=https://worldchain-mainnet.g.alchemy.com/public
- --rpc.gascap=6000000000
- --rpc.returndata.limit=1500000
- --http
- --http.addr=0.0.0.0
- --http.api=eth,erigon,web3,net,debug,trace,txpool,admin,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${WORLDCHAIN_MAINNET_OP_ERIGON_ARCHIVE_TRACE_DATA:-worldchain-mainnet-op-erigon-archive-trace}:/root/.local/share/erigon
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-erigon-archive-trace-stripprefix.stripprefix.prefixes=/worldchain-mainnet-op-erigon
- traefik.http.services.worldchain-mainnet-op-erigon-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/worldchain-mainnet-op-erigon`) || Path(`/worldchain-mainnet-op-erigon/`))}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace.rule=Path(`/worldchain-mainnet-op-erigon`) || Path(`/worldchain-mainnet-op-erigon/`)}
- traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace.middlewares=worldchain-mainnet-op-erigon-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
worldchain-mainnet-op-erigon-node:
image: ${WORLDCHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${WORLDCHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16629:16629
- 16629:16629/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${WORLDCHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=480
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://worldchain-mainnet-op-erigon:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16629
- KONA_NODE_P2P_LISTEN_UDP_PORT=16629
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- worldchain-mainnet-op-erigon
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-erigon-archive-trace-node-stripprefix.stripprefix.prefixes=/worldchain-mainnet-op-erigon/node
- traefik.http.services.worldchain-mainnet-op-erigon-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet-op-erigon/node`)}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace-node.rule=PathPrefix(`/worldchain-mainnet-op-erigon/node`)}
- traefik.http.routers.worldchain-mainnet-op-erigon-archive-trace-node.middlewares=worldchain-mainnet-op-erigon-archive-trace-node-stripprefix, ipallowlist
volumes:
worldchain-mainnet-op-erigon-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: worldchain
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
# non standard erigon only
- name: eth_getBlockReceipts
- name: eth_protocolVersion
- name: eth_callMany
- name: eth_callBundle
- name: debug_accountAt
- name: debug_traceCallMany
- name: erigon_getHeaderByHash
- name: erigon_getBlockReceiptsByBlockHash
- name: erigon_getHeaderByNumber
- name: erigon_getLogsByHash
- name: erigon_forks
- name: erigon_getBlockByTimestamp
- name: erigon_BlockNumber
- name: erigon_getLatestLogs
...

198
op/geth/bob-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,198 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bob-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bob-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bob-mainnet-archive:
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BOB_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 14046:14046
- 14046:14046/udp
expose:
- 8545
- 6060
- 8551
env_file:
- ./op/bob/mainnet.env
environment:
- GETH_OP_NETWORK=bob-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://bob-mainnet.public.blastapi.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=14046
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BOB_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-bob-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/bob-mainnet-archive
- traefik.http.services.bob-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/bob-mainnet-archive`) || Path(`/bob-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/bob-mainnet-archive`) || Path(`/bob-mainnet-archive/`)}
- traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash.middlewares=bob-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
bob-mainnet-archive-node:
image: ${BOB_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${BOB_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 19046:19046
- 19046:19046/udp
env_file:
- ./op/bob/mainnet.env
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${BOB_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=60808
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://bob-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19046
- KONA_NODE_P2P_LISTEN_UDP_PORT=19046
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- bob-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/bob-mainnet-archive/node
- traefik.http.services.bob-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/bob-mainnet-archive/node`)}
- traefik.http.routers.bob-mainnet-op-geth-archive-leveldb-hash-node.middlewares=bob-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
bob-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bob
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

198
op/geth/bob-mainnet-op-geth-archive-pebble-hash--kona.yml Normal file
View File

@@ -0,0 +1,198 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bob-mainnet-op-geth-archive-pebble-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bob-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bob-mainnet-archive:
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BOB_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12223:12223
- 12223:12223/udp
expose:
- 8545
- 6060
- 8551
env_file:
- ./op/bob/mainnet.env
environment:
- GETH_OP_NETWORK=bob-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://bob-mainnet.public.blastapi.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=12223
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BOB_MAINNET_OP_GETH_ARCHIVE_PEBBLE_HASH_DATA:-bob-mainnet-op-geth-archive-pebble-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-archive-pebble-hash-stripprefix.stripprefix.prefixes=/bob-mainnet-archive
- traefik.http.services.bob-mainnet-op-geth-archive-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/bob-mainnet-archive`) || Path(`/bob-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash.rule=Path(`/bob-mainnet-archive`) || Path(`/bob-mainnet-archive/`)}
- traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash.middlewares=bob-mainnet-op-geth-archive-pebble-hash-stripprefix, ipallowlist
bob-mainnet-archive-node:
image: ${BOB_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${BOB_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 17223:17223
- 17223:17223/udp
env_file:
- ./op/bob/mainnet.env
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${BOB_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=60808
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://bob-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=17223
- KONA_NODE_P2P_LISTEN_UDP_PORT=17223
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- bob-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-archive-pebble-hash-node-stripprefix.stripprefix.prefixes=/bob-mainnet-archive/node
- traefik.http.services.bob-mainnet-op-geth-archive-pebble-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash-node.rule=PathPrefix(`/bob-mainnet-archive/node`)}
- traefik.http.routers.bob-mainnet-op-geth-archive-pebble-hash-node.middlewares=bob-mainnet-op-geth-archive-pebble-hash-node-stripprefix, ipallowlist
volumes:
bob-mainnet-op-geth-archive-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bob
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

198
op/geth/bob-mainnet-op-geth-pruned-pebble-hash--kona.yml Normal file
View File

@@ -0,0 +1,198 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bob-mainnet-op-geth-pruned-pebble-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bob-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bob-mainnet:
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BOB_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11363:11363
- 11363:11363/udp
expose:
- 8545
- 6060
- 8551
env_file:
- ./op/bob/mainnet.env
environment:
- GETH_OP_NETWORK=bob-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://bob-mainnet.public.blastapi.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11363
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BOB_MAINNET_OP_GETH_PRUNED_PEBBLE_HASH_DATA:-bob-mainnet-op-geth-pruned-pebble-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-hash-stripprefix.stripprefix.prefixes=/bob-mainnet
- traefik.http.services.bob-mainnet-op-geth-pruned-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/bob-mainnet`) || Path(`/bob-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash.rule=Path(`/bob-mainnet`) || Path(`/bob-mainnet/`)}
- traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash.middlewares=bob-mainnet-op-geth-pruned-pebble-hash-stripprefix, ipallowlist
bob-mainnet-node:
image: ${BOB_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${BOB_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16363:16363
- 16363:16363/udp
env_file:
- ./op/bob/mainnet.env
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${BOB_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=60808
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://bob-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16363
- KONA_NODE_P2P_LISTEN_UDP_PORT=16363
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- bob-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-hash-node-stripprefix.stripprefix.prefixes=/bob-mainnet/node
- traefik.http.services.bob-mainnet-op-geth-pruned-pebble-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash-node.rule=PathPrefix(`/bob-mainnet/node`)}
- traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-hash-node.middlewares=bob-mainnet-op-geth-pruned-pebble-hash-node-stripprefix, ipallowlist
volumes:
bob-mainnet-op-geth-pruned-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bob
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

200
op/geth/bob-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,200 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/bob-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bob-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bob-mainnet:
image: ${BOB_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${BOB_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 13347:13347
- 13347:13347/udp
expose:
- 8545
- 6060
- 8551
env_file:
- ./op/bob/mainnet.env
environment:
- GETH_OP_NETWORK=bob-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://bob-mainnet.public.blastapi.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=13347
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BOB_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-bob-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/bob-mainnet
- traefik.http.services.bob-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/bob-mainnet`) || Path(`/bob-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.rule=Path(`/bob-mainnet`) || Path(`/bob-mainnet/`)}
- traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path.middlewares=bob-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
bob-mainnet-node:
image: ${BOB_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${BOB_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18347:18347
- 18347:18347/udp
env_file:
- ./op/bob/mainnet.env
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${BOB_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=60808
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://bob-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18347
- KONA_NODE_P2P_LISTEN_UDP_PORT=18347
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- bob-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bob-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/bob-mainnet/node
- traefik.http.services.bob-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/bob-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/bob-mainnet/node`)}
- traefik.http.routers.bob-mainnet-op-geth-pruned-pebble-path-node.middlewares=bob-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
bob-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bob
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

194
op/geth/ink-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,194 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/ink-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-mainnet-archive:
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${INK_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 10713:10713
- 10713:10713/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=ink-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc-gel.inkonchain.com
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=10713
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-mainnet-archive
- traefik.http.services.ink-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/ink-mainnet-archive`) || Path(`/ink-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/ink-mainnet-archive`) || Path(`/ink-mainnet-archive/`)}
- traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash.middlewares=ink-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
ink-mainnet-archive-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 15713:15713
- 15713:15713/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=57073
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=15713
- KONA_NODE_P2P_LISTEN_UDP_PORT=15713
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/ink-mainnet-archive/node
- traefik.http.services.ink-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/ink-mainnet-archive/node`)}
- traefik.http.routers.ink-mainnet-op-geth-archive-leveldb-hash-node.middlewares=ink-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
ink-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

196
op/geth/ink-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,196 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/ink-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-mainnet:
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${INK_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11271:11271
- 11271:11271/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=ink-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc-gel.inkonchain.com
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11271
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-mainnet
- traefik.http.services.ink-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/ink-mainnet`) || Path(`/ink-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.rule=Path(`/ink-mainnet`) || Path(`/ink-mainnet/`)}
- traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path.middlewares=ink-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
ink-mainnet-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16271:16271
- 16271:16271/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=57073
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16271
- KONA_NODE_P2P_LISTEN_UDP_PORT=16271
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/ink-mainnet/node
- traefik.http.services.ink-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/ink-mainnet/node`)}
- traefik.http.routers.ink-mainnet-op-geth-pruned-pebble-path-node.middlewares=ink-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
ink-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

195
op/geth/ink-sepolia-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,195 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/ink-sepolia-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia-archive:
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${INK_SEPOLIA_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11659:11659
- 11659:11659/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=ink-sepolia
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc-gel-sepolia.inkonchain.com
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11659
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-ink-sepolia-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/ink-sepolia-archive
- traefik.http.services.ink-sepolia-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia-archive`) || Path(`/ink-sepolia-archive/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.rule=Path(`/ink-sepolia-archive`) || Path(`/ink-sepolia-archive/`)}
- traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash.middlewares=ink-sepolia-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
ink-sepolia-archive-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 16659:16659
- 16659:16659/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16659
- KONA_NODE_P2P_LISTEN_UDP_PORT=16659
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/ink-sepolia-archive/node
- traefik.http.services.ink-sepolia-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-archive/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/ink-sepolia-archive/node`)}
- traefik.http.routers.ink-sepolia-op-geth-archive-leveldb-hash-node.middlewares=ink-sepolia-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

197
op/geth/ink-sepolia-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,197 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/ink-sepolia-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia:
image: ${INK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${INK_SEPOLIA_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11869:11869
- 11869:11869/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=ink-sepolia
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc-gel-sepolia.inkonchain.com
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11869
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-ink-sepolia-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/ink-sepolia
- traefik.http.services.ink-sepolia-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia`) || Path(`/ink-sepolia/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.rule=Path(`/ink-sepolia`) || Path(`/ink-sepolia/`)}
- traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path.middlewares=ink-sepolia-op-geth-pruned-pebble-path-stripprefix, ipallowlist
ink-sepolia-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 16869:16869
- 16869:16869/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16869
- KONA_NODE_P2P_LISTEN_UDP_PORT=16869
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/ink-sepolia/node
- traefik.http.services.ink-sepolia-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/ink-sepolia/node`)}
- traefik.http.routers.ink-sepolia-op-geth-pruned-pebble-path-node.middlewares=ink-sepolia-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

199
op/geth/lisk-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,199 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/lisk-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/lisk-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
lisk-mainnet-archive:
image: ${LISK_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${LISK_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11157:11157
- 11157:11157/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_BOOTNODES=enode://87a32fd13bd596b2ffca97020e31aef4ddcc1bbd4b95bb633d16c1329f654f34049ed240a36b449fda5e5225d70fe40bc667f53c304b71f8e68fc9d448690b51@3.231.138.188:30301,enode://ca21ea8f176adb2e229ce2d700830c844af0ea941a1d8152a9513b966fe525e809c3a6c73a2c18a12b74ed6ec4380edf91662778fe0b79f6a591236e49e176f9@184.72.129.189:30301,enode://acf4507a211ba7c1e52cdf4eef62cdc3c32e7c9c47998954f7ba024026f9a6b2150cd3f0b734d9c78e507ab70d59ba61dfe5c45e1078c7ad0775fb251d7735a2@3.220.145.177:30301,enode://8a5a5006159bf079d06a04e5eceab2a1ce6e0f721875b2a9c96905336219dbe14203d38f70f3754686a6324f786c2f9852d8c0dd3adac2d080f4db35efc678c5@3.231.11.52:30301,enode://cdadbe835308ad3557f9a1de8db411da1a260a98f8421d62da90e71da66e55e98aaa8e90aa7ce01b408a54e4bd2253d701218081ded3dbe5efbbc7b41d7cef79@54.198.153.150:30301
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc.api.lisk.com
entrypoint: /bin/sh -c '[ -f /config/genesis.json ] && geth --db.engine=leveldb --gcmode=archive --datadir /data init --state.scheme=hash /config/genesis.json; exec geth "$@"' --
command:
- --bootnodes=enode://87a32fd13bd596b2ffca97020e31aef4ddcc1bbd4b95bb633d16c1329f654f34049ed240a36b449fda5e5225d70fe40bc667f53c304b71f8e68fc9d448690b51@3.231.138.188:30301,enode://ca21ea8f176adb2e229ce2d700830c844af0ea941a1d8152a9513b966fe525e809c3a6c73a2c18a12b74ed6ec4380edf91662778fe0b79f6a591236e49e176f9@184.72.129.189:30301,enode://acf4507a211ba7c1e52cdf4eef62cdc3c32e7c9c47998954f7ba024026f9a6b2150cd3f0b734d9c78e507ab70d59ba61dfe5c45e1078c7ad0775fb251d7735a2@3.220.145.177:30301,enode://8a5a5006159bf079d06a04e5eceab2a1ce6e0f721875b2a9c96905336219dbe14203d38f70f3754686a6324f786c2f9852d8c0dd3adac2d080f4db35efc678c5@3.231.11.52:30301,enode://cdadbe835308ad3557f9a1de8db411da1a260a98f8421d62da90e71da66e55e98aaa8e90aa7ce01b408a54e4bd2253d701218081ded3dbe5efbbc7b41d7cef79@54.198.153.150:30301
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --networkid=1135
- --port=11157
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${LISK_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-lisk-mainnet-op-geth-archive-leveldb-hash}:/data
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/lisk-mainnet-archive
- traefik.http.services.lisk-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/lisk-mainnet-archive`) || Path(`/lisk-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/lisk-mainnet-archive`) || Path(`/lisk-mainnet-archive/`)}
- traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash.middlewares=lisk-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
lisk-mainnet-archive-node:
image: ${LISK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${LISK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16157:16157
- 16157:16157/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${LISK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1135
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://lisk-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_BOOTNODES=enr:-Iu4QBCIUw0OhAq5ErARIYBLIr6xPb83OqeFRqlUJGlJ9kWpNECaumPArYWsEFdM_cEKm26JJT_EA52f4dlavBldldgBgmlkgnY0gmlwhCPqq5CJc2VjcDI1NmsxoQLBE74gZyIHkwBEnkI4K7nR4SM2Lytj2VTLqJaj5nQevoN0Y3CCIyuDdWRwgiMs
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16157
- KONA_NODE_P2P_LISTEN_UDP_PORT=16157
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- lisk-mainnet-archive
networks:
- chains
volumes:
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/lisk-mainnet-archive/node
- traefik.http.services.lisk-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/lisk-mainnet-archive/node`)}
- traefik.http.routers.lisk-mainnet-op-geth-archive-leveldb-hash-node.middlewares=lisk-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
lisk-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: lisk
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

291
op/geth/op-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,291 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/op-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet-archive:
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${OP_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 13399:13399
- 13399:13399/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=op-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet-sequencer.optimism.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=13399
- --rollup.historicalrpc=${OP_MAINNET_CLASSIC_ARCHIVE_RPC:-http://op-mainnet-l2geth-archive:8545}
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
depends_on:
- op-mainnet-l2geth-archive
networks:
- chains
volumes:
- ${OP_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-mainnet-op-geth-archive-leveldb-hash}:/data
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/op-mainnet-archive
- traefik.http.services.op-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet-archive`) || Path(`/op-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/op-mainnet-archive`) || Path(`/op-mainnet-archive/`)}
- traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash.middlewares=op-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
op-mainnet-archive-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18399:18399
- 18399:18399/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18399
- KONA_NODE_P2P_LISTEN_UDP_PORT=18399
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet-archive
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/op-mainnet-archive/node
- traefik.http.services.op-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/op-mainnet-archive/node`)}
- traefik.http.routers.op-mainnet-op-geth-archive-leveldb-hash-node.middlewares=op-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
op-mainnet-l2geth-archive:
image: ${OP_L2GETH_IMAGE:-ethereumoptimism/l2geth}:${OP_MAINNET_L2GETH_VERSION:-0.5.31}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12952:12952
- 12952:12952/udp
expose:
- 8545
env_file:
- ./op/op/mainnet/l2geth.env
environment:
- ROLLUP_BACKEND=l2
- SYNC_SOURCE=l2
command:
- --datadir=/geth
- --gcmode=archive
- --maxpeers=50
- --nat=extip:${IP}
- --port=12952
- --rpc
- --rpc.gascap=600000000
- --rpcaddr=0.0.0.0
- --rpcapi=eth,net,web3,admin,debug
- --rpcport=8545
- --syncmode=full
- --vmodule=eth/*=5,miner=4,rpc=5,rollup=4,consensus/clique=1
- --ws
- --wsaddr=0.0.0.0
- --wsapi=eth,net,web3,admin,debug
- --wsport=8546
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_L2GETH_ARCHIVE_LEVELDB_HASH_DATA:-op-mainnet-l2geth-archive-leveldb-hash}:/geth
- ./op/op/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
volumes:
op-mainnet-l2geth-archive-leveldb-hash:
op-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

263
op/geth/op-mainnet-op-geth-pruned-pebble-path--kona--fireeth.yml Normal file
View File

@@ -0,0 +1,263 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/op-mainnet-op-geth-pruned-pebble-path--kona--fireeth.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet:
image: ${OP_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${OP_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12687:12687
- 12687:12687/udp
expose:
- 8545
- 6060
- 8551
- 10010
environment:
- GETH_OP_NETWORK=op-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet-sequencer.optimism.io
entrypoint: [sh, -c, exec fireeth start reader-node --reader-node-arguments "$*", _]
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=12687
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=full
- --vmtrace=firehose
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_FIREETH_DATA:-op-mainnet-fireeth}:/app/firehose-data
- ${OP_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-mainnet-op-geth-pruned-pebble-path}:/data
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-mainnet
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet`) || Path(`/op-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Path(`/op-mainnet`) || Path(`/op-mainnet/`)}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.middlewares=op-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
op-mainnet-firehose:
image: ${OP_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${OP_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
expose:
- 10015
- 10014
environment:
- ${OP_MAINNET_FIREETH_BLOCKS_STORE:-/app/firehose-data/storage/merged-blocks}
entrypoint: [sh, -c, exec fireeth --config-file="" --log-to-file=false start firehose index-builder relayer merger $@, _]
command:
- --firehose-rate-limit-bucket-fill-rate=${OP_MAINNET_FIREHOSE_RATE_LIMIT_BUCKET_FILL_RATE:-1s}
- --firehose-rate-limit-bucket-size=${OP_MAINNET_FIREHOSE_RATE_LIMIT_BUCKET_SIZE:-200}
- --log-to-file=false
- --relayer-source=op-mainnet:10010
restart: unless-stopped
depends_on:
- op-mainnet
networks:
- chains
volumes:
- ${OP_MAINNET_FIREETH_DATA:-op-mainnet-fireeth}:/app/firehose-data
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.scheme=h2c
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.service=op-mainnet-op-geth-pruned-pebble-path-firehose
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.port=10015
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.entrypoints=grpc
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.tls.certresolver=myresolver}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.rule=Host(`op-mainnet-firehose.${DOMAIN}`)
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-firehose.middlewares=ipallowlist
op-mainnet-events:
image: ${OP_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${OP_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
expose:
- 10016
entrypoint: [sh, -c, exec fireeth --config-file="" --log-to-file=false start substreams-tier1 substreams-tier2 $@, _]
command:
- --common-live-blocks-addr=op-mainnet-firehose:10014
- --log-to-file=false
- --substreams-block-execution-timeout=${OP_MAINNET_SUBSTREAMS_BLOCK_EXECUTION_TIMEOUT:-3m0s}
- --substreams-rpc-endpoints=${OP_MAINNET_EXECUTION_ARCHIVE_RPC}
- --substreams-tier1-max-subrequests=${OP_MAINNET_SUBSTREAMS_TIER1_MAX_SUBREQUESTS:-4}
restart: unless-stopped
depends_on:
- op-mainnet
networks:
- chains
volumes:
- ${OP_MAINNET_FIREETH_DATA:-op-mainnet-fireeth}:/app/firehose-data
logging: *logging-defaults
labels:
- traefik.enable=true
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.scheme=h2c
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.service=op-mainnet-op-geth-pruned-pebble-path-events
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.port=10016
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.entrypoints=grpc
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.tls.certresolver=myresolver}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.rule=Host(`op-mainnet-events.${DOMAIN}`)
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-events.middlewares=ipallowlist
op-mainnet-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 17687:17687
- 17687:17687/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=17687
- KONA_NODE_P2P_LISTEN_UDP_PORT=17687
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/op-mainnet/node
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/op-mainnet/node`)}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.middlewares=op-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-geth-pruned-pebble-path:
op-mainnet-op-geth-pruned-pebble-path_fireeth:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

198
op/geth/op-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,198 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/op-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet:
image: ${OP_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${OP_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12687:12687
- 12687:12687/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=op-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet-sequencer.optimism.io
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=12687
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-op-mainnet-op-geth-pruned-pebble-path}:/data
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/op-mainnet
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet`) || Path(`/op-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.rule=Path(`/op-mainnet`) || Path(`/op-mainnet/`)}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path.middlewares=op-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
op-mainnet-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 17687:17687
- 17687:17687/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=17687
- KONA_NODE_P2P_LISTEN_UDP_PORT=17687
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/op-mainnet/node
- traefik.http.services.op-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/op-mainnet/node`)}
- traefik.http.routers.op-mainnet-op-geth-pruned-pebble-path-node.middlewares=op-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

194
op/geth/soneium-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,194 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/soneium-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/soneium-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
soneium-mainnet-archive:
image: ${SONEIUM_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${SONEIUM_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 10889:10889
- 10889:10889/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=soneium-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc.soneium.org
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=10889
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${SONEIUM_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-soneium-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/soneium-mainnet-archive
- traefik.http.services.soneium-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/soneium-mainnet-archive`) || Path(`/soneium-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/soneium-mainnet-archive`) || Path(`/soneium-mainnet-archive/`)}
- traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash.middlewares=soneium-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
soneium-mainnet-archive-node:
image: ${SONEIUM_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${SONEIUM_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 15889:15889
- 15889:15889/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${SONEIUM_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1868
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://soneium-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=15889
- KONA_NODE_P2P_LISTEN_UDP_PORT=15889
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- soneium-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/soneium-mainnet-archive/node
- traefik.http.services.soneium-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/soneium-mainnet-archive/node`)}
- traefik.http.routers.soneium-mainnet-op-geth-archive-leveldb-hash-node.middlewares=soneium-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
soneium-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: soneium
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

196
op/geth/soneium-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,196 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/soneium-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/soneium-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
soneium-mainnet:
image: ${SONEIUM_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${SONEIUM_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 14145:14145
- 14145:14145/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=soneium-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://rpc.soneium.org
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=14145
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${SONEIUM_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-soneium-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/soneium-mainnet
- traefik.http.services.soneium-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/soneium-mainnet`) || Path(`/soneium-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path.rule=Path(`/soneium-mainnet`) || Path(`/soneium-mainnet/`)}
- traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path.middlewares=soneium-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
soneium-mainnet-node:
image: ${SONEIUM_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${SONEIUM_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 19145:19145
- 19145:19145/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${SONEIUM_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1868
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://soneium-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19145
- KONA_NODE_P2P_LISTEN_UDP_PORT=19145
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- soneium-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/soneium-mainnet/node
- traefik.http.services.soneium-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/soneium-mainnet/node`)}
- traefik.http.routers.soneium-mainnet-op-geth-pruned-pebble-path-node.middlewares=soneium-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
soneium-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: soneium
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

194
op/geth/unichain-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,194 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/unichain-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet-archive:
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${UNICHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11789:11789
- 11789:11789/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=unichain-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.unichain.org
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11789
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-unichain-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/unichain-mainnet-archive
- traefik.http.services.unichain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet-archive`) || Path(`/unichain-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/unichain-mainnet-archive`) || Path(`/unichain-mainnet-archive/`)}
- traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash.middlewares=unichain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
unichain-mainnet-archive-node:
image: ${UNICHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${UNICHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16789:16789
- 16789:16789/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${UNICHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=130
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://unichain-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16789
- KONA_NODE_P2P_LISTEN_UDP_PORT=16789
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- unichain-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/unichain-mainnet-archive/node
- traefik.http.services.unichain-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/unichain-mainnet-archive/node`)}
- traefik.http.routers.unichain-mainnet-op-geth-archive-leveldb-hash-node.middlewares=unichain-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

261
op/geth/unichain-mainnet-op-geth-pruned-pebble-path--kona--fireeth.yml Normal file
View File

@@ -0,0 +1,261 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/unichain-mainnet-op-geth-pruned-pebble-path--kona--fireeth.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet:
image: ${UNICHAIN_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 10954:10954
- 10954:10954/udp
expose:
- 8545
- 6060
- 8551
- 10010
environment:
- GETH_OP_NETWORK=unichain-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.unichain.org
entrypoint: [sh, -c, exec fireeth start reader-node --reader-node-arguments "$*", _]
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=10954
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=full
- --vmtrace=firehose
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_FIREETH_DATA:-unichain-mainnet-fireeth}:/app/firehose-data
- ${UNICHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-mainnet
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`)}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
unichain-mainnet-firehose:
image: ${UNICHAIN_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
expose:
- 10015
- 10014
environment:
- ${UNICHAIN_MAINNET_FIREETH_BLOCKS_STORE:-/app/firehose-data/storage/merged-blocks}
entrypoint: [sh, -c, exec fireeth --config-file="" --log-to-file=false start firehose index-builder relayer merger $@, _]
command:
- --firehose-rate-limit-bucket-fill-rate=${UNICHAIN_MAINNET_FIREHOSE_RATE_LIMIT_BUCKET_FILL_RATE:-1s}
- --firehose-rate-limit-bucket-size=${UNICHAIN_MAINNET_FIREHOSE_RATE_LIMIT_BUCKET_SIZE:-200}
- --log-to-file=false
- --relayer-source=unichain-mainnet:10010
restart: unless-stopped
depends_on:
- unichain-mainnet
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_FIREETH_DATA:-unichain-mainnet-fireeth}:/app/firehose-data
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.scheme=h2c
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.service=unichain-mainnet-op-geth-pruned-pebble-path-firehose
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-firehose.loadbalancer.server.port=10015
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.entrypoints=grpc
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.tls.certresolver=myresolver}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.rule=Host(`unichain-mainnet-firehose.${DOMAIN}`)
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-firehose.middlewares=ipallowlist
unichain-mainnet-events:
image: ${UNICHAIN_FIREETH_IMAGE:-ghcr.io/streamingfast/go-ethereum}:${UNICHAIN_MAINNET_FIREETH_VERSION:-v2.12.4-optimism-v1.101511.0-op-node.v1.13.3-1}
expose:
- 10016
entrypoint: [sh, -c, exec fireeth --config-file="" --log-to-file=false start substreams-tier1 substreams-tier2 $@, _]
command:
- --common-live-blocks-addr=unichain-mainnet-firehose:10014
- --log-to-file=false
- --substreams-block-execution-timeout=${UNICHAIN_MAINNET_SUBSTREAMS_BLOCK_EXECUTION_TIMEOUT:-3m0s}
- --substreams-rpc-endpoints=${UNICHAIN_MAINNET_EXECUTION_ARCHIVE_RPC}
- --substreams-tier1-max-subrequests=${UNICHAIN_MAINNET_SUBSTREAMS_TIER1_MAX_SUBREQUESTS:-4}
restart: unless-stopped
depends_on:
- unichain-mainnet
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_FIREETH_DATA:-unichain-mainnet-fireeth}:/app/firehose-data
logging: *logging-defaults
labels:
- traefik.enable=true
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.scheme=h2c
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.service=unichain-mainnet-op-geth-pruned-pebble-path-events
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-events.loadbalancer.server.port=10016
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.entrypoints=grpc
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.tls.certresolver=myresolver}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.rule=Host(`unichain-mainnet-events.${DOMAIN}`)
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-events.middlewares=ipallowlist
unichain-mainnet-node:
image: ${UNICHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${UNICHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 15954:15954
- 15954:15954/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${UNICHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=130
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://unichain-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=15954
- KONA_NODE_P2P_LISTEN_UDP_PORT=15954
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- unichain-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/unichain-mainnet/node
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/unichain-mainnet/node`)}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-geth-pruned-pebble-path:
unichain-mainnet-op-geth-pruned-pebble-path_fireeth:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

196
op/geth/unichain-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,196 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/unichain-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet:
image: ${UNICHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${UNICHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 10954:10954
- 10954:10954/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=unichain-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://mainnet.unichain.org
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=10954
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-unichain-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/unichain-mainnet
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.rule=Path(`/unichain-mainnet`) || Path(`/unichain-mainnet/`)}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
unichain-mainnet-node:
image: ${UNICHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${UNICHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 15954:15954
- 15954:15954/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${UNICHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=130
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://unichain-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=15954
- KONA_NODE_P2P_LISTEN_UDP_PORT=15954
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- unichain-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/unichain-mainnet/node
- traefik.http.services.unichain-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/unichain-mainnet/node`)}
- traefik.http.routers.unichain-mainnet-op-geth-pruned-pebble-path-node.middlewares=unichain-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

194
op/geth/worldchain-mainnet-op-geth-archive-leveldb-hash--kona.yml Normal file
View File

@@ -0,0 +1,194 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/worldchain-mainnet-op-geth-archive-leveldb-hash--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/worldchain-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
worldchain-mainnet-archive:
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${WORLDCHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 13162:13162
- 13162:13162/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=worldchain-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://worldchain-mainnet.g.alchemy.com/public
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=leveldb
- --gcmode=archive
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=13162
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${WORLDCHAIN_MAINNET_OP_GETH_ARCHIVE_LEVELDB_HASH_DATA:-worldchain-mainnet-op-geth-archive-leveldb-hash}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix.stripprefix.prefixes=/worldchain-mainnet-archive
- traefik.http.services.worldchain-mainnet-op-geth-archive-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/worldchain-mainnet-archive`) || Path(`/worldchain-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.rule=Path(`/worldchain-mainnet-archive`) || Path(`/worldchain-mainnet-archive/`)}
- traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash.middlewares=worldchain-mainnet-op-geth-archive-leveldb-hash-stripprefix, ipallowlist
worldchain-mainnet-archive-node:
image: ${WORLDCHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${WORLDCHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18162:18162
- 18162:18162/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${WORLDCHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=480
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://worldchain-mainnet-archive:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18162
- KONA_NODE_P2P_LISTEN_UDP_PORT=18162
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- worldchain-mainnet-archive
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-archive-leveldb-hash-node-stripprefix.stripprefix.prefixes=/worldchain-mainnet-archive/node
- traefik.http.services.worldchain-mainnet-op-geth-archive-leveldb-hash-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash-node.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet-archive/node`)}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash-node.rule=PathPrefix(`/worldchain-mainnet-archive/node`)}
- traefik.http.routers.worldchain-mainnet-op-geth-archive-leveldb-hash-node.middlewares=worldchain-mainnet-op-geth-archive-leveldb-hash-node-stripprefix, ipallowlist
volumes:
worldchain-mainnet-op-geth-archive-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: worldchain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

196
op/geth/worldchain-mainnet-op-geth-pruned-pebble-path--kona.yml Normal file
View File

@@ -0,0 +1,196 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/geth/worldchain-mainnet-op-geth-pruned-pebble-path--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/worldchain-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
worldchain-mainnet:
image: ${WORLDCHAIN_GETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-geth}:${WORLDCHAIN_MAINNET_GETH_VERSION:-v1.101702.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11096:11096
- 11096:11096/udp
expose:
- 8545
- 6060
- 8551
environment:
- GETH_OP_NETWORK=worldchain-mainnet
- GETH_ROLLUP_DISABLETXPOOLGOSSIP=true
- GETH_ROLLUP_SEQUENCERHTTP=https://worldchain-mainnet.g.alchemy.com/public
entrypoint: /bin/sh -c 'exec geth "$@"' --
command:
- --datadir=/data
- --db.engine=pebble
- --gcmode=full
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=11096
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=path
- --syncmode=snap
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,debug,admin,txpool,engine
- --http.port=8545
- --http.vhosts=*
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,debug,admin,txpool,engine
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
- --authrpc.vhosts=*
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${WORLDCHAIN_MAINNET_OP_GETH_PRUNED_PEBBLE_PATH_DATA:-worldchain-mainnet-op-geth-pruned-pebble-path}:/data
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix.stripprefix.prefixes=/worldchain-mainnet
- traefik.http.services.worldchain-mainnet-op-geth-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/worldchain-mainnet`) || Path(`/worldchain-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.rule=Path(`/worldchain-mainnet`) || Path(`/worldchain-mainnet/`)}
- traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path.middlewares=worldchain-mainnet-op-geth-pruned-pebble-path-stripprefix, ipallowlist
worldchain-mainnet-node:
image: ${WORLDCHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${WORLDCHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16096:16096
- 16096:16096/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${WORLDCHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=480
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://worldchain-mainnet:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16096
- KONA_NODE_P2P_LISTEN_UDP_PORT=16096
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- worldchain-mainnet
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.worldchain-mainnet-op-geth-pruned-pebble-path-node-stripprefix.stripprefix.prefixes=/worldchain-mainnet/node
- traefik.http.services.worldchain-mainnet-op-geth-pruned-pebble-path-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path-node.rule=Host(`$DOMAIN`) && PathPrefix(`/worldchain-mainnet/node`)}
- ${NO_SSL:+traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path-node.rule=PathPrefix(`/worldchain-mainnet/node`)}
- traefik.http.routers.worldchain-mainnet-op-geth-pruned-pebble-path-node.middlewares=worldchain-mainnet-op-geth-pruned-pebble-path-node-stripprefix, ipallowlist
volumes:
worldchain-mainnet-op-geth-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: worldchain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

181
op/reth/ink-sepolia-op-reth-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,181 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/ink-sepolia-op-reth-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia-op-reth \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia-op-reth:
image: ${INK_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${INK_SEPOLIA_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 14373:14373
- 14373:14373/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=ink-sepolia
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${INK_SEPOLIA_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=14373
- --rollup.sequencer-http=https://rpc-gel-sepolia.inkonchain.com
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_RETH_ARCHIVE_TRACE_DATA:-ink-sepolia-op-reth-archive-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-archive-trace-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth
- traefik.http.services.ink-sepolia-op-reth-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia-op-reth`) || Path(`/ink-sepolia-op-reth/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-archive-trace.rule=Path(`/ink-sepolia-op-reth`) || Path(`/ink-sepolia-op-reth/`)}
- traefik.http.routers.ink-sepolia-op-reth-archive-trace.middlewares=ink-sepolia-op-reth-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
ink-sepolia-op-reth-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 19373:19373
- 19373:19373/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia-op-reth:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19373
- KONA_NODE_P2P_LISTEN_UDP_PORT=19373
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia-op-reth
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-archive-trace-node-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth/node
- traefik.http.services.ink-sepolia-op-reth-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-op-reth/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-archive-trace-node.rule=PathPrefix(`/ink-sepolia-op-reth/node`)}
- traefik.http.routers.ink-sepolia-op-reth-archive-trace-node.middlewares=ink-sepolia-op-reth-archive-trace-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-reth-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

181
op/reth/ink-sepolia-op-reth-minimal-trace--kona.yml Normal file
View File

@@ -0,0 +1,181 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/ink-sepolia-op-reth-minimal-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia-op-reth-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia-op-reth-minimal:
image: ${INK_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${INK_SEPOLIA_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11068:11068
- 11068:11068/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=ink-sepolia
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${INK_SEPOLIA_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=11068
- --rollup.sequencer-http=https://rpc-gel-sepolia.inkonchain.com
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_RETH_MINIMAL_TRACE_DATA:-ink-sepolia-op-reth-minimal-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-minimal-trace-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth-minimal
- traefik.http.services.ink-sepolia-op-reth-minimal-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia-op-reth-minimal`) || Path(`/ink-sepolia-op-reth-minimal/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-minimal-trace.rule=Path(`/ink-sepolia-op-reth-minimal`) || Path(`/ink-sepolia-op-reth-minimal/`)}
- traefik.http.routers.ink-sepolia-op-reth-minimal-trace.middlewares=ink-sepolia-op-reth-minimal-trace-stripprefix, ipallowlist
shm_size: 2gb
ink-sepolia-op-reth-minimal-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 16068:16068
- 16068:16068/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia-op-reth-minimal:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16068
- KONA_NODE_P2P_LISTEN_UDP_PORT=16068
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia-op-reth-minimal
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-minimal-trace-node-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth-minimal/node
- traefik.http.services.ink-sepolia-op-reth-minimal-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-minimal-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-op-reth-minimal/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-minimal-trace-node.rule=PathPrefix(`/ink-sepolia-op-reth-minimal/node`)}
- traefik.http.routers.ink-sepolia-op-reth-minimal-trace-node.middlewares=ink-sepolia-op-reth-minimal-trace-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-reth-minimal-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

182
op/reth/ink-sepolia-op-reth-pruned-trace--kona.yml Normal file
View File

@@ -0,0 +1,182 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/ink-sepolia-op-reth-pruned-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/ink-sepolia-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
ink-sepolia-op-reth-pruned:
image: ${INK_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${INK_SEPOLIA_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 14236:14236
- 14236:14236/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=ink-sepolia
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${INK_SEPOLIA_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=14236
- --rollup.sequencer-http=https://rpc-gel-sepolia.inkonchain.com
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${INK_SEPOLIA_OP_RETH_PRUNED_TRACE_DATA:-ink-sepolia-op-reth-pruned-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth-pruned
- traefik.http.services.ink-sepolia-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/ink-sepolia-op-reth-pruned`) || Path(`/ink-sepolia-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-pruned-trace.rule=Path(`/ink-sepolia-op-reth-pruned`) || Path(`/ink-sepolia-op-reth-pruned/`)}
- traefik.http.routers.ink-sepolia-op-reth-pruned-trace.middlewares=ink-sepolia-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
ink-sepolia-op-reth-pruned-node:
image: ${INK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${INK_SEPOLIA_KONA_VERSION:-v1.6.0}
ports:
- 19236:19236
- 19236:19236/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_SEPOLIA_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${INK_SEPOLIA_L1_EXECUTION_RPC:-${ETHEREUM_SEPOLIA_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_SEPOLIA_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=763373
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://ink-sepolia-op-reth-pruned:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_OVERRIDE_PECTRA_BLOB_SCHEDULE=1742486400
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19236
- KONA_NODE_P2P_LISTEN_UDP_PORT=19236
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- ink-sepolia-op-reth-pruned
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.ink-sepolia-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/ink-sepolia-op-reth-pruned/node
- traefik.http.services.ink-sepolia-op-reth-pruned-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.ink-sepolia-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/ink-sepolia-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.ink-sepolia-op-reth-pruned-trace-node.rule=PathPrefix(`/ink-sepolia-op-reth-pruned/node`)}
- traefik.http.routers.ink-sepolia-op-reth-pruned-trace-node.middlewares=ink-sepolia-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
ink-sepolia-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: ink-sepolia
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

180
op/reth/lisk-mainnet-op-reth-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,180 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/lisk-mainnet-op-reth-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/lisk-mainnet-op-reth \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
lisk-mainnet-op-reth:
image: ${LISK_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${LISK_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=/config/genesis.json
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --disable-discovery
- --engine.cross-block-cache-size=${LISK_MAINNET_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --rollup.sequencer-http=https://rpc.api.lisk.com
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${LISK_MAINNET_OP_RETH_ARCHIVE_TRACE_DATA:-lisk-mainnet-op-reth-archive-trace}:/root/.local/share/reth
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-reth-archive-trace-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-reth
- traefik.http.services.lisk-mainnet-op-reth-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/lisk-mainnet-op-reth`) || Path(`/lisk-mainnet-op-reth/`))}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-reth-archive-trace.rule=Path(`/lisk-mainnet-op-reth`) || Path(`/lisk-mainnet-op-reth/`)}
- traefik.http.routers.lisk-mainnet-op-reth-archive-trace.middlewares=lisk-mainnet-op-reth-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
lisk-mainnet-op-reth-node:
image: ${LISK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${LISK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 15598:15598
- 15598:15598/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${LISK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1135
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://lisk-mainnet-op-reth:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_BOOTNODES=enr:-Iu4QBCIUw0OhAq5ErARIYBLIr6xPb83OqeFRqlUJGlJ9kWpNECaumPArYWsEFdM_cEKm26JJT_EA52f4dlavBldldgBgmlkgnY0gmlwhCPqq5CJc2VjcDI1NmsxoQLBE74gZyIHkwBEnkI4K7nR4SM2Lytj2VTLqJaj5nQevoN0Y3CCIyuDdWRwgiMs
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=15598
- KONA_NODE_P2P_LISTEN_UDP_PORT=15598
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- lisk-mainnet-op-reth
networks:
- chains
volumes:
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-reth-archive-trace-node-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-reth/node
- traefik.http.services.lisk-mainnet-op-reth-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-op-reth/node`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-reth-archive-trace-node.rule=PathPrefix(`/lisk-mainnet-op-reth/node`)}
- traefik.http.routers.lisk-mainnet-op-reth-archive-trace-node.middlewares=lisk-mainnet-op-reth-archive-trace-node-stripprefix, ipallowlist
volumes:
lisk-mainnet-op-reth-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: lisk
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

181
op/reth/lisk-mainnet-op-reth-pruned-trace--kona.yml Normal file
View File

@@ -0,0 +1,181 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/lisk-mainnet-op-reth-pruned-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/lisk-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
lisk-mainnet-op-reth-pruned:
image: ${LISK_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${LISK_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=/config/genesis.json
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --disable-discovery
- --engine.cross-block-cache-size=${LISK_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --rollup.sequencer-http=https://rpc.api.lisk.com
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${LISK_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-lisk-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-reth-pruned
- traefik.http.services.lisk-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/lisk-mainnet-op-reth-pruned`) || Path(`/lisk-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-reth-pruned-trace.rule=Path(`/lisk-mainnet-op-reth-pruned`) || Path(`/lisk-mainnet-op-reth-pruned/`)}
- traefik.http.routers.lisk-mainnet-op-reth-pruned-trace.middlewares=lisk-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
lisk-mainnet-op-reth-pruned-node:
image: ${LISK_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${LISK_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 17812:17812
- 17812:17812/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${LISK_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1135
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://lisk-mainnet-op-reth-pruned:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_BOOTNODES=enr:-Iu4QBCIUw0OhAq5ErARIYBLIr6xPb83OqeFRqlUJGlJ9kWpNECaumPArYWsEFdM_cEKm26JJT_EA52f4dlavBldldgBgmlkgnY0gmlwhCPqq5CJc2VjcDI1NmsxoQLBE74gZyIHkwBEnkI4K7nR4SM2Lytj2VTLqJaj5nQevoN0Y3CCIyuDdWRwgiMs
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=17812
- KONA_NODE_P2P_LISTEN_UDP_PORT=17812
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- lisk-mainnet-op-reth-pruned
networks:
- chains
volumes:
- ./op/lisk/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.lisk-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/lisk-mainnet-op-reth-pruned/node
- traefik.http.services.lisk-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.lisk-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/lisk-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.lisk-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/lisk-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.lisk-mainnet-op-reth-pruned-trace-node.middlewares=lisk-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
lisk-mainnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: lisk
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

184
op/reth/op-mainnet-op-reth-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,184 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/op-mainnet-op-reth-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet-op-reth \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet-op-reth:
image: ${OP_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${OP_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11114:11114
- 11114:11114/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=optimism
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${OP_MAINNET_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=11114
- --rollup.historicalrpc=${OP_MAINNET_CLASSIC_ARCHIVE_RPC:-https://mainnet-sequencer.optimism.io}
- --rollup.sequencer-http=https://mainnet-sequencer.optimism.io
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_OP_RETH_ARCHIVE_TRACE_DATA:-op-mainnet-op-reth-archive-trace}:/root/.local/share/reth
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-archive-trace-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth
- traefik.http.services.op-mainnet-op-reth-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet-op-reth`) || Path(`/op-mainnet-op-reth/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-archive-trace.rule=Path(`/op-mainnet-op-reth`) || Path(`/op-mainnet-op-reth/`)}
- traefik.http.routers.op-mainnet-op-reth-archive-trace.middlewares=op-mainnet-op-reth-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
op-mainnet-op-reth-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16114:16114
- 16114:16114/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet-op-reth:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16114
- KONA_NODE_P2P_LISTEN_UDP_PORT=16114
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet-op-reth
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-archive-trace-node-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth/node
- traefik.http.services.op-mainnet-op-reth-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-op-reth/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-archive-trace-node.rule=PathPrefix(`/op-mainnet-op-reth/node`)}
- traefik.http.routers.op-mainnet-op-reth-archive-trace-node.middlewares=op-mainnet-op-reth-archive-trace-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-reth-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

184
op/reth/op-mainnet-op-reth-minimal-trace--kona.yml Normal file
View File

@@ -0,0 +1,184 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/op-mainnet-op-reth-minimal-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet-op-reth-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet-op-reth-minimal:
image: ${OP_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${OP_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11845:11845
- 11845:11845/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=optimism
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${OP_MAINNET_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=11845
- --rollup.historicalrpc=${OP_MAINNET_CLASSIC_ARCHIVE_RPC:-https://mainnet-sequencer.optimism.io}
- --rollup.sequencer-http=https://mainnet-sequencer.optimism.io
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_OP_RETH_MINIMAL_TRACE_DATA:-op-mainnet-op-reth-minimal-trace}:/root/.local/share/reth
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-minimal-trace-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth-minimal
- traefik.http.services.op-mainnet-op-reth-minimal-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet-op-reth-minimal`) || Path(`/op-mainnet-op-reth-minimal/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-minimal-trace.rule=Path(`/op-mainnet-op-reth-minimal`) || Path(`/op-mainnet-op-reth-minimal/`)}
- traefik.http.routers.op-mainnet-op-reth-minimal-trace.middlewares=op-mainnet-op-reth-minimal-trace-stripprefix, ipallowlist
shm_size: 2gb
op-mainnet-op-reth-minimal-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16845:16845
- 16845:16845/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet-op-reth-minimal:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16845
- KONA_NODE_P2P_LISTEN_UDP_PORT=16845
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet-op-reth-minimal
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-minimal-trace-node-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth-minimal/node
- traefik.http.services.op-mainnet-op-reth-minimal-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-minimal-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-op-reth-minimal/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-minimal-trace-node.rule=PathPrefix(`/op-mainnet-op-reth-minimal/node`)}
- traefik.http.routers.op-mainnet-op-reth-minimal-trace-node.middlewares=op-mainnet-op-reth-minimal-trace-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-reth-minimal-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

185
op/reth/op-mainnet-op-reth-pruned-trace--kona.yml Normal file
View File

@@ -0,0 +1,185 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/op-mainnet-op-reth-pruned-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/op-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
op-mainnet-op-reth-pruned:
image: ${OP_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${OP_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 13985:13985
- 13985:13985/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=optimism
- --config=/config/reth/reth.toml
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${OP_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=13985
- --rollup.historicalrpc=${OP_MAINNET_CLASSIC_ARCHIVE_RPC:-https://mainnet-sequencer.optimism.io}
- --rollup.sequencer-http=https://mainnet-sequencer.optimism.io
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${OP_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-op-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth-pruned
- traefik.http.services.op-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/op-mainnet-op-reth-pruned`) || Path(`/op-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-pruned-trace.rule=Path(`/op-mainnet-op-reth-pruned`) || Path(`/op-mainnet-op-reth-pruned/`)}
- traefik.http.routers.op-mainnet-op-reth-pruned-trace.middlewares=op-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
op-mainnet-op-reth-pruned-node:
image: ${OP_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${OP_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18985:18985
- 18985:18985/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${OP_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=10
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://op-mainnet-op-reth-pruned:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18985
- KONA_NODE_P2P_LISTEN_UDP_PORT=18985
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- op-mainnet-op-reth-pruned
networks:
- chains
volumes:
- ./op/op/mainnet:/config
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.op-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/op-mainnet-op-reth-pruned/node
- traefik.http.services.op-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.op-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/op-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.op-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/op-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.op-mainnet-op-reth-pruned-trace-node.middlewares=op-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
op-mainnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: optimism
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

180
op/reth/soneium-mainnet-op-reth-archive-trace--kona.yml Normal file
View File

@@ -0,0 +1,180 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/soneium-mainnet-op-reth-archive-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/soneium-mainnet-op-reth \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
soneium-mainnet-op-reth:
image: ${SONEIUM_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${SONEIUM_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 14133:14133
- 14133:14133/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=soneium
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${SONEIUM_MAINNET_RETH_STATE_CACHE:-4096}
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=14133
- --rollup.sequencer-http=https://rpc.soneium.org
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${SONEIUM_MAINNET_OP_RETH_ARCHIVE_TRACE_DATA:-soneium-mainnet-op-reth-archive-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-reth-archive-trace-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-reth
- traefik.http.services.soneium-mainnet-op-reth-archive-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace.rule=Host(`$DOMAIN`) && (Path(`/soneium-mainnet-op-reth`) || Path(`/soneium-mainnet-op-reth/`))}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-reth-archive-trace.rule=Path(`/soneium-mainnet-op-reth`) || Path(`/soneium-mainnet-op-reth/`)}
- traefik.http.routers.soneium-mainnet-op-reth-archive-trace.middlewares=soneium-mainnet-op-reth-archive-trace-stripprefix, ipallowlist
shm_size: 2gb
soneium-mainnet-op-reth-node:
image: ${SONEIUM_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${SONEIUM_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 19133:19133
- 19133:19133/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${SONEIUM_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1868
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://soneium-mainnet-op-reth:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=19133
- KONA_NODE_P2P_LISTEN_UDP_PORT=19133
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- soneium-mainnet-op-reth
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-reth-archive-trace-node-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-reth/node
- traefik.http.services.soneium-mainnet-op-reth-archive-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-archive-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-mainnet-op-reth/node`)}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-reth-archive-trace-node.rule=PathPrefix(`/soneium-mainnet-op-reth/node`)}
- traefik.http.routers.soneium-mainnet-op-reth-archive-trace-node.middlewares=soneium-mainnet-op-reth-archive-trace-node-stripprefix, ipallowlist
volumes:
soneium-mainnet-op-reth-archive-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: soneium
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

181
op/reth/soneium-mainnet-op-reth-pruned-trace--kona.yml Normal file
View File

@@ -0,0 +1,181 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/soneium-mainnet-op-reth-pruned-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/soneium-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
soneium-mainnet-op-reth-pruned:
image: ${SONEIUM_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${SONEIUM_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 11080:11080
- 11080:11080/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=soneium
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${SONEIUM_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=11080
- --rollup.sequencer-http=https://rpc.soneium.org
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${SONEIUM_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-soneium-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-reth-pruned
- traefik.http.services.soneium-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/soneium-mainnet-op-reth-pruned`) || Path(`/soneium-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-reth-pruned-trace.rule=Path(`/soneium-mainnet-op-reth-pruned`) || Path(`/soneium-mainnet-op-reth-pruned/`)}
- traefik.http.routers.soneium-mainnet-op-reth-pruned-trace.middlewares=soneium-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
soneium-mainnet-op-reth-pruned-node:
image: ${SONEIUM_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${SONEIUM_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 16080:16080
- 16080:16080/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${SONEIUM_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=1868
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://soneium-mainnet-op-reth-pruned:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=16080
- KONA_NODE_P2P_LISTEN_UDP_PORT=16080
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- soneium-mainnet-op-reth-pruned
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.soneium-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/soneium-mainnet-op-reth-pruned/node
- traefik.http.services.soneium-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.soneium-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/soneium-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.soneium-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/soneium-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.soneium-mainnet-op-reth-pruned-trace-node.middlewares=soneium-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
soneium-mainnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: soneium
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

181
op/reth/unichain-mainnet-op-reth-pruned-trace--kona.yml Normal file
View File

@@ -0,0 +1,181 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:op/reth/unichain-mainnet-op-reth-pruned-trace--kona.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/unichain-mainnet-op-reth-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
unichain-mainnet-op-reth-pruned:
image: ${UNICHAIN_RETH_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/op-reth}:${UNICHAIN_MAINNET_RETH_VERSION:-v2.3.2-rc.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
memlock: -1 # Disable memory locking limits (for in-memory DBs like MDBX)
user: root
ports:
- 13073:13073
- 13073:13073/udp
expose:
- 8545
- 9001
- 8551
entrypoint: [op-reth, node]
command:
- --chain=unichain
- --datadir=/root/.local/share/reth
- --engine.cross-block-cache-size=${UNICHAIN_MAINNET_RETH_STATE_CACHE:-4096}
- --full
- --max-inbound-peers=50
- --max-outbound-peers=50
- --metrics=0.0.0.0:9001
- --nat=extip:${IP}
- --port=13073
- --rollup.sequencer-http=https://mainnet.unichain.org
- --rpc-cache.max-blocks=10000
- --rpc-cache.max-concurrent-db-requests=2048
- --rpc.gascap=600000000
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --http
- --http.addr=0.0.0.0
- --http.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --http.corsdomain=*
- --http.port=8545
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev
- --ws.origins=*
- --ws.port=8545
- --authrpc.addr=0.0.0.0
- --authrpc.jwtsecret=/jwtsecret
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${UNICHAIN_MAINNET_OP_RETH_PRUNED_TRACE_DATA:-unichain-mainnet-op-reth-pruned-trace}:/root/.local/share/reth
- .jwtsecret:/jwtsecret:ro
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-reth-pruned-trace-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-reth-pruned
- traefik.http.services.unichain-mainnet-op-reth-pruned-trace.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.rule=Host(`$DOMAIN`) && (Path(`/unichain-mainnet-op-reth-pruned`) || Path(`/unichain-mainnet-op-reth-pruned/`))}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.rule=Path(`/unichain-mainnet-op-reth-pruned`) || Path(`/unichain-mainnet-op-reth-pruned/`)}
- traefik.http.routers.unichain-mainnet-op-reth-pruned-trace.middlewares=unichain-mainnet-op-reth-pruned-trace-stripprefix, ipallowlist
shm_size: 2gb
unichain-mainnet-op-reth-pruned-node:
image: ${UNICHAIN_KONA_IMAGE:-us-docker.pkg.dev/oplabs-tools-artifacts/images/kona-node}:${UNICHAIN_MAINNET_KONA_VERSION:-v1.6.0}
ports:
- 18073:18073
- 18073:18073/udp
environment:
- KONA_METRICS_ADDR=0.0.0.0
- KONA_NODE_L1_BEACON=${ETHEREUM_MAINNET_BEACON_REST}
- KONA_NODE_L1_ETH_RPC=${UNICHAIN_MAINNET_L1_EXECUTION_RPC:-${ETHEREUM_MAINNET_EXECUTION_RPC}}
- KONA_NODE_L1_TRUST_RPC=${ETHEREUM_MAINNET_EXECUTION_TRUST:-false}
- KONA_NODE_L2_CHAIN_ID=130
- KONA_NODE_L2_ENGINE_AUTH=/jwtsecret
- KONA_NODE_L2_ENGINE_RPC=http://unichain-mainnet-op-reth-pruned:8551
- KONA_NODE_L2_ENGINE_TIMEOUT=120000
- KONA_NODE_L2_TRUST_RPC=true
- KONA_NODE_METRICS_PORT=7300
- KONA_NODE_MODE=verifier
- KONA_NODE_P2P_ADVERTISE_IP=${IP}
- KONA_NODE_P2P_LISTEN_IP=0.0.0.0
- KONA_NODE_P2P_LISTEN_TCP_PORT=18073
- KONA_NODE_P2P_LISTEN_UDP_PORT=18073
- KONA_NODE_RPC_ADDR=0.0.0.0
- KONA_NODE_RPC_PORT=9545
entrypoint: [kona-node, node]
restart: unless-stopped
depends_on:
- unichain-mainnet-op-reth-pruned
networks:
- chains
volumes:
- .jwtsecret:/jwtsecret:ro
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=7300
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.unichain-mainnet-op-reth-pruned-trace-node-stripprefix.stripprefix.prefixes=/unichain-mainnet-op-reth-pruned/node
- traefik.http.services.unichain-mainnet-op-reth-pruned-trace-node.loadbalancer.server.port=9545
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.rule=Host(`$DOMAIN`) && PathPrefix(`/unichain-mainnet-op-reth-pruned/node`)}
- ${NO_SSL:+traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.rule=PathPrefix(`/unichain-mainnet-op-reth-pruned/node`)}
- traefik.http.routers.unichain-mainnet-op-reth-pruned-trace-node.middlewares=unichain-mainnet-op-reth-pruned-trace-node-stripprefix, ipallowlist
volumes:
unichain-mainnet-op-reth-pruned-trace:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: unichain
method-groups:
enabled:
- debug
- filter
- trace
methods:
disabled:
- name: eth_maxPriorityFeePerGas
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...