StakeSquid/ethereum-rpc-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: StakeSquid:issue-502
Branches Tags
StakeSquid:main StakeSquid:issue-502 StakeSquid:issue-136 StakeSquid:issue-63 StakeSquid:vibe StakeSquid:jules_wip_13535632906362438955 StakeSquid:blast-ethereum-archive-proxy StakeSquid:eth_proxy StakeSquid:erigon-polygon StakeSquid:harmony-validator StakeSquid:bsc StakeSquid:deprecated-main
..
compare: StakeSquid:vibe
Branches Tags
StakeSquid:issue-502 StakeSquid:main StakeSquid:issue-136 StakeSquid:issue-63 StakeSquid:vibe StakeSquid:jules_wip_13535632906362438955 StakeSquid:blast-ethereum-archive-proxy StakeSquid:eth_proxy StakeSquid:erigon-polygon StakeSquid:harmony-validator StakeSquid:bsc StakeSquid:deprecated-main

1 Commits
issue-502 ... vibe

Author SHA1 Message Date
rob
5f85d6b5a4 fix(zircuit): update Garfield configs for Sepolia L1 
- Use --networkid=48898 instead of --network=garfield
- Change L1 endpoints from HOLESKY to SEPOLIA
- Set OP_NODE_NETWORK=testnet

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-17 02:54:41 +00:00
583 changed files with 4778 additions and 51727 deletions
Expand all files Collapse all files

729
CURSOR.md
View File

@@ -1,729 +0,0 @@
# VIBE.md — ethereum-rpc-docker Operations & Debugging Guide
You are an LLM agent or operator **running or debugging blockchain RPC nodes** from this
repository. This file is your **primary reference** for all operational tasks.
This repo contains Docker Compose configurations for blockchain RPC nodes plus operational
scripts for managing them. Everything you need to run, monitor, debug, and fix nodes is here.
---
## 0. WHEN A NODE IS FAULTY — Start Here
### Immediate Triage (30 seconds)
```bash
# 1. Is the container running?
./show-running.sh
# 2. Check overall status of all configured nodes
./show-status.sh
# 3. If you know the config name, check its specific status
./sync-status.sh <config-name>
# 4. Check logs for the faulty node
./logs.sh <config-name>
```
**If the container isn't running**, go to [§3. Container Lifecycle Issues](#3-container-lifecycle-issues)
**If the container is running but not synced**, go to [§4. Sync Issues](#4-sync-issues)
**If the container is running and synced but RPC fails**, go to [§5. RPC/Connectivity Issues](#5-rpcconnectivity-issues)
**If you see errors in logs but aren't sure what they mean**, go to [§6. Log Interpretation](#6-log-interpretation)
---
## 1. Repository Overview
### What This Repo Contains
```
rpc/
├── *.yml # Docker Compose files for node configurations
├── *.sh # Operational scripts (YOUR PRIMARY TOOLS)
├── scripts/ # Additional helper scripts (CometBFT support)
├── <network>/ # Network directories (e.g., ethereum/, op/, arb/)
│ ├── *.yml # Compose files for specific chains
│ └── <chain>/ # Chain-specific assets
│ ├── genesis.json # Custom genesis files
│ ├── rollup.json # Rollup configurations (OP Stack)
│ └── *.Dockerfile # Custom build files
├── README.md # User documentation
└── VIBE.md # THIS FILE — operations guide
```
### Key Concepts
- **Config name**: The compose filename WITHOUT `.yml` (e.g., `ethereum-mainnet-geth-pruned`)
- **Service name**: Derived from config name, used in `docker compose` commands
- **Short name**: Used in URL paths, container labels. Format: `{network}-{chain}[-{client}][-{db_type}]`
- **Volume names**: Docker volumes follow the full config name pattern
### Supported Networks
**Layer 1**: Ethereum, Polygon, BSC, Avalanche, Gnosis, Fantom, Core, Berachain, Ronin, Viction, Fuse, Tron, ThunderCore, Goat, AlephZero, Haqq, Taiko, Rootstock, Dogecoin, Litecoin, Bitcoin, Bitcoin-Cash, Ripple, Solana, Tron
**Layer 2 (OP Stack)**: Optimism, Base, Zora, Mode, Blast, Fraxtal, Bob, Boba, Worldchain, Metal, Ink, Lisk, SNAX, Celo
**Layer 2 (Arbitrum)**: Arbitrum One, Arbitrum Nova, Everclear, Playblock, Real, Connext, OpenCampusCodex
**Other L2s**: Linea, Scroll, zkSync Era, Metis, Moonbeam, Starknet, zkEVM, Immutable zkEVM, Polygon zkEVM
---
## 2. Essential Scripts Reference
### Status & Monitoring Scripts
| Script | Usage | What It Does |
|---|---|---|
| `show-status.sh` | `[config-name]` | Lists ALL configured nodes with sync status, block height, health |
| `show-running.sh` | | Lists currently running containers |
| `sync-status.sh` | `<config-name>` | Detailed sync status for one config |
| `latest.sh` | `<config-name>` | Latest block number + hash |
| `logs.sh` | `<config-name>` | Tail logs from all containers in a config |
| `show-db-size.sh` | | Disk usage of ALL Docker volumes, sorted by size |
| `show-ram.sh` | `<config-name>` | Memory usage of containers |
| `show-cpu.sh` | | CPU usage display |
| `peer-count.sh` | | P2P peer count for all running nodes |
| `time-since-last-block.sh` | `<config-name>` | How long since last block was processed |
| `ping.sh` | `<container-name>` | Test network connectivity from container |
| `show-errors.sh` | | Show error counts/logs across containers |
| `show-size.sh` | | Show size of containers/volumes |
| `show-file-size.sh` | | Show static file sizes |
| `show-static-file-size.sh` | | Show static file sizes (alternative) |
### Lifecycle Management Scripts
| Script | Usage | What It Does |
|---|---|---|
| `start.sh` | `<config-name>` | Start all containers for a config |
| `stop.sh` | `<config-name>` | Stop all containers for a config |
| `force-recreate.sh` | `<config-name>` | Force recreate containers (keeps volumes) |
| `rm.sh` | `<config-name>` | Remove containers (keeps volumes) |
| `delete-volumes.sh` | `<config-name>` | **DESTRUCTIVE** - Remove containers AND volumes |
| `delete-node-keys.sh` | `<config-name>` | Remove node keys (for re-initialization) |
### Backup & Restore Scripts
| Script | Usage | What It Does |
|---|---|---|
| `backup-node.sh` | `<config-name> [url]` | Backup volumes locally or to WebDAV |
| `restore-volumes.sh` | `<config-name> [url]` | Restore volumes from local or HTTP |
| `clone-node.sh` | `<config-name>` | Clone a node's state |
| `clone-backup.sh` | | Clone backup files |
| `clone-peers.sh` | | Clone peer information |
| `restore-peers.sh` | | Restore peer connections |
| `list-backups.sh` | | List available backup files |
| `list-peer-backups.sh` | | List peer backup files |
| `list-restorable.sh` | | List restorable configurations |
| `cleanup-backups.sh` | | Remove old backups |
| `cleanup-volumes.sh` | | Clean up unused volumes |
### Network & Connectivity Scripts
| Script | Usage | What It Does |
|---|---|---|
| `upstreams.sh` | | Generate dshackle upstream configuration |
| `connect-peers.sh` | | Connect to peer nodes |
| `search-node.sh` | `<query>` | Search compose files for patterns |
| `search-compose.sh` | `<query>` | Search compose files |
| `network-to-config.sh` | | Map network names to config files |
| `reload_dshackle.sh` | | Reload dshackle configuration |
| `update-whitelist.sh` | | Update IP whitelist |
| `update-ip.sh` | | Update IP configuration |
### Specialized Scripts
| Script | Usage | What It Does |
|---|---|---|
| `op-wheel.sh` | | OP rollup maintenance (rewind, set forkchoice) |
| `op-wheel-finalize-latest-block.sh` | `<client_svc> [node_svc]` | Finalize latest block (nuclear option) |
| `catchup.sh` | `<config-name>` | Help node catch up to chain head |
| `success-if-almost-synced.sh` | `<config-name> <seconds>` | Exit 0 if node is almost synced |
| `groq.sh` | | Query using Groq |
| `trai.sh` | | Trace transaction |
| `multicurl.sh` | | Parallel curl requests |
| `blocknumber.sh` | | Get block number |
| `get-block.sh` | | Get block information |
| `get-local-url.sh` | | Get local RPC URL |
| `get-shortname.sh` | `<config-file>` | Get short name for a config |
| `disk-space.sh` | | Check disk space |
| `limit-bandwidth.sh` | | Limit bandwidth |
| `maintenance.sh` | | Maintenance helper |
| `random-port.sh` | | Generate random port |
| `reference-rpc-endpoint.sh` | | Reference RPC endpoint helper |
| `reset-terminal.sh` | | Reset terminal |
| `setup-bandwidth-limit-cron.sh` | | Setup cron for bandwidth limiting |
---
## 3. Container Lifecycle Issues
### Symptom: Container Won't Start
```bash
# Check why it failed
./logs.sh <config-name> 2>&1 | tail -50
# Check container exit code
docker ps -a --filter "name=<config-name>" --format "{{.Names}} | {{.State}} | {{.Status}}"
# Inspect the container
docker inspect <container-name> | jq '.[0].State'
```
**Common causes:**
- **Port conflict**: Two services trying to bind to same host port
- **Volume permission issues**: Docker can't write to volume
- **Missing environment variables**: `.env` file incomplete
- **Invalid compose syntax**: YAML parsing error
- **Image pull failure**: Network issue or private registry auth
**Fixes:**
```bash
# Check for port conflicts
grep -h "^[0-9]\{1,5\}:[0-9]" *.yml | sort | uniq -d
# Validate compose syntax
docker compose -f <config-file>.yml config
# Pull images manually
docker compose -f <config-file>.yml pull
# Start with --build if using custom Dockerfiles
docker compose -f <config-file>.yml up -d --build
```
### Symptom: Container Exits Immediately After Starting
```bash
# View the last 100 lines of logs before exit
./logs.sh <config-name> 2>&1 | tail -100
# Check exit code
docker ps -a --filter "name=<service>" --format "{{.Status}}"
# Run interactively to see error
docker compose -f <config-file>.yml run --rm <service-name> sh
```
**Common causes:**
- **Missing config files**: `/config/` mount empty or wrong path
- **Invalid flags**: Command-line arguments malformed
- **Database corruption**: Existing data incompatible with new version
- **Checkpoint/genesis mismatch**: Chain ID or genesis doesn't match
**Fixes:**
```bash
# Verify config directory exists (if using custom configs)
ls -la <network>/<chain>/
# Try with fresh volumes (DESTRUCTIVE)
./delete-volumes.sh <config-name>
./start.sh <config-name>
```
### Symptom: Container Restarts Repeatedly (Crash Loop)
```bash
# Watch logs in real-time
./logs.sh <config-name> -f
# Check restart count
docker inspect <container-name> | jq '.[0].RestartCount'
# Check last restart reason
docker inspect <container-name> | jq '.[0].State.ExitCode, .[0].State.Error'
```
**Common causes:**
- **OOM killed**: Memory limit exceeded
- **Out of disk space**: No space left on device
- **Segmentation fault**: Client bug or bad data
- **Panic**: Go client panic
**Fixes:**
```bash
# Check memory usage
./show-ram.sh <config-name>
# Check disk space
df -h /var/lib/docker
./show-db-size.sh
# Increase resources in compose file or .env
# Then force recreate
./force-recreate.sh <config-name>
```
---
## 4. Sync Issues
### Symptom: Node Not Syncing (Stuck at Block 0 or Low Block)
```bash
# Check sync status
./sync-status.sh <config-name>
# Check current block
./latest.sh <config-name>
# Check logs for sync errors
./logs.sh <config-name> | grep -i -E "sync|error|fail|warn|stuck|behind"
# Check peer count
./peer-count.sh | grep <config-name>
```
**Common causes:**
- **No peers**: P2P network connection failed
- **Wrong network**: Connected to wrong chain
- **Checkpoint too old**: Checkpoint URL unavailable or outdated
- **Snapshot download failed**: Snapshot server unreachable
**Fixes:**
```bash
# Check if checkpoint/snapshot is configured
grep -E "(checkpoint|snapshot)" <config-file>.yml
# Test checkpoint URL manually
curl -I $(grep checkpoint <config-file>.yml | grep -oE 'http[^ ]+')
# Check peer connections (geth example)
docker exec <client-container> admin_peers | jq '.[] | .network.remoteAddress' | wc -l
```
### Symptom: Sync is Very Slow
```bash
# Check sync speed over time
./latest.sh <config-name>; sleep 60; ./latest.sh <config-name>
# Check if node is processing blocks
./time-since-last-block.sh <config-name>
# Check CPU and memory
top -d 1 -p $(docker inspect <container> | jq -r '.[0].State.Pid')
```
**Common causes:**
- **Resource constrained**: CPU throttled, memory swapped
- **Disk I/O bottleneck**: Slow storage or contention
- **Network rate limited**: P2P or RPC rate limiting
- **Too many peers**: P2P overhead
- **Wrong sync mode**: Full sync instead of snap sync
### Symptom: Sync Stuck at Specific Block
```bash
# Check logs around the stuck block
./logs.sh <config-name> | grep -A 10 -B 10 "block <stuck-block-number>"
# Check if it's a known bad block
# Search online: <chain> bad block <number>
```
**Common causes:**
- **Bad block in chain**: Requires client patch or manual intervention
- **State trie inconsistency**: Database corruption
- **Fork choice issue**: Node on wrong fork
**Fixes for OP Stack:**
```bash
# Try to finalize past the block
./op-wheel-finalize-latest-block.sh <client-service>
```
### Symptom: Node on Wrong Fork / Chain
```bash
# Check chain ID
./latest.sh <config-name> | grep -i chain
# Check what chain the node thinks it's on
docker exec <client-container> ethdo chain --endpoint=http://localhost:8545
# Compare with expected chain ID
grep chainId <config-file>.yml
```
---
## 5. RPC/Connectivity Issues
### Symptom: RPC Endpoint Not Responding
```bash
# Test from host
curl -s http://localhost:<port> | head -c 100
# Check if traefik/proxy is running
docker ps | grep -E "(traefik|proxy|nginx)"
# Check traefik logs
docker logs <traefik-container> | tail -50
```
**Common causes:**
- **Container not running**: Client crashed
- **Port not exposed**: Wrong port mapping
- **Traefik misconfiguration**: Labels wrong or missing
- **Firewall blocking**: Host firewall or cloud security group
### Symptom: RPC Returns Wrong Chain ID
```bash
# Query chain ID from RPC
curl -s -X POST http://localhost:<port> \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}'
```
### Symptom: Cannot Connect to P2P Network
```bash
# Check peer count
./peer-count.sh | grep <config-name>
# Test P2P connectivity from container
docker exec <client-container> nc -zv <bootstrap-node> <p2p-port>
```
**Fixes:**
```bash
# Set public IP in .env
IP=$(curl -s ipinfo.io/ip)
echo "IP=$IP" >> .env
./force-recreate.sh <config-name>
```
---
## 6. Log Interpretation
### Common Log Patterns
#### Warnings (Node may still function)
| Pattern | Meaning | Action |
|---|---|---|
| `WARN.*sync.*slow` | Sync slower than expected | Check resources |
| `WARN.*peers.*low` | Fewer peers than desired | Check P2P connectivity |
| `WARN.*rate.*limit` | API rate limiting active | Normal for public endpoints |
#### Errors (Node is degraded)
| Pattern | Meaning | Action |
|---|---|---|
| `Error.*database.*corrupt` | Database corruption | Restore from backup or resync |
| `Error.*handshake.*fail` | P2P handshake failed | Check chain ID |
| `Error.*no.*peers` | Cannot connect to P2P | Check bootstrap nodes |
| `Error.*timeout` | RPC/HTTP timeout | Check network, increase timeout |
#### Fatal (Node will not function)
| Pattern | Meaning | Action |
|---|---|---|
| `Fatal.*panic` | Client crashed | Check client version |
| `Fatal.*OOM` | Out of memory | Increase memory limit |
| `Fatal.*disk.*full` | No disk space | Free space |
| `Fatal.*permission.*denied` | Filesystem permissions | Fix volume permissions |
---
## 7. Resource Issues
### High CPU Usage
```bash
./show-ram.sh <config-name>
./show-cpu.sh
docker stats <container-name> --no-stream
```
### High Memory Usage
```bash
./show-ram.sh <config-name>
docker stats <container-name> --no-stream --format "{{.Container}} | {{.MemUsage}} | {{.MemPerc}}"
```
### High Disk Usage
```bash
./show-db-size.sh
docker system df -v
```
### Disk I/O Bottleneck
```bash
iotop -o -d 1
```
---
## 8. Backup and Restore
### Creating a Backup
```bash
# Local backup (to /backup directory)
./backup-node.sh <config-name>
# Remote backup (to WebDAV)
./backup-node.sh <config-name> https://backup-server.tld/dav
```
### Restoring from Backup
```bash
# List available backups
./list-backups.sh
# Restore latest backup for config
./restore-volumes.sh <config-name>
# Restore from specific URL
./restore-volumes.sh <config-name> https://backup-server.tld/backup/
```
### Cloning a Node
```bash
# Clone a node to a new location
./clone-node.sh <config-name>
# Clone peers (for faster sync)
./clone-peers.sh <config-name>
```
### Nuclear Option: Full Reset
```bash
# WARNING: This deletes ALL data for the config
./stop.sh <config-name> && \
./rm.sh <config-name> && \
./delete-volumes.sh <config-name> && \
./delete-node-keys.sh <config-name> && \
./force-recreate.sh <config-name>
# Then check logs
./logs.sh <config-name>
```
---
## 9. Common Error Messages
### Database Errors
| Error | Cause | Solution |
|---|---|---|
| `database is corrupted` | Power loss, bug | Restore from backup or resync |
| `database version mismatch` | Client version changed | Delete and resync |
### P2P Errors
| Error | Cause | Solution |
|---|---|---|
| `no configured peers` | Missing bootstrap nodes | Add bootstrap nodes |
| `handshake failed` | Chain ID mismatch | Verify genesis.json |
### RPC Errors
| Error | Cause | Solution |
|---|---|---|
| `method not found` | Wrong client | Use correct client |
| `connection refused` | Port not open | Check container running, port mapping |
---
## 10. OP Stack Specific Debugging
### OP Node Issues
```bash
# Check op-node logs
./logs.sh <config-name> | grep -i "op-node\|rollup\|sequencer"
# Check rollup configuration (if custom)
cat op/<network>/ethereum/rollup.json | jq .
# Check if rollup.json is mounted
docker exec <op-node-container> cat /config/rollup.json | jq .
```
### OP Wheel (Manual Intervention)
```bash
# Rewind to specific block (DANGEROUS - only if you know what you're doing)
./op-wheel.sh engine set-forkchoice \
--unsafe=<block-hash> \
--safe=<block-hash> \
--finalized=<block-hash> \
--engine=http://<client-service>:8551/ \
--engine.open=http://<client-service>:8545 \
--engine.jwt-secret-path=/jwtsecret
# Nuclear option: finalize latest local block
./op-wheel-finalize-latest-block.sh <client-service> <node-service>
```
---
## 11. CometBFT Family (Cosmos, etc.) Specific
### Init Container Issues
```bash
# CometBFT chains use init.sh inside the container
# The master script is at scripts/cometbft-common.sh
# Check if init completed
./logs.sh <config-name> | grep -i "init\|setup\|complete"
# Check the init script
cat <network>/<chain>/scripts/init.sh
```
---
## 12. Quick Start Guide
### Starting a Node
```bash
# 1. Set up environment
echo "IP=$(curl -s ipinfo.io/ip)" > .env
echo "DOMAIN=${IP//./-}.traefik.me" >> .env
echo "MAIL=your-email@example.com" >> .env
# 2. Select which nodes to run
# Add compose files to COMPOSE_FILE (colon-separated)
echo "COMPOSE_FILE=base.yml:rpc.yml:ethereum-mainnet-geth-pruned.yml" >> .env
# 3. Start the node
docker compose up -d
# 4. Verify it's running
./show-status.sh
```
### Accessing Your Node
```bash
# Once running, access via:
# HTTP: http://<your-domain>/ethereum-mainnet-geth-pruned
# HTTPS: https://<your-domain>/ethereum-mainnet-geth-pruned
# WebSocket: wss://<your-domain>/ethereum-mainnet-geth-pruned
# Or locally (if NO_SSL=true):
# HTTP: http://localhost:<port>
```
---
## 13. Configuration Reference
### Environment Variables
**Required for most setups:**
```bash
IP=203.0.113.42 # Your public IP
DOMAIN=203-0-113-42.traefik.me # Your domain (traefik.me for testing)
MAIL=your-email@example.com # For Let's Encrypt SSL
WHITELIST=0.0.0.0/0 # IP whitelist (0.0.0.0/0 = all)
```
**Optional:**
```bash
NO_SSL=true # Disable SSL (testing only)
CHAINS_SUBNET=192.168.0.0/26 # Docker network subnet
```
**Chain-specific (examples):**
```bash
ETHEREUM_MAINNET_EXECUTION_RPC=https://fallback-rpc.example.com
ARBITRUM_SEPOLIA_EXECUTION_RPC=https://arb-sepolia-rpc.example.com
OP_NODE_NETWORK=mainnet
OP_NODE_L1_RPC_URL=https://l1-rpc.example.com
```
### Compose File Structure
Each compose file defines one or more services:
- **client**: Execution layer (Geth, Erigon, Reth, etc.)
- **node**: Consensus/derivation node (op-node, lighthouse, etc.)
- **relay**: DA relay (eigenda-proxy, op-alt, etc.)
- **proxy**: HTTP/WS proxy (nginx, etc.)
- **database**: External database (Postgres, etc.)
### Volume Naming
Volumes are named after the config:
```
<config-name>_<service>_data
<config-name>_<service>_config
```
Example: `ethereum-mainnet-geth-pruned_client_data`
---
## 14. Quick Debugging Checklist
Use this checklist when debugging an issue:
- [ ] **Is the container running?**`./show-running.sh`
- [ ] **Are there errors in logs?**`./logs.sh <config> | grep -i error`
- [ ] **Is the node synced?**`./sync-status.sh <config>`
- [ ] **Are peers connected?**`./peer-count.sh`
- [ ] **Are resources adequate?**`./show-ram.sh`, `./show-db-size.sh`
- [ ] **Is P2P working?** → Check peer count
- [ ] **Is RPC responding?** → Test with curl
- [ ] **Is disk space available?**`df -h /var/lib/docker`
- [ ] **Is the config file correct?**`docker compose -f <file>.yml config`
- [ ] **Are environment variables set?** → Check `.env`
- [ ] **Is the genesis file correct?** → Check chain ID
---
## 15. When to Escalate
Escalate to a human operator if:
- [ ] Node stuck for > 2 hours with no progress
- [ ] Repeated `Fatal` or `panic` errors after restart
- [ ] Database corruption confirmed
- [ ] Issue affects multiple nodes across different chains
- [ ] Need to force-push to this repo
---
## 16. File Locations Quick Reference
| What You Need | Where to Find It |
|---|---|
| Compose files | Root of this repo (`*.yml`) |
| Operational scripts | Root of this repo (`*.sh`) |
| Chain assets | `<network>/<chain>/` or `<stack>/<network>/<settlement>/` |
| Genesis files | `<stack>/<network>/<settlement>/genesis.json` |
| Rollup configs | `op/<network>/<settlement>/rollup.json` |
| Custom Dockerfiles | `<path>/*.Dockerfile` |
| Init scripts | `<path>/scripts/init.sh` |
| CometBFT common | `scripts/cometbft-common.sh` |
| Compose registry | `compose_registry.json` |
| RPC endpoints | `reference-rpc-endpoint.json` |
| Environment | `.env` |
---
## 17. Resource Requirements Reference
| Node Type | Disk | RAM | CPU |
|---|---|---|---|
| Ethereum pruned | ~500GB | 8GB | 2+ cores |
| Ethereum archive | ~2TB+ | 16GB+ | 4+ cores |
| Ethereum archive-trace | ~4TB+ | 32GB+ | 8+ cores |
| L2 pruned | ~100-500GB | 4-8GB | 2+ cores |
| L2 archive | ~1-2TB | 8-16GB | 4+ cores |
**Note:** Requirements vary by chain. Check specific chain documentation.
---
*This file is your complete operations and debugging reference. For additional user documentation, see README.md.*

960
README.md
View File

File diff suppressed because it is too large Load Diff

729
VIBE.md
View File

@@ -1,729 +0,0 @@
# VIBE.md — ethereum-rpc-docker Operations & Debugging Guide
You are an LLM agent or operator **running or debugging blockchain RPC nodes** from this
repository. This file is your **primary reference** for all operational tasks.
This repo contains Docker Compose configurations for blockchain RPC nodes plus operational
scripts for managing them. Everything you need to run, monitor, debug, and fix nodes is here.
---
## 0. WHEN A NODE IS FAULTY — Start Here
### Immediate Triage (30 seconds)
```bash
# 1. Is the container running?
./show-running.sh
# 2. Check overall status of all configured nodes
./show-status.sh
# 3. If you know the config name, check its specific status
./sync-status.sh <config-name>
# 4. Check logs for the faulty node
./logs.sh <config-name>
```
**If the container isn't running**, go to [§3. Container Lifecycle Issues](#3-container-lifecycle-issues)
**If the container is running but not synced**, go to [§4. Sync Issues](#4-sync-issues)
**If the container is running and synced but RPC fails**, go to [§5. RPC/Connectivity Issues](#5-rpcconnectivity-issues)
**If you see errors in logs but aren't sure what they mean**, go to [§6. Log Interpretation](#6-log-interpretation)
---
## 1. Repository Overview
### What This Repo Contains
```
rpc/
├── *.yml # Docker Compose files for node configurations
├── *.sh # Operational scripts (YOUR PRIMARY TOOLS)
├── scripts/ # Additional helper scripts (CometBFT support)
├── <network>/ # Network directories (e.g., ethereum/, op/, arb/)
│ ├── *.yml # Compose files for specific chains
│ └── <chain>/ # Chain-specific assets
│ ├── genesis.json # Custom genesis files
│ ├── rollup.json # Rollup configurations (OP Stack)
│ └── *.Dockerfile # Custom build files
├── README.md # User documentation
└── VIBE.md # THIS FILE — operations guide
```
### Key Concepts
- **Config name**: The compose filename WITHOUT `.yml` (e.g., `ethereum-mainnet-geth-pruned`)
- **Service name**: Derived from config name, used in `docker compose` commands
- **Short name**: Used in URL paths, container labels. Format: `{network}-{chain}[-{client}][-{db_type}]`
- **Volume names**: Docker volumes follow the full config name pattern
### Supported Networks
**Layer 1**: Ethereum, Polygon, BSC, Avalanche, Gnosis, Fantom, Core, Berachain, Ronin, Viction, Fuse, Tron, ThunderCore, Goat, AlephZero, Haqq, Taiko, Rootstock, Dogecoin, Litecoin, Bitcoin, Bitcoin-Cash, Ripple, Solana, Tron
**Layer 2 (OP Stack)**: Optimism, Base, Zora, Mode, Blast, Fraxtal, Bob, Boba, Worldchain, Metal, Ink, Lisk, SNAX, Celo
**Layer 2 (Arbitrum)**: Arbitrum One, Arbitrum Nova, Everclear, Playblock, Real, Connext, OpenCampusCodex
**Other L2s**: Linea, Scroll, zkSync Era, Metis, Moonbeam, Starknet, zkEVM, Immutable zkEVM, Polygon zkEVM
---
## 2. Essential Scripts Reference
### Status & Monitoring Scripts
| Script | Usage | What It Does |
|---|---|---|
| `show-status.sh` | `[config-name]` | Lists ALL configured nodes with sync status, block height, health |
| `show-running.sh` | | Lists currently running containers |
| `sync-status.sh` | `<config-name>` | Detailed sync status for one config |
| `latest.sh` | `<config-name>` | Latest block number + hash |
| `logs.sh` | `<config-name>` | Tail logs from all containers in a config |
| `show-db-size.sh` | | Disk usage of ALL Docker volumes, sorted by size |
| `show-ram.sh` | `<config-name>` | Memory usage of containers |
| `show-cpu.sh` | | CPU usage display |
| `peer-count.sh` | | P2P peer count for all running nodes |
| `time-since-last-block.sh` | `<config-name>` | How long since last block was processed |
| `ping.sh` | `<container-name>` | Test network connectivity from container |
| `show-errors.sh` | | Show error counts/logs across containers |
| `show-size.sh` | | Show size of containers/volumes |
| `show-file-size.sh` | | Show static file sizes |
| `show-static-file-size.sh` | | Show static file sizes (alternative) |
### Lifecycle Management Scripts
| Script | Usage | What It Does |
|---|---|---|
| `start.sh` | `<config-name>` | Start all containers for a config |
| `stop.sh` | `<config-name>` | Stop all containers for a config |
| `force-recreate.sh` | `<config-name>` | Force recreate containers (keeps volumes) |
| `rm.sh` | `<config-name>` | Remove containers (keeps volumes) |
| `delete-volumes.sh` | `<config-name>` | **DESTRUCTIVE** - Remove containers AND volumes |
| `delete-node-keys.sh` | `<config-name>` | Remove node keys (for re-initialization) |
### Backup & Restore Scripts
| Script | Usage | What It Does |
|---|---|---|
| `backup-node.sh` | `<config-name> [url]` | Backup volumes locally or to WebDAV |
| `restore-volumes.sh` | `<config-name> [url]` | Restore volumes from local or HTTP |
| `clone-node.sh` | `<config-name>` | Clone a node's state |
| `clone-backup.sh` | | Clone backup files |
| `clone-peers.sh` | | Clone peer information |
| `restore-peers.sh` | | Restore peer connections |
| `list-backups.sh` | | List available backup files |
| `list-peer-backups.sh` | | List peer backup files |
| `list-restorable.sh` | | List restorable configurations |
| `cleanup-backups.sh` | | Remove old backups |
| `cleanup-volumes.sh` | | Clean up unused volumes |
### Network & Connectivity Scripts
| Script | Usage | What It Does |
|---|---|---|
| `upstreams.sh` | | Generate dshackle upstream configuration |
| `connect-peers.sh` | | Connect to peer nodes |
| `search-node.sh` | `<query>` | Search compose files for patterns |
| `search-compose.sh` | `<query>` | Search compose files |
| `network-to-config.sh` | | Map network names to config files |
| `reload_dshackle.sh` | | Reload dshackle configuration |
| `update-whitelist.sh` | | Update IP whitelist |
| `update-ip.sh` | | Update IP configuration |
### Specialized Scripts
| Script | Usage | What It Does |
|---|---|---|
| `op-wheel.sh` | | OP rollup maintenance (rewind, set forkchoice) |
| `op-wheel-finalize-latest-block.sh` | `<client_svc> [node_svc]` | Finalize latest block (nuclear option) |
| `catchup.sh` | `<config-name>` | Help node catch up to chain head |
| `success-if-almost-synced.sh` | `<config-name> <seconds>` | Exit 0 if node is almost synced |
| `groq.sh` | | Query using Groq |
| `trai.sh` | | Trace transaction |
| `multicurl.sh` | | Parallel curl requests |
| `blocknumber.sh` | | Get block number |
| `get-block.sh` | | Get block information |
| `get-local-url.sh` | | Get local RPC URL |
| `get-shortname.sh` | `<config-file>` | Get short name for a config |
| `disk-space.sh` | | Check disk space |
| `limit-bandwidth.sh` | | Limit bandwidth |
| `maintenance.sh` | | Maintenance helper |
| `random-port.sh` | | Generate random port |
| `reference-rpc-endpoint.sh` | | Reference RPC endpoint helper |
| `reset-terminal.sh` | | Reset terminal |
| `setup-bandwidth-limit-cron.sh` | | Setup cron for bandwidth limiting |
---
## 3. Container Lifecycle Issues
### Symptom: Container Won't Start
```bash
# Check why it failed
./logs.sh <config-name> 2>&1 | tail -50
# Check container exit code
docker ps -a --filter "name=<config-name>" --format "{{.Names}} | {{.State}} | {{.Status}}"
# Inspect the container
docker inspect <container-name> | jq '.[0].State'
```
**Common causes:**
- **Port conflict**: Two services trying to bind to same host port
- **Volume permission issues**: Docker can't write to volume
- **Missing environment variables**: `.env` file incomplete
- **Invalid compose syntax**: YAML parsing error
- **Image pull failure**: Network issue or private registry auth
**Fixes:**
```bash
# Check for port conflicts
grep -h "^[0-9]\{1,5\}:[0-9]" *.yml | sort | uniq -d
# Validate compose syntax
docker compose -f <config-file>.yml config
# Pull images manually
docker compose -f <config-file>.yml pull
# Start with --build if using custom Dockerfiles
docker compose -f <config-file>.yml up -d --build
```
### Symptom: Container Exits Immediately After Starting
```bash
# View the last 100 lines of logs before exit
./logs.sh <config-name> 2>&1 | tail -100
# Check exit code
docker ps -a --filter "name=<service>" --format "{{.Status}}"
# Run interactively to see error
docker compose -f <config-file>.yml run --rm <service-name> sh
```
**Common causes:**
- **Missing config files**: `/config/` mount empty or wrong path
- **Invalid flags**: Command-line arguments malformed
- **Database corruption**: Existing data incompatible with new version
- **Checkpoint/genesis mismatch**: Chain ID or genesis doesn't match
**Fixes:**
```bash
# Verify config directory exists (if using custom configs)
ls -la <network>/<chain>/
# Try with fresh volumes (DESTRUCTIVE)
./delete-volumes.sh <config-name>
./start.sh <config-name>
```
### Symptom: Container Restarts Repeatedly (Crash Loop)
```bash
# Watch logs in real-time
./logs.sh <config-name> -f
# Check restart count
docker inspect <container-name> | jq '.[0].RestartCount'
# Check last restart reason
docker inspect <container-name> | jq '.[0].State.ExitCode, .[0].State.Error'
```
**Common causes:**
- **OOM killed**: Memory limit exceeded
- **Out of disk space**: No space left on device
- **Segmentation fault**: Client bug or bad data
- **Panic**: Go client panic
**Fixes:**
```bash
# Check memory usage
./show-ram.sh <config-name>
# Check disk space
df -h /var/lib/docker
./show-db-size.sh
# Increase resources in compose file or .env
# Then force recreate
./force-recreate.sh <config-name>
```
---
## 4. Sync Issues
### Symptom: Node Not Syncing (Stuck at Block 0 or Low Block)
```bash
# Check sync status
./sync-status.sh <config-name>
# Check current block
./latest.sh <config-name>
# Check logs for sync errors
./logs.sh <config-name> | grep -i -E "sync|error|fail|warn|stuck|behind"
# Check peer count
./peer-count.sh | grep <config-name>
```
**Common causes:**
- **No peers**: P2P network connection failed
- **Wrong network**: Connected to wrong chain
- **Checkpoint too old**: Checkpoint URL unavailable or outdated
- **Snapshot download failed**: Snapshot server unreachable
**Fixes:**
```bash
# Check if checkpoint/snapshot is configured
grep -E "(checkpoint|snapshot)" <config-file>.yml
# Test checkpoint URL manually
curl -I $(grep checkpoint <config-file>.yml | grep -oE 'http[^ ]+')
# Check peer connections (geth example)
docker exec <client-container> admin_peers | jq '.[] | .network.remoteAddress' | wc -l
```
### Symptom: Sync is Very Slow
```bash
# Check sync speed over time
./latest.sh <config-name>; sleep 60; ./latest.sh <config-name>
# Check if node is processing blocks
./time-since-last-block.sh <config-name>
# Check CPU and memory
top -d 1 -p $(docker inspect <container> | jq -r '.[0].State.Pid')
```
**Common causes:**
- **Resource constrained**: CPU throttled, memory swapped
- **Disk I/O bottleneck**: Slow storage or contention
- **Network rate limited**: P2P or RPC rate limiting
- **Too many peers**: P2P overhead
- **Wrong sync mode**: Full sync instead of snap sync
### Symptom: Sync Stuck at Specific Block
```bash
# Check logs around the stuck block
./logs.sh <config-name> | grep -A 10 -B 10 "block <stuck-block-number>"
# Check if it's a known bad block
# Search online: <chain> bad block <number>
```
**Common causes:**
- **Bad block in chain**: Requires client patch or manual intervention
- **State trie inconsistency**: Database corruption
- **Fork choice issue**: Node on wrong fork
**Fixes for OP Stack:**
```bash
# Try to finalize past the block
./op-wheel-finalize-latest-block.sh <client-service>
```
### Symptom: Node on Wrong Fork / Chain
```bash
# Check chain ID
./latest.sh <config-name> | grep -i chain
# Check what chain the node thinks it's on
docker exec <client-container> ethdo chain --endpoint=http://localhost:8545
# Compare with expected chain ID
grep chainId <config-file>.yml
```
---
## 5. RPC/Connectivity Issues
### Symptom: RPC Endpoint Not Responding
```bash
# Test from host
curl -s http://localhost:<port> | head -c 100
# Check if traefik/proxy is running
docker ps | grep -E "(traefik|proxy|nginx)"
# Check traefik logs
docker logs <traefik-container> | tail -50
```
**Common causes:**
- **Container not running**: Client crashed
- **Port not exposed**: Wrong port mapping
- **Traefik misconfiguration**: Labels wrong or missing
- **Firewall blocking**: Host firewall or cloud security group
### Symptom: RPC Returns Wrong Chain ID
```bash
# Query chain ID from RPC
curl -s -X POST http://localhost:<port> \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}'
```
### Symptom: Cannot Connect to P2P Network
```bash
# Check peer count
./peer-count.sh | grep <config-name>
# Test P2P connectivity from container
docker exec <client-container> nc -zv <bootstrap-node> <p2p-port>
```
**Fixes:**
```bash
# Set public IP in .env
IP=$(curl -s ipinfo.io/ip)
echo "IP=$IP" >> .env
./force-recreate.sh <config-name>
```
---
## 6. Log Interpretation
### Common Log Patterns
#### Warnings (Node may still function)
| Pattern | Meaning | Action |
|---|---|---|
| `WARN.*sync.*slow` | Sync slower than expected | Check resources |
| `WARN.*peers.*low` | Fewer peers than desired | Check P2P connectivity |
| `WARN.*rate.*limit` | API rate limiting active | Normal for public endpoints |
#### Errors (Node is degraded)
| Pattern | Meaning | Action |
|---|---|---|
| `Error.*database.*corrupt` | Database corruption | Restore from backup or resync |
| `Error.*handshake.*fail` | P2P handshake failed | Check chain ID |
| `Error.*no.*peers` | Cannot connect to P2P | Check bootstrap nodes |
| `Error.*timeout` | RPC/HTTP timeout | Check network, increase timeout |
#### Fatal (Node will not function)
| Pattern | Meaning | Action |
|---|---|---|
| `Fatal.*panic` | Client crashed | Check client version |
| `Fatal.*OOM` | Out of memory | Increase memory limit |
| `Fatal.*disk.*full` | No disk space | Free space |
| `Fatal.*permission.*denied` | Filesystem permissions | Fix volume permissions |
---
## 7. Resource Issues
### High CPU Usage
```bash
./show-ram.sh <config-name>
./show-cpu.sh
docker stats <container-name> --no-stream
```
### High Memory Usage
```bash
./show-ram.sh <config-name>
docker stats <container-name> --no-stream --format "{{.Container}} | {{.MemUsage}} | {{.MemPerc}}"
```
### High Disk Usage
```bash
./show-db-size.sh
docker system df -v
```
### Disk I/O Bottleneck
```bash
iotop -o -d 1
```
---
## 8. Backup and Restore
### Creating a Backup
```bash
# Local backup (to /backup directory)
./backup-node.sh <config-name>
# Remote backup (to WebDAV)
./backup-node.sh <config-name> https://backup-server.tld/dav
```
### Restoring from Backup
```bash
# List available backups
./list-backups.sh
# Restore latest backup for config
./restore-volumes.sh <config-name>
# Restore from specific URL
./restore-volumes.sh <config-name> https://backup-server.tld/backup/
```
### Cloning a Node
```bash
# Clone a node to a new location
./clone-node.sh <config-name>
# Clone peers (for faster sync)
./clone-peers.sh <config-name>
```
### Nuclear Option: Full Reset
```bash
# WARNING: This deletes ALL data for the config
./stop.sh <config-name> && \
./rm.sh <config-name> && \
./delete-volumes.sh <config-name> && \
./delete-node-keys.sh <config-name> && \
./force-recreate.sh <config-name>
# Then check logs
./logs.sh <config-name>
```
---
## 9. Common Error Messages
### Database Errors
| Error | Cause | Solution |
|---|---|---|
| `database is corrupted` | Power loss, bug | Restore from backup or resync |
| `database version mismatch` | Client version changed | Delete and resync |
### P2P Errors
| Error | Cause | Solution |
|---|---|---|
| `no configured peers` | Missing bootstrap nodes | Add bootstrap nodes |
| `handshake failed` | Chain ID mismatch | Verify genesis.json |
### RPC Errors
| Error | Cause | Solution |
|---|---|---|
| `method not found` | Wrong client | Use correct client |
| `connection refused` | Port not open | Check container running, port mapping |
---
## 10. OP Stack Specific Debugging
### OP Node Issues
```bash
# Check op-node logs
./logs.sh <config-name> | grep -i "op-node\|rollup\|sequencer"
# Check rollup configuration (if custom)
cat op/<network>/ethereum/rollup.json | jq .
# Check if rollup.json is mounted
docker exec <op-node-container> cat /config/rollup.json | jq .
```
### OP Wheel (Manual Intervention)
```bash
# Rewind to specific block (DANGEROUS - only if you know what you're doing)
./op-wheel.sh engine set-forkchoice \
--unsafe=<block-hash> \
--safe=<block-hash> \
--finalized=<block-hash> \
--engine=http://<client-service>:8551/ \
--engine.open=http://<client-service>:8545 \
--engine.jwt-secret-path=/jwtsecret
# Nuclear option: finalize latest local block
./op-wheel-finalize-latest-block.sh <client-service> <node-service>
```
---
## 11. CometBFT Family (Cosmos, etc.) Specific
### Init Container Issues
```bash
# CometBFT chains use init.sh inside the container
# The master script is at scripts/cometbft-common.sh
# Check if init completed
./logs.sh <config-name> | grep -i "init\|setup\|complete"
# Check the init script
cat <network>/<chain>/scripts/init.sh
```
---
## 12. Quick Start Guide
### Starting a Node
```bash
# 1. Set up environment
echo "IP=$(curl -s ipinfo.io/ip)" > .env
echo "DOMAIN=${IP//./-}.traefik.me" >> .env
echo "MAIL=your-email@example.com" >> .env
# 2. Select which nodes to run
# Add compose files to COMPOSE_FILE (colon-separated)
echo "COMPOSE_FILE=base.yml:rpc.yml:ethereum-mainnet-geth-pruned.yml" >> .env
# 3. Start the node
docker compose up -d
# 4. Verify it's running
./show-status.sh
```
### Accessing Your Node
```bash
# Once running, access via:
# HTTP: http://<your-domain>/ethereum-mainnet-geth-pruned
# HTTPS: https://<your-domain>/ethereum-mainnet-geth-pruned
# WebSocket: wss://<your-domain>/ethereum-mainnet-geth-pruned
# Or locally (if NO_SSL=true):
# HTTP: http://localhost:<port>
```
---
## 13. Configuration Reference
### Environment Variables
**Required for most setups:**
```bash
IP=203.0.113.42 # Your public IP
DOMAIN=203-0-113-42.traefik.me # Your domain (traefik.me for testing)
MAIL=your-email@example.com # For Let's Encrypt SSL
WHITELIST=0.0.0.0/0 # IP whitelist (0.0.0.0/0 = all)
```
**Optional:**
```bash
NO_SSL=true # Disable SSL (testing only)
CHAINS_SUBNET=192.168.0.0/26 # Docker network subnet
```
**Chain-specific (examples):**
```bash
ETHEREUM_MAINNET_EXECUTION_RPC=https://fallback-rpc.example.com
ARBITRUM_SEPOLIA_EXECUTION_RPC=https://arb-sepolia-rpc.example.com
OP_NODE_NETWORK=mainnet
OP_NODE_L1_RPC_URL=https://l1-rpc.example.com
```
### Compose File Structure
Each compose file defines one or more services:
- **client**: Execution layer (Geth, Erigon, Reth, etc.)
- **node**: Consensus/derivation node (op-node, lighthouse, etc.)
- **relay**: DA relay (eigenda-proxy, op-alt, etc.)
- **proxy**: HTTP/WS proxy (nginx, etc.)
- **database**: External database (Postgres, etc.)
### Volume Naming
Volumes are named after the config:
```
<config-name>_<service>_data
<config-name>_<service>_config
```
Example: `ethereum-mainnet-geth-pruned_client_data`
---
## 14. Quick Debugging Checklist
Use this checklist when debugging an issue:
- [ ] **Is the container running?**`./show-running.sh`
- [ ] **Are there errors in logs?**`./logs.sh <config> | grep -i error`
- [ ] **Is the node synced?**`./sync-status.sh <config>`
- [ ] **Are peers connected?**`./peer-count.sh`
- [ ] **Are resources adequate?**`./show-ram.sh`, `./show-db-size.sh`
- [ ] **Is P2P working?** → Check peer count
- [ ] **Is RPC responding?** → Test with curl
- [ ] **Is disk space available?**`df -h /var/lib/docker`
- [ ] **Is the config file correct?**`docker compose -f <file>.yml config`
- [ ] **Are environment variables set?** → Check `.env`
- [ ] **Is the genesis file correct?** → Check chain ID
---
## 15. When to Escalate
Escalate to a human operator if:
- [ ] Node stuck for > 2 hours with no progress
- [ ] Repeated `Fatal` or `panic` errors after restart
- [ ] Database corruption confirmed
- [ ] Issue affects multiple nodes across different chains
- [ ] Need to force-push to this repo
---
## 16. File Locations Quick Reference
| What You Need | Where to Find It |
|---|---|
| Compose files | Root of this repo (`*.yml`) |
| Operational scripts | Root of this repo (`*.sh`) |
| Chain assets | `<network>/<chain>/` or `<stack>/<network>/<settlement>/` |
| Genesis files | `<stack>/<network>/<settlement>/genesis.json` |
| Rollup configs | `op/<network>/<settlement>/rollup.json` |
| Custom Dockerfiles | `<path>/*.Dockerfile` |
| Init scripts | `<path>/scripts/init.sh` |
| CometBFT common | `scripts/cometbft-common.sh` |
| Compose registry | `compose_registry.json` |
| RPC endpoints | `reference-rpc-endpoint.json` |
| Environment | `.env` |
---
## 17. Resource Requirements Reference
| Node Type | Disk | RAM | CPU |
|---|---|---|---|
| Ethereum pruned | ~500GB | 8GB | 2+ cores |
| Ethereum archive | ~2TB+ | 16GB+ | 4+ cores |
| Ethereum archive-trace | ~4TB+ | 32GB+ | 8+ cores |
| L2 pruned | ~100-500GB | 4-8GB | 2+ cores |
| L2 archive | ~1-2TB | 8-16GB | 4+ cores |
**Note:** Requirements vary by chain. Check specific chain documentation.
---
*This file is your complete operations and debugging reference. For additional user documentation, see README.md.*

6
abstract/external-node/abstract-mainnet-external-node-archive.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
abstract-mainnet-archive:
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_MAINNET_EXTERNAL_NODE_VERSION:-v31.0.0}
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_MAINNET_EXTERNAL_NODE_VERSION:-v29.7.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -98,8 +98,8 @@ services:
- traefik.http.routers.abstract-mainnet-external-node-archive.service=abstract-mainnet-external-node-archive
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-archive-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-archive-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-archive-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-mainnet-archive`) || Path(`/abstract-mainnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-mainnet-external-node-archive-ws.rule=(Path(`/abstract-mainnet-archive`) || Path(`/abstract-mainnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-archive-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-mainnet-archive`) || Path(`/abstract-mainnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-mainnet-external-node-archive-ws.rule=(Path(`/abstract-mainnet-archive`) || Path(`/abstract-mainnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.abstract-mainnet-external-node-archive-ws.middlewares=abstract-mainnet-external-node-archive-stripprefix, ipallowlist
abstract-mainnet-archive-db:

6
abstract/external-node/abstract-mainnet-external-node-pruned.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
abstract-mainnet:
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_MAINNET_EXTERNAL_NODE_VERSION:-v31.0.0}
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_MAINNET_EXTERNAL_NODE_VERSION:-v29.7.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -98,8 +98,8 @@ services:
- traefik.http.routers.abstract-mainnet-external-node-pruned.service=abstract-mainnet-external-node-pruned
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-pruned-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-pruned-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-pruned-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-mainnet`) || Path(`/abstract-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-mainnet-external-node-pruned-ws.rule=(Path(`/abstract-mainnet`) || Path(`/abstract-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.abstract-mainnet-external-node-pruned-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-mainnet`) || Path(`/abstract-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-mainnet-external-node-pruned-ws.rule=(Path(`/abstract-mainnet`) || Path(`/abstract-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.abstract-mainnet-external-node-pruned-ws.middlewares=abstract-mainnet-external-node-pruned-stripprefix, ipallowlist
abstract-mainnet-db:

6
abstract/external-node/abstract-testnet-external-node-archive.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
abstract-testnet-archive:
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_TESTNET_EXTERNAL_NODE_VERSION:-v31.0.0}
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_TESTNET_EXTERNAL_NODE_VERSION:-v29.7.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -98,8 +98,8 @@ services:
- traefik.http.routers.abstract-testnet-external-node-archive.service=abstract-testnet-external-node-archive
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-archive-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-archive-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-archive-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-testnet-archive`) || Path(`/abstract-testnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-testnet-external-node-archive-ws.rule=(Path(`/abstract-testnet-archive`) || Path(`/abstract-testnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-archive-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-testnet-archive`) || Path(`/abstract-testnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-testnet-external-node-archive-ws.rule=(Path(`/abstract-testnet-archive`) || Path(`/abstract-testnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.abstract-testnet-external-node-archive-ws.middlewares=abstract-testnet-external-node-archive-stripprefix, ipallowlist
abstract-testnet-archive-db:

6
abstract/external-node/abstract-testnet-external-node-pruned.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
abstract-testnet:
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_TESTNET_EXTERNAL_NODE_VERSION:-v31.0.0}
image: ${ABSTRACT_EXTERNAL_NODE_IMAGE:-matterlabs/external-node}:${ABSTRACT_TESTNET_EXTERNAL_NODE_VERSION:-v29.7.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -98,8 +98,8 @@ services:
- traefik.http.routers.abstract-testnet-external-node-pruned.service=abstract-testnet-external-node-pruned
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-pruned-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-pruned-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-pruned-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-testnet`) || Path(`/abstract-testnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-testnet-external-node-pruned-ws.rule=(Path(`/abstract-testnet`) || Path(`/abstract-testnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.abstract-testnet-external-node-pruned-ws.rule=Host(`$DOMAIN`) && (Path(`/abstract-testnet`) || Path(`/abstract-testnet/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.abstract-testnet-external-node-pruned-ws.rule=(Path(`/abstract-testnet`) || Path(`/abstract-testnet/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.abstract-testnet-external-node-pruned-ws.middlewares=abstract-testnet-external-node-pruned-stripprefix, ipallowlist
abstract-testnet-db:

5
arb/apechain/arbitrum-one/baseConfig.json
View File

@@ -1,5 +0,0 @@
{
"chain": {
"info-json": "[{\"chain-id\": 33139, \"parent-chain-id\": 42161, \"chain-name\": \"apechain\", \"chain-config\": {\"chainId\": 33139, \"homesteadBlock\": 0, \"daoForkBlock\": null, \"daoForkSupport\": true, \"eip150Block\": 0, \"eip150Hash\": \"0x0000000000000000000000000000000000000000000000000000000000000000\", \"eip155Block\": 0, \"eip158Block\": 0, \"byzantiumBlock\": 0, \"constantinopleBlock\": 0, \"petersburgBlock\": 0, \"istanbulBlock\": 0, \"muirGlacierBlock\": 0, \"berlinBlock\": 0, \"londonBlock\": 0, \"clique\": {\"period\": 0, \"epoch\": 0}, \"arbitrum\": {\"EnableArbOS\": true, \"AllowDebugPrecompiles\": false, \"DataAvailabilityCommittee\": false, \"InitialArbOSVersion\": 31, \"EigenDA\": false, \"InitialChainOwner\": \"0x5737cdbb3a67001441c0da8b86e6b1826705601c\", \"GenesisBlockNum\": 0}}, \"rollup\": {\"bridge\": \"0x6B71AFb4b7725227ab944c96FE018AB9dc0434b8\", \"inbox\": \"0x1B98e4ED82Ee1a91A65a38C690e2266364064D15\", \"sequencer-inbox\": \"0xE6a92Ae29E24C343eE66A2B3D3ECB783d65E4a3C\", \"rollup\": \"0x374de579AE15aD59eD0519aeAf1A23F348Df259c\", \"validator-utils\": \"0xaB36aec5517C346D21b9C19429BAA5aa87D17fCa\", \"validator-wallet-creator\": \"0x5a6C98F6A60BDC02cE4d8AD43b4Fc88Fe5b38856\", \"deployed-at\": 247653199}, \"parent-chain-is-arbitrum\": true}]"
}
}

5
arb/nitro/alephzero-mainnet-nitro-archive-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
alephzero-mainnet-archive:
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.alephzero.raas.gelato.cloud
- --node.data-availability.sequencer-inbox-address=0x1411949971076304187394088912578077660717096867958
- --node.feed.input.url=wss://feed.alephzero.raas.gelato.cloud
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/alephzero-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
alephzero-mainnet:
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.alephzero.raas.gelato.cloud
- --node.data-availability.sequencer-inbox-address=0x1411949971076304187394088912578077660717096867958
- --node.feed.input.url=wss://feed.alephzero.raas.gelato.cloud
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/alephzero-sepolia-nitro-archive-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
alephzero-sepolia-archive:
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.alephzero-testnet.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x130937498521962644184395825246273622310592356541
- --node.feed.input.url=wss://feed.alephzero-testnet.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/alephzero-sepolia-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
alephzero-sepolia:
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ALEPHZERO_NITRO_IMAGE:-offchainlabs/nitro-node}:${ALEPHZERO_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.alephzero-testnet.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x130937498521962644184395825246273622310592356541
- --node.feed.input.url=wss://feed.alephzero-testnet.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

144
arb/nitro/apechain-mainnet-nitro-archive-pebble-hash.yml
View File

@@ -1,144 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/apechain-mainnet-nitro-archive-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/apechain-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
apechain-mainnet-archive:
image: ${APECHAIN_NITRO_IMAGE:-public.ecr.aws/i6b2w2n6/nitro-node}:${APECHAIN_MAINNET_NITRO_VERSION:-apechain-v3.5.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=true
- --execution.caching.database-cache=${APECHAIN_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${APECHAIN_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${APECHAIN_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${APECHAIN_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://rpc.apechain.com/http
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://apechain.calderachain.xyz/rest-aggregator
- --node.feed.input.url=wss://apechain.calderachain.xyz/feed
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.connection.url=https://arb1.arbitrum.io/rpc
- --persistent.chain=/root/.arbitrum/apechain-mainnet-archive
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${APECHAIN_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_DATA:-apechain-mainnet-nitro-archive-pebble-hash}:/root/.arbitrum
- ./arb/apechain/arbitrum-one:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.apechain-mainnet-nitro-archive-pebble-hash-stripprefix.stripprefix.prefixes=/apechain-mainnet-archive
- traefik.http.services.apechain-mainnet-nitro-archive-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-archive-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-archive-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-archive-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/apechain-mainnet-archive`) || Path(`/apechain-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.apechain-mainnet-nitro-archive-pebble-hash.rule=Path(`/apechain-mainnet-archive`) || Path(`/apechain-mainnet-archive/`)}
- traefik.http.routers.apechain-mainnet-nitro-archive-pebble-hash.middlewares=apechain-mainnet-nitro-archive-pebble-hash-stripprefix, ipallowlist
volumes:
apechain-mainnet-nitro-archive-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: apechain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

146
arb/nitro/apechain-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -1,146 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/apechain-mainnet-nitro-pruned-pebble-path.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/apechain-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
apechain-mainnet:
image: ${APECHAIN_NITRO_IMAGE:-public.ecr.aws/i6b2w2n6/nitro-node}:${APECHAIN_MAINNET_NITRO_VERSION:-apechain-v3.5.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=${APECHAIN_MAINNET_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${APECHAIN_MAINNET_NITRO_PRUNED_PEBBLE_PATH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${APECHAIN_MAINNET_NITRO_PRUNED_PEBBLE_PATH_SNAPSHOT_CACHE:-400}
- --execution.caching.state-scheme=path
- --execution.caching.trie-clean-cache=${APECHAIN_MAINNET_NITRO_PRUNED_PEBBLE_PATH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${APECHAIN_MAINNET_NITRO_PRUNED_PEBBLE_PATH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://rpc.apechain.com/http
- --execution.rpc.gas-cap=5500000000
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://apechain.calderachain.xyz/rest-aggregator
- --node.feed.input.url=wss://apechain.calderachain.xyz/feed
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.connection.url=https://arb1.arbitrum.io/rpc
- --persistent.chain=/root/.arbitrum/apechain-mainnet
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${APECHAIN_MAINNET_NITRO_PRUNED_PEBBLE_PATH_DATA:-apechain-mainnet-nitro-pruned-pebble-path}:/root/.arbitrum
- ./arb/apechain/arbitrum-one:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.apechain-mainnet-nitro-pruned-pebble-path-stripprefix.stripprefix.prefixes=/apechain-mainnet
- traefik.http.services.apechain-mainnet-nitro-pruned-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-pruned-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-pruned-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.apechain-mainnet-nitro-pruned-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/apechain-mainnet`) || Path(`/apechain-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.apechain-mainnet-nitro-pruned-pebble-path.rule=Path(`/apechain-mainnet`) || Path(`/apechain-mainnet/`)}
- traefik.http.routers.apechain-mainnet-nitro-pruned-pebble-path.middlewares=apechain-mainnet-nitro-pruned-pebble-path-stripprefix, ipallowlist
volumes:
apechain-mainnet-nitro-pruned-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: apechain
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

2
arb/nitro/arbitrum-nova-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-nova-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

142
arb/nitro/arbitrum-nova-nitro-archive-pebble-path.yml
View File

@@ -1,142 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-nova-nitro-archive-pebble-path.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-nova-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-nova-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42170
- --execution.caching.archive=true
- --execution.caching.database-cache=${ARBITRUM_NOVA_NITRO_ARCHIVE_PEBBLE_PATH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_NOVA_NITRO_ARCHIVE_PEBBLE_PATH_SNAPSHOT_CACHE:-400}
- --execution.caching.state-scheme=path
- --execution.caching.trie-clean-cache=${ARBITRUM_NOVA_NITRO_ARCHIVE_PEBBLE_PATH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_NOVA_NITRO_ARCHIVE_PEBBLE_PATH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-nova-archive
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_NOVA_NITRO_ARCHIVE_PEBBLE_PATH_DATA:-arbitrum-nova-nitro-archive-pebble-path}:/root/.arbitrum
- ./tmp/arbitrum-nova-archive:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-nova-nitro-archive-pebble-path-stripprefix.stripprefix.prefixes=/arbitrum-nova-archive
- traefik.http.services.arbitrum-nova-nitro-archive-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-archive-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-archive-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-archive-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-nova-archive`) || Path(`/arbitrum-nova-archive/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-nova-nitro-archive-pebble-path.rule=Path(`/arbitrum-nova-archive`) || Path(`/arbitrum-nova-archive/`)}
- traefik.http.routers.arbitrum-nova-nitro-archive-pebble-path.middlewares=arbitrum-nova-nitro-archive-pebble-path-stripprefix, ipallowlist
volumes:
arbitrum-nova-nitro-archive-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum-nova
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

141
arb/nitro/arbitrum-nova-nitro-minimal-pebble-hash.prune.yml
View File

@@ -1,141 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-nova-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-nova-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-nova-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42170
- --execution.caching.archive=${ARBITRUM_NOVA_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --init.prune=minimal
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-nova-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-nova-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-nova-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-nova-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-nova-minimal
- traefik.http.services.arbitrum-nova-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-nova-minimal`) || Path(`/arbitrum-nova-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-nova-minimal`) || Path(`/arbitrum-nova-minimal/`)}
- traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.middlewares=arbitrum-nova-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-nova-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum-nova
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

140
arb/nitro/arbitrum-nova-nitro-minimal-pebble-hash.yml
View File

@@ -1,140 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-nova-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-nova-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-nova-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42170
- --execution.caching.archive=${ARBITRUM_NOVA_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-nova-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_NOVA_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-nova-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-nova-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-nova-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-nova-minimal
- traefik.http.services.arbitrum-nova-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-nova-minimal`) || Path(`/arbitrum-nova-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-nova-minimal`) || Path(`/arbitrum-nova-minimal/`)}
- traefik.http.routers.arbitrum-nova-nitro-minimal-pebble-hash.middlewares=arbitrum-nova-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-nova-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum-nova
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

2
arb/nitro/arbitrum-nova-nitro-pruned-pebble-hash.prune.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-nova:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-nova-nitro-pruned-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-nova:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_NOVA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-one-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-one-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-one-nitro-archive-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-one-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

142
arb/nitro/arbitrum-one-nitro-archive-pebble-path.yml
View File

@@ -1,142 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-one-nitro-archive-pebble-path.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-one-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-one-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42161
- --execution.caching.archive=true
- --execution.caching.database-cache=${ARBITRUM_ONE_NITRO_ARCHIVE_PEBBLE_PATH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_ONE_NITRO_ARCHIVE_PEBBLE_PATH_SNAPSHOT_CACHE:-400}
- --execution.caching.state-scheme=path
- --execution.caching.trie-clean-cache=${ARBITRUM_ONE_NITRO_ARCHIVE_PEBBLE_PATH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_ONE_NITRO_ARCHIVE_PEBBLE_PATH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-one-archive
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_ONE_NITRO_ARCHIVE_PEBBLE_PATH_DATA:-arbitrum-one-nitro-archive-pebble-path}:/root/.arbitrum
- ./tmp/arbitrum-one-archive:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-one-nitro-archive-pebble-path-stripprefix.stripprefix.prefixes=/arbitrum-one-archive
- traefik.http.services.arbitrum-one-nitro-archive-pebble-path.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-archive-pebble-path.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-archive-pebble-path.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-archive-pebble-path.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-one-archive`) || Path(`/arbitrum-one-archive/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-one-nitro-archive-pebble-path.rule=Path(`/arbitrum-one-archive`) || Path(`/arbitrum-one-archive/`)}
- traefik.http.routers.arbitrum-one-nitro-archive-pebble-path.middlewares=arbitrum-one-nitro-archive-pebble-path-stripprefix, ipallowlist
volumes:
arbitrum-one-nitro-archive-pebble-path:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

141
arb/nitro/arbitrum-one-nitro-minimal-pebble-hash.prune.yml
View File

@@ -1,141 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-one-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-one-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-one-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42161
- --execution.caching.archive=${ARBITRUM_ONE_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --init.prune=minimal
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-one-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-one-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-one-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-one-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-one-minimal
- traefik.http.services.arbitrum-one-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-one-minimal`) || Path(`/arbitrum-one-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-one-minimal`) || Path(`/arbitrum-one-minimal/`)}
- traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.middlewares=arbitrum-one-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-one-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

140
arb/nitro/arbitrum-one-nitro-minimal-pebble-hash.yml
View File

@@ -1,140 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-one-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-one-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-one-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=42161
- --execution.caching.archive=${ARBITRUM_ONE_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-one-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_ONE_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-one-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-one-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-one-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-one-minimal
- traefik.http.services.arbitrum-one-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-one-minimal`) || Path(`/arbitrum-one-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-one-minimal`) || Path(`/arbitrum-one-minimal/`)}
- traefik.http.routers.arbitrum-one-nitro-minimal-pebble-hash.middlewares=arbitrum-one-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-one-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

2
arb/nitro/arbitrum-one-nitro-pruned-pebble-hash.prune.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-one:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-one-nitro-pruned-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-one:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_ONE_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-sepolia-nitro-archive-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-sepolia-archive:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

141
arb/nitro/arbitrum-sepolia-nitro-minimal-pebble-hash.prune.yml
View File

@@ -1,141 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-sepolia-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-sepolia-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-sepolia-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=421614
- --execution.caching.archive=${ARBITRUM_SEPOLIA_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --init.prune=minimal
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_SEPOLIA_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-sepolia-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-sepolia-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-sepolia-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-sepolia-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-sepolia-minimal
- traefik.http.services.arbitrum-sepolia-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-sepolia-minimal`) || Path(`/arbitrum-sepolia-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-sepolia-minimal`) || Path(`/arbitrum-sepolia-minimal/`)}
- traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.middlewares=arbitrum-sepolia-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-sepolia-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

140
arb/nitro/arbitrum-sepolia-nitro-minimal-pebble-hash.yml
View File

@@ -1,140 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/arbitrum-sepolia-nitro-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arbitrum-sepolia-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arbitrum-sepolia-minimal:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --chain.id=421614
- --execution.caching.archive=${ARBITRUM_SEPOLIA_MINIMAL_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_SEPOLIA_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/arbitrum-sepolia-minimal
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${ARBITRUM_SEPOLIA_NITRO_MINIMAL_PEBBLE_HASH_DATA:-arbitrum-sepolia-nitro-minimal-pebble-hash}:/root/.arbitrum
- ./tmp/arbitrum-sepolia-minimal:/tmp
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.arbitrum-sepolia-nitro-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/arbitrum-sepolia-minimal
- traefik.http.services.arbitrum-sepolia-nitro-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/arbitrum-sepolia-minimal`) || Path(`/arbitrum-sepolia-minimal/`))}
- ${NO_SSL:+traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.rule=Path(`/arbitrum-sepolia-minimal`) || Path(`/arbitrum-sepolia-minimal/`)}
- traefik.http.routers.arbitrum-sepolia-nitro-minimal-pebble-hash.middlewares=arbitrum-sepolia-nitro-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
arbitrum-sepolia-nitro-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: arbitrum-sepolia
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

2
arb/nitro/arbitrum-sepolia-nitro-pruned-pebble-hash.prune.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-sepolia:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
arb/nitro/arbitrum-sepolia-nitro-pruned-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
arbitrum-sepolia:
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${ARBITRUM_NITRO_IMAGE:-offchainlabs/nitro-node}:${ARBITRUM_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

5
arb/nitro/connext-sepolia-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
connext-sepolia-archive:
image: ${CONNEXT_NITRO_IMAGE:-offchainlabs/nitro-node}:${CONNEXT_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${CONNEXT_NITRO_IMAGE:-offchainlabs/nitro-node}:${CONNEXT_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.connext-sepolia.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x727095791318912381473707332248435763608420056676
- --node.feed.input.url=wss://feed.connext-sepolia.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/connext-sepolia-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
connext-sepolia:
image: ${CONNEXT_NITRO_IMAGE:-offchainlabs/nitro-node}:${CONNEXT_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${CONNEXT_NITRO_IMAGE:-offchainlabs/nitro-node}:${CONNEXT_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.connext-sepolia.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x727095791318912381473707332248435763608420056676
- --node.feed.input.url=wss://feed.connext-sepolia.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/everclear-mainnet-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
everclear-mainnet-archive:
image: ${EVERCLEAR_NITRO_IMAGE:-offchainlabs/nitro-node}:${EVERCLEAR_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${EVERCLEAR_NITRO_IMAGE:-offchainlabs/nitro-node}:${EVERCLEAR_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.everclear.raas.gelato.cloud
- --node.data-availability.sequencer-inbox-address=0x727095791318912381473707332248435763608420056676
- --node.feed.input.url=wss://feed.everclear.raas.gelato.cloud
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/everclear-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
everclear-mainnet:
image: ${EVERCLEAR_NITRO_IMAGE:-offchainlabs/nitro-node}:${EVERCLEAR_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${EVERCLEAR_NITRO_IMAGE:-offchainlabs/nitro-node}:${EVERCLEAR_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.everclear.raas.gelato.cloud
- --node.data-availability.sequencer-inbox-address=0x727095791318912381473707332248435763608420056676
- --node.feed.input.url=wss://feed.everclear.raas.gelato.cloud
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/opencampuscodex-sepolia-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
opencampuscodex-sepolia-archive:
image: ${OPENCAMPUSCODEX_NITRO_IMAGE:-offchainlabs/nitro-node}:${OPENCAMPUSCODEX_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${OPENCAMPUSCODEX_NITRO_IMAGE:-offchainlabs/nitro-node}:${OPENCAMPUSCODEX_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ARBITRUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.open-campus-codex.gelato.digital
- --node.data-availability.sequencer-inbox-address=0xe347C1223381b9Dcd6c0F61cf81c90175A7Bae77
- --node.feed.input.url=wss://feed.open-campus-codex.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/opencampuscodex-sepolia-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
opencampuscodex-sepolia:
image: ${OPENCAMPUSCODEX_NITRO_IMAGE:-offchainlabs/nitro-node}:${OPENCAMPUSCODEX_SEPOLIA_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${OPENCAMPUSCODEX_NITRO_IMAGE:-offchainlabs/nitro-node}:${OPENCAMPUSCODEX_SEPOLIA_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ARBITRUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.open-campus-codex.gelato.digital
- --node.data-availability.sequencer-inbox-address=0xe347C1223381b9Dcd6c0F61cf81c90175A7Bae77
- --node.feed.input.url=wss://feed.open-campus-codex.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/playblock-mainnet-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
playblock-mainnet-archive:
image: ${PLAYBLOCK_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLAYBLOCK_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${PLAYBLOCK_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLAYBLOCK_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ARBITRUM_NOVA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.playblock.io
- --node.data-availability.sequencer-inbox-address=0x1297541082195356755105700451499873350464260779639
- --node.feed.input.url=wss://feed.playblock.io
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/playblock-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
playblock-mainnet:
image: ${PLAYBLOCK_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLAYBLOCK_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${PLAYBLOCK_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLAYBLOCK_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ARBITRUM_NOVA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.playblock.io
- --node.data-availability.sequencer-inbox-address=0x1297541082195356755105700451499873350464260779639
- --node.feed.input.url=wss://feed.playblock.io
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/plume-mainnet-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
plume-mainnet-archive:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.11.0-a618155}
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-mainnet-1.t.conduit.xyz
- --node.data-availability.sequencer-inbox-address=0x85eC1b9138a8b9659A51e2b51bb0861901040b59
- --node.feed.input.url=wss://relay-plume-mainnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false

145
arb/nitro/plume-mainnet-nitro-archive-pebble-hash.yml
View File

@@ -1,145 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/plume-mainnet-nitro-archive-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/plume-mainnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
plume-mainnet-archive:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.11.0-a618155}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=true
- --execution.caching.database-cache=${PLUME_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${PLUME_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${PLUME_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${PLUME_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://rpc.plume.org
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-mainnet-1.t.conduit.xyz
- --node.feed.input.url=wss://relay-plume-mainnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/plume-mainnet-archive
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${PLUME_MAINNET_NITRO_ARCHIVE_PEBBLE_HASH_DATA:-plume-mainnet-nitro-archive-pebble-hash}:/root/.arbitrum
- ./arb/plume/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.plume-mainnet-nitro-archive-pebble-hash-stripprefix.stripprefix.prefixes=/plume-mainnet-archive
- traefik.http.services.plume-mainnet-nitro-archive-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-archive-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-archive-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-archive-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/plume-mainnet-archive`) || Path(`/plume-mainnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.plume-mainnet-nitro-archive-pebble-hash.rule=Path(`/plume-mainnet-archive`) || Path(`/plume-mainnet-archive/`)}
- traefik.http.routers.plume-mainnet-nitro-archive-pebble-hash.middlewares=plume-mainnet-nitro-archive-pebble-hash-stripprefix, ipallowlist
volumes:
plume-mainnet-nitro-archive-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: plume
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

144
arb/nitro/plume-mainnet-nitro-pruned-leveldb-hash.yml
View File

@@ -1,144 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/plume-mainnet-nitro-pruned-leveldb-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/plume-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
plume-mainnet:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.11.0-a618155}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=${PLUME_MAINNET_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${PLUME_MAINNET_NITRO_PRUNED_LEVELDB_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${PLUME_MAINNET_NITRO_PRUNED_LEVELDB_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${PLUME_MAINNET_NITRO_PRUNED_LEVELDB_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${PLUME_MAINNET_NITRO_PRUNED_LEVELDB_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://rpc.plume.org
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-mainnet-1.t.conduit.xyz
- --node.feed.input.url=wss://relay-plume-mainnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_MAINNET_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/plume-mainnet
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${PLUME_MAINNET_NITRO_PRUNED_LEVELDB_HASH_DATA:-plume-mainnet-nitro-pruned-leveldb-hash}:/root/.arbitrum
- ./arb/plume/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.plume-mainnet-nitro-pruned-leveldb-hash-stripprefix.stripprefix.prefixes=/plume-mainnet
- traefik.http.services.plume-mainnet-nitro-pruned-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-pruned-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-pruned-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.plume-mainnet-nitro-pruned-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/plume-mainnet`) || Path(`/plume-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.plume-mainnet-nitro-pruned-leveldb-hash.rule=Path(`/plume-mainnet`) || Path(`/plume-mainnet/`)}
- traefik.http.routers.plume-mainnet-nitro-pruned-leveldb-hash.middlewares=plume-mainnet-nitro-pruned-leveldb-hash-stripprefix, ipallowlist
volumes:
plume-mainnet-nitro-pruned-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: plume
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

5
arb/nitro/plume-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
plume-mainnet:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.11.0-a618155}
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-mainnet-1.t.conduit.xyz
- --node.data-availability.sequencer-inbox-address=0x85eC1b9138a8b9659A51e2b51bb0861901040b59
- --node.feed.input.url=wss://relay-plume-mainnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/plume-testnet-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
plume-testnet-archive:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-testnet-1.t.conduit.xyz
- --node.data-availability.sequencer-inbox-address=0xbCa991f1831bE1F1E7e5576d5F84A645e70F3E4d
- --node.feed.input.url=wss://relay-plume-testnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false

145
arb/nitro/plume-testnet-nitro-archive-pebble-hash.yml
View File

@@ -1,145 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/plume-testnet-nitro-archive-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/plume-testnet-archive \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
plume-testnet-archive:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=true
- --execution.caching.database-cache=${PLUME_TESTNET_NITRO_ARCHIVE_PEBBLE_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${PLUME_TESTNET_NITRO_ARCHIVE_PEBBLE_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${PLUME_TESTNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${PLUME_TESTNET_NITRO_ARCHIVE_PEBBLE_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://testnet-rpc.plume.org
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-testnet-1.t.conduit.xyz
- --node.feed.input.url=wss://relay-plume-testnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_SEPOLIA_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/plume-testnet-archive
- --persistent.db-engine=pebble
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${PLUME_TESTNET_NITRO_ARCHIVE_PEBBLE_HASH_DATA:-plume-testnet-nitro-archive-pebble-hash}:/root/.arbitrum
- ./arb/plume/testnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.plume-testnet-nitro-archive-pebble-hash-stripprefix.stripprefix.prefixes=/plume-testnet-archive
- traefik.http.services.plume-testnet-nitro-archive-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-archive-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-archive-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-archive-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/plume-testnet-archive`) || Path(`/plume-testnet-archive/`))}
- ${NO_SSL:+traefik.http.routers.plume-testnet-nitro-archive-pebble-hash.rule=Path(`/plume-testnet-archive`) || Path(`/plume-testnet-archive/`)}
- traefik.http.routers.plume-testnet-nitro-archive-pebble-hash.middlewares=plume-testnet-nitro-archive-pebble-hash-stripprefix, ipallowlist
volumes:
plume-testnet-nitro-archive-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: plume-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

144
arb/nitro/plume-testnet-nitro-pruned-leveldb-hash.yml
View File

@@ -1,144 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arb/nitro/plume-testnet-nitro-pruned-leveldb-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/plume-testnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
plume-testnet:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.10.1-d7f07be}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
expose:
- 8545
command:
- --conf.file=/config/baseConfig.json
- --execution.caching.archive=${PLUME_TESTNET_ARCHIVE_DB:-false}
- --execution.caching.database-cache=${PLUME_TESTNET_NITRO_PRUNED_LEVELDB_HASH_DATABASE_CACHE:-2048}
- --execution.caching.snapshot-cache=${PLUME_TESTNET_NITRO_PRUNED_LEVELDB_HASH_SNAPSHOT_CACHE:-400}
- --execution.caching.trie-clean-cache=${PLUME_TESTNET_NITRO_PRUNED_LEVELDB_HASH_TRIE_CLEAN_CACHE:-600}
- --execution.caching.trie-dirty-cache=${PLUME_TESTNET_NITRO_PRUNED_LEVELDB_HASH_TRIE_DIRTY_CACHE:-1024}
- --execution.forwarding-target=https://testnet-rpc.plume.org
- --execution.rpc.gas-cap=5500000000
- --execution.rpc.log-history=0
- --execution.sequencer.enable=false
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,arb,txpool,debug
- --http.corsdomain=*
- --http.port=8545
- --http.vhosts=*
- --metrics
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.data-availability.enable=true
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-testnet-1.t.conduit.xyz
- --node.feed.input.url=wss://relay-plume-testnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false
- --parent-chain.blob-client.beacon-url=${ETHEREUM_SEPOLIA_BEACON_REST}
- --parent-chain.connection.url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --persistent.chain=/root/.arbitrum/plume-testnet
- --ws.addr=0.0.0.0
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${PLUME_TESTNET_NITRO_PRUNED_LEVELDB_HASH_DATA:-plume-testnet-nitro-pruned-leveldb-hash}:/root/.arbitrum
- ./arb/plume/testnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6070
- prometheus-scrape.path=/debug/metrics/prometheus
- traefik.enable=true
- traefik.http.middlewares.plume-testnet-nitro-pruned-leveldb-hash-stripprefix.stripprefix.prefixes=/plume-testnet
- traefik.http.services.plume-testnet-nitro-pruned-leveldb-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-pruned-leveldb-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-pruned-leveldb-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.plume-testnet-nitro-pruned-leveldb-hash.rule=Host(`$DOMAIN`) && (Path(`/plume-testnet`) || Path(`/plume-testnet/`))}
- ${NO_SSL:+traefik.http.routers.plume-testnet-nitro-pruned-leveldb-hash.rule=Path(`/plume-testnet`) || Path(`/plume-testnet/`)}
- traefik.http.routers.plume-testnet-nitro-pruned-leveldb-hash.middlewares=plume-testnet-nitro-pruned-leveldb-hash-stripprefix, ipallowlist
volumes:
plume-testnet-nitro-pruned-leveldb-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: plume-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

5
arb/nitro/plume-testnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
plume-testnet:
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${PLUME_NITRO_IMAGE:-offchainlabs/nitro-node}:${PLUME_TESTNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_SEPOLIA_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das-plume-testnet-1.t.conduit.xyz
- --node.data-availability.sequencer-inbox-address=0xbCa991f1831bE1F1E7e5576d5F84A645e70F3E4d
- --node.feed.input.url=wss://relay-plume-testnet-1.t.conduit.xyz
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/real-mainnet-nitro-archive-leveldb-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
real-mainnet-archive:
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.realforreal.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x466813324240923703236721233648302990016039913376
- --node.feed.input.url=wss://feed.realforreal.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/real-mainnet-nitro-archive-pebble-hash.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
real-mainnet-archive:
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.realforreal.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x466813324240923703236721233648302990016039913376
- --node.feed.input.url=wss://feed.realforreal.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

5
arb/nitro/real-mainnet-nitro-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
real-mainnet:
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.10.1-d7f07be}
image: ${REAL_NITRO_IMAGE:-offchainlabs/nitro-node}:${REAL_MAINNET_NITRO_VERSION:-v3.9.5-66e42c4}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -67,9 +67,12 @@ services:
- --metrics-server.addr=0.0.0.0
- --metrics-server.port=6070
- --node.batch-poster.enable=false
- --node.da-provider.enable=false
- --node.data-availability.enable=true
- --node.data-availability.parent-chain-node-url=${ETHEREUM_MAINNET_EXECUTION_RPC}
- --node.data-availability.rest-aggregator.enable=true
- --node.data-availability.rest-aggregator.urls=https://das.realforreal.gelato.digital
- --node.data-availability.sequencer-inbox-address=0x466813324240923703236721233648302990016039913376
- --node.feed.input.url=wss://feed.realforreal.gelato.digital
- --node.sequencer=false
- --node.staker.enable=false

199
arc/arc/arc-testnet-arc-full.yml
View File

@@ -1,199 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:arc/arc/arc-testnet-arc-full.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/arc-testnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
arc-testnet-snapshots:
image: ${ARC_ARC_IMAGE:-docker.cloudsmith.io/circle/arc-network/arc-execution}:${ARC_TESTNET_ARC_VERSION:-0.7.2}
user: 0:0
entrypoint: [/usr/local/bin/arc-snapshots, download]
command:
- --chain=arc-testnet
- --consensus-path=/data/consensus
- --execution-path=/data/execution
restart: no
networks:
- chains
volumes:
- ${ARC_TESTNET_ARC_FULL_CONSENSUS_DATA:-arc-testnet-arc-full-consensus}:/data/consensus
- ${ARC_TESTNET_ARC_FULL_EXECUTION_DATA:-arc-testnet-arc-full-execution}:/data/execution
logging: *logging-defaults
arc-testnet-consensus-init:
image: ${ARC_CONSENSUS_IMAGE:-docker.cloudsmith.io/circle/arc-network/arc-consensus}:${ARC_TESTNET_CONSENSUS_VERSION:-0.7.2}
user: 0:0
entrypoint: [/usr/local/bin/arc-node-consensus, init]
command:
- --home=/data/consensus
restart: no
depends_on:
arc-testnet-snapshots:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${ARC_TESTNET_ARC_FULL_CONSENSUS_DATA:-arc-testnet-arc-full-consensus}:/data/consensus
logging: *logging-defaults
arc-testnet-sockets-init:
image: debian:bookworm-slim
entrypoint: [/bin/sh, -c]
command: [rm -f /sockets/*.ipc && chown 999:999 /sockets]
restart: no
depends_on:
arc-testnet-consensus-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- arc-testnet-arc-full-sockets:/sockets
logging: *logging-defaults
arc-testnet:
image: ${ARC_ARC_IMAGE:-docker.cloudsmith.io/circle/arc-network/arc-execution}:${ARC_TESTNET_ARC_VERSION:-0.7.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: 0:0
expose:
- 8545
- 9001
entrypoint: [/usr/local/bin/arc-node-execution, node]
command:
- --auth-ipc
- --auth-ipc.path=/sockets/auth.ipc
- --chain=arc-testnet
- --datadir=/data/execution
- --disable-discovery
- --enable-arc-rpc
- --full
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,txpool,trace,debug
- --http.port=8545
- --ipcpath=/sockets/reth.ipc
- --log.file.directory=/data/execution/logs
- --metrics=0.0.0.0:9001
- --rpc.forwarder=https://rpc.quicknode.testnet.arc.network/
restart: unless-stopped
stop_grace_period: 5m
depends_on:
arc-testnet-sockets-init:
condition: service_completed_successfully
networks:
- chains
volumes:
- ${ARC_TESTNET_ARC_FULL_EXECUTION_DATA:-arc-testnet-arc-full-execution}:/data/execution
- /slowdisk:/slowdisk
- arc-testnet-arc-full-sockets:/sockets
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=9001
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.arc-testnet-arc-full-stripprefix.stripprefix.prefixes=/arc-testnet
- traefik.http.services.arc-testnet-arc-full.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.arc-testnet-arc-full.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.arc-testnet-arc-full.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.arc-testnet-arc-full.rule=Host(`$DOMAIN`) && (Path(`/arc-testnet`) || Path(`/arc-testnet/`))}
- ${NO_SSL:+traefik.http.routers.arc-testnet-arc-full.rule=Path(`/arc-testnet`) || Path(`/arc-testnet/`)}
- traefik.http.routers.arc-testnet-arc-full.middlewares=arc-testnet-arc-full-stripprefix, ipallowlist
arc-testnet-node:
image: ${ARC_CONSENSUS_IMAGE:-docker.cloudsmith.io/circle/arc-network/arc-consensus}:${ARC_TESTNET_CONSENSUS_VERSION:-0.7.2}
user: 0:0
expose:
- 31000
- 29000
entrypoint: [/usr/local/bin/arc-node-consensus, start]
command:
- --eth-socket=/sockets/reth.ipc
- --execution-persistence-backpressure
- --execution-persistence-backpressure-threshold=50
- --execution-socket=/sockets/auth.ipc
- --follow
- --follow.endpoint=https://rpc.blockdaemon.testnet.arc.network,wss=rpc.blockdaemon.testnet.arc.network/websocket
- --follow.endpoint=https://rpc.drpc.testnet.arc.network,wss=rpc.drpc.testnet.arc.network
- --follow.endpoint=https://rpc.quicknode.testnet.arc.network,wss=rpc.quicknode.testnet.arc.network
- --full
- --home=/data/consensus
- --metrics=0.0.0.0:29000
- --rpc.addr=0.0.0.0:31000
restart: unless-stopped
stop_grace_period: 5m
depends_on:
arc-testnet-consensus-init:
condition: service_completed_successfully
arc-testnet:
condition: service_started
restart: true
networks:
- chains
volumes:
- ${ARC_TESTNET_ARC_FULL_CONSENSUS_DATA:-arc-testnet-arc-full-consensus}:/data/consensus
- arc-testnet-arc-full-sockets:/sockets
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=29000
volumes:
arc-testnet-arc-full-consensus:
arc-testnet-arc-full-execution:
arc-testnet-arc-full-sockets:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
chain: arc-testnet
method-groups:
enabled:
- debug
- filter
- trace
methods:
enabled:
- name: txpool_content
...

6
avalanche/fuji/prune/C/config.json
View File

@@ -1,6 +0,0 @@
{
"rpc-gas-cap": 2500000000,
"eth-rpc-gas-limit": 2500000000,
"offline-pruning-enabled": true,
"offline-pruning-data-directory": "/root/.avalanchego/offline-pruning"
}

6
avalanche/go/avalanche-fuji-go-archive-leveldb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-fuji-archive:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-fuji-go-archive-leveldb.service=avalanche-fuji-go-archive-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji-archive`) || Path(`/avalanche-fuji-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.rule=(Path(`/avalanche-fuji-archive`) || Path(`/avalanche-fuji-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji-archive`) || Path(`/avalanche-fuji-archive/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.rule=(Path(`/avalanche-fuji-archive`) || Path(`/avalanche-fuji-archive/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-fuji-go-archive-leveldb-ws.middlewares=avalanche-fuji-go-archive-leveldb-stripprefix, avalanche-fuji-go-archive-leveldb-set-ws-path, ipallowlist
volumes:

118
avalanche/go/avalanche-fuji-go-pruned-leveldb.prune.yml
View File

@@ -1,118 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:avalanche/go/avalanche-fuji-go-pruned-leveldb.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/avalanche-fuji \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
avalanche-fuji:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12059:12059
- 12059:12059/udp
expose:
- 9650
entrypoint: [/bin/sh, -c, mkdir -p /root/.avalanchego/offline-pruning && exec /avalanchego/build/avalanchego "$@", --]
command:
- --chain-config-dir=/config/prune
- --db-type=leveldb
- --http-allowed-hosts=*
- --http-host=
- --network-id=fuji
- --public-ip=${IP}
- --staking-port=12059
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AVALANCHE_FUJI_GO_PRUNED_LEVELDB_DATA:-avalanche-fuji-go-pruned-leveldb}:/root/.avalanchego
- ./avalanche/fuji:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.avalanche-fuji-go-pruned-leveldb-set-path.replacepath.path=/ext/bc/C/rpc
- traefik.http.middlewares.avalanche-fuji-go-pruned-leveldb-stripprefix.stripprefix.prefixes=/avalanche-fuji
- traefik.http.services.avalanche-fuji-go-pruned-leveldb.loadbalancer.server.port=9650
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`))}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-leveldb.rule=Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)}
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb.middlewares=avalanche-fuji-go-pruned-leveldb-stripprefix, avalanche-fuji-go-pruned-leveldb-set-path, ipallowlist
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb.priority=50 # gets any request that is not GET with UPGRADE header
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.priority=100 # answers GET requests first
- traefik.http.middlewares.avalanche-fuji-go-pruned-leveldb-set-ws-path.replacepath.path=/ext/bc/C/ws
- traefik.http.services.avalanche-fuji-go-pruned-leveldb-ws.loadbalancer.server.port=9650
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.service=avalanche-fuji-go-pruned-leveldb-ws
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb.service=avalanche-fuji-go-pruned-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.middlewares=avalanche-fuji-go-pruned-leveldb-stripprefix, avalanche-fuji-go-pruned-leveldb-set-ws-path, ipallowlist
volumes:
avalanche-fuji-go-pruned-leveldb:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: avalanche
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

6
avalanche/go/avalanche-fuji-go-pruned-leveldb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-fuji:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb.service=avalanche-fuji-go-pruned-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-fuji-go-pruned-leveldb-ws.middlewares=avalanche-fuji-go-pruned-leveldb-stripprefix, avalanche-fuji-go-pruned-leveldb-set-ws-path, ipallowlist
volumes:

118
avalanche/go/avalanche-fuji-go-pruned-pebbledb.prune.yml
View File

@@ -1,118 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:avalanche/go/avalanche-fuji-go-pruned-pebbledb.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/avalanche-fuji \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
avalanche-fuji:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 10350:10350
- 10350:10350/udp
expose:
- 9650
entrypoint: [/bin/sh, -c, mkdir -p /root/.avalanchego/offline-pruning && exec /avalanchego/build/avalanchego "$@", --]
command:
- --chain-config-dir=/config/prune
- --db-type=pebbledb
- --http-allowed-hosts=*
- --http-host=
- --network-id=fuji
- --public-ip=${IP}
- --staking-port=10350
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AVALANCHE_FUJI_GO_PRUNED_PEBBLEDB_DATA:-avalanche-fuji-go-pruned-pebbledb}:/root/.avalanchego
- ./avalanche/fuji:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.avalanche-fuji-go-pruned-pebbledb-set-path.replacepath.path=/ext/bc/C/rpc
- traefik.http.middlewares.avalanche-fuji-go-pruned-pebbledb-stripprefix.stripprefix.prefixes=/avalanche-fuji
- traefik.http.services.avalanche-fuji-go-pruned-pebbledb.loadbalancer.server.port=9650
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`))}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.rule=Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)}
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.middlewares=avalanche-fuji-go-pruned-pebbledb-stripprefix, avalanche-fuji-go-pruned-pebbledb-set-path, ipallowlist
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.priority=50 # gets any request that is not GET with UPGRADE header
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.priority=100 # answers GET requests first
- traefik.http.middlewares.avalanche-fuji-go-pruned-pebbledb-set-ws-path.replacepath.path=/ext/bc/C/ws
- traefik.http.services.avalanche-fuji-go-pruned-pebbledb-ws.loadbalancer.server.port=9650
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.service=avalanche-fuji-go-pruned-pebbledb-ws
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.service=avalanche-fuji-go-pruned-pebbledb
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.middlewares=avalanche-fuji-go-pruned-pebbledb-stripprefix, avalanche-fuji-go-pruned-pebbledb-set-ws-path, ipallowlist
volumes:
avalanche-fuji-go-pruned-pebbledb:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: avalanche
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

6
avalanche/go/avalanche-fuji-go-pruned-pebbledb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-fuji:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_FUJI_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb.service=avalanche-fuji-go-pruned-pebbledb
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-fuji`) || Path(`/avalanche-fuji/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-fuji-go-pruned-pebbledb-ws.middlewares=avalanche-fuji-go-pruned-pebbledb-stripprefix, avalanche-fuji-go-pruned-pebbledb-set-ws-path, ipallowlist
volumes:

6
avalanche/go/avalanche-mainnet-go-archive-leveldb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-mainnet-archive:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-mainnet-go-archive-leveldb.service=avalanche-mainnet-go-archive-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet-archive`) || Path(`/avalanche-mainnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.rule=(Path(`/avalanche-mainnet-archive`) || Path(`/avalanche-mainnet-archive/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet-archive`) || Path(`/avalanche-mainnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.rule=(Path(`/avalanche-mainnet-archive`) || Path(`/avalanche-mainnet-archive/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-mainnet-go-archive-leveldb-ws.middlewares=avalanche-mainnet-go-archive-leveldb-stripprefix, avalanche-mainnet-go-archive-leveldb-set-ws-path, ipallowlist
volumes:

118
avalanche/go/avalanche-mainnet-go-pruned-leveldb.prune.yml
View File

@@ -1,118 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:avalanche/go/avalanche-mainnet-go-pruned-leveldb.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/avalanche-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
avalanche-mainnet:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12757:12757
- 12757:12757/udp
expose:
- 9650
entrypoint: [/bin/sh, -c, mkdir -p /root/.avalanchego/offline-pruning && exec /avalanchego/build/avalanchego "$@", --]
command:
- --chain-config-dir=/config/prune
- --db-type=leveldb
- --http-allowed-hosts=*
- --http-host=
- --network-id=mainnet
- --public-ip=${IP}
- --staking-port=12757
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AVALANCHE_MAINNET_GO_PRUNED_LEVELDB_DATA:-avalanche-mainnet-go-pruned-leveldb}:/root/.avalanchego
- ./avalanche/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.avalanche-mainnet-go-pruned-leveldb-set-path.replacepath.path=/ext/bc/C/rpc
- traefik.http.middlewares.avalanche-mainnet-go-pruned-leveldb-stripprefix.stripprefix.prefixes=/avalanche-mainnet
- traefik.http.services.avalanche-mainnet-go-pruned-leveldb.loadbalancer.server.port=9650
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.rule=Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.middlewares=avalanche-mainnet-go-pruned-leveldb-stripprefix, avalanche-mainnet-go-pruned-leveldb-set-path, ipallowlist
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.priority=50 # gets any request that is not GET with UPGRADE header
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.priority=100 # answers GET requests first
- traefik.http.middlewares.avalanche-mainnet-go-pruned-leveldb-set-ws-path.replacepath.path=/ext/bc/C/ws
- traefik.http.services.avalanche-mainnet-go-pruned-leveldb-ws.loadbalancer.server.port=9650
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.service=avalanche-mainnet-go-pruned-leveldb-ws
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.service=avalanche-mainnet-go-pruned-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.middlewares=avalanche-mainnet-go-pruned-leveldb-stripprefix, avalanche-mainnet-go-pruned-leveldb-set-ws-path, ipallowlist
volumes:
avalanche-mainnet-go-pruned-leveldb:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: avalanche
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

6
avalanche/go/avalanche-mainnet-go-pruned-leveldb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-mainnet:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb.service=avalanche-mainnet-go-pruned-leveldb
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-leveldb-ws.middlewares=avalanche-mainnet-go-pruned-leveldb-stripprefix, avalanche-mainnet-go-pruned-leveldb-set-ws-path, ipallowlist
volumes:

118
avalanche/go/avalanche-mainnet-go-pruned-pebbledb.prune.yml
View File

@@ -1,118 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:avalanche/go/avalanche-mainnet-go-pruned-pebbledb.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/avalanche-mainnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
avalanche-mainnet:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.2}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 11929:11929
- 11929:11929/udp
expose:
- 9650
entrypoint: [/bin/sh, -c, mkdir -p /root/.avalanchego/offline-pruning && exec /avalanchego/build/avalanchego "$@", --]
command:
- --chain-config-dir=/config/prune
- --db-type=pebbledb
- --http-allowed-hosts=*
- --http-host=
- --network-id=mainnet
- --public-ip=${IP}
- --staking-port=11929
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AVALANCHE_MAINNET_GO_PRUNED_PEBBLEDB_DATA:-avalanche-mainnet-go-pruned-pebbledb}:/root/.avalanchego
- ./avalanche/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.avalanche-mainnet-go-pruned-pebbledb-set-path.replacepath.path=/ext/bc/C/rpc
- traefik.http.middlewares.avalanche-mainnet-go-pruned-pebbledb-stripprefix.stripprefix.prefixes=/avalanche-mainnet
- traefik.http.services.avalanche-mainnet-go-pruned-pebbledb.loadbalancer.server.port=9650
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`))}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.rule=Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.middlewares=avalanche-mainnet-go-pruned-pebbledb-stripprefix, avalanche-mainnet-go-pruned-pebbledb-set-path, ipallowlist
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.priority=50 # gets any request that is not GET with UPGRADE header
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.priority=100 # answers GET requests first
- traefik.http.middlewares.avalanche-mainnet-go-pruned-pebbledb-set-ws-path.replacepath.path=/ext/bc/C/ws
- traefik.http.services.avalanche-mainnet-go-pruned-pebbledb-ws.loadbalancer.server.port=9650
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.service=avalanche-mainnet-go-pruned-pebbledb-ws
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.service=avalanche-mainnet-go-pruned-pebbledb
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.middlewares=avalanche-mainnet-go-pruned-pebbledb-stripprefix, avalanche-mainnet-go-pruned-pebbledb-set-ws-path, ipallowlist
volumes:
avalanche-mainnet-go-pruned-pebbledb:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: avalanche
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

6
avalanche/go/avalanche-mainnet-go-pruned-pebbledb.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
avalanche-mainnet:
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.2}
image: ${AVALANCHE_GO_IMAGE:-avaplatform/avalanchego}:${AVALANCHE_MAINNET_GO_VERSION:-v1.14.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -87,8 +87,8 @@ services:
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb.service=avalanche-mainnet-go-pruned-pebbledb
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:-traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=Host(`$DOMAIN`) && (Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- ${NO_SSL:+traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.rule=(Path(`/avalanche-mainnet`) || Path(`/avalanche-mainnet/`)) && Headers(`Upgrade`, `websocket`)}
- traefik.http.routers.avalanche-mainnet-go-pruned-pebbledb-ws.middlewares=avalanche-mainnet-go-pruned-pebbledb-stripprefix, avalanche-mainnet-go-pruned-pebbledb-set-ws-path, ipallowlist
volumes:

23
avalanche/mainnet/prune/C/config.json
View File

@@ -1,23 +0,0 @@
{
"snowman-api-enabled": false,
"coreth-admin-api-enabled": false,
"net-api-enabled": true,
"rpc-gas-cap": 2500000000,
"rpc-tx-fee-cap": 100,
"eth-rpc-gas-limit": 2500000000,
"eth-api-enabled": true,
"personal-api-enabled": false,
"tx-pool-api-enabled": false,
"debug-api-enabled": false,
"web3-api-enabled": true,
"local-txs-enabled": false,
"pruning-enabled": true,
"api-max-duration": 0,
"api-max-blocks-per-request": 0,
"allow-unfinalized-queries": false,
"log-level": "info",
"state-sync-enabled": false,
"state-sync-skip-resume": true,
"offline-pruning-enabled": true,
"offline-pruning-data-directory": "/root/.avalanchego/offline-pruning"
}

112
aztec/aztec/aztec-devnet-aztec-pruned.yml
View File

@@ -1,112 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Aztec full node. See https://docs.aztec.network/network/setup/running_a_node
# Admin port (8880) is not exposed; use docker exec for admin API.
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:aztec/aztec/aztec-devnet-aztec-pruned.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/aztec-devnet \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
aztec-devnet:
image: ${AZTEC_AZTEC_IMAGE:-aztecprotocol/aztec}:${AZTEC_DEVNET_AZTEC_VERSION:-3.0.0-devnet.6-patch.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12024:12024
- 12024:12024/udp
expose:
- 8080
environment:
AZTEC_ADMIN_PORT: '8880'
AZTEC_PORT: '8080'
DATA_DIRECTORY: /var/lib/data
ETHEREUM_HOSTS: ${ETHEREUM_SEPOLIA_EXECUTION_RPC}
L1_CONSENSUS_HOST_URLS: ${ETHEREUM_SEPOLIA_BEACON_REST}
LOG_LEVEL: ${AZTEC_LOG_LEVEL:-info}
P2P_IP: ${IP}
P2P_PORT: '12024'
entrypoint: [node, --no-warnings, /usr/src/yarn-project/aztec/dest/bin/index.js, start]
command:
- --archiver
- --network=devnet
- --node
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AZTEC_DEVNET_AZTEC_PRUNED_DATA:-aztec-devnet-aztec-pruned}:/var/lib/data
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.aztec-devnet-aztec-pruned-stripprefix.stripprefix.prefixes=/aztec-devnet
- traefik.http.services.aztec-devnet-aztec-pruned.loadbalancer.server.port=8080
- ${NO_SSL:-traefik.http.routers.aztec-devnet-aztec-pruned.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.aztec-devnet-aztec-pruned.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.aztec-devnet-aztec-pruned.rule=Host(`$DOMAIN`) && (Path(`/aztec-devnet`) || Path(`/aztec-devnet/`))}
- ${NO_SSL:+traefik.http.routers.aztec-devnet-aztec-pruned.rule=Path(`/aztec-devnet`) || Path(`/aztec-devnet/`)}
- traefik.http.routers.aztec-devnet-aztec-pruned.middlewares=aztec-devnet-aztec-pruned-stripprefix, ipallowlist
volumes:
aztec-devnet-aztec-pruned:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: aztec-devnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

111
aztec/aztec/aztec-testnet-aztec-pruned.yml
View File

@@ -1,111 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Aztec full node. See https://docs.aztec.network/network/setup/running_a_node
# Admin port (8880) is not exposed; use docker exec for admin API.
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:aztec/aztec/aztec-testnet-aztec-pruned.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/aztec-testnet-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
aztec-testnet-pruned:
image: ${AZTEC_AZTEC_IMAGE:-aztecprotocol/aztec}:${AZTEC_TESTNET_AZTEC_VERSION:-5.0.0-rc.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 13009:13009
- 13009:13009/udp
expose:
- 8545
environment:
AZTEC_ADMIN_PORT: '8880'
AZTEC_PORT: '8545'
DATA_DIRECTORY: /var/lib/data
ETHEREUM_HOSTS: ${ETHEREUM_SEPOLIA_EXECUTION_RPC}
L1_CONSENSUS_HOST_URLS: ${ETHEREUM_SEPOLIA_BEACON_REST}
LOG_LEVEL: ${AZTEC_LOG_LEVEL:-info}
P2P_IP: ${IP}
P2P_PORT: '13009'
entrypoint: [node, --no-warnings, /usr/src/yarn-project/aztec/dest/bin/index.js, start]
command:
- --node
- --network=testnet
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${AZTEC_TESTNET_AZTEC_PRUNED_DATA:-aztec-testnet-aztec-pruned}:/var/lib/data
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=false
- traefik.enable=true
- traefik.http.middlewares.aztec-testnet-aztec-pruned-stripprefix.stripprefix.prefixes=/aztec-testnet-pruned
- traefik.http.services.aztec-testnet-aztec-pruned.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.aztec-testnet-aztec-pruned.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.aztec-testnet-aztec-pruned.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.aztec-testnet-aztec-pruned.rule=Host(`$DOMAIN`) && (Path(`/aztec-testnet-pruned`) || Path(`/aztec-testnet-pruned/`))}
- ${NO_SSL:+traefik.http.routers.aztec-testnet-aztec-pruned.rule=Path(`/aztec-testnet-pruned`) || Path(`/aztec-testnet-pruned/`)}
- traefik.http.routers.aztec-testnet-aztec-pruned.middlewares=aztec-testnet-aztec-pruned-stripprefix, ipallowlist
volumes:
aztec-testnet-aztec-pruned:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: aztec-testnet
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

49
backup-node.sh
View File

@@ -1,17 +1,10 @@
#!/bin/bash
BASEPATH="$(dirname "$0")"
source "$BASEPATH/volume-utils.sh"
backup_dir="/backup"
remote_target="$2"
if [[ -n "$remote_target" ]] && is_local_backup_url "$remote_target"; then
echo "Target URL points to this server, using local /backup instead of $remote_target"
remote_target=""
fi
if [[ -n "$remote_target" ]]; then
echo "upload backup via webdav to $remote_target"
if [[ -n $2 ]]; then
echo "upload backup via webdav to $2"
else
if [ ! -d "$backup_dir" ]; then
echo "Error: /backup directory does not exist"
@@ -36,33 +29,21 @@ generate_volume_metadata() {
# Check each static file path
if [[ -f "$static_file_list" ]]; then
while IFS= read -r path; do
[[ -z "$path" ]] && continue
# Match rule (see static-file-path-list.txt): an entry with NO slash is root-level
# only (so `snapshots` won't catch postgres pg_logical/snapshots); an entry WITH a
# slash is a path-suffix, so any prefix matches (network-prefixed nitro freezers,
# nested l2geth geth/geth/...). Record the CONCRETE relative path so restore-volumes
# can recreate the exact static-file -> /slowdisk symlink.
# Match real dirs AND symlinks: an already-OFFLOADED static dir is a symlink to
# /slowdisk, which find -type d alone would skip (then it would be dropped from the
# manifest and the next restore would not re-offload it).
local matches=() m rel
if [[ "$path" == */* ]]; then
while IFS= read -r m; do matches+=("$m"); done < <(find "$prefix/_data" \( -type d -o -type l \) -path "*/$path" 2>/dev/null)
else
m="$prefix/_data/$path"; { [ -d "$m" ] || [ -L "$m" ]; } && matches+=("$m")
# Check if the path exists
if [[ -e "$prefix/_data/$path" ]]; then
# Get the size
size=$(du -sL "$prefix/_data/$path" 2>/dev/null | awk '{print $1}')
# Format size in human-readable format
size_formatted=$(echo "$(( size * 1024 ))" | numfmt --to=iec --suffix=B --format="%.2f")
# Write to metadata file
echo "$size_formatted $path" >> "$metadata_file"
fi
for m in "${matches[@]}"; do
rel="${m#"$prefix/_data/"}"
size=$(du -sL "$m" 2>/dev/null | awk '{print $1}')
size_formatted=$(echo "$(( ${size:-0} * 1024 ))" | numfmt --to=iec --suffix=B --format="%.2f")
echo "$size_formatted $rel" >> "$metadata_file"
done
done < "$static_file_list"
fi
}
# Read the JSON input and extract the list of keys
keys=$(get_persistent_volume_keys "/root/rpc/$1.yml")
keys=$(cat /root/rpc/$1.yml | yaml2json - | jq '.volumes' | jq -r 'keys[]')
# Iterate over the list of keys
for key in $keys; do
@@ -93,16 +74,16 @@ for key in $keys; do
#echo "$target_file"
if [[ -n "$remote_target" ]]; then
if [[ -n $2 ]]; then
# Upload volume archive
tar -cf - --dereference "$source_folder" | pv -pterb -s $(du -sb "$source_folder" | awk '{print $1}') | zstd | curl -X PUT --upload-file - "$remote_target/null/uploading-$target_file"
curl -X MOVE -H "Destination: /null/$target_file" "$remote_target/null/uploading-$target_file"
tar -cf - --dereference "$source_folder" | pv -pterb -s $(du -sb "$source_folder" | awk '{print $1}') | zstd | curl -X PUT --upload-file - "$2/null/uploading-$target_file"
curl -X MOVE -H "Destination: /null/$target_file" "$2/null/uploading-$target_file"
# Generate and upload metadata file
echo "Generating metadata for volume: rpc_$key"
temp_metadata="/tmp/$metadata_file_name"
generate_volume_metadata "$key" "$source_folder" "$temp_metadata"
curl -X PUT --upload-file "$temp_metadata" "$remote_target/null/$metadata_file_name"
curl -X PUT --upload-file "$temp_metadata" "$2/null/$metadata_file_name"
rm -f "$temp_metadata"
else
# Create volume archive

2
berachain/geth/berachain-bepolia-geth-pruned-pebble-path.yml
View File

@@ -112,7 +112,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.4.1}
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_BEPOLIA_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 19888:19888

2
berachain/geth/berachain-mainnet-geth-pruned-pebble-path.yml
View File

@@ -112,7 +112,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.4.0-rc3}
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_MAINNET_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 16562:16562

4
berachain/reth/berachain-bartio-reth-archive-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-bartio-reth:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BARTIO_RETH_VERSION:-v1.4.0}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BARTIO_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -151,7 +151,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_BARTIO_BEACON_KIT_VERSION:-v1.4.0-rc3}
BEACONKIT_VERSION: ${BERACHAIN_BARTIO_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_BARTIO_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 15527:15527

4
berachain/reth/berachain-bartio-reth-pruned-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-bartio-reth-pruned:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BARTIO_RETH_VERSION:-v1.4.0}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BARTIO_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -152,7 +152,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_BARTIO_BEACON_KIT_VERSION:-v1.4.0-rc3}
BEACONKIT_VERSION: ${BERACHAIN_BARTIO_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_BARTIO_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 19467:19467

4
berachain/reth/berachain-bepolia-reth-archive-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-bepolia-reth:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BEPOLIA_RETH_VERSION:-v1.4.1}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BEPOLIA_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -152,7 +152,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.4.1}
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_BEPOLIA_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 16347:16347

4
berachain/reth/berachain-bepolia-reth-pruned-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-bepolia-reth-pruned:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BEPOLIA_RETH_VERSION:-v1.4.1}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_BEPOLIA_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -153,7 +153,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.4.1}
BEACONKIT_VERSION: ${BERACHAIN_BEPOLIA_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_BEPOLIA_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 17274:17274

4
berachain/reth/berachain-mainnet-reth-archive-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-mainnet-reth:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_MAINNET_RETH_VERSION:-v1.4.0}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_MAINNET_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -152,7 +152,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.4.0-rc3}
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_MAINNET_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 17881:17881

4
berachain/reth/berachain-mainnet-reth-pruned-trace.yml
View File

@@ -61,7 +61,7 @@ x-logging-defaults: &logging-defaults
services:
berachain-mainnet-reth-pruned:
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_MAINNET_RETH_VERSION:-v1.4.0}
image: ${BERACHAIN_RETH_IMAGE:-ghcr.io/berachain/bera-reth}:${BERACHAIN_MAINNET_RETH_VERSION:-v1.3.1}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -153,7 +153,7 @@ services:
context: ./berachain
dockerfile: beacon-kit.Dockerfile
args:
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.4.0-rc3}
BEACONKIT_VERSION: ${BERACHAIN_MAINNET_BEACON_KIT_VERSION:-v1.3.4}
BEACONKIT_IMAGE: ${BERACHAIN_MAINNET_BEACON_KIT_IMAGE:-ghcr.io/berachain/beacon-kit}
ports:
- 15900:15900

2
bitcoin-cash/bitcoind/bitcoin-cash-mainnet-bitcoind-full.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
bitcoin-cash-mainnet:
image: ${BITCOIN_CASH_BITCOIND_IMAGE:-bitcoinabc/bitcoin-abc}:${BITCOIN_CASH_MAINNET_BITCOIND_VERSION:-0.33.6}
image: ${BITCOIN_CASH_BITCOIND_IMAGE:-bitcoinabc/bitcoin-abc}:${BITCOIN_CASH_MAINNET_BITCOIND_VERSION:-0.32.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
bitcoin-cash/bitcoind/bitcoin-cash-testnet-bitcoind-full.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
bitcoin-cash-testnet:
image: ${BITCOIN_CASH_BITCOIND_IMAGE:-bitcoinabc/bitcoin-abc}:${BITCOIN_CASH_TESTNET_BITCOIND_VERSION:-0.33.6}
image: ${BITCOIN_CASH_BITCOIND_IMAGE:-bitcoinabc/bitcoin-abc}:${BITCOIN_CASH_TESTNET_BITCOIND_VERSION:-0.32.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

2
bsc/bsc/bsc-chapel-bsc-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
bsc-chapel:
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_CHAPEL_BSC_VERSION:-1.7.3}
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_CHAPEL_BSC_VERSION:-1.6.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

160
bsc/bsc/bsc-mainnet-bsc-minimal-pebble-hash.yml
View File

@@ -1,160 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Snapshot for minial datadir here
# https://github.com/48Club/bsc-snapshots?tab=readme-ov-file
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:bsc/bsc/bsc-mainnet-bsc-minimal-pebble-hash.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/bsc-mainnet-minimal \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
bsc-mainnet-minimal:
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_MAINNET_BSC_VERSION:-1.7.3}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12853:12853
- 12853:12853/udp
expose:
- 8545
- 6060
entrypoint: [geth]
command:
- --cache.database=${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_CACHE_DB:-40}
- --cache.gc=${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_CACHE_GC:-25}
- --cache.snapshot=${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_CACHE_SNAPSHOT:-20}
- --cache.trie=${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_CACHE_TRIE:-15}
- --cache=${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_CACHE:-1024}
- --config=/config/config.toml
- --datadir=/bsc/.ethereum
- --db.engine=pebble
- --gcmode=full
- --history.blocks=1024
- --history.logs.disable=true
- --history.state=1024
- --history.transactions=1024
- --http
- --http.addr=0.0.0.0
- --http.api=eth,net,web3,txpool,debug,admin,parlia
- --http.port=8545
- --http.vhosts=*
- --mainnet
- --maxpeers=50
- --metrics
- --metrics.addr=0.0.0.0
- --metrics.port=6060
- --nat=extip:${IP}
- --port=12853
- --rpc.gascap=600000000
- --rpc.txfeecap=0
- --state.scheme=hash
- --syncmode=full
- --tries-verify-mode=none
- --txpool.pricelimit=50000000
- --ws
- --ws.addr=0.0.0.0
- --ws.api=eth,net,web3,txpool,debug,admin,parlia
- --ws.origins=*
- --ws.port=8545
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${BSC_MAINNET_BSC_MINIMAL_PEBBLE_HASH_DATA:-bsc-mainnet-bsc-minimal-pebble-hash}:/bsc/.ethereum
- ./bsc/mainnet:/config
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=6060
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.bsc-mainnet-bsc-minimal-pebble-hash-stripprefix.stripprefix.prefixes=/bsc-mainnet-minimal
- traefik.http.services.bsc-mainnet-bsc-minimal-pebble-hash.loadbalancer.server.port=8545
- ${NO_SSL:-traefik.http.routers.bsc-mainnet-bsc-minimal-pebble-hash.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.bsc-mainnet-bsc-minimal-pebble-hash.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.bsc-mainnet-bsc-minimal-pebble-hash.rule=Host(`$DOMAIN`) && (Path(`/bsc-mainnet-minimal`) || Path(`/bsc-mainnet-minimal/`))}
- ${NO_SSL:+traefik.http.routers.bsc-mainnet-bsc-minimal-pebble-hash.rule=Path(`/bsc-mainnet-minimal`) || Path(`/bsc-mainnet-minimal/`)}
- traefik.http.routers.bsc-mainnet-bsc-minimal-pebble-hash.middlewares=bsc-mainnet-bsc-minimal-pebble-hash-stripprefix, ipallowlist
volumes:
bsc-mainnet-bsc-minimal-pebble-hash:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: bsc
method-groups:
enabled:
- debug
- filter
methods:
disabled:
# minimal bsc lacks the state to serve eth_getProof; the drpc gateway
# probes it and marks the whole upstream unavailable on "header not
# found" (especially while catching up after a restart).
- name: eth_getProof
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only
- name: debug_getRawBlock
- name: debug_getRawTransaction
- name: debug_getRawReceipts
- name: debug_getRawHeader
- name: debug_getBadBlocks
# non standard geth only slightly dangerous
- name: debug_intermediateRoots
- name: debug_dumpBlock
# standard geth and erigon
- name: debug_accountRange
- name: debug_getModifiedAccountsByNumber
- name: debug_getModifiedAccountsByHash
# non standard geth and erigon
- name: eth_getRawTransactionByHash
- name: eth_getRawTransactionByBlockHashAndIndex
...

6
bsc/bsc/bsc-mainnet-bsc-minimal-pebble-path.yml
View File

@@ -32,7 +32,7 @@ x-logging-defaults: &logging-defaults
services:
bsc-mainnet-minimal:
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_MAINNET_BSC_VERSION:-1.7.3}
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_MAINNET_BSC_VERSION:-1.6.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
@@ -137,10 +137,6 @@ x-upstreams:
disabled:
# not compatible with path state scheme
- name: debug_traceBlockByHash
# minimal bsc lacks the state to serve eth_getProof; the drpc gateway
# probes it and marks the whole upstream unavailable on "header not
# found" (especially while catching up after a restart).
- name: eth_getProof
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth only

2
bsc/bsc/bsc-mainnet-bsc-pruned-pebble-path.yml
View File

@@ -30,7 +30,7 @@ x-logging-defaults: &logging-defaults
services:
bsc-mainnet:
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_MAINNET_BSC_VERSION:-1.7.3}
image: ${BSC_BSC_IMAGE:-ghcr.io/bnb-chain/bsc}:${BSC_MAINNET_BSC_VERSION:-1.6.6}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle

4
bsc/erigon3/bsc-chapel-erigon3-minimal-trace.yml
View File

@@ -130,10 +130,6 @@ x-upstreams:
methods:
disabled:
- name: eth_getLogs # this returns result [] on ethereum mainnet when it shouldn't so it's probably buggy on al networks
# minimal bsc lacks the state to serve eth_getProof; the drpc gateway
# probes it and marks the whole upstream unavailable on "header not
# found" (especially while catching up after a restart).
- name: eth_getProof
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon

4
bsc/erigon3/bsc-mainnet-erigon3-minimal-trace.yml
View File

@@ -130,10 +130,6 @@ x-upstreams:
methods:
disabled:
- name: eth_getLogs # this returns result [] on ethereum mainnet when it shouldn't so it's probably buggy on al networks
# minimal bsc lacks the state to serve eth_getProof; the drpc gateway
# probes it and marks the whole upstream unavailable on "header not
# found" (especially while catching up after a restart).
- name: eth_getProof
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
# standard geth and erigon

3
bsc/reth/bsc-chapel-reth-archive-trace-triedb.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_CHAPEL_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -101,7 +101,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --statedb.triedb
- --ws
- --ws.addr=0.0.0.0

3
bsc/reth/bsc-chapel-reth-archive-trace.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_CHAPEL_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -101,7 +101,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev

3
bsc/reth/bsc-chapel-reth-pruned-trace-triedb.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_CHAPEL_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --statedb.triedb
- --ws
- --ws.addr=0.0.0.0

3
bsc/reth/bsc-chapel-reth-pruned-trace.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_CHAPEL_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_CHAPEL_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev

3
bsc/reth/bsc-mainnet-reth-archive-trace-triedb.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_MAINNET_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --statedb.triedb
- --ws
- --ws.addr=0.0.0.0

3
bsc/reth/bsc-mainnet-reth-archive-trace.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_MAINNET_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev

3
bsc/reth/bsc-mainnet-reth-pruned-trace-triedb.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_MAINNET_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --statedb.triedb
- --ws
- --ws.addr=0.0.0.0

3
bsc/reth/bsc-mainnet-reth-pruned-trace.yml
View File

@@ -49,7 +49,7 @@ services:
args:
LLVM_IMAGE: ${LLVM_IMAGE:-snowstep/llvm}
LLVM_VERSION: ${LLVM_VERSION:-20250912105042}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.6.3}
RETH_VERSION: ${BSC_MAINNET_RETH_VERSION:-v0.0.7-beta}
RETH_REPO: ${BSC_MAINNET_RETH_REPO:-https://github.com/bnb-chain/reth-bsc.git}
ARCH_TARGET: ${ARCH_TARGET:-native}
PROFILE: ${RETH_BUILD_PROFILE:-maxperf}
@@ -102,7 +102,6 @@ services:
- --rpc.max-blocks-per-filter=0
- --rpc.max-connections=50000
- --rpc.max-logs-per-response=0
- --rpc.max-trace-filter-blocks=10000
- --ws
- --ws.addr=0.0.0.0
- --ws.api=admin,debug,eth,net,trace,txpool,web3,rpc,reth,ots,flashbots,mev

1
cadvisor.yml
View File

@@ -18,7 +18,6 @@ services:
- "prometheus-scrape.enabled=true"
- "prometheus-scrape.port=8080"
- "prometheus-scrape.job_name=cadvisor"
- "prometheus-scrape.metrics_path=/metrics"
- "org.label-schema.group=monitoring"
networks:
- monitoring

189
check-health.sh
View File

@@ -10,19 +10,11 @@ fi
RPC_URL=$1
shift
# Check for --starknet / --aztec / --cosmos flag
# Check for --starknet flag
is_starknet=false
is_aztec=false
is_cosmos=false
if [ "$1" == "--starknet" ]; then
is_starknet=true
shift
elif [ "$1" == "--aztec" ]; then
is_aztec=true
shift
elif [ "$1" == "--cosmos" ]; then
is_cosmos=true
shift
fi
REF=""
@@ -37,35 +29,11 @@ ref=${REF% }
timeout=3 # seconds
# CometBFT / cosmos (gaiad and the cosmos batch): no EVM RPC. Use the chain's own
# sync_info from the CometBFT /status method — catching_up=false means caught up to head.
# Short-circuits here; the EVM/starknet/aztec block-comparison path below is not used.
if $is_cosmos; then
status=$(curl -L --ipv4 -m $timeout -s -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","id":1,"method":"status"}' "$RPC_URL")
if [ $? -ne 0 ] || [ -z "$status" ]; then echo "timeout"; exit 1; fi
catching_up=$(echo "$status" | jq -r '.result.sync_info.catching_up // .sync_info.catching_up' 2>/dev/null)
node_height=$(echo "$status" | jq -r '.result.sync_info.latest_block_height // .sync_info.latest_block_height' 2>/dev/null)
if [ -z "$node_height" ] || [ "$node_height" = "null" ]; then echo "error"; exit 1; fi
if [ "$catching_up" = "true" ]; then echo "syncing"; exit 1; fi
# catching_up=false => synced. If a reference endpoint is given, sanity-check head gap.
if [ -n "$ref" ]; then
ref_status=$($BASEPATH/multicurl.sh -L --ipv4 -m $timeout -s -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","id":1,"method":"status"}' $ref)
ref_height=$(echo "$ref_status" | jq -r '.result.sync_info.latest_block_height // .sync_info.latest_block_height' 2>/dev/null)
if [ -n "$ref_height" ] && [ "$ref_height" != "null" ] && [ "$ref_height" -gt 0 ] 2>/dev/null; then
gap=$(( ref_height - node_height ))
if [ "$gap" -gt 100 ]; then echo "behind ($gap)"; exit 1; fi
fi
fi
echo "online"; exit 0
fi
response_file=$(mktemp)
# Use appropriate RPC method based on chain type
if $is_starknet; then
rpc_method='{"jsonrpc":"2.0","method":"starknet_getBlockWithTxHashes","params":["latest"],"id":1}'
elif $is_aztec; then
rpc_method='{"jsonrpc":"2.0","method":"node_getBlock","params":["latest"],"id":1}'
else
rpc_method='{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["latest", false],"id":1}'
fi
@@ -81,15 +49,6 @@ if [ $? -eq 0 ]; then
latest_block_timestamp_decimal=$(echo "$response" | jq -r '.result.timestamp')
latest_block_number=$(echo "$response" | jq -r '.result.block_number')
latest_block_hash=$(echo "$response" | jq -r '.result.block_hash')
elif $is_aztec; then
# Aztec: node_getBlock("latest") returns blockHash, header.globalVariables.blockNumber, header.globalVariables.timestamp
latest_block_number=$(echo "$response" | jq -r '.result.header.globalVariables.blockNumber')
latest_block_timestamp_decimal=$(echo "$response" | jq -r '.result.header.globalVariables.timestamp')
latest_block_hash=$(echo "$response" | jq -r '.result.blockHash')
if [ "$latest_block_number" = "null" ] || [ "$latest_block_timestamp_decimal" = "null" ] || [ -z "$latest_block_timestamp_decimal" ]; then
echo "error"
exit 1
fi
else
# Ethereum returns hex timestamp and number
latest_block_timestamp=$(echo "$response" | jq -r '.result.timestamp')
@@ -104,57 +63,13 @@ if [ $? -eq 0 ]; then
rm "$response_file"
if [ -n "$ref" ]; then
MAX_RETRIES=3
attempt=1
response_file2=$(mktemp)
while [ $attempt -le $MAX_RETRIES ]; do
# Re-fetch local latest block for retries > 1
if [ $attempt -gt 1 ]; then
sleep 3
# Re-query local latest block and update variables
response_file=$(mktemp)
http_status_code=$(curl -L --ipv4 -m $timeout -s -X POST -w "%{http_code}" -o "$response_file" -H "Content-Type: application/json" --data "$rpc_method" $RPC_URL)
if [ $? -eq 0 ] && [[ $http_status_code -eq 200 ]]; then
response=$(cat "$response_file")
if $is_starknet; then
latest_block_timestamp_decimal=$(echo "$response" | jq -r '.result.timestamp')
latest_block_number=$(echo "$response" | jq -r '.result.block_number')
latest_block_hash=$(echo "$response" | jq -r '.result.block_hash')
elif $is_aztec; then
latest_block_number=$(echo "$response" | jq -r '.result.header.globalVariables.blockNumber')
latest_block_timestamp_decimal=$(echo "$response" | jq -r '.result.header.globalVariables.timestamp')
latest_block_hash=$(echo "$response" | jq -r '.result.blockHash')
if [ "$latest_block_number" = "null" ] || [ "$latest_block_timestamp_decimal" = "null" ] || [ -z "$latest_block_timestamp_decimal" ]; then
echo "error"
exit 1
fi
else
latest_block_timestamp=$(echo "$response" | jq -r '.result.timestamp')
latest_block_timestamp_decimal=$((16#${latest_block_timestamp#0x}))
latest_block_number=$(echo "$response" | jq -r '.result.number')
latest_block_hash=$(echo "$response" | jq -r '.result.hash')
fi
current_time=$(date +%s)
time_difference=$((current_time - latest_block_timestamp_decimal))
rm "$response_file"
else
rm "$response_file"
echo "error"
exit 1
fi
fi
response_file2=$(mktemp)
if [ $attempt -eq 1 ]; then
sleep 3 # to give the reference node more time to import the block if it is very current
fi
sleep 3 # to give the reference node more time to import the block if it is very current
if $is_starknet; then
# Starknet uses block_id object with block_number
rpc_method2="{\"jsonrpc\":\"2.0\",\"method\":\"starknet_getBlockWithTxHashes\",\"params\":[{\"block_number\":$latest_block_number}],\"id\":1}"
elif $is_aztec; then
rpc_method2="{\"jsonrpc\":\"2.0\",\"method\":\"node_getBlock\",\"params\":[$latest_block_number],\"id\":1}"
else
rpc_method2="{\"jsonrpc\":\"2.0\",\"method\":\"eth_getBlockByNumber\",\"params\":[\"$latest_block_number\", false],\"id\":1}"
fi
@@ -168,50 +83,35 @@ if [ $? -eq 0 ]; then
response2=$(cat "$response_file2")
if $is_starknet; then
latest_block_hash2=$(echo "$response2" | jq -r '.result.block_hash')
elif $is_aztec; then
latest_block_hash2=$(echo "$response2" | jq -r '.result.blockHash')
else
latest_block_hash2=$(echo "$response2" | jq -r '.result.hash')
fi
rm "$response_file2"
# Proceed if hashes match (or both empty for Aztec when API omits hash)
if [ "$latest_block_hash" == "$latest_block_hash2" ]; then
response_file3=$(mktemp)
status_file3=$(mktemp)
if $is_aztec; then
# Aztec: node_getBlock("latest") - same single-request pattern as eth/starknet
rpc_method_latest='{"jsonrpc":"2.0","method":"node_getBlock","params":["latest"],"id":1}'
{
$BASEPATH/multicurl.sh -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file3" -H "Content-Type: application/json" --data "$rpc_method_latest" $ref > "$status_file3"
} &
pid3=$!
response_file4=$(mktemp)
status_file4=$(mktemp)
{
curl -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file4" -H "Content-Type: application/json" --data "$rpc_method_latest" $RPC_URL > "$status_file4"
} &
pid4=$!
if $is_starknet; then
rpc_method_latest='{"jsonrpc":"2.0","method":"starknet_getBlockWithTxHashes","params":["latest"],"id":1}'
else
if $is_starknet; then
rpc_method_latest='{"jsonrpc":"2.0","method":"starknet_getBlockWithTxHashes","params":["latest"],"id":1}'
else
rpc_method_latest='{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["latest", false],"id":1}'
fi
{
$BASEPATH/multicurl.sh -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file3" -H "Content-Type: application/json" --data "$rpc_method_latest" $ref > "$status_file3"
} &
pid3=$!
response_file4=$(mktemp)
status_file4=$(mktemp)
{
curl -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file4" -H "Content-Type: application/json" --data "$rpc_method_latest" $RPC_URL > "$status_file4"
} &
pid4=$!
rpc_method_latest='{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["latest", false],"id":1}'
fi
{
$BASEPATH/multicurl.sh -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file3" -H "Content-Type: application/json" --data "$rpc_method_latest" $ref > "$status_file3"
} &
pid3=$!
response_file4=$(mktemp)
status_file4=$(mktemp)
{
curl -L --ipv4 -m $timeout -s -X POST -w "%{http_code} %{time_total}" -o "$response_file4" -H "Content-Type: application/json" --data "$rpc_method_latest" $RPC_URL > "$status_file4"
} &
pid4=$!
wait $pid3
curl_code3=$?
http_status_code3=$(cat "$status_file3" | cut -d ' ' -f 1)
@@ -231,12 +131,10 @@ if [ $? -eq 0 ]; then
response3=$(cat "$response_file3")
if $is_starknet; then
ref_num=$(echo "$response3" | jq -r '.result.block_number // empty')
elif $is_aztec; then
ref_num=$(echo "$response3" | jq -r '.result.header.globalVariables.blockNumber // empty')
latest_block_timestamp_decimal3=$(echo "$response3" | jq -r '.result.timestamp')
else
ref_num_hex=$(echo "$response3" | jq -r '.result.number // empty')
ref_num=$([ -n "$ref_num_hex" ] && printf '%d' "$ref_num_hex" 2>/dev/null)
latest_block_timestamp3=$(echo "$response3" | jq -r '.result.timestamp')
latest_block_timestamp_decimal3=$((16#${latest_block_timestamp3#0x}))
fi
# echo "refer: $latest_block_timestamp_decimal3"
@@ -247,35 +145,23 @@ if [ $? -eq 0 ]; then
response4=$(cat "$response_file4")
if $is_starknet; then
local_num=$(echo "$response4" | jq -r '.result.block_number // empty')
elif $is_aztec; then
local_num=$(echo "$response4" | jq -r '.result.header.globalVariables.blockNumber // empty')
latest_block_timestamp_decimal4=$(echo "$response4" | jq -r '.result.timestamp')
else
local_num_hex=$(echo "$response4" | jq -r '.result.number // empty')
local_num=$([ -n "$local_num_hex" ] && printf '%d' "$local_num_hex" 2>/dev/null)
latest_block_timestamp4=$(echo "$response4" | jq -r '.result.timestamp')
latest_block_timestamp_decimal4=$((16#${latest_block_timestamp4#0x}))
fi
#echo "local: $latest_block_timestamp_decimal4"
rm "$response_file4"
# Lag in BLOCKS between the reference head and the local head
# (positive => local behind). Compare against dRPC's own per-chain
# thresholds (LAGGING_LAG / SYNCING_LAG from chains.yaml via
# sync-status.sh) so our status matches the dRPC gateway's view.
# dRPC uses the two thresholds inconsistently (sometimes
# lagging<syncing, sometimes the reverse), so treat the smaller as
# the online boundary and the larger as the syncing/drop boundary.
if [ -z "$ref_num" ] || [ -z "$local_num" ]; then
echo "error"
exit 1
fi
lag=$(( ref_num - local_num ))
lo=${LAGGING_LAG:-2}; hi=${SYNCING_LAG:-6}
if [ "$lo" -gt "$hi" ]; then tmp=$lo; lo=$hi; hi=$tmp; fi
if [ "$lag" -le "$lo" ]; then
time_difference3=$(echo "scale=6; (${latest_block_timestamp_decimal3} - ${request_time3}) - (${latest_block_timestamp_decimal4} - ${request_time4})" | bc)
#echo "diff after network latency: $time_difference3 s"
if (( $(echo "$time_difference3 < 2" | bc -l) )); then
echo "online"
exit 0
elif [ "$lag" -le "$hi" ]; then
elif (( $(echo "$time_difference3 < 5" | bc -l) )); then
echo "lagging"
exit 0
else
@@ -290,23 +176,14 @@ if [ $? -eq 0 ]; then
fi
fi
else
# Hash mismatch - retry if we have attempts left
if [ $attempt -lt $MAX_RETRIES ]; then
rm "$response_file2"
attempt=$((attempt + 1))
continue
else
rm "$response_file2"
echo "forked"
exit 1
fi
echo "forked"
exit 1
fi
else
echo "unverified ($http_status_code2)"
exit 1
fi
fi
done
echo "unverified ($curl_code)"
exit 0

267
cleanup-backups.sh
View File

@@ -1,260 +1,21 @@
#!/bin/bash
# Retain the N newest backups per volume key and move excess to trash.
#
# Usage:
# ./cleanup-backups.sh [--dry-run]
#
# Environment:
# BACKUP_DIR=/backup Backup root directory
# TRASH_DIR=/backup/trash Where removed backups are staged
# KEEP_COUNT=3 Backups to keep per volume key
# UPLOADING_MAX_AGE_HOURS=72 Trash uploading-* only when older than this
# EXCLUDE_DIRS=graveyard:quarantained:trash Colon-separated subdirs to skip
set -euo pipefail
# Directory containing the backup files
backup_dir="/backup"
BASEPATH="$(cd "$(dirname "$0")" && pwd)"
BACKUP_DIR="${BACKUP_DIR:-/backup}"
TRASH_DIR="${TRASH_DIR:-$BACKUP_DIR/trash}"
KEEP_COUNT="${KEEP_COUNT:-3}"
UPLOADING_MAX_AGE_HOURS="${UPLOADING_MAX_AGE_HOURS:-72}"
EXCLUDE_DIRS="${EXCLUDE_DIRS:-graveyard:quarantained:trash}"
# Get a list of all backup files
backup_files=$(find "$backup_dir" -type f -name 'rpc_*-*.tar.zst')
DRY_RUN=false
if [[ "${1:-}" == "--dry-run" ]]; then
DRY_RUN=true
elif [[ -n "${1:-}" ]]; then
echo "Usage: $0 [--dry-run]" >&2
exit 1
fi
# Iterate through each backup file
for file in $backup_files; do
# Extract volume name from the file name
volume_name=$(basename "$file" | cut -d '-' -f 1-3)
BACKUP_PATTERN='^(rpc_.+)-([0-9]{4}-[0-9]{2}-[0-9]{2}-[0-9]{2}-[0-9]{2}-[0-9]{2})-([0-9]+)G\.tar\.zst$'
# Get the latest backup file for this volume name
latest_backup=$(find "$backup_dir" -type f -name "$volume_name-*" -printf "%T@ %p\n" | sort -n | tail -1 | cut -d ' ' -f 2)
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" >&2
}
bytes_trashed=0
add_trashed_bytes() {
local file=$1
if [[ -f "$file" ]]; then
local size
size=$(stat -c%s "$file" 2>/dev/null || echo 0)
bytes_trashed=$((bytes_trashed + size))
# Keep only the latest backup file for this volume name
if [[ "$file" != "$latest_backup" ]]; then
rm "$file"
fi
}
trash_file() {
local file=$1
local reason=$2
if [[ ! -f "$file" ]]; then
return 0
fi
local dest="$TRASH_DIR/$(basename "$file")"
if [[ -e "$dest" ]]; then
log "Error: trash destination already exists, skipping: $dest"
return 1
fi
if $DRY_RUN; then
log "DRY-RUN would trash ($reason): $file -> $dest"
return 0
fi
mv -- "$file" "$dest"
log "Trashed ($reason): $file -> $dest"
}
is_excluded_path() {
local path=$1
local rel="${path#"$BACKUP_DIR"/}"
if [[ "$rel" == broken_* ]] || [[ "$rel" == deprecated-* ]]; then
return 0
fi
local dir
IFS=':' read -ra excluded_dirs <<< "$EXCLUDE_DIRS"
for dir in "${excluded_dirs[@]}"; do
if [[ -n "$dir" && ( "$rel" == "$dir" || "$rel" == "$dir"/* ) ]]; then
return 0
fi
done
return 1
}
parse_volume_key() {
local basename=$1
if [[ "$basename" =~ $BACKUP_PATTERN ]]; then
echo "${BASH_REMATCH[1]}"
return 0
fi
return 1
}
metadata_for_archive() {
local archive=$1
echo "${archive%.tar.zst}.txt"
}
file_has_open_handles() {
local file=$1
if command -v lsof >/dev/null 2>&1; then
if lsof -- "$file" >/dev/null 2>&1; then
return 0
fi
fi
if command -v fuser >/dev/null 2>&1; then
if fuser -- "$file" >/dev/null 2>&1; then
return 0
fi
fi
return 1
}
cleanup_stale_uploads() {
local upload_file
local age_seconds=$((UPLOADING_MAX_AGE_HOURS * 3600))
local now
now=$(date +%s)
while IFS= read -r -d '' upload_file; do
if is_excluded_path "$upload_file"; then
continue
fi
local mtime age
mtime=$(stat -c %Y "$upload_file")
age=$((now - mtime))
if (( age < age_seconds )); then
log "Keeping in-progress upload ($(($age / 3600))h old): $upload_file"
continue
fi
if file_has_open_handles "$upload_file"; then
log "Keeping upload with open handles ($(($age / 3600))h old): $upload_file"
continue
fi
add_trashed_bytes "$upload_file"
trash_file "$upload_file" "stale upload older than ${UPLOADING_MAX_AGE_HOURS}h"
done < <(find "$BACKUP_DIR" -maxdepth 1 -type f -name 'uploading-*' -print0 2>/dev/null)
}
cleanup_volume_backups() {
declare -A volume_files=()
local file basename volume_key
while IFS= read -r -d '' file; do
if is_excluded_path "$file"; then
continue
fi
basename=$(basename "$file")
if ! volume_key=$(parse_volume_key "$basename"); then
log "Skipping unrecognized backup filename: $file"
continue
fi
volume_files["$volume_key"]+="$file"$'\n'
done < <(find "$BACKUP_DIR" -maxdepth 1 -type f -name 'rpc_*-*.tar.zst' -print0 2>/dev/null)
local volume trashed=0 kept=0
for volume in "${!volume_files[@]}"; do
mapfile -t files < <(printf '%s' "${volume_files[$volume]}" | sed '/^$/d' | sort)
local total=${#files[@]}
if (( total <= KEEP_COUNT )); then
kept=$((kept + total))
continue
fi
local delete_count=$((total - KEEP_COUNT))
local i
for ((i = 0; i < delete_count; i++)); do
local archive="${files[$i]}"
local metadata
metadata=$(metadata_for_archive "$archive")
add_trashed_bytes "$archive"
trash_file "$archive" "keeping ${KEEP_COUNT}/${total} for $volume"
trashed=$((trashed + 1))
if [[ -f "$metadata" ]]; then
add_trashed_bytes "$metadata"
trash_file "$metadata" "orphaned metadata for $volume"
fi
done
kept=$((kept + KEEP_COUNT))
done
echo "$trashed $kept"
}
cleanup_orphan_metadata() {
local metadata archive basename
local orphans=0
while IFS= read -r -d '' metadata; do
if is_excluded_path "$metadata"; then
continue
fi
basename=$(basename "$metadata")
if [[ ! "$basename" =~ ^rpc_.+\.txt$ ]]; then
continue
fi
archive="${metadata%.txt}.tar.zst"
if [[ -f "$archive" ]]; then
continue
fi
if [[ -f "$TRASH_DIR/$(basename "$archive")" ]]; then
add_trashed_bytes "$metadata"
trash_file "$metadata" "metadata for archived-in-trash backup"
orphans=$((orphans + 1))
continue
fi
add_trashed_bytes "$metadata"
trash_file "$metadata" "orphaned metadata without archive"
orphans=$((orphans + 1))
done < <(find "$BACKUP_DIR" -maxdepth 1 -type f -name 'rpc_*.txt' -print0 2>/dev/null)
echo "$orphans"
}
main() {
if [[ ! -d "$BACKUP_DIR" ]]; then
log "Error: backup directory does not exist: $BACKUP_DIR"
exit 1
fi
if ! $DRY_RUN; then
mkdir -p "$TRASH_DIR"
fi
log "Starting backup cleanup in $BACKUP_DIR (trash_dir=$TRASH_DIR, keep_count=$KEEP_COUNT, uploading_max_age=${UPLOADING_MAX_AGE_HOURS}h, dry_run=$DRY_RUN)"
cleanup_stale_uploads
local trashed kept orphan_metadata
read -r trashed kept < <(cleanup_volume_backups)
read -r orphan_metadata < <(cleanup_orphan_metadata)
local trashed_human
trashed_human=$(numfmt --to=iec-i --suffix=B "$bytes_trashed" 2>/dev/null || echo "${bytes_trashed}B")
log "Cleanup complete: trashed=$trashed kept=$kept orphan_metadata=$orphan_metadata staged≈$trashed_human"
}
main "$@"
done

43
cleanup-volumes.sh
View File

@@ -1,20 +1,19 @@
#!/bin/bash
# List (default) or, with --remove-from-disk, delete the docker volumes that are NOT
# referenced by the current COMPOSE_FILE. Removal also frees the static-file data that was
# offloaded to /slowdisk behind the volume's symlinks (delete_slowdisk_targets_for_key),
# so nothing leaks on /slowdisk.
BASEPATH="$(dirname "$0")"
source $BASEPATH/.env
source $BASEPATH/volume-utils.sh
IFS=':' read -ra parts <<< $COMPOSE_FILE
used_volumes=()
for part in "${parts[@]}"; do
volumes=$(get_volume_keys "$BASEPATH/$part")
# Prefix each compose volume key with rpc_ to match docker's volume names.
# Convert YAML to JSON using yaml2json
json=$(yaml2json "$BASEPATH/$part")
# Extract volumes using jq
volumes=$(echo "$json" | jq -r '.volumes | keys[]' 2> /dev/null)
# Convert volumes to an array
prefix="rpc_"
IFS=$'\n' read -r -d '' -a volumes_array <<< "$(printf "%s\n" "${volumes[@]}" | sed "/^$/! s/^/$prefix/")"
@@ -23,29 +22,21 @@ done
on_disk=($(docker volume ls --format '{{.Name}}' | grep '^rpc_'))
# A volume counts as "used" only on an EXACT name match. The previous substring test
# ([[ "${used_volumes[@]}" =~ "$element" ]]) could mis-classify a volume whose name is a
# substring of another (e.g. ...-pruned vs ...-pruned-trace) and wrongly purge a live one.
is_used() {
local v=$1 u
for u in "${used_volumes[@]}"; do
[[ "$u" == "$v" ]] && return 0
done
return 1
}
unused_volumes=()
for element in "${on_disk[@]}"; do
is_used "$element" || unused_volumes+=("$element")
# Check if the element exists in array2
if [[ ! "${used_volumes[@]}" =~ "$element" ]]; then
# If not, add it to the difference array
unused_volumes+=("$element")
fi
done
if [ "$1" = "--remove-from-disk" ]; then
# Remove each unused volume AND the /slowdisk static data behind its symlinks.
for volume in "${unused_volumes[@]}"; do
echo "removing unused volume: $volume"
delete_slowdisk_targets_for_key "${volume#rpc_}"
docker volume rm "$volume"
done
# Iterate over volumes in the difference array and remove them from disk
for volume in "${unused_volumes[@]}"; do
docker volume rm "$volume"
done
else
printf '%s\n' "${unused_volumes[@]}"
fi

97
clone-backup.sh
View File

@@ -2,23 +2,6 @@
# Script to clone node volumes from backup location to a remote server
# Uses the same transfer method as clone-node.sh but streams zstd archives directly from backup location
#
# Usage: ./clone-backup.sh <config> <dest_host> [--no-slowdisk]
# --no-slowdisk : do NOT offload static files to /slowdisk (no symlinks);
# extract everything onto the local disk instead. Required to
# proceed when /slowdisk is too small for the static files.
# Pull the --no-slowdisk flag out of the args so the positional <config>/<dest>
# parsing below is unaffected regardless of where the flag is placed.
NO_SLOWDISK=false
_args=()
for _a in "$@"; do
case "$_a" in
--no-slowdisk) NO_SLOWDISK=true ;;
*) _args+=("$_a") ;;
esac
done
set -- "${_args[@]}"
if [[ -n $2 ]]; then
DEST_HOST="$2.stakesquid.eu"
@@ -29,7 +12,6 @@ else
fi
dir="$(dirname "$0")"
source "$dir/volume-utils.sh"
# Configuration
BASE_PORT=9000
@@ -125,7 +107,7 @@ release_port() {
# Check if SLOWDISK mode is enabled on target
check_slowdisk_enabled() {
$SSH_CMD "$DEST_HOST" "grep -qi '^SLOWDISK=true' /root/rpc/.env 2>/dev/null"
$SSH_CMD "$DEST_HOST" "grep -q '^SLOWDISK=true' /root/rpc/.env 2>/dev/null"
return $?
}
@@ -176,40 +158,6 @@ parse_metadata() {
printf '%s\n' "${static_paths[@]}"
}
# Decide whether to offload this volume's static files to /slowdisk.
# return 0 -> use /slowdisk (caller should create symlinks + extract)
# return 1 -> skip /slowdisk (extract static files onto local disk)
# Aborts the whole script if /slowdisk is too small and --no-slowdisk was not
# given, to avoid overfilling /slowdisk with a partially-extracted snapshot.
decide_slowdisk() {
local key=$1
local static_size_kb=$2
# Explicit override: never offload, never create symlinks.
if [[ "$NO_SLOWDISK" == "true" ]]; then
echo " --no-slowdisk: skipping /slowdisk offload for '$key' (static files -> local disk)"
return 1
fi
# How much room is actually on /slowdisk right now?
local slowdisk_available
slowdisk_available=$($SSH_CMD "$DEST_HOST" "df -BK /slowdisk 2>/dev/null | tail -1 | awk '{print \$4}' | sed 's/K//'")
if [[ -z "$slowdisk_available" ]] || [[ "$slowdisk_available" -lt "$static_size_kb" ]]; then
{
echo ""
echo "WARNING: /slowdisk on $DEST_HOST is too small for the static files of '$key'."
echo " available: $(( ${slowdisk_available:-0} / 1024 ))MB, needed: $(( static_size_kb / 1024 ))MB"
echo " Aborting to avoid overfilling /slowdisk with a partial snapshot."
echo " Re-run with --no-slowdisk to extract static files onto the local disk"
echo " instead (no /slowdisk offload, no symlinks created)."
} >&2
exit 1
fi
return 0
}
# Setup slowdisk directory structure with symlinks
setup_slowdisk_structure() {
local key=$1
@@ -306,7 +254,7 @@ transfer_backup() {
local backup_basename=$(basename "$backup_file" .tar.zst)
local metadata_file="$backup_dir/${backup_basename}.txt"
local use_slowdisk=false
local tar_extract_opts="-xf - -C / --keep-directory-symlink"
local tar_extract_opts="-xf - -C /"
if [[ -f "$metadata_file" ]] && check_slowdisk_enabled; then
echo "Metadata file found and SLOWDISK mode enabled"
@@ -318,22 +266,16 @@ transfer_backup() {
local static_paths=($(echo "$metadata_output" | tail -n +2))
if [[ ${#static_paths[@]} -gt 0 ]] && [[ -n "$static_size_kb" ]]; then
# Check /slowdisk capacity (aborts if too small without --no-slowdisk).
if decide_slowdisk "$key" "$static_size_kb"; then
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
use_slowdisk=true
# Use --skip-old-files to avoid overwriting existing symlinks/directories
# and --keep-directory-symlink so tar extracts THROUGH the pre-created dir symlinks
# instead of trying to mkdir over them (which fails with 'Cannot mkdir: File exists')
tar_extract_opts="-xf - -C / --skip-old-files --keep-directory-symlink"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
use_slowdisk=true
# Use --skip-old-files to avoid overwriting existing symlinks/directories
# But we still want to extract files into symlinked directories
tar_extract_opts="-xf - -C / --skip-old-files"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
# decide_slowdisk returned 1 (--no-slowdisk): leave tar_extract_opts at
# the default so static files are extracted onto the local disk.
else
echo "Warning: Could not parse metadata file, falling back to normal extraction"
fi
@@ -495,7 +437,7 @@ transfer_backup_ssh() {
# Check for metadata file and SLOWDISK mode (same logic as transfer_backup)
local backup_basename=$(basename "$backup_file" .tar.zst)
local metadata_file="$backup_dir/${backup_basename}.txt"
local tar_extract_opts="-xf - -C / --keep-directory-symlink"
local tar_extract_opts="-xf - -C /"
if [[ -f "$metadata_file" ]] && check_slowdisk_enabled; then
echo "Metadata file found and SLOWDISK mode enabled"
@@ -509,9 +451,7 @@ transfer_backup_ssh() {
if [[ ${#static_paths[@]} -gt 0 ]] && [[ -n "$static_size_kb" ]]; then
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
# and --keep-directory-symlink so tar extracts THROUGH the pre-created dir symlinks
# instead of trying to mkdir over them (which fails with 'Cannot mkdir: File exists')
tar_extract_opts="-xf - -C / --skip-old-files --keep-directory-symlink"
tar_extract_opts="-xf - -C / --skip-old-files"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
@@ -541,15 +481,6 @@ main() {
# Set up cleanup trap
trap cleanup_all_ports EXIT INT TERM
# RETH GUARD: reth refuses to start when its static_files directory is a symlink.
# Match restore-volumes.sh: skip the whole /slowdisk static-file symlink offload
# for reth nodes and extract everything onto the primary disk.
if [[ "$1" == *reth* ]]; then
echo "WARNING: $1 contains 'reth' — static-file symlink offload disabled (reth broke whole-dir symlinks)"
echo " All volumes will be extracted onto the primary disk (equivalent to --no-slowdisk)"
NO_SLOWDISK=true
fi
setup_ssh_multiplex
# Check if backup directory exists
@@ -593,7 +524,7 @@ main() {
sudo sysctl -w net.ipv4.tcp_no_metrics_save=1
echo "Reading volume configuration from $dir/$1.yml..."
keys=$(get_persistent_volume_keys "$dir/$1.yml")
keys=$(cat "$dir/$1.yml" | yaml2json - | jq '.volumes' | jq -r 'keys[]')
if [[ -z "$keys" ]]; then
echo "Error: No volumes found in configuration"

111
clone-node.sh
View File

@@ -3,22 +3,6 @@
# Fixed version that handles missing netstat
BASEPATH="$(dirname "$0")"
source "$BASEPATH/volume-utils.sh"
# Usage: ./clone-node.sh <node_path> <dest_host> [--no-slowdisk]
# --no-slowdisk : do NOT offload static files to /slowdisk on the target (no
# symlinks); extract everything to the local disk. Required to
# proceed when the target's /slowdisk is too small. Strip it
# out before the positional <node>/<dest> parsing below.
NO_SLOWDISK=false
_args=()
for _a in "$@"; do
case "$_a" in
--no-slowdisk) NO_SLOWDISK=true ;;
*) _args+=("$_a") ;;
esac
done
set -- "${_args[@]}"
if [[ -n $2 ]]; then
DEST_HOST="$2.stakesquid.eu"
@@ -119,7 +103,7 @@ release_port() {
# Check if SLOWDISK mode is enabled on target
check_slowdisk_enabled() {
$SSH_CMD "$DEST_HOST" "grep -qi '^SLOWDISK=true' /root/rpc/.env 2>/dev/null"
$SSH_CMD "$DEST_HOST" "grep -q '^SLOWDISK=true' /root/rpc/.env 2>/dev/null"
return $?
}
@@ -156,36 +140,6 @@ detect_static_files() {
printf '%s\n' "${static_paths[@]}"
}
# Decide whether to offload this volume's static files to the target's /slowdisk.
# return 0 -> use /slowdisk (caller sets up symlinks + extracts through them)
# return 1 -> skip /slowdisk (extract static files onto local disk)
# Aborts the whole clone if /slowdisk is too small and --no-slowdisk was not
# given, to avoid overfilling /slowdisk with a partially-extracted volume.
decide_slowdisk() {
local key=$1
local static_size_kb=$2
if [[ "$NO_SLOWDISK" == "true" ]]; then
echo " --no-slowdisk: skipping /slowdisk offload for '$key' (static files -> local disk)"
return 1
fi
local slowdisk_available
slowdisk_available=$($SSH_CMD "$DEST_HOST" "df -BK /slowdisk 2>/dev/null | tail -1 | awk '{print \$4}' | sed 's/K//'")
if [[ -z "$slowdisk_available" ]] || [[ "$slowdisk_available" -lt "$static_size_kb" ]]; then
{
echo ""
echo "WARNING: /slowdisk on $DEST_HOST is too small for the static files of '$key'."
echo " available: $(( ${slowdisk_available:-0} / 1024 ))MB, needed: $(( static_size_kb / 1024 ))MB"
echo " Aborting to avoid overfilling /slowdisk with a partial volume."
echo " Re-run with --no-slowdisk to clone without /slowdisk offload (static files on local disk)."
} >&2
exit 1
fi
return 0
}
# Setup slowdisk directory structure with symlinks
setup_slowdisk_structure() {
local key=$1
@@ -276,7 +230,7 @@ transfer_volume() {
fi
local folder_size=$(du -sb "$source_folder" 2>/dev/null | awk '{print $1}')
local tar_extract_opts="-xf - -C / --keep-directory-symlink"
local tar_extract_opts="-xf - -C /"
local use_slowdisk=false
# Check for SLOWDISK mode and detect static files
@@ -290,23 +244,17 @@ transfer_volume() {
if [[ ${#static_paths[@]} -gt 0 ]] && [[ -n "$static_size_kb" ]]; then
echo "Found ${#static_paths[@]} static paths (total: $((static_size_kb / 1024))MB)"
# Check /slowdisk capacity (aborts if too small without --no-slowdisk).
if decide_slowdisk "$key" "$static_size_kb"; then
echo "Setting up SLOWDISK structure on target..."
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
use_slowdisk=true
# Use --skip-old-files to avoid overwriting existing symlinks/directories
# and --keep-directory-symlink so tar extracts THROUGH the pre-created dir symlinks
# instead of trying to mkdir over them (which fails with 'Cannot mkdir: File exists')
tar_extract_opts="-xf - -C / --skip-old-files --keep-directory-symlink"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
echo "Setting up SLOWDISK structure on target..."
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
use_slowdisk=true
# Use --skip-old-files to avoid overwriting existing symlinks/directories
tar_extract_opts="-xf - -C / --skip-old-files"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
# decide_slowdisk returned 1 (--no-slowdisk): leave tar_extract_opts
# at the default so static files extract onto the local disk.
else
echo "No static files detected, using normal extraction"
fi
@@ -459,7 +407,7 @@ transfer_volume_ssh() {
fi
local folder_size=$(du -sb "$source_folder" 2>/dev/null | awk '{print $1}')
local tar_extract_opts="-xf - -C / --keep-directory-symlink"
local tar_extract_opts="-xf - -C /"
# Check for SLOWDISK mode and detect static files (same logic as transfer_volume)
if check_slowdisk_enabled; then
@@ -472,21 +420,15 @@ transfer_volume_ssh() {
if [[ ${#static_paths[@]} -gt 0 ]] && [[ -n "$static_size_kb" ]]; then
echo "Found ${#static_paths[@]} static paths (total: $((static_size_kb / 1024))MB)"
# Check /slowdisk capacity (aborts if too small without --no-slowdisk).
if decide_slowdisk "$key" "$static_size_kb"; then
echo "Setting up SLOWDISK structure on target..."
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
# and --keep-directory-symlink so tar extracts THROUGH the pre-created dir symlinks
# instead of trying to mkdir over them (which fails with 'Cannot mkdir: File exists')
tar_extract_opts="-xf - -C / --skip-old-files --keep-directory-symlink"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
echo "Setting up SLOWDISK structure on target..."
# Setup slowdisk structure on remote
if setup_slowdisk_structure "$key" "$static_size_kb" "${static_paths[@]}"; then
tar_extract_opts="-xf - -C / --skip-old-files"
echo "SLOWDISK structure ready, will extract respecting symlinks"
else
echo "Warning: Failed to setup SLOWDISK structure, falling back to normal extraction"
fi
# decide_slowdisk returned 1 (--no-slowdisk): leave tar_extract_opts
# at the default so static files extract onto the local disk.
else
echo "No static files detected, using normal extraction"
fi
@@ -517,15 +459,6 @@ main() {
# Set up cleanup trap
trap cleanup_all_ports EXIT INT TERM
# RETH GUARD: reth refuses to start when its static_files directory is a symlink.
# Match restore-volumes.sh: skip the whole /slowdisk static-file symlink offload
# for reth nodes and extract everything onto the primary disk.
if [[ "$1" == *reth* ]]; then
echo "WARNING: $1 contains 'reth' — static-file symlink offload disabled (reth broke whole-dir symlinks)"
echo " All volumes will be extracted onto the primary disk (equivalent to --no-slowdisk)"
NO_SLOWDISK=true
fi
setup_ssh_multiplex
# the following sysctls are critical for high-latency networks
@@ -563,7 +496,7 @@ main() {
sudo sysctl -w net.ipv4.tcp_no_metrics_save=1
echo "Reading volume configuration from $1.yml..."
keys=$(get_persistent_volume_keys "/root/rpc/$1.yml")
keys=$(cat /root/rpc/$1.yml | yaml2json - | jq '.volumes' | jq -r 'keys[]')
if [[ -z "$keys" ]]; then
echo "Error: No volumes found in configuration"

1845
compose_registry.json
View File

File diff suppressed because it is too large Load Diff

11
cosmos/cometbft.Dockerfile
View File

@@ -1,11 +0,0 @@
ARG CL_IMAGE
ARG CL_VERSION
FROM ${CL_IMAGE}:${CL_VERSION}
# Layer the shared CometBFT bootstrap lib + the chain init.sh onto the upstream
# cosmos binary image (alpine-based, has sh+apk; runs nonroot by default — the compose
# sets user: root so init.sh can apk-add curl and write the /root home).
USER root
COPY ./scripts/cometbft-common.sh /usr/local/bin/cometbft-common.sh
COPY ./scripts/init.sh /usr/local/bin/init.sh
RUN chmod +x /usr/local/bin/init.sh /usr/local/bin/cometbft-common.sh
ENTRYPOINT ["init.sh"]

127
cosmos/gaiad/cosmos-mainnet-gaiad-pruned.yml
View File

@@ -1,127 +0,0 @@
---
x-logging-defaults: &logging-defaults
driver: json-file
options:
max-size: "10m"
max-file: "3"
# Usage:
#
# mkdir rpc && cd rpc
#
# git init
# git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git
# git fetch origin vibe
# git checkout origin/vibe
#
# docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret
#
# env
# ...
# IP=$(curl ipinfo.io/ip)
# DOMAIN=${IP}.traefik.me
# COMPOSE_FILE=base.yml:rpc.yml:cosmos/gaiad/cosmos-mainnet-gaiad-pruned.yml
#
# docker compose up -d
#
# curl -X POST https://${IP}.traefik.me/cosmos-mainnet-pruned \
# -H "Content-Type: application/json" \
# --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
services:
cosmos-mainnet-pruned:
build:
context: ./cosmos
dockerfile: cometbft.Dockerfile
args:
CL_IMAGE: ${COSMOS_GAIAD_IMAGE:-ghcr.io/cosmos/gaia}
CL_VERSION: ${COSMOS_MAINNET_GAIAD_VERSION:-v27.4.0}
sysctls:
# TCP Performance
net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle
net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache
net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers
net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers
net.core.somaxconn: 32768 # Higher connection queue
# Memory/Connection Management
# net.core.netdev_max_backlog: 50000 # Increase network buffer
net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests
net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets
ulimits:
nofile: 1048576 # Max open files (for RPC/WS connections)
user: root
ports:
- 12554:12554
- 12554:12554/udp
expose:
- 26657
- 26660
- 9090
- 1317
environment:
- CHAIN_ID=cosmoshub-4
- GENESIS_URL=https://github.com/cosmos/mainnet/raw/master/genesis/genesis.cosmoshub-4.json.gz
- IP=${IP}
- MIN_GAS=0.005uatom
- MONIKER=d${DOMAIN:-local}
- P2P_PORT=12554
- PERSISTENT_PEERS=a7f14a48cd97c0eae7833849ccdf4e9418622c56@65.108.128.201:14956,37dfe1ec33e9f88f378a61a32462d57d2baa5e74@65.108.99.140:26656,f86d297a28da1a2b186583daf0e229c2b1449414@144.76.217.227:26656,66ca3161c5532da890815e40826ddbbbe2cb7f6c@176.9.101.44:26656
- STATESYNC_RPC=https://cosmos-rpc.polkachu.com:443
- WASM_SNAPSHOT_URL=https://snapshots.polkachu.com/wasm/cosmos/cosmos_wasmonly.tar.lz4
restart: unless-stopped
stop_grace_period: 5m
networks:
- chains
volumes:
- ${COSMOS_MAINNET_GAIAD_PRUNED_DATA:-cosmos-mainnet-gaiad-pruned}:/root/.gaia
- /slowdisk:/slowdisk
logging: *logging-defaults
labels:
- prometheus-scrape.enabled=true
- prometheus-scrape.port=26660
- prometheus-scrape.path=/metrics
- traefik.enable=true
- traefik.http.middlewares.cosmos-mainnet-gaiad-pruned-stripprefix.stripprefix.prefixes=/cosmos-mainnet-pruned
- traefik.http.services.cosmos-mainnet-gaiad-pruned.loadbalancer.server.port=26657
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned.rule=Host(`$DOMAIN`) && (Path(`/cosmos-mainnet-pruned`) || Path(`/cosmos-mainnet-pruned/`))}
- ${NO_SSL:+traefik.http.routers.cosmos-mainnet-gaiad-pruned.rule=Path(`/cosmos-mainnet-pruned`) || Path(`/cosmos-mainnet-pruned/`)}
- traefik.http.routers.cosmos-mainnet-gaiad-pruned.middlewares=cosmos-mainnet-gaiad-pruned-stripprefix, ipallowlist
- traefik.http.routers.cosmos-mainnet-gaiad-pruned.priority=50 # gets any request that is not GET with UPGRADE header
- traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.priority=100 # answers GET requests first
- traefik.http.middlewares.cosmos-mainnet-gaiad-pruned-set-ws-path.replacepath.path=/websocket
- traefik.http.services.cosmos-mainnet-gaiad-pruned-ws.loadbalancer.server.port=26657
- traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.service=cosmos-mainnet-gaiad-pruned-ws
- traefik.http.routers.cosmos-mainnet-gaiad-pruned.service=cosmos-mainnet-gaiad-pruned
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.entrypoints=websecure}
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.tls.certresolver=myresolver}
- ${NO_SSL:-traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.rule=Host(`$DOMAIN`) && (Path(`/cosmos-mainnet-pruned`) || Path(`/cosmos-mainnet-pruned/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- ${NO_SSL:+traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.rule=(Path(`/cosmos-mainnet-pruned`) || Path(`/cosmos-mainnet-pruned/`)) && HeadersRegexp(`Upgrade`, `(?i)websocket`)}
- traefik.http.routers.cosmos-mainnet-gaiad-pruned-ws.middlewares=cosmos-mainnet-gaiad-pruned-stripprefix, cosmos-mainnet-gaiad-pruned-set-ws-path, ipallowlist
volumes:
cosmos-mainnet-gaiad-pruned:
x-upstreams:
- id: $${ID}
labels:
provider: $${PROVIDER}
connection:
generic:
rpc:
url: $${RPC_URL}
ws:
frameSize: 20Mb
msgSize: 50Mb
url: $${WS_URL}
chain: cosmos-hub
method-groups:
enabled:
- debug
- filter
methods:
disabled:
enabled:
- name: txpool_content # TODO: should be disabled for rollup nodes
...

Some files were not shown because too many files have changed in this diff Show More