--- x-logging-defaults: &logging-defaults driver: json-file options: max-size: "10m" max-file: "3" # Usage: # # mkdir rpc && cd rpc # # git init # git remote add origin https://github.com/StakeSquid/ethereum-rpc-docker.git # git fetch origin vibe # git checkout origin/vibe # # docker run --rm alpine sh -c "printf '0x'; head -c32 /dev/urandom | xxd -p -c 64" > .jwtsecret # # env # ... # IP=$(curl ipinfo.io/ip) # DOMAIN=${IP}.traefik.me # COMPOSE_FILE=base.yml:rpc.yml:linea/besu/linea-mainnet-besu-pruned-bonsai.yml # # docker compose up -d # # curl -X POST https://${IP}.traefik.me/linea-mainnet \ # -H "Content-Type: application/json" \ # --data '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' services: linea-mainnet: image: ${LINEA_BESU_IMAGE:-consensys/linea-besu-package}:${LINEA_MAINNET_BESU_VERSION:-beta-v4.4-rc7-20251128021032-58550ad} sysctls: # TCP Performance net.ipv4.tcp_slow_start_after_idle: 0 # Disable slow start after idle net.ipv4.tcp_no_metrics_save: 1 # Disable metrics cache net.ipv4.tcp_rmem: 4096 87380 16777216 # Increase TCP read buffers net.ipv4.tcp_wmem: 4096 87380 16777216 # Increase TCP write buffers net.core.somaxconn: 32768 # Higher connection queue # Memory/Connection Management # net.core.netdev_max_backlog: 50000 # Increase network buffer net.ipv4.tcp_max_syn_backlog: 30000 # More SYN requests net.ipv4.tcp_max_tw_buckets: 2000000 # Allow more TIME_WAIT sockets ulimits: nofile: 1048576 # Max open files (for RPC/WS connections) user: root ports: - 14816:14816 - 14816:14816/udp expose: - 8545 - 8546 - 9545 command: - --Xbonsai-full-flat-db-enabled=true - --data-path=/opt/besu/database - --data-storage-format=BONSAI - --engine-host-allowlist=* - --engine-jwt-secret=/jwtsecret - --engine-rpc-enabled=true - --engine-rpc-port=8551 - --fast-sync-min-peers=1 - --host-allowlist=* - --metrics-enabled=true - --metrics-host=0.0.0.0 - --metrics-port=9545 - --p2p-host=${IP} - --p2p-port=14816 - --profile=advanced-mainnet - --rpc-http-api=ETH,NET,WEB3,DEBUG,TRACE,TXPOOL,LINEA,ADMIN - --rpc-http-enabled=true - --rpc-http-host=0.0.0.0 - --rpc-http-max-active-connections=20000 - --rpc-http-port=8545 - --rpc-ws-api=ETH,NET,WEB3,DEBUG,TRACE,TXPOOL,LINEA,ADMIN - --rpc-ws-enabled=true - --rpc-ws-host=0.0.0.0 - --rpc-ws-port=8546 - --sync-mode=SNAP restart: unless-stopped stop_grace_period: 5m networks: - chains volumes: - ${LINEA_MAINNET_BESU_PRUNED_BONSAI_DATA:-linea-mainnet-besu-pruned-bonsai}:/opt/besu/database - ./linea/mainnet:/config - .jwtsecret:/jwtsecret:ro - /slowdisk:/slowdisk logging: *logging-defaults labels: - prometheus-scrape.enabled=true - prometheus-scrape.port=9545 - prometheus-scrape.path=/metrics - traefik.enable=true - traefik.http.middlewares.linea-mainnet-besu-pruned-bonsai-stripprefix.stripprefix.prefixes=/linea-mainnet - traefik.http.services.linea-mainnet-besu-pruned-bonsai.loadbalancer.server.port=8545 - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai.entrypoints=websecure} - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai.tls.certresolver=myresolver} - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai.rule=Host(`$DOMAIN`) && (Path(`/linea-mainnet`) || Path(`/linea-mainnet/`))} - ${NO_SSL:+traefik.http.routers.linea-mainnet-besu-pruned-bonsai.rule=Path(`/linea-mainnet`) || Path(`/linea-mainnet/`)} - traefik.http.routers.linea-mainnet-besu-pruned-bonsai.middlewares=linea-mainnet-besu-pruned-bonsai-stripprefix, ipallowlist - traefik.http.routers.linea-mainnet-besu-pruned-bonsai.priority=50 # gets any request that is not GET with UPGRADE header - traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.priority=100 # answers GET requests first - traefik.http.services.linea-mainnet-besu-pruned-bonsai-ws.loadbalancer.server.port=8546 - traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.service=linea-mainnet-besu-pruned-bonsai-ws - traefik.http.routers.linea-mainnet-besu-pruned-bonsai.service=linea-mainnet-besu-pruned-bonsai - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.entrypoints=websecure} - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.tls.certresolver=myresolver} - ${NO_SSL:-traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.rule=Host(`$DOMAIN`) && (Path(`/linea-mainnet`) || Path(`/linea-mainnet/`)) && Headers(`Upgrade`, `websocket`)} - ${NO_SSL:+traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.rule=(Path(`/linea-mainnet`) || Path(`/linea-mainnet/`)) && Headers(`Upgrade`, `websocket`)} - traefik.http.routers.linea-mainnet-besu-pruned-bonsai-ws.middlewares=linea-mainnet-besu-pruned-bonsai-stripprefix, ipallowlist linea-mainnet-node: build: context: ./linea dockerfile: maru.Dockerfile args: MARU_IMAGE: ${LINEA_MAINNET_MARU_IMAGE:-consensys/maru} MARU_VERSION: ${LINEA_MAINNET_MARU_VERSION:-9737a45} ports: - 19816:19816 - 19816:19816/udp expose: - 8080 environment: - EL_HOST=linea-mainnet - IP=${IP} - L1_RPC=${ETHEREUM_MAINNET_EXECUTION_RPC} - P2P_PORT=19816 - SEQUENCER=https://rpc.linea.build entrypoint: [/bin/bash, -c] command: - | envsubst < /config/maru/config.toml.template > /config.toml exec java -Dlog4j2.configurationFile=/config/maru/log4j.xml -jar /opt/consensys/maru/maru.jar --config=/config.toml --maru-genesis-file=/config/maru/genesis.json "$@" restart: unless-stopped networks: - chains volumes: - ${LINEA_MAINNET_BESU_PRUNED_BONSAI__MARU_DATA:-linea-mainnet-besu-pruned-bonsai_maru}:/opt/maru/data - ./linea/mainnet:/config - .jwtsecret:/jwtsecret:ro logging: *logging-defaults labels: - prometheus-scrape.enabled=true - prometheus-scrape.port=9090 - prometheus-scrape.path=/debug/metrics/prometheus volumes: linea-mainnet-besu-pruned-bonsai: linea-mainnet-besu-pruned-bonsai_maru: x-upstreams: - id: $${ID} labels: provider: $${PROVIDER} connection: generic: rpc: url: $${RPC_URL} ws: frameSize: 20Mb msgSize: 50Mb url: $${WS_URL} chain: linea method-groups: enabled: - debug - filter methods: disabled: enabled: - name: txpool_content # TODO: should be disabled for rollup nodes - name: linea_estimateGas - name: linea_getTransactionExclusionStatusV1 - name: linea_getProof ...