added Bor (Polygon) node

bor/.dockerignore

@@ -0,0 +1,2 @@
+./bor-data/
+./heimdall-data/

bor/Dockerfile.borbinary

@@ -0,0 +1,26 @@
+ARG DOCKER_TAG
+
+FROM 0xpolygon/bor:${DOCKER_TAG}
+
+# Unused, this is here to avoid build time complaints
+ARG BUILD_TARGET
+
+ARG USER=bor
+ARG UID=10001
+
+RUN apk add --no-cache ca-certificates bash tzdata su-exec aria2
+
+# See https://stackoverflow.com/a/55757473/12429735RUN
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --shell "/sbin/nologin" \
+    --uid "${UID}" \
+    "${USER}"
+
+RUN mkdir -p /var/lib/bor && chown ${USER}:${USER} /var/lib/bor
+COPY ./docker-entrypoint.sh /usr/local/bin/
+
+USER ${USER}
+
+ENTRYPOINT ["bor"]

bor/Dockerfile.borsource

@@ -0,0 +1,39 @@
+# Build Bor in a stock Go build container
+FROM golang:1.17-alpine as builder
+
+# Unused, this is here to avoid build time complaints
+ARG DOCKER_TAG
+
+ARG BUILD_TARGET
+
+RUN apk update && apk add --no-cache make gcc musl-dev linux-headers git bash
+
+WORKDIR /src
+RUN bash -c "git clone https://github.com/maticnetwork/bor.git && cd bor && git config advice.detachedHead false && git fetch --all --tags && git checkout ${BUILD_TARGET} && make bor-all"
+
+# Pull all binaries into a second stage deploy container
+FROM alpine:latest
+
+ARG USER=bor
+ARG UID=10001
+
+RUN apk add --no-cache ca-certificates bash tzdata su-exec
+
+# See https://stackoverflow.com/a/55757473/12429735RUN
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --shell "/sbin/nologin" \
+    --uid "${UID}" \
+    "${USER}"
+
+RUN mkdir -p /var/lib/bor && chown ${USER}:${USER} /var/lib/bor
+
+# Copy executable
+COPY --from=builder /src/bor/build/bin/bor /usr/local/bin/
+COPY --from=builder /src/bor/build/bin/bootnode /usr/local/bin/
+COPY ./docker-entrypoint.sh /usr/local/bin/
+
+USER ${USER}
+
+ENTRYPOINT ["bor"]

bor/Dockerfile.heimdall

@@ -0,0 +1,26 @@
+ARG DOCKER_TAG
+
+FROM 0xpolygon/heimdall:${DOCKER_TAG}
+
+RUN apk update && apk add ca-certificates bash tzdata wget su-exec aria2 curl
+
+ARG USER=heimdall
+ARG UID=10000
+
+# See https://stackoverflow.com/a/55757473/12429735RUN
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --shell "/sbin/nologin" \
+    --uid "${UID}" \
+    "${USER}"
+
+RUN mkdir -p /var/lib/heimdall && chown ${USER}:${USER} /var/lib/heimdall
+
+WORKDIR /var/lib/heimdall
+
+COPY ./docker-entrypoint-heimdalld.sh /usr/local/bin/docker-entrypoint.sh
+
+USER ${USER}
+
+CMD [ "/bin/sh", "-c", "# (nop)" 

bor/bor.md

@@ -0,0 +1,38 @@
+# Bor node
+
+## Requirements for Polygon network
+* memory: 64Gb (minimum)
+* disk: 2Tb SSD (if you periodically prune state)
+
+## Installation
+Set in the `.env` file:
+* `DOMAIN=` - the domain name to be used in traefik;
+* `HEIMDALL_ETH_RPC_URL=` - your Ethereum RPC.
+
+You can also set a list of allowed IP addresses there and addresses to treat as local. Rename `example.env` to `.env`:
+```
+mv example.env .env
+```
+
+Start node:
+```bash
+docker-compose build
+docker-compose up -d rabbitmq heimdalld heimdallr bor
+```
+
+## Upgrade
+Periodically check for new versions. if there is a release, then you need to update the tag in the environment file. 
+```bash
+docker-compose build
+docker-compose pull
+docker-compose up -d rabbitmq heimdalld heimdallr bor
+```
+
+## Pruning 
+Use it if the size is approaching 1.7Tb. At least 150 GB must be free for successful pruning.
+```bash
+docker-compose stop bor
+docker-compose up prune-bor
+docker-compose rm prune-bor 
+docker-compose up -d bor
+```

bor/docker-compose.yml

@@ -0,0 +1,186 @@
+version: "3.7"
+
+services:
+  rabbitmq:
+    image: rabbitmq:3-alpine
+    restart: unless-stopped
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+    expose:
+      - "5672/tcp"
+    networks:
+      - rpc
+
+  heimdalld:
+    build:
+      context: .
+      dockerfile: Dockerfile.heimdall
+      args:
+        - DOCKER_TAG=${HEIMDALL_TAG}
+    image: heimdall:local
+    user: root
+    environment:
+      - HEIMDALL_CHAIN_ID=${HEIMDALL_CHAIN_ID}
+      - HEIMDALL_SNAPSHOT_FILE=${HEIMDALL_SNAPSHOT_FILE}
+      - HEIMDALL_GENESIS_URL=${HEIMDALL_GENESIS_URL}
+      - HEIMDALL_SEEDS=${HEIMDALL_SEEDS}
+      - HEIMDALL_BOR_RPC_URL=${HEIMDALL_BOR_RPC_URL}
+      - HEIMDALL_ETH_RPC_URL=${HEIMDALL_ETH_RPC_URL}
+    restart: unless-stopped
+    stop_grace_period: 2m
+    depends_on:
+      - rabbitmq
+    entrypoint:
+      - docker-entrypoint.sh
+      - heimdalld
+      - --home
+      - /var/lib/heimdall
+      - start
+    volumes:
+      - ./heimdall-data:/var/lib/heimdall
+      - /etc/localtime:/etc/localtime:ro
+    expose:
+      - "26657/tcp"
+    ports:
+      - "26656:26656"
+    networks:
+      - rpc
+
+  heimdallr:
+    image: heimdall:local
+    restart: unless-stopped
+    stop_grace_period: 2m
+    depends_on:
+      - heimdalld
+    volumes:
+      - ./heimdall-data:/var/lib/heimdall
+      - /etc/localtime:/etc/localtime:ro
+    expose:
+      - "1317/tcp"
+    user: root
+    entrypoint:
+      - heimdalld
+      - --home
+      - /var/lib/heimdall
+      - rest-server
+      - --chain-id=137
+      - --laddr=tcp://0.0.0.0:1317
+      - --node=tcp://heimdalld:26657
+    networks:
+      - rpc
+
+  prune-bor:
+    image: bor:local
+    restart: "no"
+    stop_grace_period: 3m
+    user: root
+    volumes:
+      - ./bor-data:/var/lib/bor
+      - /etc/localtime:/etc/localtime:ro
+    entrypoint:
+      - bor
+      - --datadir
+      - /var/lib/bor/data
+      - snapshot
+      - prune-state
+
+  bor:
+    image: bor:local
+    build:
+      context: .
+      dockerfile: ${BOR_DOCKER_FILE}
+      args:
+        - BUILD_TARGET=${BOR_SRC_TAG}
+        - DOCKER_TAG=${BOR_TAG}
+    restart: unless-stopped
+    stop_grace_period: 7m
+    user: root
+    environment:
+      - BOR_DIR=/var/lib/bor
+      - BOR_SETUP=${BOR_SETUP}
+      - BOR_GENESIS=${BOR_GENESIS}
+      - BOR_ARCHIVE_NODE_SNAPSHOT_FILE=${BOR_ARCHIVE_NODE_SNAPSHOT_FILE}
+      - BOR_FULL_NODE_SNAPSHOT_FILE=${BOR_FULL_NODE_SNAPSHOT_FILE}
+      - BOR_MODE=${BOR_MODE}
+    entrypoint: 
+      - docker-entrypoint.sh
+      - bor
+      - --datadir
+      - /var/lib/bor/data
+      - --cache
+      - ${BOR_CACHE}
+      - --snapshot=false
+      - --gcmode
+      - ${BOR_MODE}
+      - --ws
+      - --ws.port
+      - ${BOR_WS_PORT}
+      - --ws.addr
+      - 0.0.0.0
+      - --ws.origins=*
+      - --port
+      - ${BOR_P2P_PORT}
+      - --txpool.locals
+      - ${TX_LOCAL_ADDR}
+      - --txpool.globalslots
+      - "100000"
+      - --rpc.txfeecap
+      - "0" 
+      - --txpool.accountslots
+      - "256" 
+      - --bor.heimdall
+      - http://heimdallr:1317
+      - --bootnodes
+      - "${BOR_BOOTNODES}"
+      - --syncmode
+      - "full"
+      - --txpool.accountqueue
+      - "64"
+      - --txpool.globalqueue
+      - "131072"
+      - --maxpeers
+      - "150"
+      - --http
+      - --http.addr
+      - 0.0.0.0
+      - --http.vhosts=*
+      - --http.api
+      - eth,net,web3,txpool,bor
+      - --http.port
+      - ${BOR_RPC_PORT}
+      - --networkid
+      - ${BOR_CHAIN_ID}
+      - --ethstats
+      - ${BOR_NODE_ID}:mainnet@bor-mainnet.vitwit.com:3000
+    volumes:
+      - ./bor-data:/var/lib/bor
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      # - ${BOR_RPC_PORT}:${BOR_RPC_PORT}/tcp
+      # - ${BOR_WS_PORT}:${BOR_WS_PORT}/tcp
+      - ${BOR_P2P_PORT}:${BOR_P2P_PORT}/tcp
+      - ${BOR_P2P_PORT}:${BOR_P2P_PORT}/udp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.bor-http.middlewares=bor-http-acl"
+      - "traefik.http.middlewares.bor-http.headers.customrequestheaders.Access-Control-Allow-Origin=*"
+      - "traefik.http.middlewares.bor-http-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}"
+      - "traefik.http.routers.bor-http.service=bor-http"
+      - "traefik.http.routers.bor-http.rule=Host(`${DOMAIN}`) && Path(`/bor-http/`)"
+      - "traefik.http.routers.bor-http.entrypoints=websecure"
+      - "traefik.http.routers.bor-http.tls.certresolver=myresolver"
+      - "traefik.http.services.bor-http.loadbalancer.server.port=${BOR_RPC_PORT}"
+      - "traefik.http.routers.bor-ws.middlewares=bor-ws-acl"
+      - "traefik.http.middlewares.bor-ws.headers.customrequestheaders.Access-Control-Allow-Origin=*"
+      - "traefik.http.middlewares.bor-ws-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}"
+      - "traefik.http.routers.bor-ws.service=bor-ws"
+      - "traefik.http.routers.bor-ws.rule=Host(`${DOMAIN}`) && Path(`/bor-ws/`)"
+      - "traefik.http.routers.bor-ws.entrypoints=websecure"
+      - "traefik.http.routers.bor-ws.tls.certresolver=myresolver"
+      - "traefik.http.services.bor-ws.loadbalancer.server.port=${BOR_WS_PORT}"
+    networks:
+      - rpc
+
+networks:
+  rpc:
+    name: rpc-shared-network

bor/docker-entrypoint-heimdalld.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+set -Eeuo pipefail
+
+# allow the container to be started with `--user`
+# If started as root, chown the `--datadir` and run heimdalld as heimdall
+if [ "$(id -u)" = '0' ]; then
+   chown -R heimdall:heimdall /var/lib/heimdall
+   exec su-exec heimdall "$BASH_SOURCE" $@
+fi
+
+set -x
+
+if [ ! -f /var/lib/heimdall/config/config.toml ]; then
+  heimdalld init --home /var/lib/heimdall --chain-id ${HEIMDALL_CHAIN_ID}
+  wget -q -O - "${HEIMDALL_SNAPSHOT_FILE}" | tar xzvf - -C /var/lib/heimdall/data/
+fi
+wget -O /var/lib/heimdall/config/genesis.json ${HEIMDALL_GENESIS_URL} -P /var/lib/heimdall/config
+sed -i "/seeds =/c\seeds = \"${HEIMDALL_SEEDS}\"" /var/lib/heimdall/config/config.toml
+sed -i '/26657/c\laddr = "tcp://0.0.0.0:26657"' /var/lib/heimdall/config/config.toml
+sed -i "/bor_rpc_url/c\bor_rpc_url = \"${HEIMDALL_BOR_RPC_URL}\"" /var/lib/heimdall/config/heimdall-config.toml
+sed -i "/eth_rpc_url/c\eth_rpc_url = \"${HEIMDALL_ETH_RPC_URL}\"" /var/lib/heimdall/config/heimdall-config.toml
+sed -i '/amqp_url/c\amqp_url = "amqp://guest:guest@rabbitmq:5672"' /var/lib/heimdall/config/heimdall-config.toml
+
+exec $@

bor/docker-entrypoint.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+set -Eeuo pipefail
+
+# allow the container to be started with `--user`
+# If started as root, chown the `--datadir` and run bor as bor
+if [ "$(id -u)" = '0' ]; then
+   chown -R bor:bor /var/lib/bor
+   exec su-exec bor "$BASH_SOURCE" "$@"
+fi
+
+set -x
+cd /var/lib/bor
+wget -O setup.sh ${BOR_SETUP}
+sed -i '/^cp .\/static-nodes.json/d' setup.sh
+sed -i '/^# set -x/c\set -x' setup.sh
+wget -O genesis.json ${BOR_GENESIS}
+chmod +x ./setup.sh
+./setup.sh
+if [ ! -f /var/lib/bor/setupdone ]; then
+  mkdir -p /var/lib/bor/snapshot
+  if [ ${BOR_MODE} == "archive" ]; then
+    aria2c -x5 ${BOR_ARCHIVE_NODE_SNAPSHOT_FILE} -d /var/lib/bor/snapshot/ -o borsnap.tgz --continue=true
+  else
+    aria2c -x5 ${BOR_FULL_NODE_SNAPSHOT_FILE} -d /var/lib/bor/snapshot/ -o borsnap.tgz --continue=true
+  fi
+  tar -xzf /var/lib/bor/snapshot/borsnap.tgz -C /var/lib/bor/data/bor/chaindata
+  touch /var/lib/bor/setupdone
+fi
+
+exec "$@"

bor/example.env

@@ -0,0 +1,46 @@
+# Traefik
+DOMAIN=domain.org
+# Comma-separated list of IP/mask addresses to allow access. Replace 0.0.0.0/0 with your address
+ALLOW_FROM=0.0.0.0/0
+
+# Node
+COMPOSE_FILE=docker-compose.yml
+BOR_NODE_ID=COMPANY-mainnet-UNIQUEID
+HEIMDALL_ETH_RPC_URL=http://MYETHNODECONTAINER:8545
+HEIMDALL_TAG=0.2.5
+BOR_TAG=0.2.14
+BOR_SRC_TAG=master
+BOR_DOCKER_FILE=Dockerfile.borbinary
+# Comma-separated list of addresses to treat as "local"
+TX_LOCAL_ADDR=0x0000000000000000000000000000000000000000
+# This will auto-adjust down depending on system memory
+BOR_CACHE=22000
+# Please see https://snapshots.matic.today/
+HEIMDALL_SNAPSHOT_FILE=https://matic-blockchain-snapshots.s3-accelerate.amazonaws.com/matic-mainnet/heimdall-snapshot-2022-02-27.tar.gz
+BOR_FULL_NODE_SNAPSHOT_FILE=https://matic-blockchain-snapshots.s3-accelerate.amazonaws.com/matic-mainnet/bor-pruned-snapshot-2022-02-26.tar.gz
+BOR_ARCHIVE_NODE_SNAPSHOT_FILE=https://matic-blockchain-snapshots.s3-accelerate.amazonaws.com/matic-mainnet/bor-archive-node-snapshot-2022-02-14.tar.gz
+
+# These likely do not need to be adjusted
+HEIMDALL_CHAIN_ID=heimdall-137
+HEIMDALL_GENESIS_URL=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/heimdall/config/genesis.json
+HEIMDALL_SEEDS=f4f605d60b8ffaaf15240564e58a81103510631c@159.203.9.164:26656,4fb1bc820088764a564d4f66bba1963d47d82329@44.232.55.71:26656,2eadba4be3ce47ac8db0a3538cb923b57b41c927@35.199.4.13:26656,ad7bc1c45641454893c74b50357a1bd87778bb50@52.60.36.93:26656,1dcd26af9c43a9dd2035a856d37f27fd035622c8@13.51.221.221:26656,41f9896eb6a62ec68becbf1d4925ececdb726eb7@13.53.160.124:26656,902484e868c6a4bace1bb3cf4b6ba1667561b158@18.228.218.160:26656,e55dc772c8ce63035fd1fb0261da4c369fa9cf6c@52.65.134.57:26656,ef4d1d8e88e767239491a407035411f30d36f026@3.105.225.123:26656,03632361e5e076fef14989fc119faae7cce4ae60@3.36.134.67:26656,afc41bd37d549186cec915c5a4feb3071871cdc1@18.228.98.237:26656
+HEIMDALL_BOR_RPC_URL=http://bor:8545
+HEIMDALL_START=https://raw.githubusercontent.com/maticnetwork/launch/master/docker/heimdall-startup.sh
+BOR_SETUP=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/bor/setup.sh
+BOR_GENESIS=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/validator/bor/genesis.json
+BOR_BOOTNODES=enode://0cb82b395094ee4a2915e9714894627de9ed8498fb881cec6db7c65e8b9a5bd7f2f25cc84e71e89d0947e51c76e85d0847de848c7782b13c0255247a6758178c@44.232.55.71:30303,enode://88116f4295f5a31538ae409e4d44ad40d22e44ee9342869e7d68bdec55b0f83c1530355ce8b41fbec0928a7d75a5745d528450d30aec92066ab6ba1ee351d710@159.203.9.164:30303,enode://3178257cd1e1ab8f95eeb7cc45e28b6047a0432b2f9412cff1db9bb31426eac30edeb81fedc30b7cd3059f0902b5350f75d1b376d2c632e1b375af0553813e6f@35.221.13.28:30303,enode://16d9a28eadbd247a09ff53b7b1f22231f6deaf10b86d4b23924023aea49bfdd51465b36d79d29be46a5497a96151a1a1ea448f8a8666266284e004306b2afb6e@35.199.4.13:30303,enode://ef271e1c28382daa6ac2d1006dd1924356cfd843dbe88a7397d53396e0741ca1a8da0a113913dee52d9071f0ad8d39e3ce87aa81ebc190776432ee7ddc9d9470@35.230.116.151:30303
+BOR_MODE=full
+BOR_CHAIN_ID=137
+BOR_P2P_PORT=30303
+BOR_RPC_PORT=8513
+BOR_WS_PORT=8613
+
+# Unused but here for reference
+BOR_START=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/bor/start.sh
+
+HEIMDALL_SEEDS=f4f605d60b8ffaaf15240564e58a81103510631c@159.203.9.164:26656,4fb1bc820088764a564d4f66bba1963d47d82329@44.232.55.71:26656,2eadba4be3ce47ac8db0a3538cb923b57b41c927@35.199.4.13:26656,ad7bc1c45641454893c74b50357a1bd87778bb50@52.60.36.93:26656,1dcd26af9c43a9dd2035a856d37f27fd035622c8@13.51.221.221:26656,41f9896eb6a62ec68becbf1d4925ececdb726eb7@13.53.160.124:26656,902484e868c6a4bace1bb3cf4b6ba1667561b158@18.228.218.160:26656,e55dc772c8ce63035fd1fb0261da4c369fa9cf6c@52.65.134.57:26656,ef4d1d8e88e767239491a407035411f30d36f026@3.105.225.123:26656,03632361e5e076fef14989fc119faae7cce4ae60@3.36.134.67:26656,afc41bd37d549186cec915c5a4feb3071871cdc1@18.228.98.237:26656
+HEIMDALL_BOR_RPC_URL=http://bor:8545
+HEIMDALL_START=https://raw.githubusercontent.com/maticnetwork/launch/master/docker/heimdall-startup.sh
+BOR_SETUP=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/sentry/bor/setup.sh
+BOR_GENESIS=https://raw.githubusercontent.com/maticnetwork/launch/master/mainnet-v1/sentry/validator/bor/genesis.json
+BOR_BOOTNODES=enode://0cb82b395094ee4a2915e9714894627de9ed8498fb881cec6db7c65e8b9a5bd7f2f25cc84e71e89d0947e51c76e85d0847de848c7782b13c0255247a6758178c@44.232.55.71:30303,enode://88116f4295f5a31538ae409e4d44ad40d22e44ee9342869e7d68bdec55b0f83c1530355ce8b41fbec0928a7d75a5745d528450d30aec92066ab6ba1ee351d710@159.203.9.164:30303,enode://3178257cd1e1ab8f95eeb7cc45e28b6047a0432b2f9412cff1db9bb31426eac30edeb81fedc30b7cd3059f0902b5350f75d1b376d2c632e1b375af0553813e6f@35.221.13.28:30303,enode://16d9a28eadbd247a09ff53b7b1f22231f6deaf10b86d4b23924023aea49bfdd51465b36d79d29be46a5497a96151a1a1ea448f8a8666266284e004306b2afb6e@35.199.4.13:30303,enode://ef271e1c28382daa6ac2d1006dd1924356cfd843dbe88a7397d53396e0741ca1a8da0a113913dee52d9071f0ad8d39e3ce87aa81ebc190776432ee7ddc9d9470@35.230.116.151:30303