From bac930fe51e6f2eafea670e4efb953d8b8d93d1a Mon Sep 17 00:00:00 2001 From: _den <_den@outlook.com> Date: Wed, 2 Mar 2022 22:44:13 +1000 Subject: [PATCH] added proxy traefik added geth and nethermind nodes --- README.md | 24 +++++++++- geth/.dockerignore | 1 + geth/docker-compose.yml | 83 +++++++++++++++++++++++++++++++++++ geth/example.env | 5 +++ geth/geth.md | 30 +++++++++++++ nethermind/.dockerignore | 1 + nethermind/docker-compose.yml | 72 ++++++++++++++++++++++++++++++ nethermind/example.env | 5 +++ nethermind/nethermind.md | 22 ++++++++++ proxy/docker-compose.yml | 34 ++++++++++++++ proxy/example.env | 2 + 11 files changed, 278 insertions(+), 1 deletion(-) create mode 100644 geth/.dockerignore create mode 100644 geth/docker-compose.yml create mode 100644 geth/example.env create mode 100644 geth/geth.md create mode 100644 nethermind/.dockerignore create mode 100644 nethermind/docker-compose.yml create mode 100644 nethermind/example.env create mode 100644 nethermind/nethermind.md create mode 100644 proxy/docker-compose.yml create mode 100644 proxy/example.env diff --git a/README.md b/README.md index 3c3ff1d..8b019df 100644 --- a/README.md +++ b/README.md @@ -1 +1,23 @@ -# rpc-nodes \ No newline at end of file +# rpc-nodes + +## 1. Start proxy (traefik) +Create a shared network for running containers: +```bash +docker network create rpc-shared-network +``` + +Specify the domain name to be used and the email address for issuing the Let's Encrypt certificate in the `example.env` file. Rename `example.env` to `.env`: +``` +mv example.env .env +``` + +Start proxy: +```bash +docker-compose up -d +``` + +## 2. Start blockchain node +* Ethereum - [geth.md](/geth/geth.md) +* Polygon - [bor.md](/bor/bor.md) +* BSC - [bsc.md](/bsc/bsc.md) +* Xdai - [nethermind.md](/nethermind/nethermind.md) \ No newline at end of file diff --git a/geth/.dockerignore b/geth/.dockerignore new file mode 100644 index 0000000..297b6ff --- /dev/null +++ b/geth/.dockerignore @@ -0,0 +1 @@ +./geth-data/ \ No newline at end of file diff --git a/geth/docker-compose.yml b/geth/docker-compose.yml new file mode 100644 index 0000000..8f3e4a3 --- /dev/null +++ b/geth/docker-compose.yml @@ -0,0 +1,83 @@ +version: "3.7" + +services: + geth-pruning: + image: ethereum/client-go:stable + container_name: geth-pruning + restart: always + env_file: .env + command: "snapshot prune-state" + volumes: + - ./geth-data:/root/.ethereum + geth: + image: ethereum/client-go:stable + container_name: geth + restart: always + env_file: .env + command: + - --maxpeers + - "50" + - --cache + - "10629" + - --port + - "${P2P_PORT}" + - --nat + - "any" + - --http + - --http.addr + - "0.0.0.0" + - --http.port + - "${HTTP_PORT}" + - --http.corsdomain=* + - --http.vhosts=* + - --http.api + - "eth,net,web3" + - --ws + - --ws.addr + - "0.0.0.0" + - --ws.port + - "${WS_PORT}" + - --ws.origins=* + - --ws.api + - "eth,net,web3" + - --rpc.gascap + - "0" + - --rpc.txfeecap + - "0" + ports: + # - ${HTTP_PORT}:${HTTP_PORT} + # - ${WS_PORT}:${WS_PORT} + - ${P2P_PORT}:${P2P_PORT} + volumes: + - ./geth-data:/root/.ethereum + stop_grace_period: 3m30s + stop_signal: SIGINT + healthcheck: + test: wget -nv -t1 --spider 'http://127.0.0.1:${HTTP_PORT}/' || exit 1 + interval: 5s + timeout: 10s + retries: 3 + labels: + - "traefik.enable=true" + - "traefik.http.routers.geth-http.middlewares=geth-http-acl" + - "traefik.http.middlewares.geth-http.headers.customrequestheaders.Access-Control-Allow-Origin=*" + - "traefik.http.middlewares.geth-http-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}" + - "traefik.http.routers.geth-http.service=geth-http" + - "traefik.http.routers.geth-http.rule=Host(`${DOMAIN}`) && Path(`/geth-http/`)" + - "traefik.http.routers.geth-http.entrypoints=websecure" + - "traefik.http.routers.geth-http.tls.certresolver=myresolver" + - "traefik.http.services.geth-http.loadbalancer.server.port=${HTTP_PORT}" + - "traefik.http.routers.geth-ws.middlewares=geth-ws-acl" + - "traefik.http.middlewares.geth-ws.headers.customrequestheaders.Access-Control-Allow-Origin=*" + - "traefik.http.middlewares.geth-ws-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}" + - "traefik.http.routers.geth-ws.service=geth-ws" + - "traefik.http.routers.geth-ws.rule=Host(`${DOMAIN}`) && Path(`/geth-ws/`)" + - "traefik.http.routers.geth-ws.entrypoints=websecure" + - "traefik.http.routers.geth-ws.tls.certresolver=myresolver" + - "traefik.http.services.geth-ws.loadbalancer.server.port=${WS_PORT}" + networks: + - rpc + +networks: + rpc: + name: rpc-shared-network diff --git a/geth/example.env b/geth/example.env new file mode 100644 index 0000000..03f29d8 --- /dev/null +++ b/geth/example.env @@ -0,0 +1,5 @@ +DOMAIN=domain.org +P2P_PORT=30304 +HTTP_PORT=8545 +WS_PORT=8546 +ALLOW_FROM=0.0.0.0/0 \ No newline at end of file diff --git a/geth/geth.md b/geth/geth.md new file mode 100644 index 0000000..aba15ed --- /dev/null +++ b/geth/geth.md @@ -0,0 +1,30 @@ +# Geth node + +## Requirements for Ethereum network +* memory: 32Gb +* disk: 1Tb SSD (if you periodically prune state) + +## Installation +Set the domain name to be used in the `.env` file. You can also set a list of allowed IP addresses there. Rename `example.env` to `.env`: +``` +mv example.env .env +``` + +Start node: +```bash +docker-compose up -d geth +``` + +## Upgrade +```bash +docker-compose pull +docker-compose up -d geth +``` + +## Pruning +```bash +docker-compose down +docker-compose up geth-pruning +docker-compose down +docker-compose up -d geth +``` \ No newline at end of file diff --git a/nethermind/.dockerignore b/nethermind/.dockerignore new file mode 100644 index 0000000..f1f8105 --- /dev/null +++ b/nethermind/.dockerignore @@ -0,0 +1 @@ +./nethermind-data/ \ No newline at end of file diff --git a/nethermind/docker-compose.yml b/nethermind/docker-compose.yml new file mode 100644 index 0000000..08e98ca --- /dev/null +++ b/nethermind/docker-compose.yml @@ -0,0 +1,72 @@ +version: "3.7" +services: + nethermind: + image: nethermind/nethermind:latest + container_name: nethermind + restart: always + env_file: .env + stop_grace_period: 2m + ports: + # - ${HTTP_PORT}:${HTTP_PORT} + # - ${WS_PORT}:${WS_PORT} + - ${P2P_PORT}:${P2P_PORT}/tcp + - ${P2P_PORT}:${P2P_PORT}/udp + command: + - --datadir + - /var/lib/nethermind + - --Init.WebSocketsEnabled + - "true" + - --Network.DiscoveryPort + - "${P2P_PORT}" + - --Network.P2PPort + - "${P2P_PORT}" + - --JsonRpc.Enabled + - "true" + - --JsonRpc.EnabledModules + - "Web3,Eth,Subscribe,Net,Parity" + - --JsonRpc.Host + - "0.0.0.0" + - --JsonRpc.Port + - "${HTTP_PORT}" + - --JsonRpc.WebSocketsPort + - "${WS_PORT}" + - --Sync.FastSync + - "true" + - --config + - xdai + - --Pruning.Enabled + - "true" + - --Pruning.CacheMb + - "4096" + - --TxPool.Size + - "4096" + - --Sync.AncientBodiesBarrier + - "1" + - --Sync.AncientReceiptsBarrier + - "1" + volumes: + - ./nethermind-data:/var/lib/nethermind + labels: + - "traefik.enable=true" + - "traefik.http.routers.nm-http.middlewares=nm-http-acl" + - "traefik.http.middlewares.nm-http.headers.customrequestheaders.Access-Control-Allow-Origin=*" + - "traefik.http.middlewares.nm-http-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}" + - "traefik.http.routers.nm-http.service=nm-http" + - "traefik.http.routers.nm-http.rule=Host(`${DOMAIN}`) && Path(`/nm-http/`)" + - "traefik.http.routers.nm-http.entrypoints=websecure" + - "traefik.http.routers.nm-http.tls.certresolver=myresolver" + - "traefik.http.services.nm-http.loadbalancer.server.port=${HTTP_PORT}" + - "traefik.http.routers.nm-ws.middlewares=nm-ws-acl" + - "traefik.http.middlewares.nm-ws.headers.customrequestheaders.Access-Control-Allow-Origin=*" + - "traefik.http.middlewares.nm-ws-acl.ipwhitelist.sourcerange=127.0.0.1/32, ${ALLOW_FROM}" + - "traefik.http.routers.nm-ws.service=nm-ws" + - "traefik.http.routers.nm-ws.rule=Host(`${DOMAIN}`) && Path(`/nm-ws/`)" + - "traefik.http.routers.nm-ws.entrypoints=websecure" + - "traefik.http.routers.nm-ws.tls.certresolver=myresolver" + - "traefik.http.services.nm-ws.loadbalancer.server.port=${WS_PORT}" + networks: + - rpc + +networks: + rpc: + name: rpc-shared-network \ No newline at end of file diff --git a/nethermind/example.env b/nethermind/example.env new file mode 100644 index 0000000..5e8bb9c --- /dev/null +++ b/nethermind/example.env @@ -0,0 +1,5 @@ +DOMAIN=domain.org +P2P_PORT=30303 +HTTP_PORT=8535 +WS_PORT=8536 +ALLOW_FROM=0.0.0.0/32 \ No newline at end of file diff --git a/nethermind/nethermind.md b/nethermind/nethermind.md new file mode 100644 index 0000000..6f75276 --- /dev/null +++ b/nethermind/nethermind.md @@ -0,0 +1,22 @@ +# Nethermind node + +## Requirements for Xdai network +* memory: 16Gb +* disk: 200Gb SSD + +## Installation +Set the domain name to be used in the `.env` file. You can also set a list of allowed IP addresses there. Rename `example.env` to `.env`: +``` +mv example.env .env +``` + +Start node: +```bash +docker-compose up -d +``` + +## Upgrade +```bash +docker-compose pull +docker-compose up -d +``` \ No newline at end of file diff --git a/proxy/docker-compose.yml b/proxy/docker-compose.yml new file mode 100644 index 0000000..ae2971c --- /dev/null +++ b/proxy/docker-compose.yml @@ -0,0 +1,34 @@ +version: "3.7" + +services: + traefic: + image: traefik + restart: always + container_name: "traefik" + env_file: .env + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--certificatesresolvers.myresolver.acme.tlschallenge=true" + - "--certificatesresolvers.myresolver.acme.email=${EMAIL}" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + - "--entrypoints.websecure.address=:443" + - "--entrypoints.web.address=:80" + - "--entrypoints.web.http.redirections.entrypoint.to=websecure" + - "--entrypoints.web.http.redirections.entrypoint.scheme=https" + - "--entrypoints.websecure.http.tls=true" + - "--entrypoints.websecure.http.tls.certResolver=letsencrypt" + - "--entrypoints.websecure.http.tls.domains[0].main=${DOMAIN}" + - "--entrypoints.websecure.http.tls.domains[0].sans=*.${DOMAIN}" + ports: + - 80:80 + - 443:443 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./letsencrypt:/letsencrypt + networks: + - rpc + +networks: + rpc: + name: rpc-shared-network \ No newline at end of file diff --git a/proxy/example.env b/proxy/example.env new file mode 100644 index 0000000..fa9489a --- /dev/null +++ b/proxy/example.env @@ -0,0 +1,2 @@ +EMAIL=email@mail.org +DOMAIN=domain.org \ No newline at end of file