mirror of
https://github.com/logos-messaging/logos-messaging-nim-compose.git
synced 2026-07-05 09:59:29 +00:00
testnet-0.2: strip v0.1 deploy infra, switch to mix-only fleet
This commit is contained in:
parent
bbea62ca00
commit
44c1f2a5c1
1
.gitignore
vendored
1
.gitignore
vendored
@ -3,3 +3,4 @@
|
||||
keystore
|
||||
postgresql
|
||||
.env
|
||||
/data/
|
||||
|
||||
@ -1,40 +1,13 @@
|
||||
version: "3.7"
|
||||
# Environment variable definitions
|
||||
x-rln-relay-eth-client-address: &rln_relay_eth_client_address ${RLN_RELAY_ETH_CLIENT_ADDRESS:-} # Add your RLN_RELAY_ETH_CLIENT_ADDRESS after the "-"
|
||||
|
||||
x-rln-environment: &rln_env
|
||||
RLN_RELAY_CONTRACT_ADDRESS: ${RLN_RELAY_CONTRACT_ADDRESS:-0xB9cd878C90E49F797B4431fBF4fb333108CB90e6}
|
||||
RLN_RELAY_CRED_PATH: ${RLN_RELAY_CRED_PATH:-} # Optional: Add your RLN_RELAY_CRED_PATH after the "-"
|
||||
RLN_RELAY_CRED_PASSWORD: ${RLN_RELAY_CRED_PASSWORD:-} # Optional: Add your RLN_RELAY_CRED_PASSWORD after the "-"
|
||||
|
||||
x-pg-pass: &pg_pass ${POSTGRES_PASSWORD:-test123}
|
||||
x-pg-user: &pg_user ${POSTGRES_USER:-postgres}
|
||||
|
||||
x-pg-environment: &pg_env
|
||||
POSTGRES_USER: *pg_user
|
||||
POSTGRES_PASSWORD: *pg_pass
|
||||
|
||||
x-pg-exporter-env: &pg_exp_env
|
||||
environment:
|
||||
POSTGRES_PASSWORD: *pg_pass
|
||||
DATA_SOURCE_URI: postgres?sslmode=disable
|
||||
DATA_SOURCE_USER: *pg_user
|
||||
DATA_SOURCE_PASS: *pg_pass
|
||||
PG_EXPORTER_EXTEND_QUERY_PATH: /etc/pgexporter/queries.yml
|
||||
|
||||
# Services definitions
|
||||
services:
|
||||
nwaku:
|
||||
image: ${NWAKU_IMAGE:-quay.io/wakuorg/nwaku-pr:3587}
|
||||
image: ${NWAKU_IMAGE:-quay.io/wakuorg/nwaku-pr:3807}
|
||||
restart: on-failure
|
||||
ports:
|
||||
- 30304:30304/tcp
|
||||
- 30304:30304/udp
|
||||
- 9005:9005/udp
|
||||
- 127.0.0.1:8003:8003
|
||||
- 80:80 #Let's Encrypt
|
||||
- 8000:8000/tcp #WSS
|
||||
- 127.0.0.1:8645:8645
|
||||
logging:
|
||||
driver: json-file
|
||||
options:
|
||||
@ -43,156 +16,21 @@ services:
|
||||
compress: "true"
|
||||
tag: "nwaku-{{.ID}}"
|
||||
environment:
|
||||
DOMAIN: ${DOMAIN}
|
||||
NODEKEY: ${NODEKEY}
|
||||
RLN_RELAY_CRED_PASSWORD: "${RLN_RELAY_CRED_PASSWORD}"
|
||||
RLN_RELAY_ETH_CLIENT_ADDRESS: *rln_relay_eth_client_address
|
||||
KAD_BOOTSTRAP_NODES: ${KAD_BOOTSTRAP_NODES}
|
||||
CLUSTER_ID: ${CLUSTER_ID}
|
||||
MIX_DISABLE_COVER_TRAFFIC: ${MIX_DISABLE_COVER_TRAFFIC}
|
||||
NUM_SHARDS_IN_NETWORK: ${NUM_SHARDS_IN_NETWORK}
|
||||
SHARD: ${SHARD}
|
||||
TCP_PORT: ${TCP_PORT}
|
||||
METRICS_PORT: ${METRICS_PORT}
|
||||
LOG_LEVEL: ${LOG_LEVEL}
|
||||
MAX_CONNECTIONS: ${MAX_CONNECTIONS}
|
||||
EXTRA_ARGS: ${EXTRA_ARGS}
|
||||
STORAGE_SIZE: ${STORAGE_SIZE}
|
||||
<<:
|
||||
- *pg_env
|
||||
- *rln_env
|
||||
volumes:
|
||||
- ./run_node.sh:/opt/run_node.sh:Z
|
||||
- ${CERTS_DIR:-./certs}:/etc/letsencrypt/:Z
|
||||
- ./keystore:/keystore:Z
|
||||
- ./data:/data
|
||||
working_dir: /data
|
||||
entrypoint: sh
|
||||
command:
|
||||
- /opt/run_node.sh
|
||||
depends_on:
|
||||
- postgres
|
||||
|
||||
# TODO: Commented until ready
|
||||
#waku-frontend:
|
||||
# # TODO: migrate to waku-org
|
||||
# image: docker.io/alrevuelta/waku-frontend:latest
|
||||
# #command:
|
||||
# # - xxx
|
||||
# ports:
|
||||
# - 127.0.0.1:4000:3000
|
||||
# restart: on-failure:5
|
||||
# depends_on:
|
||||
# - nwaku
|
||||
|
||||
prometheus:
|
||||
image: docker.io/prom/prometheus:latest
|
||||
volumes:
|
||||
- ./monitoring/prometheus-config.yml:/etc/prometheus/prometheus.yml:Z
|
||||
command:
|
||||
- --config.file=/etc/prometheus/prometheus.yml
|
||||
- --storage.tsdb.retention.size=${PROMETHEUS_RETENTION_SIZE:-5GB}
|
||||
# ports:
|
||||
# - 127.0.0.1:9090:9090
|
||||
restart: on-failure:5
|
||||
depends_on:
|
||||
- postgres-exporter
|
||||
- nwaku
|
||||
|
||||
grafana:
|
||||
image: docker.io/grafana/grafana:latest
|
||||
env_file:
|
||||
- ./monitoring/configuration/grafana-plugins.env
|
||||
volumes:
|
||||
- ./monitoring/configuration/grafana.ini:/etc/grafana/grafana.ini:Z
|
||||
- ./monitoring/configuration/dashboards.yaml:/etc/grafana/provisioning/dashboards/dashboards.yaml:Z
|
||||
- ./monitoring/configuration/datasources.yaml:/etc/grafana/provisioning/datasources/datasources.yaml:Z
|
||||
- ./monitoring/configuration/dashboards:/var/lib/grafana/dashboards/:Z
|
||||
- ./monitoring/configuration/customizations/custom-logo.svg:/usr/share/grafana/public/img/grafana_icon.svg:Z
|
||||
- ./monitoring/configuration/customizations/custom-logo.svg:/usr/share/grafana/public/img/grafana_typelogo.svg:Z
|
||||
- ./monitoring/configuration/customizations/custom-logo.png:/usr/share/grafana/public/img/fav32.png:Z
|
||||
ports:
|
||||
- 0.0.0.0:3000:3000
|
||||
restart: on-failure:5
|
||||
depends_on:
|
||||
- prometheus
|
||||
|
||||
postgres:
|
||||
# This service is used when the Waku node has the 'store' protocol enabled
|
||||
# and the store-message-db-url is set to use Postgres
|
||||
image: postgres:15.4-alpine3.18
|
||||
restart: on-failure:5
|
||||
shm_size: "${POSTGRES_SHM:-1g}" # Set default shared memory size to 1 GB
|
||||
environment:
|
||||
<<: *pg_env
|
||||
volumes:
|
||||
- ./postgres_cfg/postgresql.conf:/etc/postgresql/postgresql.conf:Z
|
||||
- ./postgres_cfg/db.sql:/docker-entrypoint-initdb.d/db.sql:Z
|
||||
- ${PG_DATA_DIR:-./postgresql}:/var/lib/postgresql/data:Z
|
||||
command: postgres -c config_file=/etc/postgresql/postgresql.conf
|
||||
ports:
|
||||
- 127.0.0.1:5432:5432
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
|
||||
interval: 30s
|
||||
timeout: 60s
|
||||
retries: 5
|
||||
start_period: 80s
|
||||
|
||||
postgres-exporter:
|
||||
# Service aimed to scrape information from Postgres and post it to Prometeus
|
||||
image: quay.io/prometheuscommunity/postgres-exporter:v0.12.0
|
||||
restart: on-failure:5
|
||||
<<: *pg_exp_env
|
||||
volumes:
|
||||
- ./monitoring/configuration/postgres-exporter.yml:/etc/pgexporter/postgres-exporter.yml:Z
|
||||
- ./monitoring/configuration/pg-exporter-queries.yml:/etc/pgexporter/queries.yml:Z
|
||||
command:
|
||||
# Both the config file and 'DATA_SOURCE_NAME' should contain valid connection info
|
||||
- --config.file=/etc/pgexporter/postgres-exporter.yml
|
||||
depends_on:
|
||||
- postgres
|
||||
|
||||
## Uncomment if you have RLN credentials and want to use play with a front end to send messages
|
||||
# waku-frontend:
|
||||
# # TODO: migrate to waku-org
|
||||
# image: alrevuelta/waku-frontend:aad9628
|
||||
# ports:
|
||||
# - 127.0.0.1:4000:4000
|
||||
# restart: on-failure:5
|
||||
# depends_on:
|
||||
# - nwaku
|
||||
|
||||
## Uncomment if you need pgadmin support in your container.
|
||||
## Commented for backward version compatibility of docker-compose.
|
||||
# pgadmin:
|
||||
# image: dpage/pgadmin4:latest
|
||||
# environment:
|
||||
# - PGADMIN_DEFAULT_EMAIL=waku@waku.com
|
||||
# - PGADMIN_DEFAULT_PASSWORD=wakuwaku
|
||||
# - PGADMIN_CONFIG_SERVER_MODE=False
|
||||
# - PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED=False
|
||||
# - PGADMIN_LISTEN_PORT=80
|
||||
# ports:
|
||||
# - 15432:80
|
||||
# user: root
|
||||
# entrypoint: /bin/sh -c "chmod 600 /pgpass; /entrypoint.sh;"
|
||||
# volumes:
|
||||
# - pgadmin:/var/lib/pgadmin
|
||||
# configs:
|
||||
# - source: servers.json
|
||||
# target: /pgadmin4/servers.json
|
||||
# - source: pgpass
|
||||
# target: /pgpass
|
||||
# depends_on:
|
||||
# - postgres
|
||||
# profiles:
|
||||
# - dbadmin
|
||||
|
||||
# volumes:
|
||||
# pgadmin:
|
||||
|
||||
# configs:
|
||||
# pgpass:
|
||||
# content: postgres:5432:*:${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-test123}
|
||||
# servers.json:
|
||||
# content: |
|
||||
# {"Servers": {"1": {
|
||||
# "Group": "Servers",
|
||||
# "Name": "WakuStoreDB",
|
||||
# "Host": "postgres",
|
||||
# "Port": 5432,
|
||||
# "MaintenanceDB": "postgres",
|
||||
# "Username": "postgres",
|
||||
# "PassFile": "/pgpass",
|
||||
# "SSLMode": "disable"
|
||||
# }}}
|
||||
|
||||
153
run_node.sh
153
run_node.sh
@ -1,144 +1,39 @@
|
||||
#!/bin/sh
|
||||
|
||||
echo "I am a nwaku node"
|
||||
echo "I am a nwaku mix node (testnet-0.2)"
|
||||
|
||||
if [ -n "${ETH_CLIENT_ADDRESS}" ] ; then
|
||||
echo "ETH_CLIENT_ADDRESS variable was renamed to RLN_RELAY_ETH_CLIENT_ADDRESS"
|
||||
echo "Please update your .env file"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${RLN_RELAY_ETH_CLIENT_ADDRESS}" ]; then
|
||||
echo "Missing Eth client address, please refer to README.md for detailed instructions"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
MY_EXT_IP=$(wget -qO- https://api4.ipify.org)
|
||||
DNS_WSS_CMD=
|
||||
|
||||
if [ -z "${DOMAIN}" ]; then
|
||||
echo "auto-domain: DOMAIN is unset, trying to guess it"
|
||||
|
||||
# Check if we have an IP
|
||||
IPCHECK=$(echo "${MY_EXT_IP}" | grep -c '^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$')
|
||||
|
||||
if [ "${IPCHECK}" -ne 1 ]; then
|
||||
echo "Failed to get ip, received: '${MY_EXT_IP}'"
|
||||
else
|
||||
echo "auto-domain: ip is '${MY_EXT_IP}'"
|
||||
|
||||
# Get reverse DNS
|
||||
DNS=$(dig +short -x "${MY_EXT_IP}")
|
||||
|
||||
# Check if looks like a DNS
|
||||
DNSCHECK=$(echo "${DNS}" | grep -c '^\([a-zA-Z0-9_\-]\+\.\)\+$')
|
||||
|
||||
if [ "${DNSCHECK}" -ne 1 ]; then
|
||||
echo "Failed to get DNS, received: '${DNS}'"
|
||||
else
|
||||
DOMAIN=$(echo "${DNS}" | sed s/\.$//)
|
||||
echo "auto-domain: DOMAIN deduced and set to ${DOMAIN}"
|
||||
|
||||
# Double check the domain is setup to return right IP
|
||||
# OpenDNS servers are used to bypass /etc/hosts as it may return loopback address
|
||||
DNS_IP=$(dig +short @208.67.222.222 "${DNS}")
|
||||
|
||||
if [ "${DNS_IP}" != "${MY_EXT_IP}" ]; then
|
||||
echo "auto-domain: DNS queried returned a different ip: '${DNS_IP}', unsetting DOMAIN"
|
||||
unset DOMAIN
|
||||
else
|
||||
echo "auto-domain: last verification successful, DOMAIN=${DOMAIN}"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "${DOMAIN}" ]; then
|
||||
|
||||
LETSENCRYPT_PATH=/etc/letsencrypt/live/${DOMAIN}
|
||||
|
||||
if ! [ -d "${LETSENCRYPT_PATH}" ]; then
|
||||
apk add --no-cache certbot
|
||||
|
||||
certbot certonly\
|
||||
--non-interactive\
|
||||
--agree-tos\
|
||||
--no-eff-email\
|
||||
--no-redirect\
|
||||
--email admin@${DOMAIN}\
|
||||
-d ${DOMAIN}\
|
||||
--standalone
|
||||
fi
|
||||
|
||||
if ! [ -e "${LETSENCRYPT_PATH}/privkey.pem" ]; then
|
||||
echo "The certificate does not exist. Proceeding without supporting websocket"
|
||||
else
|
||||
WS_SUPPORT="--websocket-support=true"
|
||||
WSS_SUPPORT="--websocket-secure-support=true"
|
||||
WSS_KEY="--websocket-secure-key-path=${LETSENCRYPT_PATH}/privkey.pem"
|
||||
WSS_CERT="--websocket-secure-cert-path=${LETSENCRYPT_PATH}/fullchain.pem"
|
||||
DNS4_DOMAIN="--dns4-domain-name=${DOMAIN}"
|
||||
|
||||
DNS_WSS_CMD="${WS_SUPPORT} ${WSS_SUPPORT} ${WSS_CERT} ${WSS_KEY} ${DNS4_DOMAIN}"
|
||||
fi
|
||||
fi
|
||||
MY_EXT_IP="${MY_EXT_IP:-$(wget -qO- https://api4.ipify.org)}"
|
||||
|
||||
# NODEKEY env -> --nodekey flag for stable peer ID
|
||||
if [ -n "${NODEKEY}" ]; then
|
||||
NODEKEY=--nodekey=${NODEKEY}
|
||||
NODEKEY_FLAG="--nodekey=${NODEKEY}"
|
||||
fi
|
||||
|
||||
if [ -n "${RLN_RELAY_CRED_PASSWORD}" ]; then
|
||||
RLN_RELAY_CRED_PASSWORD=--rln-relay-cred-password="${RLN_RELAY_CRED_PASSWORD}"
|
||||
## Enable Light Push (RLNaaS) if RLN credentials are used
|
||||
LIGHTPUSH=--lightpush=true
|
||||
## Pass default value for credentials path if not set
|
||||
RLN_RELAY_CRED_PATH=--rln-relay-cred-path=${RLN_RELAY_CRED_PATH:-/keystore/keystore.json}
|
||||
echo "Using RLN credentials from ${RLN_RELAY_CRED_PATH}"
|
||||
else
|
||||
LIGHTPUSH=--lightpush=false
|
||||
# Ensure no empty values are passed
|
||||
RLN_RELAY_CRED_PATH=""
|
||||
RLN_RELAY_CRED_PASSWORD=""
|
||||
fi
|
||||
|
||||
|
||||
STORE_RETENTION_POLICY=--store-message-retention-policy=size:1GB
|
||||
|
||||
if [ -n "${STORAGE_SIZE}" ]; then
|
||||
STORE_RETENTION_POLICY=--store-message-retention-policy=size:"${STORAGE_SIZE}"
|
||||
# KAD_BOOTSTRAP_NODES env (comma-separated multiaddrs) -> repeated --kad-bootstrap-node flags
|
||||
# Each entry must be /dns4/<host>/tcp/<port>/p2p/<peerID> (peerID required by libp2p).
|
||||
KAD_BOOTSTRAP_FLAGS=""
|
||||
if [ -n "${KAD_BOOTSTRAP_NODES}" ]; then
|
||||
KAD_BOOTSTRAP_FLAGS=$(echo "${KAD_BOOTSTRAP_NODES}" | tr ',' '\n' | sed 's/^/--kad-bootstrap-node=/' | tr '\n' ' ')
|
||||
fi
|
||||
|
||||
exec /usr/bin/wakunode\
|
||||
--mix=true\
|
||||
--mix-disable-cover-traffic=${MIX_DISABLE_COVER_TRAFFIC:-true}\
|
||||
--enable-kad-discovery=true\
|
||||
--relay=true\
|
||||
--filter=true\
|
||||
--mix=true\
|
||||
--peer-exchange=true\
|
||||
${LIGHTPUSH}\
|
||||
--lightpush=true\
|
||||
--cluster-id=${CLUSTER_ID:-2}\
|
||||
--num-shards-in-network=${NUM_SHARDS_IN_NETWORK:-1}\
|
||||
--shard=${SHARD:-0}\
|
||||
--keep-alive=true\
|
||||
--max-connections=150\
|
||||
--cluster-id=1\
|
||||
--discv5-discovery=true\
|
||||
--discv5-udp-port=9005\
|
||||
--discv5-enr-auto-update=True\
|
||||
--log-level=DEBUG\
|
||||
--tcp-port=30304\
|
||||
--metrics-server=True\
|
||||
--metrics-server-port=8003\
|
||||
--metrics-server-address=0.0.0.0\
|
||||
--rest=true\
|
||||
--rest-admin=true\
|
||||
--rest-address=0.0.0.0\
|
||||
--rest-port=8645\
|
||||
--rest-allow-origin="waku-org.github.io"\
|
||||
--rest-allow-origin="localhost:*"\
|
||||
--max-connections=${MAX_CONNECTIONS:-150}\
|
||||
--log-level=${LOG_LEVEL:-INFO}\
|
||||
--tcp-port=${TCP_PORT:-30304}\
|
||||
--nat=extip:"${MY_EXT_IP}"\
|
||||
--store=true\
|
||||
--store-message-db-url="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/postgres"\
|
||||
--rln-relay-eth-client-address="${RLN_RELAY_ETH_CLIENT_ADDRESS}"\
|
||||
${RLN_RELAY_CRED_PATH}\
|
||||
${RLN_RELAY_CRED_PASSWORD}\
|
||||
${DNS_WSS_CMD}\
|
||||
${NODEKEY}\
|
||||
${STORE_RETENTION_POLICY}\
|
||||
--metrics-server=true\
|
||||
--metrics-server-port=${METRICS_PORT:-8003}\
|
||||
--metrics-server-address=0.0.0.0\
|
||||
${NODEKEY_FLAG}\
|
||||
${KAD_BOOTSTRAP_FLAGS}\
|
||||
${EXTRA_ARGS}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user