diff --git a/.gitignore b/.gitignore index 052ce05..b3dc53f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ keystore postgresql .env +/data/ diff --git a/docker-compose.yml b/docker-compose.yml index e2ea621..3f52dea 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,40 +1,13 @@ version: "3.7" -# Environment variable definitions -x-rln-relay-eth-client-address: &rln_relay_eth_client_address ${RLN_RELAY_ETH_CLIENT_ADDRESS:-} # Add your RLN_RELAY_ETH_CLIENT_ADDRESS after the "-" -x-rln-environment: &rln_env - RLN_RELAY_CONTRACT_ADDRESS: ${RLN_RELAY_CONTRACT_ADDRESS:-0xB9cd878C90E49F797B4431fBF4fb333108CB90e6} - RLN_RELAY_CRED_PATH: ${RLN_RELAY_CRED_PATH:-} # Optional: Add your RLN_RELAY_CRED_PATH after the "-" - RLN_RELAY_CRED_PASSWORD: ${RLN_RELAY_CRED_PASSWORD:-} # Optional: Add your RLN_RELAY_CRED_PASSWORD after the "-" - -x-pg-pass: &pg_pass ${POSTGRES_PASSWORD:-test123} -x-pg-user: &pg_user ${POSTGRES_USER:-postgres} - -x-pg-environment: &pg_env - POSTGRES_USER: *pg_user - POSTGRES_PASSWORD: *pg_pass - -x-pg-exporter-env: &pg_exp_env - environment: - POSTGRES_PASSWORD: *pg_pass - DATA_SOURCE_URI: postgres?sslmode=disable - DATA_SOURCE_USER: *pg_user - DATA_SOURCE_PASS: *pg_pass - PG_EXPORTER_EXTEND_QUERY_PATH: /etc/pgexporter/queries.yml - -# Services definitions services: nwaku: - image: ${NWAKU_IMAGE:-quay.io/wakuorg/nwaku-pr:3587} + image: ${NWAKU_IMAGE:-quay.io/wakuorg/nwaku-pr:3807} restart: on-failure ports: - 30304:30304/tcp - 30304:30304/udp - - 9005:9005/udp - 127.0.0.1:8003:8003 - - 80:80 #Let's Encrypt - - 8000:8000/tcp #WSS - - 127.0.0.1:8645:8645 logging: driver: json-file options: @@ -43,156 +16,21 @@ services: compress: "true" tag: "nwaku-{{.ID}}" environment: - DOMAIN: ${DOMAIN} NODEKEY: ${NODEKEY} - RLN_RELAY_CRED_PASSWORD: "${RLN_RELAY_CRED_PASSWORD}" - RLN_RELAY_ETH_CLIENT_ADDRESS: *rln_relay_eth_client_address + KAD_BOOTSTRAP_NODES: ${KAD_BOOTSTRAP_NODES} + CLUSTER_ID: ${CLUSTER_ID} + MIX_DISABLE_COVER_TRAFFIC: ${MIX_DISABLE_COVER_TRAFFIC} + NUM_SHARDS_IN_NETWORK: ${NUM_SHARDS_IN_NETWORK} + SHARD: ${SHARD} + TCP_PORT: ${TCP_PORT} + METRICS_PORT: ${METRICS_PORT} + LOG_LEVEL: ${LOG_LEVEL} + MAX_CONNECTIONS: ${MAX_CONNECTIONS} EXTRA_ARGS: ${EXTRA_ARGS} - STORAGE_SIZE: ${STORAGE_SIZE} - <<: - - *pg_env - - *rln_env volumes: - ./run_node.sh:/opt/run_node.sh:Z - - ${CERTS_DIR:-./certs}:/etc/letsencrypt/:Z - - ./keystore:/keystore:Z + - ./data:/data + working_dir: /data entrypoint: sh command: - /opt/run_node.sh - depends_on: - - postgres - - # TODO: Commented until ready - #waku-frontend: - # # TODO: migrate to waku-org - # image: docker.io/alrevuelta/waku-frontend:latest - # #command: - # # - xxx - # ports: - # - 127.0.0.1:4000:3000 - # restart: on-failure:5 - # depends_on: - # - nwaku - - prometheus: - image: docker.io/prom/prometheus:latest - volumes: - - ./monitoring/prometheus-config.yml:/etc/prometheus/prometheus.yml:Z - command: - - --config.file=/etc/prometheus/prometheus.yml - - --storage.tsdb.retention.size=${PROMETHEUS_RETENTION_SIZE:-5GB} - # ports: - # - 127.0.0.1:9090:9090 - restart: on-failure:5 - depends_on: - - postgres-exporter - - nwaku - - grafana: - image: docker.io/grafana/grafana:latest - env_file: - - ./monitoring/configuration/grafana-plugins.env - volumes: - - ./monitoring/configuration/grafana.ini:/etc/grafana/grafana.ini:Z - - ./monitoring/configuration/dashboards.yaml:/etc/grafana/provisioning/dashboards/dashboards.yaml:Z - - ./monitoring/configuration/datasources.yaml:/etc/grafana/provisioning/datasources/datasources.yaml:Z - - ./monitoring/configuration/dashboards:/var/lib/grafana/dashboards/:Z - - ./monitoring/configuration/customizations/custom-logo.svg:/usr/share/grafana/public/img/grafana_icon.svg:Z - - ./monitoring/configuration/customizations/custom-logo.svg:/usr/share/grafana/public/img/grafana_typelogo.svg:Z - - ./monitoring/configuration/customizations/custom-logo.png:/usr/share/grafana/public/img/fav32.png:Z - ports: - - 0.0.0.0:3000:3000 - restart: on-failure:5 - depends_on: - - prometheus - - postgres: - # This service is used when the Waku node has the 'store' protocol enabled - # and the store-message-db-url is set to use Postgres - image: postgres:15.4-alpine3.18 - restart: on-failure:5 - shm_size: "${POSTGRES_SHM:-1g}" # Set default shared memory size to 1 GB - environment: - <<: *pg_env - volumes: - - ./postgres_cfg/postgresql.conf:/etc/postgresql/postgresql.conf:Z - - ./postgres_cfg/db.sql:/docker-entrypoint-initdb.d/db.sql:Z - - ${PG_DATA_DIR:-./postgresql}:/var/lib/postgresql/data:Z - command: postgres -c config_file=/etc/postgresql/postgresql.conf - ports: - - 127.0.0.1:5432:5432 - healthcheck: - test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"] - interval: 30s - timeout: 60s - retries: 5 - start_period: 80s - - postgres-exporter: - # Service aimed to scrape information from Postgres and post it to Prometeus - image: quay.io/prometheuscommunity/postgres-exporter:v0.12.0 - restart: on-failure:5 - <<: *pg_exp_env - volumes: - - ./monitoring/configuration/postgres-exporter.yml:/etc/pgexporter/postgres-exporter.yml:Z - - ./monitoring/configuration/pg-exporter-queries.yml:/etc/pgexporter/queries.yml:Z - command: - # Both the config file and 'DATA_SOURCE_NAME' should contain valid connection info - - --config.file=/etc/pgexporter/postgres-exporter.yml - depends_on: - - postgres - -## Uncomment if you have RLN credentials and want to use play with a front end to send messages -# waku-frontend: -# # TODO: migrate to waku-org -# image: alrevuelta/waku-frontend:aad9628 -# ports: -# - 127.0.0.1:4000:4000 -# restart: on-failure:5 -# depends_on: -# - nwaku - -## Uncomment if you need pgadmin support in your container. -## Commented for backward version compatibility of docker-compose. -# pgadmin: -# image: dpage/pgadmin4:latest -# environment: -# - PGADMIN_DEFAULT_EMAIL=waku@waku.com -# - PGADMIN_DEFAULT_PASSWORD=wakuwaku -# - PGADMIN_CONFIG_SERVER_MODE=False -# - PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED=False -# - PGADMIN_LISTEN_PORT=80 -# ports: -# - 15432:80 -# user: root -# entrypoint: /bin/sh -c "chmod 600 /pgpass; /entrypoint.sh;" -# volumes: -# - pgadmin:/var/lib/pgadmin -# configs: -# - source: servers.json -# target: /pgadmin4/servers.json -# - source: pgpass -# target: /pgpass -# depends_on: -# - postgres -# profiles: -# - dbadmin - -# volumes: -# pgadmin: - -# configs: -# pgpass: -# content: postgres:5432:*:${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-test123} -# servers.json: -# content: | -# {"Servers": {"1": { -# "Group": "Servers", -# "Name": "WakuStoreDB", -# "Host": "postgres", -# "Port": 5432, -# "MaintenanceDB": "postgres", -# "Username": "postgres", -# "PassFile": "/pgpass", -# "SSLMode": "disable" -# }}} diff --git a/run_node.sh b/run_node.sh index 176004b..8a18003 100755 --- a/run_node.sh +++ b/run_node.sh @@ -1,144 +1,39 @@ #!/bin/sh -echo "I am a nwaku node" +echo "I am a nwaku mix node (testnet-0.2)" -if [ -n "${ETH_CLIENT_ADDRESS}" ] ; then - echo "ETH_CLIENT_ADDRESS variable was renamed to RLN_RELAY_ETH_CLIENT_ADDRESS" - echo "Please update your .env file" - exit 1 -fi - -if [ -z "${RLN_RELAY_ETH_CLIENT_ADDRESS}" ]; then - echo "Missing Eth client address, please refer to README.md for detailed instructions" - exit 1 -fi - -MY_EXT_IP=$(wget -qO- https://api4.ipify.org) -DNS_WSS_CMD= - -if [ -z "${DOMAIN}" ]; then - echo "auto-domain: DOMAIN is unset, trying to guess it" - - # Check if we have an IP - IPCHECK=$(echo "${MY_EXT_IP}" | grep -c '^[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+$') - - if [ "${IPCHECK}" -ne 1 ]; then - echo "Failed to get ip, received: '${MY_EXT_IP}'" - else - echo "auto-domain: ip is '${MY_EXT_IP}'" - - # Get reverse DNS - DNS=$(dig +short -x "${MY_EXT_IP}") - - # Check if looks like a DNS - DNSCHECK=$(echo "${DNS}" | grep -c '^\([a-zA-Z0-9_\-]\+\.\)\+$') - - if [ "${DNSCHECK}" -ne 1 ]; then - echo "Failed to get DNS, received: '${DNS}'" - else - DOMAIN=$(echo "${DNS}" | sed s/\.$//) - echo "auto-domain: DOMAIN deduced and set to ${DOMAIN}" - - # Double check the domain is setup to return right IP - # OpenDNS servers are used to bypass /etc/hosts as it may return loopback address - DNS_IP=$(dig +short @208.67.222.222 "${DNS}") - - if [ "${DNS_IP}" != "${MY_EXT_IP}" ]; then - echo "auto-domain: DNS queried returned a different ip: '${DNS_IP}', unsetting DOMAIN" - unset DOMAIN - else - echo "auto-domain: last verification successful, DOMAIN=${DOMAIN}" - fi - fi - fi -fi - -if [ -n "${DOMAIN}" ]; then - - LETSENCRYPT_PATH=/etc/letsencrypt/live/${DOMAIN} - - if ! [ -d "${LETSENCRYPT_PATH}" ]; then - apk add --no-cache certbot - - certbot certonly\ - --non-interactive\ - --agree-tos\ - --no-eff-email\ - --no-redirect\ - --email admin@${DOMAIN}\ - -d ${DOMAIN}\ - --standalone - fi - - if ! [ -e "${LETSENCRYPT_PATH}/privkey.pem" ]; then - echo "The certificate does not exist. Proceeding without supporting websocket" - else - WS_SUPPORT="--websocket-support=true" - WSS_SUPPORT="--websocket-secure-support=true" - WSS_KEY="--websocket-secure-key-path=${LETSENCRYPT_PATH}/privkey.pem" - WSS_CERT="--websocket-secure-cert-path=${LETSENCRYPT_PATH}/fullchain.pem" - DNS4_DOMAIN="--dns4-domain-name=${DOMAIN}" - - DNS_WSS_CMD="${WS_SUPPORT} ${WSS_SUPPORT} ${WSS_CERT} ${WSS_KEY} ${DNS4_DOMAIN}" - fi -fi +MY_EXT_IP="${MY_EXT_IP:-$(wget -qO- https://api4.ipify.org)}" +# NODEKEY env -> --nodekey flag for stable peer ID if [ -n "${NODEKEY}" ]; then - NODEKEY=--nodekey=${NODEKEY} + NODEKEY_FLAG="--nodekey=${NODEKEY}" fi -if [ -n "${RLN_RELAY_CRED_PASSWORD}" ]; then - RLN_RELAY_CRED_PASSWORD=--rln-relay-cred-password="${RLN_RELAY_CRED_PASSWORD}" - ## Enable Light Push (RLNaaS) if RLN credentials are used - LIGHTPUSH=--lightpush=true - ## Pass default value for credentials path if not set - RLN_RELAY_CRED_PATH=--rln-relay-cred-path=${RLN_RELAY_CRED_PATH:-/keystore/keystore.json} - echo "Using RLN credentials from ${RLN_RELAY_CRED_PATH}" -else - LIGHTPUSH=--lightpush=false - # Ensure no empty values are passed - RLN_RELAY_CRED_PATH="" - RLN_RELAY_CRED_PASSWORD="" -fi - - -STORE_RETENTION_POLICY=--store-message-retention-policy=size:1GB - -if [ -n "${STORAGE_SIZE}" ]; then - STORE_RETENTION_POLICY=--store-message-retention-policy=size:"${STORAGE_SIZE}" +# KAD_BOOTSTRAP_NODES env (comma-separated multiaddrs) -> repeated --kad-bootstrap-node flags +# Each entry must be /dns4//tcp//p2p/ (peerID required by libp2p). +KAD_BOOTSTRAP_FLAGS="" +if [ -n "${KAD_BOOTSTRAP_NODES}" ]; then + KAD_BOOTSTRAP_FLAGS=$(echo "${KAD_BOOTSTRAP_NODES}" | tr ',' '\n' | sed 's/^/--kad-bootstrap-node=/' | tr '\n' ' ') fi exec /usr/bin/wakunode\ + --mix=true\ + --mix-disable-cover-traffic=${MIX_DISABLE_COVER_TRAFFIC:-true}\ + --enable-kad-discovery=true\ --relay=true\ --filter=true\ - --mix=true\ - --peer-exchange=true\ - ${LIGHTPUSH}\ + --lightpush=true\ + --cluster-id=${CLUSTER_ID:-2}\ + --num-shards-in-network=${NUM_SHARDS_IN_NETWORK:-1}\ + --shard=${SHARD:-0}\ --keep-alive=true\ - --max-connections=150\ - --cluster-id=1\ - --discv5-discovery=true\ - --discv5-udp-port=9005\ - --discv5-enr-auto-update=True\ - --log-level=DEBUG\ - --tcp-port=30304\ - --metrics-server=True\ - --metrics-server-port=8003\ - --metrics-server-address=0.0.0.0\ - --rest=true\ - --rest-admin=true\ - --rest-address=0.0.0.0\ - --rest-port=8645\ - --rest-allow-origin="waku-org.github.io"\ - --rest-allow-origin="localhost:*"\ + --max-connections=${MAX_CONNECTIONS:-150}\ + --log-level=${LOG_LEVEL:-INFO}\ + --tcp-port=${TCP_PORT:-30304}\ --nat=extip:"${MY_EXT_IP}"\ - --store=true\ - --store-message-db-url="postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/postgres"\ - --rln-relay-eth-client-address="${RLN_RELAY_ETH_CLIENT_ADDRESS}"\ - ${RLN_RELAY_CRED_PATH}\ - ${RLN_RELAY_CRED_PASSWORD}\ - ${DNS_WSS_CMD}\ - ${NODEKEY}\ - ${STORE_RETENTION_POLICY}\ + --metrics-server=true\ + --metrics-server-port=${METRICS_PORT:-8003}\ + --metrics-server-address=0.0.0.0\ + ${NODEKEY_FLAG}\ + ${KAD_BOOTSTRAP_FLAGS}\ ${EXTRA_ARGS} -