diff --git a/.env b/.env index f395b69..e72e595 100644 --- a/.env +++ b/.env @@ -1,22 +1,4 @@ CHAIN_PREFIX=bostrom -POSTGRES_DB_FOLDER=$HOME/.cyberindex/postgres -POSTGRES_DB_HOST=localhost -POSTGRES_DB_PORT=5432 -POSTGRES_DB_NAME=cyberindex -POSTGRES_USER_NAME=cyber -POSTGRES_DB_PASSWORD=1cyberindex1 -POSTGRES_SSL_MODE=disable -POSTGRES_DB=cyberindex -POSTGRES_USER=cyber -POSTGRES_PASSWORD=1cyberindex1 -HASURA_PORT=8090 -HASURA_ADMIN_SECRET=1hasura1 -HASURA_GRAPHQL_DATABASE_URL=postgres://${POSTGRES_USER_NAME}:${POSTGRES_DB_PASSWORD}@cyberindex_postgres:${POSTGRES_DB_PORT}/${POSTGRES_DB_NAME} -HASURA_GRAPHQL_ENABLE_CONSOLE="true" -HASURA_GRAPHQL_ENABLED_LOG_TYPES=startup,http-log,webhook-log,websocket-log,query-log -HASURA_GRAPHQL_ADMIN_SECRET=${HASURA_ADMIN_SECRET:-1hasura1} -HASURA_GRAPHQL_UNAUTHORIZED_ROLE=anonymous -JUNO_WORKERS=1 RPC_URL=http://localhost:26657 GRPC_URL=http://localhost:9090 IPFS_PROFILE=server diff --git a/README.md b/README.md index 6be700d..30332e0 100644 --- a/README.md +++ b/README.md @@ -1,44 +1,52 @@ # Provider for The Great Web -## Dream - -Install nix on barebone with full sync of config from bip39 (public avatar) + cryptonote (private avatar) mnemonics - ## Vision Cybernode is a Hero's weapon in the fight for freedom and decentralization. It transforms a Hero into a Great Web provider. It is the tool to deploy, operate, maintain, and monitor major protocols required for next-generation browsers. -Checkout the [roadmap](./roadmap.md) of cybernode. +## Run your own cybernode + +Checkout the [guide](./cybernode_manual.md) ow to setup your cybernode. ## Backend services provided by cybernode.ai + ### Bostrom + - Bostrom [RPC](https://rpc.bostrom.cybernode.ai:443) - Bostrom [REST](https://lcd.bostrom.cybernode.ai:443) - Bostrom [index](https://index.bostrom.cybernode.ai) - Bostrom [websocket](wss://rpc.bostrom.cybernode.ai/websocket) - Bostrom [GRPC](https://grpc.bostrom.cybernode.ai:1443) + ### Cosmoshub + - Cosmoshub-4 [RPC](https://rpc.cosmoshub-4.cybernode.ai:443) - Cosmoshub-4 [REST](https://lcd.cosmoshub-4.cybernode.ai) - Cosmoshub-4 [GRPC](https://grpc.cosmoshub-4.cybernode.ai:1443) + ### Ethereum + - Ethereum [RPC](https://rpc.ethereum.cybernode.ai) - Ethereum [websocket](wss://ws.ethereum.cybernode.ai) + ### IPFS + - IPFS [gateway](https://gateway.ipfs.cybernode.ai) - IPFS peer \ `/ip4/135.181.19.86/tcp/4001/p2p/12D3KooWNMcnoQynAY9hyi4JxzSu64BsRGcJ9z7vKghqk8sTrpqY`, `/ip4/88.99.105.146/tcp/4001/p2p/QmUgmRxoLtGERot7Y6G7UyF6fwvnusQZfGR15PuE6pY3aB` - IPFS Cluster p2p peer \ `/ip4/135.181.19.86/tcp/9096/p2p/12D3KooWRkf2iZHfy1mUrdReHBFXu8TWWzK1XzsMy8TXqVohwEtH`, `/ip4/88.99.105.146/tcp/9096/p2p/12D3KooWGJvMBPGSQtLeXJgL11wmK67Tp2v69A1Q4rp5FjoSGBNd` + ### Axelar + - Axelar [ssl RPC](https://rpc.axelar-dojo-1.cybernode.ai:443), [non-ssl RPC](http://rpc.axelar-dojo-1.cybernode.ai:26657) - Axelar [ssl REST](https://lcd.axelar-dojo-1.cybernode.ai:443), [non-ssl REST](http://lcd.axelar-dojo-1.cybernode.ai:26317) - Axelar [ssl GRPC](https://grpc.axelar-dojo-1.cybernode.ai:1443), [non-ssl GRPC](http://grpc.axelar-dojo-1.cybernode.ai:26090) Uptime of services can be checked at [monitor](https://cybernode.ai). - ## Testnets endpoints + ### osmo-test-4 - Osmo [ssl RPC](https://rpc.osmo-test-4.cybernode.ai:443), [non-ssl RPC](http://rpc.osmo-test-4.cybernode.ai:26657) diff --git a/cybernode_manual.md b/cybernode_manual.md new file mode 100644 index 0000000..1124544 --- /dev/null +++ b/cybernode_manual.md @@ -0,0 +1,367 @@ +# Welcome To Cybernode + +## What is it for + +Сybernode is designed to help Сyber decentralize and help its Heroes become Content Providers. +After completing the installation, you will end up with the following endpoints served from your server: + +- `rpc.bostrom.` - for bostrom RPC endpoint +- `lcd.bostrom.` - for bostrom LCD endpoint +- `grpc.bostrom.` - for bostrom GRPC endpoint +- `ipfs.` - - for ipfs gateway endpoint + +All of them could be later added to the skill registry to be used as chain data provider in `cyb.ai`: + +## Requirements + +```bash +Network: Static ip address, domain name directed to this IP +CPU: 6 cores +RAM: 32 GB +SSD: 4+ TB NVME SSD +Connection: 30+Mbps, Stable and low-latency connection +GPU: Nvidia GeForce (or Tesla/Titan/Quadro) with CUDA-cores; 4+ Gb of video memory* +Software: Ubuntu 20.04 LTS / 22.04 LTS +Optional: VPS for Grafana monitoring server (standard config for Cybernode includes automatic installation) +``` + +## Cybernode setup + +*To avoid possible misconfiguration issues and simplify the setup of `$ENV`, we recommend performing all the commands as `root` (here root - is literally root, not just a user with root privileges). For the case of a dedicated server for cybernode, it should be considered as ok from the security side.* + +Login as a root user + +```bash +sudo -i +``` + +## Third-party software + +The main distribution unit for Cyber is a [docker](https://www.docker.com/) container. All images are in the default [Dockerhub registry](https://hub.docker.com/r/cyberd/cyber). To access the GPU from the container, Nvidia driver version **410+** and [Nvidia docker runtime](https://github.com/NVIDIA/nvidia-docker) should be installed on the host system. + +All commands below suppose `amd64` architecture, as the different architectures commands may differ accordingly. + +### Install Docker + +Copy the commands below and paste them into CLI. + +1. Install packages to allow apt to use a repository over HTTPS: + + ```bash + sudo apt-get update + sudo apt install -y \ + apt-transport-https \ + ca-certificates \ + curl \ + gnupg-agent \ + software-properties-common + ``` + +2. Add Docker’s official GPG key: + + ```bash + sudo install -m 0755 -d /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg + sudo chmod a+r /etc/apt/keyrings/docker.gpg + ``` + + ```bash + echo \ + "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ + "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + ``` + +3. Update the apt package index: + + ```bash + sudo apt-get update + ``` + +4. Install the latest version of Docker CE and containerd: + + ```bash + sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + ``` + +### Install docker-compose + +Download latest version of binary from docker-compose releases [page](https://github.com/docker/compose/releases) or just do the following(asssuming that you have x86-64 architecture): + +```bash +wget https://github.com/docker/compose/releases/latest/download/docker-compose-linux-x86_64 +chmod +x docker-compose-linux-x86_64 +mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose +``` + +To check docker-compose is working correctly, run: + +```bash +docker-compose version +``` + +You should get a reply with the version you have installed. + +### Install Nvidia drivers + +1. To proceed, first add the `ppa:graphics-drivers/ppa` repository: + + ```bash + sudo add-apt-repository ppa:graphics-drivers/ppa + sudo apt update + ``` + +2. Install Ubuntu drivers: + + ```bash + sudo apt install -y ubuntu-drivers-common + ``` + +3. Next, check what is recommended drivers for your card: + + ```bash + ubuntu-drivers devices + ``` + + You should see something similar to this: + + ```bash + == /sys/devices/pci0000:00/0000:00:01.0/0000:01:00.0 == + modalias : pci:v000010DEd00001BA1sv00001462sd000011E4bc03sc00i00 + vendor : NVIDIA Corporation + model : GP104M [GeForce GTX 1070 Mobile] + driver : nvidia-driver-418 - third-party free + driver : nvidia-driver-430 - third-party free + driver : nvidia-driver-440 - third-party free + driver : nvidia-driver-460 - third-party free recommended + driver : xserver-xorg-video-nouveau - distro free builtin + ``` + +4. We need the **410+** drivers release. As you can see the v460 is recommended. The command below will install the recommended version of the drivers: + + ```bash + sudo ubuntu-drivers autoinstall + ``` + + To install a specific version of a driver, use `sudo apt install nvidia-driver-460` + + The driver installation takes approximately 10 minutes. + + ```bash + DKMS: install completed. + Setting up libxdamage1:i386 (1:1.1.4-3) ... + Setting up libxext6:i386 (2:1.3.3-1) ... + Setting up libxfixes3:i386 (1:5.0.3-1) ... + Setting up libnvidia-decode-415:i386 (460.84-0ubuntu0~gpu18.04.1) ... + Setting up build-essential (12.4ubuntu1) ... + Setting up libnvidia-gl-415:i386 (460.84-0ubuntu0~gpu18.04.1) ... + Setting up libnvidia-encode-415:i386 (460.84-0ubuntu0~gpu18.04.1) ... + Setting up nvidia-driver-415 (460.84-0ubuntu0~gpu18.04.1) ... + Setting up libxxf86vm1:i386 (1:1.1.4-1) ... + Setting up libglx-mesa0:i386 (18.0.5-0ubuntu0~18.04.1) ... + Setting up libglx0:i386 (1.0.0-2ubuntu2.2) ... + Setting up libgl1:i386 (1.0.0-2ubuntu2.2) ... + Setting up libnvidia-ifr1-415:i386 (460.84-0ubuntu0~gpu18.04.1) ... + Setting up libnvidia-fbc1-415:i386 (460.84-0ubuntu0~gpu18.04.1) ... + Processing triggers for libc-bin (2.27-3ubuntu1) ... + Processing triggers for initramfs-tools (0.130ubuntu3.1) ... + update-initramfs: Generating /boot/initrd.img-4.15.0-45-generic + ``` + +5. **Reboot** the system for the changes to take effect. + + ```bash + sudo reboot + ``` + +6. Check the installed drivers: + + ```bash + nvidia-smi + ``` + + You should see this: + (Some version/driver numbers might differ. You might also have some processes already running) + + ```bash + +-----------------------------------------------------------------------------+ + | NVIDIA-SMI 460.84 Driver Version: 460.84 CUDA Version: 11.2 | + |-------------------------------+----------------------+----------------------+ + | GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | + | Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | + |===============================+======================+======================| + | 0 GeForce GTX 1070 Off | 00000000:01:00.0 Off | N/A | + | 26% 36C P5 26W / 180W | 0MiB / 8119MiB | 2% Default | + +-------------------------------+----------------------+----------------------+ + +-----------------------------------------------------------------------------+ + | Processes: GPU Memory | + | GPU PID Type Process name Usage | + |=============================================================================| + | No running processes found | + +-----------------------------------------------------------------------------+ + ``` + +### Install Nvidia container runtime for docker + +1. Add package repositories: + + ```bash + distribution=$(. /etc/os-release;echo $ID$VERSION_ID) \ + && curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \ + && curl -s -L https://nvidia.github.io/libnvidia-container/$distribution/libnvidia-container.list | \ + sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \ + sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list + ``` + +2. Install nvidia-container toolkit and reload the Docker daemon configuration + + ```bash + sudo apt-get update && sudo apt-get install -y nvidia-container-toolkit + sudo systemctl restart docker + ``` + +3. Test nvidia-smi with the latest official CUDA image + + ```bash + docker run --gpus all nvidia/cuda:11.4.0-base nvidia-smi + ``` + + Output logs should coincide as earlier: + + ```bash + Unable to find image 'nvidia/cuda:11.4.0-base' locally + 11.1-base: Pulling from nvidia/cuda + 54ee1f796a1e: Pull complete + f7bfea53ad12: Pull complete + 46d371e02073: Pull complete + b66c17bbf772: Pull complete + 3642f1a6dfb3: Pull complete + e5ce55b8b4b9: Pull complete + 155bc0332b0a: Pull complete + Digest: sha256:774ca3d612de15213102c2dbbba55df44dc5cf9870ca2be6c6e9c627fa63d67a + Status: Downloaded newer image for nvidia/cuda:11.1-base + Mon Jun 21 14:07:52 2021 + +------------------------------------------------------------------------+ + |NVIDIA-SMI 460.84 Driver Version:460.84 CUDA Version: 11.4 | + |-----------------------------+--------------------+---------------------+ + |GPU Name Persistence-M| Bus-Id Disp.A| Volatile Uncorr. ECC| + |Fan Temp Perf Pwr:Usage/Cap| Memory-Usage| GPU-Util Compute M.| + | | | MIG M.| + |=============================+====================+=====================| + | 0 GeForce GTX165... Off |00000000:01:00.0 Off| N/A| + |N/A 47C P0 16W / N/A | 0MB / 3914MiB| 0% Default| + | | | N/A| + +-----------------------------+--------------------+---------------------+ + +------------------------------------------------------------------------+ + |Processes: | + | GPU GI CI PID Type Process name GPU Memory| + | ID ID Usage | + |========================================================================| + | No running processes found | + +------------------------------------------------------------------------+ + ``` + +Your machine is ready to launch the cybernode. + +### Domain name preparation + +You will need a domain name to serve endpoints to the outer world. Use one of the domain name providers (like Namecheap) to buy one, and set up wildcard (\*) forwarding to your server *static* ip: + +![use your ip address](https://gateway.ipfs.cybernode.ai/ipfs/QmbG3RPnsapfyT48YgUDTkQ9rwCvE8vdjWo3WnM7itDwzh) + +If you are willing to use the second layer domain, set up wildcard forward for it as well. + +### Firewall setup + +To make everything work, you will need to allow specific ports on your server firewall: + +```bash +sudo ufw allow 80,443,26656,4001/tcp +``` + +Those are necessary for Nginx, node's p2p, and ipfs p2p connections. Also, if your server is behind a NAT router, remember to set up PORT mapping for the same ports. + +Also, if you're installing Grafana on a separate machine, allow port `9090` to give access to the node's metrics. + +## Main part installation + +Clone the repository + +```bash +git clone https://github.com/cybercongress/cybernode.git && cd cybernode +``` + +To start cybernode, you must run the script and follow its instructions. + +```bash +./start.sh +``` + +You can check the health of services using ***docker*** command + + ```bash + docker ps -a + ``` + +### Node snapshot application + +To speed up the synchronization of the bostrom node, you may pull an archive snap from [snapshot.cybernode.ai](https://snapshot.cybernode.ai/) and check out the snapshot [guide](https://cyb.ai/ipfs/QmciTWRWM6XFzHkwQSqhay3BEgr4pDdQVeJc6tPV1YeMfB) to get familiar with it. + +### Setup monitoring + +*If you decide to install Graphana on the same server as the cybernode, then be careful, because if the service fails, you may not know about it.* + +Go to your browser, and in the address bar, type: your-ip-address:3000 \ +login - admin \ +password - admin + +*If you want, you can set your own password after this step* \ +![grafana_main](https://ipfs.io/ipfs/QmVEKi8fuxPQpoF5SYbJn7pW6CWaKsEDa3SLLuGXSZn8eD) \ +Next step: Add your first data source, select 'Prometheus' +![add_dash](https://ipfs.io/ipfs/QmfVJLCVwGv3WzR6ou9opgcFcuTYRjEqQUK6TBi7vd7HSZ) +![add datasource](https://ipfs.io/ipfs/QmZhVdd262jcFRN2CzKcgWsEUoxf9C9eN4NXN4fXsA244C) +Type in the field "URL" address of your server with Prometheus and set the Name. +![datasource_edit](https://ipfs.io/ipfs/QmU62N1LqiFEKE8v372Hg1c9pXZJbzdhavKXo7N1rMB73S) \ +Then click Save & test. If everything is configured correctly, a green check mark will be displayed +![save_test](https://ipfs.io/ipfs/QmYk1yqxaexPsYQvjgUNRZrDx4ayPRSyZVreGNvGkNTQHA) + +For further work, you will need to find out your data source uid. +It is located in your browser address bar +![find_uid](https://ipfs.io/ipfs/QmdcCM7W7AUzccmdNnAKijHgREPyDBabhaZThqShfTDeBz) +Next step: import CyberNode dashboard to your text editor. +https://github.com/cybercongress/cybernode/blob/master/grafana_dashboard \ +Then select the entire text with the ctrl + A command, turn on the search function with the ctrl + F command, find the ***uid*** value, in my case it is 000000003, select it and replace it with your value from the previous step +![edit_board](https://ipfs.io/ipfs/QmZhUTznQ7ShRPzJC4NSrbn29fVKbX6DtW5cXg61wKNyrK) +After that, import your JSON file and click Load button +![upload_board](https://ipfs.io/ipfs/QmQYZeUpFmBUYNY4YPui4BEht2n3vPUTyLTaiCJYDXR6HH) \ +Set the Name and click Import +![edit_board](https://ipfs.io/ipfs/Qmbycax2pAXJtJbZA7Ev8USYtpzLofu1PZvxFPt5dPWGqZ) +and you can notice how the graphs have come to life: +![board](https://ipfs.io/ipfs/QmeunC7yv1h77hVCmsevZHGdR8Xk8TwCWBLtnc1P7GB82G) + +### Setting alerts + +If you want to set up alerts to always be aware of your cybernode's work, then select the schedule that interests you and click the edit button: +![alert_find](https://ipfs.io/ipfs/QmRKB1y5uQjvkFtrXcoN6aXhhFza1fo9T5cU4YLnuLNGDC) + +You will see the advanced settings of a specific schedule: + +- Select an alert +- Edit all the fields that interest you +- Save before exiting + +![alert_setup](https://ipfs.io/ipfs/QmPrncQeQ21ddvFLV3mnWXXprhrZ2fcrBZWp129YwDthX8) + +You may use variable options to receive alerts, including [email](https://grafana.com/docs/grafana/latest/alerting/set-up/), [Telegram](https://community.grafana.com/t/telegram-alert-channel-configuration/242) or even calls. + +## Congrats! + +It seems like you did it! +Open your cybernode endpoints in browser to verify them working correctly. You should have: + +- `https://rpc.bostrom.` +- `https://lcd.bostrom.` +- `https://grpc.bostrom.` +- `https://ipfs./ipfs/CID` + +In case of any questions, do not hesitate to ask them in our [Telegram](https://t.me/fameofcyber) channel for cyber Heroe's. diff --git a/docker-compose-init.yml b/docker-compose-init.yml index 387cee3..988ad15 100644 --- a/docker-compose-init.yml +++ b/docker-compose-init.yml @@ -18,7 +18,7 @@ services: image: certbot/certbot:latest depends_on: - nginx - command: certonly --cert-name cybernode --reinstall --webroot --webroot-path=/var/www/ --no-eff-email --agree-tos --email ${EMAIL} -d ${DOMAIN} -d rpc.${DOMAIN} -d grpc.${DOMAIN} -d lcd.${DOMAIN} -d ipfs.${DOMAIN} -d index.${DOMAIN} + command: certonly --cert-name cybernode --reinstall --webroot --webroot-path=/var/www/ --no-eff-email --agree-tos --email ${EMAIL} -d ${DOMAIN} -d rpc.bostrom.${DOMAIN} -d grpc.bostrom.${DOMAIN} -d lcd.bostrom.${DOMAIN} -d ipfs.${DOMAIN} volumes: - ./volumes/nginx/www/:/var/www/ - ./volumes/certbot/letsencrypt:/etc/letsencrypt:rw diff --git a/docker-compose.yml b/docker-compose.yml index d314d40..962cb93 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -44,37 +44,6 @@ services: depends_on: - bostrom - postgres: - image: postgres:latest - restart: always - container_name: cyberindex_postgres - environment: - - DOMAIN - volumes: - - $HOME/.cyberindex/postgres:/var/lib/postgresql/data - - ./database/schema/:/root/schema - env_file: - - .env - ports: - - 127.0.0.1:${POSTGRES_DB_PORT}:5432 - depends_on: - - ipfs - - graphql-engine: - image: hasura/graphql-engine:latest - restart: always - container_name: cyberindex_hasura - environment: - - DOMAIN - env_file: - - .env - depends_on: - - "postgres" - ports: - - 127.0.0.1:${HASURA_PORT}:8080 - depends_on: - - postgres - node-exporter: image: prom/node-exporter:latest ports: @@ -93,7 +62,7 @@ services: expose: - 9100 depends_on: - - graphql-engine + - ipfs prometheus: image: prom/prometheus:latest @@ -165,7 +134,7 @@ services: image: certbot/certbot:latest depends_on: - nginx - command: certonly --cert-name cybernode --reinstall --webroot --webroot-path=/var/www/ --no-eff-email --agree-tos --email ${EMAIL} -d ${DOMAIN} -d rpc.${DOMAIN} -d grpc.${DOMAIN} -d lcd.${DOMAIN} -d ipfs.${DOMAIN} -d index.${DOMAIN} + command: certonly --cert-name cybernode --reinstall --webroot --webroot-path=/var/www/ --no-eff-email --agree-tos --email ${EMAIL} -d ${DOMAIN} -d rpc.bostrom.${DOMAIN} -d grpc.bostrom.${DOMAIN} -d lcd.bostrom.${DOMAIN} -d ipfs.${DOMAIN} volumes: - ./volumes/certbot/www/:/var/www/ - ./volumes/certbot/letsencrypt:/etc/letsencrypt:rw @@ -186,9 +155,10 @@ services: - '--config.file=/config/blackbox.yml' restart: unless-stopped depends_on: + - nginx-exporter grafana: - image: grafana/grafana:latest + image: grafana/grafana-enterprise container_name: grafana restart: unless-stopped ports: @@ -202,3 +172,4 @@ services: depends_on: - prometheus - nginx-exporter + user: "0" \ No newline at end of file diff --git a/prometheus.yml b/prometheus.yml index 23aade2..233863f 100644 --- a/prometheus.yml +++ b/prometheus.yml @@ -29,14 +29,6 @@ scrape_configs: scrape_interval: 5s static_configs: - targets: ["ipfs:36001"] - - job_name: "cyberindex_postgres" - scrape_interval: 5s - static_configs: - - targets: ["cyberindex_postgres:5432"] - - job_name: "cyberindex_hasura" - scrape_interval: 5s - static_configs: - - targets: ["cyberindex_hasura:8089"] - job_name: "nginx-exporter" scrape_interval: 5s static_configs: @@ -49,9 +41,8 @@ scrape_configs: static_configs: - targets: # Target to probe with https. - https://:9115 - - https://rpc./block?height=7278626 - - https://lcd./node_info - - https://index./console/ + - https://rpc.bostrom./block?height=7278626 + - https://lcd.bostrom./node_info - https://ipfs./ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme relabel_configs: - source_labels: [__address__] diff --git a/start.sh b/start.sh index 81e67ef..72387b5 100644 --- a/start.sh +++ b/start.sh @@ -74,23 +74,29 @@ done sed -i -E "s/^(DOMAIN=).*/\1${domain}/" .env # Step 3: Insert domain name into prometheus.yml -sed -i -e "s#- https://.*:9115#- https://$domain:9115#" \ - -e "s#- https://rpc\..*/block?height=7278626#- https://rpc.$domain/block?height=7278626#" \ - -e "s#- https://lcd\..*/node_info#- https://lcd.$domain/node_info#" \ - -e "s#- https://index\..*/console/#- https://index.$domain/console/#" \ +sed -i -e "s#- https://.*:9115#- https://bostrom.$domain:9115#" \ + -e "s#- https://rpc.bostrom\..*/block?height=7278626#- https://rpc.bostrom.$domain/block?height=7278626#" \ + -e "s#- https://lcd.bostrom\..*/node_info#- https://lcd.bostrom.$domain/node_info#" \ -e "s#- https://ipfs\..*/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme#- https://ipfs.$domain/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme#" prometheus.yml # Step 3.1: Display updated lines from prometheus.yml echo "Following endpoint list will be provided by your Hero" -grep -E "(https?|rpc\.|lcd\.|index\.|ipfs\.|$domain:9115)" prometheus.yml | grep -v -e "module: \[http_prometheus\]" -e "- targets: # Target to probe with https." +grep -E "(https?|rpc\.|lcd\.|ipfs\.|$domain:9115)" prometheus.yml | grep -v -e "module: \[http_prometheus\]" -e "- targets: # Target to probe with https." echo "Domain name has been updated successfully." # Step 3.2: Ping rpc. and display IP address rpc_domain="rpc.$domain" echo "STEP 2: Pinging $rpc_domain..." -ip_address=$(ping -c 1 $rpc_domain | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | head -1) +ping_result=$(ping -c 1 $rpc_domain) -echo "The IP address of $rpc_domain is: $ip_address" +# Check if ping result contains an IP address +if echo "$ping_result" | grep -qE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'; then + ip_address=$(echo "$ping_result" | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | head -1) + echo "The IP address of $rpc_domain is: $ip_address" +else + echo "ERROR: Unable to retrieve IP address for $rpc_domain." + exit 1 # Exit the script with an error code +fi # Step 3.3: Confirm IP address ownership read -p "Does the IP address $ip_address belong to you? (y/n): " ip_confirmation @@ -99,6 +105,7 @@ if [[ $ip_confirmation == "y" || $ip_confirmation == "Y" ]]; then echo "IP address ownership confirmed." else echo "Please ensure the correct IP address is assigned to your domain and try again." + exit 1 fi # Step 4: Ask user if they want to use email for SSL certificates diff --git a/volumes/nginx/cybernode.conf b/volumes/nginx/cybernode.conf index e37b42c..1428aba 100644 --- a/volumes/nginx/cybernode.conf +++ b/volumes/nginx/cybernode.conf @@ -32,7 +32,7 @@ server { ssl_certificate_key /etc/letsencrypt/live/cybernode/privkey.pem; ssl_certificate /etc/letsencrypt/live/cybernode/fullchain.pem; - server_name rpc.*; + server_name rpc.bostrom.*; location / { proxy_pass http://bostrom:26657/; @@ -57,7 +57,7 @@ server { ssl_certificate_key /etc/letsencrypt/live/cybernode/privkey.pem; ssl_certificate /etc/letsencrypt/live/cybernode/fullchain.pem; - server_name lcd.*; + server_name lcd.bostrom.*; location / { proxy_pass http://bostrom:1317/; @@ -75,56 +75,31 @@ server { } server { - listen 443 http2; - server_name grpc.*; + listen 443 ssl; + server_name grpc.bostrom.*; - ssl_certificate /etc/letsencrypt/live/cybernode/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/cybernode/privkey.pem; - - ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!ADH:!MD5; - - location / { - grpc_set_header Host $host; - grpc_set_header X-Real-IP $remote_addr; - grpc_set_header X-FORWARDED_PROTO https; - grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - client_max_body_size 0; - grpc_read_timeout 600; - grpc_send_timeout 600; - grpc_ssl_session_reuse on; - grpc_pass grpc://bostrom:9090; - - - # CORS -# include /etc/nginx/conf.d/cors.include; - } - -} - -server { - listen 443 ssl; - - root /var/www/; - - ssl_certificate_key /etc/letsencrypt/live/cybernode/privkey.pem; ssl_certificate /etc/letsencrypt/live/cybernode/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/cybernode/privkey.pem; - server_name index.*; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!ADH:!MD5; location / { - proxy_pass http://cyberindex_hasura:8080/; - proxy_buffers 8 32k; - proxy_buffer_size 64k; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + grpc_set_header Host $host; + grpc_set_header X-Real-IP $remote_addr; + grpc_set_header X-FORWARDED_PROTO https; + grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + client_max_body_size 0; + grpc_read_timeout 600; + grpc_send_timeout 600; + grpc_ssl_session_reuse on; + grpc_pass grpc://bostrom:9090; + + + # CORS + # include /etc/nginx/conf.d/cors.include; } + } server {