eth-stack/stack-orchestrator/config/eth/run-el.sh

#!/bin/sh

set -e
if [ -n "$CERC_SCRIPT_DEBUG" ]; then
  set -x
fi

echo "Using the following env:"
echo "CERC_NETWORK: ${CERC_NETWORK}"
echo "CERC_ALLOW_UNPROTECTED_TXS: ${CERC_ALLOW_UNPROTECTED_TXS}"
echo "CERC_ETH_DATADIR: ${CERC_ETH_DATADIR}"
echo "CERC_GETH_VERBOSITY: ${CERC_GETH_VERBOSITY}"

# See https://linuxconfig.org/how-to-propagate-a-signal-to-child-processes-from-a-bash-script
cleanup() {
  echo "Signal received, cleaning up..."

  # Kill the child process first (CERC_REMOTE_DEBUG=true uses dlv which starts geth as a child process)
  pkill -P ${geth_pid}
  sleep 2
  kill $(jobs -p)

  wait
  echo "Done"
}
trap 'cleanup' SIGINT SIGTERM

# Store the JWT secret
jwtsecret_file_path=/opt/jwtsecret
echo -n "$JWT" > $jwtsecret_file_path

NETWORK_OPT=""
if [ "$CERC_NETWORK" = "sepolia"  ] || [ "$CERC_NETWORK" = "holesky"  ] || [ "$CERC_NETWORK" = "mainnet"  ]; then
  NETWORK_OPT="--${CERC_NETWORK}"
else
  NETWORK_OPT="--networkid ${CERC_NETWORK}"
fi

OTHER_OPTS=""
if [ "$CERC_ALLOW_UNPROTECTED_TXS" == "true" ]; then
  # Allow for unprotected (non EIP155) txs to be submitted via RPC
  OTHER_OPTS="--rpc.allow-unprotected-txs"
fi

geth \
  ${NETWORK_OPT} \
  --datadir="${CERC_ETH_DATADIR}" \
  --authrpc.addr="0.0.0.0" \
  --authrpc.vhosts="*" \
  --authrpc.jwtsecret="$jwtsecret_file_path" \
  --http \
  --http.addr="0.0.0.0" \
  --http.vhosts="*" \
  --http.api="${CERC_GETH_HTTP_APIS:-eth,web3,net,admin,personal,debug}" \
  --http.corsdomain="*" \
  --ws \
  --ws.addr="0.0.0.0" \
  --ws.origins="*" \
  --ws.api="${CERC_GETH_WS_APIS:-eth,web3,net,admin,personal,debug}" \
  --state.scheme hash \
  --gcmode archive \
  --syncmode=full \
  --metrics \
  --metrics.addr="0.0.0.0" \
  --verbosity=${CERC_GETH_VERBOSITY} \
  ${OTHER_OPTS} \
  &

geth_pid=$!
wait $geth_pid