From 36e89b5a7852594ac19dc1b0e1d693d5718aa185 Mon Sep 17 00:00:00 2001 From: Thomas E Lackey Date: Mon, 1 Apr 2024 15:53:01 -0500 Subject: [PATCH] Linea Sepolia Testnet-based Nitro Auth --- ...er-compose-linea-testnet-go-nitro-auth.yml | 91 +++++++++++++++++++ .../data/config/go-nitro/run-nitro-node.sh | 54 +++++++---- .../linea-testnet-go-nitro-auth/alice.env | 25 +++++ .../linea-testnet-go-nitro-auth/bob.env | 25 +++++ .../linea-testnet-go-nitro-auth/bootnode.env | 23 +++++ .../caddy/Caddyfile | 42 +++++++++ .../deployment/nitro-addresses.json | 5 + .../container-build/cerc-go-nitro/Dockerfile | 2 +- .../stacks/linea-testnet-nitro-auth/stack.yml | 11 +++ 9 files changed, 261 insertions(+), 17 deletions(-) create mode 100644 stack_orchestrator/data/compose/docker-compose-linea-testnet-go-nitro-auth.yml create mode 100644 stack_orchestrator/data/config/linea-testnet-go-nitro-auth/alice.env create mode 100644 stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bob.env create mode 100644 stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bootnode.env create mode 100644 stack_orchestrator/data/config/linea-testnet-go-nitro-auth/caddy/Caddyfile create mode 100644 stack_orchestrator/data/config/linea-testnet-go-nitro-auth/deployment/nitro-addresses.json create mode 100644 stack_orchestrator/data/stacks/linea-testnet-nitro-auth/stack.yml diff --git a/stack_orchestrator/data/compose/docker-compose-linea-testnet-go-nitro-auth.yml b/stack_orchestrator/data/compose/docker-compose-linea-testnet-go-nitro-auth.yml new file mode 100644 index 00000000..44a56e13 --- /dev/null +++ b/stack_orchestrator/data/compose/docker-compose-linea-testnet-go-nitro-auth.yml @@ -0,0 +1,91 @@ +version: '3.7' + +services: + go-nitro-alice: + image: cerc/go-nitro:local + hostname: go-nitro-alice + restart: on-failure + depends_on: + - go-nitro-bootnode + env_file: + - ../config/linea-testnet-go-nitro-auth/alice.env + entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"] + volumes: + - nitro_deployment:/app/deployment + - go_nitro_data_alice:/app/data + - ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh + healthcheck: + test: ["CMD", "nc", "-vz", "localhost", "4006"] + interval: 5s + timeout: 5s + retries: 100 + start_period: 100s + ports: + - "3006:3006" + - "4006:4006" + - "5006:5006" + - "4106:4106" + - "4206:4206" + - "4216:4216" + + go-nitro-bob: + image: cerc/go-nitro:local + hostname: go-nitro-bob + restart: on-failure + depends_on: + - go-nitro-bootnode + env_file: + - ../config/linea-testnet-go-nitro-auth/bob.env + entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"] + volumes: + - nitro_deployment:/app/deployment + - go_nitro_data_bob:/app/data + - ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh + healthcheck: + test: ["CMD", "nc", "-vz", "localhost", "4007"] + interval: 5s + timeout: 5s + retries: 100 + start_period: 100s + ports: + - "3007:3007" + - "4007:4007" + - "5007:5007" + - "4107:4107" + - "4207:4207" + - "4217:4217" + + go-nitro-bootnode: + image: cerc/go-nitro:local + hostname: go-nitro-bootnode + restart: on-failure + env_file: + - ../config/linea-testnet-go-nitro-auth/bootnode.env + entrypoint: [ "bash", "-c", "/app/run-nitro-node.sh" ] + volumes: + - nitro_deployment:/app/deployment + - go_nitro_data_bootnode:/app/data + - ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh + healthcheck: + test: [ "CMD", "nc", "-vz", "localhost", "4008" ] + interval: 5s + timeout: 5s + retries: 100 + start_period: 100s + + nitro-caddy: + image: caddy:2-alpine + restart: always + volumes: + - ../config/linea-testnet-go-nitro-auth/caddy/Caddyfile:/etc/caddy/Caddyfile + ports: + - "5678:80" + depends_on: + - go-nitro-alice + - go-nitro-bob + +volumes: + go_nitro_data_alice: + go_nitro_data_bob: + go_nitro_data_bootnode: + nitro_deployment: diff --git a/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh b/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh index 732af9aa..3b48e554 100755 --- a/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh +++ b/stack_orchestrator/data/config/go-nitro/run-nitro-node.sh @@ -4,6 +4,11 @@ if [ -n "$CERC_SCRIPT_DEBUG" ]; then set -x fi +if [ -z "$CERC_NITRO_CHAIN_PK" ] || [ -z "$CERC_NITRO_CHAIN_URL" ]; then + echo "You most set both CERC_NITRO_CHAIN_PK and CERC_NITRO_CHAIN_URL." 1>&2 + exit 1 +fi + nitro_addresses_file="/app/deployment/nitro-addresses.json" # Check if CERC_NA_ADDRESS environment variable is set @@ -29,23 +34,25 @@ fi echo "Running Nitro node" -# Assuming CERC_NITRO_CHAIN_URL is of format ://host:port -ws_host=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 1) -ws_port=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 2) +if [[ "${CERC_GO_NITRO_WAIT_FOR_CHAIN:-true}" == "true" ]]; then + # Assuming CERC_NITRO_CHAIN_URL is of format ://host:port + ws_host=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 1 | cut -d'/' -f 1) + ws_port=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 2) -# Wait till chain endpoint is available -retry_interval=5 -while true; do - nc -z -w 1 "$ws_host" "$ws_port" + # Wait till chain endpoint is available + retry_interval=5 + while true; do + nc -z -w 1 "$ws_host" "$ws_port" - if [ $? -eq 0 ]; then - echo "Chain endpoint is available" - break - fi + if [ $? -eq 0 ]; then + echo "Chain endpoint is available" + break + fi - echo "Chain endpoint not yet available, retrying in $retry_interval seconds..." - sleep $retry_interval -done + echo "Chain endpoint not yet available, retrying in $retry_interval seconds..." + sleep $retry_interval + done +fi if [[ -n "$CERC_NITRO_UI_PORT" ]] && [[ -d "/app-node/packages/nitro-gui/dist" ]]; then for f in `ls /app-node/packages/nitro-gui/dist/assets/*.js`; do @@ -67,6 +74,20 @@ if [[ "$CERC_NITRO_AUTH_ON" == "true" ]] && [[ -d "/app-node/packages/nitro-auth bash -c "sleep 6 && cd /app-node/packages/nitro-auth && yarn start" & fi +if [[ -z "$CERC_CHAIN_START_BLOCK" ]]; then + if [[ ! -f "/app/deployment/chainstartblock.json" ]]; then + curl --location "$(echo $CERC_NITRO_CHAIN_URL | sed 's/^ws/http/' | sed 's#/ws/#/#')" \ + --header 'Content-Type: application/json' \ + --data '{ + "jsonrpc": "2.0", + "id": 124, + "method": "eth_blockNumber", + "params": [] + }' > /app/deployment/chainstartblock.json + fi + CERC_CHAIN_START_BLOCK=$(printf "%d" `cat /app/deployment/chainstartblock.json | jq -r '.result'`) +fi + cd /app ./nitro \ -chainurl ${CERC_NITRO_CHAIN_URL} \ @@ -74,11 +95,12 @@ cd /app -rpcport ${CERC_NITRO_RPC_PORT} \ -wsmsgport ${CERC_NITRO_WS_MSG_PORT} \ -publicip "0.0.0.0" \ - -pk ${CERC_NITRO_PK} \ + -pk ${CERC_NITRO_PK:-$CERC_NITRO_CHAIN_PK} \ -chainpk ${CERC_NITRO_CHAIN_PK} \ -naaddress ${NA_ADDRESS} \ -vpaaddress ${VPA_ADDRESS} \ -caaddress ${CA_ADDRESS} \ -usedurablestore=${CERC_NITRO_USE_DURABLE_STORE} \ -durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} \ - -bootpeers "${CERC_NITRO_BOOT_PEERS}" \ No newline at end of file + -bootpeers "${CERC_NITRO_BOOT_PEERS}" \ + -chainstartblock $CERC_CHAIN_START_BLOCK \ No newline at end of file diff --git a/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/alice.env b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/alice.env new file mode 100644 index 00000000..7cfbae5c --- /dev/null +++ b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/alice.env @@ -0,0 +1,25 @@ +CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24" +CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636" +CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8" + +# SET ME! Your on-chain private key. +#CERC_NITRO_CHAIN_PK= + +# Default is CERC_NITRO_CHAIN_PK. +#CERC_NITRO_PK= + +# SET ME! The WebSocket to connect to. +#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/ + +CERC_GO_NITRO_WAIT_FOR_CHAIN=false + +CERC_NITRO_AUTH_ON=false +CERC_NITRO_AUTH_RPC_PORT=4006 +CERC_NITRO_AUTH_UI_PORT=4206 +CERC_NITRO_BOOT_PEERS="/dns4/go-nitro-bootnode/tcp/3008/p2p/16Uiu2HAmFYz5YPf3GtkfQsAwYJfDsKSm34U9qAiTwxW7RJUVGMRK" +CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store +CERC_NITRO_MSG_PORT=3006 +CERC_NITRO_RPC_PORT=4006 +CERC_NITRO_UI_PORT=4106 +CERC_NITRO_USE_DURABLE_STORE=true +CERC_NITRO_WS_MSG_PORT=5006 diff --git a/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bob.env b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bob.env new file mode 100644 index 00000000..9a86a397 --- /dev/null +++ b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bob.env @@ -0,0 +1,25 @@ +CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24" +CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636" +CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8" + +# SET ME! Your on-chain private key. +#CERC_NITRO_CHAIN_PK= + +# Default is CERC_NITRO_CHAIN_PK. +#CERC_NITRO_PK= + +# SET ME! The WebSocket to connect to. +#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/ + +CERC_GO_NITRO_WAIT_FOR_CHAIN=false + +CERC_NITRO_AUTH_ON=true +CERC_NITRO_AUTH_RPC_PORT=4007 +CERC_NITRO_AUTH_UI_PORT=4207 +CERC_NITRO_BOOT_PEERS="/dns4/go-nitro-bootnode/tcp/3008/p2p/16Uiu2HAmFYz5YPf3GtkfQsAwYJfDsKSm34U9qAiTwxW7RJUVGMRK" +CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store +CERC_NITRO_MSG_PORT=3007 +CERC_NITRO_RPC_PORT=4007 +CERC_NITRO_UI_PORT=4107 +CERC_NITRO_USE_DURABLE_STORE=true +CERC_NITRO_WS_MSG_PORT=5007 diff --git a/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bootnode.env b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bootnode.env new file mode 100644 index 00000000..9d5a0fa5 --- /dev/null +++ b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/bootnode.env @@ -0,0 +1,23 @@ +CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24" +CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636" +CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8" + +CERC_NITRO_CHAIN_PK=596db2ac27479cfdf60f708bf64ae44a1c5090e9446cca011d72bc9a59b47d3d +CERC_NITRO_PK=f41086394674cf00a66448c6688295d7330af39f6f38fed89ea023e39382d6a0 + +# The WebSocket to connect to. +#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/ + +CERC_GO_NITRO_WAIT_FOR_CHAIN=false + +CERC_NITRO_AUTH_ON=false +CERC_NITRO_AUTH_RPC_PORT=4008 +CERC_NITRO_AUTH_UI_PORT=4208 +CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store +CERC_NITRO_MSG_PORT=3008 +CERC_NITRO_RPC_PORT=4008 +CERC_NITRO_UI_PORT=4108 +CERC_NITRO_USE_DURABLE_STORE=true +CERC_NITRO_WS_MSG_PORT=5008 + +CERC_SCRIPT_DEBUG=true \ No newline at end of file diff --git a/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/caddy/Caddyfile b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/caddy/Caddyfile new file mode 100644 index 00000000..0d33d962 --- /dev/null +++ b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/caddy/Caddyfile @@ -0,0 +1,42 @@ +:80 { + handle /pay* { + reverse_proxy http://go-nitro-bob:8547 + } + + @eth-key-in-header { + path_regexp /eth/?$ + header X-Api-Key * + } + + handle @eth-key-in-header { + forward_auth go-nitro-bob:8547 { + uri /auth/{header.x-api-key} + } + rewrite * / + reverse_proxy https://rpc.sepolia.linea.build:443 { + header_up Host {upstream_hostport} + } + } + + @eth-key-in-path { + path_regexp apikey eth/(.+)$ + } + + handle @eth-key-in-path { + forward_auth go-nitro-bob:8547 { + uri /auth/{re.apikey.1} + } + rewrite * / + reverse_proxy https://rpc.sepolia.linea.build:443 { + header_up Host {upstream_hostport} + } + } + + handle /eth* { + respond "401 Unauthorized" 401 + } + + handle { + reverse_proxy http://go-nitro-alice:4206 + } +} \ No newline at end of file diff --git a/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/deployment/nitro-addresses.json b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/deployment/nitro-addresses.json new file mode 100644 index 00000000..6d271589 --- /dev/null +++ b/stack_orchestrator/data/config/linea-testnet-go-nitro-auth/deployment/nitro-addresses.json @@ -0,0 +1,5 @@ +{ + "nitroAdjudicatorAddress": "0xc453C5E3f304bb545A3Df7bBa02fe6274A056636", + "virtualPaymentAppAddress": "0xA11af80D75b1150631FA78178c94fa451c7172a8", + "consensusAppAddress": "0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24" +} \ No newline at end of file diff --git a/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile b/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile index 331cadad..e33da5bc 100644 --- a/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile +++ b/stack_orchestrator/data/container-build/cerc-go-nitro/Dockerfile @@ -25,7 +25,7 @@ RUN yarn build FROM node:18-bullseye-slim RUN apt-get update -RUN apt-get install -y ca-certificates jq netcat make +RUN apt-get install -y ca-certificates jq netcat make curl wget RUN rm -rf /var/lib/apt/lists/* RUN npm install -g http-server WORKDIR /app diff --git a/stack_orchestrator/data/stacks/linea-testnet-nitro-auth/stack.yml b/stack_orchestrator/data/stacks/linea-testnet-nitro-auth/stack.yml new file mode 100644 index 00000000..46da5efc --- /dev/null +++ b/stack_orchestrator/data/stacks/linea-testnet-nitro-auth/stack.yml @@ -0,0 +1,11 @@ +version: "1.0" +name: linea-testnet-nitro-auth +description: "Stack to demonstrate payments between various services" +repos: + # nitro repo + - github.com/cerc-io/go-nitro@telackey/update +containers: + # nitro + - cerc/go-nitro +pods: + - linea-testnet-go-nitro-auth \ No newline at end of file