Linea Sepolia Testnet-based Nitro Auth

This commit is contained in:
Thomas E Lackey 2024-04-01 15:53:01 -05:00
parent 80b299c1e5
commit 36e89b5a78
9 changed files with 261 additions and 17 deletions

View File

@ -0,0 +1,91 @@
version: '3.7'
services:
go-nitro-alice:
image: cerc/go-nitro:local
hostname: go-nitro-alice
restart: on-failure
depends_on:
- go-nitro-bootnode
env_file:
- ../config/linea-testnet-go-nitro-auth/alice.env
entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
volumes:
- nitro_deployment:/app/deployment
- go_nitro_data_alice:/app/data
- ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
healthcheck:
test: ["CMD", "nc", "-vz", "localhost", "4006"]
interval: 5s
timeout: 5s
retries: 100
start_period: 100s
ports:
- "3006:3006"
- "4006:4006"
- "5006:5006"
- "4106:4106"
- "4206:4206"
- "4216:4216"
go-nitro-bob:
image: cerc/go-nitro:local
hostname: go-nitro-bob
restart: on-failure
depends_on:
- go-nitro-bootnode
env_file:
- ../config/linea-testnet-go-nitro-auth/bob.env
entrypoint: ["bash", "-c", "/app/run-nitro-node.sh"]
volumes:
- nitro_deployment:/app/deployment
- go_nitro_data_bob:/app/data
- ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
healthcheck:
test: ["CMD", "nc", "-vz", "localhost", "4007"]
interval: 5s
timeout: 5s
retries: 100
start_period: 100s
ports:
- "3007:3007"
- "4007:4007"
- "5007:5007"
- "4107:4107"
- "4207:4207"
- "4217:4217"
go-nitro-bootnode:
image: cerc/go-nitro:local
hostname: go-nitro-bootnode
restart: on-failure
env_file:
- ../config/linea-testnet-go-nitro-auth/bootnode.env
entrypoint: [ "bash", "-c", "/app/run-nitro-node.sh" ]
volumes:
- nitro_deployment:/app/deployment
- go_nitro_data_bootnode:/app/data
- ../config/go-nitro/run-nitro-node.sh:/app/run-nitro-node.sh
healthcheck:
test: [ "CMD", "nc", "-vz", "localhost", "4008" ]
interval: 5s
timeout: 5s
retries: 100
start_period: 100s
nitro-caddy:
image: caddy:2-alpine
restart: always
volumes:
- ../config/linea-testnet-go-nitro-auth/caddy/Caddyfile:/etc/caddy/Caddyfile
ports:
- "5678:80"
depends_on:
- go-nitro-alice
- go-nitro-bob
volumes:
go_nitro_data_alice:
go_nitro_data_bob:
go_nitro_data_bootnode:
nitro_deployment:

View File

@ -4,6 +4,11 @@ if [ -n "$CERC_SCRIPT_DEBUG" ]; then
set -x
fi
if [ -z "$CERC_NITRO_CHAIN_PK" ] || [ -z "$CERC_NITRO_CHAIN_URL" ]; then
echo "You most set both CERC_NITRO_CHAIN_PK and CERC_NITRO_CHAIN_URL." 1>&2
exit 1
fi
nitro_addresses_file="/app/deployment/nitro-addresses.json"
# Check if CERC_NA_ADDRESS environment variable is set
@ -29,23 +34,25 @@ fi
echo "Running Nitro node"
# Assuming CERC_NITRO_CHAIN_URL is of format <ws|http>://host:port
ws_host=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 1)
ws_port=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 2)
if [[ "${CERC_GO_NITRO_WAIT_FOR_CHAIN:-true}" == "true" ]]; then
# Assuming CERC_NITRO_CHAIN_URL is of format <ws|http>://host:port
ws_host=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 1 | cut -d'/' -f 1)
ws_port=$(echo "$CERC_NITRO_CHAIN_URL" | awk -F '://' '{print $2}' | cut -d ':' -f 2)
# Wait till chain endpoint is available
retry_interval=5
while true; do
nc -z -w 1 "$ws_host" "$ws_port"
# Wait till chain endpoint is available
retry_interval=5
while true; do
nc -z -w 1 "$ws_host" "$ws_port"
if [ $? -eq 0 ]; then
echo "Chain endpoint is available"
break
fi
if [ $? -eq 0 ]; then
echo "Chain endpoint is available"
break
fi
echo "Chain endpoint not yet available, retrying in $retry_interval seconds..."
sleep $retry_interval
done
echo "Chain endpoint not yet available, retrying in $retry_interval seconds..."
sleep $retry_interval
done
fi
if [[ -n "$CERC_NITRO_UI_PORT" ]] && [[ -d "/app-node/packages/nitro-gui/dist" ]]; then
for f in `ls /app-node/packages/nitro-gui/dist/assets/*.js`; do
@ -67,6 +74,20 @@ if [[ "$CERC_NITRO_AUTH_ON" == "true" ]] && [[ -d "/app-node/packages/nitro-auth
bash -c "sleep 6 && cd /app-node/packages/nitro-auth && yarn start" &
fi
if [[ -z "$CERC_CHAIN_START_BLOCK" ]]; then
if [[ ! -f "/app/deployment/chainstartblock.json" ]]; then
curl --location "$(echo $CERC_NITRO_CHAIN_URL | sed 's/^ws/http/' | sed 's#/ws/#/#')" \
--header 'Content-Type: application/json' \
--data '{
"jsonrpc": "2.0",
"id": 124,
"method": "eth_blockNumber",
"params": []
}' > /app/deployment/chainstartblock.json
fi
CERC_CHAIN_START_BLOCK=$(printf "%d" `cat /app/deployment/chainstartblock.json | jq -r '.result'`)
fi
cd /app
./nitro \
-chainurl ${CERC_NITRO_CHAIN_URL} \
@ -74,11 +95,12 @@ cd /app
-rpcport ${CERC_NITRO_RPC_PORT} \
-wsmsgport ${CERC_NITRO_WS_MSG_PORT} \
-publicip "0.0.0.0" \
-pk ${CERC_NITRO_PK} \
-pk ${CERC_NITRO_PK:-$CERC_NITRO_CHAIN_PK} \
-chainpk ${CERC_NITRO_CHAIN_PK} \
-naaddress ${NA_ADDRESS} \
-vpaaddress ${VPA_ADDRESS} \
-caaddress ${CA_ADDRESS} \
-usedurablestore=${CERC_NITRO_USE_DURABLE_STORE} \
-durablestorefolder ${CERC_NITRO_DURABLE_STORE_FOLDER} \
-bootpeers "${CERC_NITRO_BOOT_PEERS}"
-bootpeers "${CERC_NITRO_BOOT_PEERS}" \
-chainstartblock $CERC_CHAIN_START_BLOCK

View File

@ -0,0 +1,25 @@
CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24"
CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636"
CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8"
# SET ME! Your on-chain private key.
#CERC_NITRO_CHAIN_PK=<MY_PK_GOES_HERE>
# Default is CERC_NITRO_CHAIN_PK.
#CERC_NITRO_PK=<MY_PK_GOES_HERE>
# SET ME! The WebSocket to connect to.
#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/<MY_API_KEY_GOES_HERE>
CERC_GO_NITRO_WAIT_FOR_CHAIN=false
CERC_NITRO_AUTH_ON=false
CERC_NITRO_AUTH_RPC_PORT=4006
CERC_NITRO_AUTH_UI_PORT=4206
CERC_NITRO_BOOT_PEERS="/dns4/go-nitro-bootnode/tcp/3008/p2p/16Uiu2HAmFYz5YPf3GtkfQsAwYJfDsKSm34U9qAiTwxW7RJUVGMRK"
CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store
CERC_NITRO_MSG_PORT=3006
CERC_NITRO_RPC_PORT=4006
CERC_NITRO_UI_PORT=4106
CERC_NITRO_USE_DURABLE_STORE=true
CERC_NITRO_WS_MSG_PORT=5006

View File

@ -0,0 +1,25 @@
CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24"
CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636"
CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8"
# SET ME! Your on-chain private key.
#CERC_NITRO_CHAIN_PK=<MY_PK_GOES_HERE>
# Default is CERC_NITRO_CHAIN_PK.
#CERC_NITRO_PK=<MY_PK_GOES_HERE>
# SET ME! The WebSocket to connect to.
#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/<MY_API_KEY_GOES_HERE>
CERC_GO_NITRO_WAIT_FOR_CHAIN=false
CERC_NITRO_AUTH_ON=true
CERC_NITRO_AUTH_RPC_PORT=4007
CERC_NITRO_AUTH_UI_PORT=4207
CERC_NITRO_BOOT_PEERS="/dns4/go-nitro-bootnode/tcp/3008/p2p/16Uiu2HAmFYz5YPf3GtkfQsAwYJfDsKSm34U9qAiTwxW7RJUVGMRK"
CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store
CERC_NITRO_MSG_PORT=3007
CERC_NITRO_RPC_PORT=4007
CERC_NITRO_UI_PORT=4107
CERC_NITRO_USE_DURABLE_STORE=true
CERC_NITRO_WS_MSG_PORT=5007

View File

@ -0,0 +1,23 @@
CERC_CA_ADDRESS="0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24"
CERC_NA_ADDRESS="0xc453C5E3f304bb545A3Df7bBa02fe6274A056636"
CERC_VPA_ADDRESS="0xA11af80D75b1150631FA78178c94fa451c7172a8"
CERC_NITRO_CHAIN_PK=596db2ac27479cfdf60f708bf64ae44a1c5090e9446cca011d72bc9a59b47d3d
CERC_NITRO_PK=f41086394674cf00a66448c6688295d7330af39f6f38fed89ea023e39382d6a0
# The WebSocket to connect to.
#CERC_NITRO_CHAIN_URL=wss://linea-sepolia.infura.io/ws/v3/<MY_API_KEY_GOES_HERE>
CERC_GO_NITRO_WAIT_FOR_CHAIN=false
CERC_NITRO_AUTH_ON=false
CERC_NITRO_AUTH_RPC_PORT=4008
CERC_NITRO_AUTH_UI_PORT=4208
CERC_NITRO_DURABLE_STORE_FOLDER=/app/data/nitro-store
CERC_NITRO_MSG_PORT=3008
CERC_NITRO_RPC_PORT=4008
CERC_NITRO_UI_PORT=4108
CERC_NITRO_USE_DURABLE_STORE=true
CERC_NITRO_WS_MSG_PORT=5008
CERC_SCRIPT_DEBUG=true

View File

@ -0,0 +1,42 @@
:80 {
handle /pay* {
reverse_proxy http://go-nitro-bob:8547
}
@eth-key-in-header {
path_regexp /eth/?$
header X-Api-Key *
}
handle @eth-key-in-header {
forward_auth go-nitro-bob:8547 {
uri /auth/{header.x-api-key}
}
rewrite * /
reverse_proxy https://rpc.sepolia.linea.build:443 {
header_up Host {upstream_hostport}
}
}
@eth-key-in-path {
path_regexp apikey eth/(.+)$
}
handle @eth-key-in-path {
forward_auth go-nitro-bob:8547 {
uri /auth/{re.apikey.1}
}
rewrite * /
reverse_proxy https://rpc.sepolia.linea.build:443 {
header_up Host {upstream_hostport}
}
}
handle /eth* {
respond "401 Unauthorized" 401
}
handle {
reverse_proxy http://go-nitro-alice:4206
}
}

View File

@ -0,0 +1,5 @@
{
"nitroAdjudicatorAddress": "0xc453C5E3f304bb545A3Df7bBa02fe6274A056636",
"virtualPaymentAppAddress": "0xA11af80D75b1150631FA78178c94fa451c7172a8",
"consensusAppAddress": "0x1Ae815c3e7556e16ceaB6B6d46306C1870EB6d24"
}

View File

@ -25,7 +25,7 @@ RUN yarn build
FROM node:18-bullseye-slim
RUN apt-get update
RUN apt-get install -y ca-certificates jq netcat make
RUN apt-get install -y ca-certificates jq netcat make curl wget
RUN rm -rf /var/lib/apt/lists/*
RUN npm install -g http-server
WORKDIR /app

View File

@ -0,0 +1,11 @@
version: "1.0"
name: linea-testnet-nitro-auth
description: "Stack to demonstrate payments between various services"
repos:
# nitro repo
- github.com/cerc-io/go-nitro@telackey/update
containers:
# nitro
- cerc/go-nitro
pods:
- linea-testnet-go-nitro-auth