Use shared docker network ++

README.md

@@ -135,6 +135,40 @@ Some of the more important settings and credentials include:
 - In `verifier-server-credentials.json` - Set API keys for supported external blockchains (currently BTC, DOGE and XRP). Default templates are configured
 for two API keys.
 
+### 2.2.1 Configure gcloud
+If you are not running the suite in a Google Cloud VM, you need to initialize gcloud to access this vault.
+
+The `attestation-suite` needs access to the Secret Manager in gcloud when using credentials from GoogleCloudSecretManager.
+
+Run:
+
+```bash
+docker run --user root -it attestation-suite bash
+```
+
+Inside Docker bash, run:
+
+```bash
+apt-get install apt-transport-https ca-certificates gnupg -y
+echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
+curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
+apt-get update && apt-get install google-cloud-cli
+```
+
+Follow the instructions and initialize `gcloud`.
+
+Consider creating a service account in Google IAM with the `Secret Manager Secret Accessor` role.
+
+Then run `gcloud auth application-default login --impersonate-service-account <service-account-email>` to initialize application access.
+OR
+run `gcloud auth application-default login` to initialize with your Google account
+
+Then exit Docker bash with `exit` command.
+Get this container's ID with the command `docker ps` and save the image with GCSM initialized with the command:
+```bash
+Docker commit <container-id> attestation-suite
+```
+
 ### 2.3 Prepare Credentials
 
 After credentials have been set up they must be prepared for deployment:
@@ -219,7 +253,7 @@ If you are only deploying indexers, you don't need to configure other configurat
 
 Database credentials for indexers are configured in `*.env` files in `indexers` subfolder. Copy the `btc-indexer.env.example` to `btc-indexer.env` and configure database with the same credentials set in `database-credentials.json`. Configuration is the same for btc and xrp.
 
-Dogecoin indexer is special, Dogecoin node rpc parameters and database credentials need to be set not only in json files in `credentials` folder but also in `doge-indexer.env`.
+Dogecoin indexer is special, Dogecoin node rpc parameters and database credentials need to be set not only in json files in `credentials` folder but also in `indexers/doge-indexer.env`.
 
 To configure if indexers are running on mainnet or testnet copy `indexers/env.example` to `indexers/.env` and set `TESTNET` variable.
 
@@ -241,8 +275,12 @@ Network name must also be set in `attestation-client.env`.
 
 EVM verifier is configured with env variables. Example values are provided in `evm-verifier/env.example`
 
-## Step 4 Running
+### 3.5 Create a docker network for the attestation suite
+```
+docker network create attestation_suite_network
+```
 
+## Step 4 Running
 
 ### 3.1 Starting blockchain nodes
 

indexers/docker-compose-indexer-btc.yaml

@@ -12,6 +12,8 @@ services:
       TESTNET: ${TESTNET}
     depends_on:
       - database
+    networks:
+      - attestation_suite_network
 
   verification-server:
     image: flarefoundation/attestation-client
@@ -28,18 +30,22 @@ services:
       - database
     ports:
       - 9500:9500
+    networks:
+      - attestation_suite_network
 
   database:
     container_name: indexer-btc-database
     image: postgres:16
     ports:
-      - 127.0.0.1:25434:5432
+      - 25434:5432
     restart: unless-stopped
     env_file:
       - btc-indexer.env
     volumes:
       - ./postgres-init:/docker-entrypoint-initdb.d
       - indexer-btc-db:/var/lib/postgresql/data
+    networks:
+      - attestation_suite_network
 
   spammer:
     image: flarefoundation/attestation-client
@@ -51,6 +57,12 @@ services:
     restart: unless-stopped
     environment:
       TESTNET: ${TESTNET}
+    networks:
+      - attestation_suite_network
 
 volumes:
   indexer-btc-db:
+
+networks:
+  attestation_suite_network:
+    external: true

indexers/docker-compose-indexer-doge.yaml

@@ -17,6 +17,8 @@ services:
     #  - database
     ports:
       - 9504:9500
+    networks:
+      - attestation_suite_network
 
   spammer:
     image: flarefoundation/attestation-client
@@ -29,6 +31,8 @@ services:
     environment:
       EXTERNAL: django
       TESTNET: ${TESTNET}
+    networks:
+      - attestation_suite_network
 
 
   postgresdb:
@@ -37,10 +41,12 @@ services:
     env_file:
       - doge-indexer.env
     ports:
-      - 127.0.0.1:25432:5432
+      - 25432:5432
     restart: unless-stopped
     volumes:
       - doge-indexer-postgresdb:/var/lib/postgresql/data
+    networks:
+      - attestation_suite_network
 
   indexer-server:
     container_name: indexer-doge-server
@@ -52,12 +58,14 @@ services:
     env_file:
       - doge-indexer.env
     ports:
-      - 127.0.0.1:8400:8400
+      - 8400:8400
     depends_on:
       - postgresdb
     restart: unless-stopped
     volumes:
       - doge-indexer-static:/appdata/static
+    networks:
+      - attestation_suite_network
 
   indexer-indexer:
     container_name: indexer-doge-index-blocks
@@ -74,6 +82,8 @@ services:
     restart: unless-stopped
     volumes:
       - doge-indexer-static:/appdata/static
+    networks:
+      - attestation_suite_network
 
   indexer-prune:
     container_name: indexer-doge-prune-blocks
@@ -90,7 +100,13 @@ services:
     restart: unless-stopped
     volumes:
       - doge-indexer-static:/appdata/static
+    networks:
+      - attestation_suite_network
 
 volumes:
   doge-indexer-static:
   doge-indexer-postgresdb:
+
+networks:
+  attestation_suite_network:
+    external: true

indexers/docker-compose-indexer-xrp.yaml

@@ -12,6 +12,8 @@ services:
       TESTNET: ${TESTNET}
     depends_on:
       - database
+    networks:
+      - attestation_suite_network
 
   verification-server:
     image: flarefoundation/attestation-client
@@ -28,18 +30,22 @@ services:
       - database
     ports:
       - 9501:9500
+    networks:
+      - attestation_suite_network
 
   database:
     container_name: indexer-xrp-database
     image: postgres:16
     ports:
-      - 127.0.0.1:25433:5432
+      - 25433:5432
     restart: unless-stopped
     env_file:
       - xrp-indexer.env
     volumes:
       - ./postgres-init:/docker-entrypoint-initdb.d
       - indexer-xrp-db:/var/lib/postgresql/data
+    networks:
+      - attestation_suite_network
 
   spammer:
     image: flarefoundation/attestation-client
@@ -51,6 +57,12 @@ services:
     restart: unless-stopped
     environment:
       TESTNET: ${TESTNET}
+    networks:
+      - attestation_suite_network
 
 volumes:
   indexer-xrp-db:
+
+networks:
+  attestation_suite_network:
+    external: true

indexers/doge-indexer.env.example

@@ -24,9 +24,9 @@ CORS_ALLOWED_ORIGINS=https://172.17.0.1
 # ADMIN_PASSWORD=email
 
 # required
-NODE_RPC_URL=http://dogecoin-node:44555/
+NODE_RPC_URL=http://node-mainnet-doge:22555/
 AUTH_USERNAME=admin
-AUTH_PASSWORD=secretpassword
+AUTH_PASSWORD=change_this
 
 # optional
 INDEXER_POLL_INTERVAL=10

nodes-mainnet/btc/docker-compose.yaml

@@ -11,6 +11,12 @@ services:
     volumes:
       - bitcoin-mainnet-data:/opt/bitcoin/.bitcoin/db
       - ./bitcoin.conf:/opt/bitcoin/.bitcoin/bitcoin.conf
+    networks:
+      - attestation_suite_network
 
 volumes:
   bitcoin-mainnet-data:
+
+networks:
+  attestation_suite_network:
+    external: true

nodes-mainnet/doge/docker-compose.yaml

@@ -11,6 +11,12 @@ services:
     volumes:
       - dogecoin-mainnet-data:/opt/dogecoin/.dogecoin/db
       - ./dogecoin.conf:/opt/dogecoin/.dogecoin/dogecoin.conf
+    networks:
+      - attestation_suite_network
 
 volumes:
   dogecoin-mainnet-data:
+
+networks:
+  attestation_suite_network:
+    external: true

nodes-mainnet/eth/beacon.yaml

@@ -21,3 +21,7 @@ jwt-secret: /opt/ethereumd/data/jwt.hex
 # Connection to geth container
 execution-endpoint: http://geth:8551
 
+##############################
+# State sync
+checkpoint-sync-url: https://beaconstate.ethstaker.cc
+genesis-beacon-api-url: https://beaconstate.ethstaker.cc

nodes-mainnet/eth/docker-compose.yaml

@@ -4,7 +4,6 @@ services:
   geth:
     image: ethereum/client-go:stable
     container_name: ethereum
-    user: 10002:10002
     command:
       - --mainnet
       - --datadir=/opt/ethereumd/.ethereum
@@ -21,20 +20,26 @@ services:
     volumes:
       - ./ethdata:/opt/ethereumd/.ethereum
       - ./jwt.hex:/opt/ethereumd/.ethereum/jwt.hex
+    networks:
+      - attestation_suite_network
 
   beacon:
     image: gcr.io/prysmaticlabs/prysm/beacon-chain:stable
     container_name: beacon
-    user: 10002:10002
     command:
       - --mainnet
       - --config-file=/opt/ethereumd/data/beacon.yaml
-      - --checkpoint-sync-url=${CHECKPOINT_URL}
-      - --genesis-beacon-api-url=${CHECKPOINT_URL}
     ports:
       - 3500:3500
       - 12000:12000
     volumes:
       - ./ethdata:/opt/ethereumd/data
       - ./beacon.yaml:/opt/ethereumd/data/beacon.yaml
       - ./jwt.hex:/opt/ethereumd/data/jwt.hex
+    networks:
+      - attestation_suite_network
+
+
+networks:
+  attestation_suite_network:
+    external: true

nodes-mainnet/xrp/docker-compose.yaml

@@ -16,6 +16,12 @@ services:
       - ripple-mainnet-data:/opt/ripple/.ripple/db
       - ./rippled.conf:/opt/ripple/.ripple/rippled.conf
       - ./validators.txt:/opt/ripple/.ripple/validators.txt
+    networks:
+      - attestation_suite_network
 
 volumes:
   ripple-mainnet-data:
+
+networks:
+  attestation_suite_network:
+    external: true