Skip to content

Commit

Permalink
fix: proxy endpoint (#570)
Browse files Browse the repository at this point in the history
  • Loading branch information
@HuberTRoy
HuberTRoy authored Nov 14, 2024
1 parent 649feed commit 5b6ce7b
Show file tree
Hide file tree
Showing 3 changed files with 63 additions and 24 deletions.
7 changes: 7 additions & 0 deletions docs/.vuepress/styles/index.scss
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,13 @@ iframe {
text-decoration: none;
}

.theme-hope-content {
ol,ul {
padding-left: 1.2rem;
list-style: revert;
}
}

.vp-page-nav {
max-width: var(--max-width);
}
Expand Down
51 changes: 35 additions & 16 deletions docs/subquery_network/node_operators/setup/becoming-a-node-operator.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,18 @@ Node Operators can run either data indexing projects or RPC endpoints for the ne

Let's take an overview of the basic steps involved in the process:

| Steps | Process Flow |
| -------------------------------------------------------------------- | -------------------------------------------------------------------------------- |
| [Step 1](#1-deploy-node-operator-services) | Setup & Start your Node Operator services locally in Docker or on an external VM |
| [Step 2](#2-setup-ssl-on-your-new-server-and-consult-security-guide) | Setup SSL on your new server and consult security guide |
| [Step 3](#3-register-in-the-node-operator-admin-app) | Register yourself as a Node Operator to the Network |
| [Step 4](#4-index-or-sync-a-project) | Index a project or sync an RPC endpoint |
| [Step 5](#5-create-a-plan-from-a-plan-template) | Create a Plan from a Plan Template |
| [Step 6](#6-configure-a-node-operator-commission-rate-nocr) | Set a Node Operator Commission Rate |
| [Step 7](#7-allocate-your-sqt-stake-to-start-receiving-rewards) | Allocate your SQT to start receiving rewards |
| [Step 8](#8-troubleshooting-and-faqs) | Troubleshooting and FAQs |
| [Step 9](#9-setting-up-a-grafana-dashboard-optional) | Optional: Setting up a Grafana Dashboard |
| [Step 10](#10-upgrade-node-operator-services-ongoing) | Ongoing: Update Node Operator Services |
| Steps | Process Flow |
| --------------------------------------------------------------- | -------------------------------------------------------------------------------- |
| [Step 1](#1-deploy-node-operator-services) | Setup & Start your Node Operator services locally in Docker or on an external VM |
| [Step 2](#2-setup-proxy-endpoint-to-public) | Setup Proxy Endpoint to public |
| [Step 3](#3-register-in-the-node-operator-admin-app) | Register yourself as a Node Operator to the Network |
| [Step 4](#4-index-or-sync-a-project) | Index a project or sync an RPC endpoint |
| [Step 5](#5-create-a-plan-from-a-plan-template) | Create a Plan from a Plan Template |
| [Step 6](#6-configure-a-node-operator-commission-rate-nocr) | Set a Node Operator Commission Rate |
| [Step 7](#7-allocate-your-sqt-stake-to-start-receiving-rewards) | Allocate your SQT to start receiving rewards |
| [Step 8](#8-troubleshooting-and-faqs) | Troubleshooting and FAQs |
| [Step 9](#9-setting-up-a-grafana-dashboard-optional) | Optional: Setting up a Grafana Dashboard |
| [Step 10](#10-upgrade-node-operator-services-ongoing) | Ongoing: Update Node Operator Services |

## 1. Deploy Node Operator Services

Expand Down Expand Up @@ -70,8 +70,8 @@ This will overwrite the existing docker-compose.yml file. Always use the latest

| Service | Version Tag |
| :-------------------------------------------------------------------------------------------------- | :---------- |
| [subquerynetwork/indexer-coordinator](https://hub.docker.com/r/subquerynetwork/indexer-coordinator) | `v2.0.7` |
| [subquerynetwork/indexer-proxy](https://hub.docker.com/r/subquerynetwork/indexer-proxy) | `v2.1.0` |
| [subquerynetwork/indexer-coordinator](https://hub.docker.com/r/subquerynetwork/indexer-coordinator) | `v2.7.0` |
| [subquerynetwork/indexer-proxy](https://hub.docker.com/r/subquerynetwork/indexer-proxy) | `v2.7.1` |

::: warning Important

Expand All @@ -85,9 +85,28 @@ Pay attention to the versions of `indexer-coordinator` and `indexer-proxy`, you

:::

## 2. Setup SSL on your New Server and Consult Security Guide
## 2. Setup Proxy Endpoint to public

We highly recommend setting up SSL on your new server and [consulting our security guide carefully](./security-guide.md). You will be penalised for not setting up SSL, firewalls, or following our security guidelines.
After running the docker-compose, you can access proxy endpoint via `http://localhost/healthy`. You need to make this endpoint publicaly accessible, we will use Nginx to do this.

1. Download Nginx: `sudo apt-get install nginx`
2. Create a Nginx config: `mkdir nginx && touch $_/nginx.conf`
3. Update `nginx/nginx.conf` to add a reverse proxy to our proxy endpoint.

```
server {
listen 80;
location / {
proxy_pass http://localhost/; # The proxy endpoint.
}
}
```

4. Copy to `conf.d`: `sudo cp nginx/nginx.conf /etc/nginx/conf.d/`
5. Start Nginx: `sudo systemctl start nginx` or `sudo systemctl reload nginx`
6. Test via `curl http://your_ip_or_domain`.

We highly recommend setting up SSL on your new server and [consulting our security guide carefully](./security-guide.md). You may be penalised for not setting up SSL, firewalls, or following our security guidelines.

## 3. Register in the Node Operator Admin App

Expand Down
29 changes: 21 additions & 8 deletions docs/subquery_network/node_operators/setup/security-guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ sudo wget -O /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/ra
sudo chmod +x /usr/local/bin/ufw-docker
```

Then using the following command to modify the `after.rules`` file of `ufw``
Then using the following command to modify the ` after.rules`` file of `ufw``

```bash
ufw-docker install
Expand Down Expand Up @@ -141,23 +141,20 @@ then restart the `indexer-proxy` container
docker-compose up -d
```

3.4. Config NGINX: Edit your NGINX configuration to add the following (e.g. it would usually be at `/etc/nginx/sites-available/proxy.mysqindexer.com`)
3.4. Config Nginx: Edit your Nginx configuration (usually found at `/etc/nginx/conf.d/proxy.mysqindexer.com.conf`, create one if it does not exist) to add the following:

```shell
# /etc/nginx/sites-available/proxy.mysqindexer.com
# /etc/nginx/conf.d/proxy.mysqindexer.com.conf
server {
listen 80;

server_name proxy.mysqindexer.com; // update the server name to match your DNS address
server_name proxy.mysqindexer.com; # update the server name to match your DNS address

location / {
proxy_pass http://127.0.0.1:1080;
}

}

# link the new configuration with a symlink to your edited file
sudo ln -s /etc/nginx/sites-available/proxy.mysqindexer.com /etc/nginx/sites-enabled/proxy.mysqindexer.com
```

### 4. Run Certbot
Expand Down Expand Up @@ -188,6 +185,22 @@ sudo certbot --nginx -d proxy.mysqindexer.com
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
```

4.1 Edit the Nginx config with a new SSL certificate and open port 443:

```
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/proxy.mysqindexer.com/fullchain.pem; # the path generated by certbot
ssl_certificate_key /etc/letsencrypt/live/proxy.mysqindexer.com/privkey.pem; # the path generated by certbot
server_name proxy.mysqindexer.com;
location / {
proxy_pass http://localhost:1080;
}
}
```

### 5. Enable HTTP2

It's important that you enable HTTP2. This significantly improves query performance across the SubQuery Network, and will likely be required at some point in the future.
Expand All @@ -213,7 +226,7 @@ Before applying the changes, test your new Nginx configuration by running `nginx

### 6. Update your Node Operator metadata

Set the `Proxy Server Endpoint` to `https://proxy.mysqindexer.com`
Set the `Proxy Endpoint` to `https://proxy.mysqindexer.com`

## Community Solutions

Expand Down

0 comments on commit 5b6ce7b

Please sign in to comment.