diff --git a/docs/.vuepress/styles/index.scss b/docs/.vuepress/styles/index.scss index 0331b82ccbd..68e67f7f215 100644 --- a/docs/.vuepress/styles/index.scss +++ b/docs/.vuepress/styles/index.scss @@ -210,6 +210,13 @@ iframe { text-decoration: none; } +.theme-hope-content { + ol,ul { + padding-left: 1.2rem; + list-style: revert; + } +} + .vp-page-nav { max-width: var(--max-width); } diff --git a/docs/subquery_network/node_operators/setup/becoming-a-node-operator.md b/docs/subquery_network/node_operators/setup/becoming-a-node-operator.md index daabe230104..f637e40e66c 100644 --- a/docs/subquery_network/node_operators/setup/becoming-a-node-operator.md +++ b/docs/subquery_network/node_operators/setup/becoming-a-node-operator.md @@ -8,18 +8,18 @@ Node Operators can run either data indexing projects or RPC endpoints for the ne Let's take an overview of the basic steps involved in the process: -| Steps | Process Flow | -| -------------------------------------------------------------------- | -------------------------------------------------------------------------------- | -| [Step 1](#1-deploy-node-operator-services) | Setup & Start your Node Operator services locally in Docker or on an external VM | -| [Step 2](#2-setup-ssl-on-your-new-server-and-consult-security-guide) | Setup SSL on your new server and consult security guide | -| [Step 3](#3-register-in-the-node-operator-admin-app) | Register yourself as a Node Operator to the Network | -| [Step 4](#4-index-or-sync-a-project) | Index a project or sync an RPC endpoint | -| [Step 5](#5-create-a-plan-from-a-plan-template) | Create a Plan from a Plan Template | -| [Step 6](#6-configure-a-node-operator-commission-rate-nocr) | Set a Node Operator Commission Rate | -| [Step 7](#7-allocate-your-sqt-stake-to-start-receiving-rewards) | Allocate your SQT to start receiving rewards | -| [Step 8](#8-troubleshooting-and-faqs) | Troubleshooting and FAQs | -| [Step 9](#9-setting-up-a-grafana-dashboard-optional) | Optional: Setting up a Grafana Dashboard | -| [Step 10](#10-upgrade-node-operator-services-ongoing) | Ongoing: Update Node Operator Services | +| Steps | Process Flow | +| --------------------------------------------------------------- | -------------------------------------------------------------------------------- | +| [Step 1](#1-deploy-node-operator-services) | Setup & Start your Node Operator services locally in Docker or on an external VM | +| [Step 2](#2-setup-proxy-endpoint-to-public) | Setup Proxy Endpoint to public | +| [Step 3](#3-register-in-the-node-operator-admin-app) | Register yourself as a Node Operator to the Network | +| [Step 4](#4-index-or-sync-a-project) | Index a project or sync an RPC endpoint | +| [Step 5](#5-create-a-plan-from-a-plan-template) | Create a Plan from a Plan Template | +| [Step 6](#6-configure-a-node-operator-commission-rate-nocr) | Set a Node Operator Commission Rate | +| [Step 7](#7-allocate-your-sqt-stake-to-start-receiving-rewards) | Allocate your SQT to start receiving rewards | +| [Step 8](#8-troubleshooting-and-faqs) | Troubleshooting and FAQs | +| [Step 9](#9-setting-up-a-grafana-dashboard-optional) | Optional: Setting up a Grafana Dashboard | +| [Step 10](#10-upgrade-node-operator-services-ongoing) | Ongoing: Update Node Operator Services | ## 1. Deploy Node Operator Services @@ -70,8 +70,8 @@ This will overwrite the existing docker-compose.yml file. Always use the latest | Service | Version Tag | | :-------------------------------------------------------------------------------------------------- | :---------- | -| [subquerynetwork/indexer-coordinator](https://hub.docker.com/r/subquerynetwork/indexer-coordinator) | `v2.0.7` | -| [subquerynetwork/indexer-proxy](https://hub.docker.com/r/subquerynetwork/indexer-proxy) | `v2.1.0` | +| [subquerynetwork/indexer-coordinator](https://hub.docker.com/r/subquerynetwork/indexer-coordinator) | `v2.7.0` | +| [subquerynetwork/indexer-proxy](https://hub.docker.com/r/subquerynetwork/indexer-proxy) | `v2.7.1` | ::: warning Important @@ -85,9 +85,28 @@ Pay attention to the versions of `indexer-coordinator` and `indexer-proxy`, you ::: -## 2. Setup SSL on your New Server and Consult Security Guide +## 2. Setup Proxy Endpoint to public -We highly recommend setting up SSL on your new server and [consulting our security guide carefully](./security-guide.md). You will be penalised for not setting up SSL, firewalls, or following our security guidelines. +After running the docker-compose, you can access proxy endpoint via `http://localhost/healthy`. You need to make this endpoint publicaly accessible, we will use Nginx to do this. + +1. Download Nginx: `sudo apt-get install nginx` +2. Create a Nginx config: `mkdir nginx && touch $_/nginx.conf` +3. Update `nginx/nginx.conf` to add a reverse proxy to our proxy endpoint. + +``` +server { + listen 80; + location / { + proxy_pass http://localhost/; # The proxy endpoint. + } +} +``` + +4. Copy to `conf.d`: `sudo cp nginx/nginx.conf /etc/nginx/conf.d/` +5. Start Nginx: `sudo systemctl start nginx` or `sudo systemctl reload nginx` +6. Test via `curl http://your_ip_or_domain`. + +We highly recommend setting up SSL on your new server and [consulting our security guide carefully](./security-guide.md). You may be penalised for not setting up SSL, firewalls, or following our security guidelines. ## 3. Register in the Node Operator Admin App diff --git a/docs/subquery_network/node_operators/setup/security-guide.md b/docs/subquery_network/node_operators/setup/security-guide.md index 4a3f1e21e7e..e907fa56756 100644 --- a/docs/subquery_network/node_operators/setup/security-guide.md +++ b/docs/subquery_network/node_operators/setup/security-guide.md @@ -37,7 +37,7 @@ sudo wget -O /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/ra sudo chmod +x /usr/local/bin/ufw-docker ``` -Then using the following command to modify the `after.rules`` file of `ufw`` +Then using the following command to modify the ` after.rules`` file of `ufw`` ```bash ufw-docker install @@ -141,23 +141,20 @@ then restart the `indexer-proxy` container docker-compose up -d ``` -3.4. Config NGINX: Edit your NGINX configuration to add the following (e.g. it would usually be at `/etc/nginx/sites-available/proxy.mysqindexer.com`) +3.4. Config Nginx: Edit your Nginx configuration (usually found at `/etc/nginx/conf.d/proxy.mysqindexer.com.conf`, create one if it does not exist) to add the following: ```shell -# /etc/nginx/sites-available/proxy.mysqindexer.com +# /etc/nginx/conf.d/proxy.mysqindexer.com.conf server { listen 80; - server_name proxy.mysqindexer.com; // update the server name to match your DNS address + server_name proxy.mysqindexer.com; # update the server name to match your DNS address location / { proxy_pass http://127.0.0.1:1080; } } - -# link the new configuration with a symlink to your edited file -sudo ln -s /etc/nginx/sites-available/proxy.mysqindexer.com /etc/nginx/sites-enabled/proxy.mysqindexer.com ``` ### 4. Run Certbot @@ -188,6 +185,22 @@ sudo certbot --nginx -d proxy.mysqindexer.com # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ``` +4.1 Edit the Nginx config with a new SSL certificate and open port 443: + +``` +server { + listen 443 ssl; + listen [::]:443 ssl; + ssl_certificate /etc/letsencrypt/live/proxy.mysqindexer.com/fullchain.pem; # the path generated by certbot + ssl_certificate_key /etc/letsencrypt/live/proxy.mysqindexer.com/privkey.pem; # the path generated by certbot + server_name proxy.mysqindexer.com; + + location / { + proxy_pass http://localhost:1080; + } +} +``` + ### 5. Enable HTTP2 It's important that you enable HTTP2. This significantly improves query performance across the SubQuery Network, and will likely be required at some point in the future. @@ -213,7 +226,7 @@ Before applying the changes, test your new Nginx configuration by running `nginx ### 6. Update your Node Operator metadata -Set the `Proxy Server Endpoint` to `https://proxy.mysqindexer.com` +Set the `Proxy Endpoint` to `https://proxy.mysqindexer.com` ## Community Solutions