- ubuntu machine with docker
- have
charon-distributed-validator-node
repo installed - completed DKG
- EL client + lighthouse synced and running
Make sure you have a full .charon
folder
charon-enr-private-key
filecluster-lock.json
filedeposit-data.json
filevalidator_keys
folder (with at least 1 key in there)
make sure directory has enough permissions:
$ cd ~/charon-distributed-validator-node
$ sudo chmod -R 777 .charon
$ cp docker-compose.override.yml.sample docker-compose.override.yml
$ nano docker-compose.override.yml
Then disable geth
and lighthouse
in the override file (by uncommenting lines as below):
services:
geth:
# Disable geth
profiles: [disable]
# Bind geth internal ports to host ports
#ports:
#- 8545:8545 # JSON-RPC
#- 8551:8551 # AUTH-RPC
#- 6060:6060 # Metrics
lighthouse:
# Disable lighthouse
profiles: [disable]
# Bind lighthouse internal ports to host ports
#ports:
#- 5052:5052 # HTTP
#- 5054:5054 # Metrics
when geth
and lighthouse
are disabled as above save and exit CTRL + O + ENTER
and CTRL + X
$ nano docker-compose.yml
We need to add this to the end of every service in docker-compose.yml
file (except geth
and lighthouse
which have been disabled)
extra_hosts:
- "host.docker.internal:host-gateway"
Add that to the end of the charon
lodestar
mev-boost
grafana
and prometheus
services in the file. When it looks good, save and exit CTRL + O + ENTER
and CTRL + X
$ cp .env.sample .env
$ nano .env
in the .env file we need to uncomment and set some env variables.
set the network to mainnet:
NETWORK=mainnet
set the charon endpoint:
CHARON_BEACON_NODE_ENDPOINTS=http://host.docker.internal:5052
when these env vars are set, save and exit CTRL + O + ENTER
and CTRL + X
$ sudo ufw status numbered
it should look like this
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 30303 ALLOW IN Anywhere
[ 3] 9000 ALLOW IN Anywhere
[ 4] 3600 ALLOW IN Anywhere
[ 5] 3610 ALLOW IN Anywhere
[ 6] 5052 ALLOW IN Anywhere
[ 7] 3000 ALLOW IN Anywhere
[ 8] 22/tcp (v6) ALLOW IN Anywhere (v6)
[ 9] 30303 (v6) ALLOW IN Anywhere (v6)
[10] 9000 (v6) ALLOW IN Anywhere (v6)
[11] 3600 (v6) ALLOW IN Anywhere (v6)
[12] 3610 (v6) ALLOW IN Anywhere (v6)
[13] 5052 (v6) ALLOW IN Anywhere (v6)
[14] 3000 (v6) ALLOW IN Anywhere (v6)
your ssh port (22
here) plus 30303
9000
3600
3610
5052
3000
should all be open
if some of these are not open then explicitly allow with e.g.
$ sudo ufw allow 5052
Lighthouse service file needs to run http server listening on address 0.0.0.0
explicitly
$ sudo nano /etc/systemd/system/lighthousebeacon.service
The exec command should have this line:
--http --http-address 0.0.0.0 \
Here's what my file looks like (some directories could be different so don't necessarily copy whole file)
[Unit]
Description=Lighthouse Consensus Client BN (Mainnet)
Wants=network-online.target
After=network-online.target
[Service]
User=lighthousebeacon
Group=lighthousebeacon
Type=simple
Restart=always
RestartSec=5
ExecStart=/usr/local/bin/lighthouse bn \
--network mainnet \
--datadir /home/data/lighthouse \
--http --http-address 0.0.0.0 \
--execution-endpoint http://127.0.0.1:8551 \
--execution-jwt /var/lib/jwtsecret/jwt.hex \
--checkpoint-sync-url https://sync-mainnet.beaconcha.in
[Install]
WantedBy=multi-user.target
When the http line looks good, save and exit CTRL + O + ENTER
and CTRL + X
Make sure EL and CL are up and running and synced. If so just run
$ sudo docker compose up
read logs and check for errors. You are done!
for other CL clients its the same process you jsut need to use the port said client uses for rpc instead of 5052
and get teh command line argument for serving the rpc at 0.0.0.0 instead of localhost. Everything else here remains the same!
(e.g. with prysm --grpc-gateway-host 0.0.0.0
is the added flag and port is 3500
in the .env
)