- ubuntu machine with docker
- have
charon-distributed-validator-noderepo installed - completed DKG
- EL client + lighthouse synced and running
Make sure you have a full .charon folder
charon-enr-private-keyfilecluster-lock.jsonfiledeposit-data.jsonfilevalidator_keysfolder (with at least 1 key in there)
make sure directory has enough permissions:
$ cd ~/charon-distributed-validator-node
$ sudo chmod -R 777 .charon
$ cp docker-compose.override.yml.sample docker-compose.override.yml
$ nano docker-compose.override.yml
Then disable geth and lighthouse in the override file (by uncommenting lines as below):
services:
geth:
# Disable geth
profiles: [disable]
# Bind geth internal ports to host ports
#ports:
#- 8545:8545 # JSON-RPC
#- 8551:8551 # AUTH-RPC
#- 6060:6060 # Metrics
lighthouse:
# Disable lighthouse
profiles: [disable]
# Bind lighthouse internal ports to host ports
#ports:
#- 5052:5052 # HTTP
#- 5054:5054 # Metrics
when geth and lighthouse are disabled as above save and exit CTRL + O + ENTER and CTRL + X
$ nano docker-compose.yml
We need to add this to the end of every service in docker-compose.yml file (except geth and lighthouse which have been disabled)
extra_hosts:
- "host.docker.internal:host-gateway"
Add that to the end of the charon lodestar mev-boost grafana and prometheus services in the file. When it looks good, save and exit CTRL + O + ENTER and CTRL + X
$ cp .env.sample .env
$ nano .env
in the .env file we need to uncomment and set some env variables.
set the network to mainnet:
NETWORK=mainnet
set the charon endpoint:
CHARON_BEACON_NODE_ENDPOINTS=http://host.docker.internal:5052
when these env vars are set, save and exit CTRL + O + ENTER and CTRL + X
$ sudo ufw status numbered
it should look like this
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 30303 ALLOW IN Anywhere
[ 3] 9000 ALLOW IN Anywhere
[ 4] 3600 ALLOW IN Anywhere
[ 5] 3610 ALLOW IN Anywhere
[ 6] 5052 ALLOW IN Anywhere
[ 7] 3000 ALLOW IN Anywhere
[ 8] 22/tcp (v6) ALLOW IN Anywhere (v6)
[ 9] 30303 (v6) ALLOW IN Anywhere (v6)
[10] 9000 (v6) ALLOW IN Anywhere (v6)
[11] 3600 (v6) ALLOW IN Anywhere (v6)
[12] 3610 (v6) ALLOW IN Anywhere (v6)
[13] 5052 (v6) ALLOW IN Anywhere (v6)
[14] 3000 (v6) ALLOW IN Anywhere (v6)
your ssh port (22 here) plus 30303 9000 3600 3610 5052 3000 should all be open
if some of these are not open then explicitly allow with e.g.
$ sudo ufw allow 5052
Lighthouse service file needs to run http server listening on address 0.0.0.0 explicitly
$ sudo nano /etc/systemd/system/lighthousebeacon.service
The exec command should have this line:
--http --http-address 0.0.0.0 \
Here's what my file looks like (some directories could be different so don't necessarily copy whole file)
[Unit]
Description=Lighthouse Consensus Client BN (Mainnet)
Wants=network-online.target
After=network-online.target
[Service]
User=lighthousebeacon
Group=lighthousebeacon
Type=simple
Restart=always
RestartSec=5
ExecStart=/usr/local/bin/lighthouse bn \
--network mainnet \
--datadir /home/data/lighthouse \
--http --http-address 0.0.0.0 \
--execution-endpoint http://127.0.0.1:8551 \
--execution-jwt /var/lib/jwtsecret/jwt.hex \
--checkpoint-sync-url https://sync-mainnet.beaconcha.in
[Install]
WantedBy=multi-user.target
When the http line looks good, save and exit CTRL + O + ENTER and CTRL + X
Make sure EL and CL are up and running and synced. If so just run
$ sudo docker compose up
read logs and check for errors. You are done!
for other CL clients its the same process you jsut need to use the port said client uses for rpc instead of 5052 and get teh command line argument for serving the rpc at 0.0.0.0 instead of localhost. Everything else here remains the same!
(e.g. with prysm --grpc-gateway-host 0.0.0.0 is the added flag and port is 3500 in the .env)