Skip to content

Commit

Permalink
Merge branch 'containers-unpriv-user' into custom-node
Browse files Browse the repository at this point in the history
  • Loading branch information
@poupas
poupas committed Sep 10, 2021
2 parents 7944c9c + 8e54314 commit e745b5f
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 20 deletions.
4 changes: 3 additions & 1 deletion amd64/rp-smartnode-install/network/mainnet/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ services:
container_name: ${COMPOSE_PROJECT_NAME}_node
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:z
- /var/run/docker.sock:/var/run/docker.sock
- .:/.rocketpool:z
networks:
- net
Expand All @@ -56,6 +56,8 @@ services:
- dac_override
security_opt:
- no-new-privileges
# Required to access the Docker socket on SELinux enforcing environments
- label=disable
watchtower:
image: ${SMARTNODE_IMAGE}
container_name: ${COMPOSE_PROJECT_NAME}_watchtower
Expand Down
4 changes: 3 additions & 1 deletion amd64/rp-smartnode-install/network/prater/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ services:
container_name: ${COMPOSE_PROJECT_NAME}_node
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:z
- /var/run/docker.sock:/var/run/docker.sock
- .:/.rocketpool:z
networks:
- net
Expand All @@ -56,6 +56,8 @@ services:
- dac_override
security_opt:
- no-new-privileges
# Required to access the Docker socket on SELinux enforcing environments
- label=disable
watchtower:
image: ${SMARTNODE_IMAGE}
container_name: ${COMPOSE_PROJECT_NAME}_watchtower
Expand Down
20 changes: 11 additions & 9 deletions arm64/rp-smartnode-install/network/mainnet/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ services:
- "${ETH1_P2P_PORT:-30303}:${ETH1_P2P_PORT:-30303}/tcp"
volumes:
- eth1clientdata:/ethclient
- ./chains/eth1:/setup:ro,Z
- ./chains/eth1:/setup:ro,z
networks:
- net
environment:
Expand Down Expand Up @@ -38,9 +38,9 @@ services:
- "${ETH2_P2P_PORT:-9001}:${ETH2_P2P_PORT:-9001}/tcp"
- "${ETH2_P2P_PORT:-9001}:${ETH2_P2P_PORT:-9001}/udp"
volumes:
- ./data/validators:/validators:Z
- ./data/validators:/validators:z
- eth2clientdata:/ethclient
- ./chains/eth2:/setup:ro,Z
- ./chains/eth2:/setup:ro,z
networks:
- net
environment:
Expand All @@ -66,8 +66,8 @@ services:
restart: unless-stopped
stop_grace_period: 3m
volumes:
- ./data/validators:/validators:Z
- ./chains/eth2:/setup:ro,Z
- ./data/validators:/validators:z
- ./chains/eth2:/setup:ro,z
networks:
- net
environment:
Expand All @@ -90,7 +90,7 @@ services:
stop_signal: SIGKILL
stop_grace_period: 1s
volumes:
- .:/.rocketpool:Z
- .:/.rocketpool:z
networks:
- net
depends_on:
Expand All @@ -108,8 +108,8 @@ services:
container_name: ${COMPOSE_PROJECT_NAME}_node
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:Z
- .:/.rocketpool:Z
- /var/run/docker.sock:/var/run/docker.sock
- .:/.rocketpool:z
networks:
- net
command: "-m 0.0.0.0 -r ${NODE_METRICS_PORT:-9102} node"
Expand All @@ -122,12 +122,14 @@ services:
- dac_override
security_opt:
- no-new-privileges
# Required to access the Docker socket on SELinux enforcing environments
- label=disable
watchtower:
image: ${SMARTNODE_IMAGE}
container_name: ${COMPOSE_PROJECT_NAME}_watchtower
restart: unless-stopped
volumes:
- .:/.rocketpool:Z
- .:/.rocketpool:z
networks:
- net
command: "watchtower"
Expand Down
20 changes: 11 additions & 9 deletions arm64/rp-smartnode-install/network/prater/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ services:
- "${ETH1_P2P_PORT:-30303}:${ETH1_P2P_PORT:-30303}/tcp"
volumes:
- eth1clientdata:/ethclient
- ./chains/eth1:/setup:ro,Z
- ./chains/eth1:/setup:ro,z
networks:
- net
environment:
Expand Down Expand Up @@ -38,9 +38,9 @@ services:
- "${ETH2_P2P_PORT:-9001}:${ETH2_P2P_PORT:-9001}/tcp"
- "${ETH2_P2P_PORT:-9001}:${ETH2_P2P_PORT:-9001}/udp"
volumes:
- ./data/validators:/validators:Z
- ./data/validators:/validators:z
- eth2clientdata:/ethclient
- ./chains/eth2:/setup:ro,Z
- ./chains/eth2:/setup:ro,z
networks:
- net
environment:
Expand All @@ -66,8 +66,8 @@ services:
restart: unless-stopped
stop_grace_period: 3m
volumes:
- ./data/validators:/validators:Z
- ./chains/eth2:/setup:ro,Z
- ./data/validators:/validators:z
- ./chains/eth2:/setup:ro,z
networks:
- net
environment:
Expand All @@ -90,7 +90,7 @@ services:
stop_signal: SIGKILL
stop_grace_period: 1s
volumes:
- .:/.rocketpool:Z
- .:/.rocketpool:z
networks:
- net
depends_on:
Expand All @@ -108,8 +108,8 @@ services:
container_name: ${COMPOSE_PROJECT_NAME}_node
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:Z
- .:/.rocketpool:Z
- /var/run/docker.sock:/var/run/docker.sock
- .:/.rocketpool:z
networks:
- net
command: "-m 0.0.0.0 -r ${NODE_METRICS_PORT:-9102} node"
Expand All @@ -122,12 +122,14 @@ services:
- dac_override
security_opt:
- no-new-privileges
# Required to access the Docker socket on SELinux enforcing environments
- label=disable
watchtower:
image: ${SMARTNODE_IMAGE}
container_name: ${COMPOSE_PROJECT_NAME}_watchtower
restart: unless-stopped
volumes:
- .:/.rocketpool:Z
- .:/.rocketpool:z
networks:
- net
command: "watchtower"
Expand Down

0 comments on commit e745b5f

Please sign in to comment.