feat: add rpcnode stuff

.github/workflows/push-nyxd-rpcnode.yml

@@ -0,0 +1,47 @@
+name: Build and upload Nyxd rpcnode container to harbor.nymte.ch
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        description: Which version of nyxd-rpcnode is this?
+
+env:
+  WORKING_DIRECTORY: "docker/rpcnode"
+  CONTAINER_NAME: "nyxd-rpcnode"
+
+jobs:
+  build-container:
+    runs-on: arc-ubuntu-22.04-dind
+    steps:
+      - name: Login to Harbor
+        uses: docker/login-action@v3
+        with:
+          registry: harbor.nymte.ch
+          username: ${{ secrets.HARBOR_ROBOT_USERNAME }}
+          password: ${{ secrets.HARBOR_ROBOT_SECRET }}
+
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Configure git identity
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "Lawrence Stalder"
+
+      - name: Remove existing tag if exists
+        run: |
+          if git rev-parse ${{ env.CONTAINER_NAME }}-${{ github.event.inputs.version }} >/dev/null 2>&1; then
+            git push --delete origin ${{ env.CONTAINER_NAME }}-${{ github.event.inputs.version }}
+            git tag -d ${{ env.CONTAINER_NAME }}-${{ github.event.inputs.version }}
+          fi
+
+      - name: Create tag
+        run: |
+          git tag -a ${{ env.CONTAINER_NAME }}-${{ github.event.inputs.version }} -m "Version ${{ github.event.inputs.version }}"
+          git push origin ${{ env.CONTAINER_NAME }}-${{ github.event.inputs.version }}
+
+      - name: BuildAndPushImageOnHarbor
+        run: |
+          docker build -f ${{ env.WORKING_DIRECTORY }}/Dockerfile . -t harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }}:${{ github.event.inputs.version }} -t harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }}:latest
+          docker push harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }} --all-tags

docker/rpcnode/Dockerfile

@@ -0,0 +1,56 @@
+FROM --platform=linux/amd64 ubuntu:24.04
+
+ARG UID=1001
+ARG GID=1001
+ARG NYM_CLI_GIT_TAG=master
+ARG WASMD_VERSION=v0.43.0
+
+ENV NAME=$NAME
+ENV PEERS=$PEERS
+ENV SYNC_BLOCK=$SYNC_BLOCK
+ENV GENESIS_FILE=$GENESIS_FILE
+ENV VALIDATOR_ENDPOINT=$VALIDATOR_ENDPOINT
+
+RUN apt update && apt upgrade -y \
+  && apt -y install ca-certificates jq curl vim wget git screen build-essential unzip
+
+# Set up a nym user
+RUN groupadd -g "${GID}" nym \
+  && useradd --create-home --no-log-init -u "${UID}" -g "${GID}" nym
+
+WORKDIR /root
+
+# Download aws and install other tools needed
+# RUN curl "https://d1vvhvl2y92vvt.cloudfront.net/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
+# RUN unzip awscliv2.zip
+
+# Download nyxd, libwasmvm and nym-cli from our Github releases
+RUN wget https://builds.ci.nymte.ch/${NYM_CLI_GIT_TAG}/nym-cli
+RUN wget https://github.com/nymtech/nyxd/releases/download/${WASMD_VERSION}/nyxd-ubuntu-22.04.tar.gz
+RUN tar -zxvf nyxd-ubuntu-22.04.tar.gz
+RUN rm -f nyxd-ubuntu-22.04.tar.gz
+
+RUN chmod u+x nyxd
+RUN chmod u+x nym-cli
+RUN chmod u+x libwasmvm.x86_64.so
+
+# libwasmvm.so needs to be in this directory to be automatically recognized when running nyxd. Alternative is to update env variables.
+RUN mv libwasmvm*.so /lib/x86_64-linux-gnu/
+
+# Ubuntu 22.04 uses libssl3 instead of 1.1 that nym-cli is built with. This is a quick fix for that so that we don't need to recompile it.
+RUN wget http://nz2.archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb
+RUN ls | grep *.deb
+RUN dpkg -i libssl1.1_1.1.1f-1ubuntu2_amd64.deb
+
+RUN mkdir ".nyxd"
+RUN mkdir output
+RUN chown -R nym:nym ./
+
+VOLUME /root/.nyxd
+VOLUME /root/output
+
+COPY start.sh .
+COPY create_validator.sh .
+RUN chmod u+x *.sh
+
+ENTRYPOINT ["./start.sh"]

docker/rpcnode/create_validator.sh

@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+
+export LD_LIBRARY_PATH="$LD_LIBRARY_PATH":/root
+PASSPHRASE=passphrase
+ADDRESSES_DIRECTORY="/root/output"
+MAIN_NODE_ADMIN_MNEMONIC=$(head -n1 "${ADDRESSES_DIRECTORY}/main_node_admin_mnemonic")
+
+echo "$NAME"
+sleep 10
+
+# Add main validator to the chain
+./nyxd keys add main_validator --recover << EOF
+${MAIN_NODE_ADMIN_MNEMONIC}
+$PASSPHRASE
+$PASSPHRASE
+EOF
+
+# Get the address and nvaloper address of the new validator
+yes "${PASSPHRASE}" | ./nyxd keys show nyxd_admin | grep -o 'address: .*' | awk '{print $2}' >nyxd-admin-address.txt
+./nyxd debug addr "$(cat nyxd-admin-address.txt)" | grep 'Bech32 Val:' | awk '{print $3}' >nvaloper-address.txt
+
+# send unym funds to the new validator address
+echo "Sending unym to the validator"
+yes "${PASSPHRASE}" | ./nyxd tx bank send main_validator "$(cat nyxd-admin-address.txt)" --chain-id "${CHAIN_ID}" 2500000000u"${DENOM}" --gas auto --gas-adjustment 1.5 --gas-prices 0.025u"${DENOM}" -y
+sleep 5
+echo "Successful"
+
+# send unyx funds to the new validator address
+echo "Sending nyx to the validator"
+yes "${PASSPHRASE}" | ./nyxd tx bank send main_validator "$(cat nyxd-admin-address.txt)" --chain-id "${CHAIN_ID}" 2500000000u"${STAKE_DENOM}" --gas auto --gas-adjustment 1.5 --gas-prices 0.025u"${DENOM}" -y
+sleep 5
+echo "Successful"
+
+# Prepare JSON file for validator creation
+# Prepare JSON file for validator creation
+VALIDATOR_JSON=$(cat <<EOF
+{
+  "pubkey": "$(./nyxd tendermint show-validator)",
+  "amount": "1000000u${STAKE_DENOM}",
+  "moniker": "$NAME",
+  "commission-rate": "0.05",
+  "commission-max-rate": "0.1",
+  "commission-max-change-rate": "0.05",
+  "min-self-delegation": "100000"
+}
+EOF
+)
+
+echo "$VALIDATOR_JSON" > validator.json
+
+
+# create the validator
+echo "Creating the validator"
+yes "${PASSPHRASE}" | ./nyxd tx staking create-validator validator.json --from=nyxd_admin --chain-id "${CHAIN_ID}" --fees=5000u"${DENOM}" --node="${VALIDATOR_ENDPOINT}:443" -y
+sleep 5
+echo "Validator created"
+
+# delegate stake
+echo "Delegating stake and creating validator"
+yes "${PASSPHRASE}" | ./nyxd tx staking delegate "$(cat nvaloper-address.txt)" 50000000u"${STAKE_DENOM}" --from=nyxd_admin --chain-id "${CHAIN_ID}" --fees=5000u"${DENOM}" -y
+sleep 5
+echo "Done!"

docker/rpcnode/start.sh

@@ -0,0 +1,57 @@
+#!/usr/bin/env bash
+
+export LD_LIBRARY_PATH="$LD_LIBRARY_PATH":/root
+PASSPHRASE=passphrase
+APP_NAME=nyxd
+ADDRESSES_DIRECTORY="/root/output"
+export PEERS=${PEERS}
+RPC_ENDPOINT="${VALIDATOR_ENDPOINT}:443"
+LATEST_HEIGHT="$(curl -s ${VALIDATOR_ENDPOINT}/block | jq -r .result.block.header.height)"
+GENESIS_FILE=$VALIDATOR_ENDPOINT/genesis
+
+INTERVAL=1000
+BLOCK_HEIGHT=$(expr $LATEST_HEIGHT - $INTERVAL)
+TRUST_HASH="$(curl -s \"${VALIDATOR_ENDPOINT}/block?height=$BLOCK_HEIGHT\" | jq -r .result.block_id.hash)"
+
+# initialise the validator
+echo "Initialising the validator with name $NAME"
+./${APP_NAME} init ${NAME} --chain-id "${CHAIN_ID}" 2>/dev/null
+echo "Initialised the validator, sleeping 3 seconds."
+sleep 3
+
+cd /root/.nyxd/config
+rm -f genesis.json
+echo "Removed existing genesis, now curling new endpoint: ${GENESIS_FILE}"
+curl "${GENESIS_FILE}" | jq '.result.genesis' >genesis.json
+echo "Fetched the new genesis"
+
+cd $HOME
+echo "Validating genesis file.."
+./${APP_NAME} genesis validate-genesis
+echo "Genesis validated."
+#  create a new node_admin account and add it to keychain
+yes "${PASSPHRASE}" | ./nyxd keys add nyxd_admin 2>&1 >/dev/null | tail -n 1 >${ADDRESSES_DIRECTORY}/node_admin_mnemonic
+
+# edit config.toml and app.toml files
+
+# only uncomment this if all blocks to be synced need to be verified; note that setting fast_sync to false will slow down the syncing process
+# sed -i 's/fast_sync = true/fast_sync = false/' $HOME/.nyxd/config/config.toml
+
+sed -i '/\[api\]/,/^\[/ s/enable = false/enable = true/' $HOME/.nyxd/config/app.toml
+sed -i 's/minimum-gas-prices = ""/minimum-gas-prices = "0.025unym,0.025unyx"/' $HOME/.nyxd/config/app.toml
+sed -i 's/swagger = false/swagger = true/' $HOME/.nyxd/config/app.toml
+sed -i 's/cors_allowed_origins = \["\*"\]/cors_allowed_origins = \[\]/' $HOME/.nyxd/config/app.toml
+sed -i 's/create_empty_blocks = false/create_empty_blocks = true/' $HOME/.nyxd/config/app.toml
+sed -i.bak -e "s/^persistent_peers *=.*/persistent_peers = \"$PEERS\"/" $HOME/.nyxd/config/config.toml
+
+if [ "$SYNC_BLOCK" == "CUSTOM" ]; then
+  sed -i "s/rpc_servers = \"\"/rpc_servers = \"${RPC_ENDPOINT},${RPC_ENDPOINT}\"|" $HOME/.nyxd/config/config.toml
+  sed -i "s/trust_height = 0/trust_height = ${BLOCK_HEIGHT}/" $HOME/.nyxd/config/config.toml
+  sed -i "s/trust_hash = \"\"/trust_hash = \"${TRUST_HASH}\"/" $HOME/.nyxd/config/config.toml
+fi
+
+echo "Starting nyxd.."
+./${APP_NAME} start &
+sleep 10
+
+sleep infinity