I used to run Arbitrum Nitro Node via docker-compose
, a huge mistake.
Due to Docker shenanigans, any docker-compose
port publishing is binded to default gateway 0.0.0.0
.
This bypasses ufw
rules, and to set firewall up requires tedious iptables
config.
-
Customize
start.sh
,Dockerfile
,ufw-hosts.sh
, andufw-allow.sh
to your needs. -
Build your image:
docker build -t foo/arbnode .
- Run your image:
./docker-start.sh
- Check if the Docker node works (we assume that
start.sh
specifies--http.port=6969
):
./check_conn.sh http://localhost:6969;
- Configure and start NGINX
cp arb_nitro_proxy /etc/nginx/sites-available;
ln -s /etc/nginx/sites-available/arb_nitro_proxy /etc/nginx/sites-enabled/arb_nitro_proxy;
systemctl restart nginx;
- Check if NGINX reverse proxy works
./check_conn.sh http://localhost:8547; # Check on loopback
./check_conn.sh ${public_ip}:8547 # Check on public interface
- Enable firewall
./ufw-allow.sh;
ufw enable;