From 7ac4cce40ee5f46563f493c0833e397c9caf2e4a Mon Sep 17 00:00:00 2001
From: Jean-Philippe Raynaud <jp.raynaud@gmail.com>
Date: Wed, 28 Jun 2023 16:53:15 +0200
Subject: [PATCH 1/2] Add Mithril Relay in infra

---
 ...ker-compose-signer-unverified-norelay.yaml |  73 +++++++++
 .../docker-compose-signer-unverified.yaml     |  10 ++
 ...ocker-compose-signer-verified-norelay.yaml | 148 ++++++++++++++++++
 .../docker-compose-signer-verified.yaml       |  10 ++
 mithril-infra/assets/docker/squid/squid.conf  |   7 +
 5 files changed, 248 insertions(+)
 create mode 100644 mithril-infra/assets/docker/docker-compose-signer-unverified-norelay.yaml
 create mode 100644 mithril-infra/assets/docker/docker-compose-signer-verified-norelay.yaml
 create mode 100644 mithril-infra/assets/docker/squid/squid.conf

diff --git a/mithril-infra/assets/docker/docker-compose-signer-unverified-norelay.yaml b/mithril-infra/assets/docker/docker-compose-signer-unverified-norelay.yaml
new file mode 100644
index 00000000000..fc9769f1b45
--- /dev/null
+++ b/mithril-infra/assets/docker/docker-compose-signer-unverified-norelay.yaml
@@ -0,0 +1,73 @@
+# Unverified Mithril Signer node running on top of its own Cardano node
+
+version: "3.9"
+
+services:
+  cardano-node-signer:
+    image: cardano-node/${CARDANO_IMAGE_ID}-modified
+    container_name: cardano-node-signer-${SIGNER_ID}
+    restart: always
+    build:
+      context: .
+      dockerfile: Dockerfile.cardano
+      args:
+        CARDANO_IMAGE_ID: ${CARDANO_IMAGE_ID}
+    user: ${CURRENT_UID}
+    profiles:
+      - cardano
+      - all
+    logging:
+      driver: "${LOGGING_DRIVER}"
+    volumes:
+      - ./cardano-configurations/network/${NETWORK}:/config
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/passive:/db
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/ipc:/ipc
+    environment:
+      - CARDANO_SOCKET_PATH=/ipc/node.socket
+      - CARDANO_NODE_SOCKET_PATH=/ipc/node.socket
+    command:
+      [
+        "run",
+        "--config",
+        "/config/cardano-node/config.json",
+        "--topology",
+        "/config/cardano-node/topology.json",
+        "--database-path",
+        "/db"
+      ]
+
+  mithril-signer:
+    image: ghcr.io/input-output-hk/mithril-signer:${MITHRIL_IMAGE_ID}
+    container_name: mithril-signer-${SIGNER_ID}
+    restart: always
+    user: ${CURRENT_UID}
+    profiles:
+      - mithril
+      - all
+    environment:
+      - RUST_BACKTRACE=1
+      - AGGREGATOR_ENDPOINT=http://${AGGREGATOR_CREDENTIALS}mithril-aggregator:8080/aggregator
+      - NETWORK=${NETWORK}
+      - PARTY_ID=${PARTY_ID}
+      - RUN_INTERVAL=120000
+      - DB_DIRECTORY=/mithril-signer-${SIGNER_ID}/cardano/db
+      - DATA_STORES_DIRECTORY=/mithril-signer-${SIGNER_ID}/mithril/stores
+      - STORE_RETENTION_LIMIT=5
+      - CARDANO_NODE_SOCKET_PATH=/ipc/node.socket
+      - CARDANO_CLI_PATH=/app/bin/cardano-cli
+      - ERA_READER_ADAPTER_TYPE=${ERA_READER_ADAPTER_TYPE}
+      - ERA_READER_ADAPTER_PARAMS=${ERA_READER_ADAPTER_PARAMS}
+    volumes:
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/mithril:/mithril-signer-${SIGNER_ID}/mithril
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/passive:/mithril-signer-${SIGNER_ID}/cardano/db
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/ipc:/ipc
+    depends_on:
+      cardano-node-signer:
+        condition: service_started
+    logging:
+      driver: "${LOGGING_DRIVER}"
+
+networks:
+  default:
+    external:
+      name: mithril_network
diff --git a/mithril-infra/assets/docker/docker-compose-signer-unverified.yaml b/mithril-infra/assets/docker/docker-compose-signer-unverified.yaml
index fc9769f1b45..cbf6558376d 100644
--- a/mithril-infra/assets/docker/docker-compose-signer-unverified.yaml
+++ b/mithril-infra/assets/docker/docker-compose-signer-unverified.yaml
@@ -36,6 +36,15 @@ services:
         "/db"
       ]
 
+  mithril-relay:
+    image: ubuntu/squid:latest
+    container_name: mithril-relay-${SIGNER_ID}
+    profiles:
+      - mithril
+      - all
+    volumes:
+      - ./squid/squid.conf:/etc/squid/squid.conf:ro
+
   mithril-signer:
     image: ghcr.io/input-output-hk/mithril-signer:${MITHRIL_IMAGE_ID}
     container_name: mithril-signer-${SIGNER_ID}
@@ -57,6 +66,7 @@ services:
       - CARDANO_CLI_PATH=/app/bin/cardano-cli
       - ERA_READER_ADAPTER_TYPE=${ERA_READER_ADAPTER_TYPE}
       - ERA_READER_ADAPTER_PARAMS=${ERA_READER_ADAPTER_PARAMS}
+      - RELAY_ENDPOINT=http://mithril-relay-${SIGNER_ID}:3128
     volumes:
       - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/mithril:/mithril-signer-${SIGNER_ID}/mithril
       - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/passive:/mithril-signer-${SIGNER_ID}/cardano/db
diff --git a/mithril-infra/assets/docker/docker-compose-signer-verified-norelay.yaml b/mithril-infra/assets/docker/docker-compose-signer-verified-norelay.yaml
new file mode 100644
index 00000000000..e7419f2c42e
--- /dev/null
+++ b/mithril-infra/assets/docker/docker-compose-signer-verified-norelay.yaml
@@ -0,0 +1,148 @@
+# Verified Mithril Signer node running on top of its own Cardano node
+
+version: "3.9"
+
+services:
+  cardano-node-signer-relay:
+    image: cardano-node/${CARDANO_IMAGE_ID}-modified
+    container_name: cardano-node-relay-signer-${SIGNER_ID}
+    restart: always
+    build:
+      context: .
+      dockerfile: Dockerfile.cardano
+      args:
+        CARDANO_IMAGE_ID: ${CARDANO_IMAGE_ID}
+    user: ${CURRENT_UID}
+    profiles:
+      - cardano
+      - all
+    logging:
+      driver: "${LOGGING_DRIVER}"
+    volumes:
+      - ./cardano-configurations/network/${NETWORK}:/config
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/relay:/db
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/ipc:/ipc
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/pool:/pool
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/www:/www
+    ports:
+      - "${SIGNER_CARDANO_RELAY_PORT}:${SIGNER_CARDANO_RELAY_PORT}"
+    environment:
+      - CARDANO_SOCKET_PATH=/ipc/node.socket
+      - CARDANO_NODE_SOCKET_PATH=/ipc/node.socket
+    command:
+      [
+        "run",
+        "--config",
+        "/config/cardano-node/config.json",
+        "--topology",
+        "/pool/topology-relay.json",
+        "--database-path",
+        "/db",
+        "--port",
+        "${SIGNER_CARDANO_RELAY_PORT}"
+      ]
+
+  cardano-node-signer-block-producer:
+    image: cardano-node/${CARDANO_IMAGE_ID}-modified
+    container_name: cardano-node-block-producer-signer-${SIGNER_ID}
+    restart: always
+    build:
+      context: .
+      dockerfile: Dockerfile.cardano
+      args:
+        CARDANO_IMAGE_ID: ${CARDANO_IMAGE_ID}
+    user: ${CURRENT_UID}
+    profiles:
+      - cardano
+      - all
+    logging:
+      driver: "${LOGGING_DRIVER}"
+    volumes:
+      - ./cardano-configurations/network/${NETWORK}:/config
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/block-producer:/db
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/ipc:/ipc
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/pool:/pool
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/www:/www
+    ports:
+      - "${SIGNER_CARDANO_BLOCK_PRODUCER_PORT}:${SIGNER_CARDANO_BLOCK_PRODUCER_PORT}"
+    environment:
+      - CARDANO_SOCKET_PATH=/ipc/node.socket
+      - CARDANO_NODE_SOCKET_PATH=/ipc/node.socket
+    command:
+      [
+        "run",
+        "--config",
+        "/config/cardano-node/config.json",
+        "--topology",
+        "/pool/topology-block-producer.json",
+        "--database-path",
+        "/db",
+        "--port",
+        "${SIGNER_CARDANO_BLOCK_PRODUCER_PORT}",
+        "--shelley-kes-key",
+        "/pool/kes.skey",
+        "--shelley-vrf-key",
+        "/pool/vrf.skey",
+        "--shelley-operational-certificate",
+        "/pool/opcert.cert"
+      ]
+
+  mithril-signer:
+    image: ghcr.io/input-output-hk/mithril-signer:${MITHRIL_IMAGE_ID}
+    container_name: mithril-signer-${SIGNER_ID}
+    restart: always
+    user: ${CURRENT_UID}
+    profiles:
+      - mithril
+      - all
+    environment:
+      - RUST_BACKTRACE=1
+      - AGGREGATOR_ENDPOINT=http://${AGGREGATOR_CREDENTIALS}mithril-aggregator:8080/aggregator
+      - NETWORK=${NETWORK}
+      - KES_SECRET_KEY_PATH=/mithril-signer-${SIGNER_ID}/cardano/pool/kes.skey
+      - OPERATIONAL_CERTIFICATE_PATH=/mithril-signer-${SIGNER_ID}/cardano/pool/opcert.cert
+      - RUN_INTERVAL=120000
+      - DB_DIRECTORY=/mithril-signer-${SIGNER_ID}/cardano/db
+      - DATA_STORES_DIRECTORY=/mithril-signer-${SIGNER_ID}/mithril/stores
+      - STORE_RETENTION_LIMIT=5
+      - CARDANO_NODE_SOCKET_PATH=/ipc/node.socket
+      - CARDANO_CLI_PATH=/app/bin/cardano-cli
+      - ERA_READER_ADAPTER_TYPE=${ERA_READER_ADAPTER_TYPE}
+      - ERA_READER_ADAPTER_PARAMS=${ERA_READER_ADAPTER_PARAMS}
+    volumes:
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/mithril:/mithril-signer-${SIGNER_ID}/mithril
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/block-producer:/mithril-signer-${SIGNER_ID}/cardano/db
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/pool:/mithril-signer-${SIGNER_ID}/cardano/pool
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/ipc:/ipc
+      - ./cardano-configurations/network/${NETWORK}:/config
+    depends_on:
+      cardano-node-signer-block-producer:
+        condition: service_started
+      cardano-node-signer-relay:
+        condition: service_started
+    logging:
+      driver: "${LOGGING_DRIVER}"
+
+  mithril-signer-www:
+    image: nginx:latest
+    container_name: mithril-signer-www-${SIGNER_ID}
+    restart: always
+    profiles:
+      - mithril
+      - all
+    volumes:
+      - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/www:/usr/share/nginx/html
+    ports:
+      - "${SIGNER_WWW_PORT}:8080"
+    logging:
+      driver: "${LOGGING_DRIVER}"
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.mithril-signer-${SIGNER_ID}.rule=Host(`${SIGNER_HOST}`)'
+      - 'traefik.http.routers.mithril-signer-${SIGNER_ID}.tls=true'
+      - 'traefik.http.routers.mithril-signer-${SIGNER_ID}.tls.certresolver=lets-encrypt'
+
+networks:
+  default:
+    external:
+      name: mithril_network
diff --git a/mithril-infra/assets/docker/docker-compose-signer-verified.yaml b/mithril-infra/assets/docker/docker-compose-signer-verified.yaml
index e7419f2c42e..53e29800545 100644
--- a/mithril-infra/assets/docker/docker-compose-signer-verified.yaml
+++ b/mithril-infra/assets/docker/docker-compose-signer-verified.yaml
@@ -87,6 +87,15 @@ services:
         "/pool/opcert.cert"
       ]
 
+  mithril-relay:
+    image: ubuntu/squid:latest
+    container_name: mithril-relay-${SIGNER_ID}
+    profiles:
+      - mithril
+      - all
+    volumes:
+      - ./squid/squid.conf:/etc/squid/squid.conf:ro
+
   mithril-signer:
     image: ghcr.io/input-output-hk/mithril-signer:${MITHRIL_IMAGE_ID}
     container_name: mithril-signer-${SIGNER_ID}
@@ -109,6 +118,7 @@ services:
       - CARDANO_CLI_PATH=/app/bin/cardano-cli
       - ERA_READER_ADAPTER_TYPE=${ERA_READER_ADAPTER_TYPE}
       - ERA_READER_ADAPTER_PARAMS=${ERA_READER_ADAPTER_PARAMS}
+      - RELAY_ENDPOINT=http://mithril-relay-${SIGNER_ID}:3128
     volumes:
       - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/mithril:/mithril-signer-${SIGNER_ID}/mithril
       - ../data/${NETWORK}/mithril-signer-${SIGNER_ID}/cardano/db/block-producer:/mithril-signer-${SIGNER_ID}/cardano/db
diff --git a/mithril-infra/assets/docker/squid/squid.conf b/mithril-infra/assets/docker/squid/squid.conf
new file mode 100644
index 00000000000..47b051e9de5
--- /dev/null
+++ b/mithril-infra/assets/docker/squid/squid.conf
@@ -0,0 +1,7 @@
+# Warning: This is a custom configuration for Mithril test infrastructure only, do not use in production
+
+# Listening port (port 3128 is recommended)
+http_port 3128
+
+# Allowed traffic
+http_access allow all
\ No newline at end of file

From 6b19d5a0a28e07f8a62ae3a356f4627657e13a8c Mon Sep 17 00:00:00 2001
From: Jean-Philippe Raynaud <jp.raynaud@gmail.com>
Date: Thu, 29 Jun 2023 10:45:51 +0200
Subject: [PATCH 2/2] Update infra version

---
 mithril-infra/assets/infra.version | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mithril-infra/assets/infra.version b/mithril-infra/assets/infra.version
index 6c6aa7cb091..6da28dde76d 100644
--- a/mithril-infra/assets/infra.version
+++ b/mithril-infra/assets/infra.version
@@ -1 +1 @@
-0.1.0
\ No newline at end of file
+0.1.1
\ No newline at end of file