docker-compose.yml

-# This is a minimal docker-compose.yml template for running a Duniter instance
+# This is a minimal docker-compose.yml template for running a Duniter mirror node
 # For more detailed examples, look at docker/compose folder
-
-version: "3.5"
-
 services:
-  duniter-v2s:
-    container_name: duniter-v2s
-    # choose the version of the image here
-    image: duniter/duniter-v2s:latest
+  duniter-v2s-mirror:
+    container_name: duniter-v2s-mirror
+    # the image tells which network you are connecting to
+    # here it is gdev network
+    image: duniter/duniter-v2s-gdev-800:latest
     ports:
-      # telemetry
+      # prometheus telemetry to monitor resource use
       - 9615:9615
-      # rpc
-      - 9933:9933
-      # rpc-ws
+      # RPC API (ws and http)
       - 9944:9944
-      # p2p
+      # public p2p endpoint
       - 30333:30333
     environment:
-      DUNITER_NODE_NAME: "duniter_local"
-      DUNITER_CHAIN_NAME: "gdev"
+      # read https://duniter.org/wiki/duniter-v2/configure-docker/
+      # to configure these
+      DUNITER_NODE_NAME: duniter_local
+      DUNITER_CHAIN_NAME: gdev
+      DUNITER_PUBLIC_ADDR: /dns/your.domain.name/tcp/30333
+      DUNITER_LISTEN_ADDR: /ip4/0.0.0.0/tcp/30333
     volumes:
       - duniter-local-data:/var/lib/duniter
 

docker/Dockerfile

+# Workaround for https://github.com/containers/buildah/issues/4742
+FROM debian:bullseye-slim AS target
+
 # ------------------------------------------------------------------------------
 # Build Stage
 # ------------------------------------------------------------------------------
 
-# Building for Debian buster because we need the binary to be compatible
-# with the image paritytech/ci-linux:production (currently based on
-# debian:buster-slim) used by the gitlab CI
-FROM rust:1-buster as build
+# When building for a foreign arch, use cross-compilation
+# https://www.docker.com/blog/faster-multi-platform-builds-dockerfile-cross-compilation-guide/
+FROM --platform=$BUILDPLATFORM rust:1-bullseye AS build
+ARG BUILDPLATFORM
+ARG TARGETPLATFORM
+
+# Debug
+RUN echo "BUILDPLATFORM = $BUILDPLATFORM"
+RUN echo "TARGETPLATFORM = $TARGETPLATFORM"
+
+# We need the target arch triplet in both Debian and rust flavor
+RUN echo "DEBIAN_ARCH_TRIPLET='$(dpkg-architecture -A${TARGETPLATFORM#linux/} -qDEB_TARGET_MULTIARCH)'" >>/root/dynenv
+RUN . /root/dynenv && \
+    echo "RUST_ARCH_TRIPLET='$(echo "$DEBIAN_ARCH_TRIPLET" | sed -E 's/-linux-/-unknown&/')'" >>/root/dynenv
+RUN cat /root/dynenv
+
 WORKDIR /root
 
 # Copy source tree
 COPY . .
 
-RUN test -x build/duniter || \
-    ( \
-        apt-get update && \
-        DEBIAN_FRONTEND=noninteractive apt-get install -y clang cmake protobuf-compiler \
-    )
+RUN apt-get update && \
+    DEBIAN_FRONTEND=noninteractive apt-get install -y clang cmake protobuf-compiler
 
 # build duniter
-ARG threads=1
-RUN test -x build/duniter || \
-    ( \
-        CARGO_PROFILE_RELEASE_LTO="true" \
-            cargo build --release -j $threads && \
-        mkdir -p build && \
-        mv target/release/duniter build/ \
-    )
+ARG debug=0
+RUN if [ "$debug" = 0 ]; then \
+        echo "CARGO_OPTIONS=--release" >>/root/dynenv && \
+        echo "TARGET_FOLDER=release" >>/root/dynenv; \
+    else \
+        echo "TARGET_FOLDER=debug" >>/root/dynenv; \
+    fi
 
-# Create fake duniter-cucumber if is not exist
-# The goal is to avoid error later, this binary is optional
-RUN test -x build/duniter-cucumber || \
-    ( \
+# Configure cross-build environment if need be
+RUN set -x && \
+    if [ "$TARGETPLATFORM" != "$BUILDPLATFORM" ]; then \
+        . /root/dynenv && \
+        apt install -y gcc-$DEBIAN_ARCH_TRIPLET binutils-$DEBIAN_ARCH_TRIPLET && \
+        rustup target add "$RUST_ARCH_TRIPLET" && \
+        : https://github.com/rust-lang/cargo/issues/4133 && \
+        echo "RUSTFLAGS='-C linker=$DEBIAN_ARCH_TRIPLET-gcc'; export RUSTFLAGS" >>/root/dynenv; \
+    fi
+
+# Build
+ARG chain="gdev"
+RUN set -x && \
+    cat /root/dynenv && \
+    . /root/dynenv && \
+    cargo build -Zgit=shallow-deps --locked $CARGO_OPTIONS --no-default-features $BENCH_OPTIONS --features $chain --target "$RUST_ARCH_TRIPLET" && \
+    cargo build -Zgit=shallow-deps --locked $CARGO_OPTIONS --target "$RUST_ARCH_TRIPLET" --package distance-oracle && \
     mkdir -p build && \
-        touch build/duniter-cucumber \
-    )
+    mv target/$RUST_ARCH_TRIPLET/$TARGET_FOLDER/duniter build/ && \
+    mv target/$RUST_ARCH_TRIPLET/$TARGET_FOLDER/distance-oracle build/
+
+# Run tests if requested, except when cross-building
+ARG cucumber=0
+RUN if [ "$cucumber" != 0 ] && [ "$TARGETPLATFORM" = "$BUILDPLATFORM" ]; then \
+        cargo ta && \
+        cargo test -Zgit=shallow-deps --workspace --exclude duniter-end2end-tests --exclude duniter-live-tests --features=runtime-benchmarks,constant-fees \
+        cd target/debug/deps/ && \
+        rm cucumber_tests-*.d && \
+        mv cucumber_tests* ../../../build/duniter-cucumber; \
+    fi
 
 # ------------------------------------------------------------------------------
 # Final Stage
 # ------------------------------------------------------------------------------
 
-FROM debian:buster-slim
+FROM target
 
 LABEL maintainer="Gilles Filippini <gilles.filippini@pini.fr>"
 LABEL version="0.0.0"
 LABEL description="Crypto-currency software (based on Substrate framework) to operate Ğ1 libre currency"
 
+# Required certificates for RPC connections
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends ca-certificates
+RUN update-ca-certificates
+RUN apt-get clean && rm -rf /var/lib/apt/lists/*
+
 RUN adduser --home /var/lib/duniter duniter
 
 # Configuration
-# rpc, rpc-ws, p2p, telemetry
-EXPOSE 9933 9944 30333 9615
+# rpc, p2p, telemetry
+EXPOSE 9944 30333 9615
 VOLUME /var/lib/duniter
 ENTRYPOINT ["docker-entrypoint"]
 USER duniter
 
 # Intall
-COPY --from=build /root/build/duniter /usr/local/bin/duniter
-COPY --from=build /root/build/duniter-cucumber /usr/local/bin/duniter-cucumber
+COPY --from=build /root/build /usr/local/bin/
+COPY --from=build /root/dynenv /var/lib/duniter
 COPY docker/docker-entrypoint /usr/local/bin/
+COPY docker/docker-distance-entrypoint /usr/local/bin/
+
+# Debug
+RUN cat /var/lib/duniter/dynenv

docker/README.md

@@ -4,42 +4,40 @@ Duniter is the software that supports the [Ğ1 libre-currency blockchain](https:
 
 [Duniter v2s](https://git.duniter.org/nodes/rust/duniter-v2s) is a complete rewrite of Duniter based on the Substrate / Polkadot framework. **This is alpha state work in progress.**
 
-# Minimal docker-compose file for an RPC (non validator) node
+## Minimal docker-compose file for an mirror node
 
 ```
 version: "3.5"
 
 services:
-  duniter-rpc:
-    image: duniter/duniter-v2s:latest
+  duniter-mirror:
+    image: duniter/duniter-v2s-gdev:latest
     restart: unless-stopped
     ports:
       # Prometheus endpoint
       - 9615:9615
-      # rpc via http
-      - 9933:9933
-      # rpc via websocket
+      # rpc
       - 9944:9944
       # p2p
       - 30333:30333
     volumes:
-      - data-rpc:/var/lib/duniter/
+      - data-mirror:/var/lib/duniter/
     environment:
       - DUNITER_CHAIN_NAME=gdev
       - DUNITER_NODE_NAME=<my-node-name>
 
 volumes:
-  data-rpc:
+  data-mirror:
 ```
 
-# Minimal docker-compose file for a validator node
+## Minimal docker-compose file for a validator node
 
 ```
 version: "3.5"
 
 services:
   duniter-validator:
-    image: duniter/duniter-v2s:latest
+    image: duniter/duniter-v2s-gdev:latest
     restart: unless-stopped
     ports:
       # Prometheus endpoint
@@ -57,26 +55,47 @@ volumes:
   data-validator:
 ```
 
-# Environment variables
+## Environment variables
 
 | Name                         | Description                                                                                                                                                                                                                                                                                                                                          | Default                                                                                     |
-| ---- | ----------- | ------- |
+| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
 | `DUNITER_NODE_NAME`          | The node name. This name will appear on the Substrate telemetry server when telemetry is enabled.                                                                                                                                                                                                                                                    | Random name                                                                                 |
 | `DUNITER_CHAIN_NAME`         | The currency to process. "gdev" uses the embeded chainspec. A path allows to use a local json raw chainspec.                                                                                                                                                                                                                                         | `dev` (development mode)                                                                    |
-| `DUNITER_PUBLIC_ADDR` | The libp2p public address base. See [libp2p documentation](https://docs.libp2p.io/concepts/fundamentals/addressing/). This variable is useful when the node is behind a reverse-proxy with its ports not directly exposed.<br>Note: the `p2p/<peer_id>` part of the address shouldn't be set in this variable. It is automatically added by Duniter. | duniter-v2s guesses one from the node's IPv4 address. |
+| `DUNITER_PUBLIC_ADDR`        | The libp2p public address base. See [libp2p documentation](https://docs.libp2p.io/concepts/fundamentals/addressing/). This variable is useful when the node is behind a reverse proxy with its ports not directly exposed.<br>Note: the `p2p/<peer_id>` part of the address shouldn't be set in this variable. It is automatically added by Duniter. | duniter-v2s guesses one from the node's IPv4 address.                                       |
 | `DUNITER_LISTEN_ADDR`        | The libp2p listen address. See [libp2p documentation](https://docs.libp2p.io/concepts/fundamentals/addressing/). This variable is useful when running a validator node behind a reverse proxy, to force the P2P end point in websocket mode with:<br> `DUNITER_LISTEN_ADDR=/ip4/0.0.0.0/tcp/30333/ws`                                                | Non validator node: `/ip4/0.0.0.0/tcp/30333/ws`<br>Validator node: `/ip4/0.0.0.0/tcp/30333` |
 | `DUNITER_RPC_CORS`           | Value of the polkadot `--rpc-cors` option.                                                                                                                                                                                                                                                                                                           | `all`                                                                                       |
 | `DUNITER_VALIDATOR`          | Boolean (`true` / `false`) to run the node in validator mode. Configure the polkadot options `--validator --rpc-methods Unsafe`.                                                                                                                                                                                                                     | `false`                                                                                     |
 | `DUNITER_DISABLE_PROMETHEUS` | Boolean to disable the Prometheus endpoint on port 9615.                                                                                                                                                                                                                                                                                             | `false`                                                                                     |
-| `DUNITER_DISABLE_TELEMETRY` | Boolean to disable connecting to the Substrate tememetry server. | `false` |
-| `DUNITER_PRUNING_PROFILE` | * `default`<br> * `archive`: keep all blocks and state blocks<br> * `light`: keep only last 256 state blocks and last 14400 blocks (one day duration) | `default` |
+| `DUNITER_DISABLE_TELEMETRY`  | Boolean to disable connecting to the Substrate telemetry server.                                                                                                                                                                                                                                                                                     | `false`                                                                                     |
+| `DUNITER_PRUNING_PROFILE`    | _ `default`<br> _ `archive`: keep all blocks and state blocks<br> \* `light`: keep only last 256 state blocks and last 14400 blocks (one day duration)                                                                                                                                                                                               | `default`                                                                                   |
+| `DUNITER_PUBLIC_RPC`         | The public RPC endpoint to gossip on the network and make available in the apps. | None |
+| `DUNITER_PUBLIC_SQUID`       | The public Squid graphql endpoint to gossip on the network and make available in the apps. | None |
+| `DUNITER_PUBLIC_ENDPOINTS`   | Path to a JSON file containing public endpoints to gossip on the network. The file should use the following format:<br>```{"endpoints": [  { "protocol": "rpc", "address": "wss://gdev.example.com" },  { "protocol": "squid", "address": "gdev.example.com/graphql/v1" }]}``` | None |
 
-# Other duniter options
+## Other Duniter options
+
+You can pass any other option to Duniter using the `command` docker-compose element:
 
-You can pass any other option to duniter using the `command` docker-compose element:
 ```
     command:
       # workaround for substrate issue #12073
       # https://github.com/paritytech/substrate/issues/12073
       - "--wasm-execution=interpreted-i-know-what-i-do"
 ```
+
+## Start Duniter
+
+Once you are happy with your `docker-compose.yml` file, run in the same folder:
+
+```bash
+docker compose up -d
+```
+
+## Running duniter subcommands or custom set of options
+
+To run duniter from the command line without the default configuration detailed in the "Environment variables" section use `--` as the first argument. For example:
+
+```
+$ docker run --rm duniter/duniter-v2s-gdev:latest -- key generate
+$ docker run --rm duniter/duniter-v2s-gdev:latest -- --chain gdev ...
+```

docker/build-deb.Dockerfile

+FROM paritytech/ci-linux:production
+
+# Set the working directory
+WORKDIR /app/
+
+# Copy the toolchain
+COPY rust-toolchain.toml ./
+
+# Install toolchain, substrate and cargo-deb with cargo cache
+RUN --mount=type=cache,target=/root/.cargo \
+    cargo install cargo-deb
+
+# Create a dummy project to cache dependencies
+COPY Cargo.toml .
+COPY rust-toolchain.toml ./
+RUN --mount=type=cache,target=/app/target \
+    --mount=type=cache,target=/root/.cargo/registry \
+    mkdir src && \
+    sed -i '/git = \|version = /!d' Cargo.toml && \
+    sed -i 's/false/true/' Cargo.toml && \
+    sed -i '1s/^/\[package\]\nname\=\"Dummy\"\n\[dependencies\]\n/' Cargo.toml && \
+    echo "fn main() {}" > src/main.rs && \
+    cargo build -Zgit=shallow-deps --release && \
+    rm -rf src Cargo.lock Cargo.toml
+
+# Copy the entire project
+COPY . .
+
+# Build the project and create Debian packages
+RUN --mount=type=cache,target=/app/target \
+    --mount=type=cache,target=/root/.cargo/registry \
+    cargo build -Zgit=shallow-deps --release && \
+    cargo deb --no-build -p duniter && \
+    cp -r ./target/debian/ ./
+
+# Clean up unnecessary files to reduce image size
+RUN rm -rf /app/target/release /root/.cargo/registry

docker/compose/docker-compose.smith.yml

+# docker-compose.yml template for running a Duniter smith node
+# for more doc, see https://duniter.org/wiki/duniter-v2/
+services:
+  # duniter smith node
+  duniter-v2s-smith:
+    container_name: duniter-v2s-smith
+    image: duniter/duniter-v2s-gdev-800:latest
+    ports:
+      # RPC API of a smith node should not be exposed publicly!
+      - 127.0.0.1:9944:9944
+      # public p2p endpoint
+      - 30333:30333
+    environment:
+      DUNITER_NODE_NAME: duniter_smith
+      DUNITER_CHAIN_NAME: gdev
+      DUNITER_VALIDATOR: true
+      DUNITER_PRUNING_PROFILE: light
+      DUNITER_PUBLIC_ADDR: /dns/your.domain.name/tcp/30333
+      DUNITER_LISTEN_ADDR: /ip4/0.0.0.0/tcp/30333
+    volumes:
+      - duniter-smith-data:/var/lib/duniter
+  # distance oracle
+  distance-oracle:
+    container_name: distance-oracle
+    # choose the version of the image here
+    image: duniter/duniter-v2s-gdev:latest
+    entrypoint: docker-distance-entrypoint
+    environment:
+      ORACLE_RPC_URL: ws://duniter-v2s-smith:9944
+      ORACLE_RESULT_DIR: /var/lib/duniter/chains/gdev/distance/
+      ORACLE_EXECUTION_INTERVAL: 1800
+      ORACLE_LOG_LEVEL: info
+    volumes:
+      - duniter-smith-data:/var/lib/duniter
+
+volumes:
+  duniter-smith-data:

docker/compose/gdev-mirror.docker-compose.yml

-# This is a docker template for running a gdev mirror
-
-version: "3.5"
-
-services:
-  duniter-rpc:
-    image: duniter/duniter-v2s:latest
-    restart: unless-stopped
-    ports:
-      # telemetry
-      - 127.0.0.1:9615:9615
-      # rpc
-      - 127.0.0.1:9933:9933
-      # rpc-ws
-      - 127.0.0.1:9944:9944
-      # p2p
-      - 30333:30333
-    volumes:
-      - ./node.key:/etc/duniter/node.key
-      - duniter-rpc-data:/var/lib/duniter/
-    environment:
-      - DUNITER_CHAIN_NAME=gdev
-      # SERVER_DOMAIN should be replaced by a domain name that point on your server
-      - DUNITER_PUBLIC_ADDR=/dns/${SERVER_DOMAIN?SERVER_DOMAIN should be set}/tcp/30333/ws
-
-volumes:
-  duniter-rpc-data:

docker/compose/gdev-validator.docker-compose.yml

-version: "3.5"
-
-services:
-  duniter-rpc:
-    image: duniter/duniter-v2s:latest
-    restart: unless-stopped
-    ports:
-      # telemetry
-      - 127.0.0.1:9615:9615
-      # rpc
-      - 127.0.0.1:9933:9933
-      # rpc-ws
-      - 127.0.0.1:9944:9944
-      # p2p
-      - 30333:30333
-    volumes:
-      - ./node.key:/etc/duniter/validator-node.key
-      - duniter-rpc-data:/var/lib/duniter/
-    environment:
-      - DUNITER_CHAIN_NAME=gdev
-      # RPC_SERVER_DOMAIN should be replaced by a domain name that point on your server
-      - DUNITER_PUBLIC_ADDR=/dns/${RPC_SERVER_DOMAIN?RPC_SERVER_DOMAIN should be set}/tcp/30333/ws
-
-  duniter-validator:
-    image: duniter/duniter-v2s:latest
-    restart: unless-stopped
-    ports:
-      # telemetry
-      - 127.0.0.1:9616:9615
-      # rpc
-      - 127.0.0.1:9934:9933
-      # rpc-ws
-      - 127.0.0.1:9945:9944
-      # p2p
-      - 30334:30333
-    volumes:
-      - ./node.key:/etc/duniter/validator-node.key
-      - duniter-validator-data:/var/lib/duniter/
-    environment:
-      - DUNITER_CHAIN_NAME=gdev
-      # VALIDATOR_SERVER_DOMAIN should be replaced by a domain name that point on your server
-      - DUNITER_PUBLIC_ADDR=/dns/${VALIDATOR_SERVER_DOMAIN?VALIDATOR_SERVER_DOMAIN should be set}/tcp/30333
-      - DUNITER_VALIDATOR=true
-    command:
-      - "--pruning=14400"

docker/compose/live-template.docker-compose.yml

-version: "3.5"
-
-services:
-  duniter-rpc:
-    image: duniter/duniter-v2s:DUNITER_IMAGE_TAG
-    restart: unless-stopped
-    ports:
-      - "9944:9944"
-      - "30333:30333"
-    volumes:
-      - ./duniter-rpc/:/var/lib/duniter/
-    environment:
-      - DUNITER_CHAIN_NAME=/var/lib/duniter/CURRENCY-raw.json
-    command:
-      - "--bootnodes"
-      - "/dns/duniter-validator/tcp/30333/p2p/VALIDATOR_NODE_KEY"
-
-  duniter-validator:
-    image: duniter/duniter-v2s:DUNITER_IMAGE_TAG
-    restart: unless-stopped
-    ports:
-      - "127.0.0.1:9945:9944"
-      - "30334:30333"
-    volumes:
-      - ./duniter-validator/:/var/lib/duniter/
-    environment:
-      - DUNITER_CHAIN_NAME=/var/lib/duniter/CURRENCY-raw.json
-      - DUNITER_VALIDATOR=true
-    command:
-      - "--bootnodes"
-      - "/dns/duniter-rpc/tcp/30333/p2p/RPC_NODE_KEY"

docker/docker-distance-entrypoint

+#!/bin/bash
+
+# Custom startup if a first argument is present and is equal to '--'
+# then we just run duniter with the provided arguments (but the '--')
+# without applying all the automated configuration below
+if [ "$1" = -- ]; then
+  shift
+  distance-oracle "$@"
+else
+  ORACLE_RESULT_DIR="${ORACLE_RESULT_DIR:-/distance}"
+  ORACLE_EXECUTION_INTERVAL="${ORACLE_EXECUTION_INTERVAL:-1800}"
+  ORACLE_RPC_URL="${ORACLE_RPC_URL:-ws://127.0.0.1:9944}"
+  ORACLE_LOG_LEVEL="${ORACLE_LOG_LEVEL:-info}"
+
+  while [ true ]; do
+    distance-oracle --evaluation-result-dir "$ORACLE_RESULT_DIR" --rpc-url "$ORACLE_RPC_URL" --log "$ORACLE_LOG_LEVEL"
+    echo "Waiting $ORACLE_EXECUTION_INTERVAL seconds before next execution..."
+    sleep $ORACLE_EXECUTION_INTERVAL
+  done
+fi

docker/docker-entrypoint

 #!/bin/bash
 
+# Custom startup if a first argument is present and is equal to '--'
+# then we just run duniter with the provided arguments (but the '--')
+# without applying all the automated configuration below
+if [ "$1" = -- ]; then
+  shift
+  exec duniter "$@"
+fi
+
+# Normal startup
 function boolean () {
   echo "$1" | sed -E 's/^(true|yes|1)$/true/i'
 }
@@ -12,27 +21,60 @@ function ternary () {
   fi
 }
 
+# Define chain name at the beginning
+# with #274 we could have default given in network branch
+DUNITER_CHAIN_NAME="${DUNITER_CHAIN_NAME:-dev}"
+case "$DUNITER_CHAIN_NAME" in
+  dev)
+    chain=(--dev)
+    ;;
+  *)
+    chain=(--chain "$DUNITER_CHAIN_NAME")
+    ;;
+esac
+
+# Node name will appear on network
 DUNITER_NODE_NAME="${DUNITER_NODE_NAME:-$DUNITER_INSTANCE_NAME}"
 if [ -n "$DUNITER_NODE_NAME" ]; then
   set -- "$@" --name "$DUNITER_NODE_NAME"
 fi
 
+# Path of key file. Should be generated below if not present before starting Duniter
 _DUNITER_KEY_FILE=/var/lib/duniter/node.key
 set -- "$@" --node-key-file "$_DUNITER_KEY_FILE"
 
+# Generate node.key if not existing (chain name is required)
 if [ ! -f "$_DUNITER_KEY_FILE" ]; then
   echo "Generating node key file '$_DUNITER_KEY_FILE'..."
-  duniter key generate-node-key --file "$_DUNITER_KEY_FILE"
+  duniter key generate-node-key --file "$_DUNITER_KEY_FILE" "${chain[@]}"
 else
   echo "Node key file '$_DUNITER_KEY_FILE' exists."
 fi
+# Log peer ID
 _DUNITER_PEER_ID="$(duniter key inspect-node-key --file "$_DUNITER_KEY_FILE")"
 echo "Node peer ID is '$_DUNITER_PEER_ID'."
 
+# Define public address (with dns, correct port and protocol for instance)
 if [ -n "$DUNITER_PUBLIC_ADDR" ]; then
   set -- "$@" --public-addr "$DUNITER_PUBLIC_ADDR"
 fi
 
+# Define public RPC endpoint (gossiped on the network)
+if [ -n "$DUNITER_PUBLIC_RPC" ]; then
+  set -- "$@" --public-rpc "$DUNITER_PUBLIC_RPC"
+fi
+
+# Define public Squid endpoint (gossiped on the network)  
+if [ -n "$DUNITER_PUBLIC_SQUID" ]; then
+  set -- "$@" --public-squid "$DUNITER_PUBLIC_SQUID"
+fi
+
+# Define public endpoints from JSON file (gossiped on the network)
+if [ -n "$DUNITER_PUBLIC_ENDPOINTS" ]; then
+  set -- "$@" --public-endpoints "$DUNITER_PUBLIC_ENDPOINTS"
+fi
+
+# Define listen address (inside docker)
 if [ -n "$DUNITER_LISTEN_ADDR" ]; then
   set -- "$@" --listen-addr "$DUNITER_LISTEN_ADDR"
 fi
@@ -40,6 +82,7 @@ fi
 DUNITER_RPC_CORS="${DUNITER_RPC_CORS:-all}"
 set -- "$@" --rpc-cors "$DUNITER_RPC_CORS"
 
+# In case of validator, unsafe rpc methods are needed (like rotate_key) and should not be exposed publicly
 DUNITER_VALIDATOR=$(boolean "${DUNITER_VALIDATOR:-false}")
 if [ "$DUNITER_VALIDATOR" = true ]; then
   set -- "$@" --rpc-methods Unsafe --validator
@@ -55,6 +98,7 @@ if [ "$DUNITER_DISABLE_TELEMETRY" = true ]; then
   set -- "$@" --no-telemetry
 fi
 
+# Set pruning profile
 DUNITER_PRUNING_PROFILE="${DUNITER_PRUNING_PROFILE:-default}"
 case "$DUNITER_PRUNING_PROFILE" in
   default)
@@ -70,19 +114,12 @@ case "$DUNITER_PRUNING_PROFILE" in
     ;;
 esac
 
-DUNITER_CHAIN_NAME="${DUNITER_CHAIN_NAME:-dev}"
-case "$DUNITER_CHAIN_NAME" in
-  dev)
-    chain=(--dev)
-    ;;
-  *)
-    chain=(--chain "$DUNITER_CHAIN_NAME")
-    ;;
-esac
-
+# Set main command
+# Since we are inside docker, we can bind to all interfaces.
+# User will bind port to host interface or set reverse proxy when needed.
 set -- "$@" \
   "${chain[@]}" \
-  -d /var/lib/duniter --unsafe-rpc-external --unsafe-ws-external
+  -d /var/lib/duniter --unsafe-rpc-external
 
 echo "Starting duniter with parameters:" "$@"
 exec duniter "$@"

docs/api/manual.md

@@ -3,7 +3,7 @@
 This functional documentation presents how wallets can interact with the blockchain.
 It is intended to complete the [runtime calls documentation](./runtime-calls.md) in a runtime-specific way to fit the real needs of wallet developers.
 
-Only ĞDev is covered for now.
+NOTE : a more detailed doc is available at <https://duniter.org/wiki/duniter-v2/doc/>
 
 ## Notations
 
@@ -11,15 +11,29 @@ Only ĞDev is covered for now.
 
 ## Account existence
 
-An account exists if and only if it contains at least the existential deposit (2 ĞD).
+An account exists if and only if it contains at least the existential deposit (`balances.existentialDeposit` = 1 ĞD).
 
 ## Become member
 
-Only use `identity` pallet. The `membership` calls are disabled.
+Only use `identity` pallet.
 
 1. The account that wants to gain membership needs to exists.
 1. Any account that already has membership and respects the identity creation period can create an identity for another account, using `identity.createIdentity`.
 1. The account has to confirm its identity with a name, using `identity.confirmIdentity`. The name must be ASCII alphanumeric, punctuation or space characters: `` /^[-!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~a-zA-Z0-9 ]{3,64}$/ `` (additionally, trailing spaces and double spaces are forbidden, as a phishing countermeasure). If the name is already used, the call will fail.
+1. 4 different member accounts must certify the account using `cert.addCert`.
+1. The distance evaluation must be requested for the pending identity using `distance.requestDistanceEvaluation`.
+1. 3 distance sessions later, if the distance rule is respected, identity is validated automatically.
+
+## Change key
+
+A member can request a key change via the `identity.change_onwner_key` call. It needs the following SCALE encoded (see SCALE encoding section below) payload:
+
+- The new owner key payload prefix (rust definition: `b"icok"`)
+- the genesis block hash. (rust type `[u8; 32]` (`H256`))
+- The identity index (rust type `u64`)
+- The old key (rust type `u64`)
+
+This payload must be signed with the new key.
 
 ## Revoke an identity
 
@@ -29,9 +43,20 @@ This feature is useful in case the user has lost their private key since the rev
 
 ### Generate the revocation payload
 
-1. Scale-encode the revocation payload, that is the concatenation of the 32-bits public key and the genesis block hash.
-2. Store this payload and its signature.
+The revocation needs this SCALE encoded (see SCALE encoding section below) payload:
+
+- The revocation payload prefix (rust definition: `b"revo"`)
+- The identity index (rust type `u64`)
+- the genesis block hash. (rust type `[u8; 32]` (`H256`))
+
+This payload must be signed with the corresponding revocation key.
 
 ### Effectively revoke the identity
 
 1. From any origin that can pay the fee, use `identity.revokeIdentity` with the revocation payload.
+
+## SCALE encoding
+
+SCALE codec documentation: https://docs.substrate.io/reference/scale-codec/.
+
+At the end of this documentation you'll find links to SCALE codec implementation for other languages.

docs/dev/beginner-walkthrough.md

@@ -2,7 +2,7 @@
 
 This is a beginner tutorial for those who do not have a previous experience with Rust ecosystem or need guidance to get familiar with Duniter v2s project. You'll need a development machine with an internet connection, at least **20 GB of free storage**, and **an hour or two** depending on your computing power.
 
-This walkthrough is based on the following video (french), don't hesitate to record an english voicecover if you feel so.
+This walkthrough is based on the following video (french), don't hesitate to record an english voiceover if you feel so.
 
 [![preview](https://tube.p2p.legal/lazy-static/previews/654006dc-66c0-4e37-a32f-b7b5a1c13213.jpg)](https://tube.p2p.legal/w/n4TXxQ4SqxzpHPY4TNMXFu)
 
@@ -13,7 +13,7 @@ This walkthrough is based on the following video (french), don't hesitate to rec
 If you are on a debian based system, you can install the required packages with:
 
 ```bash
-sudo apt install cmake pkg-config libssl-dev git build-essential clang libclang-dev curl
+sudo apt install cmake pkg-config libssl-dev git build-essential clang libclang-dev curl protobuf-compiler
 ```
 
 Else, look at the corresponding section in the [system setup documentation](./setup.md).

docs/dev/compilation.md

+# Compilation
+
+Duniter is compiled using the Rust compiler. For a general overview, refer to the [Rustc Dev Guide](https://rustc-dev-guide.rust-lang.org/overview.html).
+
+Substrate and Duniter provide a set of features enabling or disabling parts of the code using conditional compilation. More information on conditional compilation can be found [here](https://doc.rust-lang.org/reference/conditional-compilation.html), or by enabling or disabling compilation of packages. Below is a list of all available features:
+
+## External
+
+- **runtime-benchmarks**: Compiles the runtime with benchmarks for extrinsics benchmarking.
+- **try-runtime**: Compiles the runtime for tests and verifies operations in a simulated environment.
+- **std**: Enables the Rust standard library.
+
+## Duniter
+
+- **gdev**: Sets `gdev-runtime` and `std` used to build the development chain.
+- **gtest**: Sets `gtest-runtime` and `std` used to build the test chain.
+- **g1**: Sets `g1-runtime` and `std` used to build the production chain.
+- **constant-fees**: Uses a constant and predictable weight-to-fee conversion only for testing.
+- **embed**: Enables hardcoded live chainspecs loaded from "../specs/gtest-raw.json" file.
+- **native**: Compiles the runtime into native-platform executable only for debugging purposes.
+
+Note: By default, Duniter will be compiled using the `gdev` feature and including the compilation of the distance oracle. Since the three Duniter chains are mutually exclusive, it is mandatory to disable the default feature to compile `gtest` and `g1` as follows:
+
+- `cargo build --no-default-features --features gtest`
+- `cargo build --no-default-features --features g1`
+- `cargo build --no-default-features -p distance-oracle --features std`