fix:refine op-besu doc

Signed-off-by: Chen Kai <[email protected]>
optimism-java · Aug 21, 2024 · e519df2 · e519df2
1 parent 434220c
commit e519df2
Show file tree

Hide file tree

Showing 5 changed files with 132 additions and 27 deletions.
diff --git a/docs/hildr-docs/index.md b/docs/hildr-docs/index.md
@@ -5,8 +5,10 @@ image: /img/socialCards/hildr.jpg
 
 # Hildr
 
-Hildr is an OP Stack rollup client written in Java 21. And follow the [spec](https://github.com/ethereum-optimism/optimism/blob/develop/specs/rollup-node.md):
+Hildr is an OP Stack Rollup Node written in Java 21. You can check out the [architecture](https://docs.optimism.io/builders/node-operators/architecture) of OP Stack, hildr is the equivalent of op-node.
 
-[Magi](https://github.com/a16z/magi)
+:::note
 
-[Op-node](https://github.com/ethereum-optimism/optimism/tree/develop/op-node)
+Running a sequencer node is currently not possible and there is no option to vote on blocks as part of the consensus mechanism or fork-choice like on Ethereum.
+
+:::
diff --git a/docs/hildr-docs/run-a-node/use_jar.md b/docs/hildr-docs/run-a-node/use_jar.md
@@ -4,11 +4,15 @@ import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
 
 ## Prerequisites
 
-[Java JDK 21+](https://www.oracle.com/java/technologies/downloads/)
+Download and install the [Java JDK 21+](https://www.oracle.com/java/technologies/downloads/).
 
-## Download the Hildr jar
+## Step1. Download the Hildr jar
 
-Download the [Hildr jar](https://github.com/optimism-java/hildr/releases).
+Download the [Hildr jar](https://github.com/optimism-java/hildr/releases) from Github.
+
+```shell
+wget https://github.com/optimism-java/hildr/releases/download/v0.4.4/hildr-node.jar
+```
 
 ## Start a Hildr node
 

diff --git a/docs/op-besu-docs/index.md b/docs/op-besu-docs/index.md
@@ -1,3 +1,4 @@
-# Op-Besu
+# Op-besu
+
+[Op-besu](https://github.com/optimism-java/op-besu) is a fork of [Besu](https://github.com/hyperledger/besu) that implement the [execution engine](https://github.com/ethereum-optimism/specs/blob/main/specs/fjord/exec-engine.md) of [OP stack](https://stack.optimism.io/). You can check out the [architecture](https://docs.optimism.io/builders/node-operators/architecture) of OP Stack, op-besu is the equivalent of op-geth.
 
-[Op-Besu](https://github.com/optimism-java/op-besu) is a fork of [Besu](https://github.com/hyperledger/besu) that supports the [execution engine](https://github.com/ethereum-optimism/specs/blob/main/specs/fjord/exec-engine.md) of [OP stack](https://stack.optimism.io/).
diff --git a/docs/op-besu-docs/run-a-node/use_binaries.md b/docs/op-besu-docs/run-a-node/use_binaries.md
@@ -2,32 +2,67 @@ import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
 
 # Use the packaged binaries
 
-You can install the Op-besu or Op-geth client to run a Optimism EL node from a binary distribution.
-
 ## Prerequisites
 
-[Java JDK 21+](https://www.oracle.com/java/technologies/downloads/)
+Download and install the [Java JDK 21+](https://www.oracle.com/java/technologies/downloads/)
 
 ## Install from packaged binaries
 
 Download the Op Besu [packaged binaries](https://github.com/optimism-java/op-besu/releases).
 
-Unpack the downloaded files and change into the `op-besu-<release>` directory.
+```shell
+wget https://github.com/optimism-java/op-besu/releases/download/v0.1.0/op-besu-v0.1.0.tar.gz
+```
+Unpack the downloaded file into the `op-besu-<release>` directory.
+
+```shell
+tar -xvf op-besu-v0.1.0.tar.gz
+```
+
+## Create a JWT Secret
+
+You can check the [JWT secret creation tutorial](https://docs.optimism.io/builders/node-operators/tutorials/testnet#create-a-jwt-secret)
+to learn how to create a JWT secret.
+
+```shell
+openssl rand -hex 32 > jwt.txt
+```
+
+## Navigate to your op-besu directory
+
+Find the directory where you built the `op-besu` binary.
+
+```shell
+cd op-besu-v0.1.0
+```
+
+## Copy in the JWT secret
 
-## Run a Op-Besu node
+Copy the JWT secret you generated in a previous step into the `op-besu` directory.
+
+```bash
+cp /path/to/jwt.txt .
+```
+
+## Prepare the data directory
+
+```bash
+mkdir datadir 
+```
+
+## Run an op-besu node
 
 <Tabs>
   <TabItem value="op sepolia" label="op sepolia" default>
 
     ```shell
-    cd op-besu-<release> && \
     ./bin/besu \
     --network=OP_SEPOLIA \
     --p2p-enabled=false \
     --discovery-enabled=false \
-    --data-path=<your data dir> \
+    --data-path=datadir \
     --engine-rpc-enabled \
-    --engine-jwt-secret=<jwt secret file> \
+    --engine-jwt-secret=./jwt.txt \
     --rpc-http-enabled \
     --host-allowlist=* \
     --engine-host-allowlist=* \
@@ -38,16 +73,17 @@ Unpack the downloaded files and change into the `op-besu-<release>` directory.
 </TabItem>
 
 <TabItem value="devnet or other" label="devnet or other">
+You can check how to generate a devnet genesis file [here](https://docs.optimism.io/builders/chain-operators/deploy/genesis).
+Also you could use the [optimism devnet tool](https://github.com/ethpandaops/optimism-package).
 
     ```shell
-    cd op-besu-<release> && \
     ./bin/besu \
     --genesis-file=<devnet genesis file> \
     --p2p-enabled=false \
     --discovery-enabled=false \
-    --data-path=<your data dir> \
+    --data-path=datadir \
     --engine-rpc-enabled \
-    --engine-jwt-secret=<jwt secret file> \
+    --engine-jwt-secret=./jwt.txt \
     --rpc-http-enabled \
     --host-allowlist=* \
     --engine-host-allowlist=* \
@@ -58,3 +94,13 @@ Unpack the downloaded files and change into the `op-besu-<release>` directory.
     </TabItem>
 
 </Tabs>
+
+:::danger Warning
+
+The following settings are a security risk in production environments:
+
+- Enabling the HTTP JSON-RPC service (`--rpc-http-enabled`) and setting `--rpc-http-host` to 0.0.0.0 exposes the RPC connection on your node to any remote connection.
+- Setting `--host-allowlist` to `"*"` allows JSON-RPC API access from any host.
+- Setting `--rpc-http-cors-origins` to `"all"` or `"*"` allows cross-origin resource sharing (CORS) access from any domain.
+
+:::
diff --git a/docs/op-besu-docs/run-a-node/use_docker.md b/docs/op-besu-docs/run-a-node/use_docker.md
@@ -1,30 +1,82 @@
 import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
 
-# Use docker
-
-You can use Docker to run [Op-Besu](https://github.com/optimism-java/op-besu) or [Op-Geth](https://github.com/ethereum-optimism/op-geth) as a Optimism EL node on the testnets.
-
 ## Prerequisites
 
-Download and install [Docker](https://www.docker.com/products/docker-desktop).
+Download and install [Docker](https://docs.docker.com/get-started/get-docker/).
 
 ## Pull docker image
 
 ```shell
-docker pull docker pull ghcr.io/optimism-java/op-besu:latest
+docker pull ghcr.io/optimism-java/op-besu:latest
+```
+
+## Create a JWT Secret
+
+You can check the [JWT secret creation tutorial](https://docs.optimism.io/builders/node-operators/tutorials/testnet#create-a-jwt-secret)
+to learn how to create a JWT secret.
+
+```shell
+openssl rand -hex 32 > jwt.txt
+```
+
+## Prepare the data directory
+
+```bash
+mkdir datadir 
 ```
 
 ## Start a Op-Besu node
 
 <Tabs>
   <TabItem value="op sepolia" label="op sepolia" default>
-`shell docker run -it -p 8545:8545 -p 8551:8551 -v <you jwt secret>:/jwt/jwtsecret \ ghcr.io/optimism-java/op-besu:latest -- \ --network=OP_SEPOLIA \ --p2p-enabled=false \ --discovery-enabled=false \ --data-path="/data/" \ --engine-rpc-enabled \ --engine-jwt-secret="/jwt/jwtsecret" \ --rpc-http-enabled \ --host-allowlist="*" \ --engine-host-allowlist="*" \ --logging=INFO \ --version-compatibility-protection=false `
+
+```shell 
+docker run -it -p 8545:8545 -p 8551:8551 -v ./jwt.txt:/jwt/jwtsecret \
+-v ./datadir:/data/ \
+ghcr.io/optimism-java/op-besu:latest \
+--network=OP_SEPOLIA \
+--p2p-enabled=false \
+--discovery-enabled=false \
+--data-path="/data/" \
+--engine-rpc-enabled \
+--engine-jwt-secret="/jwt/jwtsecret" \
+--rpc-http-enabled \
+--host-allowlist="*" \
+--engine-host-allowlist="*" \
+--logging=INFO \
+--version-compatibility-protection=false
+``` 
 
 </TabItem>
 
 <TabItem value="devnet or other" label="devnet or other">
 
-`shell docker run -it -p 8545:8545 -p 8551:8551 -v <you jwt secret>:/jwt/jwtsecret \ ghcr.io/optimism-java/op-besu:latest -- \ --genesis-file=<devnet genesis file> \ --p2p-enabled=false \ --discovery-enabled=false \ --data-path="/data/" \ --engine-rpc-enabled \ --engine-jwt-secret="/jwt/jwtsecret" \ --rpc-http-enabled \ --host-allowlist="*" \ --engine-host-allowlist="*" \ --logging=INFO \ --version-compatibility-protection=false `
+```shell 
+docker run -it -p 8545:8545 -p 8551:8551 -v ./jwt.txt:/jwt/jwtsecret \
+-v ./datadir:/data/ \
+ghcr.io/optimism-java/op-besu:latest \
+--genesis-file=<devnet genesis file> \
+--p2p-enabled=false \
+--discovery-enabled=false \
+--data-path="/data/" \
+--engine-rpc-enabled \
+--engine-jwt-secret="/jwt/jwtsecret" \
+--rpc-http-enabled \
+--host-allowlist="*" \
+--engine-host-allowlist="*" \
+--logging=INFO \
+--version-compatibility-protection=false
+```
 
 </TabItem>
 </Tabs>
+
+:::danger Warning
+
+The following settings are a security risk in production environments:
+
+- Enabling the HTTP JSON-RPC service (`--rpc-http-enabled`) and setting `--rpc-http-host` to 0.0.0.0 exposes the RPC connection on your node to any remote connection.
+- Setting `--host-allowlist` to `"*"` allows JSON-RPC API access from any host.
+- Setting `--rpc-http-cors-origins` to `"all"` or `"*"` allows cross-origin resource sharing (CORS) access from any domain.
+
+:::