Kayos
d5fbec496f
Access control hierarchy:
- Anonymous (free): db-sync read-only ONLY, no node access
- Standard (≥50 TRP): db-sync + node read (UTxOs, protocol-params)
- Elevated (≥500 TRP): everything + tx submit
- Master: unrestricted
Node endpoints now return HTTP 403 for insufficient tier:
- GET /v1/address/{addr}/utxos → requires standard+
- GET /v1/protocol-params → requires standard+
- POST /v1/tx/submit → requires elevated+ (403 for standard/anonymous)
Added require_standard_tier and require_elevated_tier dependencies.
35 lines
1.1 KiB
Docker
35 lines
1.1 KiB
Docker
FROM python:3.12-slim
|
|
|
|
# Install dependencies for cardano-cli
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
curl \
|
|
ca-certificates \
|
|
libsodium23 \
|
|
libnuma1 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Download and install cardano-cli
|
|
# Using the official release from cardano-node 10.4.1 (compatible with current network)
|
|
ARG CARDANO_CLI_VERSION=10.4.1
|
|
RUN curl -L "https://github.com/IntersectMBO/cardano-node/releases/download/${CARDANO_CLI_VERSION}/cardano-node-${CARDANO_CLI_VERSION}-linux.tar.gz" \
|
|
-o /tmp/cardano-node.tar.gz && \
|
|
mkdir -p /tmp/cardano && \
|
|
tar -xzf /tmp/cardano-node.tar.gz -C /tmp/cardano && \
|
|
cp /tmp/cardano/bin/cardano-cli /usr/local/bin/ && \
|
|
chmod +x /usr/local/bin/cardano-cli && \
|
|
rm -rf /tmp/cardano /tmp/cardano-node.tar.gz
|
|
|
|
# Verify cardano-cli installation
|
|
RUN cardano-cli --version
|
|
|
|
WORKDIR /app
|
|
|
|
# Install Python dependencies
|
|
COPY requirements.txt .
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
# Copy application
|
|
COPY . .
|
|
|
|
# Run with uvicorn
|
|
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8765", "--workers", "2"]
|