Add new Client Gateway (#109)

* Add new Client Gateway

* Update running_locally.md

* Update chain_info.md

* Add MEDIA_URL to cfg.env, update README example versions

container_env_files/cfg.env

@@ -40,3 +40,5 @@ CGW_URL=http://nginx:8000/cgw
 CGW_FLUSH_TOKEN=some_random_token
 
 CSRF_TRUSTED_ORIGINS="http://localhost:8000"
+
+MEDIA_URL = "http://localhost:8000/cfg/media/"

container_env_files/cgw.env

@@ -1,25 +1,32 @@
-# More detailed description of the available values can be found:
-# https://github.com/gnosis/safe-client-gateway/blob/main/.env.sample
-CONFIG_SERVICE_URI=http://nginx:8000/cfg
+# HTTP
+HTTP_CLIENT_REQUEST_TIMEOUT_MILLISECONDS=60000
 
-FEATURE_FLAG_NESTED_DECODING=true
+# Config Service
+# The base url for the Safe Config Service
+SAFE_CONFIG_BASE_URI=http://nginx:8000/cfg
 
-SCHEME=http
-ROCKET_SECRET_KEY=tVqiPxyM9RPkTbcrciV6ZcIzvssv+kF9YvfPy/CBjBM=
-ROCKET_LOG_LEVEL=normal
-ROCKET_PORT=3666
-ROCKET_ADDRESS=0.0.0.0
-WEBHOOK_TOKEN=some_random_token
-RUST_LOG=debug
-LOG_ALL_ERROR_RESPONSES=true
+# Exchange Rates
+# The base Exchange Rate API to be used.
+EXCHANGE_API_BASE_URI=http://api.exchangeratesapi.io/v1
+EXCHANGE_API_KEY=your_exchange_rate_api_token
 
-INTERNAL_CLIENT_CONNECT_TIMEOUT=10000
-SAFE_APP_INFO_REQUEST_TIMEOUT=10000
-CHAIN_INFO_REQUEST_TIMEOUT=15000
+# Redis
+# The host name of where the Redis instance is running
+REDIS_HOST=cgw-redis
+# The default port of where the Redis instance is running (default=6379)
+# REDIS_PORT=
 
+# Cache Expiration Times
+# The default cache expiration time in seconds if none is set (default=60)
+# EXPIRATION_TIME_DEFAULT_SECONDS
+# DEFAULT_NOT_FOUND_EXPIRE_TIME_SECONDS=
+# CONTRACT_NOT_FOUND_EXPIRE_TIME_SECONDS=
+# TOKEN_NOT_FOUND_EXPIRE_TIME_SECONDS=
 
-REDIS_URI=redis://cgw-redis
-REDIS_URI_MAINNET=redis://cgw-redis
+# Privileged endpoints authorization token
+# The AUTH_TOKEN should always be set
+AUTH_TOKEN=your_privileged_endpoints_token
 
-EXCHANGE_API_BASE_URI=http://api.exchangeratesapi.io/latest
-EXCHANGE_API_KEY=your_exchange_rate_api_token
+# Log level
+LOG_LEVEL=info
+# LOG_SILENT=true

docker-compose.yml

@@ -1,4 +1,4 @@
-version: '3.8'
+version: "3.8"
 
 volumes:
   nginx-shared-txs:
@@ -19,7 +19,6 @@ x-healthcheck-redis-template: &redishealthcheck
     retries: 3
 
 services:
-
   # Common nginx and database
   nginx:
     image: nginx:alpine
@@ -138,7 +137,7 @@ services:
     <<: *redishealthcheck
 
   cgw-web:
-    image: safeglobal/safe-client-gateway:${CGW_VERSION}
+    image: safeglobal/safe-client-gateway-nest:${CGW_VERSION}
     env_file:
       - container_env_files/cgw.env
     depends_on:

docker/nginx/nginx.conf

@@ -44,7 +44,7 @@ http {
     ## Client gateway
     upstream cgw_app_server {
       ip_hash;  # For load-balancing
-      server cgw-web:3666 fail_timeout=0;
+      server cgw-web:3000 fail_timeout=0;
       #
       # fail_timeout=0 means we always retry an upstream even if it failed
       # to return a good HTTP response

docs/README.md

@@ -1,4 +1,5 @@
 # Safe Infrastructure
+
 ![Safe Infrastructure Diagram](https://user-images.githubusercontent.com/6909403/231760296-afaa126c-db04-4f62-b996-c53b1d884247.png)
 
 - **Tx Service** is the core of the Safe. It indexes multisig transactions, module transactions, token transfers, collects signatures... There must be **1 Tx Service per Chain**, with different workers, PostgreSQL, Redis and RabbitMQ.
@@ -11,8 +12,8 @@ This repository contains the minimum viable local setup for our backend services
 The setup presented here, assumes that only L2 safes will be used. Last stable version will be used for every service, but you can adjust them on `.env`, e.g.:
 
 ```bash
-CFG_VERSION=v2.26.0
-CGW_VERSION=v3.29.0
+CFG_VERSION=v2.60.0
+CGW_VERSION=v0.4.1
 TXS_VERSION=v4.6.1
 UI_VERSION=v1.2.0
 ```

docs/chain_info.md

@@ -4,25 +4,25 @@
 
 The Chain object represents metadata specific to a chain. Its metadata is crucial to not only have a the correct information displayed to the users (chain name, chain logo, native currency, etc...) but also to communicate with the correct instance of the Safe Transaction Service (Transaction Service URI and VPC Transaction Service URI)
 
-The Chain object also contains data which is used specifically in the context of the Safe Web App and the Safe Mobile apps. This data is used mostly for rendering purposes like currency logo, background colours, etc. This data is required but affect only the visual components of the client application. 
+The Chain object also contains data which is used specifically in the context of the Safe Web App and the Safe Mobile apps. This data is used mostly for rendering purposes like currency logo, background colors, etc. This data is required but affect only the visual components of the client application.
 
 And lastly, the Chain object also contains URL templates that indicate the frontend apps how to parse and compose URLs to block explorers. This will be discussed in more detail later on.
 
-At any point, if you see a value that you are unsure how to supply, just look at what's available in [production](https://safe-config.safe.global/api/v1/chains/) and change the values as you see fit.  
+At any point, if you see a value that you are unsure how to supply, just look at what's available in [production](https://safe-config.safe.global/api/v1/chains/) and change the values as you see fit.
 
 These values are meant to be provided in the admin panel `http://localhost:8000/cfg/admin` of the Safe Config Service (CFG)
 
 ## Connecting the Safe Client Gateway (CGW) to the Safe Transaction Service (TXS)
 
-The CGW can forward requests to many independently running TXS instances pointing to different chains. The CFG has to keep a registry of every available instance of the TXS. 
+The CGW can forward requests to many independently running TXS instances pointing to different chains. The CFG has to keep a registry of every available instance of the TXS.
 
 In order to achieve this, the CFG has 2 fields:
 
 - `vpc_transaction_service`
 - `transaction_service`
 
-These two fields are required, because in a production setup, you would have your services potentically located in the same Virtual Private Cloud (VPC) setup. Then you could go as far as making the TXS private and hide it from requests coming from outside your cluster. 
-Should this be the case, you can set the value to `false` of [this](https://github.com/gnosis/safe-client-gateway/blob/6e3fa0d5770d185bb0cbe27185d6b33641143b2e/.env.sample#L37) env var in your CGW `.env` [file](../container_env_files/cgw.env). 
+These two fields are required, because in a production setup, you would have your services potentically located in the same Virtual Private Cloud (VPC) setup. Then you could go as far as making the TXS private and hide it from requests coming from outside your cluster.
+Should this be the case, you can set the value to `false` of [this](https://github.com/gnosis/safe-client-gateway/blob/6e3fa0d5770d185bb0cbe27185d6b33641143b2e/.env.sample#L37) env var in your CGW `.env` [file](../container_env_files/cgw.env).
 For the purpose of this guide we will simply set these values to the same value:
 
 ```javascript
@@ -31,18 +31,19 @@ For the purpose of this guide we will simply set these values to the same value:
     "vpc_transaction_service" : "http://nginx:8000/txs",
     "transaction_service" : "http://nginx:8000/txs",
     // ...
-} 
+}
 ```
+
 ## Block explorer URL templates
 
-For the web app to be able to render links correctly you need to supply URLs with templates that the web app will eventually use to build links to block explorers. For the sake of this guide, we will share the values for Etherscan Rinkeby:
+For the web app to be able to render links correctly you need to supply URLs with templates that the web app will eventually use to build links to block explorers. For the sake of this guide, we will share the values for Etherscan Goerli:
 
 ```javascript
 {
     // ...
-    "address": "https://rinkeby.etherscan.io/address/{{address}}",
-    "txHash": "https://rinkeby.etherscan.io/tx/{{txHash}}",
-    "api": "https://api-rinkeby.etherscan.io/api?module={{module}}&action={{action}}&address={{address}}&apiKey={{apiKey}}"
+    "address": "https://goerli.etherscan.io/address/{{address}}",
+    "txHash": "https://goerli.etherscan.io/tx/{{txHash}}",
+    "api": "https://api-goerli.etherscan.io/api?module={{module}}&action={{action}}&address={{address}}&apiKey={{apiKey}}"
     // ...
 }
 ```

docs/running_locally.md

@@ -5,7 +5,6 @@
 - `docker compose` (installation [guide](https://docs.docker.com/compose/install/))
 - [Brief Docker Crash Course](docker_cheatsheet.md)
 
-
 ## Step 1: setup your `.env`
 
 We recommend using what is available in the `.env.sample` file:
@@ -23,14 +22,18 @@ By default, last stable version will be used for every service.
 ## Step 2: Setup Django superusers
 
 ### Option #1 - Automated way
+
 We provide a script to automate this second step, if you want to use it, simply write:
+
 ```
 cd scripts
 sh run_locally.sh
 ```
 
 ### Option #2 - Manual way
+
 Start Docker containers:
+
 ```bash
 docker compose up
 ```
@@ -75,18 +78,19 @@ CGW_URL=http://nginx:8000/cgw
 CGW_FLUSH_TOKEN=some_random_token
 
 # Inside the file "container_env_files/cgw.env"
-WEBHOOK_TOKEN=some_random_token
+AUTH_TOKEN=some_random_token
 ```
 
-`WEBHOOK_TOKEN` and `CGW_FLUSH_TOKEN` must be the same.
+`AUTH_TOKEN` and `CGW_FLUSH_TOKEN` must be the same.
 
 For the Transactions service, follow these steps:
- - Access the admin panel at `http://localhost:8000/txs/admin`
- - click the `Add` link for `Web hooks`
- - Ignore the `Address` field
- - Set the `Url` field to `http://nginx:8000/cgw/v1/chains/{chainId}/hooks/events` and replace `{chainId}` with the corresponding chainId
- - Set the `Authorization` field to `Basic <WEBHOOK_TOKEN>`, where `<WEBHOOK_TOKEN>` corresponds to the value of `WEBHOOK_TOKEN` in the `container_env_files/cgw.env` file of this repository
- - Optionally: Add the Safe Master Copy of your network at `http://localhost:8000/txs/admin/history/safemastercopy`, where `version` corresponds to the version of your deployed Safe Master Copy. Check L2 if it concerns the Safe L2 version. This is required for chains that were not added to [safe-eth-py](https://github.com/safe-global/safe-eth-py/blob/master/gnosis/safe/addresses.py)
+
+- Access the admin panel at `http://localhost:8000/txs/admin`
+- click the `Add` link for `Web hooks`
+- Ignore the `Address` field
+- Set the `Url` field to `http://nginx:8000/cgw/v1/chains/{chainId}/hooks/events` and replace `{chainId}` with the corresponding chainId
+- Set the `Authorization` field to `Basic <AUTH_TOKEN>`, where `<AUTH_TOKEN>` corresponds to the value of `AUTH_TOKEN` in the `container_env_files/cgw.env` file of this repository
+- Optionally: Add the Safe Master Copy of your network at `http://localhost:8000/txs/admin/history/safemastercopy`, where `version` corresponds to the version of your deployed Safe Master Copy. Check L2 if it concerns the Safe L2 version. This is required for chains that were not added to [safe-eth-py](https://github.com/safe-global/safe-eth-py/blob/master/gnosis/safe/addresses.py)
 
 # Safe Web App
 
@@ -97,4 +101,3 @@ To configure the port in which the Safe Web app will be reachable, look into our
 Add your `NEXT_PUBLIC_INFURA_TOKEN` value if its required for the chain RCP uri in the [container_env_files/ui.env](../container_env_files/ui.env) file.
 
 Additionally, the Safe Web app itself, defines which instance of the Safe CGW to use in this [container_env_files/ui.env](../container_env_files/ui.env) file. The value of `NEXT_PUBLIC_GATEWAY_URL_PRODUCTION` defines the URL where the Safe CGW can be reached. The default in this repo, points to the instance running as part of the `docker-compose.yml` file, but can be adjusted to point to our production instances, or your own hosted instance.
-