If you still work with release/poka-chainspec-gdev5-pini-docker I think we should rebase on master first. This will allow us to discard unwanted commits such as my changes on the CI variables.
I can do that into another release branch. What do you think?
EDIT: I just did that. Actually the only relevant difference between master and release/poka-chainspec-gdev5-pini-docker is the chain-spec. All other commits - but my erroneous ones - were merged into master.
Talking about chain-spec, I thing the release process should be something like:
Not sure what you want to achieve but in my opinion the previous chain-spec shouldn’t be cherry-picked as it will be replaced with the new one anyway. master should be the actual branch you want to start from.
The “chainspec” means “runtime at genesis”, so if we want to stay on the same network (ĞDev5), we have to keep the same genesis. We could still publish runtime upgrade later on, but we can not rewrite the history of blockchain without launching a new network, and this is not the moment yet. My whish is that the next network is a ĞTest network (and that we keep the ĞDev network at the same time).
It depends whether we want to set the mirror or validator node in the bootnodes. I just asked the question here, if you have the answer, you can answer ^^
Note that I set both my validator (gdev.trentesaux.fr and my mirror archive node gdev.coinduf.eu). You could do the same.
I think we don’t care about reverse proxy, libp2p do the job throw.
For instance, my 2 nodes are under a pfsense firewall. I didn’t do any NAT rule for these nodes, I didn’t configure any reverse proxy for my validator node, and yet the latter is accessible by other nodes. libp2p is magic for me…
$ nmap -p 30333-30334 gdev.p2p.legal
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-07 21:24 CET
Nmap scan report for gdev.p2p.legal (126.96.36.199)
Host is up (0.019s latency).
rDNS record for 188.8.131.52: 163-172-105-161.rev.poneytelecom.eu
PORT STATE SERVICE
30333/tcp filtered unknown
30334/tcp open unknown
I don’t say it needs to. I say that on my server I chose to do so. And I see no reason for avoiding this setup.
Why? I would say the opposite actually. Because validator nodes should have less exposure as I understand it.
I would say that as well. I fail to see any reason why it should matter.