docs: view digital ocean deployment guide

[MicBun]

resolves: https://github.com/trufnetwork/truf-network/issues/1299

Summary by CodeRabbit

• Documentation
  • Added comprehensive Digital Ocean deployment guide covering node setup, firewall configuration, DNS management, and security best practices with step-by-step instructions and troubleshooting.

[holdex]

Time Submission Status

Member	Status	Time	Action	Last Update
MicBun	✅ Submitted	5h	Update time	Oct 28, 2025, 12:11 PM
@outerlook	❌ Missing	-	⚠️ Submit time	-

[coderabbitai]

Walkthrough

A comprehensive Digital Ocean deployment guide for TRUF.NETWORK nodes is added, covering firewall configuration, DNS setup, connectivity validation, security best practices, and troubleshooting steps.

Changes

Cohort / File(s)	Change Summary
Documentation docs/digitalocean-deployment-guide.md	New deployment guide providing step-by-step instructions for setting up TRUF.NETWORK nodes on Digital Ocean, including networking prerequisites, firewall rules, port exposure details, DNS configuration, SDK usage examples, security hardening, and troubleshooting guidance.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• Verify technical accuracy of firewall and DNS configuration steps
• Confirm port requirements and security recommendations align with current node specifications
• Validate SDK usage examples for TypeScript and Go
• Review clarity and completeness of troubleshooting section for end-user usability

Suggested reviewers

• outerlook

Poem

🐰 A guide for nodes on clouds so blue,
With firewalls strong and DNS true,
From ports to pings, we've got it all—
Deploy with ease, heed the call!
✨ Happy hopping through the cloud!

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "docs: view digital ocean deployment guide" directly references the main change in the changeset, which is the addition of a comprehensive Digital Ocean deployment guide documentation. The title is concise, clear, and specific enough that a teammate scanning the repository history would immediately understand this PR introduces Digital Ocean deployment documentation for TRUF.NETWORK nodes. While the verb "view" is slightly informal compared to more typical verbs like "add" or "create," it does not create ambiguity or mislead about the content of the change. The "docs:" prefix appropriately indicates this is a documentation-only change, which aligns with the PR's label and the summary showing no code modifications or public API changes.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch digitalOceanGuide

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (5)

docs/digitalocean-deployment-guide.md (5)

162-170: Add language specifications to fenced code blocks for proper rendering.

Specifying a language allows editors and converters to properly syntax highlight the embedded code, and even for plain text, it's preferable to use 'text' as the language identifier.

Apply this diff to add language specifications:

 Once you have your public IP address, your node endpoint follows this format:
 
-```
+```text
 http://YOUR_DROPLET_IP:8484

---

`167-170`: **Add language specification to endpoint example code block.**

Apply this diff:

```diff
 **Example:**
 If your Droplet's public IP is `203.0.113.45`, your endpoint is:
-```
+```text
 http://203.0.113.45:8484

---

`258-262`: **Add language specification to nameserver configuration code block.**

Apply this diff:

```diff
 2. Change nameservers to Digital Ocean's:
-   ```
+   ```text
    ns1.digitalocean.com
    ns2.digitalocean.com
    ns3.digitalocean.com
    ```

---

296-303: Add language specifications to domain endpoint code blocks.

Apply these diffs:

 With DNS configured, your endpoint becomes:
 
-```
+```text
 http://your-domain.com:8484

Or for a subdomain:
- +text
http://node.your-domain.com:8484

---

46-50: Reduce repetitive phrasing in bullet point list.

Lines 46–50 all begin with "- **Port...", which creates a repetitive rhythm. Consider restructuring one or two bullets for better readability:

 > **Important Notes:**
-> - **Port 6600**: Enables two-way P2P communication. Your node can sync without this (via outbound connections), but opening it helps network health by accepting incoming peer connections.
-> - **Port 8484**: Required if you want users/applications to query data from your node.
-> - **Port 8000**: Only needed for MCP/AI integration (like Claude Code).
-> - **Port 5432**: Should ONLY bind to localhost (127.0.0.1). Never allow external access.
+> - **Port 6600** enables two-way P2P communication. Your node can sync without this (via outbound connections), but opening it helps network health by accepting incoming peer connections.
+> - **Port 8484** is required if you want users/applications to query data from your node.
+> - **Port 8000** is only needed for MCP/AI integration (like Claude Code).
+> - **Port 5432** should ONLY bind to localhost (127.0.0.1). Never allow external access.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dfbd3ea and 6f2dd1a.

📒 Files selected for processing (2)

• README.md (1 hunks)
• docs/digitalocean-deployment-guide.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/digitalocean-deployment-guide.md

[style] ~50-~50: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...I integration (like Claude Code). > - Port 5432: Should ONLY bind to localhost (...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🪛 markdownlint-cli2 (0.18.1)

docs/digitalocean-deployment-guide.md

162-162: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

168-168: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

258-258: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

296-296: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

301-301: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: acceptance-test

🔇 Additional comments (2)

docs/digitalocean-deployment-guide.md (1)

1-30: Comprehensive and well-structured deployment guide.

The guide provides excellent coverage of Digital Ocean-specific setup with clear sections, multiple configuration options (new firewall vs. existing), detailed verification steps, and strong security practices. The progression from firewall setup → public IP discovery → endpoint construction → testing is logical and easy to follow.

Please verify:

1. Internal documentation links referenced (e.g., Line 7: ./node-operator-guide.md, Line 567: ./node-operator-guide.md#cache-extension-tn_cache, Line 571-572: comparison and deployment options docs) exist in the repository.
2. The TypeScript SDK example (Lines 311–334) and Go SDK example (Lines 338–366) match current API signatures in @trufnetwork/sdk-js and github.com/trufnetwork/sdk-go.

README.md (1)

27-32: Well-integrated new section with clear cloud-provider guidance.

The "Cloud-Specific Endpoint Configuration" section appropriately bridges deployment methods with endpoint exposure concerns. The description clearly sets user expectations, and the links to both Digital Ocean and AWS guidance ensure platform-specific support is discoverable.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (1)

docs/digitalocean-deployment-guide.md (1)

46-50: Reduce repetitive opening words in bullet list.

Three successive bullets begin with "Port," which can be slightly awkward. Consider restructuring for variety.

Apply this diff:

 > **Important Notes:**
-> - **Port 6600**: Enables two-way P2P communication. Your node can sync without this (via outbound connections), but opening it helps network health by accepting incoming peer connections.
-> - **Port 8484**: Required if you want users/applications to query data from your node.
-> - **Port 8000**: Only needed for MCP/AI integration (like Claude Code).
-> - **Port 5432**: Should ONLY bind to localhost (127.0.0.1). Never allow external access.
+> **Important Notes:**
+> - **Port 6600** (P2P): Enables two-way P2P communication. Your node can sync without this (via outbound connections), but opening it helps network health by accepting incoming peer connections.
+> - **Port 8484** (RPC): Required if you want users/applications to query data from your node.
+> - **Port 8000** (MCP): Only needed for MCP/AI integration (like Claude Code).
+> - **PostgreSQL (5432)**: Should ONLY bind to localhost (127.0.0.1). Never allow external access.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6f2dd1a and 80ffb96.

📒 Files selected for processing (1)

• docs/digitalocean-deployment-guide.md (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/digitalocean-deployment-guide.md

[style] ~50-~50: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...I integration (like Claude Code). > - Port 5432: Should ONLY bind to localhost (...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🪛 markdownlint-cli2 (0.18.1)

docs/digitalocean-deployment-guide.md

162-162: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

168-168: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

258-258: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

296-296: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

301-301: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: acceptance-test

🔇 Additional comments (5)

docs/digitalocean-deployment-guide.md (5)

336-366: Verify Go SDK examples match current package and API.

The Go SDK import paths and client initialization should be validated against the latest sdk-go release to ensure the code examples are current and compile correctly.

Please verify:

• Are the import paths (github.com/trufnetwork/sdk-go/...) correct and current?
• Is tnclient.NewClient() the correct initialization method?
• Do the method names (LoadComposedActions(), GetRecord()) match the current API?

---

419-419: Verify external documentation link is current.

The link to "Kwil Private RPC documentation" points to docs.kwil.com, which may be a different project than TRUF.NETWORK. Verify this is the intended target and that the link is still accurate.

If this should reference TRUF.NETWORK-specific documentation instead, consider updating the URL to point to the official TRUF.NETWORK docs at docs.truf.network (if available).

---

1-586: Comprehensive structure and security posture—well done.

The guide is thorough, well-organized, and emphasizes critical security practices (especially PostgreSQL isolation, SSH hardening, and RPC private mode). The step-by-step format with multiple options (new firewall vs. existing, Digital Ocean DNS vs. external providers) and clear troubleshooting section will be valuable for node operators. The code examples for SDK integration are a nice touch for practical implementation.

Minor fixes needed: markdown linting (language identifiers in code blocks), link verification, and SDK example validation as noted in previous comments.

---

22-51: Ports and endpoint are correct; verify health response format against kwil-db dependency.

The documented ports (6600, 8484, 8000) and endpoint path (/api/v1/health) are confirmed in the codebase. However, the health response format shown on lines 185–192 requires manual verification against the kwil-db dependency's health endpoint implementation. The sync checker code expects response fields Services.User.Syncing and Services.User.BlockTime, which may serialize differently than the field names shown in the documentation.

---

309-334: TypeScript SDK examples verified as current and accurate.

The @trufnetwork/sdk-js package exists on npm, NodeTNClient is the correct class name, and the method signatures (loadAction(), getRecord()) match the current SDK API. The constructor parameters, type imports (StreamId, EthereumAddress), and usage pattern in the documentation example are all correct and aligned with the official SDK documentation.