diff --git a/docker/Dockerfile b/docker/Dockerfile index 0186625..1d99871 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -14,14 +14,20 @@ SHELL ["/bin/bash", "-exo", "pipefail", "-c"] LABEL name="BitDeals Module" EXPOSE 4999 80 -## Debian update; install dependencies for GPG +## Debian update; install dependencies ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update -y ; \ apt-get upgrade -y ; \ + apt-get -y install --no-install-recommends locales ; \ apt-get -y install --no-install-recommends gpg gpg-agent ; \ + apt-get -y install --no-install-recommends nginx ; \ apt-get clean ; \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +## Generate UTF-8 locales +RUN sed -i '/\.UTF-8/s/^# //g' /etc/locale.gen; \ + locale-gen + ## Add the Module user ARG UNAME ARG UHOME @@ -45,7 +51,7 @@ ARG UHOME ## Install OpenPGP RUN su -l --shell /bin/bash $UNAME -c 'git clone https://github.com/calccrypto/OpenPGP ; \ mkdir OpenPGP/build ; cd OpenPGP/build ; \ - sed -i "s/master/main/" ../contrib/cmake/GoogleTest.txt.in ; \ + sed -i "s/master/v1.12.x/" ../contrib/cmake/GoogleTest.txt.in ; \ cmake -DUSE_OPENSSL=ON -DGPG_COMPATIBLE=ON .. ; \ make' ; \ cd $UHOME/OpenPGP/build/ ; \ @@ -64,12 +70,12 @@ RUN su -l --shell /bin/bash $UNAME -c 'wget https://raw.githubusercontent.com/li chmod +x install.sh' ; \ cd $UHOME ; \ sed -i '/git clone / s/git.*$/while true; do & \&\& break; done/' install.sh ; \ - sed -i '/wget / s/wget.*$/while true; do & \&\& break; done/' install.sh ; \ + sed -i '/$WGET / s/$WGET.*$/while true; do & \&\& break; done/' install.sh ; \ ./install.sh --build-boost --build-zmq --disable-shared ## Install BitDeals module (apostol-dm) RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \ - git clone https://bitbucket.org/bitdeals/apostol-dm.git ; \ + git clone https://git.bitdeals.org/private/apostol-dm.git ; \ cd apostol-dm ; \ ./configure ; \ cd cmake-build-release ; \ @@ -77,27 +83,37 @@ RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \ cd $UHOME/apostol-dm/cmake-build-release ;\ make install +## Download "build" directory from web-dm repository +RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \ + mkdir web-dm ;\ + cd web-dm ;\ + git init ;\ + git remote add -f origin https://git.bitdeals.org/private/web-dm/ ;\ + echo build >> .git/info/sparse-checkout ;\ + git pull origin master' + FROM updated-debian ARG UNAME +ARG UHOME + +ENV UNAME=$UNAME +ENV LC_ALL=ru_RU.UTF-8 COPY --from=development /usr/local/ /usr/local/ COPY --from=development /etc/dm/ /etc/dm/ COPY --from=development /usr/sbin/dm /usr/sbin/dm COPY --from=development /etc/init.d/dm /etc/init.d/dm +COPY --from=development --chown=www-data:www-data $UHOME/web-dm/build /var/www/web +COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals-test.asc /etc/dm/bitdeals-test.asc +#COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals.asc /etc/dm/bitdeals.asc +COPY --from=development $UHOME/apostol-dm/docker/entrypoint.sh /entrypoint.sh +COPY nginx.conf /etc/nginx/sites-enabled/default #dm: error while loading shared libraries: libOpenPGP.so: cannot open shared object file: No such file or directory RUN ldconfig -## Copy BitDeals PGP key -#ADD --chown=$UNAME:$UNAME https://www.example.com/bitdeals.asc /etc/dm/bitdeals.asc -COPY --chown=$UNAME:$UNAME ./bitdeals.asc /etc/dm/bitdeals.asc -COPY --chown=$UNAME:$UNAME ./bitdeals-test.asc /etc/dm/bitdeals-test.asc +RUN chmod 755 /entrypoint.sh -## Copy configuration helper script -#ADD https://bitbucket.org/bitdeals/apostol-dm/raw/master/docker/entrypoint.sh /entrypoint.sh -COPY ./entrypoint.sh /usr/local/bin/entrypoint.sh -RUN chmod 755 /usr/local/bin/entrypoint.sh - -ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] +CMD ["/entrypoint.sh"] diff --git a/docker/README.md b/docker/README.md index 472bdc0..9af2a67 100644 --- a/docker/README.md +++ b/docker/README.md @@ -27,9 +27,9 @@ services: - DM_TESTNET=0 - DM_BITCOIN=
- DM_FEE=<0.1%> - - DM_CLIENT_ID= - - DM_CLIENT_SECRET= - DM_PGP_PASSWORD= + - DM_WEBAUTH=0 + - DM_LC_ALL=en_US.UTF-8 - | DM_PGP_SEC= -----BEGIN PGP PRIVATE KEY BLOCK----- @@ -52,8 +52,8 @@ docker run -d \ -e DM_FEE=0.1% \ -e DM_PGP_SEC="$(gpg2 --armor --export-secret-key Account_URL)" \ -e DM_PGP_PASSWORD= \ - -e DM_CLIENT_ID= \ - -e DM_CLIENT_SECRET= \ + -e DM_WEBAUTH=0 \ + -e DM_LC_ALL=en_US.UTF-8 \ -p 127.0.0.1:4999:4999 \ -p 127.0.0.1:80:80 \ -v ./bitdeals-conf/:/etc/dm \ @@ -69,10 +69,10 @@ Container images are configured using parameters passed at runtime. |-p 80|WebUI port TCP| |-p 4999|Module API port TCP [(API documentation)](https://bitbucket.org/bitdeals/apostol-dm)| |-e DM_TESTNET=|Enable bitcoin testnet mode. Default: `0`| -|-e DM_BITCOIN=|User account bitcoin address. If empty, the initialization script will create and save a new bitcoin key.| +|-e DM_BITCOIN=|User account bitcoin address. Will be created if empty.| |-e DM_FEE=|User fee for created deals. You MUST indicate the sign “%” for a percentage of the deal amount or FIXED value in satoshi. Default: `0.1%`| -|-e DM_PGP_SEC=|Variable with ASCII armored PGP user secret key. If empty, the initialization script will create and save a new PGP key with Account_URL in the key details.| +|-e DM_PGP_SEC=|Variable with ASCII armored PGP user secret key. Will be created if empty (with Account_URL in the key details).| |-e DM_PGP_PASSWORD=|User PGP key password.| -|-e DM_CLIENT_ID=|BitDeals API access credentials (get it on a BitDeals site at User dashboard).| -|-e DM_CLIENT_SECRET=|BitDeals API access credentials (get it on a BitDeals site at User dashboard).| +|-e DM_WEBAUTH=|Enable web user interface authentication.| +|-e DM_LC_ALL=|Set Deal Module locale.| diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh old mode 100644 new mode 100755 index 6b2b8d9..6b282df --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -6,65 +6,88 @@ ## And can generate a Bitcoing and PGP key filies at first start. ## -## Uncomment this to receive the key from keyserver -#BITDEALS_KEY_FPR="7CAB360151502F5A1E14E22BF263C9207A1CC3B3" - -DM_TESTNET=${DM_TESTNET:-0} +DM_TESTNET=${DM_TESTNET:-0} +DM_WEBAUTH=${DM_WEBAUTH:-0} ## Daemon config files -CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf") -OAUTH_CONF_FILE="/etc/dm/oauth2/default.json" -BITDEALS_ASC_FILE="/etc/dm/bitdeals.asc" -BITDEALS_TEST_ASC_FILE="/etc/dm/bitdeals-test.asc" +DM_CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf") +BITDEALS_PGP_FILE="/etc/dm/bitdeals.asc" +BITDEALS_TEST_PGP_FILE="/etc/dm/bitdeals-test.asc" PGP_SEC_FILE="/etc/dm/pgp.sec" BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg" +DM_WEB_CONF_FILE="/var/www/web/config.js" #tput variable for color output export TERM=xterm -## Write a variables to config file -sed -i "/\[main\]/,/\[/ s/.*user=.*/user=module/" $CONF_FILES -sed -i "/\[main\]/,/\[/ s/.*group=.*/group=module/" $CONF_FILES -sed -i "/\[daemon\]/,/\[/ s/.*daemon=.*/daemon=false/" $CONF_FILES -sed -i "/\[server\]/,/\[/ s/.*listen=.*/listen=0.0.0.0/" $CONF_FILES -sed -i "/\[server\]/,/\[/ s/.*port=.*/port=4999/" $CONF_FILES +## Write a default variables to dm config +sed -i -e "/\[main\]/,/\[/ s/.*user=.*/user=$UNAME/" \ + -e "/\[main\]/,/\[/ s/.*group=.*/group=$UNAME/" \ + -e "/\[daemon\]/,/\[/ s/.*daemon=.*/daemon=false/" \ + -e "/\[server\]/,/\[/ s/.*listen=.*/listen=0.0.0.0/" \ + -e "/\[server\]/,/\[/ s/.*port=.*/port=4999/" $DM_CONF_FILES -## Write the PGP keys locations to the config -sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $CONF_FILES -test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true \ - && sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_TEST_ASC_FILE%" $CONF_FILES \ - || sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_ASC_FILE%" $CONF_FILES +## Change dm Website config +sed -i 's/dmHost:.*/dmHost: "http:\/\/127.0.0.1:4999",/' $DM_WEB_CONF_FILE -## Write a user variables to the daemon config files. -## This code removes '/' from user variables to sanitize `sed` code injections. -test -z "$DM_BITCOIN" || sed -i "/\[module\]/,/\[/ s/^address=.*/address=${DM_BITCOIN//\/}/" $CONF_FILES -test -z "$DM_FEE" || sed -i "/\[module\]/,/\[/ s/^#\?fee=.*/fee=${DM_FEE//\/}/" $CONF_FILES -test -z "$DM_PGP_PASSWORD" || sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=${DM_PASSWORD//\/}/" $CONF_FILES -test -z "$DM_CLIENT_ID" || sed -i "/\"web\": {/,/}/ s/\"client_id\".*/\"client_id\": \"${DM_CLIENT_ID//\/}\",/" "$OAUTH_CONF_FILE" -test -z "$DM_CLIENT_SECRET" || sed -i "/\"web\": {/,/}/ s/\"client_secret\".*/\"client_secret\": \"${DM_CLIENT_SECRET//\/}\",/" "$OAUTH_CONF_FILE" -test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=true/" $CONF_FILES - -test -z "$BITDEALS_ASC" || echo "$BITDEALS_ASC" > "$BITDEALS_ASC_FILE" -test -z "$BITDEALS_TEST_ASC" || echo "$BITDEALS_TEST_ASC" > "$BITDEALS_TEST_ASC_FILE" -test -z "$DM_PGP_SEC" || echo "$PGP_SEC" > "$PGP_SEC_FILE" - - -## Get BitDeals PGP key by fingerprint -if ! [ -z $BITDEALS_KEY_FPR ] -then - test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && i="$BITDEALS_TEST_ASC_FILE" || i="$BITDEALS_ASC_FILE" - gpg --keyserver keyserver.ubuntu.com --recv-keys "$BITDEALS_KEY_FPR" && \ - gpg --armor --export "$BITDEALS_KEY_FPR" | tee "$i" - gpgconf --kill all +if [ "$DM_WEBAUTH" = 1 -o "$DM_WEBAUTH" = true ]; then + sed -i 's/confAuthorize:.*/confAuthorize: true,/' $DM_WEB_CONF_FILE +else + sed -i 's/confAuthorize:.*/confAuthorize: false,/' $DM_WEB_CONF_FILE +fi +if [ "$DM_LC_ALL" = "ru_RU.UTF-8" ]; then + sed -i 's/defaultLanguage:.*/defaultLanguage: "ru",/' $DM_WEB_CONF_FILE +else + sed -i 's/defaultLanguage:.*/defaultLanguage: "en",/' $DM_WEB_CONF_FILE fi -## Create new PGP keys. If PGP file is empty. +[ "$DM_LC_ALL" ] && \ + export LC_ALL="$DM_LC_ALL" + +## Write the PGP keys locations to dm config +sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $DM_CONF_FILES + +if [ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ]; then + sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_TEST_PGP_FILE%" $DM_CONF_FILES + else + sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_PGP_FILE%" $DM_CONF_FILES +fi + +## Write a user variables to the daemon config files. +if [ "$DM_BITCOIN" ]; then + sed -i "/\[module\]/,/\[/ s/^address=.*/address=$DM_BITCOIN/" $DM_CONF_FILES +fi +if [ "$DM_FEE" ]; then + sed -i "/\[module\]/,/\[/ s/^#\?fee=.*/fee=$DM_FEE/" $DM_CONF_FILES +fi +if [ "$DM_PGP_PASSWORD" ] ; then + #escaping the '/' in password line + DM_PGP_PASSWORD="$(echo $DM_PGP_PASSWORD | sed 's/\//\\\//g')" + sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=$DM_PASSWORD/" $DM_CONF_FILES +fi +if [ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ]; then + sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=true/" $DM_CONF_FILES +else + sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=false/" $DM_CONF_FILES +fi +if [ "$DM_BITDEALS_PGP" ]; then + echo "$BITDEALS_PGP" > "$BITDEALS_PGP_FILE" +fi +if [ "$DM_BITDEALS_TEST_PGP" ]; then + echo "$BITDEALS_TEST_PGP" > "$BITDEALS_TEST_PGP_FILE" +fi +if [ "$DM_PGP_SEC" ]; then + echo "$DM_PGP_SEC" > "$PGP_SEC_FILE" +fi + +## Create user PGP key if the file is empty if [ ! -e "$PGP_SEC_FILE" ] then - echo -e "\nThe PGP key is empty. Generating new PGP key...\n" - test -z "$DM_ACCOUNT_URL" && { echo -n "Please enter your site URL like https://example.com : " ; read DM_ACCOUNT_URL ;} + [ "$DM_ACCOUNT_URL" ] || \ + { echo -en "\nGenerating new PGP key...\nPlease enter your site URL like https://example.com : " ; \ + read DM_ACCOUNT_URL ;} - #GNUPGHOME="$(mktemp -d)" ;#- works for gpg2 + #GNUPGHOME="$(mktemp -d)" ;# works for gpg2 gpg --faked-system-time $(TZ=UTC date --date=$(date +'%Y-%m-%d') +%s) \ --pinentry-mode loopback --passphrase "$DM_PGP_PASSWORD" \ --batch --gen-key 2>/dev/null <<-EOF @@ -75,30 +98,27 @@ then Subkey-Usage: encr Subkey-Length: 1024 Name-Real: Account_URL - Name-Comment: ${DM_ACCOUNT_URL:-https://example-$RANDOM.com} + Name-Comment: ${DM_ACCOUNT_URL:-https://example-$RANDOM$RANDOM.com} Expire-Date: 0 EOF echo - #tput setaf 7 - #cat $GNUPGHOME/openpgp-revocs.d/*.rev - #cat /root/.gnupg/openpgp-revocs.d/*.rev | sed -e "/^pub/,+2 { s/.*/$(tput sgr0)$(tput bold)&$(tput sgr0)$(tput setaf 7)/; }" - #gpg -k --keyid-format long | grep -A4 -E "^pub" - gpg -k --keyid-format long 2>/dev/null | tail -n5 tput setaf 2 + gpg -k --keyid-format long 2>/dev/null | tail -n5 gpg --armor --export-secret-keys --passphrase "$DM_PGP_PASSWORD" | tee "$PGP_SEC_FILE" tput sgr0 gpgconf --kill all else - echo -e "NOTE:Your PGP key location: $PGP_SEC_FILE" + echo -e "NOTE: Your PGP key location: $PGP_SEC_FILE" fi -## Change PGP keyfiles owner -test -e "$BITDEALS_ASC_FILE" && chown module:module "$BITDEALS_ASC_FILE" -test -e "$PGP_SEC_FILE" && chown module:module "$PGP_SEC_FILE" -test -e "$PGP_SEC_FILE" && chmod 600 "$PGP_SEC_FILE" +## Change PGP keyfile owner +if [ -f "$PGP_SEC_FILE" ]; then + chown $UNAME:$UNAME "$PGP_SEC_FILE" + chmod 600 "$PGP_SEC_FILE" +fi ## Setup testnet settings in libbitcoin-explorer config -test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && \ +[ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ] && \ sed -i -e "/\[wallet\]/,/\[/ s/wif_version? =.*/wif_version = 239/" \ -e "/\[wallet\]/,/\[/ s/hd_public_version =.*/hd_public_version = 70617039/" \ -e "/\[wallet\]/,/\[/ s/hd_secret_version =.*/hd_secret_version = 70615956/" \ @@ -114,14 +134,11 @@ test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && \ -e "/#block_url = tcp:\/\/testnet.libbitcoin.net:19093/ s/^#//" \ -e "/#transaction_url = tcp:\/\/testnet.libbitcoin.net:19094/ s/^#//" "$BX_CONF_FILE" -## Get bitcoin address from the daemon config -DM_BITCOIN_="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $CONF_FILES)" +## Create new Bitcoin keys. If user address is empty. +_DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $DM_CONF_FILES)" -## Create new Bitcoin keys. If address is empty. -if [ -z "$DM_BITCOIN_" ] +if [ -z "$_DM_BITCOIN" ] then - echo -e "\nThe Bitcoin key is empty. Generating new Bitcoin key...\n" - B=$(tput bold ; tput setaf 1) N=$(tput sgr0) @@ -132,23 +149,16 @@ then PRIVKEYWIF="$(bx ec-to-wif $PRIVKEY)" ## Write the bitcoin address to the daemon config - sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $CONF_FILES + sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $DM_CONF_FILES - ## Show bitcoin keys - echo -e "Please backup these\t${B}BITCOIN KEYS:${N}" - echo -e "PRIVATE KEY (raw form):\t${B}$PRIVKEY${N}" - echo -e "PRIVATE KEY (WIF form):\t${B}$PRIVKEYWIF${N}" - echo -e "Bitcoin public key:\t${B}$PUBKEY${N}" - echo -e "Bitcoin address:\t${B}$BITCOIN${N}\n" + ## Show bitcoin key + echo -e "\nPlease backup this\tBITCOIN KEY:" + echo -e "Private key (raw form):\t$PRIVKEY" + echo -e "Private key (WIF form):\t${B}$PRIVKEYWIF${N}" + echo -e "Public key:\t$PUBKEY" + echo -e "Bitcoin address:\t$BITCOIN\n" fi -## Password notice -echo "$DM_PGP_PASSWORD" | grep -q "/" && \ - ( echo -n -e "\n$(tput bold)WARN:$(tput sgr0)Please, write your 'passphrase=$DM_PGP_PASSWORD'" | grep --color=auto -z -E "/" ; echo -n -e " to $DM_CONF_FILE manually." ) -## API credentials notice -test -z "$CLIENT_ID" -o -z "$CLIENT_SECRET" && \ - echo -e "\nNOTE:Please visit a BitDeals site to get your API credentials: $(tput smul)\$CLIENT_ID$(tput rmul) and $(tput smul)\$CLIENT_SECRET$(tput rmul).\n" - ## Run the daemon exec /usr/sbin/dm -p /etc/dm -c /etc/dm/dm.conf $@ diff --git a/docker/nginx.conf b/docker/nginx.conf new file mode 100644 index 0000000..473e10e --- /dev/null +++ b/docker/nginx.conf @@ -0,0 +1,17 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + index index.html; + + server_name _; + + rewrite ^/$ /dm/ permanent; + + location / { + root /var/www/web; + index index.html; + try_files $uri $uri/ /index.html; + } +} +