private/apostol-dm
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
Преподобный Ален
2023-05-17 17:29:49 +03:00
parent 69af37c617 cd9bcb8c13
commit 7d8bc75c5e
6 changed files with 116 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docker-compose.yml
View File

@@ -3,7 +3,9 @@ services:
bitdeals-module: bitdeals-module:
image: bitdeals/apostol-dm image: bitdeals/apostol-dm
environment: environment:
- DM_TESTNET=0 - DM_FORWEB=https://127.0.0.1
- DM_WEBAUTH=0
- DM_TESTNET=1
- DM_BITCOIN= - DM_BITCOIN=
- DM_FEE=0.1% - DM_FEE=0.1%
- | - |
@@ -13,10 +15,11 @@ services:
-----END PGP PRIVATE KEY BLOCK----- -----END PGP PRIVATE KEY BLOCK-----
volumes: volumes:
- dm:/etc/dm - dm:/home/dm
ports: ports:
- 4999:4999 - 127.0.0.1:4999:4999
- 80:80 - 127.0.0.1:80:80
- 127.0.0.1:443:443
volumes: volumes:
dm: dm:

23
docker/Dockerfile
View File

@@ -1,9 +1,9 @@
# syntax=docker/dockerfile:3 ## syntax=docker/dockerfile:3
## BitDeals Module Dockerfile ## BitDeals Module Dockerfile
## the Module user ## the Module user
ARG UNAME="module" ARG UNAME="dm"
ARG UHOME="/home/$UNAME" ARG UHOME="/home/$UNAME"
## Base image ## Base image
@@ -12,15 +12,17 @@ FROM debian:bullseye AS updated-debian
SHELL ["/bin/bash", "-exo", "pipefail", "-c"] SHELL ["/bin/bash", "-exo", "pipefail", "-c"]
LABEL name="BitDeals Module" LABEL name="BitDeals Module"
EXPOSE 4999/tcp 80/tcp EXPOSE 4999/tcp 80/tcp 443/tcp
## Debian update; install dependencies ## Debian update; install dependencies
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND="noninteractive" \
DEBCONF_NOWARNINGS="yes"
RUN apt-get update -y ; \ RUN apt-get update -y ; \
apt-get upgrade -y ; \ apt-get upgrade -y ; \
apt-get -y install --no-install-recommends locales ; \ apt-get -y install --no-install-recommends locales jq moreutils; \
apt-get -y install --no-install-recommends gpg gpg-agent ; \ apt-get -y install --no-install-recommends gpg gpg-agent ; \
apt-get -y install --no-install-recommends nginx ; \ apt-get -y install --no-install-recommends nginx ; \
apt-get -y install --no-install-recommends openssl ca-certificates ; \
apt-get clean ; \ apt-get clean ; \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
@@ -36,7 +38,8 @@ RUN useradd --create-home --home-dir $UHOME $UNAME
FROM updated-debian AS development FROM updated-debian AS development
## Debian update; install dependencies for: C++ compiler; OpenPGP; Libbitcoin ## Debian update; install dependencies for: C++ compiler; OpenPGP; Libbitcoin
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND="noninteractive" \
DEBCONF_NOWARNINGS="yes"
RUN apt-get -y update RUN apt-get -y update
RUN apt-get -y install --no-install-recommends build-essential libssl-dev libcurl4-openssl-dev make cmake gcc g++ git RUN apt-get -y install --no-install-recommends build-essential libssl-dev libcurl4-openssl-dev make cmake gcc g++ git
RUN apt-get -y install --no-install-recommends libgmp-dev libbz2-dev libzip-dev RUN apt-get -y install --no-install-recommends libgmp-dev libbz2-dev libzip-dev
@@ -71,9 +74,10 @@ RUN su -l --shell /bin/bash $UNAME -c 'wget https://raw.githubusercontent.com/li
cd $UHOME ; \ cd $UHOME ; \
sed -i '/git clone / s/git.*$/while true; do & \&\& break; done/' install.sh ; \ sed -i '/git clone / s/git.*$/while true; do & \&\& break; done/' install.sh ; \
sed -i '/$WGET / s/$WGET.*$/while true; do & \&\& break; done/' install.sh ; \ sed -i '/$WGET / s/$WGET.*$/while true; do & \&\& break; done/' install.sh ; \
./install.sh --build-boost --build-zmq --disable-shared ./install.sh --verbose --build-boost --build-zmq --disable-shared
## Install BitDeals module (apostol-dm) ## Install BitDeals module (apostol-dm)
#cmake -DCMAKE_BUILD_TYPE=Debug . -B cmake-build-debug' ; \
RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \ RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \
git clone https://git.bitdeals.org/private/apostol-dm.git ; \ git clone https://git.bitdeals.org/private/apostol-dm.git ; \
cd apostol-dm ; \ cd apostol-dm ; \
@@ -97,16 +101,15 @@ FROM updated-debian
ARG UNAME ARG UNAME
ARG UHOME ARG UHOME
ENV UNAME=$UNAME ENV UNAME=$UNAME
ENV LC_ALL=ru_RU.UTF-8 ENV UHOME=$UHOME
COPY --from=development /usr/local/ /usr/local/ COPY --from=development /usr/local/ /usr/local/
COPY --from=development /etc/dm/ /etc/dm/ COPY --from=development /etc/dm/ /etc/dm/
COPY --from=development /usr/sbin/dm /usr/sbin/dm COPY --from=development /usr/sbin/dm /usr/sbin/dm
COPY --from=development /etc/init.d/dm /etc/init.d/dm COPY --from=development /etc/init.d/dm /etc/init.d/dm
COPY --from=development --chown=www-data:www-data $UHOME/web-build/build /var/www/web COPY --from=development --chown=www-data:www-data $UHOME/web-build/build /var/www/web
COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals-test.asc /etc/dm/bitdeals-test.asc COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals-testnet.asc /etc/dm/bitdeals-testnet.asc
#COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals.asc /etc/dm/bitdeals.asc #COPY --from=development --chown=$UNAME:$UNAME $UHOME/apostol-dm/docker/bitdeals.asc /etc/dm/bitdeals.asc
COPY --from=development $UHOME/apostol-dm/docker/entrypoint.sh /entrypoint.sh COPY --from=development $UHOME/apostol-dm/docker/entrypoint.sh /entrypoint.sh
COPY nginx.conf /etc/nginx/sites-enabled/default COPY nginx.conf /etc/nginx/sites-enabled/default

24
docker/README.md
View File

@@ -7,13 +7,15 @@ Deal Module (dm) - the Bitdeals daemon that provides a special interfaces for cr
# Running DM docker container # Running DM docker container
On first run the initialization script will create (if it is empty), a new bitcoin and PGP keys and start the daemon. On first run the initialization script will create, a new bitcoin and PGP keys and start the daemon.
Daemon settings which may specified by an environment variables are saved to the daemon config files on the Docker Volume. Daemon settings may specified by an environment variables. PGP secret key is stored on a Docker volume.
First run example: `docker run -i -t -e DM_TESTNET=1 -p 127.0.0.1:443:443 bitdeals/apostol-dm` - register new user, open WebUI port.
# Usage # Usage
Here are some example snippets to help you get started creating a container. Here are some example snippets to help you get started creating a container at localhost.
## docker-compose ## docker-compose
@@ -26,8 +28,7 @@ services:
- DM_TESTNET=0 - DM_TESTNET=0
- DM_BITCOIN=<address> - DM_BITCOIN=<address>
- DM_FEE=<0.1%> - DM_FEE=<0.1%>
- DM_PGP_PASSWORD=<password> - DM_FORWEB=https://127.0.0.1
- DM_FORWEB=http://127.0.0.1:4999
- DM_WEBAUTH=0 - DM_WEBAUTH=0
- | - |
DM_PGP_SEC= DM_PGP_SEC=
@@ -36,10 +37,11 @@ services:
-----END PGP PRIVATE KEY BLOCK----- -----END PGP PRIVATE KEY BLOCK-----
volumes: volumes:
- dm:/etc/dm - dm:/home/dm
ports: ports:
- 127.0.0.1:4999:4999 - 127.0.0.1:4999:4999
- 80:80 - 127.0.0.1:80:80
- 127.0.0.1:443:443
volumes: volumes:
dm: dm:
``` ```
@@ -56,7 +58,8 @@ docker run -d \
-e DM_LC_ALL=en_US.UTF-8 \ -e DM_LC_ALL=en_US.UTF-8 \
-p 127.0.0.1:4999:4999 \ -p 127.0.0.1:4999:4999 \
-p 127.0.0.1:80:80 \ -p 127.0.0.1:80:80 \
-v /home/dm/:/etc/dm/ \ -p 127.0.0.1:443:443 \
-v /home/dm/:/home/dm/ \
bitdeals/apostol-dm bitdeals/apostol-dm
``` ```
@@ -66,14 +69,15 @@ Container images are configured using parameters passed at runtime.
|Parameter|Function| |Parameter|Function|
|:--------|:-------| |:--------|:-------|
|-p 80|WebUI port TCP| |-p 80|WebUI port|
|-p 443|WebUI port|
|-p 4999|dm API port [(API documentation)](/private/apostol-dm/src/branch/master/doc/REST-API-ru.md)| |-p 4999|dm API port [(API documentation)](/private/apostol-dm/src/branch/master/doc/REST-API-ru.md)|
|-e DM_TESTNET=|Enable bitcoin testnet mode. Default: `0`| |-e DM_TESTNET=|Enable bitcoin testnet mode. Default: `0`|
|-e DM_BITCOIN=|User account bitcoin address. Will be created if empty.| |-e DM_BITCOIN=|User account bitcoin address. Will be created if empty.|
|-e DM_FEE=|User fee for created deals. You MUST indicate the sign "%" for a percentage of the deal amount or FIXED value in satoshi. Default: `0.1%`| |-e DM_FEE=|User fee for created deals. You MUST indicate the sign "%" for a percentage of the deal amount or FIXED value in satoshi. Default: `0.1%`|
|-e DM_PGP_SEC=|Variable with ASCII armored PGP user secret key. Will be created if empty (with Account_URL in the key details).| |-e DM_PGP_SEC=|Variable with ASCII armored PGP user secret key. Will be created if empty (with Account_URL in the key details).|
|-e DM_PGP_PASSWORD=|User PGP key password.| |-e DM_PGP_PASSWORD=|User PGP key password.|
|-e DM_FORWEB=|dm host for dm Web app (the host should be accessable from your browser). Default: `http://127.0.0.1:4999`| |-e DM_FORWEB=|dm host for dm Web app (the host should be accessable from your browser). Default: `https://127.0.0.1`|
|-e DM_WEBAUTH=|Enable Web app user interface authentication. Default: `0`| |-e DM_WEBAUTH=|Enable Web app user interface authentication. Default: `0`|
|-e DM_LC_ALL=|Set locale for dm. Default: `en_US.UTF-8`| |-e DM_LC_ALL=|Set locale for dm. Default: `en_US.UTF-8`|
|-e DM_ACCOUNT_URL=|Set Account_URL for a new account registration. Format: `http[s]://<host>[:<port>]`| |-e DM_ACCOUNT_URL=|Set Account_URL for a new account registration. Format: `http[s]://<host>[:<port>]`|

0
docker/bitdeals-test.asc → docker/bitdeals-testnet.asc
View File

57
docker/entrypoint.sh
View File

@@ -7,21 +7,25 @@
## ##
## Web app requires the dmHost address should be accessable from your browser ## Web app requires the dmHost address should be accessable from your browser
DM_FORWEB=${DM_FORWEB:-http://127.0.0.1:4999} DM_FORWEB=${DM_FORWEB:-https://127.0.0.1}
DM_WEBAUTH=${DM_WEBAUTH:-0} DM_WEBAUTH=${DM_WEBAUTH:-0}
DM_TESTNET=${DM_TESTNET:-0} DM_TESTNET=${DM_TESTNET:-0}
## Daemon config files ## Daemon config files
CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf") CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf")
BITDEALS_PGP_FILE="/etc/dm/bitdeals.asc" BITDEALS_PGP_FILE="/etc/dm/bitdeals.asc"
BITDEALS_TEST_PGP_FILE="/etc/dm/bitdeals-test.asc" BITDEALS_TEST_PGP_FILE="/etc/dm/bitdeals-testnet.asc"
PGP_SEC_FILE="/etc/dm/pgp.sec" PGP_SEC_FILE="$UHOME/pgp-key.sec"
BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg" BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg"
WEB_CONF_FILE="/var/www/web/config.js" WEB_CONF_FILE="/var/www/web/config.js"
WEB_CONF_SITES="/etc/dm/sites/default.json" WEB_CONF_SITES="/etc/dm/sites/default.json"
WEB_CONF_OAUTH="/etc/dm/oauth2/default.json" WEB_CONF_OAUTH="/etc/dm/oauth2/default.json"
WEB_CERT="$UHOME/ssl-fullchain.pem"
WEB_KEY="$UHOME/ssl-privkey.pem"
WEB_DH="/etc/ssl/dhparam.pem"
BITCOIN_KEYS_BACKUP="$UHOME/bitcoin.backup_and_remove"
#tput variable for log color output #variable for tput color output
export TERM=xterm export TERM=xterm
## Write a default variables to dm config ## Write a default variables to dm config
@@ -49,12 +53,12 @@ fi
export LC_ALL="$DM_LC_ALL" export LC_ALL="$DM_LC_ALL"
## Add DM_FORWEB to dm oauth config ## Add DM_FORWEB to dm oauth config
if ! grep -q "$DM_FORWEB" $WEB_CONF_SITES; then cat $WEB_CONF_OAUTH | \
sed -i "/\"hosts\":/ s|]|, \"$(basename $DM_FORWEB)\"]|" $WEB_CONF_SITES jq --arg host "$DM_FORWEB" '.web | .redirect_uris=[$host+"/oauth2/code",$host+"/oauth2/callback"]' | \
sed -i -e "/\"redirect_uris\":/ s|$|\n\t\"$DM_FORWEB/oauth2/callback\",|" \ sponge $WEB_CONF_OAUTH
-e "/\"redirect_uris\":/ s|$|\n\t\"$DM_FORWEB/oauth2/code\",|" $WEB_CONF_OAUTH cat $WEB_CONF_SITES | \
fi jq --arg host "$(basename $DM_FORWEB)" '.hosts = [$host]' | \
sponge $WEB_CONF_SITES
## Write the PGP keys locations to dm config ## Write the PGP keys locations to dm config
sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $CONF_FILES sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $CONF_FILES
@@ -82,6 +86,8 @@ if [ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ]; then
else else
sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=false/" $CONF_FILES sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=false/" $CONF_FILES
fi fi
## Write PGP key variables to files
if [ "$DM_BITDEALS_PGP" ]; then if [ "$DM_BITDEALS_PGP" ]; then
echo "$BITDEALS_PGP" > "$BITDEALS_PGP_FILE" echo "$BITDEALS_PGP" > "$BITDEALS_PGP_FILE"
fi fi
@@ -93,7 +99,7 @@ if [ "$DM_PGP_SEC" ]; then
fi fi
## Create user PGP key if the file is empty ## Create user PGP key if the file is empty
if [ ! -e "$PGP_SEC_FILE" ] if [ ! -f "$PGP_SEC_FILE" ]
then then
[ "$DM_ACCOUNT_URL" ] || \ [ "$DM_ACCOUNT_URL" ] || \
{ echo -en "\nGenerating new PGP key...\nPlease enter your site URL like https://example.com : " ; \ { echo -en "\nGenerating new PGP key...\nPlease enter your site URL like https://example.com : " ; \
@@ -152,11 +158,11 @@ fi
## Create new Bitcoin keys. If user address (_DM_BITCOIN var) is empty. ## Create new Bitcoin keys. If user address (_DM_BITCOIN var) is empty.
_DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $CONF_FILES)" _DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $CONF_FILES)"
B=$(tput bold ; tput setaf 1)
N=$(tput sgr0)
if [ -z "$_DM_BITCOIN" ] if [ -z "$_DM_BITCOIN" ]
then then
B=$(tput bold ; tput setaf 1)
N=$(tput sgr0)
## Generate bitcoin keys ## Generate bitcoin keys
PRIVKEY="$(cat /dev/random | tr -cd "[:digit:]" | head -c 64)" PRIVKEY="$(cat /dev/random | tr -cd "[:digit:]" | head -c 64)"
PUBKEY="$(bx ec-to-public $PRIVKEY)" PUBKEY="$(bx ec-to-public $PRIVKEY)"
@@ -167,17 +173,30 @@ then
sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $CONF_FILES sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $CONF_FILES
## Show bitcoin key ## Show bitcoin key
cat <<-EOF tee -a $BITCOIN_KEYS_BACKUP <<-EOF
Please backup this BITCOIN KEY: ${B}Please backup this BITCOIN KEY:${N}
Private key (raw form): $PRIVKEY Private key (WIF form): $PRIVKEYWIF
Private key (WIF form): ${B}$PRIVKEYWIF${N}
Public key: $PUBKEY Public key: $PUBKEY
Bitcoin address: $BITCOIN Bitcoin address: $BITCOIN
EOF EOF
chmod 600 $BITCOIN_KEYS_BACKUP
else else
echo -e "NOTE: Your Bitcoin address: $_DM_BITCOIN" test -f $BITCOIN_KEYS_BACKUP \
&& echo -e "NOTE: Your Bitcoin key saved to $(dirname $BITCOIN_KEYS_BACKUP)/${B}$(basename $BITCOIN_KEYS_BACKUP)${N}"\
|| echo -e "NOTE: Your Bitcoin address: $_DM_BITCOIN"
fi
## Generate self-signed certificate
if ! [ -f $WEB_KEY -a -f $WEB_CERT ]; then
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -batch \
-keyout $WEB_KEY \
-out $WEB_CERT
fi
if ! [ -f $WEB_DH ]; then
echo "Generating DH parameters, 1024 bit long safe prime"
openssl dhparam -out $WEB_DH 1024 2>/dev/null
fi fi
## Run the daemon ## Run the daemon

51
docker/nginx.conf
View File

@@ -12,17 +12,48 @@ server {
root /var/www/web; root /var/www/web;
index index.html; index index.html;
try_files $uri $uri/ /index.html; try_files $uri $uri/ /index.html;
}
# location ^~ /api/ { location ^~ /api/ {
# proxy_pass http://127.0.0.1:4999; proxy_pass http://127.0.0.1:4999;
# proxy_http_version 1.1; proxy_http_version 1.1;
# proxy_set_header Host $host; proxy_set_header Host $host;
# proxy_set_header Connection "close"; proxy_set_header Connection "close";
# proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# }
} }
} }
server {
index index.html;
server_name _;
rewrite ^/$ /dm/ permanent;
location / {
root /var/www/web;
index index.html;
try_files $uri $uri/ /index.html;
}
location ^~ /api/ {
proxy_pass http://127.0.0.1:4999;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Connection "close";
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /home/dm/fullchain.pem;
ssl_certificate_key /home/dm/privkey.pem;
ssl_dhparam /etc/ssl/dhparam.pem;
}