Dockerfile
This commit is contained in:
@@ -6,43 +6,67 @@
|
||||
## And can generate a Bitcoing and PGP key filies at first start.
|
||||
##
|
||||
|
||||
## Uncomment this to receive the key from keyserver
|
||||
#BITDEALS_KEY_FPR="7CAB360151502F5A1E14E22BF263C9207A1CC3B3"
|
||||
|
||||
DM_TESTNET=${DM_TESTNET:-0}
|
||||
|
||||
## Daemon config files
|
||||
DM_CONF_FILES=$(find /etc/dm/ -name "*.conf")
|
||||
CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf")
|
||||
OAUTH_CONF_FILE="/etc/dm/oauth2/default.json"
|
||||
PGP_PUB_FILE="/etc/dm/pgp.pub"
|
||||
BITDEALS_ASC_FILE="/etc/dm/bitdeals.asc"
|
||||
BITDEALS_TEST_ASC_FILE="/etc/dm/bitdeals-test.asc"
|
||||
PGP_SEC_FILE="/etc/dm/pgp.sec"
|
||||
BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg"
|
||||
|
||||
#tput variable for color output
|
||||
export TERM=xterm
|
||||
|
||||
## Write a variables to config file
|
||||
sed -i "/\[main\]/,/\[/ s/.*user=.*/user=module/" $DM_CONF_FILES
|
||||
sed -i "/\[main\]/,/\[/ s/.*group=.*/group=module/" $DM_CONF_FILES
|
||||
sed -i "/\[daemon\]/,/\[/ s/.*daemon=.*/daemon=false/" $DM_CONF_FILES
|
||||
sed -i "/\[server\]/,/\[/ s/.*listen=.*/listen=0.0.0.0/" $DM_CONF_FILES
|
||||
sed -i "/\[main\]/,/\[/ s/.*user=.*/user=module/" $CONF_FILES
|
||||
sed -i "/\[main\]/,/\[/ s/.*group=.*/group=module/" $CONF_FILES
|
||||
sed -i "/\[daemon\]/,/\[/ s/.*daemon=.*/daemon=false/" $CONF_FILES
|
||||
sed -i "/\[server\]/,/\[/ s/.*listen=.*/listen=0.0.0.0/" $CONF_FILES
|
||||
sed -i "/\[server\]/,/\[/ s/.*port=.*/port=4999/" $CONF_FILES
|
||||
|
||||
## Write the PGP keys locations to the config
|
||||
sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $DM_CONF_FILES
|
||||
sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$PGP_PUB_FILE%" $DM_CONF_FILES
|
||||
sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $CONF_FILES
|
||||
test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true \
|
||||
&& sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_TEST_ASC_FILE%" $CONF_FILES \
|
||||
|| sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$BITDEALS_ASC_FILE%" $CONF_FILES
|
||||
|
||||
## Write a user variables to the daemon config files.
|
||||
## This code removes '/' from user variables to sanitize `sed` code injections.
|
||||
test -z "$BITCOIN" || sed -i "/\[module\]/,/\[/ s/^address=.*/address=${BITCOIN//\/}/" $DM_CONF_FILES
|
||||
test -z "$FEE" || sed -i "/\[module\]/,/\[/ s/^fee=.*/fee=${FEE//\/}/" $DM_CONF_FILES
|
||||
test -z "$PASSWORD" || sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=${PASSWORD//\/}/" $DM_CONF_FILES
|
||||
test -z "$CLIENT_ID" || sed -i "/\"web\": {/,/}/ s/\"client_id\".*/\"client_id\": \"${CLIENT_ID//\/}\",/" "$OAUTH_CONF_FILE"
|
||||
test -z "$CLIENT_SECRET" || sed -i "/\"web\": {/,/}/ s/\"client_secret\".*/\"client_secret\": \"${CLIENT_SECRET//\/}\",/" "$OAUTH_CONF_FILE"
|
||||
test -z "$PGP_PUB" || echo "$PGP_PUB" > "$PGP_PUB_FILE"
|
||||
test -z "$PGP_SEC" || echo "$PGP_SEC" > "$PGP_SEC_FILE"
|
||||
test "$TESTNET" = 1 -o "$TESTNET" = true && sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=true/" $DM_CONF_FILES
|
||||
test -z "$DM_BITCOIN" || sed -i "/\[module\]/,/\[/ s/^address=.*/address=${DM_BITCOIN//\/}/" $CONF_FILES
|
||||
test -z "$DM_FEE" || sed -i "/\[module\]/,/\[/ s/^#\?fee=.*/fee=${DM_FEE//\/}/" $CONF_FILES
|
||||
test -z "$DM_PGP_PASSWORD" || sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=${DM_PASSWORD//\/}/" $CONF_FILES
|
||||
test -z "$DM_CLIENT_ID" || sed -i "/\"web\": {/,/}/ s/\"client_id\".*/\"client_id\": \"${DM_CLIENT_ID//\/}\",/" "$OAUTH_CONF_FILE"
|
||||
test -z "$DM_CLIENT_SECRET" || sed -i "/\"web\": {/,/}/ s/\"client_secret\".*/\"client_secret\": \"${DM_CLIENT_SECRET//\/}\",/" "$OAUTH_CONF_FILE"
|
||||
test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=true/" $CONF_FILES
|
||||
|
||||
test -z "$BITDEALS_ASC" || echo "$BITDEALS_ASC" > "$BITDEALS_ASC_FILE"
|
||||
test -z "$BITDEALS_TEST_ASC" || echo "$BITDEALS_TEST_ASC" > "$BITDEALS_TEST_ASC_FILE"
|
||||
test -z "$DM_PGP_SEC" || echo "$PGP_SEC" > "$PGP_SEC_FILE"
|
||||
|
||||
|
||||
## Get BitDeals PGP key by fingerprint
|
||||
if ! [ -z $BITDEALS_KEY_FPR ]
|
||||
then
|
||||
test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && i="$BITDEALS_TEST_ASC_FILE" || i="$BITDEALS_ASC_FILE"
|
||||
gpg --keyserver keyserver.ubuntu.com --recv-keys "$BITDEALS_KEY_FPR" && \
|
||||
gpg --armor --export "$BITDEALS_KEY_FPR" | tee "$i"
|
||||
gpgconf --kill all
|
||||
fi
|
||||
|
||||
## Create new PGP keys. If PGP file is empty.
|
||||
if [ ! -e "$PGP_SEC_FILE" ]
|
||||
then
|
||||
echo -e "\nThe PGP key is empty. Generating new PGP key...\n"
|
||||
test -z "$ACCOUNT_URL" && { echo -n "Please enter your site URL like https://example.com : " ; read ACCOUNT_URL ;}
|
||||
test -z "$DM_ACCOUNT_URL" && { echo -n "Please enter your site URL like https://example.com : " ; read DM_ACCOUNT_URL ;}
|
||||
|
||||
#GNUPGHOME="$(mktemp -d)" ;#- works for gpg2
|
||||
gpg --faked-system-time $(TZ=UTC date --date=$(date +'%Y-%m-%d') +%s) \
|
||||
--pinentry-mode loopback --passphrase "$PASSWORD" \
|
||||
--pinentry-mode loopback --passphrase "$DM_PGP_PASSWORD" \
|
||||
--batch --gen-key 2>/dev/null <<-EOF
|
||||
Key-Type: RSA
|
||||
Key-Usage: cert,sign
|
||||
@@ -51,34 +75,30 @@ then
|
||||
Subkey-Usage: encr
|
||||
Subkey-Length: 1024
|
||||
Name-Real: Account_URL
|
||||
Name-Comment: ${ACCOUNT_URL:-https://example-$RANDOM.com}
|
||||
Name-Comment: ${DM_ACCOUNT_URL:-https://example-$RANDOM.com}
|
||||
Expire-Date: 0
|
||||
EOF
|
||||
echo
|
||||
tput setaf 7
|
||||
#tput setaf 7
|
||||
#cat $GNUPGHOME/openpgp-revocs.d/*.rev
|
||||
cat /root/.gnupg/openpgp-revocs.d/*.rev | sed -e "/^pub/,+2 { s/.*/$(tput sgr0)$(tput bold)&$(tput sgr0)$(tput setaf 7)/; }"
|
||||
tput setaf 3
|
||||
gpg --armor --export --passphrase "$PASSWORD" | tee "$PGP_PUB_FILE"
|
||||
tput setaf 4
|
||||
gpg --armor --export-secret-keys --passphrase "$PASSWORD" | tee "$PGP_SEC_FILE"
|
||||
#cat /root/.gnupg/openpgp-revocs.d/*.rev | sed -e "/^pub/,+2 { s/.*/$(tput sgr0)$(tput bold)&$(tput sgr0)$(tput setaf 7)/; }"
|
||||
#gpg -k --keyid-format long | grep -A4 -E "^pub"
|
||||
gpg -k --keyid-format long 2>/dev/null | tail -n5
|
||||
tput setaf 2
|
||||
gpg --armor --export-secret-keys --passphrase "$DM_PGP_PASSWORD" | tee "$PGP_SEC_FILE"
|
||||
tput sgr0
|
||||
|
||||
pkill gpg-agent 2>/dev/null
|
||||
gpgconf --kill all
|
||||
else
|
||||
echo -e "\nNOTE:Your PGP keyfiles location: $(dirname $PGP_PUB_FILE)"
|
||||
echo -e "NOTE:Your PGP key location: $PGP_SEC_FILE"
|
||||
fi
|
||||
|
||||
## Change PGP keyfiles owner
|
||||
test -e "$PGP_PUB_FILE" && chown module:module "$PGP_PUB_FILE"
|
||||
test -e "$BITDEALS_ASC_FILE" && chown module:module "$BITDEALS_ASC_FILE"
|
||||
test -e "$PGP_SEC_FILE" && chown module:module "$PGP_SEC_FILE"
|
||||
test -e "$PGP_SEC_FILE" && chmod 600 "$PGP_SEC_FILE"
|
||||
|
||||
## Get bitcoin address from the daemon config
|
||||
DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $DM_CONF_FILE)"
|
||||
|
||||
## Setup testnet settings in libbitcoin-explorer config
|
||||
test "$TESTNET" = 1 -o "$TESTNET" = true && \
|
||||
test "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true && \
|
||||
sed -i -e "/\[wallet\]/,/\[/ s/wif_version? =.*/wif_version = 239/" \
|
||||
-e "/\[wallet\]/,/\[/ s/hd_public_version =.*/hd_public_version = 70617039/" \
|
||||
-e "/\[wallet\]/,/\[/ s/hd_secret_version =.*/hd_secret_version = 70615956/" \
|
||||
@@ -94,12 +114,15 @@ test "$TESTNET" = 1 -o "$TESTNET" = true && \
|
||||
-e "/#block_url = tcp:\/\/testnet.libbitcoin.net:19093/ s/^#//" \
|
||||
-e "/#transaction_url = tcp:\/\/testnet.libbitcoin.net:19094/ s/^#//" "$BX_CONF_FILE"
|
||||
|
||||
## Get bitcoin address from the daemon config
|
||||
DM_BITCOIN_="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $CONF_FILES)"
|
||||
|
||||
## Create new Bitcoin keys. If address is empty.
|
||||
if [ -z "$DM_BITCOIN" ]
|
||||
if [ -z "$DM_BITCOIN_" ]
|
||||
then
|
||||
echo -e "\nThe Bitcoin key is empty. Generating new Bitcoin key...\n"
|
||||
|
||||
B=$(tput bold)
|
||||
B=$(tput bold ; tput setaf 1)
|
||||
N=$(tput sgr0)
|
||||
|
||||
## Generate bitcoin keys
|
||||
@@ -109,7 +132,7 @@ then
|
||||
PRIVKEYWIF="$(bx ec-to-wif $PRIVKEY)"
|
||||
|
||||
## Write the bitcoin address to the daemon config
|
||||
sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $DM_CONF_FILES
|
||||
sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $CONF_FILES
|
||||
|
||||
## Show bitcoin keys
|
||||
echo -e "Please backup these\t${B}BITCOIN KEYS:${N}"
|
||||
@@ -120,11 +143,11 @@ then
|
||||
fi
|
||||
|
||||
## Password notice
|
||||
echo "$PASSWORD" | grep -q "/" && \
|
||||
( echo -n -e "\n$(tput bold)WARN:$(tput sgr0)Please, write your 'passphrase=$PASSWORD'" | grep --color=auto -z -E "/" ; echo -n -e " to $DM_CONF_FILE manually." )
|
||||
echo "$DM_PGP_PASSWORD" | grep -q "/" && \
|
||||
( echo -n -e "\n$(tput bold)WARN:$(tput sgr0)Please, write your 'passphrase=$DM_PGP_PASSWORD'" | grep --color=auto -z -E "/" ; echo -n -e " to $DM_CONF_FILE manually." )
|
||||
## API credentials notice
|
||||
test -z "$CLIENT_ID" -o -z "$CLIENT_SECRET" && \
|
||||
echo -e "NOTE:Please visit a BitDeals site to get your API credentials: $(tput smul)\$CLIENT_ID$(tput rmul) and $(tput smul)\$CLIENT_SECRET$(tput rmul).\n"
|
||||
echo -e "\nNOTE:Please visit a BitDeals site to get your API credentials: $(tput smul)\$CLIENT_ID$(tput rmul) and $(tput smul)\$CLIENT_SECRET$(tput rmul).\n"
|
||||
|
||||
## Run the daemon
|
||||
exec /usr/sbin/dm -p /etc/dm -c /etc/dm/dm.conf $@
|
||||
|
||||
Reference in New Issue
Block a user