private/apostol-dm
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dockerfile

Browse Source
This commit is contained in:
studmix88
2022-03-29 00:58:18 -04:00
parent 33a3846cd8
commit 9ea1ebaef2
3 changed files with 87 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
docker/Dockerfile
View File

@@ -1,70 +1,96 @@
# syntax=docker/dockerfile:3
## BitDeals Module Dockerfile ## BitDeals Module Dockerfile
## the Module user
ARG UNAME="module"
ARG UHOME="/home/$UNAME"
## Base image ## Base image
FROM debian:bullseye FROM debian:bullseye AS updated-debian
SHELL ["/bin/bash", "-exo", "pipefail", "-c"]
LABEL name="BitDeals Module" LABEL name="BitDeals Module"
EXPOSE 4977/tcp 80/tcp EXPOSE 4999 80
## Debian update; install dependencies for GPG
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update ; \
apt-get upgrade -y ; \
apt-get -y install --no-install-recommends gpg gpg-agent ; \
apt-get clean ; \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
## Add the Module user ## Add the Module user
ARG UNAME=module ARG UNAME
ARG UHOME="/home/$UNAME" ARG UHOME
RUN useradd --create-home --home-dir $UHOME $UNAME RUN useradd --create-home --home-dir $UHOME $UNAME
## Debian update; install dependencies for: C++ compiler; OpenPGP; Libbitcoin; GPG FROM updated-debian AS development
## Debian update; install dependencies for: C++ compiler; OpenPGP; Libbitcoin
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
RUN set -ex ; apt-get update && apt-get upgrade -y ; \ RUN apt-get update
apt-get -y install --no-install-recommends build-essential libssl-dev libcurl4-openssl-dev make cmake gcc g++ git ; \ RUN apt-get -y install --no-install-recommends build-essential libssl-dev libcurl4-openssl-dev make cmake gcc g++ git
apt-get -y install --no-install-recommends libgmp-dev libbz2-dev libzip-dev ; \ RUN apt-get -y install --no-install-recommends libgmp-dev libbz2-dev libzip-dev
apt-get -y install --no-install-recommends autoconf automake libtool pkg-config wget ; \ RUN apt-get -y install --no-install-recommends autoconf automake libtool pkg-config wget
apt-get -y install --no-install-recommends gpg gpg-agent
## Avoid error: "Server Certificate Verification Failed. CRLfile: none" ## Avoid error: "Server Certificate Verification Failed. CRLfile: none"
RUN set -ex ; apt-get update ; apt-get install -y --reinstall ca-certificates #; rm -Rf /var/lib/apt/lists/* RUN apt-get install -y --reinstall ca-certificates
ARG UNAME
ARG UHOME
## Install OpenPGP ## Install OpenPGP
RUN set -ex ; su -l --shell /bin/bash $UNAME -c 'git clone https://github.com/calccrypto/OpenPGP ; \ RUN su -l --shell /bin/bash $UNAME -c 'git clone https://github.com/calccrypto/OpenPGP ; \
mkdir OpenPGP/build ; cd OpenPGP/build ; \ mkdir OpenPGP/build ; cd OpenPGP/build ; \
sed -i "s/master/main/" ../contrib/cmake/GoogleTest.txt.in ; \ sed -i "s/master/main/" ../contrib/cmake/GoogleTest.txt.in ; \
cmake -DUSE_OPENSSL=ON -DGPG_COMPATIBLE=ON .. ; \ cmake -DUSE_OPENSSL=ON -DGPG_COMPATIBLE=ON .. ; \
make' ; \ make' ; \
cd $UHOME/OpenPGP/build/ ; \ cd $UHOME/OpenPGP/build/ ; \
make install ; \ make install
rm -Rf $UHOME/OpenPGP
## Install Yaml-cpp ## Install Yaml-cpp
RUN set -ex ; su -l --shell /bin/bash $UNAME -c 'git clone https://github.com/jbeder/yaml-cpp ; \ RUN su -l --shell /bin/bash $UNAME -c 'git clone https://github.com/jbeder/yaml-cpp ; \
mkdir yaml-cpp/build ; cd yaml-cpp/build ; \ mkdir yaml-cpp/build ; cd yaml-cpp/build ; \
cmake .. ; \ cmake .. ; \
make' ; \ make' ; \
cd $UHOME/yaml-cpp/build/ ; \ cd $UHOME/yaml-cpp/build/ ; \
make install ; \ make install
rm -Rf $UHOME/yaml-cpp
## Install Libbitcoin explorer ## Install Libbitcoin explorer
RUN set -ex ; su -l --shell /bin/bash $UNAME -c 'wget https://raw.githubusercontent.com/libbitcoin/libbitcoin-explorer/version3/install.sh ; \ RUN su -l --shell /bin/bash $UNAME -c 'wget https://raw.githubusercontent.com/libbitcoin/libbitcoin-explorer/version3/install.sh ; \
chmod +x install.sh' ; \ chmod +x install.sh' ; \
cd $UHOME ; \ cd $UHOME ; \
sed -i '/git clone / s/git.*$/while true; do & \&\& break; done/' install.sh ; \ sed -i '/git clone / s/git.*$/while true; do & \&\& break; done/' install.sh ; \
sed -i '/wget / s/wget.*$/while true; do & \&\& break; done/' install.sh ; \ sed -i '/wget / s/wget.*$/while true; do & \&\& break; done/' install.sh ; \
./install.sh --build-boost --build-zmq --disable-shared ; \ ./install.sh --build-boost --build-zmq --disable-shared
rm -Rf $UHOME/build-libbitcoin-explorer $UHOME/install.sh
## Install BitDeals dm ## Install BitDeals dm
RUN set -ex ; su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \ RUN su -l --shell /bin/bash $UNAME -c 'cd '$UHOME' ; \
git clone https://bitbucket.org/bitdeals/apostol-dm.git ; \ git clone https://bitbucket.org/bitdeals/apostol-dm.git ; \
cd apostol-dm ; \ cd apostol-dm ; \
./configure ; \ ./configure ; \
cd cmake-build-release ; \ cd cmake-build-release ; \
make' ; \ make' ; \
cd $UHOME/apostol-dm/cmake-build-release ;\ cd $UHOME/apostol-dm/cmake-build-release ;\
make install ; \ make install
rm -Rf $UHOME/apostol-dm
FROM updated-debian
COPY --from=development /usr/local/ /usr/local/
COPY --from=development /etc/dm/ /etc/dm/
COPY --from=development /usr/sbin/dm /usr/sbin/dm
COPY --from=development /etc/init.d/dm /etc/init.d/dm
#dm: error while loading shared libraries: libOpenPGP.so: cannot open shared object file: No such file or directory
RUN ldconfig
## Copy configuration helper script ## Copy configuration helper script
ADD https://bitbucket.org/bitdeals/apostol-dm/raw/master/docker/entrypoint.sh /entrypoint.sh #ADD https://bitbucket.org/bitdeals/apostol-dm/raw/master/docker/entrypoint.sh /entrypoint.sh
#COPY ./entrypoint.sh /entrypoint.sh COPY ./entrypoint.sh /entrypoint.sh
RUN set -ex ; chmod 755 /entrypoint.sh RUN chmod 755 /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]

7
docker/README.md
View File

@@ -25,9 +25,6 @@ services:
image: bitdeals/apostol-dm image: bitdeals/apostol-dm
container_name: bitdeals-dm container_name: bitdeals-dm
environment: environment:
- PUID=1000
- PGID=1000
- TZ=UTC
- TESTNET=1 #optional - TESTNET=1 #optional
- BITCOIN=<address> #optional - BITCOIN=<address> #optional
- FEE=<0.1%> #optional - FEE=<0.1%> #optional
@@ -40,8 +37,8 @@ services:
volumes: volumes:
- bitdeals-conf:/etc/dm - bitdeals-conf:/etc/dm
ports: ports:
- 4977:4977/tcp - 4977:4977
- 80:80/tcp - 80:80
restart: unless-stopped restart: unless-stopped
``` ```

47
docker/entrypoint.sh
View File

@@ -7,31 +7,32 @@
## ##
## Daemon config files ## Daemon config files
DM_CONF_FILE="/etc/dm/dm.conf" DM_CONF_FILES=$(find /etc/dm/ -name "*.conf")
OAUTH_CONF_FILE="/etc/dm/oauth2/default.json" OAUTH_CONF_FILE="/etc/dm/oauth2/default.json"
PGP_PUB_FILE="/etc/dm/pgp.pub" PGP_PUB_FILE="/etc/dm/pgp.pub"
PGP_SEC_FILE="/etc/dm/pgp.sec" PGP_SEC_FILE="/etc/dm/pgp.sec"
BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg" BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg"
## Write a variables to config file ## Write a variables to config file
sed -i "/\[main\]/,/\[/ s/user=.*/user=module/" "$DM_CONF_FILE" sed -i "/\[main\]/,/\[/ s/.*user=.*/user=module/" $DM_CONF_FILES
sed -i "/\[main\]/,/\[/ s/group=.*/group=module/" "$DM_CONF_FILE" sed -i "/\[main\]/,/\[/ s/.*group=.*/group=module/" $DM_CONF_FILES
sed -i "/\[daemon\]/,/\[/ s/daemon=.*/daemon=false/" "$DM_CONF_FILE" sed -i "/\[daemon\]/,/\[/ s/.*daemon=.*/daemon=false/" $DM_CONF_FILES
sed -i "/\[server\]/,/\[/ s/listen=.*/listen=0.0.0.0/" "$DM_CONF_FILE" sed -i "/\[server\]/,/\[/ s/.*listen=.*/listen=0.0.0.0/" $DM_CONF_FILES
## Write the PGP keys locations to the config ## Write the PGP keys locations to the config
sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" "$DM_CONF_FILE" sed -i "/\[pgp\]/,/\[/ s%^private=.*%private=$PGP_SEC_FILE%" $DM_CONF_FILES
sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$PGP_PUB_FILE%" "$DM_CONF_FILE" sed -i "/\[pgp\]/,/\[/ s%^public=.*%public=$PGP_PUB_FILE%" $DM_CONF_FILES
## Write a user variables to the daemon config files. ## Write a user variables to the daemon config files.
## This code removes '/' from user variables to sanitize `sed` code injections. ## This code removes '/' from user variables to sanitize `sed` code injections.
test -z "$BITCOIN" || sed -i "/\[module\]/,/\[/ s/^address=.*/address=${BITCOIN//\/}/" "$DM_CONF_FILE" test -z "$BITCOIN" || sed -i "/\[module\]/,/\[/ s/^address=.*/address=${BITCOIN//\/}/" $DM_CONF_FILES
test -z "$FEE" || sed -i "/\[module\]/,/\[/ s/^fee=.*/fee=${FEE//\/}/" "$DM_CONF_FILE" test -z "$FEE" || sed -i "/\[module\]/,/\[/ s/^fee=.*/fee=${FEE//\/}/" $DM_CONF_FILES
test -z "$PASSWORD" || sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=${PASSWORD//\/}/" "$DM_CONF_FILE" test -z "$PASSWORD" || sed -i "/\[pgp\]/,/\[/ s/^passphrase=.*/passphrase=${PASSWORD//\/}/" $DM_CONF_FILES
test -z "$CLIENT_ID" || sed -i "/\"web\": {/,/}/ s/\"client_id\".*/\"client_id\": \"${CLIENT_ID//\/}\",/" "$OAUTH_CONF_FILE" test -z "$CLIENT_ID" || sed -i "/\"web\": {/,/}/ s/\"client_id\".*/\"client_id\": \"${CLIENT_ID//\/}\",/" "$OAUTH_CONF_FILE"
test -z "$CLIENT_SECRET" || sed -i "/\"web\": {/,/}/ s/\"client_secret\".*/\"client_secret\": \"${CLIENT_SECRET//\/}\",/" "$OAUTH_CONF_FILE" test -z "$CLIENT_SECRET" || sed -i "/\"web\": {/,/}/ s/\"client_secret\".*/\"client_secret\": \"${CLIENT_SECRET//\/}\",/" "$OAUTH_CONF_FILE"
test -z "$PGP_PUB" || echo "$PGP_PUB" > "$PGP_PUB_FILE" test -z "$PGP_PUB" || echo "$PGP_PUB" > "$PGP_PUB_FILE"
test -z "$PGP_SEC" || echo "$PGP_SEC" > "$PGP_SEC_FILE" test -z "$PGP_SEC" || echo "$PGP_SEC" > "$PGP_SEC_FILE"
test "$TESTNET" = 1 -o "$TESTNET" = true && sed -i "/\[main\]/,/\[/ s/.*testnet=.*/testnet=true/" $DM_CONF_FILES
## Create new PGP keys. If PGP file is empty. ## Create new PGP keys. If PGP file is empty.
if [ ! -e "$PGP_SEC_FILE" ] if [ ! -e "$PGP_SEC_FILE" ]
@@ -65,7 +66,7 @@ EOF
pkill gpg-agent 2>/dev/null pkill gpg-agent 2>/dev/null
else else
echo -e "\nNOTE:Your PGP keyfiles location: $(dirname $PGP_PUB_FILE) \n" echo -e "\nNOTE:Your PGP keyfiles location: $(dirname $PGP_PUB_FILE)"
fi fi
## Change PGP keyfiles owner ## Change PGP keyfiles owner
@@ -76,16 +77,8 @@ test -e "$PGP_SEC_FILE" && chmod 600 "$PGP_SEC_FILE"
## Get bitcoin address from the daemon config ## Get bitcoin address from the daemon config
DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $DM_CONF_FILE)" DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $DM_CONF_FILE)"
## Create new Bitcoin keys. If address is empty.
if [ -z "$DM_BITCOIN" ]
then
echo -e "\nThe Bitcoin key is empty. Generating new Bitcoin key...\n"
B=$(tput bold)
N=$(tput sgr0)
## Setup testnet settings in libbitcoin-explorer config ## Setup testnet settings in libbitcoin-explorer config
test $TESTNET -eq 1 && \ test "$TESTNET" = 1 -o "$TESTNET" = true && \
sed -i -e "/\[wallet\]/,/\[/ s/wif_version? =.*/wif_version = 239/" \ sed -i -e "/\[wallet\]/,/\[/ s/wif_version? =.*/wif_version = 239/" \
-e "/\[wallet\]/,/\[/ s/hd_public_version =.*/hd_public_version = 70617039/" \ -e "/\[wallet\]/,/\[/ s/hd_public_version =.*/hd_public_version = 70617039/" \
-e "/\[wallet\]/,/\[/ s/hd_secret_version =.*/hd_secret_version = 70615956/" \ -e "/\[wallet\]/,/\[/ s/hd_secret_version =.*/hd_secret_version = 70615956/" \
@@ -101,6 +94,14 @@ then
-e "/#block_url = tcp:\/\/testnet.libbitcoin.net:19093/ s/^#//" \ -e "/#block_url = tcp:\/\/testnet.libbitcoin.net:19093/ s/^#//" \
-e "/#transaction_url = tcp:\/\/testnet.libbitcoin.net:19094/ s/^#//" "$BX_CONF_FILE" -e "/#transaction_url = tcp:\/\/testnet.libbitcoin.net:19094/ s/^#//" "$BX_CONF_FILE"
## Create new Bitcoin keys. If address is empty.
if [ -z "$DM_BITCOIN" ]
then
echo -e "\nThe Bitcoin key is empty. Generating new Bitcoin key...\n"
B=$(tput bold)
N=$(tput sgr0)
## Generate bitcoin keys ## Generate bitcoin keys
PRIVKEY="$(cat /dev/random | tr -cd "[:digit:]" | head -c 64)" PRIVKEY="$(cat /dev/random | tr -cd "[:digit:]" | head -c 64)"
PUBKEY="$(bx ec-to-public $PRIVKEY)" PUBKEY="$(bx ec-to-public $PRIVKEY)"
@@ -108,7 +109,7 @@ then
PRIVKEYWIF="$(bx ec-to-wif $PRIVKEY)" PRIVKEYWIF="$(bx ec-to-wif $PRIVKEY)"
## Write the bitcoin address to the daemon config ## Write the bitcoin address to the daemon config
sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" "$DM_CONF_FILE" sed -i "/\[module\]/,/\[/ s/^address=.*/address=$BITCOIN/" $DM_CONF_FILES
## Show bitcoin keys ## Show bitcoin keys
echo -e "Please backup these\t${B}BITCOIN KEYS:${N}" echo -e "Please backup these\t${B}BITCOIN KEYS:${N}"
@@ -120,11 +121,11 @@ fi
## Password notice ## Password notice
echo "$PASSWORD" | grep -q "/" && \ echo "$PASSWORD" | grep -q "/" && \
( echo -n -e "\n$(tput bold)WARN:$(tput sgr0)Please, write your 'passphrase=$PASSWORD'" | grep --color=auto -z -E "/" ; echo -n -e " to $DM_CONF_FILE manually.\n" ) ( echo -n -e "\n$(tput bold)WARN:$(tput sgr0)Please, write your 'passphrase=$PASSWORD'" | grep --color=auto -z -E "/" ; echo -n -e " to $DM_CONF_FILE manually." )
## API credentials notice ## API credentials notice
test -z "$CLIENT_ID" -o -z "$CLIENT_SECRET" && \ test -z "$CLIENT_ID" -o -z "$CLIENT_SECRET" && \
echo -e "NOTE:Please visit a BitDeals site to get your API credentials: $(tput smul)\$CLIENT_ID$(tput rmul) and $(tput smul)\$CLIENT_SECRET$(tput rmul).\n" echo -e "NOTE:Please visit a BitDeals site to get your API credentials: $(tput smul)\$CLIENT_ID$(tput rmul) and $(tput smul)\$CLIENT_SECRET$(tput rmul).\n"
## Run the daemon ## Run the daemon
exec /usr/sbin/dm -p /etc/dm -c /etc/dm/dm.conf exec /usr/sbin/dm -p /etc/dm -c /etc/dm/dm.conf $@