diff --git a/docker/my-dojo/.env b/docker/my-dojo/.env index 4808eb7..d6a4836 100644 --- a/docker/my-dojo/.env +++ b/docker/my-dojo/.env @@ -32,6 +32,9 @@ MYSQL_DATABASE=samourai-main # BITCOIND ######################################### +BITCOIND_LINUX_UID=1105 +BITCOIND_LINUX_GID=1108 + BITCOIND_DNSSEED=0 BITCOIND_DNS=0 @@ -67,3 +70,35 @@ NODE_TRACKER_UNCONF_TXS_PERIOD=300000 ######################################### INDEXER_BATCH_SIZE=10 + + +######################################### +# TOR +######################################### + +TOR_LINUX_UID=1104 +TOR_LINUX_GID=1107 + + +######################################### +# WHIRLPOOL +######################################### + +WHIRLPOOL_LINUX_UID=1110 +WHIRLPOOL_LINUX_GID=1113 + + +######################################### +# INDEXER +######################################### + +INDEXER_LINUX_UID=1106 +INDEXER_LINUX_GID=1109 + + +######################################### +# SOROBAN +######################################### + +SOROBAN_LINUX_UID=1111 +SOROBAN_LINUX_GID=1114 diff --git a/docker/my-dojo/bitcoin/Dockerfile b/docker/my-dojo/bitcoin/Dockerfile index 160ea50..c3fdd30 100644 --- a/docker/my-dojo/bitcoin/Dockerfile +++ b/docker/my-dojo/bitcoin/Dockerfile @@ -12,6 +12,11 @@ ENV BITCOIN_ASC_URL https://bitcoincore.org/bin/bitcoin-core-0.21.0/SHA2 ENV BITCOIN_PGP_KS_URI hkp://keyserver.ubuntu.com:80 ENV BITCOIN_PGP_KEY 01EA5486DE18A882D4C2684590C8019E36C2E964 +ARG BITCOIND_LINUX_UID +ARG BITCOIND_LINUX_GID +ARG TOR_LINUX_GID + + RUN set -ex && \ apt-get update && \ apt-get install -qq --no-install-recommends ca-certificates dirmngr gosu gpg gpg-agent wget && \ @@ -30,9 +35,9 @@ RUN set -ex && \ # Create groups bitcoin & tor # Create user bitcoin and add it to groups -RUN addgroup --system -gid 1108 bitcoin && \ - addgroup --system -gid 1107 tor && \ - adduser --system --ingroup bitcoin -uid 1105 bitcoin && \ +RUN addgroup --system -gid ${BITCOIND_LINUX_GID} bitcoin && \ + addgroup --system -gid ${TOR_LINUX_GID} tor && \ + adduser --system --ingroup bitcoin -uid ${BITCOIND_LINUX_UID} bitcoin && \ usermod -a -G tor bitcoin # Create data directory diff --git a/docker/my-dojo/docker-compose.yaml b/docker/my-dojo/docker-compose.yaml index 197ce65..053a165 100644 --- a/docker/my-dojo/docker-compose.yaml +++ b/docker/my-dojo/docker-compose.yaml @@ -30,6 +30,8 @@ services: build: context: ./../.. dockerfile: ./docker/my-dojo/node/Dockerfile + args: + TOR_LINUX_GID: ${TOR_LINUX_GID} env_file: - ./.env - ./conf/docker-common.conf @@ -90,6 +92,9 @@ services: container_name: tor build: context: ./tor + args: + TOR_LINUX_UID: ${TOR_LINUX_UID} + TOR_LINUX_GID: ${TOR_LINUX_GID} env_file: - ./.env - ./conf/docker-bitcoind.conf diff --git a/docker/my-dojo/indexer/Dockerfile b/docker/my-dojo/indexer/Dockerfile index ea3b26a..d868bee 100644 --- a/docker/my-dojo/indexer/Dockerfile +++ b/docker/my-dojo/indexer/Dockerfile @@ -4,13 +4,16 @@ ENV INDEXER_HOME /home/indexer ENV INDEXER_VERSION 0.4.0 ENV INDEXER_URL https://code.samourai.io/dojo/addrindexrs.git +ARG INDEXER_LINUX_GID +ARG INDEXER_LINUX_UID + RUN apt-get update && \ apt-get install -y clang cmake git && \ apt-get install -y libsnappy-dev # Create group and user indexer -RUN addgroup --system -gid 1109 indexer && \ - adduser --system --ingroup indexer -uid 1106 indexer +RUN addgroup --system -gid ${INDEXER_LINUX_GID} indexer && \ + adduser --system --ingroup indexer -uid ${INDEXER_LINUX_UID} indexer # Create data directory RUN mkdir "$INDEXER_HOME/addrindexrs" && \ diff --git a/docker/my-dojo/node/Dockerfile b/docker/my-dojo/node/Dockerfile index db03868..3741ddc 100644 --- a/docker/my-dojo/node/Dockerfile +++ b/docker/my-dojo/node/Dockerfile @@ -1,9 +1,11 @@ FROM node:12-buster -ENV APP_DIR /home/node/app +ENV APP_DIR /home/node/app +ARG TOR_LINUX_GID + # Add node user to tor group -RUN addgroup --system -gid 1107 tor && \ +RUN addgroup --system -gid ${TOR_LINUX_GID} tor && \ usermod -a -G tor node # Install forever @@ -11,7 +13,7 @@ RUN npm install -g forever # Create app directory RUN mkdir "$APP_DIR" && \ - chown -R node:node "$APP_DIR" + chown -R node:node "$APP_DIR" # Copy app source files into APP_DIR COPY . "$APP_DIR" diff --git a/docker/my-dojo/overrides/bitcoind.install.yaml b/docker/my-dojo/overrides/bitcoind.install.yaml index ab36e59..639d0c8 100644 --- a/docker/my-dojo/overrides/bitcoind.install.yaml +++ b/docker/my-dojo/overrides/bitcoind.install.yaml @@ -6,6 +6,10 @@ services: container_name: bitcoind build: context: ./bitcoin + args: + BITCOIND_LINUX_UID: ${BITCOIND_LINUX_UID} + BITCOIND_LINUX_GID: ${BITCOIND_LINUX_GID} + TOR_LINUX_GID: ${TOR_LINUX_GID} env_file: - ./.env - ./conf/docker-common.conf diff --git a/docker/my-dojo/overrides/indexer.install.yaml b/docker/my-dojo/overrides/indexer.install.yaml index 462541f..dea14e5 100644 --- a/docker/my-dojo/overrides/indexer.install.yaml +++ b/docker/my-dojo/overrides/indexer.install.yaml @@ -6,6 +6,9 @@ services: container_name: indexer build: context: ./indexer + args: + INDEXER_LINUX_UID: ${INDEXER_LINUX_UID} + INDEXER_LINUX_GID: ${INDEXER_LINUX_GID} env_file: - ./.env - ./conf/docker-common.conf diff --git a/docker/my-dojo/overrides/whirlpool.install.yaml b/docker/my-dojo/overrides/whirlpool.install.yaml index 9d788b1..b724b11 100644 --- a/docker/my-dojo/overrides/whirlpool.install.yaml +++ b/docker/my-dojo/overrides/whirlpool.install.yaml @@ -6,6 +6,9 @@ services: container_name: whirlpool build: context: ./whirlpool + args: + WHIRLPOOL_LINUX_UID: ${WHIRLPOOL_LINUX_UID} + WHIRLPOOL_LINUX_GID: ${WHIRLPOOL_LINUX_GID} env_file: - ./.env - ./conf/docker-common.conf diff --git a/docker/my-dojo/tor/Dockerfile b/docker/my-dojo/tor/Dockerfile index f21ce2c..890fb74 100644 --- a/docker/my-dojo/tor/Dockerfile +++ b/docker/my-dojo/tor/Dockerfile @@ -17,6 +17,9 @@ ENV GOLANG_SHA256 50fe8e13592f8cf22304b9c4adfc11849a2c3d281b1d7e09c924 ENV OBFS4_URL https://github.com/Yawning/obfs4.git ENV OBFS4_VERSION 0.0.11 +ARG TOR_LINUX_UID +ARG TOR_LINUX_GID + # Install Tor RUN set -ex && \ @@ -68,8 +71,8 @@ RUN cd /usr/local/src && \ rm -rf obfs4proxy # Create group & user tor -RUN addgroup --system -gid 1107 tor && \ - adduser --system --ingroup tor -uid 1104 tor +RUN addgroup --system -gid ${TOR_LINUX_GID} tor && \ + adduser --system --ingroup tor -uid ${TOR_LINUX_UID} tor # Create /etc/tor directory RUN mkdir -p /etc/tor/ && \ diff --git a/docker/my-dojo/whirlpool/Dockerfile b/docker/my-dojo/whirlpool/Dockerfile index 12e6c90..27cb15d 100644 --- a/docker/my-dojo/whirlpool/Dockerfile +++ b/docker/my-dojo/whirlpool/Dockerfile @@ -3,6 +3,8 @@ FROM debian:buster ENV WHIRLPOOL_HOME /home/whirlpool ENV WHIRLPOOL_DIR /usr/local/whirlpool-cli +ARG WHIRLPOOL_LINUX_UID +ARG WHIRLPOOL_LINUX_GID # Install prerequisites # Create group & user whirlpool @@ -11,8 +13,8 @@ ENV WHIRLPOOL_DIR /usr/local/whirlpool-cli RUN set -ex && \ apt-get update && \ apt-get install -y libevent-dev zlib1g-dev libssl-dev gcc make automake ca-certificates autoconf musl-dev coreutils gpg wget default-jdk && \ - addgroup --system -gid 1113 whirlpool && \ - adduser --system --ingroup whirlpool -uid 1110 whirlpool && \ + addgroup --system -gid ${WHIRLPOOL_LINUX_GID} whirlpool && \ + adduser --system --ingroup whirlpool -uid ${WHIRLPOOL_LINUX_UID} whirlpool && \ mkdir -p "$WHIRLPOOL_HOME/.whirlpool-cli" && \ chown -Rv whirlpool:whirlpool "$WHIRLPOOL_HOME" && \ chmod -R 750 "$WHIRLPOOL_HOME" && \