commit a64ef54f3b7ca2eeddee2b802eb626cdd30c85a2 Author: Wexpert Systems Date: Fri Oct 22 14:11:27 2021 -0400 initial commit diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..9362ca8 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,96 @@ +# bitcoind Builder container +FROM buildpack-deps:bullseye-curl as btc-builder + +# This buildarg can be set during container build time with --build-arg VERSION=[version] +ARG VERSION=0.21.2 + +RUN apt-get update && \ + apt-get install -y gnupg2 && \ + rm -rf /var/lib/apt/lists/* + +COPY ./bin/get-bitcoin.sh /usr/bin/ +RUN chmod +x /usr/bin/get-bitcoin.sh && \ + mkdir /root/bitcoin && \ + get-bitcoin.sh $VERSION /root/bitcoin/ + + +# electrs Builder container +FROM rust:1.55.0 as electrs-builder + +RUN apt-get update && \ + apt-get install -y clang cmake build-essential && \ + rm -rf /var/lib/apt/lists/* + +RUN git clone https://github.com/romanz/electrs.git +RUN cd electrs && cargo build --locked --release + + +# NodeJS Builder container +FROM buildpack-deps:bullseye-curl as nodejs-builder + +RUN apt-get update && \ + apt-get install -y xz-utils python && \ + rm -rf /var/lib/apt/lists/* + +RUN curl https://nodejs.org/dist/v14.18.1/node-v14.18.1-linux-x64.tar.xz --output node-v14.18.1-linux-x64.tar.xz +RUN tar xvf node-v14.18.1-linux-x64.tar.xz + + +# urbit-bitcoin-rpc Builder container +FROM buildpack-deps:bullseye as urbit-rpc-builder + +ADD https://api.github.com/repos/urbit/urbit-bitcoin-rpc/git/refs/heads/master version.json +RUN git clone -b master https://github.com/urbit/urbit-bitcoin-rpc.git urbit-bitcoin-rpc + + +# urbit-bitcoin-node container +FROM debian:bullseye-slim + +# Run bitcoin as a non-privileged user to avoid permissions issues with volume mounts, +# amount other things. +# +# These buildargs can be set during container build time with --build-arg UID=[uid] +ARG UID=1000 +ARG GID=1000 +ARG USERNAME=user + +RUN apt-get update && \ + apt-get install -y iproute2 sudo && \ + rm -rf /var/lib/apt/lists/* + +# used to set internal docker domain while still not running as root user. +COPY ./bin/append-to-hosts.sh /usr/bin/append-to-hosts +RUN chmod +x /usr/bin/append-to-hosts + +# Allow the new user write access to /etc/hosts +RUN groupadd -g $GID -o $USERNAME && \ + useradd -m -u $UID -g $GID -o -d /home/$USERNAME -s /bin/bash $USERNAME && \ + echo "$USERNAME ALL=(ALL:ALL) NOPASSWD: /usr/bin/append-to-hosts" | tee -a /etc/sudoers + +# Copy files from the builder containers +COPY --from=btc-builder /root/bitcoin/ /usr/local/ +COPY --from=electrs-builder /electrs/target/release/electrs /usr/local/bin +COPY --from=nodejs-builder /node-v14.18.1-linux-x64/ /usr/local/ +COPY --from=urbit-rpc-builder /urbit-bitcoin-rpc/* / +COPY --from=urbit-rpc-builder /urbit-bitcoin-rpc/src /src + +# Overwrite two files in the dist with our local slightly modified versions +ADD /rpc/mainnet-start.sh /mainnet-start.sh +ADD /rpc/bitcoin.conf /bitcoin.conf + +RUN npm install express +RUN npm audit fix + + +RUN mkdir -p /bitcoin/data && \ + chown -R $USERNAME:$GID /bitcoin + +USER $USERNAME + +EXPOSE 8332 8333 50002 + +ENTRYPOINT ["/mainnet-start.sh"] + + + + diff --git a/bin/append-to-hosts.sh b/bin/append-to-hosts.sh new file mode 100644 index 0000000..03439e5 --- /dev/null +++ b/bin/append-to-hosts.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +# edit hosts as non-root +echo "$@" >> /etc/hosts diff --git a/bin/get-bitcoin.sh b/bin/get-bitcoin.sh new file mode 100644 index 0000000..eaa1352 --- /dev/null +++ b/bin/get-bitcoin.sh @@ -0,0 +1,93 @@ +#!/usr/bin/env bash + +set -e +# For debugging: +# set -x + +# Versions available (per https://bitcoincore.org/bin) are: +# +# (there are earlier versions available, but the binary URLs don't conform to the +# same pattern.) +# + +VERSIONS=( +0.13.0 +0.13.1 +0.13.2 +0.14.3 +0.15.2 +0.16.3 +0.17.0 +0.17.0.1 +0.17.1 +0.17.2 +0.18.0 +0.18.1 +0.19.0.1 +0.19.1 +0.20.0 +0.20.1 +0.20.2 +0.21.0 +0.21.1 +0.21.2 +) + +err() { + >&2 echo "$@" +} + +if [ ! -f /etc/debian_version ] && [ ! -f /etc/lsb_release ]; then + err "This script is intended for use on Debian-based systems." + exit 1 +fi + +VERSION="$1" +INSTALL_PREFIX="${2:-/}" + +URL_BASE="https://bitcoincore.org/bin/bitcoin-core-${VERSION}" +FILENAME="bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz" + +if [ -z "${VERSION}" ]; then + err "Usage: get-bitcoin.sh []" + err + err "Available versions are:" + + for v in "${VERSIONS[@]}"; do + err " ${v}" + done + + err + exit 1 +fi + +TMPDIR=$(mktemp -d) +cd "$TMPDIR" + +# Verify this signing key fingerprint here: +# +# https://github.com/bitcoin/bitcoin/tree/master/contrib/verifybinaries +# +gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964 + +curl -O "${URL_BASE}/SHA256SUMS.asc" +curl -O "${URL_BASE}/${FILENAME}" + +sha256sum --ignore-missing --check SHA256SUMS.asc \ + | tee - | grep -o "${FILENAME}: OK" + +gpg --verify SHA256SUMS.asc >gpg_verify_out 2>&1 +grep '^gpg: Good signature from "Wladimir J. van der Laan' gpg_verify_out +grep '^Primary key fingerprint: 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964' gpg_verify_out + +tar -xzvf "${FILENAME}" +DIR=$(find . -name 'bitcoin-*' -type d | head -n 1) +ls -lah ${DIR} +rm "${DIR}"/bin/bitcoin-qt +cp -r "${DIR}"/* "${INSTALL_PREFIX}" + +echo +echo "Bitcoin installed:" +echo +"${INSTALL_PREFIX}/bin/bitcoind" --version || true + diff --git a/rpc/bitcoin.conf b/rpc/bitcoin.conf new file mode 100644 index 0000000..3d1189c --- /dev/null +++ b/rpc/bitcoin.conf @@ -0,0 +1,23 @@ +#bindaddress=127.0.0.1 +#listen=1 +#proxy=127.0.0.1:9050 +#debug=tor +# +blockfilterindex=1 +txindex=1 +server=1 + +rpcallowip=0.0.0.0/0 +rpcbind=127.0.0.1 +rpcport=8332 + +## Lightning options +zmqpubrawblock=tcp://127.0.0.1:28332 +zmqpubrawtx=tcp://127.0.0.1:28333 + +[test] +rpcallowip=0.0.0.0/0 +rpcbind=0.0.0.0 +rpcbind=127.0.0.1 +rpcport=18332 + diff --git a/rpc/mainnet-start.sh b/rpc/mainnet-start.sh new file mode 100755 index 0000000..a320d48 --- /dev/null +++ b/rpc/mainnet-start.sh @@ -0,0 +1,40 @@ +#!/bin/bash +########################## +# Variables: +# DRIVE: location of the (probably external) drive holding a /BTC directory +########################## +DRIVE=/bitcoin/data + +# create subdirectories if needed +mkdir -p /bitcoin/data/BTC +mkdir -p /bitcoin/data/electrs + +# Set host.docker.internal +sudo /usr/bin/append-to-hosts "$(ip -4 route list match 0/0 | awk '{print $3 "\thost.docker.internal"}')" + +# Start BTC first so that proxy can access BTC's .cookie file +# Sleep so that the .cookie file is generated +BTC_DATADIR=$DRIVE/BTC +cp ./bitcoin.conf $BTC_DATADIR/bitcoin.conf + +bitcoind -datadir=$BTC_DATADIR & +sleep 2 + +ELECTRS_DATADIR=$DRIVE/electrs +COOKIE=$(cat ${BTC_DATADIR}/.cookie) +export BTC_RPC_COOKIE_PASS=${COOKIE:11} +export BTC_RPC_PORT=8332 +export BTC_NETWORK=MAIN +export ELECTRS_HOST=127.0.0.1 +export ELECTRS_PORT=50001 +export PROXY_PORT=50002 + +node src/server.js & + +electrs \ + -vvvv --timestamp \ + --cookie-file $BTC_DATADIR/.cookie \ + --daemon-dir $BTC_DATADIR \ + --db-dir $ELECTRS_DATADIR \ + --daemon-rpc-addr "127.0.0.1:${BTC_RPC_PORT}" \ + --electrum-rpc-addr $ELECTRS_HOST:$ELECTRS_PORT