diff --git a/26/Dockerfile b/26/Dockerfile new file mode 100644 index 0000000..b71fd75 --- /dev/null +++ b/26/Dockerfile @@ -0,0 +1,60 @@ +FROM debian:bookworm-slim as builder + +LABEL maintainer.0="João Fonseca (@joaopaulofonseca)" \ + maintainer.1="Pedro Branco (@pedrobranco)" \ + maintainer.2="Rui Marinho (@ruimarinho)" + +RUN apt-get update -y \ + && apt-get install -y ca-certificates curl git gnupg gosu python3 wget --no-install-recommends \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +ARG TARGETPLATFORM +ENV BITCOIN_VERSION=26.1 +ENV SIGS_REPO_URL="https://github.com/bitcoin-core/guix.sigs.git" +ENV SIGS_CLONE_DIR="guix.sigs" +ENV VERIFY_SCRIPT_URL="https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/verify-binaries/verify.py" +ENV TMPDIR="/tmp/bitcoin_verify_binaries" + +RUN set -ex \ + && if [ "${TARGETPLATFORM}" = "linux/amd64" ]; then export TARGETPLATFORM=x86_64-linux-gnu; fi \ + && if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then export TARGETPLATFORM=aarch64-linux-gnu; fi \ + && if [ "${TARGETPLATFORM}" = "linux/arm/v7" ]; then export TARGETPLATFORM=arm-linux-gnueabihf; fi \ + && git clone ${SIGS_REPO_URL} ${SIGS_CLONE_DIR} \ + && gpg --import "${SIGS_CLONE_DIR}"/builder-keys/* \ + && curl -o verify.py ${VERIFY_SCRIPT_URL} \ + && chmod +x verify.py \ + && ./verify.py \ + --min-good-sigs 6 pub "${BITCOIN_VERSION}-linux" \ + && tar -xzf "${TMPDIR}.${BITCOIN_VERSION}-linux/bitcoin-${BITCOIN_VERSION}-${TARGETPLATFORM}.tar.gz" -C /opt \ + && rm -rf ${SIGS_CLONE_DIR} \ + && rm -rf ${TMPDIR} \ + && rm -rf /opt/bitcoin-${BITCOIN_VERSION}/bin/bitcoin-qt + +# Second stage +FROM debian:bookworm-slim + +ARG UID=101 +ARG GID=101 + +ENV BITCOIN_DATA=/home/bitcoin/.bitcoin +ENV BITCOIN_VERSION=26.1 +ENV PATH=/opt/bitcoin-${BITCOIN_VERSION}/bin:$PATH + +RUN groupadd --gid ${GID} bitcoin \ + && useradd --create-home --no-log-init -u ${UID} -g ${GID} bitcoin \ + && apt-get update -y \ + && apt-get install -y gosu --no-install-recommends \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +COPY --from=builder /opt/bitcoin-${BITCOIN_VERSION} /opt/bitcoin-${BITCOIN_VERSION} + +COPY docker-entrypoint.sh /entrypoint.sh + +VOLUME ["/home/bitcoin/.bitcoin"] +EXPOSE 8332 8333 18332 18333 18443 18444 38333 38332 + +ENTRYPOINT ["/entrypoint.sh"] +RUN bitcoind -version | grep "Bitcoin Core version v${BITCOIN_VERSION}" +CMD ["bitcoind"] diff --git a/26/alpine/Dockerfile b/26/alpine/Dockerfile new file mode 100644 index 0000000..1a43903 --- /dev/null +++ b/26/alpine/Dockerfile @@ -0,0 +1,127 @@ +# Build stage for BerkeleyDB +FROM alpine as berkeleydb + +RUN sed -i 's/http\:\/\/dl-cdn.alpinelinux.org/https\:\/\/alpine.global.ssl.fastly.net/g' /etc/apk/repositories +RUN apk --no-cache add autoconf +RUN apk --no-cache add automake +RUN apk --no-cache add build-base +RUN apk --no-cache add libressl + +ENV BERKELEYDB_VERSION=db-4.8.30.NC +ENV BERKELEYDB_PREFIX=/opt/${BERKELEYDB_VERSION} + +RUN wget https://download.oracle.com/berkeley-db/${BERKELEYDB_VERSION}.tar.gz +RUN tar -xzf *.tar.gz +RUN sed s/__atomic_compare_exchange/__atomic_compare_exchange_db/g -i ${BERKELEYDB_VERSION}/dbinc/atomic.h +RUN mkdir -p ${BERKELEYDB_PREFIX} + +WORKDIR /${BERKELEYDB_VERSION}/build_unix + +RUN ../dist/configure --enable-cxx --disable-shared --with-pic --prefix=${BERKELEYDB_PREFIX} --build=aarch64-unknown-linux-gnu +RUN make -j4 +RUN make install +RUN rm -rf ${BERKELEYDB_PREFIX}/docs + +# Build stage for Bitcoin Core +FROM alpine as bitcoin-core + +COPY --from=berkeleydb /opt /opt + +RUN sed -i 's/http\:\/\/dl-cdn.alpinelinux.org/https\:\/\/alpine.global.ssl.fastly.net/g' /etc/apk/repositories +RUN apk --no-cache add autoconf +RUN apk --no-cache add automake +RUN apk --no-cache add boost-dev +RUN apk --no-cache add build-base +RUN apk --no-cache add chrpath +RUN apk --no-cache add file +RUN apk --no-cache add gnupg +RUN apk --no-cache add git +RUN apk --no-cache add libevent-dev +RUN apk --no-cache add libressl +RUN apk --no-cache add libtool +RUN apk --no-cache add linux-headers +RUN apk --no-cache add sqlite-dev +RUN apk --no-cache add zeromq-dev + +ENV BITCOIN_VERSION=26.1 +ENV BITCOIN_PREFIX=/opt/bitcoin-${BITCOIN_VERSION} +ENV BITCOIN_SOURCE_DIR=/bitcoin/src +ENV SIGS_REPO_URL="https://github.com/bitcoin-core/guix.sigs.git" +ENV SIGS_CLONE_DIR="guix.sigs" +ENV VERIFY_SCRIPT_URL="https://github.com/bitcoin/bitcoin/raw/master/contrib/verify-binaries/verify.py" + +WORKDIR /bitcoin +RUN set -ex \ + && wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}.tar.gz \ + && wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS \ + && wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS.asc \ + && git clone ${SIGS_REPO_URL} ${SIGS_CLONE_DIR} \ + && gpg --import "${SIGS_CLONE_DIR}"/builder-keys/* \ + && wget -O verify.py ${VERIFY_SCRIPT_URL} \ + && chmod +x verify.py \ + && ./verify.py bin SHA256SUMS \ + "bitcoin-${BITCOIN_VERSION}.tar.gz" \ + && mkdir -p ${BITCOIN_SOURCE_DIR} \ + && tar -xzf "bitcoin-${BITCOIN_VERSION}.tar.gz" -C ${BITCOIN_SOURCE_DIR} \ + && rm -rf ${SIGS_CLONE_DIR} + +WORKDIR "${BITCOIN_SOURCE_DIR}/bitcoin-${BITCOIN_VERSION}" + +RUN sed -i s:sys/fcntl.h:fcntl.h: src/compat/compat.h +RUN ./autogen.sh +RUN ./configure LDFLAGS=-L`ls -d /opt/db*`/lib/ CPPFLAGS=-I`ls -d /opt/db*`/include/ \ + --prefix=${BITCOIN_PREFIX} \ + --mandir=/usr/share/man \ + --disable-tests \ + --disable-bench \ + --disable-ccache \ + --with-gui=no \ + --with-utils \ + --with-libs \ + --with-sqlite=yes \ + --with-daemon +RUN make -j4 +RUN make install +RUN strip ${BITCOIN_PREFIX}/bin/bitcoin-cli +RUN strip ${BITCOIN_PREFIX}/bin/bitcoin-tx +RUN strip ${BITCOIN_PREFIX}/bin/bitcoind +RUN strip ${BITCOIN_PREFIX}/lib/libbitcoinconsensus.a +RUN strip ${BITCOIN_PREFIX}/lib/libbitcoinconsensus.so.0.0.0 + +# Build stage for compiled artifacts +FROM alpine + +ARG UID=100 +ARG GID=101 + +LABEL maintainer.0="João Fonseca (@joaopaulofonseca)" \ + maintainer.1="Pedro Branco (@pedrobranco)" \ + maintainer.2="Rui Marinho (@ruimarinho)" + +RUN addgroup bitcoin --gid ${GID} --system +RUN adduser --uid ${UID} --system bitcoin --ingroup bitcoin +RUN sed -i 's/http\:\/\/dl-cdn.alpinelinux.org/https\:\/\/alpine.global.ssl.fastly.net/g' /etc/apk/repositories +RUN apk --no-cache add \ + libevent \ + libzmq \ + shadow \ + sqlite-dev \ + su-exec + +ENV BITCOIN_DATA=/home/bitcoin/.bitcoin +ENV BITCOIN_VERSION=26.1 +ENV BITCOIN_PREFIX=/opt/bitcoin-${BITCOIN_VERSION} +ENV PATH=${BITCOIN_PREFIX}/bin:$PATH + +COPY --from=bitcoin-core /opt /opt +COPY docker-entrypoint.sh /entrypoint.sh + +VOLUME ["/home/bitcoin/.bitcoin"] + +EXPOSE 8332 8333 18332 18333 18444 + +ENTRYPOINT ["/entrypoint.sh"] + +RUN bitcoind -version | grep "Bitcoin Core version v${BITCOIN_VERSION}" + +CMD ["bitcoind"] diff --git a/26/alpine/docker-entrypoint.sh b/26/alpine/docker-entrypoint.sh new file mode 100755 index 0000000..d35d9ce --- /dev/null +++ b/26/alpine/docker-entrypoint.sh @@ -0,0 +1,39 @@ +#!/bin/sh +set -e + +if [ -n "${UID+x}" ] && [ "${UID}" != "0" ]; then + usermod -u "$UID" bitcoin +fi + +if [ -n "${GID+x}" ] && [ "${GID}" != "0" ]; then + groupmod -g "$GID" bitcoin +fi + +echo "$0: assuming uid:gid for bitcoin:bitcoin of $(id -u bitcoin):$(id -g bitcoin)" + +if [ $(echo "$1" | cut -c1) = "-" ]; then + echo "$0: assuming arguments for bitcoind" + + set -- bitcoind "$@" +fi + +if [ $(echo "$1" | cut -c1) = "-" ] || [ "$1" = "bitcoind" ]; then + mkdir -p "$BITCOIN_DATA" + chmod 700 "$BITCOIN_DATA" + # Fix permissions for home dir. + chown -R bitcoin:bitcoin "$(getent passwd bitcoin | cut -d: -f6)" + # Fix permissions for bitcoin data dir. + chown -R bitcoin:bitcoin "$BITCOIN_DATA" + + echo "$0: setting data directory to $BITCOIN_DATA" + + set -- "$@" -datadir="$BITCOIN_DATA" +fi + +if [ "$1" = "bitcoind" ] || [ "$1" = "bitcoin-cli" ] || [ "$1" = "bitcoin-tx" ]; then + echo + exec su-exec bitcoin "$@" +fi + +echo +exec "$@" diff --git a/26/docker-entrypoint.sh b/26/docker-entrypoint.sh new file mode 100755 index 0000000..8149987 --- /dev/null +++ b/26/docker-entrypoint.sh @@ -0,0 +1,39 @@ +#!/bin/bash +set -e + +if [ -n "${UID+x}" ] && [ "${UID}" != "0" ]; then + usermod -u "$UID" bitcoin +fi + +if [ -n "${GID+x}" ] && [ "${GID}" != "0" ]; then + groupmod -g "$GID" bitcoin +fi + +echo "$0: assuming uid:gid for bitcoin:bitcoin of $(id -u bitcoin):$(id -g bitcoin)" + +if [ $(echo "$1" | cut -c1) = "-" ]; then + echo "$0: assuming arguments for bitcoind" + + set -- bitcoind "$@" +fi + +if [ $(echo "$1" | cut -c1) = "-" ] || [ "$1" = "bitcoind" ]; then + mkdir -p "$BITCOIN_DATA" + chmod 700 "$BITCOIN_DATA" + # Fix permissions for home dir. + chown -R bitcoin:bitcoin "$(getent passwd bitcoin | cut -d: -f6)" + # Fix permissions for bitcoin data dir. + chown -R bitcoin:bitcoin "$BITCOIN_DATA" + + echo "$0: setting data directory to $BITCOIN_DATA" + + set -- "$@" -datadir="$BITCOIN_DATA" +fi + +if [ "$1" = "bitcoind" ] || [ "$1" = "bitcoin-cli" ] || [ "$1" = "bitcoin-tx" ]; then + echo + exec gosu bitcoin "$@" +fi + +echo +exec "$@"