Add docker bitcoind and tor

2024-08-16 15:20:55 +03:00 · 2022-02-08 03:41:03 -08:00 · 2022-02-08 03:41:03 -08:00 · 94d1f4a51f
commit 94d1f4a51f
parent 715d7ebf6d
8 changed files with 174 additions and 42 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -14,7 +14,7 @@ services:
    container_name: django-dev
    restart: always
    depends_on:
-    #   - bitcoind-dev
+      - bitcoind
    #   - lnd-dev
      - redis
    environment:
@ -52,8 +52,8 @@ services:
    build: .
    container_name: invo-dev
    restart: always
-    # depends_on:
-    #   - bitcoind-testnet
+    depends_on:
+      - bitcoind
    #   - lnd-testnet
    command: python3 manage.py follow_invoices
    volumes:
@ -75,6 +75,32 @@ services:
    networks:
      - redis_network

+  tor:
+    build: ./docker/tor
+    container_name: tor-dev
+    restart: always
+    environment:
+      LOCAL_USER_ID: 1000
+      LOCAL_GROUP_ID: 1000
+    volumes:
+      - /mnt/development/tor/data:/var/lib/tor
+      - /mnt/development/tor/config:/etc/tor
+
+  bitcoind:
+    build: ./docker/bitcoind
+    container_name: btc-dev
+    restart: always
+    environment:
+      LOCAL_USER_ID: 1000
+      LOCAL_GROUP_ID: 1000
+    depends_on:
+      - tor
+    network_mode: service:tor
+    volumes:
+      - /mnt/development/tor/data:/var/lib/tor:ro
+      - /mnt/development/tor/config:/etc/tor:ro
+      - /mnt/development/bitcoin:/home/bitcoin/.bitcoin
+
 volumes:
  redisdata:

--- a/docker/bitcoind/Dockerfile
+++ b/docker/bitcoind/Dockerfile
@ -0,0 +1,15 @@
+FROM ruimarinho/bitcoin-core:22-alpine
+
+ARG LOCAL_USER_ID=9999
+ARG LOCAL_GROUP_ID=9999
+
+# Set the expected local user id
+# for shared group to access tor cookie
+RUN apk --no-cache --no-progress add shadow=~4 gettext=~0.21 && \
+  groupadd -g "$LOCAL_GROUP_ID" bitcoin && \
+  usermod -u "$LOCAL_USER_ID" -g bitcoin bitcoin
+
+COPY entrypoint.sh /root/entrypoint.sh
+COPY bitcoin.conf /tmp/bitcoin.conf
+ENTRYPOINT [ "/root/entrypoint.sh" ]
+CMD ["bitcoind"]
--- a/docker/bitcoind/bitcoin.conf
+++ b/docker/bitcoind/bitcoin.conf
@ -0,0 +1,33 @@
+# Reference: https://en.bitcoin.it/wiki/Running_Bitcoin
+# https://github.com/bitcoin/bitcoin/blob/master/share/examples/bitcoin.conf
+
+server=1
+txindex=1
+onion=127.0.0.1:9050
+torcontrol=127.0.0.1:9051
+rpcuser=robodev
+rpcpassword=robodev
+zmqpubrawblock=tcp://127.0.0.1:18501
+zmqpubrawtx=tcp://127.0.0.1:18502
+
+# Allow RPC connections from outside of container localhost
+rpcbind=0.0.0.0
+# Only connect to typical docker IP addresses (Usually from docker host computer)
+rpcallowip=172.0.0.0/255.0.0.0
+# Allow access from any IP address (Usually from another computer on LAN)
+#rpcallowip=0.0.0.0/0
+
+# Run on the test network instead of the real bitcoin network.
+testnet=1
+
+[main]
+# Only run on Tor
+onlynet=onion
+
+# Add Tor seed nodes
+addnode=i4x66albngo3sg3w.onion:8333
+
+# Some testnet settings needed for 0.19, if using testnet
+[test]
+# Allow RPC connections from outside of container localhost
+rpcbind=0.0.0.0
--- a/docker/bitcoind/entrypoint.sh
+++ b/docker/bitcoind/entrypoint.sh
@ -0,0 +1,21 @@
+#!/bin/sh
+set -e
+
+# Create bitcoin.conf if it doesn't exist
+if [ ! -f "/home/bitcoin/.bitcoin/bitcoin.conf" ]; then
+    envsubst < /tmp/bitcoin.conf > /home/bitcoin/.bitcoin/bitcoin.conf
+fi
+
+_USER_ID="$(id -u)"
+
+# Change local user id and group
+if [ -n "${LOCAL_USER_ID:?}" ] && [ "$_USER_ID" != "${LOCAL_USER_ID:?}" ]; then
+    usermod -u "${LOCAL_USER_ID:?}" bitcoin
+fi
+groupmod -g "${LOCAL_GROUP_ID:?}" bitcoin
+
+# Fix ownership
+chown -R bitcoin /home/bitcoin
+
+# Run original entrypoint
+exec /entrypoint.sh "$@"
--- a/docker/tor/Dockerfile
+++ b/docker/tor/Dockerfile
@ -0,0 +1,21 @@
+FROM alpine:3
+
+RUN apk --no-cache --no-progress add tor=~0.4
+
+EXPOSE 9001 9050
+
+# hadolint ignore=DL3002
+USER root
+ARG LOCAL_USER_ID=9999
+ENV TOR_DATA=/var/lib/tor
+
+# Add useradd and usermod
+# Create user account (UID will be changed in entrypoint script)
+RUN apk --no-cache --no-progress add shadow=~4 sudo=~1 && \
+  useradd -u $LOCAL_USER_ID --shell /bin/sh -m alice && \
+  usermod -g alice tor
+
+COPY entrypoint.sh /root/entrypoint.sh
+COPY torrc /tmp/torrc
+
+ENTRYPOINT [ "/root/entrypoint.sh" ]
--- a/docker/tor/entrypoint.sh
+++ b/docker/tor/entrypoint.sh
@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+# Create torrc if it doesn't exist
+if [ ! -f "/etc/tor/torrc" ]; then
+    cp /tmp/torrc /etc/tor/torrc
+fi
+
+# Change local user id and group
+usermod -u "${LOCAL_USER_ID:?}" alice
+groupmod -g "${LOCAL_GROUP_ID:?}" alice
+
+# Set correct owners on volumes
+chown -R tor:alice "${TOR_DATA}"
+chown -R :alice /etc/tor
+chown -R alice:alice /home/alice
+
+exec sudo -u tor /usr/bin/tor
--- a/docker/tor/torrc
+++ b/docker/tor/torrc
@ -0,0 +1,12 @@
+Log notice file /var/log/tor/notices.log
+
+## The directory for keeping all the keys/etc. By default, we store
+## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+DataDirectory /var/lib/tor
+DataDirectoryGroupReadable 1
+
+## Enable ControlPort
+ControlPort 9051
+CookieAuthentication 1
+CookieAuthFileGroupReadable 1
+CookieAuthFile /var/lib/tor/control_auth_cookie
--- a/setup.md
+++ b/setup.md
@ -1,4 +1,28 @@
 # Set up
+# The easy way
+## With Docker (-dev containers running on testnet)
+Spinning up docker for the first time
+```
+docker-compose build --no-cache
+docker-compose up -d
+sudo docker exec -it django-dev python3 manage.py makemigrations
+sudo docker exec -it django-dev python3 manage.py migrate
+sudo docker exec -it django-dev python3 manage.py createsuperuser
+docker-compose restart
+```
+
+Spinning up any other time:
+`docker-compose up -d`
+
+Then monitor in a terminal the Django dev docker service
+`docker attach django-dev`
+
+And the NPM dev docker service
+`docker attach npm-dev`
+
+Ready to roll!
+
+# The harder way
 ## Django development environment
 ### Install Python and pip
 `sudo apt install python3 python3 pip`
@ -217,42 +241,4 @@ Then launch it with
 ```
 systemctl start clean_orders
 systemctl enable clean_orders
-```
-
-# Docker set up for development, example for testnet (-dev containers)
-First time
-```
-docker-compose build --no-cache
-docker-compose up -d
-sudo docker exec -it django-dev python3 manage.py makemigrations
-sudo docker exec -it django-dev python3 manage.py migrate
-sudo docker exec -it django-dev python3 manage.py createsuperuser
-docker-compose restart
-```
-
-Any other time:
-`docker-compose up -d`
-
-Monitor Django dev docker service
-`docker attach django-dev`
-
-Monitor NPM dev docker service
-`docker attach npm-dev`
-
-
-## If needed; how to clean-restart the docker instance
-
-
-Stop the container(s) using the following command:
-
-`docker-compose --env-file config/.env.tn down`
-Delete all containers using the following command:
-`docker rm -f $(docker ps -a -q)`
-Delete all volumes using the following command:
-`docker volume rm $(docker volume ls -q)`
-Restart the containers using the following command:
-`docker-compose --env-file config/.env.tn up`
-
-
-Delete <None> images
-`docker rmi $(docker images -f 'dangling=true' -q)`
+```