mirror of
https://github.com/aljazceru/cyphernode.git
synced 2026-02-23 21:14:22 +01:00
Removed user on build, added user on run
This commit is contained in:
kexkey
@@ -1,56 +1,58 @@
|
||||
FROM alpine
|
||||
|
||||
ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
ENV USERNAME proxyuser
|
||||
ENV HOME /${USERNAME}
|
||||
ENV USER_ID ${USER_ID:-1000}
|
||||
ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
#ARG USER_ID
|
||||
#ARG GROUP_ID
|
||||
#ENV USERNAME proxyuser
|
||||
ENV HOME /proxy
|
||||
#ENV USER_ID ${USER_ID:-1000}
|
||||
#ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
|
||||
RUN addgroup -g ${GROUP_ID} ${USERNAME} \
|
||||
&& adduser -u ${USER_ID} -G ${USERNAME} -D -s /bin/sh -h ${HOME} ${USERNAME}
|
||||
#RUN addgroup -g ${GROUP_ID} ${USERNAME} \
|
||||
# && adduser -u ${USER_ID} -G ${USERNAME} -D -s /bin/sh -h ${HOME} ${USERNAME}
|
||||
|
||||
RUN apk add --update --no-cache \
|
||||
sqlite \
|
||||
jq \
|
||||
curl
|
||||
curl \
|
||||
su-exec
|
||||
|
||||
COPY --chown=proxyuser app/script/callbacks_job.sh ${HOME}/callbacks_job.sh
|
||||
COPY --chown=proxyuser app/script/blockchainrpc.sh ${HOME}/blockchainrpc.sh
|
||||
COPY --chown=proxyuser app/script/call_lightningd.sh ${HOME}/call_lightningd.sh
|
||||
COPY --chown=proxyuser app/script/bitcoin.sh ${HOME}/bitcoin.sh
|
||||
COPY --chown=proxyuser app/script/requesthandler.sh ${HOME}/requesthandler.sh
|
||||
COPY --chown=proxyuser app/script/watchrequest.sh ${HOME}/watchrequest.sh
|
||||
COPY --chown=proxyuser app/script/walletoperations.sh ${HOME}/walletoperations.sh
|
||||
COPY --chown=proxyuser app/script/confirmation.sh ${HOME}/confirmation.sh
|
||||
COPY --chown=proxyuser app/config/watcher_btcnode_curlcfg.properties ${HOME}/watcher_btcnode_curlcfg.properties
|
||||
COPY --chown=proxyuser app/config/spender_btcnode_curlcfg.properties ${HOME}/spender_btcnode_curlcfg.properties
|
||||
COPY --chown=proxyuser app/config/config.properties ${HOME}/config.properties
|
||||
COPY --chown=proxyuser app/script/startproxy.sh ${HOME}/startproxy.sh
|
||||
COPY --chown=proxyuser app/script/trace.sh ${HOME}/trace.sh
|
||||
COPY --chown=proxyuser app/script/sendtobitcoinnode.sh ${HOME}/sendtobitcoinnode.sh
|
||||
COPY --chown=proxyuser app/script/responsetoclient.sh ${HOME}/responsetoclient.sh
|
||||
COPY --chown=proxyuser app/script/importaddress.sh ${HOME}/importaddress.sh
|
||||
COPY --chown=proxyuser app/script/sql.sh ${HOME}/sql.sh
|
||||
COPY --chown=proxyuser app/data/watching.sql ${HOME}/watching.sql
|
||||
COPY --chown=proxyuser app/script/computefees.sh ${HOME}/computefees.sh
|
||||
COPY --chown=proxyuser app/script/unwatchrequest.sh ${HOME}/unwatchrequest.sh
|
||||
COPY --chown=proxyuser app/script/getactivewatches.sh ${HOME}/getactivewatches.sh
|
||||
COPY --chown=proxyuser app/script/utils.sh ${HOME}/utils.sh
|
||||
COPY --chown=proxyuser app/script/manage_missed_conf.sh ${HOME}/manage_missed_conf.sh
|
||||
COPY --chown=proxyuser app/script/tests.sh ${HOME}/tests.sh
|
||||
COPY --chown=proxyuser app/script/tests-cb.sh ${HOME}/tests-cb.sh
|
||||
COPY --chown=proxyuser app/bin/lightning-cli_x86 ${HOME}/lightning-cli
|
||||
COPY app/script/callbacks_job.sh ${HOME}/callbacks_job.sh
|
||||
COPY app/script/blockchainrpc.sh ${HOME}/blockchainrpc.sh
|
||||
COPY app/script/call_lightningd.sh ${HOME}/call_lightningd.sh
|
||||
COPY app/script/bitcoin.sh ${HOME}/bitcoin.sh
|
||||
COPY app/script/requesthandler.sh ${HOME}/requesthandler.sh
|
||||
COPY app/script/watchrequest.sh ${HOME}/watchrequest.sh
|
||||
COPY app/script/walletoperations.sh ${HOME}/walletoperations.sh
|
||||
COPY app/script/confirmation.sh ${HOME}/confirmation.sh
|
||||
COPY app/config/watcher_btcnode_curlcfg.properties ${HOME}/watcher_btcnode_curlcfg.properties
|
||||
COPY app/config/spender_btcnode_curlcfg.properties ${HOME}/spender_btcnode_curlcfg.properties
|
||||
COPY app/config/config.properties ${HOME}/config.properties
|
||||
COPY app/script/startproxy.sh ${HOME}/startproxy.sh
|
||||
COPY app/script/trace.sh ${HOME}/trace.sh
|
||||
COPY app/script/sendtobitcoinnode.sh ${HOME}/sendtobitcoinnode.sh
|
||||
COPY app/script/responsetoclient.sh ${HOME}/responsetoclient.sh
|
||||
COPY app/script/importaddress.sh ${HOME}/importaddress.sh
|
||||
COPY app/script/sql.sh ${HOME}/sql.sh
|
||||
COPY app/data/watching.sql ${HOME}/watching.sql
|
||||
COPY app/script/computefees.sh ${HOME}/computefees.sh
|
||||
COPY app/script/unwatchrequest.sh ${HOME}/unwatchrequest.sh
|
||||
COPY app/script/getactivewatches.sh ${HOME}/getactivewatches.sh
|
||||
COPY app/script/utils.sh ${HOME}/utils.sh
|
||||
COPY app/script/manage_missed_conf.sh ${HOME}/manage_missed_conf.sh
|
||||
COPY app/script/tests.sh ${HOME}/tests.sh
|
||||
COPY app/script/tests-cb.sh ${HOME}/tests-cb.sh
|
||||
COPY app/bin/lightning-cli_x86 ${HOME}/lightning-cli
|
||||
|
||||
USER ${USERNAME}
|
||||
#USER ${USERNAME}
|
||||
WORKDIR ${HOME}
|
||||
|
||||
RUN chmod +x startproxy.sh requesthandler.sh lightning-cli \
|
||||
&& chmod 600 watcher_btcnode_curlcfg.properties \
|
||||
&& chmod 600 spender_btcnode_curlcfg.properties \
|
||||
&& chmod 600 config.properties \
|
||||
# && chmod 600 watcher_btcnode_curlcfg.properties \
|
||||
# && chmod 600 spender_btcnode_curlcfg.properties \
|
||||
# && chmod 600 config.properties \
|
||||
&& mkdir db
|
||||
|
||||
VOLUME ["${HOME}/db", "${HOME}/.lightning"]
|
||||
|
||||
ENTRYPOINT ["./startproxy.sh"]
|
||||
ENTRYPOINT ["su-exec"]
|
||||
#CMD ["./startproxy.sh"]
|
||||
|
||||
@@ -2,14 +2,6 @@
|
||||
|
||||
We assume you are the user pi on a Raspberry Pi.
|
||||
|
||||
## Create proxyuser that will run the processes
|
||||
|
||||
Log in your host and:
|
||||
|
||||
```shell
|
||||
sudo useradd proxyuser
|
||||
```
|
||||
|
||||
## Configure your container by modifying `env.properties` file
|
||||
|
||||
```properties
|
||||
@@ -18,8 +10,8 @@ WATCHER_BTC_NODE_RPC_URL=btcnode:18332/wallet/watching01.dat
|
||||
SPENDER_BTC_NODE_RPC_URL=btcnode:18332/wallet/spending01.dat
|
||||
PROXY_LISTENING_PORT=8888
|
||||
# Variable substitutions don't work
|
||||
DB_PATH=/proxyuser/db
|
||||
DB_FILE=/proxyuser/db/proxydb
|
||||
DB_PATH=/proxy/db
|
||||
DB_FILE=/proxy/db/proxydb
|
||||
# Pycoin container
|
||||
PYCOIN_CONTAINER=pycoinnode:7777
|
||||
# OTS container
|
||||
@@ -49,13 +41,13 @@ watchingnode.pruned=false
|
||||
## Building docker image
|
||||
|
||||
```shell
|
||||
docker build -t btcproxyimg --build-arg USER_ID=$(id -u proxyuser) --build-arg GROUP_ID=$(id -g proxyuser) .
|
||||
docker build -t btcproxyimg .
|
||||
```
|
||||
|
||||
## Create sqlite3 database path and give rights
|
||||
|
||||
```shell
|
||||
mkdir ~/btcproxydb ; sudo chown -R proxyuser:pi ~/btcproxydb ; sudo chmod g+ws ~/btcproxydb
|
||||
mkdir ~/btcproxydb ; sudo chown -R cyphernode:pi ~/btcproxydb ; sudo chmod g+ws ~/btcproxydb
|
||||
```
|
||||
|
||||
## What you MUST have in your Watching Bitcoin node's bitcoin.conf file
|
||||
|
||||
@@ -3,8 +3,8 @@ WATCHER_BTC_NODE_RPC_URL=btcnode:18332/wallet/watching01.dat
|
||||
SPENDER_BTC_NODE_RPC_URL=btcnode:18332/wallet/spending01.dat
|
||||
PROXY_LISTENING_PORT=8888
|
||||
# Variable substitutions don't work
|
||||
DB_PATH=/proxyuser/db
|
||||
DB_FILE=/proxyuser/db/proxydb
|
||||
DB_PATH=/proxy/db
|
||||
DB_FILE=/proxy/db/proxydb
|
||||
# Pycoin container
|
||||
PYCOIN_CONTAINER=pycoinnode:7777
|
||||
# OTS container
|
||||
|
||||
Reference in New Issue
Block a user