initial commit

2023-04-01 02:10:15 +02:00
commit 50c06a08bd
2 changed files with 191 additions and 0 deletions
--- a/174
+++ b/174
@@ -0,0 +1,174 @@
+# Initial base from https://github.com/leonardochaia/docker-monerod/blob/master/src/Dockerfile
+# Alpine specifics from https://github.com/cornfeedhobo/docker-monero/blob/f96711415f97af1fc9364977d1f5f5ecd313aad0/Dockerfile
+
+# Set Monero branch or tag to build
+ARG MONERO_BRANCH
+
+# Set the proper HEAD commit hash for the given branch/tag in MONERO_BRANCH
+ARG MONERO_COMMIT_HASH
+
+# Select Alpine 3.x for the build image base
+FROM alpine:3.16 as build
+
+# Upgrade base image
+RUN set -ex && apk --update --no-cache upgrade
+
+# Install all dependencies for a static build
+RUN set -ex && apk add --update --no-cache \
+    autoconf \
+    automake \
+    boost \
+    boost-atomic \
+    boost-build \
+    boost-build-doc \
+    boost-chrono \
+    boost-container \
+    boost-context \
+    boost-contract \
+    boost-coroutine \
+    boost-date_time \
+    boost-dev \
+    boost-doc \
+    boost-fiber \
+    boost-filesystem \
+    boost-graph \
+    boost-iostreams \
+    boost-libs \
+    boost-locale \
+    boost-log \
+    boost-log_setup \
+    boost-math \
+    boost-prg_exec_monitor \
+    boost-program_options \
+    boost-python3 \
+    boost-random \
+    boost-regex \
+    boost-serialization \
+    boost-stacktrace_basic \
+    boost-stacktrace_noop \
+    boost-static \
+    boost-system \
+    boost-thread \
+    boost-timer \
+    boost-type_erasure \
+    boost-unit_test_framework \
+    boost-wave \
+    boost-wserialization \
+    ca-certificates \
+    cmake \
+    curl \
+    dev86 \
+    doxygen \
+    eudev-dev \
+    file \
+    g++ \
+    git \
+    graphviz \
+    libexecinfo-dev \
+    libsodium-dev \
+    libtool \
+    libusb-dev \
+    linux-headers \
+    make \
+    miniupnpc-dev \
+    ncurses-dev \
+    openssl-dev \
+    pcsc-lite-dev \
+    pkgconf \
+    protobuf-dev \
+    rapidjson-dev \
+    readline-dev \
+    zeromq-dev
+
+# Set necessary args and environment variables for building Monero
+ARG MONERO_BRANCH
+ARG MONERO_COMMIT_HASH
+ARG NPROC
+ARG TARGETARCH
+ENV CFLAGS='-fPIC'
+ENV CXXFLAGS='-fPIC -DELPP_FEATURE_CRASH_LOG'
+ENV USE_SINGLE_BUILDDIR 1
+ENV BOOST_DEBUG         1
+
+# Build expat, a dependency for libunbound
+RUN set -ex && wget https://github.com/libexpat/libexpat/releases/download/R_2_4_8/expat-2.4.8.tar.bz2 && \
+    echo "a247a7f6bbb21cf2ca81ea4cbb916bfb9717ca523631675f99b3d4a5678dcd16  expat-2.4.8.tar.bz2" | sha256sum -c && \
+    tar -xf expat-2.4.8.tar.bz2 && \
+    rm expat-2.4.8.tar.bz2 && \
+    cd expat-2.4.8 && \
+    ./configure --enable-static --disable-shared --prefix=/usr && \
+    make -j${NPROC:-$(nproc)} && \
+    make -j${NPROC:-$(nproc)} install
+
+# Build libunbound for static builds
+WORKDIR /tmp
+RUN set -ex && wget https://www.nlnetlabs.nl/downloads/unbound/unbound-1.16.1.tar.gz && \
+    echo "2fe4762abccd564a0738d5d502f57ead273e681e92d50d7fba32d11103174e9a  unbound-1.16.1.tar.gz" | sha256sum -c && \
+    tar -xzf unbound-1.16.1.tar.gz && \
+    rm unbound-1.16.1.tar.gz && \
+    cd unbound-1.16.1 && \
+    ./configure --disable-shared --enable-static --without-pyunbound --with-libexpat=/usr --with-ssl=/usr --with-libevent=no --without-pythonmodule --disable-flto --with-pthreads --with-libunbound-only --with-pic && \
+    make -j${NPROC:-$(nproc)} && \
+    make -j${NPROC:-$(nproc)} install
+
+# Switch to Monero source directory
+WORKDIR /monero
+
+# Git pull Monero source at specified tag/branch and compile statically-linked monerod binary
+RUN set -ex && git clone --recursive --branch ${MONERO_BRANCH} \
+    --depth 1 --shallow-submodules \
+    https://github.com/monero-project/monero . \
+    && test `git rev-parse HEAD` = ${MONERO_COMMIT_HASH} || exit 1 \
+    && case ${TARGETARCH:-amd64} in \
+        "arm64") CMAKE_ARCH="armv8-a"; CMAKE_BUILD_TAG="linux-armv8" ;; \
+        "amd64") CMAKE_ARCH="x86-64"; CMAKE_BUILD_TAG="linux-x64" ;; \
+        *) echo "Dockerfile does not support this platform"; exit 1 ;; \
+    esac \
+    && mkdir -p build/release && cd build/release \
+    && cmake -D ARCH=${CMAKE_ARCH} -D STATIC=ON -D BUILD_64=ON -D CMAKE_BUILD_TYPE=Release -D BUILD_TAG=${CMAKE_BUILD_TAG} ../.. \
+    && cd /monero && nice -n 19 ionice -c2 -n7 make -j${NPROC:-$(nproc)} -C build/release daemon
+
+# Begin final image build
+# Select Alpine 3.x for the base image
+FROM alpine:3.16
+
+# Upgrade base image
+RUN set -ex && apk --update --no-cache upgrade
+
+# Install all dependencies for static binaries + curl for healthcheck
+RUN set -ex && apk add --update --no-cache \
+    curl \
+    ca-certificates \
+    libexecinfo \
+    libsodium \
+    ncurses-libs \
+    pcsc-lite-libs \
+    readline \
+    tzdata \
+    zeromq
+
+# Add user and setup directories for monerod
+RUN set -ex && \
+    adduser -u 1000 -Ds /bin/bash monero && \
+    mkdir -p /home/monero/.bitmonero && \
+    chown -R monero:monero /home/monero/.bitmonero
+USER monero
+
+# Add the built monerod binary
+COPY --chown=monero:monero --from=build /monero/build/release/bin/monerod /usr/local/bin/monerod
+
+# Switch to home directory
+WORKDIR /home/monero
+
+# Expose p2p port
+EXPOSE 18080
+
+# Expose RPC port
+EXPOSE 18081
+
+# Add HEALTHCHECK against get_info endpoint
+HEALTHCHECK --interval=30s --timeout=5s CMD curl --fail http://localhost:18081/get_info || exit 1
+
+# Start monerod with required --non-interactive flag and sane defaults that are overridden by user input (if applicable)
+ENTRYPOINT ["monerod"]
+CMD ["--rpc-restricted-bind-ip=0.0.0.0", "--rpc-restricted-bind-port=18089", "--no-igd", "--no-zmq", "--enable-dns-blocklist"]