From 0b8c7ade6ea31bddeb5dc67cde91ebb2a93cb4ca Mon Sep 17 00:00:00 2001 From: rlking Date: Mon, 29 Jan 2024 02:58:23 +0100 Subject: [PATCH] Add scripts to create monero wallet rpc container (#521) * create Dockerfile for monero wallet rpc with dockerfiles.sh * make monero wallet rpc docker accessible from outside * connect wallet-rpc with monerod * add generated Dockerfile for monero wallet rpc * add monero wallet rpcs to docker profiles * update getting started guide to refer to wallet rpc docker --- docs/Getting Started.md | 2 +- .../coins/monero-wallet-rpc/Dockerfile | 50 +++++++++++++++++++ .../Dockerfile.monero-wallet-rpc.end | 10 ++++ .../monero-wallet-rpc/scripts/entry-dev.sh | 3 ++ orchestration/docker-compose.yml | 14 ++++++ orchestration/dockerfiles.sh | 10 ++++ 6 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 orchestration/coins/monero-wallet-rpc/Dockerfile create mode 100644 orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end create mode 100644 orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh diff --git a/docs/Getting Started.md b/docs/Getting Started.md index 3726392a..4500efc1 100644 --- a/docs/Getting Started.md +++ b/docs/Getting Started.md @@ -69,7 +69,7 @@ Running tests requires: - [A rootless Docker setup](https://docs.docker.com/engine/security/rootless/) - A properly configured Bitcoin regtest node (available via Docker) - A properly configured Monero regtest node (available via Docker) -- A properly configured monero-wallet-rpc instance +- A properly configured monero-wallet-rpc instance (available via Docker) - A debug Serai node (`cd substrate/node && cargo build`) ``` diff --git a/orchestration/coins/monero-wallet-rpc/Dockerfile b/orchestration/coins/monero-wallet-rpc/Dockerfile new file mode 100644 index 00000000..98fb760b --- /dev/null +++ b/orchestration/coins/monero-wallet-rpc/Dockerfile @@ -0,0 +1,50 @@ +FROM debian:bookworm-slim as mimalloc + +RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git +RUN git clone https://github.com/microsoft/mimalloc && \ + cd mimalloc && \ + git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ + mkdir -p out/secure && \ + cd out/secure && \ + cmake -DMI_SECURE=ON ../.. && \ + make && \ + cp ./libmimalloc-secure.so ../../../libmimalloc.so +FROM alpine:latest as monero + +# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 +# Verification will fail if MONERO_VERSION doesn't match the latest +# due to the way monero publishes releases. They overwrite a single hashes.txt +# file with each release, meaning we can only grab the SHA256 of the latest +# release. +# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯ +ENV MONERO_VERSION=0.18.3.1 + +RUN apk --no-cache add gnupg + +# Download Monero +RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 + +# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 +ADD ./temp/hashes-v${MONERO_VERSION}.txt . +RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ + gpg --verify hashes-v${MONERO_VERSION}.txt && \ + grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt + +# Extract it +RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 +FROM debian:bookworm-slim as image + +COPY --from=mimalloc libmimalloc.so /usr/lib +RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload + +RUN apt update && apt upgrade -y && apt autoremove -y && apt clean +# Switch to a non-root user +# System user (not a human), shell of nologin, no password assigned +RUN useradd --system --create-home --shell /sbin/nologin monero +USER monero + +WORKDIR /home/monero +COPY --from=monero --chown=monero monero-wallet-rpc /bin +ADD scripts /scripts + +EXPOSE 6061 diff --git a/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end b/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end new file mode 100644 index 00000000..bf143fb6 --- /dev/null +++ b/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end @@ -0,0 +1,10 @@ +# Switch to a non-root user +# System user (not a human), shell of nologin, no password assigned +RUN useradd --system --create-home --shell /sbin/nologin monero +USER monero + +WORKDIR /home/monero +COPY --from=monero --chown=monero monero-wallet-rpc /bin +ADD scripts /scripts + +EXPOSE 6061 diff --git a/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh b/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh new file mode 100644 index 00000000..fbf1edb9 --- /dev/null +++ b/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +monero-wallet-rpc --disable-rpc-login --rpc-bind-port 6061 --rpc-bind-ip=0.0.0.0 --confirm-external-bind --daemon-address monero:18081 --allow-mismatched-daemon-version --wallet-dir /home/monero diff --git a/orchestration/docker-compose.yml b/orchestration/docker-compose.yml index c77db8cb..ae8637bb 100644 --- a/orchestration/docker-compose.yml +++ b/orchestration/docker-compose.yml @@ -52,6 +52,20 @@ services: ports: - "18081:18081" + monero-wallet-rpc: + profiles: + - monero + - coins + build: + context: ./coins/monero-wallet-rpc/ + restart: unless-stopped + volumes: + - "./coins/monero-wallet-rpc/scripts:/scripts" + entrypoint: /scripts/entry-dev.sh + # TODO: Use expose, not ports + ports: + - "6061:6061" + # Infrastructure message-queue: diff --git a/orchestration/dockerfiles.sh b/orchestration/dockerfiles.sh index 38f940e3..40b8c111 100755 --- a/orchestration/dockerfiles.sh +++ b/orchestration/dockerfiles.sh @@ -14,6 +14,16 @@ cat \ ./Dockerfile.parts/Dockerfile.alpine.start \ ./coins/monero/Dockerfile.monero.end >> ./coins/monero/Dockerfile +# Monero wallet rpc +rm -f ./coins/monero-wallet-rpc/Dockerfile +mkdir -p ./coins/monero-wallet-rpc/temp/ +cp ./coins/monero/temp/hashes-v* ./coins/monero-wallet-rpc/temp/ +cat \ + ./Dockerfile.parts/mimalloc/Dockerfile.debian \ + ./coins/monero/Dockerfile.monero \ + ./Dockerfile.parts/Dockerfile.debian.start \ + ./coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end >> ./coins/monero-wallet-rpc/Dockerfile + # Message Queue rm ./message-queue/Dockerfile cat \