-
Notifications
You must be signed in to change notification settings - Fork 407
/
Dockerfile
72 lines (59 loc) · 2.6 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Smallest base image, latests stable image
# Alpine would be nice, but it's linked again musl and breaks the bitcoin core download binary
#FROM alpine:latest
FROM ubuntu:latest AS builder
ARG TARGETARCH
FROM builder AS builder_amd64
ENV ARCH=x86_64
FROM builder AS builder_arm64
ENV ARCH=aarch64
FROM builder AS builder_riscv64
ENV ARCH=riscv64
FROM builder_${TARGETARCH} AS build
# Testing: gosu
#RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories \
# && apk add --update --no-cache gnupg gosu gcompat libgcc
RUN apt update \
&& apt install -y --no-install-recommends \
ca-certificates \
gnupg \
libatomic1 \
wget \
&& apt clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ARG VERSION=28.0
ARG BITCOIN_CORE_SIGNATURE=71A3B16735405025D447E8F274810B012346C9A6
# Don't use base image's bitcoin package for a few reasons:
# 1. Would need to use ppa/latest repo for the latest release.
# 2. Some package generates /etc/bitcoin.conf on install and that's dangerous to bake in with Docker Hub.
# 3. Verifying pkg signature from main website should inspire confidence and reduce chance of surprises.
# Instead fetch, verify, and extract to Docker image
RUN cd /tmp \
&& gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys ${BITCOIN_CORE_SIGNATURE} \
&& wget https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS.asc \
https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS \
https://bitcoincore.org/bin/bitcoin-core-${VERSION}/bitcoin-${VERSION}-${ARCH}-linux-gnu.tar.gz \
&& gpg --verify --status-fd 1 --verify SHA256SUMS.asc SHA256SUMS 2>/dev/null | grep "^\[GNUPG:\] VALIDSIG.*${BITCOIN_CORE_SIGNATURE}\$" \
&& sha256sum --ignore-missing --check SHA256SUMS \
&& tar -xzvf bitcoin-${VERSION}-${ARCH}-linux-gnu.tar.gz -C /opt \
&& ln -sv bitcoin-${VERSION} /opt/bitcoin \
&& /opt/bitcoin/bin/test_bitcoin --show_progress \
&& rm -v /opt/bitcoin/bin/test_bitcoin /opt/bitcoin/bin/bitcoin-qt
FROM ubuntu:latest
LABEL maintainer="Kyle Manna <[email protected]>"
ENTRYPOINT ["docker-entrypoint.sh"]
ENV HOME=/bitcoin
EXPOSE 8332 8333
VOLUME ["/bitcoin/.bitcoin"]
WORKDIR /bitcoin
ARG GROUP_ID=1000
ARG USER_ID=1000
RUN userdel ubuntu \
&& groupadd -g ${GROUP_ID} bitcoin \
&& useradd -u ${USER_ID} -g bitcoin -d /bitcoin bitcoin
COPY --from=build /opt/ /opt/
RUN apt update \
&& apt install -y --no-install-recommends gosu libatomic1 \
&& apt clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& ln -sv /opt/bitcoin/bin/* /usr/local/bin
COPY ./bin ./docker-entrypoint.sh /usr/local/bin/
CMD ["btc_oneshot"]