diff --git a/Cargo.toml b/Cargo.toml index f7aae644..48867ffa 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,8 +15,9 @@ members = [ split-debuginfo = "packed" [profile.release] -strip = true # Automatically strip symbols from the binary. -lto = true # Enable link-time optimization. +strip = true # Automatically strip symbols from the binary. +lto = true # Enable link-time optimization. +codegen-units = 1 # Reduce the number of object files to speed up compilation. # The profile that 'cargo dist' will build with [profile.dist] diff --git a/Dockerfile b/Dockerfile index b4db728d..118761c3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,24 @@ # build backend -FROM rust:1.74.1-slim-bookworm as rust-builder +FROM rust:1.74.1-slim-bullseye as rust-builder RUN apt update && apt install -y make clang pkg-config libssl-dev protobuf-compiler WORKDIR /rust-app COPY . /rust-app -RUN cargo build --package moksha-mint --release +RUN cargo build --package moksha-mint --release -FROM alpine:3.19.0 -COPY --from=rust-builder /rust-app/target/release/moksha-mint / +FROM bitnami/minideb:bullseye +COPY --from=rust-builder /rust-app/target/release/moksha-mint /app/ -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] +COPY --chmod=755 ./entrypoint.sh /app/entrypoint.sh + +USER 1000 +WORKDIR /app +ENTRYPOINT ["./entrypoint.sh"] + +ARG BUILDTIME +ARG COMMITHASH +ENV BUILDTIME ${BUILDTIME} +ENV COMMITHASH ${COMMITHASH} -WORKDIR / CMD ["./moksha-mint"] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 5f64f8eb..bcf71ba6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,8 @@ services: POSTGRES_PASSWORD: postgres POSTGRES_DB: moksha-mint app: - image: "docker.io/ngutech21/moksha-mint:latest" + #image: "docker.io/ngutech21/moksha-mint:latest" + image: "moksha-mint:latest" ports: - 3338:3338 volumes: diff --git a/entrypoint.sh b/entrypoint.sh index 96857d7b..adfb35cb 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,23 +1,31 @@ #!/bin/sh +if [ -z "$LND_MACAROON_BASE64" ] || [ -z "$LND_TLS_CERT_BASE64" ]; then + echo "Warning: LND_MACAROON_BASE64 and LND_TLS_CERT_BASE64 not set" >&2 + exec "$@" + exit 0 +fi + # Decode the base64 environment variables and write them to files -mkdir -p /lndconf -echo "$LND_MACAROON_BASE64" | base64 -d > /lndconf/admin.macaroon +mkdir -p /tmp/lndconf +echo "$LND_MACAROON_BASE64" | base64 -d > /tmp/lndconf/admin.macaroon if [ $? -ne 0 ]; then echo "LND_MACAROON_BASE64 is not valid base64" exit 1 fi -echo "$LND_TLS_CERT_BASE64" | base64 -d > /lndconf/tls.cert +echo "$LND_TLS_CERT_BASE64" | base64 -d > /tmp/lndconf/tls.cert if [ $? -ne 0 ]; then echo "LND_TLS_CERT_BASE64 is not valid base64" exit 1 fi # Restrict permissions of the files -chmod 700 /lndconf -chmod 400 /lndconf/admin.macaroon -chmod 400 /lndconf/tls.cert +chmod 700 /tmp/lndconf +chmod 400 /tmp/lndconf/admin.macaroon +chmod 400 /tmp/lndconf/tls.cert + +#chown -R 1000:1000 /tmp/lndconf # Start your application exec "$@" \ No newline at end of file diff --git a/justfile b/justfile index 794c0940..fe54fa3b 100644 --- a/justfile +++ b/justfile @@ -99,7 +99,7 @@ build-desktop: # build the mint docker-image build-docker: - docker build -t moksha:latest . + docker build --build-arg COMMITHASH=$(git rev-parse HEAD) --build-arg BUILDTIME=$(date -u '+%F-%T') -t moksha-mint:latest . # build flutter web-app in flutter/build/web diff --git a/moksha-mint/src/server.rs b/moksha-mint/src/server.rs index e8b76b7b..1ba6aec6 100644 --- a/moksha-mint/src/server.rs +++ b/moksha-mint/src/server.rs @@ -55,15 +55,19 @@ pub async fn run_server( tracing_subscriber::registry() .with(tracing_subscriber::fmt::layer()) .init(); + + if let Ok(buildtime) = std::env::var("BUILDTIME") { + info!("Build time: {}", buildtime); + } + if let Ok(commithash) = std::env::var("COMMITHASH") { + info!("Commit hash: {}", commithash); + } + if let Some(ref serve_wallet_path) = serve_wallet_path { + info!("serving wallet from path: {:?}", serve_wallet_path); + } info!("listening on: {}", addr); info!("mint_info: {:?}", mint.mint_info); info!("lightning_backend: {}", mint.lightning_type); - if serve_wallet_path.is_some() { - info!( - "serving wallet from path: {:?}", - serve_wallet_path.clone().unwrap() - ); - } let listener = tokio::net::TcpListener::bind(&addr).await.unwrap();