diff options
author | Sebastian <sebasjm@gmail.com> | 2022-08-30 12:29:46 -0300 |
---|---|---|
committer | Sebastian <sebasjm@gmail.com> | 2022-08-30 12:30:23 -0300 |
commit | d3f1843fe565e54d7e95d9d5dec4f67ce1542af4 (patch) | |
tree | 61b8c971c520273537ac91cb776a9d579ca1c37f | |
parent | 30863eff4bb2f83fff89f962d045266e220d9124 (diff) | |
download | deployment-d3f1843fe565e54d7e95d9d5dec4f67ce1542af4.tar.gz deployment-d3f1843fe565e54d7e95d9d5dec4f67ce1542af4.tar.bz2 deployment-d3f1843fe565e54d7e95d9d5dec4f67ce1542af4.zip |
dockerfile samples
-rw-r--r-- | docker/taler-docker/base.Dockerfile | 177 | ||||
-rw-r--r-- | docker/taler-docker/docker-compose.yml | 255 | ||||
-rw-r--r-- | docker/taler-docker/exchange.Dockerfile | 46 | ||||
-rw-r--r-- | docker/taler-docker/merchant.Dockerfile | 29 | ||||
-rw-r--r-- | docker/taler-docker/postgres/Dockerfile | 14 | ||||
-rw-r--r-- | docker/taler-docker/wallet.Dockerfile | 16 |
6 files changed, 537 insertions, 0 deletions
diff --git a/docker/taler-docker/base.Dockerfile b/docker/taler-docker/base.Dockerfile new file mode 100644 index 0000000..803e0b5 --- /dev/null +++ b/docker/taler-docker/base.Dockerfile @@ -0,0 +1,177 @@ +# FROM alpine:3.12.2 as network +FROM debian:bullseye-slim as network +# FROM debian:buster-slim as network + +ENV HOME /root +WORKDIR $HOME + +# RUN apk add --no-cache git curl alpine-sdk gnupg +RUN apt update && apt install -y git +#alpine-sdk + +# RUN addgroup -g 1000 -S talergroup && adduser -u 1000 -S taleruser -G talergroup +# USER taleruser +# ENV HOME /home/taleruser +# WORKDIR $HOME + +FROM network as network-microhttpd +COPY libmicrohttpd.git $HOME/src +RUN git -C src checkout v0.9.75 + +FROM network as network-gnunet +COPY gnunet.git $HOME/src +RUN git -C src checkout 69844eacf3e43ad882c38f4d954fb5f5dd5a848b + +FROM network as network-jansson +COPY jansson.git $HOME/src +RUN git -C src checkout 2.13 + +# FROM network as network-recutils +# RUN curl -O http://gnu.c3sl.ufpr.br/ftp/recutils/recutils-1.8.tar.gz && tar xzf recutils-1.8.tar.gz && mv recutils-1.8 src +# COPY jemarch-key.gpg $HOME +# COPY recutils-1.8.tar.gz.sig $HOME +# RUN gpg --import jemarch-key.gpg +# RUN echo BDFA5717FC1DD35C2C3832A23EF90523B304AF08:6: | gpg --import-ownertrust +# RUN gpg --verify recutils-1.8.tar.gz.sig recutils-1.8.tar.gz || exit 1 + +FROM network as basic + +# RUN echo https://dl-cdn.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories +# RUN apk add --no-cache \ +# zip +# dpkg \ +# automake uncrustify \ +# autoconf \ +# libtool \ +# libidn-dev \ +# libunistring-dev \ +# jansson-dev \ +# libpq \ +# # libmicrohttpd-dev \ +# py3-pip \ +# libsodium \ +# postgresql-client vim \ +# texinfo \ +# npm curl-dev \ +# libsodium-dev bind-tools \ +# argon2-dev \ +# libqrencode-dev \ +# libxml2-dev libxslt-dev \ +# python3-dev libffi-dev libressl-dev musl-dev \ +# gettext-dev libgcrypt-dev sqlite-dev \ +# postgresql-dev zbar-dev bluez-dev iptables-dev \ +# jq httpie +# && pip3 install click requests poetry jinja2 flask_babel uwsgi lxml pdflatex + +RUN apt update && apt install -y \ + dpkg git curl gnupg \ + automake uncrustify \ + autoconf \ + libtool \ + libidn2-dev \ + libunistring-dev \ + # libjansson-dev \ + libpq-dev \ + # libmicrohttpd-dev \ + python3-pip \ + libsodium23 \ + postgresql-client vim \ + texinfo \ + #anasatasis needs wget and postgres + postgresql wget \ + npm openssl libcurl4-openssl-dev \ + libsodium-dev \ + # bind-tools \ + libargon2-0-dev \ + libqrencode-dev \ + libxml2-dev libxslt-dev \ + python3-dev libffi-dev \ + # libressl-dev \ + # musl-dev \ + libgettextpo-dev libgcrypt-dev libsqlite3-dev \ + libpq-dev libzbar-dev libbluetooth-dev libiptc-dev \ + python3-dev cargo \ + # not sure which one of this is needed + librec-dev recutils librec1 \ + gettext autopoint \ + zip patchelf \ + # jansson uses cmake + cmake \ + jq httpie + +RUN apt install -y sphinx +RUN pip install sphinx_rtd_theme +# FROM basic as recutils + +# COPY --from=network-recutils $HOME/src $HOME/src + +# WORKDIR $HOME/src + +# RUN ./configure \ +# --build=x86_64-alpine-linux-musl \ +# && make \ +# && make install + +WORKDIR $HOME + +FROM basic as microhttpd + +COPY --from=network-microhttpd $HOME/src $HOME/src + +WORKDIR $HOME/src + +RUN ./bootstrap \ + && ./configure \ + # --build=x86_64-alpine-linux-musl \ + --enable-logging=verbose \ + --disable-doc \ + && make \ + && make install + +WORKDIR $HOME + +FROM microhttpd as jansson + +COPY --from=network-jansson /root/src $HOME/src + +WORKDIR $HOME/src +RUN cmake -DJANSSON_BUILD_SHARED_LIBS=1 . && make && make install + +FROM jansson as gnunet + +COPY --from=network-gnunet /root/src $HOME/src + +WORKDIR $HOME/src + +# #RUN addgroup gnunet +# #RUN adduser --system --home "/var/lib/gnunet" -G gnunet --shell /bin/sh gnunet +# #RUN addgroup root gnunet + +# #ENV GNUNET_PREFIX=/usr/local/lib +# #RUN echo === $GNUNET_PREFIX > test.file + +RUN ./bootstrap \ + && ./configure \ + CFLAGS='-ggdb -O0' \ + --enable-static \ + # --build=x86_64-alpine-linux-musl \ + --enable-logging=verbose \ + && make \ + && make install + +WORKDIR $HOME + +FROM basic as final + +# COPY --from=recutils /usr/local/bin /usr/local/bin +# COPY --from=recutils /usr/local/lib /usr/local/lib +COPY --from=microhttpd /usr/local/lib /usr/local/lib +COPY --from=gnunet /usr/local/lib /usr/local/lib +COPY --from=gnunet /usr/local/bin /usr/local/bin +COPY --from=gnunet /usr/local/include /usr/local/include +COPY --from=jansson /usr/local/lib/libjansson.* /usr/local/lib/ +COPY --from=jansson /usr/local/include/jansson*.h /usr/local/lib/ +COPY --from=jansson /usr/local/lib/pkgconfig/jansson.pc /usr/local/lib/pkgconfig/ + +RUN ldconfig + diff --git a/docker/taler-docker/docker-compose.yml b/docker/taler-docker/docker-compose.yml new file mode 100644 index 0000000..269ae75 --- /dev/null +++ b/docker/taler-docker/docker-compose.yml @@ -0,0 +1,255 @@ +version: '3' +services: + + database: + build: ./images/postgres + volumes: + - /tmp/taler/database-data:/var/lib/postgresql/data + environment: + POSTGRES_USER: root + POSTGRES_PASSWORD: + POSTGRES_HOST_AUTH_METHOD: trust + ports: + - "5432:5432" + + exchange-closer: + image: taler_exchange + entrypoint: taler-exchange-closer + volumes: + - /tmp/taler/config/exchange_feb/taler.conf:/root/.config/taler.conf + depends_on: + - exchange + - name + extra_hosts: + - "bank.taler:172.17.0.1" + - "auditor.taler:172.17.0.1" + - "exchange.taler:172.17.0.1" + + # exchange-transfer: + # image: taler_exchange + # entrypoint: taler-exchange-transfer + # volumes: + # - /tmp/taler/config/exchange_feb/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange.taler:172.17.0.1" + + exchange-wirewatch: + image: taler_exchange + entrypoint: taler-exchange-wirewatch + volumes: + - /tmp/taler/config/exchange_feb/taler.conf:/root/.config/taler.conf + depends_on: + - name + - exchange + extra_hosts: + - "bank.taler:172.17.0.1" + - "auditor.taler:172.17.0.1" + - "exchange.taler:172.17.0.1" + + # exchange1-aggregator: + # image: taler_exchange + # entrypoint: taler-exchange-aggregator + # volumes: + # - /tmp/taler/config/exchange_jun/taler.conf:/root/.config/taler.conf + # - /tmp/taler/config/exchange_jun/wirefees:/root/exchange/wirefees + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange1.taler:172.17.0.1" + + # exchange1-closer: + # image: taler_exchange + # entrypoint: taler-exchange-closer + # volumes: + # - /tmp/taler/config/exchange_jun/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange1.taler:172.17.0.1" + + # exchange1-transfer: + # image: taler_exchange + # entrypoint: taler-exchange-transfer + # volumes: + # - /tmp/taler/config/exchange_jun/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange1.taler:172.17.0.1" + + # exchange1-wirewatch: + # image: taler_exchange + # entrypoint: taler-exchange-wirewatch + # volumes: + # - /tmp/taler/config/exchange_jun/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange1.taler:172.17.0.1" + + # exchange2-aggregator: + # image: taler_exchange + # entrypoint: taler-exchange-aggregator + # volumes: + # - /tmp/taler/config/exchange_jul/taler.conf:/root/.config/taler.conf + # - /tmp/taler/config/exchange_jul/wirefees:/root/exchange/wirefees + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange2.taler:172.17.0.1" + + # exchange2-closer: + # image: taler_exchange + # entrypoint: taler-exchange-closer + # volumes: + # - /tmp/taler/config/exchange_jul/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange2.taler:172.17.0.1" + + # exchange2-transfer: + # image: taler_exchange + # entrypoint: taler-exchange-transfer + # volumes: + # - /tmp/taler/config/exchange_jul/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange2.taler:172.17.0.1" + + # exchange2-wirewatch: + # image: taler_exchange + # entrypoint: taler-exchange-wirewatch + # volumes: + # - /tmp/taler/config/exchange_jul/taler.conf:/root/.config/taler.conf + # depends_on: + # - exchange + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + # - "exchange2.taler:172.17.0.1" + + auditor: + image: taler_exchange + entrypoint: taler-auditor-httpd + #entrypoint: sleep infinity + volumes: + - /tmp/taler/config/auditor_jan/taler.conf:/root/.config/taler.conf + ports: + - "8083:8083" + depends_on: + - bank-ars + - name + + exchange: + image: taler_exchange + # entrypoint: sleep infinity + entrypoint: /exchange.sh + volumes: + - /tmp/taler/config/exchange_feb/taler.conf:/root/.config/taler.conf + - /tmp/taler/config/exchange_feb/live-keys:/root/exchange/live-keys + - /tmp/taler/config/exchange_feb/wirefees:/root/exchange/wirefees + - /tmp/taler/config/exchange_feb/audited:/root/exchange/audited + - ./exchange.sh:/exchange.sh + ports: + - "8081:8081" + depends_on: + - bank-ars + - name + - auditor + extra_hosts: + - "bank.taler:172.17.0.1" + - "auditor.taler:172.17.0.1" + + # exchange1: + # image: taler_exchange + # # entrypoint: sleep infinity + # entrypoint: /exchange.sh + # volumes: + # - /tmp/taler/config/exchange_jun/taler.conf:/root/.config/taler.conf + # - /tmp/taler/config/exchange_jun/live-keys:/root/exchange/live-keys + # - /tmp/taler/config/exchange_jun/wirefees:/root/exchange/wirefees + # - /tmp/taler/config/exchange_jun/audited:/root/exchange/audited + # - ./exchange.sh:/exchange.sh + # ports: + # - "8071:8071" + # depends_on: + # - bank-ars + # - auditor + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + + # exchange2: + # image: taler_exchange + # # entrypoint: sleep infinity + # entrypoint: /exchange.sh + # volumes: + # - /tmp/taler/config/exchange_jul/taler.conf:/root/.config/taler.conf + # - /tmp/taler/config/exchange_jul/live-keys:/root/exchange/live-keys + # - /tmp/taler/config/exchange_jul/wirefees:/root/exchange/wirefees + # - /tmp/taler/config/exchange_jul/audited:/root/exchange/audited + # - ./exchange.sh:/exchange.sh + # ports: + # - "8072:8072" + # depends_on: + # - bank-uru + # - auditor + # extra_hosts: + # - "bank.taler:172.17.0.1" + # - "auditor.taler:172.17.0.1" + + merchant-backend: + build: ./images/merchant + environment: + TALER_MERCHANT_TOKEN: secret-token:super_secret + # entrypoint: sleep infinity + # to used GDB + # security_opt: + # - "seccomp=unconfined" + # cap_add: + # - "SYS_PTRACE" + volumes: + - /tmp/taler/config/merchant_mar/taler.conf:/root/.config/taler.conf + depends_on: + - exchange + - name + - auditor + ports: + - "9966:9966" + extra_hosts: + - "exchange.taler:172.17.0.1" + - "auditor.taler:172.17.0.1" + + bank-ars: + image: taler_bank + entrypoint: + - taler-bank-manage + - serve + volumes: + - /tmp/taler/config/bank_apr/taler.conf:/root/.config/taler.conf + environment: + TALER_BANK_SECRET_KEY: somesecret1 + PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.local/bin/ + ports: + - "5882:5882" + depends_on: diff --git a/docker/taler-docker/exchange.Dockerfile b/docker/taler-docker/exchange.Dockerfile new file mode 100644 index 0000000..220a4b1 --- /dev/null +++ b/docker/taler-docker/exchange.Dockerfile @@ -0,0 +1,46 @@ +FROM taler_base + +# RUN addgroup -g 1000 -S talergroup && adduser -u 1000 -S taleruser -G talergroup +# USER taleruser +# ENV HOME /home/taleruser + +COPY exchange.git $HOME/exchange +RUN git -C exchange checkout a199ba7fe61d1ea0aa7f9dcd4083ae2e52546c40 +#cb27943f1443c38a4dcfde118207688eb049f13c + +WORKDIR $HOME/exchange + +# COPY *.patch ./ +# RUN patch -p1 -i wire_response.patch && patch -p1 -i keys_currency.patch + +#building with statics libs +# RUN apk add libltdl-static libgcrypt-static +RUN pip3 install jinja2 +# patch for +# ./configure: line 17303: ac_fn_c_check_decl: not found +# RUN cat configure | tail -n+16861 | head -n 45 > configure.patch && sed -i '17302r configure.patch' configure +# RUN sed -i 's-include <taler/taler_json_lib.h>-include "taler_json_lib.h"-' src/mustach/mustach-jansson.c + +RUN ./bootstrap +RUN echo | git submodule update --init +RUN ./contrib/gana.sh + + # --build=x86_64-alpine-linux-musl \ + # --with-gnunet=/usr/local \ + # --with-libgnurl --with-microhttpd --with-gnunet \ + # //--with-libgnurl=/usr/local --with-microhttpd=/usr/local +RUN ./configure \ + CFLAGS='-ggdb -O0' \ + --enable-logging=verbose \ + && make \ + && make install + # RUN make 'LDFLAGS=-all-static' + +WORKDIR $HOME + +RUN mkdir -p privacy terms/en +COPY terms.xml terms/en/v1.xml + +RUN ldconfig + +ENTRYPOINT ["taler-exchange-httpd"] diff --git a/docker/taler-docker/merchant.Dockerfile b/docker/taler-docker/merchant.Dockerfile new file mode 100644 index 0000000..03c6ccc --- /dev/null +++ b/docker/taler-docker/merchant.Dockerfile @@ -0,0 +1,29 @@ +FROM taler_base + +COPY . $HOME/merchant +RUN git -C merchant checkout 1a62744325edc68e106b806ede0ac418d880ca4f + +RUN npm install -g pnpm@5.17.2 + +WORKDIR $HOME/merchant + +#RUN ./bootstrap + +COPY --from=taler_exchange /usr/local/include /usr/local/include +COPY --from=taler_exchange /usr/local/lib /usr/local/lib + +RUN ./bootstrap \ + && ./configure \ + # --build=x86_64-alpine-linux-musl \ + CFLAGS='-ggdb -O0' \ + --enable-logging=verbose \ + # --with-gnunet=/usr/local \ + # --with-exchange=/usr/local \ + # --with-microhttpd=/usr/local \ + && make \ + && make install + +WORKDIR $HOME + +RUN ldconfig +ENTRYPOINT ["taler-merchant-httpd"] diff --git a/docker/taler-docker/postgres/Dockerfile b/docker/taler-docker/postgres/Dockerfile new file mode 100644 index 0000000..24cac5b --- /dev/null +++ b/docker/taler-docker/postgres/Dockerfile @@ -0,0 +1,14 @@ +FROM postgres + +RUN echo "\ +CREATE USER taler1;\n\ +CREATE DATABASE bank1;\n\ +CREATE DATABASE sync1;\n\ +CREATE DATABASE nexus;\n\ +CREATE DATABASE newbank;\n\ +GRANT ALL PRIVILEGES ON DATABASE bank1 TO taler1;\n\ +GRANT ALL PRIVILEGES ON DATABASE sync1 TO taler1;\n\ +GRANT ALL PRIVILEGES ON DATABASE nexus TO taler1;\n\ +GRANT ALL PRIVILEGES ON DATABASE newbank TO taler1;\n\ +LOAD 'auto_explain';\n\ +" > /docker-entrypoint-initdb.d/init.sql diff --git a/docker/taler-docker/wallet.Dockerfile b/docker/taler-docker/wallet.Dockerfile new file mode 100644 index 0000000..d326145 --- /dev/null +++ b/docker/taler-docker/wallet.Dockerfile @@ -0,0 +1,16 @@ +FROM taler_base + +COPY wallet.git $HOME/wallet +RUN git -C wallet checkout 7dc66c2441c4b77cfed0c4add592d4b7d5912ec3 + +# COPY --from=taler/base:network-wallet /root/src $HOME/src + +WORKDIR $HOME/wallet + +RUN npm install -g pnpm@5.17.2 + +RUN ./bootstrap && ./configure && pnpm install && \ + pnpm run -r prepare && \ + make && make install + + |