From b8c6baa94a949297397faba034a0979fd365609a Mon Sep 17 00:00:00 2001 From: rockstardev Date: Thu, 21 Nov 2019 22:21:25 -0600 Subject: [PATCH] Adding BtcPayServer related files and resources --- .circleci/config.yml | 107 ++++++++++++++++++++++++++++++++++++++++ .dockerignore | 4 ++ .gitattributes | 4 ++ Makefile | 3 ++ docker-entrypoint.sh | 100 +++++++++++++++++++++++++++++++++++++ docker-initunlocklnd.sh | 104 ++++++++++++++++++++++++++++++++++++++ linuxamd64.Dockerfile | 81 ++++++++++++++++++++++++++++++ linuxarm32v7.Dockerfile | 81 ++++++++++++++++++++++++++++++ linuxarm64v8.Dockerfile | 81 ++++++++++++++++++++++++++++++ 9 files changed, 565 insertions(+) create mode 100644 .circleci/config.yml create mode 100644 .dockerignore create mode 100644 .gitattributes create mode 100755 docker-entrypoint.sh create mode 100755 docker-initunlocklnd.sh create mode 100644 linuxamd64.Dockerfile create mode 100644 linuxarm32v7.Dockerfile create mode 100644 linuxarm64v8.Dockerfile diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000000..e679baf58a --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,107 @@ +version: 2 +jobs: + # publish jobs require $DOCKERHUB_REPO, $DOCKERHUB_USER, $DOCKERHUB_PASS defined + amd64: + machine: + enabled: true + steps: + - checkout + - run: + command: | + LATEST_TAG=${CIRCLE_TAG:8} #trim "basedon-" from tag + # + sudo docker build --pull -t $DOCKERHUB_REPO:$LATEST_TAG-amd64 -f linuxamd64.Dockerfile . + sudo docker login --username=$DOCKERHUB_USER --password=$DOCKERHUB_PASS + sudo docker push $DOCKERHUB_REPO:$LATEST_TAG-amd64 + + arm32: + machine: + enabled: true + steps: + - checkout + - run: + command: | + LATEST_TAG=${CIRCLE_TAG:8} #trim "basedon-" from tag + # + # Make sure the builder is copy the arm emulator + sudo docker run --rm --privileged multiarch/qemu-user-static:register --reset + sudo apt update + sudo apt install -y qemu qemu-user-static qemu-user binfmt-support + + sudo cp /usr/bin/qemu-arm-static "qemu-arm-static" + sed -i -e 's/#EnableQEMU //g' "linuxarm32v7.Dockerfile" + sudo docker build --pull -t $DOCKERHUB_REPO:$LATEST_TAG-arm32v7 -f linuxarm32v7.Dockerfile . + sudo docker login --username=$DOCKERHUB_USER --password=$DOCKERHUB_PASS + sudo docker push $DOCKERHUB_REPO:$LATEST_TAG-arm32v7 + + arm64: + machine: + enabled: true + steps: + - checkout + - run: + command: | + LATEST_TAG=${CIRCLE_TAG:8} #trim "basedon-" from tag + # + # Make sure the builder is copy the arm emulator + sudo docker run --rm --privileged multiarch/qemu-user-static:register --reset + sudo apt update + sudo apt install -y qemu qemu-user-static qemu-user binfmt-support + + sudo cp /usr/bin/qemu-aarch64-static "qemu-aarch64-static" + sed -i -e 's/#EnableQEMU //g' "linuxarm64v8.Dockerfile" + sudo docker build --pull -t $DOCKERHUB_REPO:$LATEST_TAG-arm64v8 -f linuxarm64v8.Dockerfile . + sudo docker login --username=$DOCKERHUB_USER --password=$DOCKERHUB_PASS + sudo docker push $DOCKERHUB_REPO:$LATEST_TAG-arm64v8 + + multiarch: + machine: + enabled: true + image: ubuntu-2204:2022.04.1 + steps: + - run: + command: | + # + sudo docker login --username=$DOCKERHUB_USER --password=$DOCKERHUB_PASS + # + LATEST_TAG=${CIRCLE_TAG:8} #trim "basedon-" from tag + sudo docker manifest create --amend $DOCKERHUB_REPO:$LATEST_TAG $DOCKERHUB_REPO:$LATEST_TAG-amd64 $DOCKERHUB_REPO:$LATEST_TAG-arm32v7 $DOCKERHUB_REPO:$LATEST_TAG-arm64v8 + sudo docker manifest annotate $DOCKERHUB_REPO:$LATEST_TAG $DOCKERHUB_REPO:$LATEST_TAG-amd64 --os linux --arch amd64 + sudo docker manifest annotate $DOCKERHUB_REPO:$LATEST_TAG $DOCKERHUB_REPO:$LATEST_TAG-arm32v7 --os linux --arch arm --variant v7 + sudo docker manifest annotate $DOCKERHUB_REPO:$LATEST_TAG $DOCKERHUB_REPO:$LATEST_TAG-arm64v8 --os linux --arch arm64 --variant v8 + sudo docker manifest push $DOCKERHUB_REPO:$LATEST_TAG -p + +workflows: + version: 2 + publish: + jobs: + - amd64: + filters: + # ignore any commit on any branch by default + branches: + ignore: /.*/ + # only act on version tags + tags: + only: /basedon-.+/ + - arm32: + filters: + branches: + ignore: /.*/ + tags: + only: /basedon-.+/ + - arm64: + filters: + branches: + ignore: /.*/ + tags: + only: /basedon-.+/ + - multiarch: + requires: + - amd64 + - arm32 + - arm64 + filters: + branches: + ignore: /.*/ + tags: + only: /basedon-.+/ diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000000..a7b21cf54b --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +Dockerfile +linuxamd64.Dockerfile +linuxarm32v7.Dockerfile +.circleci/ \ No newline at end of file diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000..6fcdd9127c --- /dev/null +++ b/.gitattributes @@ -0,0 +1,4 @@ +# Declare files that will always have CRLF line endings on checkout. +*.sh text eol=lf +*.go text eol=lf +Makefile text eol=lf diff --git a/Makefile b/Makefile index e31c0adde2..5d663afec2 100644 --- a/Makefile +++ b/Makefile @@ -21,6 +21,9 @@ ANDROID_BUILD := $(ANDROID_BUILD_DIR)/Lndmobile.aar COMMIT := $(shell git describe --tags --dirty) +COMMIT := $(subst -dirty,-fresh-btcpay,$(COMMIT)) +LDFLAGS := -ldflags "-X $(PKG)/build.Commit=$(COMMIT)" + GOBUILD := go build -v GOINSTALL := go install -v GOTEST := go test diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100755 index 0000000000..19ea29fef9 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,100 @@ +#!/bin/bash +set -e + +if [[ "$1" == "lnd" || "$1" == "lncli" ]]; then + mkdir -p "$LND_DATA" + + # removing noseedbackup=1 flag, adding it below if needed for legacy + LND_EXTRA_ARGS=${LND_EXTRA_ARGS/noseedbackup=1/} + + cat <<-EOF > "$LND_DATA/lnd.conf" + ${LND_EXTRA_ARGS} + listen=0.0.0.0:${LND_PORT} + EOF + + if [[ "${LND_EXTERNALIP}" ]]; then + echo "externalip=$LND_EXTERNALIP:${LND_PORT}" >> "$LND_DATA/lnd.conf" + fi + + if [[ "${LND_ALIAS}" ]]; then + # This allow to strip this parameter if LND_ALIAS is empty or null, and truncate it + LND_ALIAS="$(echo "$LND_ALIAS" | cut -c -32)" + echo "alias=$LND_ALIAS" >> "$LND_DATA/lnd.conf" + echo "alias=$LND_ALIAS added to $LND_DATA/lnd.conf" + fi + + if [[ $LND_CHAIN && $LND_ENVIRONMENT ]]; then + echo "LND_CHAIN=$LND_CHAIN" + echo "LND_ENVIRONMENT=$LND_ENVIRONMENT" + + NETWORK="" + + shopt -s nocasematch + if [[ $LND_CHAIN == "btc" ]]; then + NETWORK="bitcoin" + elif [[ $LND_CHAIN == "ltc" ]]; then + NETWORK="litecoin" + else + echo "Unknown value for LND_CHAIN, expected btc or ltc" + fi + + ENV="" + # Make sure we use correct casing for LND_Environment + if [[ $LND_ENVIRONMENT == "mainnet" ]]; then + ENV="mainnet" + elif [[ $LND_ENVIRONMENT == "testnet" ]]; then + ENV="testnet" + elif [[ $LND_ENVIRONMENT == "signet" ]]; then + ENV="signet" + elif [[ $LND_ENVIRONMENT == "regtest" ]]; then + ENV="regtest" + else + echo "Unknown value for LND_ENVIRONMENT, expected mainnet, testnet, signet or regtest" + fi + shopt -u nocasematch + + if [[ $ENV && $NETWORK ]]; then + echo " + $NETWORK.active=1 + $NETWORK.$ENV=1 + " >> "$LND_DATA/lnd.conf" + echo "Added $NETWORK.active and $NETWORK.$ENV to config file $LND_DATA/lnd.conf" + else + echo "LND_CHAIN or LND_ENVIRONMENT is not set correctly" + fi + fi + + if [[ "${LND_READY_FILE}" ]]; then + echo "Waiting $LND_READY_FILE to be created..." + while [ ! -f "$LND_READY_FILE" ]; do sleep 1; done + echo "The chain is fully synched" + fi + + if [[ "${LND_HIDDENSERVICE_HOSTNAME_FILE}" ]]; then + echo "Waiting $LND_HIDDENSERVICE_HOSTNAME_FILE to be created by tor..." + while [ ! -f "$LND_HIDDENSERVICE_HOSTNAME_FILE" ]; do sleep 1; done + HIDDENSERVICE_ONION="$(head -n 1 "$LND_HIDDENSERVICE_HOSTNAME_FILE"):${LND_PORT}" + echo "externalip=$HIDDENSERVICE_ONION" >> "$LND_DATA/lnd.conf" + echo "externalip=$HIDDENSERVICE_ONION added to $LND_DATA/lnd.conf" + fi + + # if it is legacy installation, then trigger warning and add noseedbackup=1 to config if needed + WALLET_FILE="$LND_DATA/data/chain/$NETWORK/$ENV/wallet.db" + LNDUNLOCK_FILE=${WALLET_FILE/wallet.db/walletunlock.json} + if [ -f "$WALLET_FILE" -a ! -f "$LNDUNLOCK_FILE" ]; then + echo "[lnd_unlock_entrypoint] WARNING: UNLOCK FILE DOESN'T EXIST! MIGRATE LEGACY INSTALLATION TO NEW VERSION ASAP" + echo "noseedbackup=1" >> "$LND_DATA/lnd.conf" + fi + + # hit up the auto initializer and unlocker on separate process to do it's work + ./docker-initunlocklnd.sh $NETWORK $ENV & + + ln -sfn "$LND_DATA" /root/.lnd + ln -sfn "$LND_BITCOIND" /root/.bitcoin + ln -sfn "$LND_LITECOIND" /root/.litecoin + ln -sfn "$LND_BTCD" /root/.btcd + + exec "$@" +else + exec "$@" +fi diff --git a/docker-initunlocklnd.sh b/docker-initunlocklnd.sh new file mode 100755 index 0000000000..fb4d736011 --- /dev/null +++ b/docker-initunlocklnd.sh @@ -0,0 +1,104 @@ +#!/bin/bash +set -e + +echo "[initunlocklnd] Waiting 2 seconds for lnd..." +sleep 2 + +# ensure that lnd is up and running before proceeding +while + CA_CERT="$LND_DATA/tls.cert" + LND_WALLET_DIR="$LND_DATA/data/chain/$1/$2/" + MACAROON_FILE="$LND_DATA/admin.macaroon" + MACAROON_HEADER="r0ckstar:dev" + if [ -f "$MACAROON_FILE" ]; then + MACAROON_HEADER="Grpc-Metadata-macaroon:$(xxd -p -c 10000 "$MACAROON_FILE" | tr -d ' ')" + fi + + STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER -o /dev/null -w "%{http_code}" $LND_REST_LISTEN_HOST/v1/getinfo) + # if lnd is running it'll either return 200 if unlocked (noseedbackup=1) or 404 if it needs initialization/unlock + if [ "$STATUS_CODE" == "200" ] || [ "$STATUS_CODE" == "404" ] ; then + break + # or 500 from version 0.13.1 onwards because it breaks with `wallet not created, create one to enable full RPC access` error + elif [ "$STATUS_CODE" == "500" ] ; then + STATUS_CODE=$(curl -s --cacert "$CA_CERT" -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/state) + if [ "$STATUS_CODE" == "{\"state\":\"NON_EXISTING\"}" ] || [ "$STATUS_CODE" == "{\"state\":\"LOCKED\"}" ] ; then + break # wallet ready to be either created or unlocked + fi + # for {\"state\":\"UNLOCKED\"}" we will depend on that previous condition with STATUS_CODE 200 or 404 + # because even though wallet is unlocked, /v1/getinfo will still keep returning 500 until it's ready + + echo "[initunlocklnd] Still waiting on LND, got response for wallet status: $STATUS_CODE ... waiting another 2 seconds..." + sleep 2 + else + echo "[initunlocklnd] LND still didn't start, got $STATUS_CODE status code back... waiting another 2 seconds..." + sleep 2 + fi +do true; done + +# read variables after we ensured that lnd is up +CA_CERT="$LND_DATA/tls.cert" +LND_WALLET_DIR="$LND_DATA/data/chain/$1/$2/" +MACAROON_FILE="$LND_DATA/admin.macaroon" +MACAROON_HEADER="r0ckstar:dev" +if [ -f "$MACAROON_FILE" ]; then + MACAROON_HEADER="Grpc-Metadata-macaroon:$(xxd -p -c 10000 "$MACAROON_FILE" | tr -d ' ')" +fi + +WALLET_FILE="$LND_WALLET_DIR/wallet.db" +LNDUNLOCK_FILE=${WALLET_FILE/wallet.db/walletunlock.json} +if [ -f "$WALLET_FILE" ]; then + if [ ! -f "$LNDUNLOCK_FILE" ]; then + echo "[initunlocklnd] WARNING: UNLOCK FILE DOESN'T EXIST! MIGRATE LEGACY INSTALLATION TO NEW VERSION ASAP" + else + echo "[initunlocklnd] Wallet and Unlock files are present... parsing wallet password and unlocking lnd" + + # parse wallet password from unlock file + WALLETPASS=$(jq -c -r '.wallet_password' $LNDUNLOCK_FILE) + # Nicolas deleted default password in some wallet unlock files, so we initializing default if password is empty + [ "$WALLETPASS" == "" ] && WALLETPASS="hellorockstar" + WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') + + # execute unlockwallet call + curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d '{ "wallet_password":"'$WALLETPASS_BASE64'" }' $LND_REST_LISTEN_HOST/v1/unlockwallet + fi + +else + echo "[initunlocklnd] Wallet file doesn't exist. Initializing LND instance with new autogenerated password and seed" + + # generate seed mnemonic + GENSEED_RESP=$(curl -s --cacert "$CA_CERT" -X GET -H $MACAROON_HEADER $LND_REST_LISTEN_HOST/v1/genseed) + CIPHER_ARRAY_EXTRACTED=$(echo $GENSEED_RESP | jq -c -r '.cipher_seed_mnemonic') + + # using static default password per feedback, randomly generated password would still be stored in cleartext + WALLETPASS="hellorockstar" + + # save all the the data to unlock file we'll use for future unlocks + RESULTJSON='{"wallet_password":"'$WALLETPASS'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}' + mkdir -p $LND_WALLET_DIR + echo $RESULTJSON > $LNDUNLOCK_FILE + + # prepare initwallet call json with wallet password and chipher seed mnemonic + WALLETPASS_BASE64=$(echo $WALLETPASS|base64|tr -d '\n\r') + INITWALLET_REQ='{"wallet_password":"'$WALLETPASS_BASE64'", "cipher_seed_mnemonic":'$CIPHER_ARRAY_EXTRACTED'}' + + # execute initwallet call + curl -s --cacert "$CA_CERT" -X POST -H "$MACAROON_HEADER" -d "$INITWALLET_REQ" $LND_REST_LISTEN_HOST/v1/initwallet +fi + + +# LND unlocked, now run Loop + +if [ ! -z "$LND_HOST_FOR_LOOP" ]; then + echo "[initunlocklnd] Preparing to start Loop" + + if [ $LND_ENVIRONMENT == "regtest" ] || [ $LND_ENVIRONMENT == "signet"]; then + echo "[initunlocklnd] Loop can't be started for regtest and signet" + elif [ -f "$MACAROON_FILE" ]; then + sleep 10 + + echo "[initunlocklnd] Starting Loop" + ./bin/loopd --network=$2 --lnd.macaroonpath=$MACAROON_FILE --lnd.host=$LND_HOST_FOR_LOOP --restlisten=0.0.0.0:8081 & + else + echo "[initunlocklnd] Loop can't be started without MACAROON" + fi +fi \ No newline at end of file diff --git a/linuxamd64.Dockerfile b/linuxamd64.Dockerfile new file mode 100644 index 0000000000..e46b5d9082 --- /dev/null +++ b/linuxamd64.Dockerfile @@ -0,0 +1,81 @@ +FROM golang:1.20.3-alpine as builder + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo + +# Install dependencies and build the binaries. +RUN apk add --no-cache --update alpine-sdk \ + git \ + make \ + gcc + +WORKDIR /go/src/github.com/lightningnetwork/lnd +COPY . . + +RUN make \ +&& make install tags="signrpc walletrpc chainrpc invoicesrpc routerrpc watchtowerrpc" + + +# Build loop binary +RUN git clone --depth 1 --branch v0.26.5-beta https://github.com/lightninglabs/loop.git /go/src/github.com/lightninglabs/loop +WORKDIR /go/src/github.com/lightninglabs/loop/cmd + + +RUN go install ./... +# eof + + +# Start a new, final image. +FROM alpine:3.17.3 as final + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo + +# Add bash and ca-certs, for quality of life and SSL-related reasons. +RUN apk --no-cache add \ + bash \ + tini \ + ca-certificates + +ENV LND_DATA /data +ENV LND_BITCOIND /deps/.bitcoin +ENV LND_LITECOIND /deps/.litecoin +ENV LND_BTCD /deps/.btcd +ENV LND_PORT 9735 + +RUN mkdir "$LND_DATA" && \ + mkdir "/deps" && \ + mkdir "$LND_BITCOIND" && \ + mkdir "$LND_LITECOIND" && \ + mkdir "$LND_BTCD" && \ + ln -sfn "$LND_DATA" /root/.lnd && \ + ln -sfn "$LND_BITCOIND" /root/.bitcoin && \ + ln -sfn "$LND_LITECOIND" /root/.litecoin && \ + ln -sfn "$LND_BTCD" /root/.btcd + +# Define a root volume for data persistence. +VOLUME /data + +# Copy the binaries from the builder image. +# lnd +COPY --from=builder /go/bin/lncli /bin/ +COPY --from=builder /go/bin/lnd /bin/ +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/verify-install.sh / +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/keys/* /keys/ +# loop +COPY --from=builder /go/bin/loopd /bin/ +COPY --from=builder /go/bin/loop /bin/ + + +COPY docker-entrypoint.sh /docker-entrypoint.sh + +# Copy script for automatic init and unlock of lnd, need jq for parsing JSON and curl for LND Rest +RUN apk --no-cache add jq curl +COPY docker-initunlocklnd.sh /docker-initunlocklnd.sh + +# Specify the start command and entrypoint as the lnd daemon. +EXPOSE 9735 +ENTRYPOINT [ "/sbin/tini", "-g", "--", "/docker-entrypoint.sh" ] +CMD [ "lnd" ] diff --git a/linuxarm32v7.Dockerfile b/linuxarm32v7.Dockerfile new file mode 100644 index 0000000000..48c53ed4e8 --- /dev/null +++ b/linuxarm32v7.Dockerfile @@ -0,0 +1,81 @@ +FROM golang:1.20.3-bullseye as builder + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo + +# Install dependencies and build the binaries. +RUN apt-get -y update && apt-get -y install git make wget \ + && apt-get install -qq --no-install-recommends qemu qemu-user-static qemu-user binfmt-support + +RUN wget -qO /opt/tini "https://github.com/krallin/tini/releases/download/v0.18.0/tini-armhf" \ + && echo "01b54b934d5f5deb32aa4eb4b0f71d0e76324f4f0237cc262d59376bf2bdc269 /opt/tini" | sha256sum -c - \ + && chmod +x /opt/tini + +ENV GOARM=7 GOARCH=arm +WORKDIR /go/src/github.com/lightningnetwork/lnd +COPY . . + +RUN make \ +&& make install tags="signrpc walletrpc chainrpc invoicesrpc routerrpc watchtowerrpc" + +# Build loop binary +RUN git clone --depth 1 --branch v0.26.5-beta https://github.com/lightninglabs/loop.git /go/src/github.com/lightninglabs/loop +WORKDIR /go/src/github.com/lightninglabs/loop/cmd + +RUN go install ./... +# eof + + +# Force the builder machine to take make an arm runtime image. This is fine as long as the builder does not run any program +FROM arm32v7/debian:bullseye-slim as final + +COPY --from=builder /opt/tini /usr/bin/tini +COPY --from=builder /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo +# Add bash and ca-certs, for quality of life and SSL-related reasons. +RUN apt-get -y update && apt-get install -y bash ca-certificates && rm -rf /var/lib/apt/lists/* + +ENV LND_DATA /data +ENV LND_BITCOIND /deps/.bitcoin +ENV LND_LITECOIND /deps/.litecoin +ENV LND_BTCD /deps/.btcd +ENV LND_PORT 9735 + +RUN mkdir "$LND_DATA" && \ + mkdir "/deps" && \ + mkdir "$LND_BITCOIND" && \ + mkdir "$LND_LITECOIND" && \ + mkdir "$LND_BTCD" && \ + ln -sfn "$LND_DATA" /root/.lnd && \ + ln -sfn "$LND_BITCOIND" /root/.bitcoin && \ + ln -sfn "$LND_LITECOIND" /root/.litecoin && \ + ln -sfn "$LND_BTCD" /root/.btcd + +# Define a root volume for data persistence. +VOLUME /data + +# Copy the binaries from the builder image. +# lnd +COPY --from=builder /go/bin/linux_arm/lncli /bin/ +COPY --from=builder /go/bin/linux_arm/lnd /bin/ +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/verify-install.sh / +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/keys/* /keys/ +# loop +COPY --from=builder /go/bin/linux_arm/loopd /bin/ +COPY --from=builder /go/bin/linux_arm/loop /bin/ + + +COPY docker-entrypoint.sh /docker-entrypoint.sh + +# Copy script for automatic init and unlock of lnd, need jq for parsing JSON and curl for LND Rest +RUN apt-get -y update && apt-get -y install jq curl xxd && rm -rf /var/lib/apt/lists/* +COPY docker-initunlocklnd.sh /docker-initunlocklnd.sh + +# Specify the start command and entrypoint as the lnd daemon. +EXPOSE 9735 +ENTRYPOINT [ "/usr/bin/tini", "-g", "--", "/docker-entrypoint.sh" ] +CMD [ "lnd" ] diff --git a/linuxarm64v8.Dockerfile b/linuxarm64v8.Dockerfile new file mode 100644 index 0000000000..dbf33dcfff --- /dev/null +++ b/linuxarm64v8.Dockerfile @@ -0,0 +1,81 @@ +FROM golang:1.20.3-bullseye as builder + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo + +# Install dependencies and build the binaries. +RUN apt-get -y update && apt-get -y install git make wget \ + && apt-get install -qq --no-install-recommends qemu qemu-user-static qemu-user binfmt-support + +RUN wget -qO /opt/tini "https://github.com/krallin/tini/releases/download/v0.18.0/tini-arm64" \ + && echo "7c5463f55393985ee22357d976758aaaecd08defb3c5294d353732018169b019 /opt/tini" | sha256sum -c - \ + && chmod +x /opt/tini + +ENV GOARCH=arm64 +WORKDIR /go/src/github.com/lightningnetwork/lnd +COPY . . + +RUN make \ +&& make install tags="signrpc walletrpc chainrpc invoicesrpc routerrpc watchtowerrpc" + +# Build loop binary +RUN git clone --depth 1 --branch v0.26.5-beta https://github.com/lightninglabs/loop.git /go/src/github.com/lightninglabs/loop +WORKDIR /go/src/github.com/lightninglabs/loop/cmd + +RUN go install ./... +# eof + + +# Force the builder machine to take make an arm runtime image. This is fine as long as the builder does not run any program +FROM arm64v8/debian:bullseye-slim as final + +COPY --from=builder /opt/tini /usr/bin/tini +COPY --from=builder /usr/bin/qemu-aarch64-static /usr/bin/qemu-aarch64-static + +# Force Go to use the cgo based DNS resolver. This is required to ensure DNS +# queries required to connect to linked containers succeed. +ENV GODEBUG netdns=cgo +# Add bash and ca-certs, for quality of life and SSL-related reasons. +RUN apt-get -y update && apt-get install -y bash ca-certificates && rm -rf /var/lib/apt/lists/* + +ENV LND_DATA /data +ENV LND_BITCOIND /deps/.bitcoin +ENV LND_LITECOIND /deps/.litecoin +ENV LND_BTCD /deps/.btcd +ENV LND_PORT 9735 + +RUN mkdir "$LND_DATA" && \ + mkdir "/deps" && \ + mkdir "$LND_BITCOIND" && \ + mkdir "$LND_LITECOIND" && \ + mkdir "$LND_BTCD" && \ + ln -sfn "$LND_DATA" /root/.lnd && \ + ln -sfn "$LND_BITCOIND" /root/.bitcoin && \ + ln -sfn "$LND_LITECOIND" /root/.litecoin && \ + ln -sfn "$LND_BTCD" /root/.btcd + +# Define a root volume for data persistence. +VOLUME /data + +# Copy the binaries from the builder image. +# lnd +COPY --from=builder /go/bin/linux_arm64/lncli /bin/ +COPY --from=builder /go/bin/linux_arm64/lnd /bin/ +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/verify-install.sh / +COPY --from=builder /go/src/github.com/lightningnetwork/lnd/scripts/keys/* /keys/ +# loop +COPY --from=builder /go/bin/linux_arm64/loopd /bin/ +COPY --from=builder /go/bin/linux_arm64/loop /bin/ + + +COPY docker-entrypoint.sh /docker-entrypoint.sh + +# Copy script for automatic init and unlock of lnd, need jq for parsing JSON and curl for LND Rest +RUN apt-get -y update && apt-get -y install jq curl xxd && rm -rf /var/lib/apt/lists/* +COPY docker-initunlocklnd.sh /docker-initunlocklnd.sh + +# Specify the start command and entrypoint as the lnd daemon. +EXPOSE 9735 +ENTRYPOINT [ "/usr/bin/tini", "-g", "--", "/docker-entrypoint.sh" ] +CMD [ "lnd" ]