From 9324140d0ed1f2a575810da2e1a25fcec765a038 Mon Sep 17 00:00:00 2001 From: sethsimmons Date: Fri, 19 Nov 2021 15:36:10 -0500 Subject: [PATCH 1/3] Comment and optimize Dockerfile --- Dockerfile | 39 ++++++++++++++++++++++++++++++++++----- 1 file changed, 34 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 880581e..66572d4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,13 @@ +# Use ubuntu:20.04 as base for builder stage image FROM ubuntu:20.04 as builder +# Set Monero branch/tag to be used for monerod compilation +ARG MONERO_BRANCH=release-v0.17 + +# Added DEBIAN_FRONTEND=noninteractive to workaround tzdata prompt on installation ENV DEBIAN_FRONTEND="noninteractive" +# Install dependencies for monerod and xmrblocks compilation RUN apt-get update && apt install -y --no-install-recommends \ git \ build-essential \ @@ -23,42 +29,65 @@ RUN apt-get update && apt install -y --no-install-recommends \ libsodium-dev \ libhidapi-dev \ libhidapi-libusb0 \ + && apt-get clean \ && rm -rf /var/lib/apt/lists/* +# Set compilation environment variables +ENV CFLAGS='-fPIC' +ENV CXXFLAGS='-fPIC' +ENV USE_SINGLE_BUILDDIR 1 +ENV BOOST_DEBUG 1 + WORKDIR /root -RUN git clone --recursive -b release-v0.17 https://github.com/monero-project/monero.git \ +# Clone and compile monerod with all available threads +ARG MONERO_BRANCH +ARG NPROC +RUN git clone --recursive --branch ${MONERO_BRANCH} https://github.com/monero-project/monero.git \ && cd monero \ - && USE_SINGLE_BUILDDIR=1 make + && test -z "$NPROC" && nproc > /nproc || echo -n "$NPROC" > /nproc && make -j"$(cat /nproc)" +# Copy and cmake xmrblocks COPY . /root/onion-monero-blockchain-explorer/ WORKDIR /root/onion-monero-blockchain-explorer/build RUN cmake .. -RUN make -# use ldd and awk to bundle up dynamic libraries for the final image +# Compile xmrblocks with all available threads +RUN test -z "$NPROC" && nproc > /nproc || echo -n "$NPROC" > /nproc && make -j"$(cat /nproc)" + +# Use ldd and awk to bundle up dynamic libraries for the final image RUN zip /lib.zip $(ldd xmrblocks | grep -E '/[^\ ]*' -o) +# Use ubuntu:20.04 as base for final image FROM ubuntu:20.04 +# Added DEBIAN_FRONTEND=noninteractive to workaround tzdata prompt on installation ENV DEBIAN_FRONTEND="noninteractive" + +# Install unzip to handle bundled libs from builder stage RUN apt-get update && apt-get install -y --no-install-recommends \ unzip \ + && apt-get clean \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /lib.zip . RUN unzip -o lib.zip && rm -rf lib.zip +# Add user and setup directories for monerod and xmrblocks RUN useradd -ms /bin/bash monero \ && mkdir -p /home/monero/.bitmonero \ && chown -R monero:monero /home/monero/.bitmonero USER monero -WORKDIR /home/monero +# Switch to home directory and install newly built xmrblocks binary +WORKDIR /home/monero COPY --chown=monero:monero --from=builder /root/onion-monero-blockchain-explorer/build/xmrblocks . COPY --chown=monero:monero --from=builder /root/onion-monero-blockchain-explorer/build/templates ./templates/ +# Expose volume used for lmdb access by xmrblocks VOLUME /home/monero/.bitmonero + +# Expose default explorer http port EXPOSE 8081 ENTRYPOINT ["/bin/sh", "-c", "./xmrblocks"] From e03ed49f795ee8982453a6e342d8018a577afced Mon Sep 17 00:00:00 2001 From: sethsimmons Date: Fri, 19 Nov 2021 16:12:19 -0500 Subject: [PATCH 2/3] Add apt upgrade step to resolve vulns --- Dockerfile | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 66572d4..ab2ff16 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,9 @@ ARG MONERO_BRANCH=release-v0.17 ENV DEBIAN_FRONTEND="noninteractive" # Install dependencies for monerod and xmrblocks compilation -RUN apt-get update && apt install -y --no-install-recommends \ +RUN apt-get update \ + && apt-get upgrade -y \ + && apt-get install -y --no-install-recommends \ git \ build-essential \ cmake \ @@ -65,8 +67,9 @@ FROM ubuntu:20.04 ENV DEBIAN_FRONTEND="noninteractive" # Install unzip to handle bundled libs from builder stage -RUN apt-get update && apt-get install -y --no-install-recommends \ - unzip \ +RUN apt-get update \ + && apt-get upgrade -y \ + && apt-get install -y --no-install-recommends unzip \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* From ae1df3d0d08d919e0c256429d8787d386abde9cb Mon Sep 17 00:00:00 2001 From: sethsimmons Date: Fri, 19 Nov 2021 16:22:25 -0500 Subject: [PATCH 3/3] Add sane defaults and allow passing args --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index ab2ff16..048b689 100644 --- a/Dockerfile +++ b/Dockerfile @@ -94,3 +94,6 @@ VOLUME /home/monero/.bitmonero EXPOSE 8081 ENTRYPOINT ["/bin/sh", "-c", "./xmrblocks"] + +# Set sane defaults that are overridden if the user passes any commands +CMD ["--enable-json-api", "--enable-autorefresh-option", "--enable-emission-monitor", "--enable-pusher"] \ No newline at end of file