From 94d1f4a51f371a9f5ce2d97cc0b796af204fd2f6 Mon Sep 17 00:00:00 2001
From: Reckless_Satoshi <reckless.satoshi@protonmail.com>
Date: Tue, 8 Feb 2022 03:41:03 -0800
Subject: [PATCH] Add docker bitcoind and tor

---
 docker-compose.yml            | 32 ++++++++++++++++--
 docker/bitcoind/Dockerfile    | 15 ++++++++
 docker/bitcoind/bitcoin.conf  | 33 ++++++++++++++++++
 docker/bitcoind/entrypoint.sh | 21 ++++++++++++
 docker/tor/Dockerfile         | 21 ++++++++++++
 docker/tor/entrypoint.sh      | 18 ++++++++++
 docker/tor/torrc              | 12 +++++++
 setup.md                      | 64 ++++++++++++++---------------------
 8 files changed, 174 insertions(+), 42 deletions(-)
 create mode 100644 docker/bitcoind/Dockerfile
 create mode 100644 docker/bitcoind/bitcoin.conf
 create mode 100755 docker/bitcoind/entrypoint.sh
 create mode 100644 docker/tor/Dockerfile
 create mode 100755 docker/tor/entrypoint.sh
 create mode 100644 docker/tor/torrc

diff --git a/docker-compose.yml b/docker-compose.yml
index 476ce4f4..d6a83eb9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,7 +14,7 @@ services:
     container_name: django-dev
     restart: always
     depends_on:
-    #   - bitcoind-dev
+      - bitcoind
     #   - lnd-dev
       - redis
     environment:
@@ -52,8 +52,8 @@ services:
     build: .
     container_name: invo-dev
     restart: always
-    # depends_on:
-    #   - bitcoind-testnet
+    depends_on:
+      - bitcoind
     #   - lnd-testnet
     command: python3 manage.py follow_invoices
     volumes:
@@ -75,6 +75,32 @@ services:
     networks:
       - redis_network
 
+  tor:
+    build: ./docker/tor
+    container_name: tor-dev
+    restart: always
+    environment:
+      LOCAL_USER_ID: 1000
+      LOCAL_GROUP_ID: 1000
+    volumes:
+      - /mnt/development/tor/data:/var/lib/tor
+      - /mnt/development/tor/config:/etc/tor
+
+  bitcoind:
+    build: ./docker/bitcoind
+    container_name: btc-dev
+    restart: always
+    environment:
+      LOCAL_USER_ID: 1000
+      LOCAL_GROUP_ID: 1000
+    depends_on:
+      - tor
+    network_mode: service:tor
+    volumes:
+      - /mnt/development/tor/data:/var/lib/tor:ro
+      - /mnt/development/tor/config:/etc/tor:ro
+      - /mnt/development/bitcoin:/home/bitcoin/.bitcoin
+
 volumes:
   redisdata:
 
diff --git a/docker/bitcoind/Dockerfile b/docker/bitcoind/Dockerfile
new file mode 100644
index 00000000..9e9ddce1
--- /dev/null
+++ b/docker/bitcoind/Dockerfile
@@ -0,0 +1,15 @@
+FROM ruimarinho/bitcoin-core:22-alpine
+
+ARG LOCAL_USER_ID=9999
+ARG LOCAL_GROUP_ID=9999
+
+# Set the expected local user id
+# for shared group to access tor cookie
+RUN apk --no-cache --no-progress add shadow=~4 gettext=~0.21 && \
+  groupadd -g "$LOCAL_GROUP_ID" bitcoin && \
+  usermod -u "$LOCAL_USER_ID" -g bitcoin bitcoin
+
+COPY entrypoint.sh /root/entrypoint.sh
+COPY bitcoin.conf /tmp/bitcoin.conf
+ENTRYPOINT [ "/root/entrypoint.sh" ]
+CMD ["bitcoind"]
diff --git a/docker/bitcoind/bitcoin.conf b/docker/bitcoind/bitcoin.conf
new file mode 100644
index 00000000..52a1a0b1
--- /dev/null
+++ b/docker/bitcoind/bitcoin.conf
@@ -0,0 +1,33 @@
+# Reference: https://en.bitcoin.it/wiki/Running_Bitcoin
+# https://github.com/bitcoin/bitcoin/blob/master/share/examples/bitcoin.conf
+
+server=1
+txindex=1
+onion=127.0.0.1:9050
+torcontrol=127.0.0.1:9051
+rpcuser=robodev
+rpcpassword=robodev
+zmqpubrawblock=tcp://127.0.0.1:18501
+zmqpubrawtx=tcp://127.0.0.1:18502
+
+# Allow RPC connections from outside of container localhost
+rpcbind=0.0.0.0
+# Only connect to typical docker IP addresses (Usually from docker host computer)
+rpcallowip=172.0.0.0/255.0.0.0
+# Allow access from any IP address (Usually from another computer on LAN)
+#rpcallowip=0.0.0.0/0
+
+# Run on the test network instead of the real bitcoin network.
+testnet=1
+
+[main]
+# Only run on Tor
+onlynet=onion
+
+# Add Tor seed nodes
+addnode=i4x66albngo3sg3w.onion:8333
+
+# Some testnet settings needed for 0.19, if using testnet
+[test]
+# Allow RPC connections from outside of container localhost
+rpcbind=0.0.0.0
diff --git a/docker/bitcoind/entrypoint.sh b/docker/bitcoind/entrypoint.sh
new file mode 100755
index 00000000..3099a5ef
--- /dev/null
+++ b/docker/bitcoind/entrypoint.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+set -e
+
+# Create bitcoin.conf if it doesn't exist
+if [ ! -f "/home/bitcoin/.bitcoin/bitcoin.conf" ]; then
+    envsubst < /tmp/bitcoin.conf > /home/bitcoin/.bitcoin/bitcoin.conf
+fi
+
+_USER_ID="$(id -u)"
+
+# Change local user id and group
+if [ -n "${LOCAL_USER_ID:?}" ] && [ "$_USER_ID" != "${LOCAL_USER_ID:?}" ]; then
+    usermod -u "${LOCAL_USER_ID:?}" bitcoin
+fi
+groupmod -g "${LOCAL_GROUP_ID:?}" bitcoin
+
+# Fix ownership
+chown -R bitcoin /home/bitcoin
+
+# Run original entrypoint
+exec /entrypoint.sh "$@"
diff --git a/docker/tor/Dockerfile b/docker/tor/Dockerfile
new file mode 100644
index 00000000..a5709786
--- /dev/null
+++ b/docker/tor/Dockerfile
@@ -0,0 +1,21 @@
+FROM alpine:3
+
+RUN apk --no-cache --no-progress add tor=~0.4
+
+EXPOSE 9001 9050
+
+# hadolint ignore=DL3002
+USER root
+ARG LOCAL_USER_ID=9999
+ENV TOR_DATA=/var/lib/tor
+
+# Add useradd and usermod
+# Create user account (UID will be changed in entrypoint script)
+RUN apk --no-cache --no-progress add shadow=~4 sudo=~1 && \
+  useradd -u $LOCAL_USER_ID --shell /bin/sh -m alice && \
+  usermod -g alice tor
+
+COPY entrypoint.sh /root/entrypoint.sh
+COPY torrc /tmp/torrc
+
+ENTRYPOINT [ "/root/entrypoint.sh" ]
diff --git a/docker/tor/entrypoint.sh b/docker/tor/entrypoint.sh
new file mode 100755
index 00000000..063481a0
--- /dev/null
+++ b/docker/tor/entrypoint.sh
@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+
+# Create torrc if it doesn't exist
+if [ ! -f "/etc/tor/torrc" ]; then
+    cp /tmp/torrc /etc/tor/torrc
+fi
+
+# Change local user id and group
+usermod -u "${LOCAL_USER_ID:?}" alice
+groupmod -g "${LOCAL_GROUP_ID:?}" alice
+
+# Set correct owners on volumes
+chown -R tor:alice "${TOR_DATA}"
+chown -R :alice /etc/tor
+chown -R alice:alice /home/alice
+
+exec sudo -u tor /usr/bin/tor
diff --git a/docker/tor/torrc b/docker/tor/torrc
new file mode 100644
index 00000000..25c08e96
--- /dev/null
+++ b/docker/tor/torrc
@@ -0,0 +1,12 @@
+Log notice file /var/log/tor/notices.log
+
+## The directory for keeping all the keys/etc. By default, we store
+## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+DataDirectory /var/lib/tor
+DataDirectoryGroupReadable 1
+
+## Enable ControlPort
+ControlPort 9051
+CookieAuthentication 1
+CookieAuthFileGroupReadable 1
+CookieAuthFile /var/lib/tor/control_auth_cookie
\ No newline at end of file
diff --git a/setup.md b/setup.md
index e1a08122..20181c91 100644
--- a/setup.md
+++ b/setup.md
@@ -1,4 +1,28 @@
 # Set up
+# The easy way
+## With Docker (-dev containers running on testnet)
+Spinning up docker for the first time
+```
+docker-compose build --no-cache
+docker-compose up -d
+sudo docker exec -it django-dev python3 manage.py makemigrations
+sudo docker exec -it django-dev python3 manage.py migrate
+sudo docker exec -it django-dev python3 manage.py createsuperuser
+docker-compose restart
+```
+
+Spinning up any other time:
+`docker-compose up -d`
+
+Then monitor in a terminal the Django dev docker service
+`docker attach django-dev`
+
+And the NPM dev docker service
+`docker attach npm-dev`
+
+Ready to roll!
+
+# The harder way
 ## Django development environment
 ### Install Python and pip
 `sudo apt install python3 python3 pip`
@@ -217,42 +241,4 @@ Then launch it with
 ```
 systemctl start clean_orders
 systemctl enable clean_orders
-```
-
-# Docker set up for development, example for testnet (-dev containers)
-First time
-```
-docker-compose build --no-cache
-docker-compose up -d
-sudo docker exec -it django-dev python3 manage.py makemigrations
-sudo docker exec -it django-dev python3 manage.py migrate
-sudo docker exec -it django-dev python3 manage.py createsuperuser
-docker-compose restart
-```
-
-Any other time:
-`docker-compose up -d`
-
-Monitor Django dev docker service
-`docker attach django-dev`
-
-Monitor NPM dev docker service
-`docker attach npm-dev`
-
-
-## If needed; how to clean-restart the docker instance
-
-
-Stop the container(s) using the following command:
-
-`docker-compose --env-file config/.env.tn down`
-Delete all containers using the following command:
-`docker rm -f $(docker ps -a -q)`
-Delete all volumes using the following command:
-`docker volume rm $(docker volume ls -q)`
-Restart the containers using the following command:
-`docker-compose --env-file config/.env.tn up`
-
-
-Delete <None> images
-`docker rmi $(docker images -f 'dangling=true' -q)`
+```
\ No newline at end of file