From b6097160f1a6f4a3120386d5a55f081fb0277bb9 Mon Sep 17 00:00:00 2001 From: Mikal Villa Date: Fri, 6 Jan 2017 21:47:55 +0100 Subject: [PATCH 1/3] Adding default port to config docs --- docs/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration.md b/docs/configuration.md index 3212aea9..2074dceb 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -36,7 +36,7 @@ Windows-specific options: All options below still possible in cmdline, but better write it in config file: * --http.address= - The address to listen on (HTTP server) -* --http.port= - The port to listen on (HTTP server) +* --http.port= - The port to listen on (HTTP server) 7070 by default * --http.auth - Enable basic HTTP auth for webconsole * --http.user= - Username for basic auth (default: i2pd) * --http.pass= - Password for basic auth (default: random, see logs) From a4cfdcb5c413fd0c8f16e24265562b15e35bcdb5 Mon Sep 17 00:00:00 2001 From: Mikal Villa Date: Sat, 7 Jan 2017 02:17:02 +0100 Subject: [PATCH 2/3] Improved and minimalized docker image --- build/docker/Dockerfile | 54 +++++++++++++++++++ build/docker/entrypoint.sh | 24 +++++++++ .../{ => docker/old-ubuntu-based}/Dockerfile | 0 3 files changed, 78 insertions(+) create mode 100644 build/docker/Dockerfile create mode 100644 build/docker/entrypoint.sh rename build/{ => docker/old-ubuntu-based}/Dockerfile (100%) diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile new file mode 100644 index 00000000..229d0d53 --- /dev/null +++ b/build/docker/Dockerfile @@ -0,0 +1,54 @@ +FROM alpine:latest + +MAINTAINER Mikal Villa + +ENV GIT_BRANCH="master" +ENV I2PD_PREFIX="/opt/i2pd-${GIT_BRANCH}" +ENV PATH=${I2PD_PREFIX}/bin:$PATH + +ENV GOSU_VERSION=1.7 +ENV GOSU_SHASUM="34049cfc713e8b74b90d6de49690fa601dc040021980812b2f1f691534be8a50 /usr/local/bin/gosu" + +RUN mkdir /user && adduser -S -h /user i2pd && chown -R i2pd:nobody /user + + +# +# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the +# image under 20mb we need to remove all the build dependencies in the same "RUN" / layer. +# + +# 1. install deps, clone and build. +# 2. strip binaries. +# 3. Purge all dependencies and other unrelated packages, including build directory. +RUN apk --no-cache --virtual build-dependendencies add make gcc g++ libtool boost-dev build-base openssl-dev openssl git \ + && mkdir -p /tmp/build \ + && cd /tmp/build && git clone -b ${GIT_BRANCH} https://github.com/PurpleI2P/i2pd.git \ + && cd i2pd \ + && make -j4 \ + && mkdir -p ${I2PD_PREFIX}/bin \ + && mv i2pd ${I2PD_PREFIX}/bin/ \ + && cd ${I2PD_PREFIX}/bin \ + && strip i2pd \ + && rm -fr /tmp/build && apk --purge del build-dependendencies build-base fortify-headers boost-dev zlib-dev openssl-dev \ + boost-python3 python3 gdbm boost-unit_test_framework boost-python linux-headers boost-prg_exec_monitor \ + boost-serialization boost-signals boost-wave boost-wserialization boost-math boost-graph boost-regex git pcre \ + libtool g++ gcc pkgconfig + +# 2. Adding required libraries to run i2pd to ensure it will run. +RUN apk --no-cache add boost-filesystem boost-system boost-program_options boost-date_time boost-thread boost-iostreams openssl musl-utils libstdc++ + +# Gosu is a replacement for su/sudo in docker and not a backdoor :) See https://github.com/tianon/gosu +RUN wget -O /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \ + && echo "${GOSU_SHASUM}" | sha256sum -c && chmod +x /usr/local/bin/gosu + +COPY entrypoint.sh /entrypoint.sh + +RUN chmod a+x /entrypoint.sh +RUN echo "export PATH=${PATH}" >> /etc/profile + +VOLUME [ "/var/lib/i2pd" ] + +EXPOSE 7070 4444 4447 7656 2827 7654 7650 + +ENTRYPOINT [ "/entrypoint.sh" ] + diff --git a/build/docker/entrypoint.sh b/build/docker/entrypoint.sh new file mode 100644 index 00000000..24a415aa --- /dev/null +++ b/build/docker/entrypoint.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +ARGS="" +if [ "${ENABLE_IPV6}" != "" ]; then + ARGS="${ARGS} –ipv6" +fi + +if [ "${LOGLEVEL}" != "" ]; then + ARGS="${ARGS} –loglevel=${LOGLEVEL}" +fi + +if [ "${ENABLE_AUTH}" != "" ]; then + ARGS="${ARGS} –http.auth" +fi + + +# To make ports exposeable +DEFAULT_ARGS=" –http.address=0.0.0.0 –httpproxy.address=0.0.0.0 -socksproxy.address=0.0.0.0 –sam.address=0.0.0.0 –bob.address=0.0.0.0 –i2cp.address=0.0.0.0 –i2pcontrol.port=0.0.0.0 –upnp.enabled=false -service " + +mkdir -p /var/lib/i2pd && chown -R i2pd:nobody /var/lib/i2pd && chmod u+rw /var/lib/i2pd + +gosu i2pd i2pd $DEFAULT_ARGS $ARGS + + diff --git a/build/Dockerfile b/build/docker/old-ubuntu-based/Dockerfile similarity index 100% rename from build/Dockerfile rename to build/docker/old-ubuntu-based/Dockerfile From 5b2bc23d03b2975036451d512ee58ec1e8f1ec45 Mon Sep 17 00:00:00 2001 From: Mikal Villa Date: Sat, 7 Jan 2017 02:30:17 +0100 Subject: [PATCH 3/3] Adding readme --- build/docker/README.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 build/docker/README.md diff --git a/build/docker/README.md b/build/docker/README.md new file mode 100644 index 00000000..df2cdc01 --- /dev/null +++ b/build/docker/README.md @@ -0,0 +1,34 @@ +Howto build & run +================== + +**Build** + +Assuming you're in the root directory of the anoncoin source code. + +$ `cd build/docker` +$ `docker -t meeh/i2pd:latest .` + +**Run** + +To run either the local build, or if not found - fetched prebuild from hub.docker.io, run the following command. + +$ `docker run --name anonnode -v /path/to/i2pd/datadir/on/host:/var/lib/i2pd -p 7070:7070 -p 4444:4444 -p 4447:4447 -p 7656:7656 -p 2827:2827 -p 7654:7654 -p 7650:7650 -d meeh/i2pd` + +All the ports ( -p HOSTPORT:DOCKERPORT ) is optional. However the command above enable all features (Webconsole, HTTP Proxy, BOB, SAM, i2cp, etc) + +The volume ( -v HOSTDIR:DOCKERDIR ) is also optional, but if you don't use it, your config, routerid and private keys will die along with the container. + +**Options** + +Options are set via docker environment variables. This can be set at run with -e parameters. + +* **ENABLE_IPV6** - Enable IPv6 support. Any value can be used - it triggers as long as it's not empty. +* **LOGLEVEL** - Set the loglevel. +* **ENABLE_AUTH** - Enable auth for the webconsole. Username and password needs to be set manually in i2pd.conf cause security reasons. + +**Logging** + +Logging happens to STDOUT as the best practise with docker containers, since infrastructure systems like kubernetes with ELK integration can automaticly forward the log to say, kibana or greylog without manual setup. :) + + +