mirror of
https://github.com/ton-blockchain/ton
synced 2025-02-12 11:12:16 +00:00
Add docker workflow
This commit is contained in:
parent
2cd180d156
commit
dd606e5e07
5 changed files with 182 additions and 0 deletions
44
.github/workflows/docker-ubuntu-image.yml
vendored
Normal file
44
.github/workflows/docker-ubuntu-image.yml
vendored
Normal file
|
@ -0,0 +1,44 @@
|
|||
name: Build Docker Ubuntu Image
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
|
||||
jobs:
|
||||
build-and-push:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
|
||||
-
|
||||
name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.repository_owner }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
push: true
|
||||
context: ./docker
|
||||
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
|
||||
|
32
docker/Dockerfile
Normal file
32
docker/Dockerfile
Normal file
|
@ -0,0 +1,32 @@
|
|||
FROM ubuntu:20.04 as builder
|
||||
RUN apt-get update && \
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential cmake clang-6.0 openssl libssl-dev zlib1g-dev gperf wget git && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
ENV CC clang-6.0
|
||||
ENV CXX clang++-6.0
|
||||
WORKDIR /
|
||||
RUN git clone --recursive https://github.com/newton-blockchain/ton
|
||||
WORKDIR /ton
|
||||
|
||||
RUN mkdir build && \
|
||||
cd build && \
|
||||
cmake .. -DCMAKE_BUILD_TYPE=Release && \
|
||||
make -j 4
|
||||
|
||||
FROM ubuntu:20.04
|
||||
RUN apt-get update && \
|
||||
apt-get install -y openssl wget&& \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
RUN mkdir -p /var/ton-work/db && \
|
||||
mkdir -p /var/ton-work/db/static
|
||||
|
||||
COPY --from=builder /ton/build/lite-client/lite-client /usr/local/bin/
|
||||
COPY --from=builder /ton/build/validator-engine/validator-engine /usr/local/bin/
|
||||
COPY --from=builder /ton/build/validator-engine-console/validator-engine-console /usr/local/bin/
|
||||
COPY --from=builder /ton/build/utils/generate-random-id /usr/local/bin/
|
||||
|
||||
WORKDIR /var/ton-work/db
|
||||
COPY init.sh control.template ./
|
||||
RUN chmod +x init.sh
|
||||
|
||||
ENTRYPOINT ["/var/ton-work/db/init.sh"]
|
28
docker/README.md
Normal file
28
docker/README.md
Normal file
|
@ -0,0 +1,28 @@
|
|||
# The Open Network Node
|
||||
Dockerfile for The Open Network Node
|
||||
|
||||
#### Install
|
||||
```docker pull ghcr.io/newton-blockchain/ton```
|
||||
#### Create volume
|
||||
```docker volume create ton-db```
|
||||
#### Run
|
||||
```docker run -d --name ton-node --mount source=ton-db,target=/var/ton-work/db --network host -e "PUBLIC_IP=<YOUR_PUBLIC_IP>" -e "CONSOLE_PORT=<TCP-PORT1>" -e "LITESERVER=true" -e "LITE_PORT=<TCP-PORT2>" -it ghcr.io/newton-blockchain/ton```
|
||||
|
||||
|
||||
If you don't need Liteserver, then remove -e "LITESERVER=true".
|
||||
|
||||
#### Use
|
||||
```docker exec -ti <container-id> /bin/bash```
|
||||
|
||||
```./validator-engine-console -k client -p server.pub -a <IP>:<TCP-PORT1>```
|
||||
|
||||
IP:PORT is shown at start of container.
|
||||
|
||||
#### Lite-client
|
||||
To use lite-client you need to get liteserver.pub from container.
|
||||
|
||||
```docker cp <container-id>:/var/ton-work/db/liteserver.pub /your/path```
|
||||
|
||||
Then you can connect to it, but be sure you use right port, it's different from fullnode console port.
|
||||
|
||||
```lite-client -a <IP>:<TCP-PORT2> -p liteserver.pub```
|
9
docker/control.template
Normal file
9
docker/control.template
Normal file
|
@ -0,0 +1,9 @@
|
|||
"control" : [
|
||||
{ "id" : SERVER-ID,
|
||||
"port" : CONSOLE-PORT,
|
||||
"allowed" : [
|
||||
{ "id" : CLIENT-ID,
|
||||
"permissions" : 15
|
||||
}
|
||||
]
|
||||
}
|
69
docker/init.sh
Normal file
69
docker/init.sh
Normal file
|
@ -0,0 +1,69 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# global config
|
||||
if [ ! -z "$GCONFURL" ]; then
|
||||
echo -e "\e[1;32m[+]\e[0m Downloading provided global config."
|
||||
wget -q $GCONFURL -O /var/ton-work/db/ton-global.config
|
||||
else
|
||||
echo -e "\e[1;33m[=]\e[0m No global config provided, downloading default."
|
||||
wget -q https://api.tontech.io/ton/wallet-mainnet.autoconf.json -O /var/ton-work/db/ton-global.config
|
||||
fi
|
||||
|
||||
# Init local config with IP:PORT
|
||||
if [ ! -z "$PUBLIC_IP" ]; then
|
||||
if [ -z "$CONSOLE_PORT" ]; then
|
||||
CONSOLE_PORT="43678"
|
||||
fi
|
||||
echo -e "\e[1;32m[+]\e[0m Using provided IP: $PUBLIC_IP:$CONSOLE_PORT"
|
||||
validator-engine -C /var/ton-work/db/ton-global.config --db /var/ton-work/db --ip "$PUBLIC_IP:$CONSOLE_PORT"
|
||||
else
|
||||
echo -e "\e[1;31m[!]\e[0m No IP:PORT provided, exiting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Generating server certificate
|
||||
if [ -f "./server" ]; then
|
||||
echo -e "\e[1;33m[=]\e[0m Found existing server certificate, skipping"
|
||||
else
|
||||
echo -e "\e[1;32m[+]\e[0m Generating and installing server certificate for remote control"
|
||||
read -r SERVER_ID1 SERVER_ID2 <<< $(generate-random-id -m keys -n server)
|
||||
echo "Server IDs: $SERVER_ID1 $SERVER_ID2"
|
||||
cp server /var/ton-work/db/keyring/$SERVER_ID1
|
||||
fi
|
||||
|
||||
# Generating client certificate
|
||||
if [ -f "./client" ]; then
|
||||
echo -e "\e[1;33m[=]\e[0m Found existing client certificate, skipping"
|
||||
else
|
||||
read -r CLIENT_ID1 CLIENT_ID2 <<< $(generate-random-id -m keys -n client)
|
||||
echo -e "\e[1;32m[+]\e[0m Generated client private certificate $CLIENT_ID1 $CLIENT_ID2"
|
||||
echo -e "\e[1;32m[+]\e[0m Generated client public certificate"
|
||||
# Adding client permissions
|
||||
sed -e "s/CONSOLE-PORT/\"$(printf "%q" $CONSOLE_PORT)\"/g" -e "s~SERVER-ID~\"$(printf "%q" $SERVER_ID2)\"~g" -e "s~CLIENT-ID~\"$(printf "%q" $CLIENT_ID2)\"~g" control.template > control.new
|
||||
sed -e "s~\"control\"\ \:\ \[~$(printf "%q" $(cat control.new))~g" config.json > config.json.new
|
||||
mv config.json.new config.json
|
||||
fi
|
||||
|
||||
# Liteserver
|
||||
if [ -z "$LITESERVER" ]; then
|
||||
echo -e "\e[1;33m[=]\e[0m Liteserver disabled"
|
||||
else
|
||||
if [ -f "./liteserver" ]; then
|
||||
echo -e "\e[1;33m[=]\e[0m Found existing liteserver certificate, skipping"
|
||||
else
|
||||
echo -e "\e[1;32m[+]\e[0m Generating and installing liteserver certificate for remote control"
|
||||
read -r LITESERVER_ID1 LITESERVER_ID2 <<< $(generate-random-id -m keys -n liteserver)
|
||||
echo "Liteserver IDs: $LITESERVER_ID1 $LITESERVER_ID2"
|
||||
cp liteserver /var/ton-work/db/keyring/$LITESERVER_ID1
|
||||
if [ -z "$LITE_PORT" ]; then
|
||||
LITE_PORT="43679"
|
||||
fi
|
||||
LITESERVERS=$(printf "%q" "\"liteservers\":[{\"id\":\"$LITESERVER_ID2\",\"port\":\"$LITE_PORT\"}")
|
||||
sed -e "s~\"liteservers\"\ \:\ \[~$LITESERVERS~g" config.json > config.json.liteservers
|
||||
mv config.json.liteservers config.json
|
||||
fi
|
||||
fi
|
||||
|
||||
echo -e "\e[1;32m[+]\e[0m Running validator-engine"
|
||||
|
||||
exec validator-engine -c /var/ton-work/db/config.json -C /var/ton-work/db/ton-global.config --db /var/ton-work/db
|
Loading…
Reference in a new issue