Docker improvements
- Modify onionr.sh to parse env and supply args to run-onionr-node.py - Run onionr by default rather than bash - Run as unprivileged user by default instead of root - Use /app for all code - Specify python 3.7 (3.8 fails to build cffi) - Use apt-get rather than apt (apt's CLI is not stable) - Slight reformatting and consolidationmaster
parent
416e43e7bb
commit
b1ef248ee9
34
Dockerfile
34
Dockerfile
|
@ -1,28 +1,30 @@
|
|||
FROM python
|
||||
FROM python:3.7
|
||||
|
||||
#Base settings
|
||||
ENV HOME /root
|
||||
USER root
|
||||
|
||||
RUN mkdir /app
|
||||
WORKDIR /app
|
||||
|
||||
ENV PORT=8080
|
||||
EXPOSE 8080
|
||||
|
||||
#Install needed packages
|
||||
RUN apt update && apt install -y tor locales
|
||||
RUN apt-get update && apt-get install -y tor locales
|
||||
|
||||
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
|
||||
locale-gen
|
||||
ENV LANG en_US.UTF-8
|
||||
ENV LANGUAGE en_US:en
|
||||
ENV LC_ALL en_US.UTF-8
|
||||
ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8
|
||||
|
||||
WORKDIR /srv/
|
||||
ADD ./requirements.txt /srv/requirements.txt
|
||||
ADD ./requirements.txt /app/requirements.txt
|
||||
RUN pip3 install --require-hashes -r requirements.txt
|
||||
|
||||
WORKDIR /root/
|
||||
#Add Onionr source
|
||||
COPY . /root/
|
||||
VOLUME /root/data/
|
||||
COPY . /app/
|
||||
|
||||
#Set upstart command
|
||||
CMD bash
|
||||
VOLUME /app/data/
|
||||
|
||||
#Expose ports
|
||||
EXPOSE 8080
|
||||
#Default to running as nonprivileged user
|
||||
RUN chmod g=u -R /app
|
||||
USER 1000
|
||||
|
||||
CMD ["bash", "./onionr.sh"]
|
||||
|
|
21
onionr.sh
21
onionr.sh
|
@ -2,5 +2,22 @@
|
|||
ORIG_ONIONR_RUN_DIR=`pwd`
|
||||
export ORIG_ONIONR_RUN_DIR
|
||||
cd "$(dirname "$0")"
|
||||
cd src
|
||||
./__init__.py "$@"
|
||||
|
||||
[[ -n "$USE_TOR" ]] || USE_TOR=1
|
||||
[[ -n "$PORT" ]] || PORT=8080
|
||||
[[ -n "$KEEP_LOG" ]] || KEEP_LOG=0
|
||||
[[ -n "$STORE_PLAINTEXT" ]] || STORE_PLAINTEXT=1
|
||||
|
||||
PRIVKEY_OPT=""
|
||||
[[ -f "privkey.key" ]] && PRIVKEY_OPT="--private-key privkey.key"
|
||||
|
||||
python run-onionr-node.py \
|
||||
--open-ui 0 \
|
||||
--onboarding 0 \
|
||||
--bind-address 0.0.0.0 \
|
||||
--port $PORT \
|
||||
--use-tor $USE_TOR \
|
||||
--keep-log-on-exit $KEEP_LOG \
|
||||
--store-plaintext $STORE_PLAINTEXT \
|
||||
$PRIVKEY_OPT \
|
||||
"$@"
|
||||
|
|
Loading…
Reference in New Issue