diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..9414382 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..d907bc2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,75 @@ +ARG UBUNTU_VERSION=20.04 +FROM ubuntu:${UBUNTU_VERSION} as haskell-builder +ARG CABAL_VERSION=3.2.0.0 +ARG GHC_VERSION=8.6.5 +ARG IOHK_LIBSODIUM_GIT_REV=66f017f16633f2060db25e17c170c2afa0f2a8a1 +ENV DEBIAN_FRONTEND=nonintercative +RUN mkdir -p /app/src +WORKDIR /app +RUN apt-get update -y && apt-get install -y \ + automake=1:1.16.1-4ubuntu6 \ + build-essential \ + g++=4:9.3.0-1ubuntu2 \ + git \ + jq \ + libffi-dev=3.3-4 \ + libghc-postgresql-libpq-dev=0.9.4.2-1build1 \ + libgmp-dev=2:6.2.0+dfsg-4 \ + libncursesw5=6.2-0ubuntu2 \ + libpq-dev=12.4-0ubuntu0.20.04.1 \ + libssl-dev=1.1.1f-1ubuntu2 \ + libsystemd-dev=245.4-4ubuntu3.2 \ + libtinfo-dev=6.2-0ubuntu2 \ + libtool=2.4.6-14 \ + make \ + pkg-config \ + tmux \ + wget \ + zlib1g-dev=1:1.2.11.dfsg-2ubuntu1 +RUN wget --secure-protocol=TLSv1_2 \ + https://downloads.haskell.org/~cabal/cabal-install-${CABAL_VERSION}/cabal-install-${CABAL_VERSION}-x86_64-unknown-linux.tar.xz &&\ + tar -xf cabal-install-${CABAL_VERSION}-x86_64-unknown-linux.tar.xz &&\ + rm cabal-install-${CABAL_VERSION}-x86_64-unknown-linux.tar.xz cabal.sig &&\ + mv cabal /usr/local/bin/ +RUN cabal update +WORKDIR /app/ghc +RUN wget --secure-protocol=TLSv1_2 \ + https://downloads.haskell.org/~ghc/${GHC_VERSION}/ghc-${GHC_VERSION}-x86_64-deb9-linux.tar.xz &&\ + tar -xf ghc-${GHC_VERSION}-x86_64-deb9-linux.tar.xz &&\ + rm ghc-${GHC_VERSION}-x86_64-deb9-linux.tar.xz +WORKDIR /app/ghc/ghc-${GHC_VERSION} +RUN ./configure && \ + make install +WORKDIR /app/src +RUN git clone https://github.com/input-output-hk/libsodium.git &&\ + cd libsodium &&\ + git fetch --all --tags &&\ + git checkout ${IOHK_LIBSODIUM_GIT_REV} +WORKDIR /app/src/libsodium +RUN ./autogen.sh && \ + ./configure && \ + make && \ + make install .. +ENV LD_LIBRARY_PATH="/usr/local/lib:$LD_LIBRARY_PATH" +ENV PKG_CONFIG_PATH="/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH" +COPY . /app/src/smash +WORKDIR /app/src/smash +RUN cabal install smash \ + --install-method=copy \ + --installdir=/usr/local/bin +# Cleanup for runtiume-base copy of /usr/local/lib +RUN rm -rf /usr/local/lib/ghc-${GHC_VERSION} /usr/local/lib/pkgconfig + +FROM ubuntu:${UBUNTU_VERSION} +RUN curl --proto '=https' --tlsv1.2 -sSf -L https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" | tee /etc/apt/sources.list.d/pgdg.list +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + postgresql-client-12 +COPY --from=haskell-builder /usr/local/lib /usr/local/lib +COPY --from=haskell-builder /usr/local/bin/smash-exe /usr/local/bin/ +COPY ./schema /schema +COPY ./scripts/docker-entrypoint.sh /entrypoint.sh +RUN mkdir /ipc +EXPOSE 3100 +ENTRYPOINT ["./entrypoint.sh"] diff --git a/config/secrets/postgres_db b/config/secrets/postgres_db new file mode 100644 index 0000000..f6ccf57 --- /dev/null +++ b/config/secrets/postgres_db @@ -0,0 +1 @@ +smash diff --git a/config/secrets/postgres_password b/config/secrets/postgres_password new file mode 100644 index 0000000..e3eedc8 --- /dev/null +++ b/config/secrets/postgres_password @@ -0,0 +1 @@ +notForProduction! diff --git a/config/secrets/postgres_user b/config/secrets/postgres_user new file mode 100644 index 0000000..f134994 --- /dev/null +++ b/config/secrets/postgres_user @@ -0,0 +1 @@ +postgres diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..78635e1 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,78 @@ +version: "3.5" + +services: + postgres: + image: postgres:11.5-alpine + environment: + - POSTGRES_LOGGING=true + - POSTGRES_DB_FILE=/run/secrets/postgres_db + - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password + - POSTGRES_USER_FILE=/run/secrets/postgres_user + volumes: + - postgres:/var/lib/postgresql/data + ports: + - 5432:5432 + restart: on-failure + secrets: + - postgres_password + - postgres_user + - postgres_db + logging: + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + + cardano-node: + image: inputoutput/cardano-node:1.20.0 + environment: + - NETWORK=${NETWORK:-mainnet} + volumes: + - node-db:/data/db + - node-ipc:/ipc + restart: on-failure + logging: + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + + smash: + build: . + command: [ + "run-app-with-db-sync", + "--config", "/configuration/config.yaml", + "--socket-path", "/node-ipc/node.socket" + ] + environment: + - POSTGRES_HOST=postgres + - POSTGRES_PORT=5432 + depends_on: + - cardano-node + - postgres + volumes: + - node-ipc:/node-ipc + - ./config/${NETWORK:-mainnet}:/configuration + restart: on-failure + secrets: + - postgres_password + - postgres_user + - postgres_db + logging: + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + +secrets: + postgres_db: + file: ./config/secrets/postgres_db + postgres_password: + file: ./config/secrets/postgres_password + postgres_user: + file: ./config/secrets/postgres_user + +volumes: + postgres: + node-db: + node-ipc: diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh new file mode 100755 index 0000000..6dee48c --- /dev/null +++ b/scripts/docker-entrypoint.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +set -euo pipefail + +SECRET_DIR=${1:-/run/secrets} +OUT_DIR=${2:-/configuration} +SCHEMA_DIR=${3:-/schema} +SMASHPGPASSFILE=${OUT_DIR}/pgpass + +POSTGRES_DB=''${POSTGRES_DB:-$(< ''${SECRET_DIR}/postgres_db)} +POSTGRES_USER=''${POSTGRES_USER:-$(< ''${SECRET_DIR}/postgres_user)} +POSTGRES_PASSWORD=''${POSTGRES_PASSWORD:-$(< ''${SECRET_DIR}/postgres_password)} +echo ${POSTGRES_HOST}:${POSTGRES_PORT}:${POSTGRES_DB}:${POSTGRES_USER}:${POSTGRES_PASSWORD} > $SMASHPGPASSFILE +chmod 0600 $SMASHPGPASSFILE +export SMASHPGPASSFILE + +exec smash-exe --schema-dir ${SCHEMA_DIR} $@