From a38526887b8c9d996358d2f00cf27dc52aeaea5c Mon Sep 17 00:00:00 2001 From: sethforprivacy Date: Sun, 30 Oct 2022 15:41:06 -0400 Subject: [PATCH 1/6] Add Sparrow Server Dockerfile --- docker/Dockerfile | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 docker/Dockerfile diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 00000000..3540e895 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,40 @@ +# Define Ubuntu 22.04 LTS as base image +FROM ubuntu:22.04 + +# Set Sparrow version and expected PGP signature +ARG SPARROW_VERSION=1.7.0 +ARG PGP_SIG=E94618334C674B40 + +# Update all packages and install requirements +RUN apt-get update \ + && apt-get upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends curl \ + gpg \ + gpg-agent + +# Download Sparrow Server binaries and verification assets +ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-server-${SPARROW_VERSION}-x86_64.tar.gz /tmp +ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt /tmp +ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt.asc /tmp +ADD https://keybase.io/craigraw/pgp_keys.asc /tmp + +# Switch to /tmp for verification and install +WORKDIR /tmp + +# GPG verify, sha256sum verify, and unpack Sparrow Server binaries +RUN gpg --import pgp_keys.asc \ + && gpg --status-fd 1 --verify sparrow-${SPARROW_VERSION}-manifest.txt.asc \ + | grep -q "GOODSIG ${PGP_SIG}" \ + || exit 1 \ + && sha256sum --check sparrow-1.7.0-manifest.txt --ignore-missing || exit 1 \ + && tar xvf sparrow-server-${SPARROW_VERSION}-x86_64.tar.gz -C /opt + +# Add user and setup directories for Sparrow +RUN useradd -ms /bin/bash sparrow +USER sparrow + +# Switch to home directory +WORKDIR /home/sparrow + +# Run Sparrow in terminal mode +CMD ["/opt/Sparrow/bin/Sparrow", "-t"] From 07075474cc94347e98f9785ab920b80965c7e227 Mon Sep 17 00:00:00 2001 From: Seth For Privacy Date: Sun, 30 Oct 2022 15:56:35 -0400 Subject: [PATCH 2/6] Make Dockerfile multi-arch --- docker/Dockerfile | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 3540e895..123a927e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -10,24 +10,33 @@ RUN apt-get update \ && apt-get upgrade -y \ && DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends curl \ gpg \ - gpg-agent + gpg-agent \ + wget \ + ca-certificates -# Download Sparrow Server binaries and verification assets -ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-server-${SPARROW_VERSION}-x86_64.tar.gz /tmp -ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt /tmp -ADD https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt.asc /tmp -ADD https://keybase.io/craigraw/pgp_keys.asc /tmp +# Detect and set architecture to properly download binaries +ARG TARGETARCH # Switch to /tmp for verification and install WORKDIR /tmp -# GPG verify, sha256sum verify, and unpack Sparrow Server binaries -RUN gpg --import pgp_keys.asc \ +# Download Sparrow Server binaries and verification assets +RUN case ${TARGETARCH:-amd64} in \ + "arm64") SPARROW_ARCH="aarch64";; \ + "amd64") SPARROW_ARCH="x86_64";; \ + *) echo "Dockerfile does not support this platform"; exit 1 ;; \ + esac \ + && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz \ + && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt \ + && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt.asc \ + && wget --quiet https://keybase.io/craigraw/pgp_keys.asc \ + # GPG verify, sha256sum verify, and unpack Sparrow Server binaries + && gpg --import pgp_keys.asc \ && gpg --status-fd 1 --verify sparrow-${SPARROW_VERSION}-manifest.txt.asc \ | grep -q "GOODSIG ${PGP_SIG}" \ || exit 1 \ && sha256sum --check sparrow-1.7.0-manifest.txt --ignore-missing || exit 1 \ - && tar xvf sparrow-server-${SPARROW_VERSION}-x86_64.tar.gz -C /opt + && tar xvf sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz -C /opt # Add user and setup directories for Sparrow RUN useradd -ms /bin/bash sparrow From 474acb3d7b480c0824c2d24e82702f2ea722bf15 Mon Sep 17 00:00:00 2001 From: Seth For Privacy Date: Sun, 30 Oct 2022 16:44:54 -0400 Subject: [PATCH 3/6] Minor stage optimizations --- docker/Dockerfile | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 123a927e..743c29c1 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -7,25 +7,24 @@ ARG PGP_SIG=E94618334C674B40 # Update all packages and install requirements RUN apt-get update \ - && apt-get upgrade -y \ - && DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends curl \ + && apt-get upgrade -y +RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends curl \ gpg \ gpg-agent \ wget \ ca-certificates -# Detect and set architecture to properly download binaries -ARG TARGETARCH - # Switch to /tmp for verification and install WORKDIR /tmp -# Download Sparrow Server binaries and verification assets +# Detect and set architecture to properly download binaries +ARG TARGETARCH RUN case ${TARGETARCH:-amd64} in \ "arm64") SPARROW_ARCH="aarch64";; \ "amd64") SPARROW_ARCH="x86_64";; \ *) echo "Dockerfile does not support this platform"; exit 1 ;; \ esac \ + # Download Sparrow Server binaries and verification assets && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz \ && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt \ && wget --quiet https://github.com/sparrowwallet/sparrow/releases/download/${SPARROW_VERSION}/sparrow-${SPARROW_VERSION}-manifest.txt.asc \ From 4244311f1d8059e6b861d4faa592b2fffba15ebe Mon Sep 17 00:00:00 2001 From: Seth For Privacy Date: Sun, 30 Oct 2022 16:46:43 -0400 Subject: [PATCH 4/6] Add apt cleanup steps --- docker/Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 743c29c1..ff59a0fa 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -12,7 +12,9 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends cu gpg \ gpg-agent \ wget \ - ca-certificates + ca-certificates \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* # Switch to /tmp for verification and install WORKDIR /tmp From 19939ce042253dece82b0d3d79990ac7478f15ce Mon Sep 17 00:00:00 2001 From: Seth For Privacy Date: Sun, 30 Oct 2022 16:49:33 -0400 Subject: [PATCH 5/6] Remove verbosity in tar step --- docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index ff59a0fa..09db46be 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -37,7 +37,7 @@ RUN case ${TARGETARCH:-amd64} in \ | grep -q "GOODSIG ${PGP_SIG}" \ || exit 1 \ && sha256sum --check sparrow-1.7.0-manifest.txt --ignore-missing || exit 1 \ - && tar xvf sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz -C /opt + && tar xf sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz -C /opt # Add user and setup directories for Sparrow RUN useradd -ms /bin/bash sparrow From dc0703c529bbe1498d626072aed700cf2eec11fa Mon Sep 17 00:00:00 2001 From: Seth For Privacy Date: Sun, 30 Oct 2022 16:54:37 -0400 Subject: [PATCH 6/6] Properly set SPARROW_VERSION for manifest files --- docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 09db46be..038075df 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -36,7 +36,7 @@ RUN case ${TARGETARCH:-amd64} in \ && gpg --status-fd 1 --verify sparrow-${SPARROW_VERSION}-manifest.txt.asc \ | grep -q "GOODSIG ${PGP_SIG}" \ || exit 1 \ - && sha256sum --check sparrow-1.7.0-manifest.txt --ignore-missing || exit 1 \ + && sha256sum --check sparrow-${SPARROW_VERSION}-manifest.txt --ignore-missing || exit 1 \ && tar xf sparrow-server-${SPARROW_VERSION}-${SPARROW_ARCH}.tar.gz -C /opt # Add user and setup directories for Sparrow