Skip to content

Update with-ipfs.dockerfile #258

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update with-ipfs.dockerfile #258

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 41 additions & 18 deletions docker/with-ipfs.dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,40 +1,63 @@
# Use a specific, stable version of Python
FROM python:3.10

# === Install IPFS ===
RUN apt-get install -y wget
RUN wget https://ipfs.io/ipns/dist.ipfs.io/kubo/v0.15.0/kubo_v0.15.0_linux-amd64.tar.gz
RUN tar -xvzf kubo_v0.15.0_linux-amd64.tar.gz -C /opt/
RUN ln -s /opt/kubo/ipfs /usr/local/bin/

# Volume to store IPFS data
# --- IPFS (Kubo) Installation ---
# Install necessary tools for downloading
RUN apt-get update && \
apt-get install -y --no-install-recommends \
wget \
tar \
&& rm -rf /var/lib/apt/lists/*

# Download, extract, and symlink IPFS (Kubo)
ARG KUBO_VERSION=v0.15.0
RUN wget https://ipfs.io/ipns/dist.ipfs.io/kubo/${KUBO_VERSION}/kubo_${KUBO_VERSION}_linux-amd64.tar.gz && \
tar -xvzf kubo_${KUBO_VERSION}_linux-amd64.tar.gz -C /opt/ && \
rm kubo_${KUBO_VERSION}_linux-amd64.tar.gz && \
ln -s /opt/kubo/ipfs /usr/local/bin/

# Volume and environment for IPFS data persistence
RUN mkdir /var/lib/ipfs
ENV IPFS_PATH /var/lib/ipfs
VOLUME /var/lib/ipfs

# IPFS Swarm
EXPOSE 4001
# IPFS WebUI
EXPOSE 5001
# IPFS Gateway
EXPOSE 8080
# Expose required IPFS ports
EXPOSE 4001 5001 8080


# === Install Aleph-Client ===
# --- Aleph-Client Installation and Dependencies ---

RUN apt-get update && apt-get -y upgrade && apt-get install -y \
libsecp256k1-dev \
&& rm -rf /var/lib/apt/lists/*
# Install cryptography dependencies (libsecp256k1-dev)
RUN apt-get update && \
apt-get install -y --no-install-recommends \
libsecp256k1-dev \
&& rm -rf /var/lib/apt/lists/*

# Setup working directory and copy source code
RUN mkdir /opt/aleph-sdk-python/
WORKDIR /opt/aleph-sdk-python/
COPY . .

# Install the package in editable mode with testing dependencies
RUN pip install -e .[testing]


# - User 'aleph' to run the code itself
# --- Security and Entrypoint Configuration ---

# 1. Create a dedicated, non-root user for running the application
RUN useradd --create-home -s /bin/bash aleph

# 2. **CRITICAL FIX:** Change ownership of the IPFS data directory to the 'aleph' user
RUN chown -R aleph:aleph /var/lib/ipfs

# Set the final working directory to the user's home
WORKDIR /home/aleph

# Set the execution context to the non-root user
USER aleph

# Copy the entrypoint script
COPY docker/with-ipfs.entrypoint.sh /entrypoint.sh

# Define the command to run when the container starts
CMD ["/entrypoint.sh"]