Merge branch 'vls' into 'main'

vls: docker image, compose service, assets and entrypoint

Closes validating-lightning-signer#375

See merge request lightning-signer/vls-container!8

README.md

@@ -35,7 +35,8 @@ sudo systemctl enable --now docker
 ```
 docker volume create bitcoin_data
 docker volume create lightning_data
-docker volume create txood_data
+docker volume create txoo_data
+docker volume create vls_data
 ```
 
 ## Docker Compose Run

assets/regtest-config

@@ -8,3 +8,4 @@ important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19846
 plugin=/usr/local/src/plugins/summary/summary.py
+subdaemon=hsmd:remote_hsmd_socket

assets/regtest-env

@@ -1,4 +0,0 @@
-VLS_PORT=17701
-VLS_NETWORK=regtest
-BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
-RUST_LOG=info

assets/testnet-config

@@ -8,3 +8,4 @@ important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19735
 plugin=/usr/local/src/plugins/summary/summary.py
+subdaemon=hsmd:remote_hsmd_socket

assets/testnet-env

@@ -1,4 +0,0 @@
-VLS_PORT=17701
-VLS_NETWORK=testnet
-BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
-RUST_LOG=info

assets/vlsd2.toml

@@ -0,0 +1 @@
+datadir = "/home/vls/.lightning-signer"

docker-compose.regtest.yml

@@ -18,14 +18,20 @@ services:
       - 19846
     ports:
       - 19846:19846
-    env_file:
-      - ./assets/regtest-env
     environment:
       - BITCOIN_CHAIN=regtest
+      - VLS_NETWORK=regtest
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
 
   txoo:
     container_name: txoo-regtest
     command:
       - -r http://rpcuser:VLSsigner1@bitcoind:38332
     environment:
-      - BITCOIN_CHAIN=regtest
+      - BITCOIN_NETWORK=regtest
+
+  vls:
+    container_name: vlsd-regtest
+    environment:
+      - VLS_NETWORK=regtest
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332

docker-compose.yml

@@ -7,7 +7,7 @@ services:
     image: bitcoind
     container_name: bitcoind-test
     volumes:
-      - data:/home/bitcoin/.bitcoin
+      - bitcoin_data:/home/bitcoin/.bitcoin
     expose:
       - 18332
     networks:
@@ -27,18 +27,22 @@ services:
       - --conf=/home/lightning/.lightning/testnet-config
       - --bitcoin-rpcconnect=bitcoind
     volumes:
-      - clightning:/home/lightning/.lightning
+      - lightning_data:/home/lightning/.lightning
     expose:
       - 19735
+      - 7701
     networks:
       - LN_testing
     depends_on:
       bitcoin-core:
         condition: service_healthy
-    env_file:
-      - ./assets/testnet-env
     environment:
       - BITCOIN_CHAIN=test
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
+      - RUST_LOG=info
+      - VLS_NETWORK=testnet
+      - VLS_BIND=0.0.0.0
+      - VLS_PORT=7701
 
   txoo:
     build:
@@ -53,22 +57,44 @@ services:
       - LN_testing
     volumes:
       - txoo_data:/root/.txoo/
-      - data:/root/.bitcoin/
+      - bitcoin_data:/root/.bitcoin/
     depends_on:
       bitcoin-core:
         condition: service_healthy
     environment:
-      - BITCOIN_CHAIN=test
+      - BITCOIN_NETWORK=testnet
+
+  vls:
+    build:
+      dockerfile: ./vlsd/Dockerfile
+      context: .
+    image: vlsd
+    container_name: vlsd-test
+    command:
+      - --log-level=info
+      - --connect=http://core-lightning:7701
+    networks:
+      - LN_testing
+    volumes:
+      - vls_data:/home/vls/.lightning-signer
+    environment:
+      - VLS_NETWORK=testnet
+      - VLS_PERMISSIVE=1
+      - RUST_LOG=info
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
 
 volumes:
-  data:
+  bitcoin_data:
     name: bitcoin_data
     external: true
-  clightning:
+  lightning_data:
     name: lightning_data
     external: true
   txoo_data:
-    name: txood_data
+    name: txoo_data
+    external: true
+  vls_data:
+    name: vls_data
     external: true
 
 networks:

lightningd/Dockerfile

@@ -61,6 +61,20 @@ RUN git clone $PLUGINS_REPO && \
     cd plugins && \
     git checkout $PLUGINS_GIT_HASH
 
+RUN apk add \
+        cargo \
+        rust \
+        grpc \
+        protobuf \
+        protobuf-dev
+
+ARG VLS_GIT_HASH=af02dac8b855c361d74234387d288a9591fad1d5
+ARG VLS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git
+RUN git clone $VLS_REPO && \
+    cd validating-lightning-signer && \
+    git checkout $VLS_GIT_HASH && \
+    cargo build --bins -r
+
 # final stage with runtime dependencies and pkgs
 FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
 
@@ -98,6 +112,7 @@ COPY --from=builder /usr/share/man/man8 /usr/share/man/man8
 COPY --from=builder /usr/share/doc/c-lightning /usr/share/doc/c-lightning
 COPY --from=builder /usr/bin/clboss /usr/bin/clboss
 COPY --from=builder /build/plugins/summary /usr/local/src/plugins/summary
+COPY --from=builder /build/validating-lightning-signer/target/release/remote_hsmd_socket /usr/libexec/c-lightning/remote_hsmd_socket
 
 RUN addgroup -S lightning && adduser -S lightning -G lightning && \
     mkdir -p ${LIGHTNINGD_DATA} && \

txood/entrypoint.sh

@@ -1,20 +1,10 @@
 #!/bin/sh
 set -e
 
-LIGHTNING_NETWORK=""
-
-case $BITCOIN_CHAIN in
-    "test")    LIGHTNING_NETWORK=testnet ;;
-    "regtest") LIGHTNING_NETWORK=regtest ;;
-    "main")    LIGHTNING_NETWORK=bitcoin ;;
-    "signet")  LIGHTNING_NETWORK=signet ;;
-    *) echo "Invalid BITCOIN_CHAIN value: $BITCOIN_CHAIN" && exit 1 ;;
-esac
-
 if [ $(echo "$1" | cut -c1) = "-" ]; then
   echo "$0: assuming arguments for txood"
 
-  set -- txood --network $LIGHTNING_NETWORK "$@"
+  set -- txood --network $BITCOIN_NETWORK "$@"
 fi
 
 echo

vlsd/Dockerfile

@@ -0,0 +1,63 @@
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as builder
+
+WORKDIR /build
+
+RUN apk update && \
+  apk add \
+  build-base \
+  cargo \
+  git \
+  grpc \
+  protobuf \
+  protobuf-dev \
+  rust
+
+ARG GIT_HASH=af02dac8b855c361d74234387d288a9591fad1d5
+RUN git clone https://gitlab.com/lightning-signer/validating-lightning-signer.git && \
+    cd validating-lightning-signer && \
+    git checkout $GIT_HASH
+
+RUN cd validating-lightning-signer && \
+    cargo build --bins --release
+
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
+
+ARG UID=100
+ARG GID=101
+
+LABEL maintainer.0="Lakshya Singh (@king-11)" \
+  maintainer.1="Dev Random (@devrandom01)"
+
+RUN addgroup vls --gid ${GID} --system
+RUN adduser --uid ${UID} --system vls --ingroup vls
+
+RUN apk update && \
+  apk add \
+  build-base \
+  curl-dev \
+  protobuf \
+  bind-tools
+
+COPY --from=builder /build/validating-lightning-signer/target/release/vlsd2 /usr/local/bin/vlsd2
+
+COPY vlsd/entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+COPY assets/vlsd2.toml /vlsd2.toml
+
+ENV VLS_DATA=/home/vls/.lightning-signer
+RUN mkdir "${VLS_DATA}"
+RUN chown vls:vls "${VLS_DATA}"
+
+ENV REMOTE_SIGNER_ALLOWLIST=${VLS_DATA}/ALLOWLIST
+RUN touch "${REMOTE_SIGNER_ALLOWLIST}"
+
+VOLUME ["${VLS_DATA}"]
+
+USER vls
+
+ENTRYPOINT ["/entrypoint.sh"]
+
+RUN vlsd2 --git-desc
+
+CMD ["vlsd2"]

vlsd/entrypoint.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+cp /vlsd2.toml $VLS_DATA/
+sed -i "1s/^/network = \"$VLS_NETWORK\"\n/" $VLS_DATA/vlsd2.toml
+
+if [ $(echo "$1" | cut -c1) = "-" ]; then
+  echo "$0: assuming arguments for vlsd2"
+
+  set -- vlsd2 "$@"
+fi
+
+if [ $(echo "$1" | cut -c1) = "-" ] || [ "$1" = "vlsd2" ]; then
+  echo "$0: setting config to $VLS_DATA/vlsd2.toml"
+
+  set -- "$@" --config=$VLS_DATA/vlsd2.toml
+fi
+
+echo
+exec "$@"