-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
153 lines (149 loc) · 7.25 KB
/
Copy pathdocker-compose.yml
File metadata and controls
153 lines (149 loc) · 7.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
# blindjoin Docker Compose stack
# Starts: bitcoind (signet) + coordinator + liquidity-bot
# Startup order: bitcoind → coordinator → liquidity-bot (healthcheck-gated)
#
# Usage:
# cp .env.example .env # fill in BOT_UTXO, BOT_UTXO_VALUE_SATS, BOT_WIF
# docker compose up -d
# docker compose logs -f coordinator
#
# The coordinator logs its PKARR public key on startup:
# "PKARR identity ready — share this key with clients: pk:..."
services:
bitcoind:
# Bitcoin Core 30.x — matches the .bitcoind-version pin used in CI
# (currently 30.2). Bumped from 27 → 30 as part of v1.5 release-readiness
# (P0-2/3); keeps the dev-compose stack and the CI-integration-tested
# version on the same major line.
#
# NOTE on signing (v1.5 supply-chain status — see SECURITY.md):
# The bitcoin/bitcoin image on Docker Hub is not maintainer-signed;
# independent verifiers should re-build bitcoind from source against
# bitcoin-core/guix.sigs (the same trust root the ci.yml install
# step uses to PGP-verify the release tarball).
#
# To pin by digest for a release build:
# docker pull bitcoin/bitcoin:30
# docker inspect --format='{{index .RepoDigests 0}}' bitcoin/bitcoin:30
# then replace the line below with: image: bitcoin/bitcoin@sha256:<HEX>
image: bitcoin/bitcoin:30
# bitcoin.conf is mounted to the datadir inside the container.
# The image entrypoint reads /home/bitcoin/.bitcoin/bitcoin.conf automatically.
volumes:
- bitcoin-data:/home/bitcoin/.bitcoin
- ./bitcoind/bitcoin.conf:/home/bitcoin/.bitcoin/bitcoin.conf:ro
ports:
# Expose signet RPC for local tooling (bitcoin-cli from host)
- "38332:38332"
healthcheck:
# bitcoin-cli -signet getblockchaininfo exits 0 when bitcoind is up and accepting RPC.
# start_period: 60s handles slow peer connection on signet (can take 30-120s).
# retries: 20 gives up to 200s of retry window after start_period.
test:
- "CMD-SHELL"
- "bitcoin-cli -signet -rpcuser=blindjoin -rpcpassword=blindjoin -rpcconnect=127.0.0.1 -rpcport=38332 getblockchaininfo || exit 1"
interval: 10s
timeout: 5s
retries: 20
start_period: 60s
restart: unless-stopped
coordinator:
build:
context: ..
dockerfile: docker/Dockerfile
target: coordinator
environment:
BLINDJOIN__NETWORK__BITCOIN_RPC_URL: "http://bitcoind:38332"
BLINDJOIN__NETWORK__BITCOIN_RPC_USER: "blindjoin"
BLINDJOIN__NETWORK__BITCOIN_RPC_PASS: "blindjoin"
BLINDJOIN__NETWORK__BITCOIN_NETWORK: "signet"
BLINDJOIN__COORDINATOR__LISTEN_ADDR: "0.0.0.0:8080"
# This stack is clearnet-internal by design: the healthcheck curls
# http://localhost:8080/info and the bot reaches http://coordinator:8080,
# both of which need a clearnet listener (tor_mode would create a .onion
# with NO clearnet listener, breaking both). Release images refuse to start
# in clearnet mode unless this flag explicitly acknowledges it (WR-04 guardrail).
# For a Tor-fronted production coordinator, set BLINDJOIN__COORDINATOR__TOR_MODE
# instead and drop this flag — see README "Run the Coordinator".
BLINDJOIN_ALLOW_CLEARNET: "1"
# PKARR keypair is stored in the named volume at /app/keys
BLINDJOIN__DISCOVERY__PKARR_KEY_FILE: "/app/keys/coordinator_pkarr.key"
# Ban list (BLAME-05) persists across coordinator restarts via /app/data volume.
BLINDJOIN__COORDINATOR__BAN_FILE_PATH: "/app/data/ban_list.jsonl"
# Set coordinator_public_addr to the host's IP/domain for external discovery.
# Default is local Docker bridge; suitable for local testing only.
BLINDJOIN__DISCOVERY__COORDINATOR_PUBLIC_ADDR: "coordinator:8080"
volumes:
# Named volume persists the PKARR keypair across container restarts.
# Losing this volume means the coordinator gets a new DHT identity.
- coordinator-keys:/app/keys
# Named volume persists the append-only ban file (BLAME-05) across restarts.
# Losing this volume drops all unexpired bans — non-fatal but reduces blame coverage.
# append_ban_entry fsyncs each line, so a power loss / kernel panic / OOM kill
# cannot lose a ban that returned Ok() to the caller.
- coordinator-data:/app/data
ports:
- "8080:8080"
depends_on:
bitcoind:
condition: service_healthy
healthcheck:
# curl -sf returns non-zero on HTTP error or connection failure.
test:
- "CMD-SHELL"
- "curl -sf http://localhost:8080/info || exit 1"
interval: 10s
timeout: 5s
retries: 10
start_period: 15s
restart: unless-stopped
liquidity-bot:
build:
context: ..
dockerfile: docker/Dockerfile
target: liquidity-bot
environment:
BLINDJOIN_COORDINATOR_URL: "http://coordinator:8080"
BLINDJOIN_NETWORK: "signet"
# Phase 18 multi-script rotation env vars.
# CSV of script types the bot rotates across (default: p2wpkh = v1.3 compat).
# Set to "p2wpkh,p2tr,p2sh-p2wpkh" for full rotation. Accepted tokens: lowercase kebab-case.
BLINDJOIN_BOT_SCRIPT_TYPES: "${BOT_SCRIPT_TYPES:-p2wpkh}"
# Per-type tuples — only required when the matching type is in BLINDJOIN_BOT_SCRIPT_TYPES.
BLINDJOIN_BOT_P2WPKH_UTXO: "${BOT_P2WPKH_UTXO:-}"
BLINDJOIN_BOT_P2WPKH_WIF: "${BOT_P2WPKH_WIF:-}"
BLINDJOIN_BOT_P2TR_UTXO: "${BOT_P2TR_UTXO:-}"
BLINDJOIN_BOT_P2TR_DESCRIPTOR: "${BOT_P2TR_DESCRIPTOR:-}"
BLINDJOIN_BOT_P2TR_UTXO_ADDRESS: "${BOT_P2TR_UTXO_ADDRESS:-}"
BLINDJOIN_BOT_P2SH_P2WPKH_UTXO: "${BOT_P2SH_P2WPKH_UTXO:-}"
BLINDJOIN_BOT_P2SH_P2WPKH_DESCRIPTOR: "${BOT_P2SH_P2WPKH_DESCRIPTOR:-}"
BLINDJOIN_BOT_P2SH_P2WPKH_UTXO_ADDRESS: "${BOT_P2SH_P2WPKH_UTXO_ADDRESS:-}"
# Rotation counter persists across restarts via bot-data volume (D-94 / CD-28).
BLINDJOIN_BOT_COUNTER_FILE: "/app/data/bot_round_counter"
# Legacy v1.3 env vars — still honoured when BLINDJOIN_BOT_SCRIPT_TYPES=p2wpkh
# and BLINDJOIN_BOT_P2WPKH_UTXO is unset (D-98 backwards-compat fallthrough).
BLINDJOIN_UTXO: "${BOT_UTXO:-}"
BLINDJOIN_UTXO_WIF: "${BOT_WIF:-}"
BLINDJOIN_TARGET_DENOMINATION_SATS: "1000000"
volumes:
# bot-data volume stores the rotation counter file (BLINDJOIN_BOT_COUNTER_FILE).
# Survives container restarts so the bot advances type on each Docker restart cycle.
- bot-data:/app/data
depends_on:
coordinator:
condition: service_healthy
# Bot exits after each successful round (UTXO spent).
# restart: unless-stopped re-launches it; the rotation counter advances on restart.
restart: unless-stopped
volumes:
bitcoin-data:
# Stores the signet blockchain data. Survives container restarts.
coordinator-keys:
# Stores the coordinator's PKARR Ed25519 keypair.
# IMPORTANT: do not delete this volume — it is the coordinator's DHT identity.
# Back this volume up. Losing it creates a new DHT identity; participants holding
# the old pk:... will no longer discover you.
coordinator-data:
# Stores the append-only ban file (BLAME-05). Survives container restarts.
bot-data:
# Stores the bot rotation counter (BLINDJOIN_BOT_COUNTER_FILE). Survives container restarts.