Dockerfiles for building and running GNUnet.
gnunet-docker is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
gnunet-docker is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.
SPDX-License-Identifier: AGPL3.0-or-later
The deploy image is build in a multi-stage build from Dockerfile
:
The "builder" stage is used to compile GNUnet (core and Gtk) from source code that is pulled from the official GNUnet Git repository (https://gnunet.org/git/). The compiled binaries (programs and libraries) are packaged into a tar.gz; the archive will later be used to install GNUnet into the deployment image.
The Dockerfile specifies the Git revision/tag of the GNUnet repository to be
build (ENV GNUNET_VERSION v0.11.0
) and needs be be changed if you want
to build a different version of GNUnet. Use ENV GNUNET_VERSION latest
to
build the latest version of GNUnet. The specified version must be consistent
between core and Gtk repositories.
If the GNUnet repositories change after the initial build, you need to re-
build the image. Just run the mk_deploy
script again. This way also newer
Debian packages are installed.
The "deploy" stage is used to run GNUnet as a Docker container. It installs the archive of compiled binaries from the "builder" stage and installs all required runtime dependencies.
The Dockerfile (Dockerfile
) is compiled into an image using the mk_deploy
script.
Before running the deploy image
, you need to setup the runtime environment for
GNUnet. This runtime is a directory stored outside of the Docker container on
the host file-system. This way configuration changes are persistent between
GNUnet sessions (running/terminating the Docker image).
To initialize the runtime directory run:
$ ./init_deploy ${GNUNET_RUNTIME}
and set ${GNUNET_RUNTIME}
to a directory of your choice. Please note that you
need sudo
privileges to successfully run the script.
You should now edit the configuration files to customize them to your needs:
This file will be accessible as /etc/gnunet.conf
in the Docker container and
specifies the system configuration. The default configuration is an example for
an IPv4-only system behind a punched NAT. You will at least need to replace the
line EXTERNAL_ADDRESS = xxx.xxx.xxx.xxx
with your public IPv4 address.
You need sudo
to edit the configuration file as non-root.
This file specifies the user configuration and need to be copied manually to the correct location (see "Running GNUnet").
You need sudo
to edit the configuration file as non-root and if your user id
is not 1000
.
The container is run using the run_deploy
script (that you need to customize
for the local directories on your host system):
docker run --rm -ti --name gnunet -h gnunet \
--cap-add=NET_ADMIN --cap-add=NET_BROADCAST --device=/dev/net/tun \
-e DISPLAY=${DISPLAY} \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v ${GNUNET_RUNTIME}/user:/home/user \
-v ${GNUNET_RUNTIME}/system:/var/lib/gnunet \
-p 0.0.0.0:2086:2086 \
-p 0.0.0.0:1080:1080 \
bfix/gnunet
It maps to the two folders in ${GNUNET_RUNTIME}
: the home directories for the
user gnunet
(GNUnet system account) and user
(GNUnet user account). If you
have created these folders yourself (and not by running the init_deploy
script), make sure that your folders have the following uid/gid assignments:
${GNUNET_RUNTIME}/user
: (uid=1000/gid=1000)${GNUNET_RUNTIME}/system
: (uid=666 /gid=666 )
When the container is run, a shell is opened for user user
and no GNUnet
programs are started. To start GNUnet (system and user part), run the
/usr/bin/gnunet-start
script with an appropriate argument.
Please follow the instruction on the GNUnet website (https://gnunet.org/) to setup and customize your GNUnet instance.
$ gnunet-start [sys|usr|all]
For normal interactive use specify the all
argument.
You can now run GNUnet programs as you like.
$ gnunet-end [sys|usr|all]
To quit the container, stop GNUnet by running the /usr/bin/gnunet-stop
script
and exit the shell.
The container used to run the GNUnet image is automatically removed (if you
use the --rm
option when running the image).
This Docker image can be used to compile and run GNUnet in a development
environment. The corresponding Dockerfile (Dockerfile.dev
) is compiled into
an image using the mk_dev
script.
The container is run using the run_dev
script (that you need to customize
for a local directory on your host system). The directory is specified at
the beginning of the script:
export GNUNET_RUNTIME=${1:-/usr/local/gnunet/rt}
The directory GNUNET_RUNTIME
maps three subfolders into the container:
the home directories for the user gnunet
(GNUnet system account); user
(GNUnet user account), build
for the compiled binaries and src
to hold
the source repositories. If you have created these folders yourself (and
not by running the init_deploy
script), make sure that your folders have
the following uid/gid assignments:
${GNUNET_RUNTIME}/user
: (uid=1000/gid=1000)${GNUNET_RUNTIME}/system
: (uid=666 /gid=666 )${GNUNET_RUNTIME}/build
: (uid=1000/gid=1000)${GNUNET_RUNTIME}/src
: (uid=1000/gid=1000)
If the container is started (it opens a bash shell), you need to run
sudo /sbin/ldconfig
first before trying to start GNUnet. This is mandatory
for every start of the container.