notgiven688 · notgiven688 · Dec 18, 2018 · Dec 11, 2018 · Dec 11, 2018 · Dec 11, 2018
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM mono:5.12.0.226 AS webminerpool-build
+FROM mono:5.16 AS webminerpool-build
 
 ARG DONATION_LEVEL=0.03
 
@@ -8,16 +8,30 @@ COPY hash_cn /hash_cn
 RUN sed -ri "s/^(.*DonationLevel = )[0-9]\.[0-9]{2}/\1${DONATION_LEVEL}/" /server/Server/DevDonation.cs && \
 	apt-get -qq update && \
 	apt-get -qq install build-essential && \
+	rm -rf /var/lib/apt/lists/* && \
 	cd /hash_cn/libhash && \
 	make && \
 	cd /server && \
 	msbuild Server.sln /p:Configuration=Release_Server /p:Platform="any CPU"
 
-FROM mono:5.12.0.226
-
-VOLUME ["/root"]
+FROM mono:5.16
 
 RUN mkdir /webminerpool
+
+# Install acme.sh
+RUN apt-get -qq update && \
+	apt-get install -qq \
+		coreutils \
+		cron \
+		curl \
+		git \
+		openssl \
+		socat && \
+	rm -rf /var/lib/apt/lists/* && \
+	git clone https://github.com/Neilpang/acme.sh.git /root/acme.sh && \
+	cd /root/acme.sh && \
+	git checkout 2.7.9 && \
+	/root/acme.sh/acme.sh --install --home /root/.acme.sh
 COPY entrypoint.sh /entrypoint.sh
 COPY --from=webminerpool-build /server/Server/bin/Release_Server/server.exe /webminerpool
 COPY --from=webminerpool-build /server/Server/bin/Release_Server/pools.json /webminerpool

diff --git a/README.md b/README.md
@@ -150,7 +150,7 @@ The cryptonight hashing functions in C-code. With simple Makefiles (use the "mak
 Find the original pull request with instructions by nierdz [here](https://github.com/notgiven688/webminerpool/pull/62).
 
 Added Dockerfile and entrypoint.sh.
-Inside entrypoint.sh, a certificate is installed so you need to provide a domain name during docker run. The certificate is automatically renewed using a cronjob.
+Inside entrypoint.sh, if `$DOMAIN` is provided, a certificate is registered and packed in pkcs12 format to be used with server.exe.
 
 ```bash
 cd webminerpool
@@ -162,7 +162,7 @@ To run it:
 ```bash
 docker run -d -p 80:80 -p 8181:8181 -e DOMAIN=mydomain.com webminerpool
 ```
-You absolutely need to set a domain name.
+
 The 80:80 bind is used to obtain a certificate.
 The 8181:8181 bind is used for server itself.
 
@@ -172,6 +172,28 @@ If you want to bind these ports to a specific IP, you can do this:
 docker run -d -p xx.xx.xx.xx:80:80 -p xx.xx.xx.xx:8181:8181 -e DOMAIN=mydomain.com webminerpool
 ```
 
+You can even use docker-compose, here is a sample snippet:
+
+```
+webminer:
+  container_name: webminer
+  image: webminer:1.0
+  build:
+    context: ./webminerpool
+    args:
+      - DONATION_LEVEL=${WEBMINER_DONATION_LEVEL}
+  restart: always
+  ports:
+    - ${WEBMINER_IP}:80:80
+    - ${WEBMINER_IP}:8181:8181
+  environment:
+    DOMAIN: ${WEBMINER_DOMAIN}
+  networks:
+    - my-network
+```
+
+To use this snippet, you need to define `$WEBMINER_DONATION_LEVEL`, `$WEBMINER_DOMAIN` and `$WEBMINER_IP` in a `.env` file.
+
 # Developer Donations
 
 By default a server-side 3% dev-donation is configured. Leaving this fee at the current level is highly appreciated. If you want

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -1,33 +1,23 @@
 #!/usr/bin/env bash
 
+set -o errexit
+set -o pipefail
+set -o nounset
+
 # Check if $DOMAIN is set
-if [ -z $DOMAIN ]; then
-	echo -e "You need to set \$DOMAIN variable at run time\n"
-	echo -e "For example: docker run -d -p 80:80 -p 443:443 -e DOMAIN=example.com\n"
-	exit 1
+if [ -z "$DOMAIN" ]; then
+  echo -e "You did not set \$DOMAIN variable at run time. No certificate will be registered.\n"
+  echo -e "If you want to define it on command line here is an example:\n"
+  echo -e "docker run -d -p 80:80 -p 443:443 -e DOMAIN=example.com\n"
 else
-	# Install acme.sh
-	apt-get -qq update
-	apt-get install -qq \
-		cron \
-		openssl \
-		curl \
-		coreutils \
-		socat \
-		git
-	git clone https://github.com/Neilpang/acme.sh.git /root/acme.sh && \
-	cd /root/acme.sh && \
-	git checkout 2.7.8 && \
-	/root/acme.sh/acme.sh --install
-
-	# Generate SSL cert
-	/root/.acme.sh/acme.sh --issue --standalone -d ${DOMAIN} -d www.${DOMAIN}
-
-	# Generate pfx
-	openssl pkcs12 -export -out /webminerpool/certificate.pfx -inkey /root/.acme.sh/${DOMAIN}/${DOMAIN}.key -in /root/.acme.sh/${DOMAIN}/${DOMAIN}.cer -certfile /root/.acme.sh/${DOMAIN}/fullchain.cer -passin pass:miner -passout pass:miner
-
-	# Start server
-	pushd /webminerpool
-	exec /usr/bin/mono server.exe 
-
+  if [[ ! -f "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer" ]] || ! openssl x509 -checkend 0 -in "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer"; then
+    # Generate SSL cert
+    /root/.acme.sh/acme.sh --issue --standalone -d "${DOMAIN}" -d "www.${DOMAIN}"
+    # Generate pfx
+    openssl pkcs12 -export -out /webminerpool/certificate.pfx -inkey "/root/.acme.sh/${DOMAIN}/${DOMAIN}.key" -in "/root/.acme.sh/${DOMAIN}/${DOMAIN}.cer" -certfile "/root/.acme.sh/${DOMAIN}/fullchain.cer" -passin pass:miner -passout pass:miner
+  fi
 fi
+
+# Start server
+pushd /webminerpool
+exec /usr/bin/mono server.exe