afc8353fe0
* a few improvements to documentation, describing steps needed to build bitcoin |
10 years ago | |
---|---|---|
.. | ||
input-sources | 10 years ago | |
Dockerfile | 10 years ago | |
README.md | 10 years ago | |
build-bitcoin.sh | 10 years ago | |
gitian.patch | 10 years ago | |
sign.sh | 10 years ago |
README.md
Building bitcoin with a gitian-builder Docker container
This image allows automated gitian builds of bitcoin using a docker container. Before proceeding make sure you have created the necessary wheezy and gitian-host images, see these instructions for the creation of both.
Afterwards you can create the gitian-bitcoin-host image by running scripts/create-gitian-bitcoin-host.sh.
NOTE: this image currently supports only building of bitcoin 0.9.1, but it can be easily adapted to build other versions. You can submit the source lists for other versions as a patch or pull request, see directory input-sources/ for currently available versions.
Preamble
It is necessary that before you using these scripts you read them and understand what they do. Why? Because your goal is to create a gitian build (deterministic) that has not been tampered with.
See also:
- https://gitian.org/
- https://en.wikipedia.org/wiki/Web_of_trust
- http://www.dwheeler.com/trusting-trust/
- https://www.debian.org/
- https://www.docker.io/
- http://www.ubuntu.com/
Spawning a container
You can spawn a new container for Gitian bitcoin builds with:
This script will create the running docker container and provide details about how to connect via SSH to the container, example:
$ scripts/spawn-gitian-bitcoin-host.sh
You can now SSH into container 3bc0d0611374ca4d4730fd5fb1067808b1bcfd072ec7cf029393a7fd99ec856e:
ssh -o SendEnv= -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@172.17.0.3
$
Use this specific SSH command line to get a shell in the container and proceed to next steps.
NOTE: the SendEnv= is there to overcome an issue in gitian-builder that allows pollution of the LXC environment.
Preparing the gitian environment
First prepare the base VMs inside the gitian host container by running:
This operation will take a while; afterwards you can proceed to building bitcoin with:
- ./build-bitcoin.sh 0.9.1
Notice the parameter 0.9.1, that is the version we are going to build.
build-bitcoin.sh is a script that will download & build all the dependencies and then bitcoin itself, for both i386 and amd64 Linux architectures.
Signing
Now you have completed the build of bitcoin and only the signing part is left. Before doing that, you can verify if signatures are matching with those of other developers by peeking inside ~/gitian.sigs of the running container.
In order to sign you have to either put your private key in the container's ~/.gnupg or perform the signing externally, at your option.
If you have the private key in the container (also displayed by gpg -K
), then you can use the sign.sh script that is already in the running container, otherwise
run it (with failure) and then copy the *~/gitian.sigs~ directory to another machine to apply the GPG signature.
Submitting your signature
If everything went well, you can fork the gitian sigs repo, commit your signatures and submit a pull request for inclusion.