From 5bc3b26965a3ad2d0341d656c1406ae86aec78c4 Mon Sep 17 00:00:00 2001
From: Walter Oggioni <oggioni.walter@gmail.com>
Date: Tue, 13 Jan 2026 17:13:07 +0800
Subject: [PATCH] added monerod docker image

---
 .gitea/workflows/build-monerod.yaml |  35 ++++++++++
 monerod/APKBUILD                    |  70 +++++++++++++++++++
 monerod/Dockerfile                  |  46 +++++++++++++
 monerod/easylogging.patch           |  11 +++
 monerod/gcc13.patch                 |  24 +++++++
 monerod/loongarch64.patch           |  34 ++++++++++
 monerod/miniupnpc.patch             |  22 ++++++
 monerod/system-miniupnpc.patch      | 100 ++++++++++++++++++++++++++++
 monerod/version-string.patch        |  13 ++++
 9 files changed, 355 insertions(+)
 create mode 100644 .gitea/workflows/build-monerod.yaml
 create mode 100644 monerod/APKBUILD
 create mode 100644 monerod/Dockerfile
 create mode 100644 monerod/easylogging.patch
 create mode 100644 monerod/gcc13.patch
 create mode 100644 monerod/loongarch64.patch
 create mode 100644 monerod/miniupnpc.patch
 create mode 100644 monerod/system-miniupnpc.patch
 create mode 100644 monerod/version-string.patch

diff --git a/.gitea/workflows/build-monerod.yaml b/.gitea/workflows/build-monerod.yaml
new file mode 100644
index 0000000..e857a11
--- /dev/null
+++ b/.gitea/workflows/build-monerod.yaml
@@ -0,0 +1,35 @@
+
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'monerod/*'
+      - '.gitea/workflows/build-monerod.yaml'      
+jobs:
+  "Build monerod docker images":
+    runs-on: woryzen
+    steps:
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push monerod images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:monerod"
+          builder: multiplatform-builder
+          platforms: |
+            linux/amd64
+            linux/arm64
+          push: true
+          pull: true
+          tags: |
+            "gitea.woggioni.net/woggioni/monerod:latest"
+            "gitea.woggioni.net/woggioni/monerod:0.18.4.5"
+            
+
diff --git a/monerod/APKBUILD b/monerod/APKBUILD
new file mode 100644
index 0000000..19eb471
--- /dev/null
+++ b/monerod/APKBUILD
@@ -0,0 +1,70 @@
+# Contributor: André Klitzing <aklitzing@gmail.com>
+# Maintainer: André Klitzing <aklitzing@gmail.com>
+pkgname=monero
+pkgver=0.18.4.5
+pkgrel=0
+_ver_randomx=10494476d6236b177733224123747201dec180bb
+_ver_supercop=633500ad8c8759995049ccd022107d1fa8a1bbc9
+pkgdesc="Secure, private, untraceable cryptocurrency"
+url="https://getmonero.org/"
+arch="all !riscv64" # build failure
+license="BSD-3-Clause"
+makedepends="
+	boost-dev
+	cmake
+	cppzmq
+	hidapi-dev
+	libsodium-dev
+	miniupnpc-dev
+	openssl-dev>3
+	rapidjson-dev
+	readline-dev
+	samurai
+	unbound-dev
+	zeromq-dev
+	"
+options="!check"
+source="$pkgname-$pkgver.tar.gz::https://github.com/monero-project/monero/archive/refs/tags/v$pkgver.tar.gz
+	$pkgname-randomx-$_ver_randomx.tar.gz::https://github.com/tevador/RandomX/archive/$_ver_randomx.tar.gz
+	$pkgname-supercop-$_ver_supercop.tar.gz::https://github.com/monero-project/supercop/archive/$_ver_supercop.tar.gz
+	easylogging.patch
+	gcc13.patch
+	system-miniupnpc.patch
+	version-string.patch
+	loongarch64.patch
+	miniupnpc.patch
+	"
+
+prepare() {
+	default_prepare
+
+	rm -fr external/randomx external/supercop
+	ln -s $srcdir/RandomX-$_ver_randomx external/randomx
+	ln -s $srcdir/supercop-$_ver_supercop external/supercop
+}
+
+build() {
+	cmake -B build -G Ninja \
+		-DCMAKE_BUILD_TYPE=None \
+		-DCMAKE_INSTALL_PREFIX=/usr \
+		-DSTACK_TRACE=OFF \
+		-DMANUAL_SUBMODULES=1 \
+		-DARCH=default
+	cmake --build build
+}
+
+package() {
+	DESTDIR="$pkgdir" cmake --install build
+}
+
+sha512sums="
+9899c53e79fad57fd66a77b2053fd2d9856b1834a041800826337110b9f8188300b67c78d5c93dbd01510f7bf6b9c682f19f154ceb9ecad6adf818474b517cfa  monero-0.18.4.5.tar.gz
+41ab097ec43b79844f4e9f2143ead381bcda228e6eae6fe082f078846ca2e3e50e2800f645355f879dc14ef7980c98a4019da9f9aaa2175b59c80e099d5be3fc  monero-randomx-10494476d6236b177733224123747201dec180bb.tar.gz
+06cca8d1def31aa11bf5aa42d861c4a027786f7cc494fa3ab53a2bc4bd9d1f55b2389020ba5fd1816ed277b6e4320ad8edbb3117dcf4981fc7fba655c4bbe648  monero-supercop-633500ad8c8759995049ccd022107d1fa8a1bbc9.tar.gz
+c149f1e6a6968115f95213d512116457b36665ff1159c5137dda45fa27712ce6f088b908663fb429b8e5f74e41d6cd57669db79d596564ddaca481dbdc63393e  easylogging.patch
+9d1ae2b057d49abb1fcd04744069bc3898f8822db2ecf259bc6f0f8b20c4871ba9947356c548e43d2fc20aa4aa03aaf02e0052d53056028d334638c0a360842a  gcc13.patch
+15aacc364c0877bce1113c65c40daf33287bc9f26d94e0d8841940eb9fa7a9abf3c25f6ab37a9f91cdb093668e2a345a59b0a6a0e3f06dbad1078530f216dc72  system-miniupnpc.patch
+411d041754bf801a4dcff6eb52d0d7fa29ad07ce673f956764b2d4b8c8252233b5f09f8833f8461be0f9b0c922748db71fecad04ae755c61ebe50113e2648485  version-string.patch
+f71bace84a4569cf6c7e094303bb98ba7472d8e8f35b5ece4d5d1e60b3c6a75fb212cbf88a3bc5a5b0ef28a645c7b1c32520f940fa935e42421885cfb0268f74  loongarch64.patch
+c7e143b31906e1b08f8c04374a8ec5285d83bb8f5a958e2bbd1c2d4fc78645e3a43f456eb321810998ff4c147a85d9617188eb68b3287e7279b2495805645939  miniupnpc.patch
+"
diff --git a/monerod/Dockerfile b/monerod/Dockerfile
new file mode 100644
index 0000000..f6f5cf6
--- /dev/null
+++ b/monerod/Dockerfile
@@ -0,0 +1,46 @@
+FROM alpine:3.23 AS base
+
+FROM base AS builder
+RUN --mount=type=cache,target=/var/cache/apk apk update
+RUN --mount=type=cache,target=/var/cache/apk apk add \
+	abuild \
+  build-base \
+	boost-dev \
+	cmake \
+  cppzmq \
+  hidapi-dev \
+  libsodium-dev \
+  miniupnpc-dev \
+  openssl-dev \
+  rapidjson-dev \
+  readline-dev \
+  samurai \
+  unbound-dev \
+  zeromq-dev
+
+RUN adduser -D -G abuild luser
+USER luser
+WORKDIR /home/luser
+
+ADD --chown=luser:luser ./APKBUILD .
+ADD --chown=luser:luser ./easylogging.patch .
+ADD --chown=luser:luser ./gcc13.patch .
+ADD --chown=luser:luser ./system-miniupnpc.patch .
+ADD --chown=luser:luser ./version-string.patch .
+ADD --chown=luser:luser ./loongarch64.patch .
+ADD --chown=luser:luser ./miniupnpc.patch .
+RUN abuild-keygen -a -n
+USER root
+RUN cp /home/luser/.abuild/*.pub /etc/apk/keys/
+USER luser
+RUN abuild
+
+
+FROM base AS release
+RUN adduser -D -h /var/lib/monero monero
+RUN --mount=type=bind,from=builder,source=/home/luser/.abuild,target=/.abuild cp /.abuild/*.pub /etc/apk/keys
+RUN --mount=type=bind,from=builder,source=/home/luser/packages,target=/packages apk add /packages/*/*/*.apk
+USER monero
+WORKDIR /var/lib/monero
+ENTRYPOINT /usr/bin/monerod
+
diff --git a/monerod/easylogging.patch b/monerod/easylogging.patch
new file mode 100644
index 0000000..3cddc78
--- /dev/null
+++ b/monerod/easylogging.patch
@@ -0,0 +1,11 @@
+--- a/external/easylogging++/easylogging++.h
++++ b/external/easylogging++/easylogging++.h
+@@ -221,7 +221,7 @@
+ #  define ELPP_INTERNAL_INFO(lvl, msg)
+ #endif  // (defined(ELPP_DEBUG_INFO))
+ #if (defined(ELPP_FEATURE_ALL)) || (defined(ELPP_FEATURE_CRASH_LOG))
+-#  if (ELPP_COMPILER_GCC && !ELPP_MINGW && !ELPP_OS_OPENBSD && !ELPP_OS_NETBSD && !ELPP_OS_ANDROID && !ELPP_OS_EMSCRIPTEN)
++#  if (__has_include(<execinfo.h>) && ELPP_COMPILER_GCC && !ELPP_MINGW && !ELPP_OS_OPENBSD && !ELPP_OS_NETBSD && !ELPP_OS_ANDROID && !ELPP_OS_EMSCRIPTEN)
+ #    define ELPP_STACKTRACE 1
+ #  else
+ #    define ELPP_STACKTRACE 0
diff --git a/monerod/gcc13.patch b/monerod/gcc13.patch
new file mode 100644
index 0000000..6d80de0
--- /dev/null
+++ b/monerod/gcc13.patch
@@ -0,0 +1,24 @@
+diff --git a/contrib/epee/src/file_io_utils.cpp b/contrib/epee/src/file_io_utils.cpp
+index c0798a5..4549ead 100644
+--- a/contrib/epee/src/file_io_utils.cpp
++++ b/contrib/epee/src/file_io_utils.cpp
+@@ -26,6 +26,7 @@
+ 
+ #include "file_io_utils.h"
+ 
++#include <cstdint>
+ #include <fstream>
+ #include <boost/filesystem/path.hpp>
+ #include <boost/filesystem/operations.hpp>
+diff --git a/src/common/combinator.cpp b/src/common/combinator.cpp
+index 72b1397..c98e3da 100644
+--- a/src/common/combinator.cpp
++++ b/src/common/combinator.cpp
+@@ -29,6 +29,7 @@
+ //
+ // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+ 
++#include <cstdint>
+ #include "combinator.h"
+ 
+ namespace tools {
diff --git a/monerod/loongarch64.patch b/monerod/loongarch64.patch
new file mode 100644
index 0000000..20c6de6
--- /dev/null
+++ b/monerod/loongarch64.patch
@@ -0,0 +1,34 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 8fb03ba..3fbd9cf 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -335,6 +335,11 @@ set(RISCV   1)
+ set(RISCV32 1)
+ endif()
+ 
++if(ARCH_ID STREQUAL "loongarch64")
++set(LOONGARCH 1)
++set(LOONGARCH64 1)
++endif()
++
+ if(WIN32 OR ARM OR PPC64LE OR PPC64 OR PPC)
+   set(OPT_FLAGS_RELEASE "-O2")
+ else()
+@@ -748,7 +753,7 @@ else()
+     message(STATUS "AES support explicitly disabled")
+     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DNO_AES")
+     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DNO_AES")
+-  elseif(NOT ARM AND NOT PPC64LE AND NOT PPC64 AND NOT PPC AND NOT S390X AND NOT RISCV)
++  elseif(NOT ARM AND NOT PPC64LE AND NOT PPC64 AND NOT PPC AND NOT S390X AND NOT RISCV AND NOT LOONGARCH64)
+     message(STATUS "AES support enabled")
+     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -maes")
+     set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -maes")
+@@ -762,6 +767,8 @@ else()
+     message(STATUS "AES support not available on ARMv6")
+   elseif(ARM7)
+     message(STATUS "AES support not available on ARMv7")
++  elseif(LOONGARCH64)
++    message(STATUS "AES support not available on LoongArch64")
+   elseif(ARM8)
+     CHECK_CXX_ACCEPTS_FLAG("-march=${ARCH}+crypto" ARCH_PLUS_CRYPTO)
+     if(ARCH_PLUS_CRYPTO)
diff --git a/monerod/miniupnpc.patch b/monerod/miniupnpc.patch
new file mode 100644
index 0000000..bf65875
--- /dev/null
+++ b/monerod/miniupnpc.patch
@@ -0,0 +1,22 @@
+API changed in miniupnpc 2.2.8
+
+--- a/src/p2p/net_node.inl
++++ b/src/p2p/net_node.inl
+@@ -2989,7 +2989,7 @@
+     UPNPUrls urls;
+     IGDdatas igdData;
+     char lanAddress[64];
+-    result = UPNP_GetValidIGD(deviceList, &urls, &igdData, lanAddress, sizeof lanAddress);
++    result = UPNP_GetValidIGD(deviceList, &urls, &igdData, lanAddress, sizeof lanAddress, nullptr, 0);
+     freeUPNPDevlist(deviceList);
+     if (result > 0) {
+       if (result == 1) {
+@@ -3057,7 +3057,7 @@
+     UPNPUrls urls;
+     IGDdatas igdData;
+     char lanAddress[64];
+-    result = UPNP_GetValidIGD(deviceList, &urls, &igdData, lanAddress, sizeof lanAddress);
++    result = UPNP_GetValidIGD(deviceList, &urls, &igdData, lanAddress, sizeof lanAddress, nullptr, 0);
+     freeUPNPDevlist(deviceList);
+     if (result > 0) {
+       if (result == 1) {
diff --git a/monerod/system-miniupnpc.patch b/monerod/system-miniupnpc.patch
new file mode 100644
index 0000000..9532a10
--- /dev/null
+++ b/monerod/system-miniupnpc.patch
@@ -0,0 +1,100 @@
+--- monero-0.18.4.1/CMakeLists.txt
++++ monero-0.18.4.1.final/CMakeLists.txt
+@@ -676,6 +676,14 @@
+ include_directories("${CMAKE_CURRENT_BINARY_DIR}/translations")
+ add_subdirectory(external)
+ 
++# Final setup for miniupnpc
++if(UPNP_STATIC OR IOS)
++  add_definitions("-DUPNP_STATIC")
++else()
++  add_definitions("-DUPNP_DYNAMIC")
++  include_directories(${UPNP_INCLUDE})
++endif()
++
+ # Final setup for libunbound
+ include_directories(${UNBOUND_INCLUDE_DIR})
+ 
+--- monero-0.18.4.1/external/CMakeLists.txt
++++ monero-0.18.4.1.final/external/CMakeLists.txt
+@@ -34,25 +34,45 @@
+ # We always compile if we are building statically to reduce static dependency issues...
+ # ...except for FreeBSD, because FreeBSD is a special case that doesn't play well with
+ # others.
++if(NOT IOS)
++    find_package(Miniupnpc QUIET)
++endif()
+ 
+-find_package(Miniupnpc REQUIRED)
+-
+-message(STATUS "Using in-tree miniupnpc")
+-set(UPNPC_NO_INSTALL TRUE CACHE BOOL "Disable miniupnp installation" FORCE)
+-set(UPNPC_BUILD_SHARED OFF CACHE BOOL "Disable building shared library" FORCE)
+-add_subdirectory(miniupnp/miniupnpc)
+-set_property(TARGET libminiupnpc-static PROPERTY FOLDER "external")
+-set_property(TARGET libminiupnpc-static PROPERTY POSITION_INDEPENDENT_CODE ON)
+-if(MSVC)
+-  set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -wd4244 -wd4267")
+-elseif(NOT MSVC)
+-  set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -Wno-undef -Wno-unused-result -Wno-unused-value")
++# If we have the correct shared version and we're not building static, use it
++if(STATIC OR IOS)
++ set(USE_SHARED_MINIUPNPC false)
++elseif(MINIUPNP_FOUND AND MINIUPNPC_VERSION_1_7_OR_HIGHER)
++ set(USE_SHARED_MINIUPNPC true)
+ endif()
+ if(CMAKE_SYSTEM_NAME MATCHES "NetBSD")
+ 	set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -D_NETBSD_SOURCE")
+ endif()
+ 
+-set(UPNP_LIBRARIES "libminiupnpc-static" PARENT_SCOPE)
++if(USE_SHARED_MINIUPNPC)
++  message(STATUS "Using shared miniupnpc found at ${MINIUPNP_INCLUDE_DIR}")
++
++  set(UPNP_STATIC false PARENT_SCOPE)
++  set(UPNP_INCLUDE ${MINIUPNP_INCLUDE_DIR} PARENT_SCOPE)
++  set(UPNP_LIBRARIES ${MINIUPNP_LIBRARY} PARENT_SCOPE)
++else()
++  if(STATIC)
++    message(STATUS "Using miniupnpc from local source tree for static build")
++  else()
++    message(STATUS "Using miniupnpc from local source tree (/external/miniupnp/miniupnpc)")
++  endif()
++  add_subdirectory(miniupnp/miniupnpc)
++
++  set_property(TARGET libminiupnpc-static PROPERTY FOLDER "external")
++  if(MSVC)
++    set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -wd4244 -wd4267")
++  elseif(NOT MSVC)
++    set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -Wno-undef -Wno-unused-result -Wno-unused-value")
++  endif()
++
++  set(UPNP_STATIC true PARENT_SCOPE)
++  set(UPNP_LIBRARIES "libminiupnpc-static" PARENT_SCOPE)
++endif()
++
+ 
+ find_package(Unbound)
+ 
+--- monero-0.18.4.1/src/p2p/net_node.inl
++++ monero-0.18.4.1.final/src/p2p/net_node.inl
+@@ -60,9 +60,16 @@
+ #include "cryptonote_core/cryptonote_core.h"
+ #include "net/parse.h"
+ 
+-#include <miniupnp/miniupnpc/miniupnpc.h>
+-#include <miniupnp/miniupnpc/upnpcommands.h>
+-#include <miniupnp/miniupnpc/upnperrors.h>
++// We have to look for miniupnpc headers in different places, dependent on if its compiled or external
++#ifdef UPNP_STATIC
++  #include <miniupnp/miniupnpc/miniupnpc.h>
++  #include <miniupnp/miniupnpc/upnpcommands.h>
++  #include <miniupnp/miniupnpc/upnperrors.h>
++#else
++  #include "miniupnpc.h"
++  #include "upnpcommands.h"
++  #include "upnperrors.h"
++#endif
+ 
+ #undef MONERO_DEFAULT_LOG_CATEGORY
+ #define MONERO_DEFAULT_LOG_CATEGORY "net.p2p"
diff --git a/monerod/version-string.patch b/monerod/version-string.patch
new file mode 100644
index 0000000..f64be9d
--- /dev/null
+++ b/monerod/version-string.patch
@@ -0,0 +1,13 @@
+diff --git a/cmake/Version.cmake b/cmake/Version.cmake
+index 3677e80..490de2c 100644
+--- a/cmake/Version.cmake
++++ b/cmake/Version.cmake
+@@ -32,7 +32,7 @@ function (write_static_version_header hash)
+ endfunction ()
+ 
+ find_package(Git QUIET)
+-if ("$Format:$" STREQUAL "")
++if ("$Format:$" STREQUAL "" OR NOT EXISTS .git)
+   # We're in a tarball; use hard-coded variables.
+   set(VERSION_IS_RELEASE "true")
+   write_version("release")