Update README.md for Bitcoin Core Docker Image

- Updated base image from `debian:bullseye-slim` to `debian:bookworm-slim`.
- Added `BITCOIN_VERSION` build argument to specify the version of Bitcoin Core (default: `v29.0`).
- Modified dependencies to include `cmake` and `libsqlite3-dev`.
- Improved build process steps by specifying version checkout and using CMake.
- Detailed improvements in final image dependencies, including `libssl3` and `libevent` libraries.
- Enhanced security section by introducing a non-root `bitcoin` user and specifying ownership of the `/bitcoin` directory.
- Updated Docker commands in the build and run sections to reflect the new default version of Bitcoin Core (`v29.0`).
- Added security considerations regarding the non-root user setup.

Signed-off-by: Artem Barger <artem@bargr.net>

Author: C0rWin

README.md

@@ -9,43 +9,59 @@ source and another for creating the final runtime image with only the necessary
 
 ### Stage 1: Build Bitcoin Core
 
-- **Base Image**: `debian:bullseye-slim`
+- **Base Image**: `debian:bookworm-slim`
+- **Build Arguments**:
+  - `BITCOIN_VERSION`: Version of Bitcoin Core to build (default: `v29.0`)
 - **Dependencies Installed**:
-  - `automake`, `autotools-dev`, `build-essential`, `git`, `libtool`, `pkg-config`, `python3-minimal`
+  - `automake`, `cmake`, `autotools-dev`, `build-essential`, `git`, `libtool`, `pkg-config`, `python3-minimal`
   - Boost libraries (`libboost-system-dev`, `libboost-filesystem-dev`, `libboost-chrono-dev`, `libboost-program-options-dev`, `libboost-test-dev`, 
 `libboost-thread-dev`)
   - OpenSSL and libevent development libraries
-  - `libdb++-dev`, `bsdmainutils`
+  - `libdb++-dev`, `bsdmainutils`, `libsqlite3-dev`
 - **Build Process**:
-  - Clones the Bitcoin Core repository (`v25.1`).
-  - Configures, builds, and strips the `bitcoin-cli` binary.
+  - Clones the Bitcoin Core repository.
+  - Checks out the specified version (default: `v29.0`).
+  - Uses CMake to configure and build the binaries.
 
 ### Stage 2: Final Image
 
-- **Base Image**: `debian:bullseye-slim`
+- **Base Image**: `debian:bookworm-slim`
 - **Dependencies Installed**:
-  - Boost runtime libraries
-  - OpenSSL and libevent runtime libraries
+  - Boost runtime libraries (version 1.74.0)
+  - `libssl3` (updated from libssl1.1)
+  - `libevent-2.1-7`, `libevent-extra-2.1-7`, `libevent-pthreads-2.1-7`
   - `iproute2`, `iptables`
+  - `libsqlite3-0`
 - **Binary Copies**:
-  - `bitcoind` and `bitcoin-cli` from the builder stage.
+  - `bitcoind` and `bitcoin-cli` from the builder stage, installed to `/usr/local/bin/`.
+- **Security**:
+  - Creates a non-root `bitcoin` user and group to run the container.
+  - Sets proper ownership of the `/bitcoin` directory.
 - **Volume**:
   - `/bitcoin` for data storage.
 - **Ports Exposed**:
   - `8332` (RPC)
   - `8333` (P2P)
 - **Entry Point**:
-  - Runs `bitcoind` with default configuration options.
+  - Runs `bitcoind` as the `bitcoin` user with default configuration options.
 
 ## How to Build the Image
 
-To build the Docker image, navigate to the directory containing the `Dockerfile` and run the following command:
+### Default Build
+
+To build the Docker image with the default Bitcoin Core version (v29.0), navigate to the directory containing the `Dockerfile` and run:
 
 ```sh
-docker build -t bitcoin-core:v25.1 .
+docker build -t bitcoin-core:v29.0 .
 ```
 
-This will create a Docker image tagged as `bitcoin-core:v25.1`.
+### Custom Version Build
+
+To build a specific version of Bitcoin Core, use the `--build-arg` flag:
+
+```sh
+docker build --build-arg BITCOIN_VERSION=v28.0 -t bitcoin-core:v28.0 .
+```
 
 ## How to Run the Container
 
@@ -54,7 +70,7 @@ This will create a Docker image tagged as `bitcoin-core:v25.1`.
 To run a Bitcoin Core node, use the following command:
 
 ```sh
-docker run -d --name bitcoin-node -v bitcoin-data:/bitcoin -p 8332:8332 -p 8333:8333 bitcoin-core:v25.1
+docker run -d --name bitcoin-node -v bitcoin-data:/bitcoin -p 8332:8332 -p 8333:8333 bitcoin-core:v29.0
 ```
 
 - `-d`: Runs the container in detached mode.
@@ -72,7 +88,7 @@ You can provide a custom configuration file (`bitcoin.conf`) by mounting it into
 Example:
 
 ```sh
-docker run -d --name bitcoin-node -v bitcoin-data:/bitcoin -v /path/to/bitcoin.conf:/bitcoin/bitcoin.conf -p 8332:8332 -p 8333:8333 bitcoin-core:v25.1
+docker run -d --name bitcoin-node -v bitcoin-data:/bitcoin -v /path/to/bitcoin.conf:/bitcoin/bitcoin.conf -p 8332:8332 -p 8333:8333 bitcoin-core:v29.0
 ```
 
 ### Using RPC
@@ -100,7 +116,15 @@ daemon=0
 
 **Note**: Adjust the `rpcuser` and `rpcpassword` to secure your node.
 
+## Security Considerations
+
+This container runs as a non-root user (`bitcoin`), which provides an additional layer of security. The `bitcoin` user has:
+
+- Limited permissions within the container
+- Ownership only of the `/bitcoin` directory
+- No login shell (`/sbin/nologin`)
+
 ## Conclusion
 
-This Docker setup provides a convenient way to run a Bitcoin Core node in an isolated environment, making it easy to manage and scale. For more advanced 
+This Docker setup provides a convenient and secure way to run a Bitcoin Core node in an isolated environment, making it easy to manage and scale. For more advanced 
 configurations, refer to the [Bitcoin Core documentation](https://bitcoin.org/en/full-node).