From 92eb6c8ca1fca9d2d3691b754cf8102dd83408fd Mon Sep 17 00:00:00 2001
From: caryoscelus <caryoscelus@gmx.com>
Date: Fri, 17 Nov 2023 23:39:17 +0000
Subject: [PATCH] Update/rewrite docker files

---
 .dockerignore                                 |  4 ++-
 .gitignore                                    |  1 +
 Dockerfile                                    | 17 ----------
 Dockerfile.integrated_tor                     | 18 -----------
 Dockerfile.tor                                | 10 ------
 docker/Dockerfile                             | 25 +++++++++++++++
 docker/debian.Dockerfile                      | 26 ++++++++++++++++
 .../docker-compose.yml                        | 29 +++++++++--------
 docker/tor.Dockerfile                         |  9 ++++++
 docker/znctor.Dockerfile                      | 31 +++++++++++++++++++
 10 files changed, 111 insertions(+), 59 deletions(-)
 delete mode 100644 Dockerfile
 delete mode 100644 Dockerfile.integrated_tor
 delete mode 100644 Dockerfile.tor
 create mode 100644 docker/Dockerfile
 create mode 100644 docker/debian.Dockerfile
 rename docker-compose.yml => docker/docker-compose.yml (60%)
 create mode 100644 docker/tor.Dockerfile
 create mode 100644 docker/znctor.Dockerfile

diff --git a/.dockerignore b/.dockerignore
index 06de9748..620039c9 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,5 @@
 venv
-Dockerfile*
+docker
 data
+__pycahce__
+log
diff --git a/.gitignore b/.gitignore
index 35e7c766..2fce8187 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,6 +19,7 @@ __pycache__/
 
 # Data dir
 data/*
+docker/data/
 *.db
 
 # Virtualenv
diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index 955ce752..00000000
--- a/Dockerfile
+++ /dev/null
@@ -1,17 +0,0 @@
-FROM python:3.10.4-alpine
-
-RUN apk --update --no-cache --no-progress add gcc libffi-dev musl-dev make openssl g++
-
-WORKDIR /app
-COPY . .
-
-RUN python3 -m venv venv \
- && source venv/bin/activate \
- && python3 -m pip install -r requirements.txt
-
-CMD source venv/bin/activate \
- && python3 zeronet.py --ui_ip "*" --fileserver_port 26552 \
-    --tor $TOR_ENABLED --tor_controller tor:$TOR_CONTROL_PORT \
-    --tor_proxy tor:$TOR_SOCKS_PORT --tor_password $TOR_CONTROL_PASSWD main
-
-EXPOSE 43110 26552
diff --git a/Dockerfile.integrated_tor b/Dockerfile.integrated_tor
deleted file mode 100644
index 20c4425a..00000000
--- a/Dockerfile.integrated_tor
+++ /dev/null
@@ -1,18 +0,0 @@
-FROM python:3.10.4-alpine
-
-RUN apk --update --no-cache --no-progress add tor gcc libffi-dev musl-dev make openssl g++ \
- && echo "ControlPort 9051" >> /etc/tor/torrc \
- && echo "CookieAuthentication 1" >> /etc/tor/torrc
-
-WORKDIR /app
-COPY . .
-
-RUN python3 -m venv venv \
- && source venv/bin/activate \
- && python3 -m pip install -r requirements.txt
-
-CMD (tor&) \
- && source venv/bin/activate \
- && python3 zeronet.py --ui_ip "*" --fileserver_port 26552
-
-EXPOSE 43110 26552
diff --git a/Dockerfile.tor b/Dockerfile.tor
deleted file mode 100644
index b085747f..00000000
--- a/Dockerfile.tor
+++ /dev/null
@@ -1,10 +0,0 @@
-FROM alpine:3.16.0
-
-RUN apk --update --no-cache --no-progress add tor
-
-CMD hashed_control_password=$(tor --quiet --hash-password $TOR_CONTROL_PASSWD) \
- && tor --SocksPort 0.0.0.0:$TOR_SOCKS_PORT \
-        --ControlPort 0.0.0.0:$TOR_CONTROL_PORT \
-        --HashedControlPassword $hashed_control_password
-
-EXPOSE $TOR_SOCKS_PORT $TOR_CONTROL_PORT
diff --git a/docker/Dockerfile b/docker/Dockerfile
new file mode 100644
index 00000000..71613800
--- /dev/null
+++ b/docker/Dockerfile
@@ -0,0 +1,25 @@
+FROM python:3.12-alpine
+
+RUN apk --update --no-cache --no-progress add git gcc libffi-dev musl-dev make openssl g++ autoconf automake libtool
+
+RUN adduser -u 1600 -D service-0net
+
+USER service-0net:service-0net
+
+WORKDIR /home/service-0net
+
+COPY requirements.txt .
+
+RUN python3 -m pip install -r requirements.txt
+
+# the part below is updated with source updates
+
+COPY . .
+
+ENTRYPOINT python3 zeronet.py --ui_ip "*" --fileserver_port 26552 \
+    --tor $TOR_ENABLED --tor_controller tor:$TOR_CONTROL_PORT \
+    --tor_proxy tor:$TOR_SOCKS_PORT --tor_password $TOR_CONTROL_PASSWD
+
+CMD main
+
+EXPOSE 43110 26552
diff --git a/docker/debian.Dockerfile b/docker/debian.Dockerfile
new file mode 100644
index 00000000..8507914b
--- /dev/null
+++ b/docker/debian.Dockerfile
@@ -0,0 +1,26 @@
+FROM python:3.12-slim-bookworm
+
+RUN apt-get update
+RUN apt-get -y install git openssl pkg-config libffi-dev python3-pip python3-dev build-essential libtool
+
+RUN useradd -u 1600 -m service-0net
+
+USER service-0net:service-0net
+
+WORKDIR /home/service-0net
+
+COPY requirements.txt .
+
+RUN python3 -m pip install -r requirements.txt
+
+# the part below is updated with source updates
+
+COPY . .
+
+ENTRYPOINT python3 zeronet.py --ui_ip "*" --fileserver_port 26552 \
+    --tor $TOR_ENABLED --tor_controller tor:$TOR_CONTROL_PORT \
+    --tor_proxy tor:$TOR_SOCKS_PORT --tor_password $TOR_CONTROL_PASSWD
+
+CMD main
+
+EXPOSE 43110 26552
diff --git a/docker-compose.yml b/docker/docker-compose.yml
similarity index 60%
rename from docker-compose.yml
rename to docker/docker-compose.yml
index 5da1fc26..b953699f 100644
--- a/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -1,29 +1,31 @@
 version: '3'
+
 services:
   tor:
     tty: true
     stdin_open: true
     build:
-      context: .
-      dockerfile: Dockerfile.tor
+      context: ..
+      dockerfile: docker/tor.Dockerfile
     networks:
       - 0net-network
-    ports:
-      - "9050:9050"
-      - "9051:9051"
     environment: &tor-environments
+      # since we are using tor internally, password doesn't really matter
       TOR_CONTROL_PASSWD: some_password
       TOR_SOCKS_PORT: 9050
       TOR_CONTROL_PORT: 9051
-  0net:
+
+  0net-conservancy:
     tty: true
     stdin_open: true
     build:
-      context: .
+      context: ..
+      dockerfile: docker/Dockerfile
     networks:
       - 0net-network
     volumes:
-      - 0net-data:/app/data
+      # NOTE: this refers to docker/data..
+      - ./data:/home/service-0net/data
     ports:
       - "26552:26552"
       - "43110:43110"
@@ -32,20 +34,21 @@ services:
     environment:
       TOR_ENABLED: enable
       <<: *tor-environments
+
   0net-tor:
     tty: true
     stdin_open: true
     build:
-      context: .
-      dockerfile: Dockerfile.integrated_tor
+      context: ..
+      dockerfile: docker/znctor.Dockerfile
     networks:
       - 0net-network
     volumes:
-      - 0net-data:/app/data
+      # NOTE: this refers to docker/data..
+      - ./data:/home/service-0net/data
     ports:
       - "26552:26552"
       - "43110:43110"
-volumes:
-  0net-data:
+
 networks:
   0net-network:
diff --git a/docker/tor.Dockerfile b/docker/tor.Dockerfile
new file mode 100644
index 00000000..77fa00e5
--- /dev/null
+++ b/docker/tor.Dockerfile
@@ -0,0 +1,9 @@
+FROM alpine:3.18
+
+RUN apk --update --no-cache --no-progress add tor
+
+USER tor
+
+CMD tor --SocksPort 0.0.0.0:${TOR_SOCKS_PORT} --ControlPort 0.0.0.0:${TOR_CONTROL_PORT} --HashedControlPassword $(tor --quiet --hash-password $TOR_CONTROL_PASSWD)
+
+EXPOSE $TOR_SOCKS_PORT $TOR_CONTROL_PORT
diff --git a/docker/znctor.Dockerfile b/docker/znctor.Dockerfile
new file mode 100644
index 00000000..152bca70
--- /dev/null
+++ b/docker/znctor.Dockerfile
@@ -0,0 +1,31 @@
+FROM python:3.12-alpine
+
+RUN apk --update --no-cache --no-progress add git gcc libffi-dev musl-dev make openssl g++ autoconf automake libtool
+RUN apk add tor
+
+RUN echo "ControlPort 9051" >> /etc/tor/torrc
+RUN echo "CookieAuthentication 1" >> /etc/tor/torrc
+
+RUN adduser -u 1600 -D service-0net
+
+USER service-0net:service-0net
+
+WORKDIR /home/service-0net
+
+COPY requirements.txt .
+
+RUN python3 -m pip install -r requirements.txt
+
+RUN echo "tor &" > start.sh
+RUN echo "python3 zeronet.py --ui_ip '*' --fileserver_port 26552" >> start.sh
+RUN chmod +x start.sh
+
+# the part below is updated with source updates
+
+COPY . .
+
+ENTRYPOINT ./start.sh
+
+CMD main
+
+EXPOSE 43110 26552