From a1bae33e06885e929eb76739e690c9ecfbcb1251 Mon Sep 17 00:00:00 2001
From: Santiago Reig <305333+chiva@users.noreply.github.com>
Date: Fri, 11 Apr 2025 23:16:20 +0200
Subject: [PATCH 1/4] fix: python3.12 compatibility

---
 .gitmodules        | 3 ++-
 src/lib/Ed25519.py | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/.gitmodules b/.gitmodules
index 2c602a5a..8cee1c90 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,4 @@
 [submodule "plugins"]
 	path = plugins
-	url = https://github.com/ZeroNetX/ZeroNet-Plugins.git
+	url = https://github.com/chiva/ZeroNet-Plugins.git
+	branch = lifecycle-updates
diff --git a/src/lib/Ed25519.py b/src/lib/Ed25519.py
index 20bdc1a9..42214923 100644
--- a/src/lib/Ed25519.py
+++ b/src/lib/Ed25519.py
@@ -90,7 +90,7 @@ def pow2(x, p):
 
 
 def inv(z):
-    """$= z^{-1} \mod q$, for z != 0"""
+    """$= z^{-1} \\mod q$, for z != 0"""
     # Adapted from curve25519_athlon.c in djb's Curve25519.
     z2 = z * z % q                                # 2
     z9 = pow2(z2, 2) * z % q                      # 9

From 0c0b446c07e81f15d14f70f04c3f9b90baadf99e Mon Sep 17 00:00:00 2001
From: Santiago Reig <305333+chiva@users.noreply.github.com>
Date: Fri, 11 Apr 2025 23:16:36 +0200
Subject: [PATCH 2/4] fix: improve dockerfile

---
 Dockerfile         | 88 +++++++++++++++++++++++++++++++++-------------
 docker-compose.yml | 22 ++++++++++++
 2 files changed, 85 insertions(+), 25 deletions(-)
 create mode 100644 docker-compose.yml

diff --git a/Dockerfile b/Dockerfile
index 3f1d3c18..bd6edeac 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,33 +1,71 @@
-FROM alpine:3.15 
+FROM python:3.13-alpine AS builder
 
-#Base settings
-ENV HOME /root
+# Set working directory
+WORKDIR /app
 
-COPY requirements.txt /root/requirements.txt
+# Copy requirements
+COPY requirements.txt .
 
-#Install ZeroNet
-RUN apk --update --no-cache --no-progress add python3 python3-dev py3-pip gcc g++ autoconf automake libtool libffi-dev musl-dev make tor openssl \
- && pip3 install -r /root/requirements.txt \
- && apk del python3-dev gcc g++ autoconf automake libtool libffi-dev musl-dev make \
- && echo "ControlPort 9051" >> /etc/tor/torrc \
- && echo "CookieAuthentication 1" >> /etc/tor/torrc
- 
-RUN python3 -V \
- && python3 -m pip list \
- && tor --version \
- && openssl version
+# Install build dependencies
+RUN apk --no-cache add \
+    build-base \
+    git \
+    autoconf automake libtool \
+    libffi-dev openssl-dev \
+    musl-dev
 
-#Add Zeronet source
-COPY . /root
-VOLUME /root/data
+# Install Python deps
+RUN python -m venv /app/venv && \
+    . /app/venv/bin/activate && \
+    pip install --upgrade pip && \
+    pip install -r requirements.txt
 
-#Control if Tor proxy is started
-ENV ENABLE_TOR true
+# -----------------------------
+# Runtime image
+FROM python:3.13-alpine
 
-WORKDIR /root
+# Create app directory
+WORKDIR /app
 
-#Set upstart command
-CMD (! ${ENABLE_TOR} || tor&) && python3 zeronet.py --ui_ip 0.0.0.0 --fileserver_port 26117
+# Add non-root user
+RUN addgroup -S zeronet && adduser -S -G zeronet zeronet
 
-#Expose ports
-EXPOSE 43110 26117
+# Install runtime dependencies
+RUN apk --no-cache add \
+    tor tini openssl wget
+
+# Configure tor
+RUN echo "ControlPort 9051" >> /etc/tor/torrc && \
+    echo "CookieAuthentication 1" >> /etc/tor/torrc
+
+# Copy from builder
+COPY --from=builder /app/venv /app/venv
+
+# Copy application code
+COPY --chown=zeronet:zeronet . /app
+
+# Prepare directories
+RUN mkdir -p /app/data /app/log && \
+    chown -R zeronet:zeronet /app/data /app/log && \
+    chmod 750 /app/data /app/log
+
+# Set environment
+ENV PATH="/app/venv/bin:$PATH" \
+    VIRTUAL_ENV="/app/venv" \
+    ENABLE_TOR=true \
+    UI_IP=0.0.0.0 \
+    UI_PORT=43110 \
+    FILESERVER_PORT=26117 \
+    ADDITIONAL_ARGS=""
+
+# Switch to non-root user
+USER zeronet
+
+# Use Tini as init to handle signals gracefully
+ENTRYPOINT ["/sbin/tini", "--"]
+
+# The command the container runs with
+CMD ["sh", "-c", "echo \"Python: $(python -V), Tor: $(tor --version | head -n1)\" && (! ${ENABLE_TOR} || tor&) && python zeronet.py --ui_ip ${UI_IP} --ui_port ${UI_PORT} --fileserver_port ${FILESERVER_PORT} ${ADDITIONAL_ARGS}"]
+
+# Expose ports - using the environment variables
+EXPOSE ${UI_PORT} ${FILESERVER_PORT}
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..d4369338
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,22 @@
+services:
+  zeronet:
+    build: .
+    user: zeronet:zeronet
+    volumes:
+      - ./data:/app/data
+      - ./log:/app/log
+    ports:
+      - "${UI_PORT:-43110}:${UI_PORT:-43110}"
+      - "${FILESERVER_PORT:-26117}:${FILESERVER_PORT:-26117}"
+    environment:
+      - ENABLE_TOR=true
+      - UI_IP=0.0.0.0
+      - UI_PORT=43110
+      - FILESERVER_PORT=26117
+      - ADDITIONAL_ARGS=
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://localhost:${UI_PORT:-43110}/ZeroNet-Internal/Stats", "||", "exit", "1"]
+      interval: 1m
+      timeout: 10s
+      retries: 3
+      start_period: 30s

From 5870ee0ca0ababe6318871033371aaa7adb7cd2a Mon Sep 17 00:00:00 2001
From: Santiago Reig <305333+chiva@users.noreply.github.com>
Date: Sat, 12 Apr 2025 15:52:57 +0200
Subject: [PATCH 3/4] fix: ssl wrap_socket use for geolitedb

---
 src/util/helper.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/util/helper.py b/src/util/helper.py
index 61455b08..3bddace4 100644
--- a/src/util/helper.py
+++ b/src/util/helper.py
@@ -209,7 +209,8 @@ def httpRequest(url, as_file=False):
 
         conn = http.client.HTTPSConnection(host)
         sock = socket.create_connection((conn.host, conn.port), conn.timeout, conn.source_address)
-        conn.sock = ssl.wrap_socket(sock, conn.key_file, conn.cert_file)
+        context = ssl.create_default_context()
+        conn.sock = context.wrap_socket(sock, server_hostname=conn.host)
         conn.request("GET", request)
         response = conn.getresponse()
         if response.status in [301, 302, 303, 307, 308]:

From 829c8f4f6063f1448f189b2dcf682d8704927e0a Mon Sep 17 00:00:00 2001
From: Santiago Reig <305333+chiva@users.noreply.github.com>
Date: Sat, 12 Apr 2025 16:29:17 +0200
Subject: [PATCH 4/4] fix: don't print versions

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index bd6edeac..d2efca7d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -65,7 +65,7 @@ USER zeronet
 ENTRYPOINT ["/sbin/tini", "--"]
 
 # The command the container runs with
-CMD ["sh", "-c", "echo \"Python: $(python -V), Tor: $(tor --version | head -n1)\" && (! ${ENABLE_TOR} || tor&) && python zeronet.py --ui_ip ${UI_IP} --ui_port ${UI_PORT} --fileserver_port ${FILESERVER_PORT} ${ADDITIONAL_ARGS}"]
+CMD ["sh", "-c", "(! ${ENABLE_TOR} || tor&) && python zeronet.py --ui_ip ${UI_IP} --ui_port ${UI_PORT} --fileserver_port ${FILESERVER_PORT} ${ADDITIONAL_ARGS}"]
 
 # Expose ports - using the environment variables
 EXPOSE ${UI_PORT} ${FILESERVER_PORT}