From e338ce7da9b89c2a2a5a6cb2efab108fec91f0ca Mon Sep 17 00:00:00 2001
From: R4SAS <r4sas@i2pmail.org>
Date: Thu, 29 Sep 2022 23:54:50 +0300
Subject: [PATCH] [docker] update dockerfile, add configuration file (#1788)

Signed-off-by: R4SAS <r4sas@i2pmail.org>
---
 contrib/docker/Dockerfile       | 35 ++++++++++++++++------
 contrib/docker/i2pd-docker.conf | 52 +++++++++++++++++++++++++++++++++
 2 files changed, 78 insertions(+), 9 deletions(-)
 create mode 100644 contrib/docker/i2pd-docker.conf

diff --git a/contrib/docker/Dockerfile b/contrib/docker/Dockerfile
index 71af141e..129c5ff3 100644
--- a/contrib/docker/Dockerfile
+++ b/contrib/docker/Dockerfile
@@ -1,5 +1,18 @@
+#
+# Copyright (c) 2017-2022, The PurpleI2P Project
+#
+# This file is part of Purple i2pd project and licensed under BSD3
+#
+# See full license text in LICENSE file at top of project tree
+#
+
 FROM alpine:latest
-LABEL authors "Mikal Villa <mikal@sigterm.no>, Darknet Villain <supervillain@riseup.net>"
+LABEL authors="Mikal Villa <mikal@sigterm.no>, Darknet Villain <supervillain@riseup.net>"
+LABEL maintainer="R4SAS <r4sas@i2pmail.org>"
+
+LABEL org.opencontainers.image.source=https://github.com/PurpleI2P/i2pd
+LABEL org.opencontainers.image.documentation=https://i2pd.readthedocs.io/en/latest/
+LABEL org.opencontainers.image.licenses=BSD3
 
 # Expose git branch, tag and URL variables as arguments
 ARG GIT_BRANCH="openssl"
@@ -11,27 +24,28 @@ ENV REPO_URL=${REPO_URL}
 
 ENV I2PD_HOME="/home/i2pd"
 ENV DATA_DIR="${I2PD_HOME}/data"
-ENV DEFAULT_ARGS=" --datadir=$DATA_DIR --reseed.verify=true --upnp.enabled=false --http.enabled=true --http.address=0.0.0.0 --httpproxy.enabled=true --httpproxy.address=0.0.0.0 --socksproxy.enabled=true --socksproxy.address=0.0.0.0 --sam.enabled=true --sam.address=0.0.0.0"
+ENV DEFAULT_ARGS=" --datadir=$DATA_DIR"
 
 RUN mkdir -p "$I2PD_HOME" "$DATA_DIR" \
     && adduser -S -h "$I2PD_HOME" i2pd \
     && chown -R i2pd:nobody "$I2PD_HOME"
 
+
+# 1. Building binary
+#   Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the
+#   image under 20mb we need to remove all the build dependencies in the same "RUN" / layer.
 #
-# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the
-# image under 20mb we need to remove all the build dependencies in the same "RUN" / layer.
-#
+#   1. install deps, clone and build.
+#   2. strip binaries.
+#   3. Purge all dependencies and other unrelated packages, including build directory.
 
-# 1. install deps, clone and build.
-# 2. strip binaries.
-# 3. Purge all dependencies and other unrelated packages, including build directory.
 RUN apk update \
     && apk --no-cache --virtual build-dependendencies add make gcc g++ libtool zlib-dev boost-dev build-base openssl-dev openssl miniupnpc-dev git \
     && mkdir -p /tmp/build \
     && cd /tmp/build && git clone -b ${GIT_BRANCH} ${REPO_URL} \
     && cd i2pd \
     && if [ -n "${GIT_TAG}" ]; then git checkout tags/${GIT_TAG}; fi \
-    && make USE_UPNP=yes \
+    && make -j$(nproc) USE_UPNP=yes \
     && cp -R contrib/certificates /i2pd_certificates \
     && mkdir -p /usr/local/bin \
     && mv i2pd /usr/local/bin \
@@ -45,6 +59,9 @@ RUN apk update \
 # 2. Adding required libraries to run i2pd to ensure it will run.
 RUN apk --no-cache add boost-filesystem boost-system boost-program_options boost-date_time boost-thread boost-iostreams openssl miniupnpc musl-utils libstdc++
 
+# 3. Copy preconfigured config file and entrypoint
+COPY i2pd-docker.conf "$I2PD_HOME/i2pd.conf"
+RUN chown i2pd:nobody "$I2PD_HOME/i2pd.conf"
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod a+x /entrypoint.sh
 
diff --git a/contrib/docker/i2pd-docker.conf b/contrib/docker/i2pd-docker.conf
new file mode 100644
index 00000000..3b91a235
--- /dev/null
+++ b/contrib/docker/i2pd-docker.conf
@@ -0,0 +1,52 @@
+## Preconfigured i2pd configuration file for a Docker container
+## See https://i2pd.readthedocs.io/en/latest/user-guide/configuration/
+## for more options you can use in this file.
+
+## Note that for exposing ports outside of container you need to bind all services to 0.0.0.0
+
+log = file
+loglevel = none
+
+ipv4 = true
+ipv6 = false
+
+# bandwidth = L
+# notransit = false
+# floodfill = false
+
+[ntcp2]
+enabled = true
+published = true
+
+[ssu2]
+enabled = true
+published = true
+
+[http]
+enabled = true
+address = 0.0.0.0
+port = 7070
+
+[httpproxy]
+enabled = true
+address = 0.0.0.0
+port = 4444
+
+[socksproxy]
+enabled = true
+address = 0.0.0.0
+port = 4447
+
+[sam]
+enabled = true
+address = 0.0.0.0
+port = 7656
+
+[upnp]
+enabled = false
+
+[reseed]
+verify = true
+
+[limits]
+# transittunnels = 2500