# Stage 1: Builder stage to clone the Darknet Lantern repository via its onion link. FROM debian:bookworm-slim AS builder LABEL stage="builder" ENV DEBIAN_FRONTEND=noninteractive # Install required utilities. RUN apt-get update && \ apt-get install -y tor git torsocks curl && \ rm -rf /var/lib/apt/lists/* # Create a working directory. WORKDIR /src # Build-time ARG for the lantern repository URL. ARG LANTERN_REPO="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/darknet-lantern.git" # Start tor, wait for bootstrap, and then clone via torsocks. RUN set -ex && \ tor & \ TOR_PID=$! && \ sleep 10 && \ torsocks git clone -v ${LANTERN_REPO} darknet-lantern && \ kill ${TOR_PID} # Stage 2: Final runtime image. FROM debian:bookworm-slim ENV DEBIAN_FRONTEND=noninteractive # Note: Do not hard-code INSTANCE_DOMAIN here. # It should be passed via docker-compose environment variables or with docker run -e. # For example: # environment: # - INSTANCE_DOMAIN=lantern.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion # Install runtime dependencies (including cron and git). RUN apt-get update && \ apt-get install -y \ nginx \ php8.2-fpm \ python3 \ python3-pip \ curl \ socat \ git \ cron && \ apt-get install -y python3-pandas python3-requests python3-socks && \ rm -rf /var/lib/apt/lists/* # Copy the Darknet Lantern source from the builder stage. RUN mkdir -p /srv/darknet-lantern COPY --from=builder /src/darknet-lantern/ /srv/darknet-lantern/ # Configure nginx. COPY ./lantern_nginx_conf/lantern.conf /etc/nginx/sites-available/lantern.conf RUN ln -sf /etc/nginx/sites-available/lantern.conf /etc/nginx/sites-enabled/ && \ rm -f /etc/nginx/sites-enabled/default # Create cron job file using a heredoc to avoid quoting issues. RUN cat <<'EOF' > /etc/cron.d/lantern-jobs # Update repo daily at 2:00 AM 0 2 * * * root sh -c "cd /srv/darknet-lantern && git -c http.proxy=socks5://127.0.0.1:9050 pull origin main" >> /var/log/lantern_git_update.log 2>& # Run lantern.py every 3 hours, piping "4\n" as input to sync links coming from other webring participants 0 */3 * * * root python3 /srv/darknet-lantern/scripts/lantern.py 4 # Run uptimechecker.py every 3 hours 0 */3 * * * root python3 /srv/darknet-lantern/scripts/uptimechecker.py >> /var/log/uptimechecker.log 2>&1 EOF # Set permissions and install the cron file. RUN chmod 0644 /etc/cron.d/lantern-jobs && \ crontab /etc/cron.d/lantern-jobs # Create an entrypoint script using a heredoc. RUN cat <<'EOS' > /usr/local/bin/docker-entrypoint.sh #!/bin/bash set -e # Ensure INSTANCE_DOMAIN environment variable is set. if [ -z "$INSTANCE_DOMAIN" ]; then echo "Error: INSTANCE_DOMAIN environment variable not set." exit 1 fi # Remove stale instance file so lantern.py will read from stdin. rm -f /root/.darknet_participant_url # Run lantern.py once to generate necessary files. printf "%s\ny\n0\n" "$INSTANCE_DOMAIN" | python3 /srv/darknet-lantern/scripts/lantern.py # Start cron in the background. cron & # Start socat to forward traffic from 127.0.0.1:9050 to tor-proxy:9050. socat TCP-LISTEN:9050,reuseaddr,fork TCP:tor-proxy:9050 & # Start php8.2-fpm in the background. service php8.2-fpm start # Start nginx in the foreground to keep the container active. nginx -g "daemon off;" EOS # Make the entrypoint script executable. RUN chmod +x /usr/local/bin/docker-entrypoint.sh # Set working directory. WORKDIR /srv/darknet-lantern # Define the entrypoint. ENTRYPOINT [ "/usr/local/bin/docker-entrypoint.sh" ]