From 7ae79428e6d7d431e54f0b5651a142b74e79a5e2 Mon Sep 17 00:00:00 2001
From: Ethan Paul <e@enp.one>
Date: Tue, 18 Jun 2024 21:44:22 -0400
Subject: [PATCH] Add containerfile and config files

---
 Containerfile        | 13 +++++++++++++
 danted.conf.template | 22 ++++++++++++++++++++++
 run-danted.sh        |  9 +++++++++
 3 files changed, 44 insertions(+)
 create mode 100644 Containerfile
 create mode 100644 danted.conf.template
 create mode 100644 run-danted.sh

diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..06d432d
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,13 @@
+FROM lscr.io/linuxserver/wireguard:latest
+
+ENV DANTE_LISTEN_INTERFACE eth1
+ENV DANTE_LISTEN_PORT 1080
+ENV DANTE_FORWARD_INTERFACE wg0
+
+RUN mkdir -p /etc/dante
+ADD danted.conf.template /etc/dante/danted.conf.template
+ADD run-danted.sh /custom-services.d/run-danted.sh
+
+RUN apk update
+RUN apk add dante-server
+
diff --git a/danted.conf.template b/danted.conf.template
new file mode 100644
index 0000000..41ccd57
--- /dev/null
+++ b/danted.conf.template
@@ -0,0 +1,22 @@
+user.privileged: root
+user.unprivileged: nobody
+
+# The listening network interface or address.
+internal: ${DANTE_LISTEN_INTERFACE} port=${DANTE_LISTEN_PORT}
+
+# The proxying network interface or address.
+external: ${DANTE_FORWARD_INTERFACE}
+
+# socks-rules determine what is proxied through the external interface.
+socksmethod: none
+
+# client-rules determine who can connect to the internal interface.
+clientmethod: none
+
+client pass {
+    from: 0.0.0.0/0 to: 0.0.0.0/0
+}
+
+socks pass {
+    from: 0.0.0.0/0 to: 0.0.0.0/0
+}
diff --git a/run-danted.sh b/run-danted.sh
new file mode 100644
index 0000000..9700b84
--- /dev/null
+++ b/run-danted.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/with-contenv bash
+
+envsubst '
+$DANTE_LISTEN_INTERFACE
+$DANTE_LISTEN_PORT
+$DANTE_FORWARD_INTERFACE
+' < /etc/dante/danted.conf.template > /etc/dante/danted.conf
+
+sockd -f /etc/dante/danted.conf