FROM debian:bookworm-slim LABEL description="dante SOCKS5 + purevpn-cli exit node" # ── System dependencies (all in one layer so apt cache is fresh for installer) ─ RUN apt-get update && apt-get install -y --no-install-recommends \ dante-server \ curl wget ca-certificates \ iproute2 iptables iputils-ping \ netcat-openbsd procps dnsutils \ expect \ openvpn wireguard wireguard-tools \ net-tools openresolv \ && rm -rf /var/lib/apt/lists/* # ── Install purevpn-cli ─────────────────────────────────────────────────────── # Pre-installing its dependencies above means the installer's own apt calls # find everything already present and skip cleanly. # Binary lands at /opt/purevpn-cli/bin/purevpn-cli RUN curl -fsSL https://apps.purevpn-tools.com/cross-platform/linux-cli/production/cli-install.sh \ -o /tmp/cli-install.sh \ && bash /tmp/cli-install.sh \ && rm -f /tmp/cli-install.sh # ── Fake sudo wrapper ───────────────────────────────────────────────────────── # purevpn-cli calls `sudo purevpn-cli --connect X --install-missing-components` # which crashes in its own pkg/Node.js bootstrap (bug in the CLI). # Since we are root and pre-installed all VPN packages, we intercept that flag # and exit 0 so the parent process continues to the actual connect step. RUN printf '#!/bin/sh\nfor a in "$@"; do\n case "$a" in\n --install-missing-components)\n echo "[sudo] skipping --install-missing-components (pre-installed)"\n exit 0 ;;\n esac\ndone\nexec "$@"\n' \ > /usr/local/bin/sudo && chmod +x /usr/local/bin/sudo # ── PATH: installer puts binary in /opt/purevpn-cli/bin/ ───────────────────── ENV PATH=/opt/purevpn-cli/bin:/opt/purevpn-cli:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # ── Location list ───────────────────────────────────────────────────────────── COPY servers.txt /etc/vpndock/servers.txt # ── Entrypoint ──────────────────────────────────────────────────────────────── COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh EXPOSE 1080 ENTRYPOINT ["/entrypoint.sh"]