Add Dockerfiles and update README for Docker

README.md

@@ -46,7 +46,34 @@ What does this entail? Just two patches from this repo:
 
 #### Run in Docker
 
-This isn't ready yet, but you can get the idea by checking the build directory and the Dockerfile patch for Tribler. For Haven, use the same Docker compose recipes I have published.
+This isn't completely ready yet, but you may build the two containers by yourself like this:
+
+```sh
+cd build/haven
+docker build -t haven-for-tribler:latest .
+cd ../tribler
+docker build -t tribler-haven:latest .
+cd ../../
+```
+
+Or you can do `cd build && ./build.sh` (which does the same thing).
+
+This creates two container images which I reference in the sample compose.yaml:
+
+```sh
+$ docker images
+REPOSITORY           TAG         IMAGE ID       CREATED          SIZE
+tribler-haven        latest      8693940f6d6f   9 minutes ago    1.39GB
+haven-for-tribler    latest      d637b742a675   14 minutes ago   2.67GB
+```
+
+There's a sample Docker compose file in the build/tribler directory. 
+
+By default - and the patch for Haven has that hardcoded - Tribler API port should be 3100 and the password 'changeme'. In this PoC that's hard-coded into the Haven patch, so if you want to change these you may edit the patches and Docker compose to match whatever password you set and port you want to use. 
+
+If you decide to change the API key, for example, you can do it in Tribler, then change compose.yaml, change the API key in it, change it in the Haven patch, and rebuild Haven container. I think that should be enough.
+
+For more advanced Docker compose scenarios (TLS, reverse proxy, etc.) you can consider Docker compose recipes I have published (see the Resources section).
 
 ### Tribler with Haven iFrame (v1)
 
@@ -93,7 +120,7 @@ To ease copy-paste or indeed, make it possible to not use a patched version of H
 
 ![Magnet download add-on for Firefox](./xx_screenshot_haven_with_firefox_add-on.png)
 
-The add-on can be used with any Haven and Tribler instances, but in v1.0 all options are hard-coded.
+The add-on can be used with any Haven and Tribler instances, but in v1.0 **of add-on** all options are hard-coded in the add-on itself (see the add-on repo). If you change Tribler port or API key (explained above), then you'll have to change the same options in  this extension.
 
 #### Example workflow
 
@@ -160,6 +187,14 @@ It appears those don't work because of default iFrame security settings.
 
 This could be worked around, but I haven't tried it.
 
+#### Security (v2)
+
+In v2 Tribler allows unauthenticated access to port 3100 from 127.0.0.1 and `haven`, which is a small compromise that I found reasonable for this PoC.
+
+If you want to share Haven to other users, though, remember they will have access to the same Tribler instance, so do not share the same Haven to friends or family if that's not what you intend. You can easily create additional containerized Haven instances for them - just use my generic containerized Haven recipe (see Resources) to provide access to shared unpatched Haven server over TLS to port 443, and you'll be fine.
+
+Also keep in mind that Tribler doesn't authenticate localhost users, so other users on the same computer could access Tribler's Web UI directly the same as you, by using the default API key ('changeme'). How to change that is described in How to Run (above).
+
 #### iFrame (v2, v1)
 
 We should really use iFrames in the first place. But it's easy to do and v2 is also easy to use with some small security compromises.

build/build.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+if [ ! -d "haven" ] || [ ! -d "tribler" ]; then
+    echo "haven or tribler directory not found. Are you in the right directory (build)?"
+    exit 1
+fi
+
+cd haven
+echo -e "\n=== Building Haven ===\n"
+docker build -t haven-for-tribler:latest .
+
+cd ../tribler
+echo -e "\n=== Building Tribler ===\n"
+docker build -t tribler-haven:latest .
+cd ../
+
+echo -e "\n=== Done! List tribler-related images ===\n"
+docker images | grep tribler
+
+
+echo -e '''\n
+Edit tribler/compose.yaml and in that directory create "tribler-downloads" subdirectory for Tribler downloads:
+
+cd tribler 
+vim compose.yaml
+mkdir tribler-downloads
+docker compose up
+
+After the container is up, you can access Haven at http://localhost:3000 and see a Tribler iFrame on the same page.
+If you change CORE_API_KEY, you need to set the same password in the Haven patch, and rebuild Haven container.
+'''

build/haven/Dockerfile

@@ -0,0 +1,25 @@
+# AA: Use Ubuntu 24.04 instead of the official Dockerfile's 20.04
+FROM ubuntu:24.04
+
+ARG SPEAKEASY_VER="main"
+ENV SPEAKEASY_VER=$SPEAKEASY_VER
+
+# AA: Set the timezone to London
+ENV TZ="Europe/London" \
+    DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get upgrade -y && apt-get install -y curl git patch tzdata
+
+# AA: Install Node.js 18.x instead of the official Dockerfile's 16.x
+RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && apt-get install -y nodejs
+
+ARG GIT_REPO=${GIT_REPO:-"https://git.xx.network/elixxir/speakeasy-web.git"}
+ARG GIT_COMMIT_SHA="5afa715e257cf78a42173f5cf5785e339095a46b"
+
+# RUN mkdir /speakeasy-web && git clone --depth=1 -b $SPEAKEASY_VER https://git.xx.network/elixxir/speakeasy-web.git /speakeasy-web && cd /speakeasy-web && npm install && npm run build
+# AA: Modify the above "official" line to allow for patching the DefaultLayout.tsx file
+RUN mkdir /speakeasy-web && git clone --depth=1 -b $SPEAKEASY_VER ${GIT_REPO} /speakeasy-web
+ADD haven-DefaultLayout.tsx.patch /speakeasy-web/haven-DefaultLayout.tsx.patch
+WORKDIR /speakeasy-web
+RUN git reset --hard ${GIT_COMMIT_SHA} && patch -p1 --backup-if-mismatch src/layouts/DefaultLayout/DefaultLayout.tsx haven-DefaultLayout.tsx.patch && npm install && npm run build
+
+ENTRYPOINT [ "npm", "run", "start" ]

build/tribler/Dockerfile

@@ -5,8 +5,9 @@ RUN apt-get update \
     && apt-get install -y --no-install-recommends libsodium23=1.0.18-1 patch tzdata \
     && rm -rf /var/lib/apt/lists/*
 
-## AA: container time in UTC
-ENV TZ="Europe/London"
+# AA: Set the timezone to London
+ENV TZ="Europe/London" \
+    DEBIAN_FRONTEND=noninteractive
 
 # Install Xvfb for headless GUI
 RUN apt-get update -y \
@@ -27,13 +28,9 @@ RUN git clone --recursive --branch "$GIT_BRANCH" "$GIT_REPO" /home/user/tribler
 # AA: Commit up to which we patch; https://github.com/Tribler/tribler/commit/8319fb9c63ff257c9afbce3cb8c59333642fbec3
 ARG GIT_COMMIT_SHA="8319fb9c63ff257c9afbce3cb8c59333642fbec3"
 # AA: patch Tribler to allow access from localhost (127.0.0.1) and haven
-# AA: switch to working directory /home/user/tribler
 WORKDIR /home/user/tribler
-ADD haven-tribler.patch /home/user/tribler/haven-tribler.patch
-RUN git reset --hard ${GIT_COMMIT_SHA}
-RUN cd /home/user/tribler/src/tribler/core/restapi/ && patch --backup-if-mismatch /home/user/tribler/src/tribler/core/restapi/rest_manager.py /home/user/tribler/haven-tribler.patch
-# RUN cp /home/user/tribler/src/tribler/core/restapi/rest_manager.py /home/user/tribler/src/tribler/core/restapi/rest_manager.py.bkp
-RUN md5sum /home/user/tribler/src/tribler/core/restapi/rest_manager.py
+ADD tribler.patch /home/user/tribler/tribler.patch
+RUN git reset --hard ${GIT_COMMIT_SHA} && cd /home/user/tribler/src/tribler/core/restapi/ && patch --backup-if-mismatch /home/user/tribler/src/tribler/core/restapi/rest_manager.py /home/user/tribler/tribler.patch
 
 # Install NPM dependencies
 WORKDIR /home/user/tribler/src/tribler/ui