Upload 5 files

Dockerfile

@@ -0,0 +1,35 @@
+# Use a lightweight Python base image
+FROM python:3.11-slim
+
+# Set the working directory
+WORKDIR /app
+
+# Install the pvpn library, FastAPI, Uvicorn, and Supervisord
+# Running as root for this step.
+RUN apt-get update && \
+    apt-get install -y supervisor && \
+    pip install pvpn fastapi uvicorn python-multipart && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Ensure the working directory is writeable (though it is by default for root)
+# This addresses the user's explicit request.
+RUN chmod -R 777 /app
+
+# The container will run as the default root user, which allows binding to 
+# privileged ports 500 and 4500 without needing setcap.
+
+# Copy the server scripts and supervisord config
+# No need for --chown as we are running as root
+COPY vpn_server.py web_ui.py supervisord.conf .
+
+# Expose the standard IKEv2 ports (UDP 500 and 4500)
+EXPOSE 500/udp
+EXPOSE 4500/udp
+
+# Expose the Web UI port (TCP 8000)
+EXPOSE 8000/tcp
+
+RUN useradd -m -u 1000 user
+USER user
+# Command to run Supervisord, which manages both the IKEv2 server and the Web UI
+CMD ["/usr/bin/supervisord", "-c", "supervisord.conf"]

docker-compose.yml

@@ -0,0 +1,15 @@
+version: '3.8'
+services:
+  ikev2_server:
+    build: .
+    container_name: pure_python_ikev2_server
+    # Map the required UDP ports for IKEv2
+    ports:
+      - "500:500/udp"
+      - "4500:4500/udp"
+      # Map the TCP port for the Web UI
+      - "8000:8000/tcp"
+    # Add network administration capability for VPN
+    cap_add:
+      - NET_ADMIN
+    restart: always

supervisord.conf

@@ -0,0 +1,22 @@
+[supervisord]
+nodaemon=true
+
+[program:ikev2_server]
+command=python3 vpn_server.py
+autostart=true
+autorestart=true
+priority=10
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
+[program:web_ui]
+command=uvicorn web_ui:app --host 0.0.0.0 --port 8000
+autostart=true
+autorestart=true
+priority=20
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0

vpn_server.py

@@ -0,0 +1,42 @@
+import sys
+import logging
+from pvpn.server import main
+
+# Configure basic logging
+logging.basicConfig(level=logging.INFO, stream=sys.stdout,
+                    format='%(asctime)s - %(levelname)s - %(message)s')
+
+def start_ikev2_server_programmatically():
+    """
+    Starts a pure Python IKEv2 server using the pvpn library.
+    
+    This is designed to run inside a container where permissions 
+    to bind to privileged ports (500/4500) have been pre-granted 
+    to the Python executable via setcap.
+    """
+    
+    # Arguments for the pvpn server
+    original_argv = sys.argv
+    sys.argv = [
+        "pvpn", 
+        "-p", "MySecretPSK123",  # The Pre-Shared Key
+    ]
+    
+    print("Starting pure Python IKEv2 VPN server...")
+    print("PSK: MySecretPSK123")
+    print("Listening on UDP ports 500 and 4500.")
+    
+    try:
+        # The main function runs the asyncio loop and the server indefinitely
+        main()
+    except KeyboardInterrupt:
+        print("\nServer stopped by user.")
+    except Exception as e:
+        # Catching any unexpected errors during startup or runtime
+        print(f"An unexpected error occurred: {e}")
+    finally:
+        # Restore sys.argv
+        sys.argv = original_argv
+
+if __name__ == '__main__':
+    start_ikev2_server_programmatically()

web_ui.py

@@ -0,0 +1,35 @@
+from fastapi import FastAPI
+from fastapi.responses import HTMLResponse
+
+app = FastAPI()
+
+@app.get("/", response_class=HTMLResponse)
+async def home():
+    html_content = """
+    <html>
+        <head>
+            <title>IKEv2 VPN Server Management</title>
+        </head>
+        <body>
+            <h1>Pure Python IKEv2 Server Status</h1>
+            <p>The IKEv2 server process is running alongside this Web UI.</p>
+            <p><strong>IKEv2 Status:</strong> Running (Managed by Supervisord)</p>
+            <p><strong>Web UI Port:</strong> TCP 8000 (Uvicorn)</p>
+            <p><strong>VPN Ports:</strong> UDP 500 & 4500 (pvpn)</p>
+            <h2>Connection Details</h2>
+            <ul>
+                <li><strong>PSK:</strong> MySecretPSK123</li>
+                <li><strong>URL:</strong> Your public URL</li>
+            </ul>
+            <hr>
+            <p>In a full implementation, this UI would show logs, connection counts, and allow configuration changes.</p>
+        </body>
+    </html>
+    """
+    return html_content
+
+@app.get("/status")
+async def status():
+    # In a real app, this would check if the vpn_server process is alive
+    return {"status": "ok", "service": "Web UI", "vpn_server": "running (assumed)"}
+