From 8ebd65cc0ba01a18c2dab9ef958cad61d9114615 Mon Sep 17 00:00:00 2001
From: Daan Selen <dselen@nerthus.nl>
Date: Wed, 10 Sep 2025 20:52:47 +0200
Subject: [PATCH 1/3] feat(docker): prepare for version 4.3

---
 docker/Dockerfile    | 79 ++++++++++++++++++++++++++++++++++----------
 docker/entrypoint.sh |  9 -----
 2 files changed, 62 insertions(+), 26 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 8e659de3..79fd4621 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,30 +1,71 @@
-FROM golang:1.24 AS awg-go
+#
+# AWG GOLANG BUILDING STAGE
+# Base: Debian
+#
+FROM golang:1.25 AS awg-go
 
-RUN git clone https://github.com/WGDashboard/amneziawg-go /awg
-WORKDIR /awg
+# Standard working directory for WGDashboard
+RUN mkdir -p /workspace && \
+    git clone https://github.com/WGDashboard/amneziawg-go /workspace/awg
+
+WORKDIR /workspace/awg
 RUN go mod download && \
     go mod verify && \
     go build -ldflags '-linkmode external -extldflags "-fno-PIC -static"' -v -o /usr/bin
 
-FROM alpine:latest AS awg-tools
+#
+# AWG TOOLS BUILDING STAGE
+# Base: Debian
+#
+FROM debian:stable-slim AS awg-tools
 
-RUN apk update && apk add --no-cache \
-    make git build-base linux-headers \
-  && git clone https://github.com/WGDashboard/amneziawg-tools \
-  && cd amneziawg-tools/src \
-  && make \
-  && chmod +x wg*
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    make git build-essential linux-headers-generic ca-certificates && \
+    rm -rf /var/lib/apt/lists/*
 
-FROM alpine:latest
+RUN mkdir -p /workspace && \
+    git clone https://github.com/WGDashboard/amneziawg-tools /workspace/awg-tools
+
+WORKDIR /workspace/awg-tools/src
+RUN make && chmod +x wg*
+
+#
+# PIP DEPENDENCY BUILDING
+# Base: Alpine
+#
+FROM python:3.13-alpine AS pip-builder
+
+RUN apk add --no-cache --virtual .build-deps \
+        build-base \
+        mariadb-dev \
+        pkgconfig \
+        python3-dev \
+        libffi-dev \
+        linux-headers \
+    && mkdir -p /opt/wgdashboard/src \
+    && python3 -m venv /opt/wgdashboard/src/venv
+
+COPY ./src/requirements.txt /opt/wgdashboard/src
+RUN . /opt/wgdashboard/src/venv/bin/activate && \
+    pip3 install --upgrade pip && \
+    pip3 install -r /opt/wgdashboard/src/requirements.txt
+
+RUN apk del .build-deps
+
+#
+# WGDashboard RUNNING STAGE
+# Base: Alpine
+#
+FROM python:3.13-alpine
 LABEL maintainer="dselen@nerthus.nl"
 
 RUN apk update && apk add --no-cache \
-    iproute2 iptables bash curl wget unzip procps sudo \
-    tzdata wireguard-tools python3 py3-psutil py3-bcrypt openresolv
+    iproute2 iptables bash curl wget unzip procps \
+    sudo tzdata wireguard-tools openresolv
 
 COPY --from=awg-go /usr/bin/amneziawg-go /usr/bin/amneziawg-go
-COPY --from=awg-tools /amneziawg-tools/src/wg /usr/bin/awg
-COPY --from=awg-tools /amneziawg-tools/src/wg-quick/linux.bash /usr/bin/awg-quick
+COPY --from=awg-tools /workspace/awg-tools/src/wg /usr/bin/awg
+COPY --from=awg-tools /workspace/awg-tools/src/wg-quick/linux.bash /usr/bin/awg-quick
 
 # Declaring environment variables, change Peernet to an address you like, standard is a 24 bit subnet.
 ARG wg_net="10.0.0.1" \
@@ -44,7 +85,10 @@ RUN mkdir /data \
   && mkdir /configs \
   && mkdir -p ${WGDASH}/src \
   && mkdir -p /etc/amnezia/amneziawg
+
 COPY ./src ${WGDASH}/src
+COPY --from=pip-builder /opt/wgdashboard/src/venv /opt/wgdashboard/src/venv
+RUN python3 -m venv /opt/wgdashboard/src/venv
 
 # Generate basic WireGuard interface. Echoing the WireGuard interface config for readability, adjust if you want it for efficiency.
 # Also setting the pipefail option, verbose: https://github.com/hadolint/hadolint/wiki/DL4006.
@@ -71,6 +115,7 @@ COPY ./docker/entrypoint.sh /entrypoint.sh
 
 # Exposing the default WireGuard Dashboard port for web access.
 EXPOSE 10086
-WORKDIR $WGDASH
+WORKDIR $WGDASH/src
 
-ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
+#ENTRYPOINT ["sleep", "infinity"]
+ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
\ No newline at end of file
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 85427e32..64df0122 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -56,17 +56,8 @@ ensure_installation() {
   fi
 
   # Create the Python virtual environment.
-  python3 -m venv "${WGDASH}"/src/venv
   . "${WGDASH}/src/venv/bin/activate"
 
-  # Due to this pip dependency being available as a system package we can just move it to the venv.
-  echo "Moving PIP dependency from ephemerality to runtime environment: psutil"
-  mv /usr/lib/python3.12/site-packages/psutil* "${WGDASH}"/src/venv/lib/python3.12/site-packages
-
-  # Due to this pip dependency being available as a system package we can just move it to the venv.
-  echo "Moving PIP dependency from ephemerality to runtime environment: bcrypt"
-  mv /usr/lib/python3.12/site-packages/bcrypt* "${WGDASH}"/src/venv/lib/python3.12/site-packages
-
   # Use the bash interpreter to install WGDashboard according to the wgd.sh script.
   /bin/bash ./wgd.sh install
 

From 92a2e26755a282700b6d072980b3f4fe1653ce42 Mon Sep 17 00:00:00 2001
From: Daan Selen <dselen@nerthus.nl>
Date: Wed, 10 Sep 2025 23:59:36 +0200
Subject: [PATCH 2/3] feat(docker): clean up remaining commands

---
 docker/Dockerfile | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 79fd4621..36aab916 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -60,8 +60,8 @@ FROM python:3.13-alpine
 LABEL maintainer="dselen@nerthus.nl"
 
 RUN apk update && apk add --no-cache \
-    iproute2 iptables bash curl wget unzip procps \
-    sudo tzdata wireguard-tools openresolv
+        iproute2 iptables bash curl wget unzip procps \
+        sudo tzdata wireguard-tools openresolv
 
 COPY --from=awg-go /usr/bin/amneziawg-go /usr/bin/amneziawg-go
 COPY --from=awg-tools /workspace/awg-tools/src/wg /usr/bin/awg
@@ -82,9 +82,9 @@ ENV WGDASH=/opt/wgdashboard
 
 # Doing WireGuard Dashboard installation measures. Modify the git clone command to get the preferred version, with a specific branch for example.
 RUN mkdir /data \
-  && mkdir /configs \
-  && mkdir -p ${WGDASH}/src \
-  && mkdir -p /etc/amnezia/amneziawg
+    && mkdir /configs \
+    && mkdir -p ${WGDASH}/src \
+    && mkdir -p /etc/amnezia/amneziawg
 
 COPY ./src ${WGDASH}/src
 COPY --from=pip-builder /opt/wgdashboard/src/venv /opt/wgdashboard/src/venv
@@ -117,5 +117,4 @@ COPY ./docker/entrypoint.sh /entrypoint.sh
 EXPOSE 10086
 WORKDIR $WGDASH/src
 
-#ENTRYPOINT ["sleep", "infinity"]
 ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
\ No newline at end of file

From 4e75a95a73150fb194ebd45df08bc1a3fd973c16 Mon Sep 17 00:00:00 2001
From: Daan Selen <dselen@nerthus.nl>
Date: Wed, 10 Sep 2025 23:59:58 +0200
Subject: [PATCH 3/3] chore(docs): add dockerignore

---
 .dockerignore | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..e2c608c2
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+.git
+.github
+*.md
+tests/
+docs/
\ No newline at end of file