# Phantom Protocol Extended Infrastructure # Полная анонимная интернет-инфраструктура с DNS, Hidden Services и Exit Nodes version: '3.8' networks: phantom-network: driver: bridge ipam: config: - subnet: 172.20.0.0/16 phantom-internal: driver: bridge internal: true ipam: config: - subnet: 172.21.0.0/16 volumes: phantom-dns-data: phantom-hs1-data: phantom-hs2-data: phantom-hs3-data: phantom-exit1-data: phantom-exit2-data: phantom-registry-data: phantom-monitor-data: services: # Phantom DNS Servers (2 экземпляра для отказоустойчивости) phantom-dns-1: build: context: . dockerfile: docker/Dockerfile.dns container_name: phantom-dns-1 hostname: dns1.phantom.local networks: phantom-network: ipv4_address: 172.20.1.10 ports: - "5353:5353/udp" # DNS - "8053:8053/tcp" # Управление volumes: - phantom-dns-data:/var/lib/phantom - ./logs/dns1:/var/log/phantom environment: - PHANTOM_NODE_ID=dns1 - PHANTOM_DNS_PORT=5353 - PHANTOM_DNS_BIND_ADDR=0.0.0.0 - PHANTOM_DNS_LOG_LEVEL=INFO - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.11:6881,172.20.1.12:6881 restart: unless-stopped healthcheck: test: ["CMD", "/usr/local/bin/phantom-dns-healthcheck.sh"] interval: 30s timeout: 10s retries: 3 phantom-dns-2: build: context: . dockerfile: docker/Dockerfile.dns container_name: phantom-dns-2 hostname: dns2.phantom.local networks: phantom-network: ipv4_address: 172.20.1.11 ports: - "5354:5353/udp" # DNS - "8054:8053/tcp" # Управление volumes: - phantom-dns-data:/var/lib/phantom - ./logs/dns2:/var/log/phantom environment: - PHANTOM_NODE_ID=dns2 - PHANTOM_DNS_PORT=5353 - PHANTOM_DNS_BIND_ADDR=0.0.0.0 - PHANTOM_DNS_LOG_LEVEL=INFO - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.12:6881 restart: unless-stopped depends_on: - phantom-dns-1 # Hidden Services (.phantom сайты) phantom-hs-welcome: build: context: . dockerfile: docker/Dockerfile.hidden-service container_name: phantom-hs-welcome hostname: welcome.phantom.local networks: phantom-network: ipv4_address: 172.20.2.10 phantom-internal: ipv4_address: 172.21.2.10 ports: - "8080:8080/tcp" # Управление volumes: - phantom-hs1-data:/var/lib/phantom - ./logs/hs-welcome:/var/log/phantom - ./sites/welcome:/var/lib/phantom/hidden-service/www environment: - PHANTOM_NODE_ID=hs-welcome - PHANTOM_HS_NAME=phantom-welcome - PHANTOM_HS_LOCAL_PORT=80 - PHANTOM_HS_INTRO_POINTS=3 - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 phantom-hs-forum: build: context: . dockerfile: docker/Dockerfile.hidden-service container_name: phantom-hs-forum hostname: forum.phantom.local networks: phantom-network: ipv4_address: 172.20.2.11 phantom-internal: ipv4_address: 172.21.2.11 ports: - "8081:8080/tcp" # Управление volumes: - phantom-hs2-data:/var/lib/phantom - ./logs/hs-forum:/var/log/phantom - ./sites/forum:/var/lib/phantom/hidden-service/www environment: - PHANTOM_NODE_ID=hs-forum - PHANTOM_HS_NAME=phantom-forum - PHANTOM_HS_LOCAL_PORT=80 - PHANTOM_HS_INTRO_POINTS=3 - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 phantom-hs-marketplace: build: context: . dockerfile: docker/Dockerfile.hidden-service container_name: phantom-hs-marketplace hostname: market.phantom.local networks: phantom-network: ipv4_address: 172.20.2.12 phantom-internal: ipv4_address: 172.21.2.12 ports: - "8082:8080/tcp" # Управление volumes: - phantom-hs3-data:/var/lib/phantom - ./logs/hs-marketplace:/var/log/phantom - ./sites/marketplace:/var/lib/phantom/hidden-service/www environment: - PHANTOM_NODE_ID=hs-marketplace - PHANTOM_HS_NAME=phantom-marketplace - PHANTOM_HS_LOCAL_PORT=80 - PHANTOM_HS_INTRO_POINTS=5 # Больше intro points для популярного сайта - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 # Exit Nodes (2 экземпляра в разных "юрисдикциях") phantom-exit-us: build: context: . dockerfile: docker/Dockerfile.exit-node container_name: phantom-exit-us hostname: exit-us.phantom.local networks: phantom-network: ipv4_address: 172.20.3.10 ports: - "1080:1080/tcp" # SOCKS5 - "3128:3128/tcp" # HTTP прокси - "5353:5353/udp" # DNS resolver - "8083:8081/tcp" # Управление volumes: - phantom-exit1-data:/var/lib/phantom - ./logs/exit-us:/var/log/phantom - ./configs/exit-policies/us.policy:/var/lib/phantom/exit-node/policies/exit.policy environment: - PHANTOM_NODE_ID=exit-us - PHANTOM_EXIT_NAME=phantom-exit-us - PHANTOM_EXIT_CONTACT=admin-us@phantom.local - PHANTOM_EXIT_COUNTRY=US - PHANTOM_EXIT_BANDWIDTH_LIMIT=52428800 # 50 MB/s - PHANTOM_EXIT_MAX_CONNECTIONS=2000 - PHANTOM_EXIT_ENABLE_SOCKS5=true - PHANTOM_EXIT_ENABLE_HTTP=true - PHANTOM_EXIT_ENABLE_DNS=true - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 cap_add: - NET_ADMIN # Для iptables phantom-exit-eu: build: context: . dockerfile: docker/Dockerfile.exit-node container_name: phantom-exit-eu hostname: exit-eu.phantom.local networks: phantom-network: ipv4_address: 172.20.3.11 ports: - "1081:1080/tcp" # SOCKS5 - "3129:3128/tcp" # HTTP прокси - "5354:5353/udp" # DNS resolver - "8084:8081/tcp" # Управление volumes: - phantom-exit2-data:/var/lib/phantom - ./logs/exit-eu:/var/log/phantom - ./configs/exit-policies/eu.policy:/var/lib/phantom/exit-node/policies/exit.policy environment: - PHANTOM_NODE_ID=exit-eu - PHANTOM_EXIT_NAME=phantom-exit-eu - PHANTOM_EXIT_CONTACT=admin-eu@phantom.local - PHANTOM_EXIT_COUNTRY=EU - PHANTOM_EXIT_BANDWIDTH_LIMIT=52428800 # 50 MB/s - PHANTOM_EXIT_MAX_CONNECTIONS=2000 - PHANTOM_EXIT_ENABLE_SOCKS5=true - PHANTOM_EXIT_ENABLE_HTTP=true - PHANTOM_EXIT_ENABLE_DNS=true - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 cap_add: - NET_ADMIN # Для iptables # Service Registry - каталог .phantom сайтов phantom-registry: build: context: . dockerfile: docker/Dockerfile.registry container_name: phantom-registry hostname: registry.phantom.local networks: phantom-network: ipv4_address: 172.20.4.10 phantom-internal: ipv4_address: 172.21.4.10 ports: - "8085:8080/tcp" # Веб-интерфейс - "8086:8081/tcp" # API volumes: - phantom-registry-data:/var/lib/phantom - ./logs/registry:/var/log/phantom environment: - PHANTOM_NODE_ID=registry - PHANTOM_REGISTRY_NAME=phantom-registry - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 # Phantom Browser - клиент для доступа к .phantom сайтам phantom-browser: build: context: . dockerfile: docker/Dockerfile.browser container_name: phantom-browser hostname: browser.phantom.local networks: phantom-network: ipv4_address: 172.20.5.10 ports: - "8087:8080/tcp" # Веб-интерфейс браузера - "9050:9050/tcp" # SOCKS5 прокси для внешних приложений volumes: - ./logs/browser:/var/log/phantom environment: - PHANTOM_NODE_ID=browser - PHANTOM_DNS_SERVERS=172.20.1.10:5353,172.20.1.11:5353 - PHANTOM_EXIT_NODES=172.20.3.10:1080,172.20.3.11:1080 - PHANTOM_KADEMLIA_BOOTSTRAP=172.20.1.10:6881,172.20.1.11:6881 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 - phantom-exit-us - phantom-exit-eu # Monitoring Dashboard phantom-monitor: build: context: . dockerfile: docker/Dockerfile.monitor container_name: phantom-monitor hostname: monitor.phantom.local networks: phantom-network: ipv4_address: 172.20.6.10 ports: - "8090:8080/tcp" # Веб-интерфейс мониторинга - "9090:9090/tcp" # Prometheus метрики volumes: - phantom-monitor-data:/var/lib/phantom - ./logs:/var/log/phantom:ro # Только чтение логов environment: - PHANTOM_MONITOR_REFRESH_INTERVAL=30 - PHANTOM_MONITOR_NODES=dns1:172.20.1.10:8053,dns2:172.20.1.11:8053,hs-welcome:172.20.2.10:8080,hs-forum:172.20.2.11:8080,hs-marketplace:172.20.2.12:8080,exit-us:172.20.3.10:8083,exit-eu:172.20.3.11:8084,registry:172.20.4.10:8086 restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 - phantom-hs-welcome - phantom-hs-forum - phantom-hs-marketplace - phantom-exit-us - phantom-exit-eu - phantom-registry # Load Balancer для DNS phantom-dns-lb: image: nginx:alpine container_name: phantom-dns-lb networks: phantom-network: ipv4_address: 172.20.7.10 ports: - "53:53/udp" # Стандартный DNS порт - "8088:8080/tcp" # Статус балансировщика volumes: - ./docker/nginx/dns-lb.conf:/etc/nginx/nginx.conf:ro restart: unless-stopped depends_on: - phantom-dns-1 - phantom-dns-2 # Дополнительные конфигурации x-phantom-node-common: &phantom-node-common restart: unless-stopped logging: driver: "json-file" options: max-size: "10m" max-file: "3" security_opt: - no-new-privileges:true read_only: false tmpfs: - /tmp:noexec,nosuid,size=100m