docker/README.md

   1 # Run Jirafeau through a pre-made Docker image
   2
   3 Jirafeau is a small PHP application so running it inside a docker is pretty straightforward.
   4
   5 ```
   6 docker pull mojo42/jirafeau:latest
   7 docker run -d -p 8080:80 mojo42/jirafeau:latest
   8 ```
   9
  10 Then connect on [locahost:8080](http://localhost:8080/).
  11
  12 # Build your own Jirafeau docker image
  13
  14 ```
  15 git clone https://gitlab.com/mojo42/Jirafeau.git
  16 cd Jirafeau
  17 docker build -t your/jirafeau:latest .
  18 ```
  19
  20 # Security
  21
  22 Jirafeau is run without privilidges with user id 2009. To make it able to open privilidged ports you can pass the capability, just stay with 8080 and use a reverse proxy or map the port 80:8080.
  23 ```
  24 docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 mojo42/jirafeau
  25 docker run -d -p 8080:80 mojo42/jirafeau
  26 docker run -d -p 80:80 mojo42/jirafeau
  27 ```
  28
  29 Note that Jirafeau image does not provide any SSL/TLS. You may be interrested in using [docker compose](https://docs.docker.com/compose/) combined with [Let's Encrypt](https://letsencrypt.org/).
  30
  31 # Options
  32
  33 Jirafeau docker image accept some options through environment variables to ease its configuration.
  34 More details about options in `lib/config.original.php`.
  35
  36 Available options:
  37 - `FILE_HASH`: can be set to `md5` (default), `partial_md5` or `random`.
  38
  39 ## Few notes
  40
  41 - `var-...` folder where lives all uploaded data is protected from direct access
  42 - Image has been made using [Alpine Linux](https://alpinelinux.org/) with [lighttpd](https://www.lighttpd.net/) which makes the container very light and start very quickly