]> git.p6c8.net - jirafeau_mojo42.git/blob - docker/README.md
Mention that source and destination file must not be the same and abort if they are...
[jirafeau_mojo42.git] / docker / README.md
1 # Run Jirafeau through a pre-made Docker image
2
3 Jirafeau is a small PHP application so running it inside a docker container is pretty straightforward.
4
5 ```
6 docker pull mojo42/jirafeau:latest
7 docker run -it --rm -p 8080:80 mojo42/jirafeau:latest
8 ```
9
10 Then connect on [localhost:8080](http://localhost:8080/).
11 The admin console is located on `/admin.php`, check console output to get auto-generated admin password.
12
13 # Build your own Jirafeau docker image
14
15 ```
16 git clone https://gitlab.com/mojo42/Jirafeau.git
17 cd Jirafeau
18 docker build -t your/jirafeau:latest .
19 ```
20
21 # Security
22
23 You may be interested in running Jirafeau on port 80:
24 ```
25 docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 mojo42/jirafeau
26 ```
27
28 Note that Jirafeau image does not provide any SSL/TLS. You may be interested in using [docker compose](https://docs.docker.com/compose/) combined with [Let's Encrypt](https://letsencrypt.org/).
29
30 # Options
31
32 Jirafeau's docker image accepts some options through environment variables to ease its configuration.
33 More details about options in `lib/config.original.php`.
34
35 Available options:
36 - `ADMIN_PASSWORD`: setup a specific admin password. If not set, a random password will be generated.
37 - `ADMIN_IP`: set one or more ip allowed to access admin interface (separated by comma).
38 - `WEB_ROOT`: setup a specific domain to point at when generating links (e.g. 'jirafeau.mydomain.com/').
39 - `VAR_ROOT`: setup a specific path where to place files. default: '/data'.
40 - `FILE_HASH`: can be set to `md5`, `partial_md5` or `random` (default).
41 - `PREVIEW`: set to 1 or 0 to enable or disable preview.
42 - `TITLE`: set Jirafeau instance title.
43 - `ORGANISATION`: set organisation (in ToS).
44 - `CONTACTPERSON`: set contact person (in ToS).
45 - `STYLE`: apply a specific style from the media folder.
46 - `DARK_STYLE`: apply a specific style for browsers in dark mode.
47 - `AVAILABILITY_DEFAULT`: setup which availability shows by default.
48 - `ONE_TIME_DOWNLOAD`: set to 1 or 0 to enable or disable one time downloads.
49 - `ENABLE_CRYPT`: set to 1 or 0 to enable or disable server side encryption.
50 - `DEBUG`: set to 1 or 0 to enable or disable debug mode.
51 - `MAXIMAL_UPLOAD_SIZE`: maximal file size allowed (expressed in MB).
52 - `UPLOAD_PASSWORD`: set one or more passwords to access Jirafeau (separated by comma).
53 - `UPLOAD_IP`: set one or more ip allowed to upload files (separated by comma).
54 - `UPLOAD_IP_NO_PASSWORD`: set one or more ip allowed to upload files without password (separated by comma).
55 - `PROXY_IP`: set one or more proxy ip (separated by comma).
56 - `STORE_UPLOADER_IP`: set to 1 or 0 to enable or disable keeping sender's IP with the _link_ file.
57 - `DOWNLOAD_PASSWORD_REQUIREMENT`: set to 'optional' (default), 'required' or 'generated' to make a password for downloading optional, required or generated
58 - `DOWNLOAD_PASSWORD_GEN_LEN`: set length of generated download passwords
59 - `DOWNLOAD_PASSWORD_GEN_CHARS`: set characters used for generated download passwords
60 - `DOWNLOAD_PASSWORD_POLICY`: set to 'regex' to use a regular expression to check user provided download passwords for complexity constraints
61 - `DOWNLOAD_PASSWORD_POLICY_REGEX`: regex to check against if password policy is set to regex
62
63 Example:
64 ```
65 docker run -it -p 8080:80 --rm -e ADMIN_PASSWORD='p4ssw0rd' -e WEB_ROOT='jirafeau.mydomain.com/' -e UPLOAD_PASSWORD='foo,bar' -e PREVIEW=0 mojo42/jirafeau:latest
66 ```
67
68 # Data Storage
69
70 Files and links are stored in `/data` by default. Sub folders are automatically created with needed permissions at creation if needed.
71 Note that configuration is not stored in /data.
72
73 Example of using a dedicated volume to store Jirafeau data separately from the container:
74 ```
75 docker volume create jirafeau_data
76 docker run -it --rm -p 8080:80 --mount source=jirafeau_data,target=/data mojo42/jirafeau:latest
77 ```
78
79 ## Few notes
80
81 - `var-...` folder where lives all uploaded data is protected from direct access
82 - Image has been made using [Alpine Linux](https://alpinelinux.org/) with [lighttpd](https://www.lighttpd.net/) which makes the container very light and start very quickly

patrick-canterino.de