From: Patrick Canterino Date: Tue, 4 Mar 2025 14:34:07 +0000 (+0100) Subject: Merge branch 'next-release' X-Git-Tag: 4.6.2 X-Git-Url: https://git.p6c8.net/jirafeau_project.git/commitdiff_plain/5a3c7ed113aae9db9e05de2d8e0e6f8f7f596a3f?hp=bf694556e30615bfbbcbb2a018b537bd013fed44 Merge branch 'next-release' --- diff --git a/CHANGELOG.md b/CHANGELOG.md index 13564df..944d835 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,11 +12,19 @@ 5. Follow the installation wizard, it should propose you the same data folder or even update automatically 6. Check your `/lib/config.local.php` and compare it with the `/lib/config.original.php` to see if new configuration items are available. If a new item is missing in your `config.local.php`, this may trigger some errors as Jirafeau may expect to have them. +## Version 4.6.2 + +- Allow to configure the language and the availabilities for files for a Docker container (issue [#20](https://gitlab.com/jirafeau/Jirafeau/-/issues/20)) +- Added an example `docker-compose.yaml` file for configuring the Docker container +- Fixed an error occuring on some systems while building the Docker image (issue [#24](https://gitlab.com/jirafeau/Jirafeau/-/issues/24)) +- Script upload was broken due to a missing `return` statement (issue [#23](https://gitlab.com/jirafeau/Jirafeau/-/issues/23)) +- Upgrade from 4.6.1: in-place upgrade + ## Version 4.6.1 - Removed the download button and the corresponding link for encrypted files from the admin interface - Fixed an issue with sending the wrong filesize after decrypting an encrypted file -- Fixed the possibility to bypass the check for CVE-2022-30110 (prevent preview of SVG images) by sending a manipulated HTTP request with a MIME type like "image/svg+XML". +- Fixed the possibility to bypass the check for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110) (prevent preview of SVG images) by sending a manipulated HTTP request with a MIME type like "image/svg+XML". This issue has subsequently been reported as [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326). - We now provide Docker images for AMD64 and ARM64 systems - Lots of code refactoring and cleanup - Few more little fixes diff --git a/Dockerfile b/Dockerfile index 823c1dd..6bf9788 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,6 @@ FROM php:8.1-fpm-alpine LABEL org.opencontainers.image.authors="jerome@jutteau.fr" +ARG INI="php" # base install RUN apk update && \ @@ -11,7 +12,7 @@ RUN apk update && \ COPY --chmod=550 docker/cleanup.sh docker/run.sh / COPY --chmod=640 docker/docker_config.php /docker_config.php -COPY docker/php.ini /usr/local/etc/php/php.ini +COPY docker/${INI}.ini /usr/local/etc/php/php.ini COPY docker/lighttpd.conf /etc/lighttpd/lighttpd.conf # Install Jirafeau diff --git a/docker-compose.yaml b/docker-compose.yaml index 6b9c57b..2de68f8 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,12 +1,31 @@ services: web: build: + no_cache: true + #args: + # INI: php_debug #change the ini context: . # or ../Dockerfile if we put it in the ./docker folder volumes: - ./jirafeau_data:/data environment: - - ADMIN_PASSWORD='p4ssw0rd' - + ADMIN_PASSWORD: p4ssw0rd + #LANG: en + #WEB_ROOT: 'my.domain.de' + #STYLE: 'my_jirafeau_theme' + #DARK_STYLE: 'my_jirafeau_theme' + AVAILABILITIES: | + { + "minute": true, + "hour": true, + "day": true, + "week": true, + "fortnight": true, + "month": true, + "quarter": false, + "year": false, + "none": false + } ports: - 8080:80 + diff --git a/docker/README.md b/docker/README.md index 10ee322..d170d70 100644 --- a/docker/README.md +++ b/docker/README.md @@ -20,6 +20,47 @@ cd Jirafeau docker build -t your/jirafeau:latest . ``` +## Docker Compose + +You can use the `docker-compose.yaml` from [here](../docker-compose.yaml) + +### Run Container + +```sh +docker compose up -d +``` + +### Custom Theme + +1. copy the theme data from the running container + + ```sh + docker compose cp web:/www/media jirafeau_media + ``` + +2. mount the theme data + + ```yaml + #.... + volumes: + - ./jirafeau_media/your_theme:/www/media/your_theme + ``` + +3. set the environment variable + + ```yaml + # .... + environment: + STYLE: 'your_theme' + DARK_STYLE: 'your_theme' + ``` + +4. run the compose file + + ```sh + docker compose up -d + ``` + ## Security You may be interested in running Jirafeau on port 80: @@ -36,8 +77,11 @@ Jirafeau's docker image accepts some options through environment variables to ea More details about options in `lib/config.original.php`. Available options: + - `ADMIN_PASSWORD`: setup a specific admin password. If not set, a random password will be generated. - `ADMIN_IP`: set one or more ip allowed to access admin interface (separated by comma). +- `LANG`: choose the language for jirafeau (default auto). +- `AVAILABILITIES`: change the array for availablibilities that the user can select (see `docker-compose.yaml` for an example how to do that). Availability is the time the file should be available before it can be deleted. - `WEB_ROOT`: setup a specific domain to point at when generating links (e.g. 'jirafeau.mydomain.com/'). - `VAR_ROOT`: setup a specific path where to place files. default: '/data'. - `FILE_HASH`: can be set to `md5`, `partial_md5` or `random` (default). diff --git a/docker/docker_config.php b/docker/docker_config.php index 75c6fb8..6037ec6 100644 --- a/docker/docker_config.php +++ b/docker/docker_config.php @@ -91,6 +91,26 @@ function env_2_cfg_string_array(&$cfg, $config_name) return true; } +function env_2_cfg_array_from_json(&$cfg, $config_name) +{ + $env_name = strtoupper($config_name); + $env_string = getenv($env_name); + if ($env_string === false) { + return; + } + $result = json_decode($env_string, true); + if (json_last_error() === JSON_ERROR_NONE) { + // JSON is valid + $c = count($result); + echo("setting $config_name array with $c value(s)n\n"); + } else { + echo("ERROR - invalid json for environment key $config_name \n"); + } + + $cfg[$config_name] = $result; + return true; +} + function setup_admin_password(&$cfg) { if (strlen($cfg['admin_password']) > 0) { @@ -165,6 +185,7 @@ function run_setup(&$cfg) env_2_cfg_bool($cfg, 'preview'); env_2_cfg_string($cfg, 'title', false); env_2_cfg_string($cfg, 'organisation'); + env_2_cfg_string($cfg, 'lang'); env_2_cfg_string($cfg, 'contactperson'); env_2_cfg_string($cfg, 'style'); env_2_cfg_string($cfg, 'availability_default'); @@ -179,6 +200,8 @@ function run_setup(&$cfg) env_2_cfg_string_array($cfg, 'admin_ip'); env_2_cfg_string_array($cfg, 'upload_ip_nopassword'); env_2_cfg_string_array($cfg, 'proxy_ip'); + // this is a key value based value + env_2_cfg_array_from_json($cfg, 'availabilities'); env_2_cfg_bool($cfg, 'store_uploader_ip'); env_2_cfg_string($cfg, 'download_password_requirement'); env_2_cfg_int($cfg, 'download_password_gen_len'); diff --git a/lib/settings.php b/lib/settings.php index f0f193e..791404e 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -43,7 +43,7 @@ if ($cfg['debug'] === true) { /* Jirafeau package */ define('JIRAFEAU_PACKAGE', 'Jirafeau'); -define('JIRAFEAU_VERSION', '4.6.1'); +define('JIRAFEAU_VERSION', '4.6.2'); define('JIRAFEAU_WEBSITE', 'https://gitlab.com/jirafeau/Jirafeau');