initial commit

lufi/Dockerfile

@@ -0,0 +1,38 @@
+FROM debian:jessie
+MAINTAINER Wonderfall <wonderfall@mondedie.fr>
+
+ENV TINI_VER=0.9.0 \
+    USERID=1000 \
+    GROUPID=1000 \
+    SECRET=ZyCnLAhYKBIJrukuKZZJ \
+    CONTACT=contact@domain.tld \
+    MAX_FILE_SIZE=1000000000 \
+    WEBROOT=/ \
+    DOMAIN=domain.tld
+
+RUN apt-get update && apt-get install -y --no-install-recommends --no-install-suggests \
+    wget \
+    perl \
+    build-essential \
+    ca-certificates \
+ && cpan install Carton \
+ && mkdir /lufi && cd /lufi \
+ && wget -qO- https://github.com/ldidry/lufi/archive/master.tar.gz | tar xz --strip 1 \
+ && carton install \
+ && wget -q https://github.com/krallin/tini/releases/download/v$TINI_VER/tini_$TINI_VER.deb -P /tmp \
+ && dpkg -i /tmp/tini_$TINI_VER.deb \ 
+ && apt-get purge -y \
+    wget \
+    build-essential \
+    ca-certificates \
+ && apt-get autoremove --purge -y && apt-get clean \
+ && rm -rf /var/lib/apt/lists/* /root/.cpan* /lufi/local/cache/* /lufi/utilities /tmp/*
+
+COPY run.sh /usr/local/bin/run.sh
+COPY lufi.conf /lufi/lufi.conf
+
+RUN chmod +x /usr/local/bin/run.sh
+
+EXPOSE 8080
+VOLUME /data /files
+CMD ["tini","--","run.sh"]

lufi/README.md

@@ -0,0 +1,44 @@
+## wonderfall/lufi
+[![](https://badge.imagelayers.io/wonderfall/lufi:latest.svg)](https://imagelayers.io/?images=wonderfall/lufi:latest 'Get your own badge on imagelayers.io')
+
+![](https://pix.schrodinger.io/H1JZuROt/zh7BXdOK.png)
+
+#### What is this?
+Lufi means Let's Upload that FIle.
+Is that all? No. All the files are encrypted by the browser! It means that your files never leave your computer unencrypted. The administrator of the Lufi instance you use will not be able to see what is in your file, neither will your network administrator, or your ISP.
+
+#### Environment variables
+- **GROUPID** : lufi group id. *(default : 1000)*
+- **USERID** : lufi user id. *(default : 1000)*
+- **SECRET** : random string used to encrypt cookies. *(default : ZyCnLAhYKBIJrukuKZZJ)*
+- **CONTACT** : lufi contact. *(default : contact@domain.tld)*
+- **MAX_FILE_SIZE** : maximum file size of an uploaded file in bytes. *(default : 1GB)*
+- **WEBROOT** : webroot of lufi. *(default : /)*
+- **DOMAIN** : domain used with lufi. *(default : domain.tld)*
+
+*Tip : you can use the following command to generate SECRET.*
+`cat /dev/urandom | tr -dc 'a-zA-Z' | fold -w 20 | head -n 1`
+
+#### Volumes
+- **/data** : where lufi's database is stored.
+- **/files** : location of uploaded files.
+
+#### Reverse proxy
+https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+
+#### Docker-compose (example)
+```
+lufi:
+  image: wonderfall/lufi
+  environment:
+    - GROUPID=1000
+    - USERID=1000
+    - SECRET=EFDLZGzfvzvbpdghZZopg
+    - CONTACT=john.doe@domain.tld
+    - WEBROOT=/
+    - MAX_FILE_SIZE=1000000000
+    - DOMAIN=domain.tld
+  volumes:
+    - /mnt/lufi/files:/files
+    - /mnt/lufi/data:/data
+```

lufi/lufi.conf

@@ -0,0 +1,21 @@
+{
+    hypnotoad => {
+        listen => ['http://0.0.0.0:8080'],
+        proxy  => 1,
+    },
+    contact           => '<contact>',
+    secrets           => ['<secret>'],
+    length            => 8,
+    provis_step       => 5,
+    provisioning      => 100,
+    token_length      => 32,
+    max_file_size     => <max_file_size>,
+    #piwik_img        => 'https://piwik.example.org/piwik.php?idsite=1&amp;rec=1',
+    default_delay     => 1,
+    max_delay         => 0,
+    prefix            => '<webroot>',
+    allowed_domains   => ['http://<domain>', 'https://<domain>'],
+    fixed_domain      => '<domain>',
+    db_path           => '/data/lufi.db',
+    upload_dir        => '/files',
+};

lufi/run.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+deluser lufi
+addgroup --gid $GROUPID lufi
+adduser --system --shell /bin/sh --no-create-home --ingroup lufi --uid $USERID lufi
+sed -i -e 's/<contact>/'$CONTACT'/g' \
+       -e 's/<secret>/'$SECRET'/g' \
+       -e 's/<max_file_size>/'$MAX_FILE_SIZE'/g' \
+       -e 's/<domain>/'$DOMAIN'/g' \
+       -e 's|<webroot>|'$WEBROOT'|g' /lufi/lufi.conf
+chown -R lufi:lufi /lufi /data /files
+cd /lufi && su lufi -c "carton exec hypnotoad -f /lufi/script/lufi"