hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity

clean up

Browse Source
This commit is contained in:
Wonderfall 2017-01-16 22:15:10 +01:00
parent 77fee1694f
commit 321e04e9d5
41 changed files with 0 additions and 1424 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
lutim/Dockerfile
View File

@ -1,47 +0,0 @@
FROM debian:jessie
MAINTAINER Wonderfall <wonderfall@mondedie.fr>
ARG TINI_VER=0.9.0
ENV USERID=1000 \
GROUPID=1000 \
SECRET=ZyCnLAhYKBIJrukuKZZJ \
CONTACT=contact@domain.tld \
MAX_FILE_SIZE=100000000 \
WEBROOT=/ \
DOMAIN=domain.tld
RUN apt-get update && apt-get install -y --no-install-recommends --no-install-suggests \
wget \
git \
perl \
make \
gcc \
ca-certificates \
libssl-dev \
shared-mime-info \
perlmagick \
&& cpan install Carton \
&& git clone https://framagit.org/luc/lutim.git --depth=1 \
&& cd /lutim \
&& carton install \
&& wget -q https://github.com/krallin/tini/releases/download/v$TINI_VER/tini_$TINI_VER.deb -P /tmp \
&& dpkg -i /tmp/tini_$TINI_VER.deb \
&& apt-get purge -y \
wget \
git \
make \
gcc \
libssl-dev \
ca-certificates \
&& apt-get autoremove --purge -y && apt-get clean \
&& rm -rf /var/lib/apt/lists/* /root/.cpan* /lutim/local/cache/* /lutim/utilities /tmp/*
COPY run.sh /usr/local/bin/run.sh
COPY lutim.conf /lutim/lutim.conf
RUN chmod +x /usr/local/bin/run.sh
EXPOSE 8181
VOLUME /data /lutim/files
CMD ["tini","--","run.sh"]

31
lutim/README.md
View File

@ -1,31 +0,0 @@
## wonderfall/lutim
![](https://i.goopics.net/rf.png)
#### What is this?
LUTIM means Let's Upload That Image.
It stores images and allows you to see them, download them or share them on social networks. From version 0.5, the gif images can be displayed as animated gifs in Twitter, but you need a HTTPS server (Twitter requires that. Lutim detects if you have a HTTPS server and displays an static image twitter card if you don't);
Images are indefinitly stored unless you request that they will be deleted at first view or after 24 hours / one week / one month / one year.
#### Build-time variables
- **TINI_VER** : version of `tini`.
#### Environment variables
- **GROUPID** : lutim group id. *(default : 1000)*
- **USERID** : lutim user id. *(default : 1000)*
- **SECRET** : random string used to encrypt cookies. *(default : ZyCnLAhYKBIJrukuKZZJ)*
- **CONTACT** : lutim contact. *(default : contact@domain.tld)*
- **MAX_FILE_SIZE** : maximum file size of an uploaded file in bytes. *(default : 1GB)*
- **WEBROOT** : webroot of lutim. *(default : /)*
- **DOMAIN** : your domain used with lutim *(default : domain.tld)*
*Tip : you can use the following command to generate SECRET.*
`cat /dev/urandom | tr -dc 'a-zA-Z' | fold -w 20 | head -n 1`
#### Volumes
- **/data** : where lutim's database is stored.
- **/lutim/files** : location of uploaded files.
#### Ports
- **8181** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration).

24
lutim/lutim.conf
View File

@ -1,24 +0,0 @@
{
hypnotoad => {
listen => ['http://0.0.0.0:8181'],
},
contact => '<contact>',
secrets => ['<secret>'],
length => 8,
crypto_key_length => 8,
provis_step => 5,
provisioning => 100,
anti_flood_delay => 5,
max_file_size => <max_file_size>,
allowed_domains => ['http://<domain>', 'https://<domain>'],
default_delay => 1,
max_delay => 0,
always_encrypt => 1,
token_length => 24,
stats_day_num => 365,
keep_ip_during => 365,
policy_when_full => 'warn',
prefix => '<webroot>',
db_path => '/data/lutim.db',
delete_no_longer_viewed_files => 90
};

11
lutim/run.sh
View File

@ -1,11 +0,0 @@
#!/bin/bash
deluser lutim
addgroup --gid $GROUPID lutim
adduser --system --shell /bin/sh --no-create-home --ingroup lutim --uid $USERID lutim
sed -i -e 's/<contact>/'$CONTACT'/g' \
-e 's/<secret>/'$SECRET'/g' \
-e 's/<max_file_size>/'$MAX_FILE_SIZE'/g' \
-e 's/<domain>/'$DOMAIN'/g' \
-e 's|<webroot>|'$WEBROOT'|g' /lutim/lutim.conf
chown -R lutim:lutim /lutim /data
cd /lutim && exec su lutim -c "carton exec hypnotoad -f /lutim/script/lutim"

124
nginx/Dockerfile
View File

@ -1,124 +0,0 @@
FROM alpine:3.4
MAINTAINER Wonderfall <wonderfall@schrodinger.io>
ENV UID=991 GID=991
ARG NGINX_VERSION=1.11.4
ARG LIBRESSL_VERSION=2.5.0
ARG GPG_LIBRESSL="A1EB 079B 8D3E B92B 4EBD 3139 663A F51B D5E4 D8D5"
ARG GPG_NGINX="B0F4 2533 73F8 F6F5 10D4 2178 520A 9993 A1C0 52F8"
ARG BUILD_CORES
RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
&& NB_CORES=${BUILD_CORES-$(getconf _NPROCESSORS_CONF)} \
&& BUILD_DEPS=" \
build-base \
linux-headers \
ca-certificates \
automake \
autoconf \
git \
tar \
libtool \
pcre-dev \
zlib-dev \
binutils \
gnupg" \
&& apk -U add \
${BUILD_DEPS} \
pcre \
zlib \
libgcc \
libstdc++ \
su-exec \
openssl \
bind-tools \
tini@commuedge \
&& cd /tmp \
&& git clone https://github.com/bagder/libbrotli --depth=1 && cd libbrotli \
&& ./autogen.sh && ./configure && make -j ${NB_CORES} && make install \
&& cd /tmp \
&& git clone https://github.com/google/ngx_brotli --depth=1 \
&& git clone https://github.com/openresty/headers-more-nginx-module --depth=1 \
&& LIBRESSL_TARBALL="libressl-${LIBRESSL_VERSION}.tar.gz" \
&& wget -q http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/${LIBRESSL_TARBALL} \
&& echo "Verifying ${LIBRESSL_TARBALL} using GPG..." \
&& wget -q http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/${LIBRESSL_TARBALL}.asc \
&& wget -q http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl.asc \
&& gpg --import libressl.asc \
&& FINGERPRINT="$(LANG=C gpg --verify ${LIBRESSL_TARBALL}.asc ${LIBRESSL_TARBALL} 2>&1 \
| sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
&& if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
&& if [ "${FINGERPRINT}" != "${GPG_LIBRESSL}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
&& echo "All seems good, now unpacking ${LIBRESSL_TARBALL}..." \
&& tar xzf ${LIBRESSL_TARBALL} \
&& NGINX_TARBALL="nginx-${NGINX_VERSION}.tar.gz" \
&& wget -q https://nginx.org/download/${NGINX_TARBALL} \
&& echo "Verifying ${NGINX_TARBALL} using GPG..." \
&& wget -q https://nginx.org/download/${NGINX_TARBALL}.asc \
&& wget -q https://nginx.org/keys/mdounin.key \
&& gpg --import mdounin.key \
&& FINGERPRINT="$(LANG=C gpg --verify ${NGINX_TARBALL}.asc ${NGINX_TARBALL} 2>&1 \
| sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
&& if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
&& if [ "${FINGERPRINT}" != "${GPG_NGINX}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
&& echo "All seems good, now unpacking ${NGINX_TARBALL}..." \
&& tar xzf ${NGINX_TARBALL} && cd nginx-${NGINX_VERSION} \
&& wget -q https://raw.githubusercontent.com/felixbuenemann/sslconfig/updated-nginx-1.9.15-spdy-patch/patches/nginx_1_9_15_http2_spdy.patch -O spdy.patch \
&& patch -p1 < spdy.patch \
&& wget -q https://raw.githubusercontent.com/cloudflare/sslconfig/master/patches/nginx__dynamic_tls_records.patch \
&& patch -p1 < nginx__dynamic_tls_records.patch \
&& ./configure \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--with-cc-opt='-O3 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wno-deprecated-declarations' \
--with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' \
--with-openssl=/tmp/libressl-${LIBRESSL_VERSION} \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_spdy_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-file-aio \
--with-threads \
--with-pcre-jit \
--without-http_ssi_module \
--without-http_scgi_module \
--without-http_uwsgi_module \
--without-http_geo_module \
--without-http_autoindex_module \
--without-http_map_module \
--without-http_split_clients_module \
--without-http_memcached_module \
--without-http_empty_gif_module \
--without-http_browser_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--add-module=/tmp/headers-more-nginx-module \
--add-module=/tmp/ngx_brotli \
&& make -j ${NB_CORES} && make install && make clean \
&& strip -s /usr/sbin/nginx \
&& apk del ${BUILD_DEPS} \
&& rm -rf /tmp/* /var/cache/apk/* /root/.gnupg
COPY nginx.conf /etc/nginx/conf/nginx.conf
COPY run.sh /usr/local/bin/run.sh
COPY ngxpasswd /usr/local/bin/ngxpasswd
COPY ngxproxy /usr/local/bin/ngxproxy
COPY vhost_http.conf /etc/nginx/conf/vhost_http.conf
COPY vhost_https.conf /etc/nginx/conf/vhost_https.conf
COPY ssl_params /etc/nginx/conf/ssl_params
COPY headers_params /etc/nginx/conf/headers_params
COPY proxy_params /etc/nginx/conf/proxy_params
RUN chmod +x /usr/local/bin/*
EXPOSE 8000 4430
VOLUME /sites-enabled /www /conf.d /passwds /certs /var/log/nginx
LABEL description="nginx built from source." \
openssl="LibreSSL ${LIBRESSL_VERSION}." \
nginx="nginx ${NGINX_VERSION}."
CMD ["run.sh"]

56
nginx/README.md
View File

@ -1,56 +0,0 @@
## wonderfall/nginx
![](https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/115px-Nginx_logo.svg.png)
#### What is this?
It is nginx statically linked against LibreSSL, with the following modules embedded : ngx_brotli (Brotli compression support) and headers_more. Secured by default (no root processes, even the master one), so it should be safe to use.
#### Features
- Based on Alpine Linux Edge.
- nginx built against **LibreSSL**.
- nginx : Cloudfare's SPDY patch.
- nginx : Cloudfare's dynamic TLS records patch.
- nginx : securely built using hardening gcc flags.
- nginx : HTTP/2 (+NPN) support.
- nginx : Brotli compression support (and configured).
- nginx : Headers More module.
- nginx : no root master process.
- nginx : AIO Threads support.
- nginx : no unnessary modules (except fastcgi).
- nginx : pcre-jit enabled.
- nginx : optimized configuration.
- ngxpasswd : generates a htpasswd file easily.
- ngxproxy : generates a *proxy vhost* after asking you a few questions.
#### Notes
It is required to chown your certs files with the right uid/pid and change the `listen` directive to 8000/4430 instead of 80/443. Linux 3.17+, and the latest Docker stable are recommended.
#### Volumes
- **/sites-enabled** : vhosts files (*.conf)
- **/conf.d** : additional configuration files
- **/certs** : SSL/TLS certificates
- **/var/log/nginx** : nginx logs
- **/passwds** : authentication files
- **/www** : put your websites there
#### Build-time variables
- **NGINX_VERSION** : version of nginx
- **LIBRESSL_VERSION** : version of LibreSSL
- **GPG_NGINX** : fingerprint of signing key package
- **GPG_LIBRESSL** : fingerprint of signing key package
- **BUILD_CORES** : number of cores you'd like to build with (default : all)
#### Environment variables
- **GID** : nginx group id *(default : 991)*
- **UID** : nginx user id *(default : 991)*
#### How to use it?
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
You can use `ngxproxy` to generate a *vhost* through an easy process : `docker exec -ti nginx ngxproxy`. `ngxpasswd` can generate htpasswd files : `docker exec -ti nginx ngxpasswd`. Both utilites are interactive so you won't feel lost.
Some configuration files located in `/etc/nginx/conf` are already provided, you can use them with the `include` directive.
- `ssl_params` : Provides a nice balance between compatibility and security.
- `headers_params` : HSTS (+ preload), XSS protection, etc.
- `proxy_params` : use with `proxy_pass`.

3
nginx/headers_params
View File

@ -1,3 +0,0 @@
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

87
nginx/nginx.conf
View File

@ -1,87 +0,0 @@
worker_processes auto;
pid /tmp/nginx.pid;
daemon off;
pcre_jit on;
events {
worker_connections 2048;
use epoll;
}
http {
limit_conn_zone $binary_remote_addr zone=limit_per_ip:10m;
limit_conn limit_per_ip 128;
limit_req_zone $binary_remote_addr zone=allips:10m rate=150r/s;
limit_req zone=allips burst=150 nodelay;
more_set_headers 'Server: secret';
include /etc/nginx/conf/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log combined;
error_log /var/log/nginx/error.log crit;
fastcgi_temp_path /tmp/fastcgi 1 2;
proxy_temp_path /tmp/proxy 1 2;
client_body_temp_path /tmp/client_body 1 2;
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 2 1k;
aio threads;
sendfile on;
keepalive_timeout 15;
keepalive_disable msie6;
keepalive_requests 100;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
gzip on;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_vary on;
gzip_disable "msie6";
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
brotli on;
brotli_static on;
brotli_buffers 16 8k;
brotli_comp_level 6;
brotli_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
include /sites-enabled/*.conf;
}

76
nginx/ngxpasswd
View File

@ -1,76 +0,0 @@
#!/bin/sh
echo
echo "Welcome to ngxpasswd utility."
echo "We're about to create a password file."
echo
cd /passwds || exit 1
while [ "$NAME" == "" ]; do
read -p "Name: " NAME
done
if [ -f "/passwds/$NAME.htpasswd" ]; then
echo "ERROR: /passwds/$NAME.htpasswd already exists."
exit 1
fi
while [ "$USER" == "" ]; do
read -p "User: " USER
done
read -p "Password (leave blank to generate one): " PASSWORD
if [ "$PASSWORD" == "" ]; then
echo "Password was not defined, generating a random one..."
PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
elif [ ${#PASSWORD} -le 6 ]; then
echo "WARNING: Non-secure password."
fi
echo -n $USER:$(openssl passwd -apr1 $PASSWORD) >> $NAME.htpasswd
chown $UID:$GID $NAME.htpasswd
chmod 640 $NAME.htpasswd
echo
echo "A new password file has been saved to /passwds/$NAME.htpasswd :"
echo "- Service : $NAME"
echo "- User : $USER"
echo "- Password : $PASSWORD"
echo
if [ -f "/sites-enabled/$NAME.conf" ] && grep -q '#auth' /sites-enabled/$NAME.conf; then
echo "vhost at /sites-enabled/$NAME.conf detected."
while [[ "$ADD" != "y" && "$ADD" != "n" ]]; do
read -p "Add authentication to $NAME.conf? [y/n]: " ADD
done
if [ "$ADD" == "y" ]; then
cd /etc/nginx/conf
sed -i -e 's/#auth/auth/g' -e "s/<NAME>/$NAME/g" /sites-enabled/$NAME.conf
echo "Automatically added, please verify. Otherwise follow these instructions."
echo
fi
fi
echo "Paste this to your vhost in order to enable auth :"
echo " auth_basic \"Who's this?\";"
echo " auth_basic_user_file /passwds/$NAME.htpasswd;"
echo
if [ "$ADD" == "y" ]; then
while [[ "$RELOAD" != "y" && "$RELOAD" != "n" ]]; do
read -p "Reload nginx now? [y/n]: " RELOAD
done
if [ "$RELOAD" == "y" ]; then
su-exec $UID:$GID nginx -s reload
echo "nginx successfully reloaded."
else
echo "Restart manually nginx to enable authentication."
fi
fi
exit 0

139
nginx/ngxproxy
View File

@ -1,139 +0,0 @@
#!/bin/sh
echo
echo "Welcome to ngxproxy utility."
echo "We're about to create a new virtual host (AKA server block)."
echo
while [ "$NAME" == "" ]; do
read -p "Name: " NAME
done
if [ -f "/sites-enabled/$NAME.conf" ]; then
echo "ERROR: /sites-enabled/$NAME.conf already exists."
exit 1
fi
while [ "$DOMAIN" == "" ]; do
read -p "Domain: " DOMAIN
done
if [ "$(dig +short $DOMAIN)" == "" ]; then
echo "WARNING: $DOMAIN couldn't be resolved: it may not work!"
echo "HINT: Is this domain correct? Did you update your DNS zone?"
fi
read -p "Webroot (default is /): " WEBROOT
if [ "$WEBROOT" == "" ]; then
WEBROOT="/"
elif [ "$WEBROOT" != "/" ]; then
echo "WARNING: You might have to add a proxy header to get your custom webroot working."
while [[ "$CONFIGURE_WEBROOT" != "y" && "$CONFIGURE_WEBROOT" != "n" ]]; do
read -p "Is it required (by the app) to configure it? [y/n]: " CONFIGURE_WEBROOT
done
if [ "$CONFIGURE_WEBROOT" == "y" ]; then
while [ "$WEBROOT_HEADER" == "" ]; do
read -p "Type the required proxy_set_header (like X-Script-Name): " WEBROOT_HEADER
done
fi
fi
while [ "$CONTAINER" == "" ]; do
read -p "Container: " CONTAINER
done
ping -c 1 $CONTAINER >/dev/null 2>&1
if [ "$?" != "0" ]; then
echo "WARNING: $CONTAINER seems to be unavailable. It may not work!"
echo "HINT: Did you correctly link the container?"
fi
read -p "Port (default is 80): " PORT
if [ "$PORT" == "" ]; then
PORT="80"
elif ! [ "$PORT" -eq "$PORT" ] 2>/dev/null; then
echo "ERROR: an integer value was expected."
exit 1
elif [ "$PORT" -gt "65535" ]; then
echo "ERROR: $PORT exceeds the maximum TCP port which is 65535"
exit 1
fi
while [[ "$HTTPS" != "y" && "$HTTPS" != "n" ]]; do
read -p "HTTPS [y/n]: " HTTPS
done
if [ "$HTTPS" == "y" ]; then
while [ ! -f "$CERTIFICATE_PATH" ]; do
read -p "Certificate path: " CERTIFICATE_PATH
done
while [ ! -f "$KEY_PATH" ]; do
read -p "Certificate key path: " KEY_PATH
done
cp -f /etc/nginx/conf/vhost_https.conf /tmp/${NAME}.conf
sed -i \
-e "s|<CERTIFICATE_PATH>|$CERTIFICATE_PATH|g" \
-e "s|<KEY_PATH>|$KEY_PATH|g" \
/tmp/$NAME.conf
while [[ "$HEADERS" != "y" && "$HEADERS" != "n" ]]; do
read -p "Secure headers [y/n]: " HEADERS
done
if [ "$HEADERS" == "y" ]; then
sed -i 's|#include /etc/nginx/conf/headers_params|include /etc/nginx/conf/headers_params|g' /tmp/$NAME.conf
fi
else
cp -f /etc/nginx/conf/vhost_http.conf /tmp/${NAME}.conf
fi
while [ "$MAX_BODY_SIZE" == "" ]; do
read -p "Max body size in MB (integer/n): " MAX_BODY_SIZE
done
if ! [ "$MAX_BODY_SIZE" -eq "$MAX_BODY_SIZE" ] 2>/dev/null && [ "$MAX_BODY_SIZE" != "n" ]; then
echo "ERROR: Incorrect value."
exit 1
fi
if [ "$MAX_BODY_SIZE" != "n" ]; then
sed -i "s|#client_max_body_size <MAX_BODY_SIZE>|client_max_body_size $MAX_BODY_SIZE|g" /tmp/$NAME.conf
fi
if [ "$CONFIGURE_WEBROOT" == "y" ]; then
sed -i "/proxy_pass/a \ \ \ \ proxy_set_header $WEBROOT_HEADER $WEBROOT;" /tmp/$NAME.conf
fi
sed -i \
-e "s|<DOMAIN>|$DOMAIN|g" \
-e "s|<CONTAINER>|$CONTAINER|g" \
-e "s|<PORT>|$PORT|g" \
-e "s|<WEBROOT>|$WEBROOT|g" \
/tmp/$NAME.conf
mv /tmp/$NAME.conf /sites-enabled/
echo
echo "Done! $NAME.conf has been generated."
while [[ "$RELOAD" != "y" && "$RELOAD" != "n" ]]; do
read -p "Reload nginx now? [y/n]: " RELOAD
done
if [ "$RELOAD" == "y" ]; then
su-exec $UID:$GID nginx -s reload
echo "nginx successfully reloaded."
else
echo "Restart manually nginx to enable this new vhost."
fi
echo
exit 0

6
nginx/proxy_params
View File

@ -1,6 +0,0 @@
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-Port $remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;

4
nginx/run.sh
View File

@ -1,4 +0,0 @@
#!/bin/sh
chown -R $UID:$GID /etc/nginx /var/log/nginx /sites-enabled /conf.d /certs /www /tmp
chmod -R 700 /certs
exec su-exec $UID:$GID /sbin/tini -- nginx

10
nginx/ssl_params
View File

@ -1,10 +0,0 @@
ssl_protocols TLSv1.2;
ssl_ecdh_curve secp384r1;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 15m;
ssl_session_tickets off;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";

14
nginx/vhost_http.conf
View File

@ -1,14 +0,0 @@
server {
listen 8000;
server_name <DOMAIN>;
#client_max_body_size <MAX_BODY_SIZE>M;
#auth_basic "Who's this?";
#auth_basic_user_file /passwds/<NAME>.htpasswd;
location <WEBROOT> {
proxy_pass http://<CONTAINER>:<PORT>;
include /etc/nginx/conf/proxy_params;
}
}

26
nginx/vhost_https.conf
View File

@ -1,26 +0,0 @@
server {
listen 8000;
server_name <DOMAIN>;
return 301 https://$host$request_uri;
}
server {
listen 4430 ssl spdy http2;
server_name <DOMAIN>;
ssl_certificate <CERTIFICATE_PATH>;
ssl_certificate_key <KEY_PATH>;
include /etc/nginx/conf/ssl_params;
include /etc/nginx/conf/headers_params;
#client_max_body_size <MAX_BODY_SIZE>M;
#auth_basic "Who's this?";
#auth_basic_user_file /passwds/<NAME>.htpasswd;
location <WEBROOT> {
proxy_pass http://<CONTAINER>:<PORT>;
include /etc/nginx/conf/proxy_params;
}
}

55
rainloop/Dockerfile
View File

@ -1,55 +0,0 @@
FROM alpine:3.4
MAINTAINER Wonderfall <wonderfall@schrodinger.io>
ARG GPG_rainloop="3B79 7ECE 694F 3B7B 70F3 11A4 ED7C 49D9 87DA 4591"
ENV UID=991 GID=991
RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
&& apk -U add \
gnupg \
nginx \
s6 \
su-exec \
php7-fpm@commuedge \
php7-curl@commuedge \
php7-iconv@commuedge \
php7-xml@commuedge \
php7-dom@commuedge \
php7-openssl@commuedge \
php7-json@commuedge \
php7-zlib@commuedge \
php7-pdo_mysql@commuedge \
php7-pdo_pgsql@commuedge \
php7-pdo_sqlite@commuedge \
php7-sqlite3@commuedge \
&& cd /tmp \
&& wget -q http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip \
&& wget -q http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip.asc \
&& wget -q http://repository.rainloop.net/RainLoop.asc \
&& echo "Verifying authenticity of rainloop-community-latest.zip using GPG..." \
&& gpg --import RainLoop.asc \
&& FINGERPRINT="$(LANG=C gpg --verify rainloop-community-latest.zip.asc rainloop-community-latest.zip 2>&1 \
| sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \
&& if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \
&& if [ "${FINGERPRINT}" != "${GPG_rainloop}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
&& echo "All seems good, now unzipping rainloop-community-latest.zip..." \
&& mkdir /rainloop && unzip -q /tmp/rainloop-community-latest.zip -d /rainloop \
&& find /rainloop -type d -exec chmod 755 {} \; \
&& find /rainloop -type f -exec chmod 644 {} \; \
&& apk del gnupg \
&& rm -rf /tmp/* /var/cache/apk/* /root/.gnupg
COPY nginx.conf /etc/nginx/nginx.conf
COPY php-fpm.conf /etc/php7/php-fpm.conf
COPY s6.d /etc/s6.d
COPY run.sh /usr/local/bin/run.sh
RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
VOLUME /rainloop/data
EXPOSE 8888
CMD ["run.sh"]

29
rainloop/README.md
View File

@ -1,29 +0,0 @@
## wonderfall/rainloop
![](https://i.goopics.net/nI.png)
#### What is this?
Rainloop is a simple, modern & fast web-based client. More info on the [official website](http://www.rainloop.net/).
#### Features
- Based on Alpine 3.3
- Latest Rainloop **Community Edition**
- Contacts (DB) : sqlite, or mysql (server not built-in)
- nginx + PHP7
#### Build-time variables
- **GPG_rainloop** : fingerprint of signing key
#### Environment variables
- **GID** : rainloop group id *(default : 991)*
- **UID** : rainloop user id *(default : 991)*
#### Volumes
- **/rainloop/data** : data files.
#### Ports
- **8888***
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration

76
rainloop/nginx.conf
View File

@ -1,76 +0,0 @@
worker_processes auto;
pid /tmp/nginx.pid;
daemon off;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log /tmp/ngx_error.log error;
sendfile on;
keepalive_timeout 15;
keepalive_disable msie6;
keepalive_requests 100;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
fastcgi_temp_path /tmp/fastcgi 1 2;
client_body_temp_path /tmp/client_body 1 2;
proxy_temp_path /tmp/proxy 1 2;
uwsgi_temp_path /tmp/uwsgi 1 2;
scgi_temp_path /tmp/scgi 1 2;
gzip on;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_vary on;
gzip_disable "msie6";
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
server {
listen 8888;
root /rainloop;
index index.php index.html;
location ^~ /data {
deny all;
}
location / {
try_files $uri $uri/ index.php;
}
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
}

11
rainloop/php-fpm.conf
View File

@ -1,11 +0,0 @@
[global]
daemonize = no
[www]
listen = /tmp/php-fpm.sock
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chdir = /

3
rainloop/run.sh
View File

@ -1,3 +0,0 @@
#!/bin/sh
chown -R $UID:$GID /rainloop /etc/nginx /etc/php7 /var/log /var/lib/nginx /tmp /etc/s6.d
exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d

3
rainloop/s6.d/.s6-svscan/finish
View File

@ -1,3 +0,0 @@
#!/bin/sh
exit 0

2
rainloop/s6.d/nginx/run
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec nginx

2
rainloop/s6.d/php/run
View File

@ -1,2 +0,0 @@
#!/bin/sh
exec php-fpm7

103
rutorrent/Dockerfile
View File

@ -1,103 +0,0 @@
FROM alpine:3.4
MAINTAINER xataz <https://github.com/xataz/dockerfiles>
MAINTAINER Wonderfall <wonderfall@schrodinger.io>
ARG MEDIAINFO_VER=0.7.85
ARG RTORRENT_VER=0.9.6
ARG LIBTORRENT_VER=0.13.6
ARG FILEBOT_VER=4.7
ARG BUILD_CORES
ENV UID=991 \
GID=991 \
WEBROOT=/ \
PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
&& NB_CORES=${BUILD_CORES-`getconf _NPROCESSORS_CONF`} \
&& BUILD_DEPS=" \
build-base \
git \
libtool \
automake \
autoconf \
wget \
tar \
subversion \
cppunit-dev \
openssl-dev \
ncurses-dev \
curl-dev \
binutils" \
&& apk -U add \
${BUILD_DEPS} \
ffmpeg \
ca-certificates \
nginx \
php7@commuedge \
php7-fpm@commuedge \
php7-json@commuedge \
curl \
gzip \
zip \
unrar \
supervisor \
geoip \
tini@commuedge \
openjdk8-jre@commuedge \
&& cd /tmp \
&& wget -q http://downloads.sourceforge.net/mktorrent/mktorrent-1.0.tar.gz \
&& tar xzvf mktorrent-1.0.tar.gz \
&& svn checkout http://svn.code.sf.net/p/xmlrpc-c/code/stable xmlrpc-c \
&& mkdir libtorrent rtorrent \
&& cd libtorrent && wget -qO- https://github.com/rakshasa/libtorrent/archive/${LIBTORRENT_VER}.tar.gz | tar xz --strip 1 \
&& cd ../rtorrent && wget -qO- https://github.com/rakshasa/rtorrent/archive/${RTORRENT_VER}.tar.gz | tar xz --strip 1 \
&& cd /tmp \
&& wget -q http://mediaarea.net/download/binary/mediainfo/${MEDIAINFO_VER}/MediaInfo_CLI_${MEDIAINFO_VER}_GNU_FromSource.tar.gz \
&& wget -q http://mediaarea.net/download/binary/libmediainfo0/${MEDIAINFO_VER}/MediaInfo_DLL_${MEDIAINFO_VER}_GNU_FromSource.tar.gz \
&& tar xzf MediaInfo_DLL_${MEDIAINFO_VER}_GNU_FromSource.tar.gz \
&& tar xzf MediaInfo_CLI_${MEDIAINFO_VER}_GNU_FromSource.tar.gz \
&& tar xzvf mktorrent-1.0.tar.gz \
&& cd /tmp/mktorrent-1.0 && make -j ${NB_CORES} && make install \
&& cd /tmp/MediaInfo_DLL_GNU_FromSource && ./SO_Compile.sh \
&& cd /tmp/MediaInfo_DLL_GNU_FromSource/ZenLib/Project/GNU/Library && make install \
&& cd /tmp/MediaInfo_DLL_GNU_FromSource/MediaInfoLib/Project/GNU/Library && make install \
&& cd /tmp/MediaInfo_CLI_GNU_FromSource && ./CLI_Compile.sh \
&& cd /tmp/MediaInfo_CLI_GNU_FromSource/MediaInfo/Project/GNU/CLI && make install \
&& cd /tmp/xmlrpc-c && ./configure && make -j ${NB_CORES} && make install \
&& cd /tmp/libtorrent && ./autogen.sh && ./configure \
&& make -j ${NB_CORES} && make install \
&& cd /tmp/rtorrent && ./autogen.sh && ./configure --with-xmlrpc-c \
&& make -j ${NB_CORES} && make install \
&& mkdir -p /var/www && cd /var/www \
&& git clone https://github.com/Novik/ruTorrent.git rutorrent --depth=1 \
&& cd /var/www/rutorrent/plugins/ \
&& git clone https://github.com/Korni22/rutorrent-logoff logoff --depth=1 \
&& git clone https://github.com/xombiemp/rutorrentMobile.git mobile --depth=1 \
&& git clone https://github.com/Ardakilic/rutorrent-pausewebui pausewebui --depth=1 \
&& cd /var/www/rutorrent/plugins/theme/themes \
&& git clone https://github.com/Phlooo/ruTorrent-MaterialDesign.git Material --depth=1 \
&& mv /var/www/rutorrent /var/www/torrent \
&& mkdir /filebot \
&& wget -q http://downloads.sourceforge.net/project/filebot/filebot/FileBot_${FILEBOT_VER}/FileBot_${FILEBOT_VER}-portable.zip -P /tmp \
&& unzip -q /tmp/FileBot_${FILEBOT_VER}-portable.zip -d /filebot \
&& strip -s /usr/local/bin/rtorrent \
&& strip -s /usr/local/bin/mediainfo \
&& apk del ${BUILD_DEPS} \
&& deluser svn && delgroup svnusers \
&& rm -rf /var/cache/apk/* /tmp/*
COPY rootfs /
RUN chmod +x /usr/bin/*
VOLUME /data /var/www/torrent/share/users
EXPOSE 80 49184 49184/udp
LABEL description="BitTorrent client with WebUI front-end" \
rtorrent="rTorrent BiTorrent client v$RTORRENT_VER" \
libtorrent="libtorrent v$LIBTORRENT_VER" \
mediainfo="mediainfo v$MEDIAINFO_VER" \
filebot="Filebot v$FILEBOT_VER"
CMD ["/sbin/tini","--","startup"]

24
rutorrent/README.md
View File

@ -1,24 +0,0 @@
## wonderfall/rutorrent
Originally forked from [xataz/rutorrent](https://github.com/xataz/dockerfiles/tree/master/rutorrent).
#### What is this?
This container contains both rtorrent (whis is a BitTorrent client) and rutorrent (which is a front-end for rtorrent). Filebolt is also included, the default behavior is set to create clean symlinks, so media players like Emby/Plex can easily detect your TV shows and movies.
![](https://pix.schrodinger.io/KDVxwnJA/nEMCzJEd.jpg)
#### Main features
- Lightweight, since it's based on Alpine Linux.
- Everything is almost compiled from source.
- Secured, don't bother about configuration files.
- Filebot is included, and creates symlinks in `/data/Media`.
- rutorrent : Material theme by phlo set by default.
- rutorrent : nginx + PHP7.
#### Ports
- **49184** (bind it).
- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)
#### Volumes
- **/data** : your files, symlinks, and so on.
- **/var/www/torrent/share/users** : rutorrent settings.

4
rutorrent/rootfs/etc/nginx/conf.d/cache.conf
View File

@ -1,4 +0,0 @@
location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
expires 30d;
access_log off;
}

6
rutorrent/rootfs/etc/nginx/conf.d/php.conf
View File

@ -1,6 +0,0 @@
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}

54
rutorrent/rootfs/etc/nginx/nginx.conf
View File

@ -1,54 +0,0 @@
user torrent;
worker_processes auto;
pid /var/run/nginx.pid;
daemon off;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log combined;
error_log /var/log/nginx/error.log error;
fastcgi_temp_path /tmp/fastcgi 1 2;
scgi_temp_path /tmp/scgi 1 2;
client_body_temp_path /tmp/client_body 1 2;
sendfile on;
keepalive_timeout 15;
keepalive_disable msie6;
keepalive_requests 100;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
gzip on;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_vary on;
gzip_disable "msie6";
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
include /sites/*.conf;
}

12
rutorrent/rootfs/etc/php7/php-fpm.conf
View File

@ -1,12 +0,0 @@
[www]
user = torrent
group = torrent
listen = /var/run/php-fpm.sock
listen.owner = torrent
listen.group = torrent
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chdir = /

174
rutorrent/rootfs/etc/php7/php.ini
View File

@ -1,174 +0,0 @@
[PHP]
engine = On
short_open_tag = Off
asp_tags = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
disable_classes =
zend.enable_gc = On
expose_php = Off
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
post_max_size = 10M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
enable_dl = Off
file_uploads = On
upload_max_filesize = 10M
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
[CLI Server]
cli_server.color = On
[Date]
[filter]
[iconv]
[intl]
[sqlite]
[sqlite3]
[Pcre]
[Pdo]
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
[mail function]
SMTP = localhost
smtp_port = 25
mail.add_x_header = On
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQL]
mysql.allow_local_infile = On
mysql.allow_persistent = On
mysql.cache_size = 2000
mysql.max_persistent = -1
mysql.max_links = -1
mysql.default_port =
mysql.default_socket =
mysql.default_host =
mysql.default_user =
mysql.default_password =
mysql.connect_timeout = 60
mysql.trace_mode = Off
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[Sybase-CT]
sybct.allow_persistent = On
sybct.max_persistent = -1
sybct.max_links = -1
sybct.min_server_severity = 10
sybct.min_client_severity = 10
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 0
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[MSSQL]
mssql.allow_persistent = On
mssql.max_persistent = -1
mssql.max_links = -1
mssql.min_error_severity = 10
mssql.min_message_severity = 10
mssql.compatibility_mode = Off
mssql.secure_connection = Off
[Assertion]
[COM]
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[mcrypt]
[dba]
[opcache]
[curl]
[openssl]

17
rutorrent/rootfs/etc/supervisor.d/supervisord.ini
View File

@ -1,17 +0,0 @@
[supervisord]
nodaemon=true
[program:rtorrent]
user=torrent
directory=/home/torrent
priority=2
redirect_stderr=true
environment=HOME="/home/torrent",PWD="/home/torrent",LOGNAME="rtorrent",USER="torrent",TERM="xterm"
startsecs=5
command=rtorrent
[program:php-fpm]
command=php-fpm7 --nodaemonize
[program:nginx]
command=nginx

23
rutorrent/rootfs/home/torrent/.rtorrent.rc
View File

@ -1,23 +0,0 @@
scgi_port = 0.0.0.0:5000
encoding_list = UTF-8
port_range = 49184-49184
port_random = no
check_hash = no
directory = /data/torrents
session = /data/.session
encryption = require,require_RC4,allow_incoming,try_outgoing
use_udp_trackers = yes
dht = off
peer_exchange = no
min_peers = 1
max_peers = 100
min_peers_seed = 1
max_peers_seed = 50
max_uploads = 15
execute = {sh,-c,/usr/bin/php7 /var/www/torrent/php/initplugins.php torrent &}
schedule = watch_directory,1,1,"load_start=/data/.watch/*.torrent"
schedule = untied_directory,5,5,"stop_untied=/data/.watch/*.torrent"
schedule = espace_disque_insuffisant,1,30,close_low_diskspace=500M
system.method.set_key=event.download.finished,filebot,"execute={/usr/bin/postdl,$d.get_base_path=,$d.get_name=,$d.get_custom1=}"
system.method.set_key=event.download.erased,filebot_cleaner,"execute={/usr/bin/postrm}"

48
rutorrent/rootfs/sites/rutorrent.conf
View File

@ -1,48 +0,0 @@
server {
listen 80 default_server;
server_name _;
charset utf-8;
index index.html index.php;
client_max_body_size 10M;
access_log /var/log/nginx/rutorrent-access.log combined;
error_log /var/log/nginx/rutorrent-error.log error;
error_page 500 502 503 504 /50x.html;
location = /50x.html { root /usr/share/nginx/html; }
root /var/www;
location = /favicon.ico {
access_log off;
log_not_found off;
}
location ^~ <webroot> {
root /var/www<folder>;
include /etc/nginx/conf.d/php.conf;
include /etc/nginx/conf.d/cache.conf;
location ~ /\.svn {
deny all;
}
location ~ /\.ht {
deny all;
}
}
location /RPC {
include scgi_params;
scgi_pass 127.0.0.1:5000;
}
location ^~ <folder>/conf/ {
deny all;
}
location ^~ <folder>/share/ {
deny all;
}
}

10
rutorrent/rootfs/usr/bin/postdl
View File

@ -1,10 +0,0 @@
#!/bin/sh
# rtorrent.rc
# system.method.set_key=event.download.finished,filebot,"execute={rtorrent-postprocess.sh,$d.get_base_path=,$d.get_name=,$d.get_custom1=}"
TORRENT_PATH="$1"
TORRENT_NAME="$2"
TORRENT_LABEL="$3"
/filebot/filebot.sh -script fn:amc --output "/data/Media" --action symlink --conflict skip -non-strict --log-file amc.log --def excludeList=amc.excludes unsorted=y music=y "seriesFormat=/data/Media/TV/{n}/Season {s.pad(2)}/{s00e00} - {t}" "animeFormat=/data/Media/Animes/{n}/{e.pad(3)} - {t}" "movieFormat=/data/Media/Movies/{n}" "musicFormat=/data/Media/Music/{n}/{fn}" "ut_dir=$TORRENT_PATH" "ut_kind=multi" "ut_title=$TORRENT_NAME" "ut_label=$TORRENT_LABEL" &

3
rutorrent/rootfs/usr/bin/postrm
View File

@ -1,3 +0,0 @@
#!/bin/sh
/filebot/filebot.sh -script fn:cleaner /data/Media

25
rutorrent/rootfs/usr/bin/startup
View File

@ -1,25 +0,0 @@
#!/bin/sh
addgroup -g ${GID} torrent && adduser -h /home/torrent -s /bin/sh -G torrent -D -u ${UID} torrent
mkdir -p /data/torrents
mkdir -p /data/.watch
mkdir -p /data/.session
mkdir -p /data/Media/Movies
mkdir -p /data/Media/TV
mkdir -p /data/Media/Animes
mkdir -p /data/Media/Music
mkdir /tmp/fastcgi /tmp/scgi /tmp/client_body
if [ $WEBROOT != "/" ]; then
sed -i 's|<webroot>|'${WEBROOT}'|g' /sites/rutorrent.conf
sed -i 's|<folder>||g' /sites/rutorrent.conf
mv /var/www/torrent /var/www${WEBROOT}
else
sed -i 's|<webroot>|/|g' /sites/rutorrent.conf
sed -i 's|<folder>|/torrent|g' /sites/rutorrent.conf
fi
chown -R torrent:torrent /data /var/www /home/torrent /var/lib/nginx /filebot /tmp
rm -f /data/.session/rtorrent.lock
/usr/bin/supervisord -c /etc/supervisord.conf

36
rutorrent/rootfs/var/www/torrent/conf/config.php
View File

@ -1,36 +0,0 @@
<?php
@define('HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 6.0; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0', true);
@define('HTTP_TIME_OUT', 30, true);
@define('HTTP_USE_GZIP', true, true);
$httpIP = null;
@define('RPC_TIME_OUT', 5, true);
@define('LOG_RPC_CALLS', false, true);
@define('LOG_RPC_FAULTS', true, true);
@define('PHP_USE_GZIP', false, true);
@define('PHP_GZIP_LEVEL', 2, true);
$schedule_rand = 10;
$do_diagnostic = true;
$log_file = '/tmp/errors.log';
$saveUploadedTorrents = true;
$overwriteUploadedTorrents = false;
$topDirectory = '/data/torrents';
$forbidUserSettings = false;
$scgi_port = 5000;
$scgi_host = "127.0.0.1";
$XMLRPCMountPoint = "/RPC";
$pathToExternals = array(
"php" => '/usr/bin/php7',
"curl" => '/usr/bin/curl',
"gzip" => '/usr/bin/gzip',
"id" => '/usr/bin/id',
"stat" => '/usr/bin/stat',
);
$localhosts = array(
"127.0.0.1",
"localhost",
);
$profilePath = '../share';
$profileMask = 0777;
$tempDirectory = null;
$canUseXSendFile = true;
$locale = "UTF8";

20
rutorrent/rootfs/var/www/torrent/conf/plugins.ini
View File

@ -1,20 +0,0 @@
[default]
enabled = user-defined
canChangeToolbar = yes
canChangeMenu = yes
canChangeOptions = yes
canChangeTabs = yes
canChangeColumns = yes
canChangeStatusBar = yes
canChangeCategory = yes
canBeShutdowned = yes
[ipad]
enabled = no
[httprpc]
enabled = no
[retrackers]
enabled = no
[rpc]
enabled = no
[rutracker_check]
enabled = no

5
rutorrent/rootfs/var/www/torrent/plugins/create/conf.php
View File

@ -1,5 +0,0 @@
<?php
$useExternal = 'mktorrent';
$pathToCreatetorrent = '/usr/local/bin/mktorrent';
$recentTrackersMaxCount = 15;

18
rutorrent/rootfs/var/www/torrent/plugins/filemanager/conf.php
View File

@ -1,18 +0,0 @@
<?php
$fm['tempdir'] = '/tmp'; // path were to store temporary data ; must be writable
$fm['mkdperm'] = 755; // default permission to set to new created directories
$pathToExternals['rar'] = '/usr/bin/rar';
$pathToExternals['zip'] = '/usr/bin/zip';
$pathToExternals['unzip'] = '/usr/bin/unzip';
$pathToExternals['tar'] = '/bin/tar';
$pathToExternals['gzip'] = '/bin/gzip';
$pathToExternals['bzip2'] = '/bin/bzip2';
$fm['archive']['types'] = array('rar', 'zip', 'tar', 'gzip', 'bzip2');
$fm['archive']['compress'][0] = range(0, 5);
$fm['archive']['compress'][1] = array('-0', '-1', '-9');
$fm['archive']['compress'][2] = $fm['archive']['compress'][3] = $fm['archive']['compress'][4] = array(0);
?>

3
rutorrent/rootfs/var/www/torrent/plugins/theme/conf.php
View File

@ -1,3 +0,0 @@
<?php
$defaultTheme = "Material"; // May be "", "Oblivion", "Dark", "Blue" or "Acid"