diff --git a/ghost/README.md b/ghost/README.md index dfce8ad..3ae1c51 100644 --- a/ghost/README.md +++ b/ghost/README.md @@ -1,23 +1,35 @@ ## wonderfall/ghost -**SIZE = ±188MB** ![](https://i.goopics.net/lt.png) -#### What is this? +#### What is this? What features? - A **simple** Ghost CMS build made for production. - It is based on Alpine Linux so it's lightweight. -- It uses node.js 5.x (version check is disabled). -- Environment variables for basic flexibility. +- It uses node.js LTS (version check is disabled). +- Environment variables, thus providing basic flexibility. +- Offers Isso and Disqus basic support (casper). +- Offers syntax highlighting using [prism.js](http://prismjs.com/) (casper). + +#### Build-time variables +- **VERSION** : version of Ghost. #### Environment variables -- **SSL** : set to *True* if you use https on your blog. -- **DOMAIN** : your domain without http(s):// -- **GID** : ghost user id. -- **UID** : ghost group id. -- **CUSTOM_SMTP** : enable SMTP if set to *True* -- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST** -- **ENABLE_ISSO** : enable Isso support if set to *True* -- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE** +- **GID** : ghost user id *(default : 991)* +- **UID** : ghost group id *(default : 991)* +- **SSL** : set to *True* if you use *https* on your blog. *(default : False)* +- **DOMAIN** : your domain (without *http(s)://*) *(default : my-ghost-blog.com)* +- **SYNTAX_HIGHLIGHTING** : enables syntax highlighting if set to *True* *(default : False)* +- **HIGHLIGHTER_COLOR** : color of syntax highlighting, *light* or *dark* *(default : light)* +- **CUSTOM_SMTP** : enables SMTP if set to *True* *(default : False)* +- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST** : SMTP settings +- **SMTP\_SENDER\_MAIL**, **SMTP\_SENDER\_NAME** : other SMTP settings +- **ENABLE_ISSO** : enables Isso support if set to *True* *(default : False)* +- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE** : Isso settings +- **ENABLE_DISQUS** : enables Disqus if set to *True* *(default : False)* +- **DISQUS_SHORTNAME** : your Disqus shortname #### Volumes - **/ghost/content** : contents of your blog, including themes + +### Ports +- **2368** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) diff --git a/isso/README.md b/isso/README.md index addd8ff..2bda161 100644 --- a/isso/README.md +++ b/isso/README.md @@ -8,18 +8,25 @@ Isso is a commenting server similar to Disqus. More info on the [official websit #### Features - Based on Alpine Linux 3.3. -- Latest Isso installed via pip. +- Latest Isso installed with `pip`. +#### Build-time variables +- **ISSO_VER** : version of Isso. +- #### Environment variables -- **GID** : isso group id. -- **UID** : isso user id. +- **GID** : isso group id *(default : 991)* +- **UID** : isso user id *(default : 991)* #### Volumes -- **/config** : configuration files. +- **/config** : location of configuration files. - **/db** : location of SQLite database. +#### Ports +- **8080** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration). + #### Example of simple configuration Here is the full documentation : https://posativ.org/isso/docs/ + ``` # /mnt/docker/isso/config/isso.conf [general] @@ -37,7 +44,4 @@ isso: volumes: - /mnt/docker/isso/config:/config - /mnt/docker/isso/db:/db -``` - -#### Reverse proxy -https://github.com/Wonderfall/dockerfiles/tree/master/reverse +``` \ No newline at end of file diff --git a/lutim/README.md b/lutim/README.md index 7458719..692e048 100644 --- a/lutim/README.md +++ b/lutim/README.md @@ -8,6 +8,9 @@ It stores images and allows you to see them, download them or share them on soci Images are indefinitly stored unless you request that they will be deleted at first view or after 24 hours / one week / one month / one year. +#### Build-time variables +- **TINI_VER** : version of `tini`. + #### Environment variables - **GROUPID** : lutim group id. *(default : 1000)* - **USERID** : lutim user id. *(default : 1000)* @@ -24,22 +27,5 @@ Images are indefinitly stored unless you request that they will be deleted at fi - **/data** : where lutim's database is stored. - **/lutim/files** : location of uploaded files. -#### Reverse proxy -https://github.com/Wonderfall/dockerfiles/tree/master/reverse - -#### Docker compose (example) -``` -lutim: - image: wonderfall/lutim - environment: - - GROUPID=1000 - - USERID=1000 - - SECRET=ZyCnLAhYKBIJrukuKZZJ - - CONTACT=user@domain.tld - - MAX_FILE_SIZE=100000000 - - WEBROOT=/ - - DOMAIN=domain.tld - volumes: - - /mnt/docker/lutim/data:/data - - /mnt/docker/lutim/files:/lutim/files -``` +#### Ports +- **8181** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration). \ No newline at end of file diff --git a/nodejs/README.md b/nodejs/README.md index b42d949..05f639b 100644 --- a/nodejs/README.md +++ b/nodejs/README.md @@ -1,4 +1,10 @@ ## wonderfall/node -**SIZE : ±38MB** ![](https://i.goopics.net/lq.png) + +Node.js built from source on Alpine Linux. Nothing else. Automated builds provide LTS only. + +#### Build-time variables +- **NODE_VER** : version of node +- **NPM_VER** : version of `npm` +- **BUILD_CORES** : number of CPU cores \ No newline at end of file diff --git a/owncloud/README.md b/owncloud/README.md index 8582a1f..155fc75 100644 --- a/owncloud/README.md +++ b/owncloud/README.md @@ -21,9 +21,15 @@ If you want some security, versioning with tags should be available since 9.0 (e.g. the next tags will be 9.1, 9.2, etc. major updates as you can notice). I do not make tags for minor updates, like 8.2.1, 8.2.2, 8.2.x, since there are only bugfixes and security patches, which are strongly recommended. +#### Build-time variables +- **OWNCLOUD_VERSION** : version of ownCloud +- **APCU_VERSION** : version of apcu pecl ext +- **APCUBC_VERSION** : version of apcu_bc pecl ext +- **GPG_owncloud** : fingerprint of the signing key + #### Environment variables -- **UID** : owncloud user id. -- **GID** : owncloud group id. +- **UID** : owncloud user id *(default : 991)* +- **GID** : owncloud group id *(default : 991)* #### Volumes - **/data** : owncloud data (your files!). @@ -101,9 +107,13 @@ db_owncloud: - MYSQL_PASSWORD=supersecretpassword ``` +#### Port +- **80** (cf Reverse Proxy). + + #### Reverse proxy -https://github.com/Wonderfall/dockerfiles/tree/master/reverse -Notice that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS). +https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration +Note that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS). #### Enjoy! -Go to your admin pannel, and check the **Security & setup warnings** section. If you see **"All checks passed"**, then you can congratulate yourself! +Go to your admin pannel, and check the **Security & setup warnings** section. If you see **"All checks passed"**, then you can congratulate yourself! \ No newline at end of file diff --git a/piwik/README.md b/piwik/README.md index e217275..6221a41 100644 --- a/piwik/README.md +++ b/piwik/README.md @@ -6,17 +6,19 @@ It is a web analytics platform. Piwik respects your privacy and gives you full control over your data. #### Features -- Based on Alpine Linux 3.3 : lightweight and secure. -- Functional installation. Pull and run. +- Based on Alpine Linux. - Latest Piwik stable. -- nginx stable + php-fpm stable. -- pdo_mysql and mysqli available (mysql server not built-in). +- nginx stable + PHP7. +- mysql drivers (server not built-in). - Latest GeoLite City Database from maxmind.com. -- External + automatic backup of configuration. + +#### Build-time variables +- **VERSION** : version of Piwik +- **GPG_matthieu** : fingerprint of signing key #### Environment variables -- **GID** : piwik group id. -- **UID** : piwik user id. +- **GID** : piwik group id *(default : 991)* +- **UID** : piwik user id *(default : 991)* #### Volumes - **/config** : configuration files @@ -28,6 +30,7 @@ Piwik can update itself. It works well. I'm also maintaing this Dockerfile, so i According to Piwik, everything should be fine running this image. You shoudn't have any difficulties to setup your own instance of Piwik. Your `/config/config.ini.php` overwrites the one (in `/piwik/config`)used by Piwik each time the container is started. Moreover, the old config.ini.php is saved as `/config/config.ini.php.bkp` if you want to revert last changes. This should also guarantee transparency through Piwik's updates. If you're running Piwik behind a reverse proxy (most likely you do), add this to your `config.ini.php` : + ``` [General] #assume_secure_protocol = 1 #uncomment if you use https @@ -37,7 +40,9 @@ proxy_host_headers[] = HTTP_X_FORWARDED_HOST ``` #### Reverse proxy +Use port **80**. https://github.com/Wonderfall/dockerfiles/tree/master/reverse +https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration #### Docker Compose (example) ``` @@ -60,6 +65,4 @@ db_piwik: - MYSQL_DATABASE=piwik - MYSQL_USER=piwik - MYSQL_PASSWORD=asupersecretpassword -``` - - +``` \ No newline at end of file diff --git a/rainloop/README.md b/rainloop/README.md index 35fdb17..0c99aef 100644 --- a/rainloop/README.md +++ b/rainloop/README.md @@ -3,43 +3,25 @@ ![](https://i.goopics.net/nI.png) #### What is this? -Rainloop is a SIMPLE, MODERN & FAST WEB-BASED EMAIL CLIENT. More info on the [official website](http://www.rainloop.net/). +Rainloop is a simple, modern & fast web-based client. More info on the [official website](http://www.rainloop.net/). #### Features - Based on Alpine 3.3 -- Latest Rainloop **Community Edition** (stable) -- Extremely lightweight +- Latest Rainloop **Community Edition** - Contacts (DB) : sqlite, or mysql (server not built-in) +- nginx + PHP7 + + +#### Build-time variables +- **GPG_rainloop** : fingerprint of signing key #### Environment variables -- **GID** : rainloop group id. -- **UID** : rainloop user id. +- **GID** : rainloop group id *(default : 991)* +- **UID** : rainloop user id *(default : 991)* #### Volumes -- **/rainloop/data** : rainloop's data - -#### Docker Compose (example) -``` -rainloop: - image: wonderfall/rainloop - environment: - - GID=1000 - - UID=1000 - volumes: - - /mnt/rainloop:/rainloop/data - -# if using mysql as contacts database - -db_rainloop: - image: mariadb:10 - volumes: - - /mnt/rainloop/db:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=supersecretpassword - - MYSQL_DATABASE=rainloop - - MYSQL_USER=rainloop - - MYSQL_PASSWORD=supersecretpassword -``` +- **/rainloop/data** : data files. #### Reverse proxy https://github.com/Wonderfall/dockerfiles/tree/master/reverse +https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration \ No newline at end of file diff --git a/reverse/README.md b/reverse/README.md index b3d72c9..5cd37d6 100644 --- a/reverse/README.md +++ b/reverse/README.md @@ -1,123 +1,42 @@ ## wonderfall/reverse -**SIZE : ±39MB** ![](https://i.goopics.net/lv.jpg) ![](https://i.goopics.net/lL.png) ![](https://upload.wikimedia.org/wikipedia/en/2/25/LibreSSL_logo.jpg) #### What is this? -It is nginx latest mainline statically linked against LibreSSL latest snapshot, with embedded Brotli support. -Secured by default (no root processes, even the master one). I made this image for my own purpose, but I added some flexibility so you can use it easily. +It is nginx statically linked against LibreSSL, with embedded Brotli support. Secured by default (no root processes, even the master one). #### Features -- Based on Alpine Linux (3.3) : lightweight and secure distribution. -- nginx mainline + LibreSSL snapshot +- Based on Alpine Linux. +- nginx built against LibreSSL. - HTTP/2 support. - Brotli compression support. -- No root master process. Better security. +- No root master process. - AIO Threads support. - No unnessary modules. - Optimized nginx configuration. #### Notes It is required to : -- chown your certs files with the right uid/pid (no other way) + +- chown your certs files with the right uid/pid - change `listen` directive to 8000/4430 instead of 80/443 -By the way, it is recommended to **build this image** (using docker-compose 1.6 and later for args compatibily) directly instead of pulling it from Docker Hub. +LibreSSL recommends Linux 3.17+. #### Volumes -- **/sites-enabled** : should contain your vhosts files (.conf) -- **/conf.d** : additional configuration files if you want +- **/sites-enabled** : vhosts files (*.conf) +- **/conf.d** : additional configuration files - **/certs** : SSL/TLS certificates -- **/var/log/nginx** : nginx logs (access and error) +- **/var/log/nginx** : nginx logs +- **/passwds** : authentication files -#### Build arguments -- **NGINX_VER** : nginx's version, change it if needed but the default version is tested -- **LIBRESSL_VER** : same as NGINX_VER +#### Build-time variables +- **NGINX_VERSION** : version of nginx +- **LIBRESSL_VERSION** : version of LibreSSL + +#### Environment variables - **GID** : nginx group id *(default : 991)* - **UID** : nginx user id *(default : 991)* -#### Source (Dockerfile) -https://github.com/Wonderfall/dockerfiles/tree/master/reverse - -#### Examples : compose, vhost, TLS conf - -**NOTES** : -- compose file must use version 2. [See more here](https://docs.docker.com/compose/compose-file/#version-2:91de898b5f5cdb090642a917d3dedf68). -- Docker 1.10+ and docker-compose 1.6+ are needed. -- if you're using docker-compose inside a container, pay attention to `context`. - -``` -# docker-compose.yml -nginx: - #image: wonderfall/reverse - build: - context: /path/to/reverse/dockerfile - dockerfile: Dockerfile - args: - - NGINX_VER=1.9.10 - - LIBRESSL_VER=2.3.2 - - GID=1000 - - UID=1000 - - BUILD_CORES=8 - ports: - - "80:8000" - - "443:4430" - links: - - container_1:container_1 - - container_2:container_2 - - container_n:container_n - volumes: - - /mnt/docker/nginx/sites:/sites-enabled - - /mnt/docker/nginx/conf:/conf.d - - /etc/letsencrypt:/certs - - /mnt/docker/nginx/log:/var/log/nginx -``` - -``` -# /mnt/docker/nginx/sites/service.conf -server { - listen 8000; - server_name service.domain.tld; - return 301 https://$host$request_uri; -} - -server { - listen 4430 ssl http2; - server_name service.domain.tld; - ssl_certificate /certs/live/service.domain.tld/fullchain.pem; - ssl_certificate_key /certs/live/service.domain.tld/privkey.pem; - include /conf.d/ssl_params.conf; - include /conf.d/headers.conf; - #client_max_body_size 10M; #(M = Megabytes / G = Gigabytes) - - location / { - proxy_pass http://container_n:$PORT; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Remote-Port $remote_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_redirect off; - } -} -``` - -``` -# /mnt/docker/conf/ssl_params.conf -ssl_protocols TLSv1.2; -ssl_ciphers "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"; -ssl_prefer_server_ciphers on; -ssl_ecdh_curve secp384r1; - -ssl_session_cache shared:SSL:10m; -ssl_session_timeout 5m; -ssl_session_tickets off; -``` - -``` -# /mnt/docker/conf/headers.conf -add_header Strict-Transport-Security "max-age=31536000"; -add_header X-Frame-Options SAMEORIGIN; -add_header X-Content-Type-Options nosniff; -add_header X-XSS-Protection "1; mode=block"; -``` +#### How to use it? +https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration diff --git a/rutorrent/README.md b/rutorrent/README.md index 476377c..75fbef7 100644 --- a/rutorrent/README.md +++ b/rutorrent/README.md @@ -4,57 +4,21 @@ Originally forked from [xataz/rutorrent](https://github.com/xataz/dockerfiles/tr #### What is this? This container contains both rtorrent (whis is a BitTorrent client) and rutorrent (which is a front-end for rtorrent). Filebolt is also included, the default behavior is set to create clean symlinks, so media players like Emby/Plex can easily detect your TV shows and movies. +![](https://pix.schrodinger.io/KDVxwnJA/nEMCzJEd.jpg) #### Main features - Lightweight, since it's based on Alpine Linux. - Everything is almost compiled from source. - Secured, don't bother about configuration files. -- Filebot is included, and creates symlinks in /data/Media. -- FlatUI themes for rutorrent are included. +- Filebot is included, and creates symlinks in `/data/Media`. +- rutorrent : Material theme by phlo set by default. +- rutorrent : nginx + PHP7. #### Ports -There's one port to bind to your host (both tcp/udp) : 49184 (arbitrary chosen). + +- **49184** (bind it). +- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) #### Volumes -- **/data** : your files, symlinks, etc. everything you must care of. -- **/var/www/torrent/share/users** : rutorrent settings, as you don't want them to go away each time you update the container. - -#### How to use it? -Basically you just have to run the container behind a reverse proxy. -This may help you : https://hub.docker.com/r/wonderfall/reverse/ - -Here is an example of a docker-compose.yml file : - -``` -nginx: - image: wonderfall/reverse:1.9 - container_name: nginx - environment: - - UID=1000 - - GID=1000 - ports: - - "80:8000" - - "443:4430" - links: - - rutorrent:rutorrent - volumes: - - /home/docker/nginx/sites:/sites-enabled - - /home/docker/nginx/conf:/conf.d - - /home/docker/nginx/passwds:/passwds - - /home/docker/nginx/log:/var/log/nginx - - /home/docker/nginx/certs:/certs - -rutorrent: - image: wonderfall/rutorrent - container_name: rutorrent - environment: - - WEBROOT=/ - - UID=1000 - - GID=1000 - ports: - - "49184:49184" - - "49184:49184/udp" - volumes: - - /home/user/seedbox:/data - - /home/user/seedbox/rutorrent:/var/www/torrent/share/users -``` +- **/data** : your files, symlinks, and so on. +- **/var/www/torrent/share/users** : rutorrent settings. \ No newline at end of file diff --git a/searx/README.md b/searx/README.md index 732e7b3..909fcf3 100644 --- a/searx/README.md +++ b/searx/README.md @@ -6,25 +6,14 @@ Searx is a metasearch engine, inspired by the seeks project. It provides basic privacy by mixing your queries with searches on other platforms without storing search data. Queries are made using a POST request on every browser (except chrome*). Therefore they show up in neither our logs, nor your url history. In case of Chrome* users there is an exception, Searx uses the search bar to perform GET requests. Searx can be added to your browser's search bar; moreover, it can be set as the default search engine. -#### Tags -- `latest` : latest code from [asciimoo/searx](https://github.com/asciimoo/searx) -- `release`, `0.8.1` : latest stable released - -#### Secret key -When the container starts the first time, it generates a new secret key. It doesn't depend on the build, so no one can know your key. +#### Features +- Based on Alpine Linux. +- Latest code from [asciimoo/searx](https://github.com/asciimoo/searx) +- A unique secret key is generated when booting the first time. #### Environment variables -- **IMAGE_PROXY** is a boolean value (True or False, False by default), it can enable proxying through the searx instance (useful for public instances because it doesn't break TLS connection). -- **BASE_URL** should be set if searx is used behind a custom domain name (http address or False, False by default). +- **IMAGE_PROXY** : enables images proxying *(default : False)* +- **BASE_URL** : http://domain.tld *(default : False)* -#### Docker Compose (example) -``` -searx: - image: wonderfall/searx:latest - environment: - - BASE_URL="https://searx.domain.tld" - - IMAGE_PROXY=True -``` - -#### Reverse proxy -https://github.com/Wonderfall/dockerfiles/tree/master/reverse +#### Ports +- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) diff --git a/selfoss/README.md b/selfoss/README.md index 9f58be2..786252f 100644 --- a/selfoss/README.md +++ b/selfoss/README.md @@ -1,4 +1,4 @@ -# hardware/selfoss +# wonderfall/selfoss ![selfoss](https://i.imgur.com/8hJyBgk.png "selfoss") diff --git a/subsonic/README.md b/subsonic/README.md index cf5f155..9a05c91 100644 --- a/subsonic/README.md +++ b/subsonic/README.md @@ -5,6 +5,9 @@ #### What is Subsonic? Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, OGG, AAC and other streamable audio and video formats. Indeed, this build comes with **transcoding abilities**. +#### Build-time variables +- **VERSION** : version of subsonic + #### Environment variables - **GID** : subsonic group id. - **UID** : subsonic user id. @@ -13,28 +16,7 @@ Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, O - **/musics** : your music files - **/data** : subsonic data -#### Docker Compose (example) -``` -subsonic: - image: wonderfall/subsonic - volumes: - - /mnt/music:/musics - - /mnt/subsonic:/data - environment: - - GID=1000 - - UID=1000 -``` #### Reverse proxy https://github.com/Wonderfall/dockerfiles/tree/master/reverse -Working configuration with HTTPS : - -``` - location / { - proxy_pass http://subsonic:4040; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Remote-Port $remote_port; - proxy_set_header X-Forwarded-Proto $scheme; - } -``` +https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration \ No newline at end of file diff --git a/tor/README.md b/tor/README.md new file mode 100644 index 0000000..5e369e6 --- /dev/null +++ b/tor/README.md @@ -0,0 +1,29 @@ +## wonderfall/tor + +![](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/612px-Tor-logo-2011-flat.svg.png) + +#### Features +- Based on Alpine Linux. +- Tor built from source. +- ARM included, allowing real-time monitoring. + +#### Usages +- As a relay ([french article](https://cats.schrodinger.io/un-relais-tor-avec-docker/)). +- As a hidden service dir. + +### Build-time variables +- **TOR_VERSION** : version of Tor. +- **TOR_USER_ID** : tor user id *(default : 45553)* +- **ARM_VERSION** : version of ARM +- **GPG_** : fingerprints of signing keys + +#### Environment variables +- **TERM** = xterm (ARM requirement) + +#### Volumes +- **/usr/local/etc/tor** : tor configuration files. +- **/tordata** : tor data. + +#### Ports +- **9001** (bind it) : ORPort. +- **9030** (bind it) : DirPort. \ No newline at end of file diff --git a/zerobin/README.md b/zerobin/README.md new file mode 100644 index 0000000..91106aa --- /dev/null +++ b/zerobin/README.md @@ -0,0 +1,18 @@ +## wonderfall/zerobin + +Paste securely. + +#### Features +- Based on Alpine Linux. +- [elrido's zerobin fork](https://github.com/elrido/ZeroBin) +- nginx + PHP7. + +#### Environment variables +- **UID** : zerobin user id +- **GID** : zerobin group id + +#### Volumes +- **/zerobin/data** + +#### Ports +- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) \ No newline at end of file