update readmes

ghost/README.md

@@ -1,23 +1,35 @@
 ## wonderfall/ghost
-**SIZE = ±188MB**
 
 ![](https://i.goopics.net/lt.png)
 
-#### What is this?
+#### What is this? What features?
 - A **simple** Ghost CMS build made for production.
 - It is based on Alpine Linux so it's lightweight.
-- It uses node.js 5.x (version check is disabled).
+- It uses node.js LTS (version check is disabled).
-- Environment variables for basic flexibility.
+- Environment variables, thus providing basic flexibility.
+- Offers Isso and Disqus basic support (casper).
+- Offers syntax highlighting using [prism.js](http://prismjs.com/) (casper).
+
+#### Build-time variables
+- **VERSION** : version of Ghost.
 
 #### Environment variables
-- **SSL** : set to *True* if you use https on your blog.
+- **GID** : ghost user id *(default : 991)*
-- **DOMAIN** : your domain without http(s)://
+- **UID** : ghost group id *(default : 991)*
-- **GID** : ghost user id.
+- **SSL** : set to *True* if you use *https* on your blog. *(default : False)*
-- **UID** : ghost group id.
+- **DOMAIN** : your domain (without *http(s)://*) *(default : my-ghost-blog.com)*
-- **CUSTOM_SMTP** : enable SMTP if set to *True*
+- **SYNTAX_HIGHLIGHTING** : enables syntax highlighting if set to *True* *(default : False)*
-- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST**
+- **HIGHLIGHTER_COLOR** : color of syntax highlighting, *light* or *dark* *(default : light)*
-- **ENABLE_ISSO** : enable Isso support if set to *True*
+- **CUSTOM_SMTP** : enables SMTP if set to *True* *(default : False)*
-- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE**
+- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST** : SMTP settings
+- **SMTP\_SENDER\_MAIL**, **SMTP\_SENDER\_NAME** : other SMTP settings
+- **ENABLE_ISSO** : enables Isso support if set to *True* *(default : False)*
+- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE** : Isso settings
+- **ENABLE_DISQUS** : enables Disqus if set to *True* *(default : False)*
+- **DISQUS_SHORTNAME** : your Disqus shortname
 
 #### Volumes
 - **/ghost/content** : contents of your blog, including themes
+
+### Ports
+- **2368** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)

isso/README.md

@@ -8,18 +8,25 @@ Isso is a commenting server similar to Disqus. More info on the [official websit
 
 #### Features
 - Based on Alpine Linux 3.3.
-- Latest Isso installed via pip.
+- Latest Isso installed with `pip`.
 
+#### Build-time variables
+- **ISSO_VER** : version of Isso.
+- 
 #### Environment variables
-- **GID** : isso group id.
+- **GID** : isso group id *(default : 991)*
-- **UID** : isso user id.
+- **UID** : isso user id *(default : 991)*
 
 #### Volumes
-- **/config** : configuration files.
+- **/config** : location of configuration files.
 - **/db** : location of SQLite database.
 
+#### Ports
+- **8080** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration).
+
 #### Example of simple configuration
 Here is the full documentation : https://posativ.org/isso/docs/
+
 ```
 # /mnt/docker/isso/config/isso.conf
 [general]
@@ -37,7 +44,4 @@ isso:
   volumes:
     - /mnt/docker/isso/config:/config
     - /mnt/docker/isso/db:/db
-```
+```
-
-#### Reverse proxy
-https://github.com/Wonderfall/dockerfiles/tree/master/reverse

lutim/README.md

@@ -8,6 +8,9 @@ It stores images and allows you to see them, download them or share them on soci
 
 Images are indefinitly stored unless you request that they will be deleted at first view or after 24 hours / one week / one month / one year.
 
+#### Build-time variables
+- **TINI_VER** : version of `tini`.
+
 #### Environment variables
 - **GROUPID** : lutim group id. *(default : 1000)*
 - **USERID** : lutim user id. *(default : 1000)*
@@ -24,22 +27,5 @@ Images are indefinitly stored unless you request that they will be deleted at fi
 - **/data** : where lutim's database is stored.
 - **/lutim/files** : location of uploaded files.
 
-#### Reverse proxy
+#### Ports
-https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+- **8181** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration).
-
-#### Docker compose (example)
-```
-lutim:
-  image: wonderfall/lutim
-  environment:
-    - GROUPID=1000
-    - USERID=1000
-    - SECRET=ZyCnLAhYKBIJrukuKZZJ
-    - CONTACT=user@domain.tld
-    - MAX_FILE_SIZE=100000000
-    - WEBROOT=/
-    - DOMAIN=domain.tld
-  volumes:
-    - /mnt/docker/lutim/data:/data
-    - /mnt/docker/lutim/files:/lutim/files
-```

nodejs/README.md

@@ -1,4 +1,10 @@
 ## wonderfall/node
-**SIZE : ±38MB**
 
 ![](https://i.goopics.net/lq.png)
+
+Node.js built from source on Alpine Linux. Nothing else. Automated builds provide LTS only.
+
+#### Build-time variables
+- **NODE_VER** : version of node
+- **NPM_VER** : version of `npm`
+- **BUILD_CORES** : number of CPU cores

owncloud/README.md

@@ -21,9 +21,15 @@
 
 If you want some security, versioning with tags should be available since 9.0 (e.g. the next tags will be 9.1, 9.2, etc. major updates as you can notice). I do not make tags for minor updates, like 8.2.1, 8.2.2, 8.2.x, since there are only bugfixes and security patches, which are strongly recommended.
 
+#### Build-time variables
+- **OWNCLOUD_VERSION** : version of ownCloud
+- **APCU_VERSION** : version of apcu pecl ext
+- **APCUBC_VERSION** : version of apcu_bc pecl ext
+- **GPG_owncloud** : fingerprint of the signing key
+
 #### Environment variables
-- **UID** : owncloud user id.
+- **UID** : owncloud user id *(default : 991)*
-- **GID** : owncloud group id.
+- **GID** : owncloud group id *(default : 991)*
 
 #### Volumes
 - **/data** : owncloud data (your files!).
@@ -101,9 +107,13 @@ db_owncloud:
     - MYSQL_PASSWORD=supersecretpassword
 ```
 
+#### Port
+- **80** (cf Reverse Proxy).
+
+
 #### Reverse proxy
-https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
-Notice that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS).
+Note that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS).
 
 #### Enjoy!
-Go to your admin pannel, and check the **Security & setup warnings** section. If you see **"All checks passed"**, then you can congratulate yourself!
+Go to your admin pannel, and check the **Security & setup warnings** section. If you see **"All checks passed"**, then you can congratulate yourself!

piwik/README.md

@@ -6,17 +6,19 @@
 It is a web analytics platform. Piwik respects your privacy and gives you full control over your data.
 
 #### Features
-- Based on Alpine Linux 3.3 : lightweight and secure.
+- Based on Alpine Linux.
-- Functional installation. Pull and run.
 - Latest Piwik stable.
-- nginx stable + php-fpm stable.
+- nginx stable + PHP7.
-- pdo_mysql and mysqli available (mysql server not built-in).
+- mysql drivers (server not built-in).
 - Latest GeoLite City Database from maxmind.com.
-- External + automatic backup of configuration.
+
+#### Build-time variables
+- **VERSION** : version of Piwik
+- **GPG_matthieu** : fingerprint of signing key
 
 #### Environment variables
-- **GID** : piwik group id.
+- **GID** : piwik group id *(default : 991)*
-- **UID** : piwik user id.
+- **UID** : piwik user id *(default : 991)*
 
 #### Volumes
 - **/config** : configuration files
@@ -28,6 +30,7 @@ Piwik can update itself. It works well. I'm also maintaing this Dockerfile, so i
 According to Piwik, everything should be fine running this image. You shoudn't have any difficulties to setup your own instance of Piwik. Your `/config/config.ini.php` overwrites the one (in `/piwik/config`)used by Piwik each time the container is started. Moreover, the old config.ini.php is saved as `/config/config.ini.php.bkp` if you want to revert last changes. This should also guarantee transparency through Piwik's updates.
 
 If you're running Piwik behind a reverse proxy (most likely you do), add this to your `config.ini.php` :
+
 ```
 [General]
 #assume_secure_protocol = 1 #uncomment if you use https
@@ -37,7 +40,9 @@ proxy_host_headers[] = HTTP_X_FORWARDED_HOST
 ```
 
 #### Reverse proxy
+Use port **80**.
 https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
 
 #### Docker Compose (example)
 ```
@@ -60,6 +65,4 @@ db_piwik:
     - MYSQL_DATABASE=piwik
     - MYSQL_USER=piwik
     - MYSQL_PASSWORD=asupersecretpassword
-```
+```
-
-

rainloop/README.md

@@ -3,43 +3,25 @@
 ![](https://i.goopics.net/nI.png)
 
 #### What is this?
-Rainloop is a SIMPLE, MODERN & FAST WEB-BASED EMAIL CLIENT. More info on the [official website](http://www.rainloop.net/).
+Rainloop is a simple, modern & fast web-based client. More info on the [official website](http://www.rainloop.net/).
 
 #### Features
 - Based on Alpine 3.3
-- Latest Rainloop **Community Edition** (stable)
+- Latest Rainloop **Community Edition**
-- Extremely lightweight
 - Contacts (DB) : sqlite, or mysql (server not built-in)
+- nginx + PHP7
+
+
+#### Build-time variables
+- **GPG_rainloop** : fingerprint of signing key
 
 #### Environment variables
-- **GID** : rainloop group id.
+- **GID** : rainloop group id *(default : 991)*
-- **UID** : rainloop user id.
+- **UID** : rainloop user id *(default : 991)*
 
 #### Volumes
-- **/rainloop/data** : rainloop's data
+- **/rainloop/data** : data files.
-
-#### Docker Compose (example)
-```
-rainloop:
-  image: wonderfall/rainloop
-  environment:
-    - GID=1000
-    - UID=1000
-  volumes:
-    - /mnt/rainloop:/rainloop/data
-
-# if using mysql as contacts database
-
-db_rainloop:
-  image: mariadb:10
-  volumes:
-    - /mnt/rainloop/db:/var/lib/mysql
-  environment:
-    - MYSQL_ROOT_PASSWORD=supersecretpassword
-    - MYSQL_DATABASE=rainloop
-    - MYSQL_USER=rainloop
-    - MYSQL_PASSWORD=supersecretpassword
-```
 
 #### Reverse proxy
 https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration

reverse/README.md

@@ -1,123 +1,42 @@
 ## wonderfall/reverse
-**SIZE : ±39MB**
 
 ![](https://i.goopics.net/lv.jpg) ![](https://i.goopics.net/lL.png) ![](https://upload.wikimedia.org/wikipedia/en/2/25/LibreSSL_logo.jpg)
 
 #### What is this?
-It is nginx latest mainline statically linked against LibreSSL latest snapshot, with embedded Brotli support.
+It is nginx statically linked against LibreSSL, with embedded Brotli support. Secured by default (no root processes, even the master one).
-Secured by default (no root processes, even the master one). I made this image for my own purpose, but I added some flexibility so you can use it easily.
 
 #### Features
-- Based on Alpine Linux (3.3) : lightweight and secure distribution.
+- Based on Alpine Linux.
-- nginx mainline + LibreSSL snapshot
+- nginx built against LibreSSL.
 - HTTP/2 support.
 - Brotli compression support.
-- No root master process. Better security.
+- No root master process.
 - AIO Threads support.
 - No unnessary modules.
 - Optimized nginx configuration.
 
 #### Notes
 It is required to :
-- chown your certs files with the right uid/pid (no other way)
+
+- chown your certs files with the right uid/pid
 - change `listen` directive to 8000/4430 instead of 80/443
 
-By the way, it is recommended to **build this image** (using docker-compose 1.6 and later for args compatibily) directly instead of pulling it from Docker Hub.
+LibreSSL recommends Linux 3.17+.
 
 #### Volumes
-- **/sites-enabled** : should contain your vhosts files (.conf)
+- **/sites-enabled** : vhosts files (*.conf)
-- **/conf.d** : additional configuration files if you want
+- **/conf.d** : additional configuration files
 - **/certs** : SSL/TLS certificates
-- **/var/log/nginx** : nginx logs (access and error)
+- **/var/log/nginx** : nginx logs
+- **/passwds** : authentication files
 
-#### Build arguments
+#### Build-time variables
-- **NGINX_VER** : nginx's version, change it if needed but the default version is tested
+- **NGINX_VERSION** : version of nginx
-- **LIBRESSL_VER** : same as NGINX_VER
+- **LIBRESSL_VERSION** : version of LibreSSL
+
+#### Environment variables
 - **GID** : nginx group id *(default : 991)*
 - **UID** : nginx user id *(default : 991)*
 
-#### Source (Dockerfile)
+#### How to use it?
-https://github.com/Wonderfall/dockerfiles/tree/master/reverse
+https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
-
-#### Examples : compose, vhost, TLS conf
-
-**NOTES** : 
-- compose file must use version 2. [See more here](https://docs.docker.com/compose/compose-file/#version-2:91de898b5f5cdb090642a917d3dedf68).
-- Docker 1.10+ and docker-compose 1.6+ are needed.
-- if you're using docker-compose inside a container, pay attention to `context`.
-
-```
-# docker-compose.yml
-nginx:
-  #image: wonderfall/reverse
-  build:
-    context: /path/to/reverse/dockerfile
-    dockerfile: Dockerfile
-    args:
-      - NGINX_VER=1.9.10
-      - LIBRESSL_VER=2.3.2
-      - GID=1000
-      - UID=1000
-      - BUILD_CORES=8
-  ports:
-    - "80:8000"
-    - "443:4430"
-  links:
-    - container_1:container_1
-    - container_2:container_2
-    - container_n:container_n
-  volumes:
-    - /mnt/docker/nginx/sites:/sites-enabled
-    - /mnt/docker/nginx/conf:/conf.d
-    - /etc/letsencrypt:/certs
-    - /mnt/docker/nginx/log:/var/log/nginx
-```
-
-```
-# /mnt/docker/nginx/sites/service.conf
-server {
-  listen 8000;
-  server_name service.domain.tld;
-  return 301 https://$host$request_uri;
-}
-
-server {
-  listen 4430 ssl http2;
-  server_name service.domain.tld;
-  ssl_certificate /certs/live/service.domain.tld/fullchain.pem;
-  ssl_certificate_key /certs/live/service.domain.tld/privkey.pem;
-  include /conf.d/ssl_params.conf;
-  include /conf.d/headers.conf;
-  #client_max_body_size 10M; #(M = Megabytes / G = Gigabytes)
-
-  location / {
-      proxy_pass http://container_n:$PORT;
-      proxy_set_header        Host                 $host;
-      proxy_set_header        X-Real-IP            $remote_addr;
-      proxy_set_header        X-Forwarded-For      $proxy_add_x_forwarded_for;
-      proxy_set_header        X-Remote-Port        $remote_port;
-      proxy_set_header        X-Forwarded-Proto    $scheme;
-      proxy_redirect          off;
-  }
-}
-```
-
-```
-# /mnt/docker/conf/ssl_params.conf
-ssl_protocols TLSv1.2;
-ssl_ciphers "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256";
-ssl_prefer_server_ciphers on;
-ssl_ecdh_curve secp384r1;
-
-ssl_session_cache shared:SSL:10m;
-ssl_session_timeout 5m;
-ssl_session_tickets off;
-```
-
-```
-# /mnt/docker/conf/headers.conf
-add_header Strict-Transport-Security "max-age=31536000";
-add_header X-Frame-Options SAMEORIGIN;
-add_header X-Content-Type-Options nosniff;
-add_header X-XSS-Protection "1; mode=block";
-```

rutorrent/README.md

@@ -4,57 +4,21 @@ Originally forked from [xataz/rutorrent](https://github.com/xataz/dockerfiles/tr
 #### What is this?
 This container contains both rtorrent (whis is a BitTorrent client) and rutorrent (which is a front-end for rtorrent). Filebolt is also included, the default behavior is set to create clean symlinks, so media players like Emby/Plex can easily detect your TV shows and movies.
 
+![](https://pix.schrodinger.io/KDVxwnJA/nEMCzJEd.jpg)
 
 #### Main features
 - Lightweight, since it's based on Alpine Linux.
 - Everything is almost compiled from source.
 - Secured, don't bother about configuration files.
-- Filebot is included, and creates symlinks in /data/Media.
+- Filebot is included, and creates symlinks in `/data/Media`.
-- FlatUI themes for rutorrent are included.
+- rutorrent : Material theme by phlo set by default.
+- rutorrent : nginx + PHP7.
 
 #### Ports
-There's one port to bind to your host (both tcp/udp) : 49184 (arbitrary chosen).
+
+- **49184** (bind it).
+- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)
 
 #### Volumes
-- **/data** : your files, symlinks, etc. everything you must care of.
+- **/data** : your files, symlinks, and so on.
-- **/var/www/torrent/share/users** : rutorrent settings, as you don't want them to go away each time you update the container.
+- **/var/www/torrent/share/users** : rutorrent settings.
-
-#### How to use it?
-Basically you just have to run the container behind a reverse proxy.
-This may help you : https://hub.docker.com/r/wonderfall/reverse/
-
-Here is an example of a docker-compose.yml file :
-
-```
-nginx:
-  image: wonderfall/reverse:1.9
-  container_name: nginx
-  environment:
-    - UID=1000
-    - GID=1000
-  ports:
-    - "80:8000"
-    - "443:4430"
-  links:
-    - rutorrent:rutorrent
-  volumes:
-    - /home/docker/nginx/sites:/sites-enabled
-    - /home/docker/nginx/conf:/conf.d
-    - /home/docker/nginx/passwds:/passwds
-    - /home/docker/nginx/log:/var/log/nginx
-    - /home/docker/nginx/certs:/certs
-    
-rutorrent:
-  image: wonderfall/rutorrent
-  container_name: rutorrent
-  environment:
-    - WEBROOT=/
-    - UID=1000
-    - GID=1000
-  ports:
-    - "49184:49184"
-    - "49184:49184/udp"
-  volumes:
-    - /home/user/seedbox:/data
-    - /home/user/seedbox/rutorrent:/var/www/torrent/share/users
-```

searx/README.md

@@ -6,25 +6,14 @@
 Searx is a metasearch engine, inspired by the seeks project.
 It provides basic privacy by mixing your queries with searches on other platforms without storing search data. Queries are made using a POST request on every browser (except chrome*). Therefore they show up in neither our logs, nor your url history. In case of Chrome* users there is an exception, Searx uses the search bar to perform GET requests. Searx can be added to your browser's search bar; moreover, it can be set as the default search engine. 
 
-#### Tags
+#### Features
-- `latest` : latest code from [asciimoo/searx](https://github.com/asciimoo/searx)
+- Based on Alpine Linux.
-- `release`, `0.8.1` : latest stable released
+- Latest code from [asciimoo/searx](https://github.com/asciimoo/searx)
-
+- A unique secret key is generated when booting the first time.
-#### Secret key
-When the container starts the first time, it generates a new secret key. It doesn't depend on the build, so no one can know your key. 
 
 #### Environment variables
-- **IMAGE_PROXY** is a boolean value (True or False, False by default), it can enable proxying through the searx instance (useful for public instances because it doesn't break TLS connection). 
+- **IMAGE_PROXY** : enables images proxying *(default : False)*
-- **BASE_URL** should be set if searx is used behind a custom domain name (http address or False, False by default).
+- **BASE_URL** : http://domain.tld *(default : False)*
 
-#### Docker Compose (example)
+#### Ports
-```
+- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)
-searx:
-  image: wonderfall/searx:latest
-  environment:
-    - BASE_URL="https://searx.domain.tld"
-    - IMAGE_PROXY=True
-```
-
-#### Reverse proxy
-https://github.com/Wonderfall/dockerfiles/tree/master/reverse

selfoss/README.md

@@ -1,4 +1,4 @@
-# hardware/selfoss
+# wonderfall/selfoss
 
 ![selfoss](https://i.imgur.com/8hJyBgk.png "selfoss")
 

subsonic/README.md

@@ -5,6 +5,9 @@
 #### What is Subsonic?
 Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, OGG, AAC and other streamable audio and video formats. Indeed, this build comes with **transcoding abilities**.
 
+#### Build-time variables
+- **VERSION** : version of subsonic
+
 #### Environment variables
 - **GID** : subsonic group id.
 - **UID** : subsonic user id.
@@ -13,28 +16,7 @@ Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, O
 - **/musics** : your music files
 - **/data** : subsonic data
 
-#### Docker Compose (example)
-```
-subsonic:
-  image: wonderfall/subsonic
-  volumes: 
-    - /mnt/music:/musics
-    - /mnt/subsonic:/data
-  environment:
-    - GID=1000
-    - UID=1000
-```
 
 #### Reverse proxy
 https://github.com/Wonderfall/dockerfiles/tree/master/reverse
-Working configuration with HTTPS :
+https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
-
-```
-  location / {
-      proxy_pass http://subsonic:4040;
-      proxy_set_header        X-Real-IP            $remote_addr;
-      proxy_set_header        X-Forwarded-For      $proxy_add_x_forwarded_for;
-      proxy_set_header        X-Remote-Port        $remote_port;
-      proxy_set_header        X-Forwarded-Proto    $scheme;
-  }
-```

tor/README.md

@@ -0,0 +1,29 @@
+## wonderfall/tor
+
+![](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/612px-Tor-logo-2011-flat.svg.png)
+
+#### Features
+- Based on Alpine Linux.
+- Tor built from source.
+- ARM included, allowing real-time monitoring.
+
+#### Usages
+- As a relay ([french article](https://cats.schrodinger.io/un-relais-tor-avec-docker/)).
+- As a hidden service dir.
+
+### Build-time variables
+- **TOR_VERSION** : version of Tor.
+- **TOR_USER_ID** : tor user id *(default : 45553)*
+- **ARM_VERSION** : version of ARM
+- **GPG_** : fingerprints of signing keys
+
+#### Environment variables
+- **TERM** = xterm (ARM requirement)
+
+#### Volumes
+- **/usr/local/etc/tor** : tor configuration files.
+- **/tordata** : tor data.
+
+#### Ports
+- **9001** (bind it) : ORPort.
+- **9030** (bind it) : DirPort.

zerobin/README.md

@@ -0,0 +1,18 @@
+## wonderfall/zerobin
+
+Paste securely.
+
+#### Features
+- Based on Alpine Linux.
+- [elrido's zerobin fork](https://github.com/elrido/ZeroBin)
+- nginx + PHP7.
+
+#### Environment variables
+- **UID** : zerobin user id
+- **GID** : zerobin group id
+
+#### Volumes
+- **/zerobin/data**
+
+#### Ports
+- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)