hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity

update readmes

Browse Source
This commit is contained in:
Wonderfall 2016-05-12 00:16:33 +02:00
parent 1679a9ba5d
commit 6d54f4b762
14 changed files with 174 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
ghost/README.md
View File

@ -1,23 +1,35 @@
## wonderfall/ghost
**SIZE = ±188MB**
![](https://i.goopics.net/lt.png)
#### What is this?
#### What is this? What features?
- A **simple** Ghost CMS build made for production.
- It is based on Alpine Linux so it's lightweight.
- It uses node.js 5.x (version check is disabled).
- Environment variables for basic flexibility.
- It uses node.js LTS (version check is disabled).
- Environment variables, thus providing basic flexibility.
- Offers Isso and Disqus basic support (casper).
- Offers syntax highlighting using [prism.js](http://prismjs.com/) (casper).
#### Build-time variables
- **VERSION** : version of Ghost.
#### Environment variables
- **SSL** : set to *True* if you use https on your blog.
- **DOMAIN** : your domain without http(s)://
- **GID** : ghost user id.
- **UID** : ghost group id.
- **CUSTOM_SMTP** : enable SMTP if set to *True*
- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST**
- **ENABLE_ISSO** : enable Isso support if set to *True*
- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE**
- **GID** : ghost user id *(default : 991)*
- **UID** : ghost group id *(default : 991)*
- **SSL** : set to *True* if you use *https* on your blog. *(default : False)*
- **DOMAIN** : your domain (without *http(s)://*) *(default : my-ghost-blog.com)*
- **SYNTAX_HIGHLIGHTING** : enables syntax highlighting if set to *True* *(default : False)*
- **HIGHLIGHTER_COLOR** : color of syntax highlighting, *light* or *dark* *(default : light)*
- **CUSTOM_SMTP** : enables SMTP if set to *True* *(default : False)*
- **SMTP_PORT**, **SMTP_USER**, **SMTP_HOST** : SMTP settings
- **SMTP\_SENDER\_MAIL**, **SMTP\_SENDER\_NAME** : other SMTP settings
- **ENABLE_ISSO** : enables Isso support if set to *True* *(default : False)*
- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE** : Isso settings
- **ENABLE_DISQUS** : enables Disqus if set to *True* *(default : False)*
- **DISQUS_SHORTNAME** : your Disqus shortname
#### Volumes
- **/ghost/content** : contents of your blog, including themes
### Ports
- **2368** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)

18
isso/README.md
View File

@ -8,18 +8,25 @@ Isso is a commenting server similar to Disqus. More info on the [official websit
#### Features
- Based on Alpine Linux 3.3.
- Latest Isso installed via pip.
- Latest Isso installed with `pip`.
#### Build-time variables
- **ISSO_VER** : version of Isso.
-
#### Environment variables
- **GID** : isso group id.
- **UID** : isso user id.
- **GID** : isso group id *(default : 991)*
- **UID** : isso user id *(default : 991)*
#### Volumes
- **/config** : configuration files.
- **/config** : location of configuration files.
- **/db** : location of SQLite database.
#### Ports
- **8080** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration).
#### Example of simple configuration
Here is the full documentation : https://posativ.org/isso/docs/
```
# /mnt/docker/isso/config/isso.conf
[general]
@ -38,6 +45,3 @@ isso:
- /mnt/docker/isso/config:/config
- /mnt/docker/isso/db:/db
```
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse

24
lutim/README.md
View File

@ -8,6 +8,9 @@ It stores images and allows you to see them, download them or share them on soci
Images are indefinitly stored unless you request that they will be deleted at first view or after 24 hours / one week / one month / one year.
#### Build-time variables
- **TINI_VER** : version of `tini`.
#### Environment variables
- **GROUPID** : lutim group id. *(default : 1000)*
- **USERID** : lutim user id. *(default : 1000)*
@ -24,22 +27,5 @@ Images are indefinitly stored unless you request that they will be deleted at fi
- **/data** : where lutim's database is stored.
- **/lutim/files** : location of uploaded files.
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
#### Docker compose (example)
```
lutim:
image: wonderfall/lutim
environment:
- GROUPID=1000
- USERID=1000
- SECRET=ZyCnLAhYKBIJrukuKZZJ
- CONTACT=user@domain.tld
- MAX_FILE_SIZE=100000000
- WEBROOT=/
- DOMAIN=domain.tld
volumes:
- /mnt/docker/lutim/data:/data
- /mnt/docker/lutim/files:/lutim/files
```
#### Ports
- **8181** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration).

8
nodejs/README.md
View File

@ -1,4 +1,10 @@
## wonderfall/node
**SIZE : ±38MB**
![](https://i.goopics.net/lq.png)
Node.js built from source on Alpine Linux. Nothing else. Automated builds provide LTS only.
#### Build-time variables
- **NODE_VER** : version of node
- **NPM_VER** : version of `npm`
- **BUILD_CORES** : number of CPU cores

18
owncloud/README.md
View File

@ -21,9 +21,15 @@
If you want some security, versioning with tags should be available since 9.0 (e.g. the next tags will be 9.1, 9.2, etc. major updates as you can notice). I do not make tags for minor updates, like 8.2.1, 8.2.2, 8.2.x, since there are only bugfixes and security patches, which are strongly recommended.
#### Build-time variables
- **OWNCLOUD_VERSION** : version of ownCloud
- **APCU_VERSION** : version of apcu pecl ext
- **APCUBC_VERSION** : version of apcu_bc pecl ext
- **GPG_owncloud** : fingerprint of the signing key
#### Environment variables
- **UID** : owncloud user id.
- **GID** : owncloud group id.
- **UID** : owncloud user id *(default : 991)*
- **GID** : owncloud group id *(default : 991)*
#### Volumes
- **/data** : owncloud data (your files!).
@ -101,9 +107,13 @@ db_owncloud:
- MYSQL_PASSWORD=supersecretpassword
```
#### Port
- **80** (cf Reverse Proxy).
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
Notice that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS).
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
Note that you don't have to add any headers since they're already included in the container (you avoid useless warnings from owncloud). It is strongly recommended to use ownCloud through an encrypted connection (HTTPS).
#### Enjoy!
Go to your admin pannel, and check the **Security & setup warnings** section. If you see **"All checks passed"**, then you can congratulate yourself!

21
piwik/README.md
View File

@ -6,17 +6,19 @@
It is a web analytics platform. Piwik respects your privacy and gives you full control over your data.
#### Features
- Based on Alpine Linux 3.3 : lightweight and secure.
- Functional installation. Pull and run.
- Based on Alpine Linux.
- Latest Piwik stable.
- nginx stable + php-fpm stable.
- pdo_mysql and mysqli available (mysql server not built-in).
- nginx stable + PHP7.
- mysql drivers (server not built-in).
- Latest GeoLite City Database from maxmind.com.
- External + automatic backup of configuration.
#### Build-time variables
- **VERSION** : version of Piwik
- **GPG_matthieu** : fingerprint of signing key
#### Environment variables
- **GID** : piwik group id.
- **UID** : piwik user id.
- **GID** : piwik group id *(default : 991)*
- **UID** : piwik user id *(default : 991)*
#### Volumes
- **/config** : configuration files
@ -28,6 +30,7 @@ Piwik can update itself. It works well. I'm also maintaing this Dockerfile, so i
According to Piwik, everything should be fine running this image. You shoudn't have any difficulties to setup your own instance of Piwik. Your `/config/config.ini.php` overwrites the one (in `/piwik/config`)used by Piwik each time the container is started. Moreover, the old config.ini.php is saved as `/config/config.ini.php.bkp` if you want to revert last changes. This should also guarantee transparency through Piwik's updates.
If you're running Piwik behind a reverse proxy (most likely you do), add this to your `config.ini.php` :
```
[General]
#assume_secure_protocol = 1 #uncomment if you use https
@ -37,7 +40,9 @@ proxy_host_headers[] = HTTP_X_FORWARDED_HOST
```
#### Reverse proxy
Use port **80**.
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration
#### Docker Compose (example)
```
@ -61,5 +66,3 @@ db_piwik:
- MYSQL_USER=piwik
- MYSQL_PASSWORD=asupersecretpassword
```

40
rainloop/README.md
View File

@ -3,43 +3,25 @@
![](https://i.goopics.net/nI.png)
#### What is this?
Rainloop is a SIMPLE, MODERN & FAST WEB-BASED EMAIL CLIENT. More info on the [official website](http://www.rainloop.net/).
Rainloop is a simple, modern & fast web-based client. More info on the [official website](http://www.rainloop.net/).
#### Features
- Based on Alpine 3.3
- Latest Rainloop **Community Edition** (stable)
- Extremely lightweight
- Latest Rainloop **Community Edition**
- Contacts (DB) : sqlite, or mysql (server not built-in)
- nginx + PHP7
#### Build-time variables
- **GPG_rainloop** : fingerprint of signing key
#### Environment variables
- **GID** : rainloop group id.
- **UID** : rainloop user id.
- **GID** : rainloop group id *(default : 991)*
- **UID** : rainloop user id *(default : 991)*
#### Volumes
- **/rainloop/data** : rainloop's data
#### Docker Compose (example)
```
rainloop:
image: wonderfall/rainloop
environment:
- GID=1000
- UID=1000
volumes:
- /mnt/rainloop:/rainloop/data
# if using mysql as contacts database
db_rainloop:
image: mariadb:10
volumes:
- /mnt/rainloop/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=supersecretpassword
- MYSQL_DATABASE=rainloop
- MYSQL_USER=rainloop
- MYSQL_PASSWORD=supersecretpassword
```
- **/rainloop/data** : data files.
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration

117
reverse/README.md
View File

@ -1,123 +1,42 @@
## wonderfall/reverse
**SIZE : ±39MB**
![](https://i.goopics.net/lv.jpg) ![](https://i.goopics.net/lL.png) ![](https://upload.wikimedia.org/wikipedia/en/2/25/LibreSSL_logo.jpg)
#### What is this?
It is nginx latest mainline statically linked against LibreSSL latest snapshot, with embedded Brotli support.
Secured by default (no root processes, even the master one). I made this image for my own purpose, but I added some flexibility so you can use it easily.
It is nginx statically linked against LibreSSL, with embedded Brotli support. Secured by default (no root processes, even the master one).
#### Features
- Based on Alpine Linux (3.3) : lightweight and secure distribution.
- nginx mainline + LibreSSL snapshot
- Based on Alpine Linux.
- nginx built against LibreSSL.
- HTTP/2 support.
- Brotli compression support.
- No root master process. Better security.
- No root master process.
- AIO Threads support.
- No unnessary modules.
- Optimized nginx configuration.
#### Notes
It is required to :
- chown your certs files with the right uid/pid (no other way)
- chown your certs files with the right uid/pid
- change `listen` directive to 8000/4430 instead of 80/443
By the way, it is recommended to **build this image** (using docker-compose 1.6 and later for args compatibily) directly instead of pulling it from Docker Hub.
LibreSSL recommends Linux 3.17+.
#### Volumes
- **/sites-enabled** : should contain your vhosts files (.conf)
- **/conf.d** : additional configuration files if you want
- **/sites-enabled** : vhosts files (*.conf)
- **/conf.d** : additional configuration files
- **/certs** : SSL/TLS certificates
- **/var/log/nginx** : nginx logs (access and error)
- **/var/log/nginx** : nginx logs
- **/passwds** : authentication files
#### Build arguments
- **NGINX_VER** : nginx's version, change it if needed but the default version is tested
- **LIBRESSL_VER** : same as NGINX_VER
#### Build-time variables
- **NGINX_VERSION** : version of nginx
- **LIBRESSL_VERSION** : version of LibreSSL
#### Environment variables
- **GID** : nginx group id *(default : 991)*
- **UID** : nginx user id *(default : 991)*
#### Source (Dockerfile)
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
#### Examples : compose, vhost, TLS conf
**NOTES** :
- compose file must use version 2. [See more here](https://docs.docker.com/compose/compose-file/#version-2:91de898b5f5cdb090642a917d3dedf68).
- Docker 1.10+ and docker-compose 1.6+ are needed.
- if you're using docker-compose inside a container, pay attention to `context`.
```
# docker-compose.yml
nginx:
#image: wonderfall/reverse
build:
context: /path/to/reverse/dockerfile
dockerfile: Dockerfile
args:
- NGINX_VER=1.9.10
- LIBRESSL_VER=2.3.2
- GID=1000
- UID=1000
- BUILD_CORES=8
ports:
- "80:8000"
- "443:4430"
links:
- container_1:container_1
- container_2:container_2
- container_n:container_n
volumes:
- /mnt/docker/nginx/sites:/sites-enabled
- /mnt/docker/nginx/conf:/conf.d
- /etc/letsencrypt:/certs
- /mnt/docker/nginx/log:/var/log/nginx
```
```
# /mnt/docker/nginx/sites/service.conf
server {
listen 8000;
server_name service.domain.tld;
return 301 https://$host$request_uri;
}
server {
listen 4430 ssl http2;
server_name service.domain.tld;
ssl_certificate /certs/live/service.domain.tld/fullchain.pem;
ssl_certificate_key /certs/live/service.domain.tld/privkey.pem;
include /conf.d/ssl_params.conf;
include /conf.d/headers.conf;
#client_max_body_size 10M; #(M = Megabytes / G = Gigabytes)
location / {
proxy_pass http://container_n:$PORT;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-Port $remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
```
```
# /mnt/docker/conf/ssl_params.conf
ssl_protocols TLSv1.2;
ssl_ciphers "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256";
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_session_tickets off;
```
```
# /mnt/docker/conf/headers.conf
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
```
#### How to use it?
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration

54
rutorrent/README.md
View File

@ -4,57 +4,21 @@ Originally forked from [xataz/rutorrent](https://github.com/xataz/dockerfiles/tr
#### What is this?
This container contains both rtorrent (whis is a BitTorrent client) and rutorrent (which is a front-end for rtorrent). Filebolt is also included, the default behavior is set to create clean symlinks, so media players like Emby/Plex can easily detect your TV shows and movies.
![](https://pix.schrodinger.io/KDVxwnJA/nEMCzJEd.jpg)
#### Main features
- Lightweight, since it's based on Alpine Linux.
- Everything is almost compiled from source.
- Secured, don't bother about configuration files.
- Filebot is included, and creates symlinks in /data/Media.
- FlatUI themes for rutorrent are included.
- Filebot is included, and creates symlinks in `/data/Media`.
- rutorrent : Material theme by phlo set by default.
- rutorrent : nginx + PHP7.
#### Ports
There's one port to bind to your host (both tcp/udp) : 49184 (arbitrary chosen).
- **49184** (bind it).
- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)
#### Volumes
- **/data** : your files, symlinks, etc. everything you must care of.
- **/var/www/torrent/share/users** : rutorrent settings, as you don't want them to go away each time you update the container.
#### How to use it?
Basically you just have to run the container behind a reverse proxy.
This may help you : https://hub.docker.com/r/wonderfall/reverse/
Here is an example of a docker-compose.yml file :
```
nginx:
image: wonderfall/reverse:1.9
container_name: nginx
environment:
- UID=1000
- GID=1000
ports:
- "80:8000"
- "443:4430"
links:
- rutorrent:rutorrent
volumes:
- /home/docker/nginx/sites:/sites-enabled
- /home/docker/nginx/conf:/conf.d
- /home/docker/nginx/passwds:/passwds
- /home/docker/nginx/log:/var/log/nginx
- /home/docker/nginx/certs:/certs
rutorrent:
image: wonderfall/rutorrent
container_name: rutorrent
environment:
- WEBROOT=/
- UID=1000
- GID=1000
ports:
- "49184:49184"
- "49184:49184/udp"
volumes:
- /home/user/seedbox:/data
- /home/user/seedbox/rutorrent:/var/www/torrent/share/users
```
- **/data** : your files, symlinks, and so on.
- **/var/www/torrent/share/users** : rutorrent settings.

27
searx/README.md
View File

@ -6,25 +6,14 @@
Searx is a metasearch engine, inspired by the seeks project.
It provides basic privacy by mixing your queries with searches on other platforms without storing search data. Queries are made using a POST request on every browser (except chrome*). Therefore they show up in neither our logs, nor your url history. In case of Chrome* users there is an exception, Searx uses the search bar to perform GET requests. Searx can be added to your browser's search bar; moreover, it can be set as the default search engine.
#### Tags
- `latest` : latest code from [asciimoo/searx](https://github.com/asciimoo/searx)
- `release`, `0.8.1` : latest stable released
#### Secret key
When the container starts the first time, it generates a new secret key. It doesn't depend on the build, so no one can know your key.
#### Features
- Based on Alpine Linux.
- Latest code from [asciimoo/searx](https://github.com/asciimoo/searx)
- A unique secret key is generated when booting the first time.
#### Environment variables
- **IMAGE_PROXY** is a boolean value (True or False, False by default), it can enable proxying through the searx instance (useful for public instances because it doesn't break TLS connection).
- **BASE_URL** should be set if searx is used behind a custom domain name (http address or False, False by default).
- **IMAGE_PROXY** : enables images proxying *(default : False)*
- **BASE_URL** : http://domain.tld *(default : False)*
#### Docker Compose (example)
```
searx:
image: wonderfall/searx:latest
environment:
- BASE_URL="https://searx.domain.tld"
- IMAGE_PROXY=True
```
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
#### Ports
- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)

2
selfoss/README.md
View File

@ -1,4 +1,4 @@
# hardware/selfoss
# wonderfall/selfoss
![selfoss](https://i.imgur.com/8hJyBgk.png "selfoss")

26
subsonic/README.md
View File

@ -5,6 +5,9 @@
#### What is Subsonic?
Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, OGG, AAC and other streamable audio and video formats. Indeed, this build comes with **transcoding abilities**.
#### Build-time variables
- **VERSION** : version of subsonic
#### Environment variables
- **GID** : subsonic group id.
- **UID** : subsonic user id.
@ -13,28 +16,7 @@ Subsonic is an open-source web-based media streamer and jukebox. Supports MP3, O
- **/musics** : your music files
- **/data** : subsonic data
#### Docker Compose (example)
```
subsonic:
image: wonderfall/subsonic
volumes:
- /mnt/music:/musics
- /mnt/subsonic:/data
environment:
- GID=1000
- UID=1000
```
#### Reverse proxy
https://github.com/Wonderfall/dockerfiles/tree/master/reverse
Working configuration with HTTPS :
```
location / {
proxy_pass http://subsonic:4040;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-Port $remote_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
```
https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration

29
tor/README.md Normal file
View File

@ -0,0 +1,29 @@
## wonderfall/tor
![](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/612px-Tor-logo-2011-flat.svg.png)
#### Features
- Based on Alpine Linux.
- Tor built from source.
- ARM included, allowing real-time monitoring.
#### Usages
- As a relay ([french article](https://cats.schrodinger.io/un-relais-tor-avec-docker/)).
- As a hidden service dir.
### Build-time variables
- **TOR_VERSION** : version of Tor.
- **TOR_USER_ID** : tor user id *(default : 45553)*
- **ARM_VERSION** : version of ARM
- **GPG_** : fingerprints of signing keys
#### Environment variables
- **TERM** = xterm (ARM requirement)
#### Volumes
- **/usr/local/etc/tor** : tor configuration files.
- **/tordata** : tor data.
#### Ports
- **9001** (bind it) : ORPort.
- **9030** (bind it) : DirPort.

18
zerobin/README.md Normal file
View File

@ -0,0 +1,18 @@
## wonderfall/zerobin
Paste securely.
#### Features
- Based on Alpine Linux.
- [elrido's zerobin fork](https://github.com/elrido/ZeroBin)
- nginx + PHP7.
#### Environment variables
- **UID** : zerobin user id
- **GID** : zerobin group id
#### Volumes
- **/zerobin/data**
#### Ports
- **80** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration)