From cbed540ff24085bbce8c317ce970e73db3b93313 Mon Sep 17 00:00:00 2001 From: Evan McCarthy Date: Tue, 26 May 2020 11:04:50 -0500 Subject: [PATCH 1/8] fix docker --- Dockerfile | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 35f891228..07923548d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:9 +FROM node:lts-alpine LABEL name "lolisafe" LABEL version "3.0.0" @@ -8,12 +8,16 @@ WORKDIR /usr/src/lolisafe COPY package.json yarn.lock ./ -RUN sh -c 'echo "deb http://www.deb-multimedia.org jessie main" >> /etc/apt/sources.list' \ -&& apt-key adv --keyserver keyring.debian.org --recv-keys 5C808C2B65558117 \ -&& apt-get update \ -&& apt-get install -y ffmpeg graphicsmagick \ -&& yarn install +RUN apk add --no-cache --virtual build-dependencies python make g++ -COPY . . +RUN apk add --no-cache ffmpeg + +RUN yarn install + +RUN apk update +RUN apk del build-dependencies + +COPY . . +EXPOSE 9999 CMD ["node", "lolisafe.js"] From 334c2ab7368fe429f46a4a7cd33e8c45eeb49272 Mon Sep 17 00:00:00 2001 From: Evan McCarthy Date: Tue, 26 May 2020 11:05:29 -0500 Subject: [PATCH 2/8] add config --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 07923548d..bccbd9028 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,8 @@ RUN apk add --no-cache --virtual build-dependencies python make g++ RUN apk add --no-cache ffmpeg +ADD config.sample.js config.js + RUN yarn install RUN apk update From f95cb64d7ec889ef51849b041708c7da7e797124 Mon Sep 17 00:00:00 2001 From: evanmn Date: Tue, 26 May 2020 11:24:27 -0500 Subject: [PATCH 3/8] Update Dockerfile --- Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index bccbd9028..0f9286096 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,9 +8,7 @@ WORKDIR /usr/src/lolisafe COPY package.json yarn.lock ./ -RUN apk add --no-cache --virtual build-dependencies python make g++ - -RUN apk add --no-cache ffmpeg +RUN apk add --no-cache --virtual build-dependencies python make g++ && apk add --no-cache ffmpeg ADD config.sample.js config.js From 8ea0e491cd9e08e9cf40c41e0aa47ac95724bcbc Mon Sep 17 00:00:00 2001 From: Evan McCarthy Date: Tue, 26 May 2020 13:56:24 -0500 Subject: [PATCH 4/8] add docker-compose stack --- .env.example | 2 ++ config.sample.js | 6 +++-- docker-compose.yaml | 63 +++++++++++++++++++++++++++++++++++++++++++++ nginx.docker.conf | 41 +++++++++++++++++++++++++++++ 4 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 .env.example create mode 100644 docker-compose.yaml create mode 100644 nginx.docker.conf diff --git a/.env.example b/.env.example new file mode 100644 index 000000000..ea3bec08a --- /dev/null +++ b/.env.example @@ -0,0 +1,2 @@ +EMAIL=email@example.org +DOMAIN=MY-DOMAIN.com diff --git a/config.sample.js b/config.sample.js index c2bf5d450..698df2840 100644 --- a/config.sample.js +++ b/config.sample.js @@ -24,9 +24,11 @@ module.exports = { Both cases require you to type the domain where the files will be served on the `domain` key below. Which one you use is ultimately up to you. + + Leave this as "false" if using docker. */ serveFilesWithNode: false, - domain: 'https://lolisafe.moe', + domain: 'https://xml.bz', /* If you are serving your files with a different domain than your lolisafe homepage, @@ -36,7 +38,7 @@ module.exports = { homeDomain: null, /* - Port on which to run the server. + Port on which to run the server. Do not change this if using docker. Change in .env. */ port: 9999, diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 000000000..a882ebfd5 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,63 @@ +version: '3.8' + +networks: + net: + driver: bridge + +services: + safe: + image: lolisafe/lolisafe + volumes: + - ./config.js:/usr/src/lolisafe/config.js:ro + - ./uploads:/usr/src/lolisafe/uploads + restart: unless-stopped + networks: + - net + + nginx: + image: nginx + volumes: + - ./nginx.docker.conf:/etc/nginx/conf.d/default.conf:ro + - ./uploads:/uploads + expose: + - 80 + restart: unless-stopped + depends_on: + - safe + networks: + - net + labels: + - 'traefik.enable=true' + - 'traefik.http.routers.xml.rule=Host(`${DOMAIN}`)' + - 'traefik.http.routers.xml.entrypoints=https' + - 'traefik.http.routers.xml.tls=true' + - 'traefik.http.routers.xml.tls.certresolver=letsencrypt' + + traefik: + image: traefik:latest + container_name: traefik + volumes: + - ./traefik/acme.json:/acme.json + - /var/run/docker.sock:/var/run/docker.sock + networks: + - net + ports: + - 80:80 + - 443:443 + command: + - '--log.level=INFO' + - '--providers.docker=true' + - '--providers.docker.exposedByDefault=false' + - '--entrypoints.http=true' + - '--entrypoints.http.address=:80' + - '--certificatesresolvers.letsencrypt.acme.email=${EMAIL}' + - '--certificatesresolvers.letsencrypt.acme.storage=acme.json' + - '--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=http' + - '--entrypoints.http.http.redirections.entrypoint.to=https' + - '--entrypoints.http.http.redirections.entrypoint.scheme=https' + - '--entrypoints.https=true' + - '--entrypoints.https.address=:443' + restart: unless-stopped + depends_on: + - nginx + diff --git a/nginx.docker.conf b/nginx.docker.conf new file mode 100644 index 000000000..941f1720f --- /dev/null +++ b/nginx.docker.conf @@ -0,0 +1,41 @@ +upstream backend { + server safe:9999; # Change to the port you specified on lolisafe +} + +map $sent_http_content_type $charset { + ~^text/ utf-8; +} + +server { + listen 80; + + client_max_body_size 10000M; # Change this to the max file size you want to allow + + charset $charset; + charset_types *; + + # Uncomment if you are running lolisafe behind CloudFlare. + # This requires NGINX compiled from source with: + # --with-http_realip_module + #include /path/to/lolisafe/real-ip-from-cf; + + location / { + add_header Access-Control-Allow-Origin *; + root /uploads; + try_files $uri @proxy; + } + + location @proxy { + proxy_set_header X-Real-IP $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://backend; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_redirect off; + proxy_set_header X-Forwarded-Proto $scheme; + } +} From 603c9f54e2d32788977d9dc276c868521d015316 Mon Sep 17 00:00:00 2001 From: evanmn Date: Tue, 26 May 2020 14:44:52 -0500 Subject: [PATCH 5/8] Update config.sample.js --- config.sample.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.sample.js b/config.sample.js index 698df2840..bd6190bc5 100644 --- a/config.sample.js +++ b/config.sample.js @@ -28,7 +28,7 @@ module.exports = { Leave this as "false" if using docker. */ serveFilesWithNode: false, - domain: 'https://xml.bz', + domain: 'https://lolisafe.moe', /* If you are serving your files with a different domain than your lolisafe homepage, From 732661ff020fa539a5927c6a90cf2ab9434c1541 Mon Sep 17 00:00:00 2001 From: evanmn Date: Tue, 26 May 2020 14:46:08 -0500 Subject: [PATCH 6/8] Update docker-compose.yaml --- docker-compose.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index a882ebfd5..04347425e 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -28,10 +28,10 @@ services: - net labels: - 'traefik.enable=true' - - 'traefik.http.routers.xml.rule=Host(`${DOMAIN}`)' - - 'traefik.http.routers.xml.entrypoints=https' - - 'traefik.http.routers.xml.tls=true' - - 'traefik.http.routers.xml.tls.certresolver=letsencrypt' + - 'traefik.http.routers.safe.rule=Host(`${DOMAIN}`)' + - 'traefik.http.routers.safe.entrypoints=https' + - 'traefik.http.routers.safe.tls=true' + - 'traefik.http.routers.safe.tls.certresolver=letsencrypt' traefik: image: traefik:latest From c8817ec8aa63da042766d61a0556d87636f36789 Mon Sep 17 00:00:00 2001 From: evanmn Date: Thu, 28 May 2020 10:05:12 -0500 Subject: [PATCH 7/8] Update Dockerfile --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0f9286096..6fbd54c74 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ FROM node:lts-alpine -LABEL name "lolisafe" +LABEL name "lolisafe-bobbywibowo" LABEL version "3.0.0" -LABEL maintainer "iCrawl " +LABEL maintainer "evanmn " WORKDIR /usr/src/lolisafe From 69664b05c2c8a9a283c15bbfb09209731a0accce Mon Sep 17 00:00:00 2001 From: Bobby Wibowo Date: Fri, 3 Jul 2020 22:55:43 +0700 Subject: [PATCH 8/8] Clean ups --- config.sample.js | 5 +++-- nginx.docker.conf | 44 ++++++++++++++++++++++++++------------------ 2 files changed, 29 insertions(+), 20 deletions(-) diff --git a/config.sample.js b/config.sample.js index bd6190bc5..808a6093a 100644 --- a/config.sample.js +++ b/config.sample.js @@ -25,7 +25,7 @@ module.exports = { Both cases require you to type the domain where the files will be served on the `domain` key below. Which one you use is ultimately up to you. - Leave this as "false" if using docker. + NOTE: Set to falsy value if using Docker. */ serveFilesWithNode: false, domain: 'https://lolisafe.moe', @@ -38,7 +38,8 @@ module.exports = { homeDomain: null, /* - Port on which to run the server. Do not change this if using docker. Change in .env. + Port on which to run the server. + NOTE: Change port in .env file if using Docker. */ port: 9999, diff --git a/nginx.docker.conf b/nginx.docker.conf index 941f1720f..1f5af6e51 100644 --- a/nginx.docker.conf +++ b/nginx.docker.conf @@ -3,7 +3,7 @@ upstream backend { } map $sent_http_content_type $charset { - ~^text/ utf-8; + ~^text/ utf-8; } server { @@ -11,31 +11,39 @@ server { client_max_body_size 10000M; # Change this to the max file size you want to allow - charset $charset; - charset_types *; + charset $charset; + charset_types *; - # Uncomment if you are running lolisafe behind CloudFlare. - # This requires NGINX compiled from source with: - # --with-http_realip_module - #include /path/to/lolisafe/real-ip-from-cf; + # Uncomment if you are running lolisafe behind CloudFlare. + # This requires NGINX compiled from source with: + # --with-http_realip_module + #include /path/to/lolisafe/real-ip-from-cf; - location / { - add_header Access-Control-Allow-Origin *; - root /uploads; - try_files $uri @proxy; - } + location / { + add_header Access-Control-Allow-Origin *; + root /uploads; + try_files $uri @proxy; + } location @proxy { - proxy_set_header X-Real-IP $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header X-NginX-Proxy true; proxy_pass http://backend; proxy_redirect off; proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_redirect off; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Protocol $scheme; + proxy_set_header X-NginX-Proxy true; + + # Enabling these may help with clients with slow upload speeds. + #proxy_connect_timeout 300s; + #proxy_send_timeout 300s; + #proxy_read_timeout 600s; + #end_timeout 300s; } }