mirror of
https://github.com/pldubouilh/gossa
synced 2025-12-15 21:04:24 +01:00
push caddy examples
This commit is contained in:
Pierre Dubouilh
parent
39611d2df3
commit
2565dcca13
4 changed files with 90 additions and 26 deletions
|
|
@ -41,7 +41,7 @@ release images are pushed to [dockerhub](https://hub.docker.com/r/pldubouilh/gos
|
|||
% sudo docker run -v ~/LocalDirToShare:/shared -p 8001:8001 pldubouilh/gossa
|
||||
```
|
||||
|
||||
in a do-one-thing-well mindset, HTTPS and authentication has been left to middlewares and proxies. for instance [caddy](https://caddyserver.com/) handles this very well - have a look at this small [caddy config](https://github.com/pldubouilh/gossa/blob/master/support/Caddyfile) with authentication and option for HTTPS that works along with gossa.
|
||||
in a do-one-thing-well mindset, HTTPS and authentication has been left to middlewares and proxies. [this sample caddy config](https://github.com/pldubouilh/gossa/blob/master/support/) shows how to quickly get a multi user setup along with https.
|
||||
|
||||
### shortcuts
|
||||
the default UI is fully usable by through keyboard/UI shortcuts - press `Ctrl/Cmd + h` to see them all.
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
# Caddy config
|
||||
# to enable https just set a valid domain (e.g. mydomain.com) instead of :8080 - how simple !
|
||||
# authentication has been setup with 2 users, alice and bob
|
||||
|
||||
:8080
|
||||
basicauth / alice paul
|
||||
basicauth / bob dylan
|
||||
proxy / 127.0.0.1:8001
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
FROM pldubouilh/gossa
|
||||
|
||||
RUN apk update && apk add curl ca-certificates caddy
|
||||
|
||||
ENV UID="1000" GID="1000" HOST="127.0.0.1" PORT="8001" PREFIX="/" FOLLOW_SYMLINKS="false" SKIP_HIDDEN_FILES="true" DATADIR="/shared"
|
||||
EXPOSE 443
|
||||
RUN echo -e 'exec su-exec ${UID}:${GID} /gossa -h ${HOST} -p ${PORT} -k=${SKIP_HIDDEN_FILES} --symlinks=${FOLLOW_SYMLINKS} --prefix=${PREFIX} ${DATADIR} & \n caddy' > /start.sh
|
||||
ENTRYPOINT [ "sh", "/start.sh" ]
|
||||
|
|
@ -1,3 +1,92 @@
|
|||
## multi-account setup
|
||||
|
||||
authentication / user routing has been left out of the design of gossa, as simple tools are already available for this purpose.
|
||||
|
||||
### example 1 root, multiple read-only users
|
||||
|
||||
this sample caddy config will
|
||||
+ enable https on the domain myserver.com
|
||||
+ password protect the access
|
||||
+ route the root user requests to 1 gossa instance
|
||||
+ route user1 and user2 requests to a readonly gossa instance
|
||||
|
||||
```sh
|
||||
myserver.com
|
||||
|
||||
# proxy regular and read only instance
|
||||
proxy / 127.0.0.1:8001
|
||||
proxy /ro 127.0.0.1:8002 { without /ro }
|
||||
|
||||
# reroute non-root user to read-only
|
||||
# cm9... is the output of `printf "root:password" | base64`
|
||||
rewrite {
|
||||
if {>Authorization} not "Basic cm9vdDpwYXNzd29yZA=="
|
||||
to /ro/{path}
|
||||
}
|
||||
|
||||
# gate access
|
||||
basicauth / root password
|
||||
basicauth / ro_user1 passworduser1
|
||||
basicauth / ro_user2 passworduser2
|
||||
```
|
||||
|
||||
then simply start the 2 gossa instances, and caddy
|
||||
|
||||
```sh
|
||||
# start an instance in readonly
|
||||
% ./gossa -ro=true -p 8002 ~/folder &
|
||||
|
||||
# start an instance with access to hidden files
|
||||
% ./gossa -k=false -p 8001 ~/folder &
|
||||
|
||||
# start caddy
|
||||
% ./caddy
|
||||
```
|
||||
|
||||
### example 2 users on 2 different folders
|
||||
|
||||
this sample caddy config will
|
||||
+ enable https on the domain myserver.com
|
||||
+ password protect the access
|
||||
+ route user1 to own folder
|
||||
+ route user2 to own folder
|
||||
+ share a folder between 2 users with a symlink
|
||||
|
||||
```sh
|
||||
myserver.com
|
||||
|
||||
proxy /user1 127.0.0.1:8001 { without /user1 }
|
||||
proxy /user2 127.0.0.1:8002 { without /user2 }
|
||||
|
||||
basicauth / user1 passworduser1
|
||||
basicauth / user2 passworduser2
|
||||
|
||||
rewrite {
|
||||
if {>Authorization} is "Basic dXNlcjE6cGFzc3dvcmR1c2VyMQ=="
|
||||
to /user1/{path}
|
||||
}
|
||||
|
||||
rewrite {
|
||||
if {>Authorization} is "Basic dXNlcjI6cGFzc3dvcmR1c2VyMg=="
|
||||
to /user2/{path}
|
||||
}
|
||||
```
|
||||
|
||||
start 2 gossa instances, and caddy
|
||||
|
||||
```sh
|
||||
# create symlink to share folder between 2 users
|
||||
% ln -s /path/shared test/user1
|
||||
% ln -s /path/shared test/user2
|
||||
|
||||
# start gossa & caddy
|
||||
% ./gossa -p 8001 -symlinks=true test/user1 &
|
||||
% ./gossa -p 8002 -symlinks=true test/user2 &
|
||||
% ./caddy
|
||||
```
|
||||
|
||||
## docker
|
||||
|
||||
the master branch is automatically built and pushed to [dockerhub](https://hub.docker.com/r/pldubouilh/gossa) under `pldubouilh/gossa`.
|
||||
|
||||
```sh
|
||||
|
|
@ -15,13 +104,4 @@ if you prefer building the image yourself :
|
|||
|
||||
the options are settable through environment variables that can be passed starting off the docker image.
|
||||
|
||||
a fancy docker image using [Caddy](https://caddyserver.com/) is also provided. have a look at the simple config file `Caddyfile`, it shows how to use http basic authentication, and automatic TLS for hands-free https 🎉
|
||||
|
||||
```sh
|
||||
# checkout the caddy config, build, and run docker image
|
||||
% vim caddy.Dockerfile
|
||||
% docker build -t gossa-caddy -f caddy.Dockerfile .
|
||||
% sudo docker run -v ~/LocalDirToShare:/shared -v `pwd`/Caddyfile:/Caddyfile --net=host gossa-caddy
|
||||
```
|
||||
|
||||
a docker-compose example image is also provided. running docker compose should be straightforward : `docker-compose up .` have a look in `docker-compose.yml` for further configuration.
|
||||
Loading…
Reference in a new issue