Backup_Repos/gossa
1
0
Fork 0
mirror of https://github.com/pldubouilh/gossa synced 2025-12-06 00:12:36 +01:00
Code Issues Projects Releases Wiki Activity
gossa/support
History
Pierre Dubouilh 56f418bbff
reword readme
2020-06-28 13:10:44 +02:00
..
build.Dockerfile Add option for read-only mode in dockerfile 2020-06-12 15:49:17 +08:00
docker-compose.yml refactor 2019-12-15 19:06:59 +01:00
readme.md reword readme 2020-06-28 13:10:44 +02:00

readme.md

docker

the master branch is automatically built and pushed to dockerhub under pldubouilh/gossa.

# pull from dockerhub and run
% mkdir ~/LocalDirToShare
% sudo docker run -v ~/LocalDirToShare:/shared -p 8001:8001 pldubouilh/gossa

# options are settable through env. variabes. all the options are the build.Dockerfile
% sudo docker run -e PREFIX="/gossa/" -v ~/LocalDirToShare:/shared -p 8001:8001 pldubouilh/gossa

if you prefer building the image yourself :

# build gossa within a build container, needs to be ran within the sources, ../ from here, and run
% mkdir ~/LocalDirToShare
% docker build -t gossa -f support/build.Dockerfile .
% sudo docker run -v ~/LocalDirToShare:/shared -p 8001:8001 gossa

a docker-compose example image is also provided. running docker compose should be straightforward : docker-compose up . have a look in docker-compose.yml for further configuration.

multi-account setup

authentication / user routing has been left out of the design of gossa, as simple tools are already available for this purpose. caddy is used here as an example, but other proxy can be used in a similar fashion.

example 1 root, multiple read-only users

this sample caddy config will

  • enable https on the domain myserver.com
  • password protect the access
  • route the root user requests to 1 gossa instance
  • route user1 and user2 requests to a readonly gossa instance
myserver.com

# proxy regular and read only instance
proxy /   127.0.0.1:8001
proxy /ro 127.0.0.1:8002 { without /ro }

# reroute non-root user to read-only
# cm9... is the output of `printf "root:password" | base64`
rewrite {
  if {>Authorization} not "Basic cm9vdDpwYXNzd29yZA=="
  to /ro/{path}
}

# gate access
basicauth / root     password
basicauth / ro_user1 passworduser1
basicauth / ro_user2 passworduser2

then simply start the 2 gossa instances, and caddy

# start an instance in readonly
% ./gossa -ro=true -p 8002 ~/folder &

# start an instance with access to hidden files
% ./gossa -k=false  -p 8001 ~/folder &

# start caddy
% ./caddy

example 2 users on 2 different folders

this sample caddy config will

  • enable https on the domain myserver.com
  • password protect the access
  • route user1 to own folder
  • route user2 to own folder
  • share a folder between 2 users with a symlink
myserver.com

proxy /user1 127.0.0.1:8001 { without /user1 }
proxy /user2 127.0.0.1:8002 { without /user2 }

basicauth / user1 passworduser1
basicauth / user2 passworduser2

rewrite {
  if {>Authorization} is "Basic dXNlcjE6cGFzc3dvcmR1c2VyMQ=="
  to /user1/{path}
}

rewrite {
  if {>Authorization} is "Basic dXNlcjI6cGFzc3dvcmR1c2VyMg=="
  to /user2/{path}
}

start 2 gossa instances, and caddy

# create symlink to share folder between 2 users
% ln -s /path/shared test/user1
% ln -s /path/shared test/user2

# start gossa & caddy
% ./gossa -p 8001 -symlinks=true test/user1 &
% ./gossa -p 8002 -symlinks=true test/user2 &
% ./caddy