diff --git a/.github/readme-images/webui-settings-users.png b/.github/readme-images/webui-settings-users.png new file mode 100644 index 000000000..f9d95ec32 Binary files /dev/null and b/.github/readme-images/webui-settings-users.png differ diff --git a/.github/readme-images/webui-settings-users_small.png b/.github/readme-images/webui-settings-users_small.png new file mode 100644 index 000000000..6b7888942 Binary files /dev/null and b/.github/readme-images/webui-settings-users_small.png differ diff --git a/DOCKERHUB.md b/DOCKERHUB.md index 24249c02d..4b0022be3 100644 --- a/DOCKERHUB.md +++ b/DOCKERHUB.md @@ -27,8 +27,6 @@ docker create \ --name=komga \ --user 1000:1000 \ -p 8080:8080 \ - -e KOMGA_USER_PASSWORD=your-user-password - -e KOMGA_ADMIN_PASSWORD=your-admin-password -e KOMGA_LIBRARIES_SCAN_DIRECTORY_EXCLUSIONS=#recycle,@eaDir -v path/to/data:/config \ -v path/to/books:/books \ @@ -53,8 +51,6 @@ services: - 8080:8080 user: "1000:1000" environment: - - KOMGA_USER_PASSWORD=your-user-password - - KOMGA_ADMIN_PASSWORD=your-admin-password - KOMGA_LIBRARIES_SCAN_DIRECTORY_EXCLUSIONS=#recycle,@eaDir restart: unless-stopped ``` @@ -71,8 +67,6 @@ For example, `-p 8080:80` would expose port `80` from inside the container to be | `--user: 1000:1000` | User:Group identifier - see below for explanation | | `-v /config` | Database and Komga configurations | | `-v /books` | Location of books library on disk | -| `-e KOMGA_USER_PASSWORD` | Password for the `user` user | -| `-e KOMGA_ADMIN_PASSWORD` | Password for the `admin` user | | `-e KOMGA_LIBRARIES_SCAN_DIRECTORY_EXCLUSIONS` | Comma-separated list of patterns to exclude directories from the scan | ## User / Group Identifiers diff --git a/README.md b/README.md index aedbf4787..e6df4ae71 100644 --- a/README.md +++ b/README.md @@ -11,10 +11,10 @@ Komga is a free and open source comics/mangas server. Features include: - scan and index libraries (local folders) containing sub-folders with comic book archives in `cbz` and `cbr` format, as well as `pdf`. Rescan periodically. -- serve the individual pages of those books via an API -- serve the complete file via an API +- serve the individual pages of those books via API. It can convert pages to different image format on the fly. +- serve the complete file via API - provide OPDS feed -- web interface for administration +- web interface ## Installation @@ -49,15 +49,13 @@ Each configuration key can have a different format depending if it's from the en In order to make Komga run, you need to specify some mandatory configuration keys (unless you use Docker, in which case defaults are setup): - `SPRING_PROFILES_ACTIVE` / `spring.profiles.active`: `prod` - this will enable the database management and upgrades for new versions. -- `SPRING_DATASOURCE_URL` / `spring.datasource.url`: the path of the database file. For Docker I use `jdbc:h2:/config/database.h2;DB_CLOSE_DELAY=-1`, where `/config/database.h2` is the actual file inside the docker container. You can customize this part if running without docker. +- `SPRING_DATASOURCE_URL` / `spring.datasource.url`: the path of the database file. For Docker I use `jdbc:h2:/config/database.h2`, where `/config/database.h2` is the actual file inside the docker container. You can customize this part if running without docker. - `KOMGA_LIBRARIES_SCAN_CRON` / `komga.libraries-scan-cron`: a [Spring cron expression](https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/scheduling/support/CronSequenceGenerator.html) for libraries periodic rescans. `0 0 * * * ?` will rescan every hour. `0 */15 * * * ?` will rescan every 15 minutes. ### Optional configuration You can also use some optional configuration keys: -- `KOMGA_USER_PASSWORD` / `komga.user-password`: the password for the user `user`. Defaults to `user`. -- `KOMGA_ADMIN_PASSWORD` / `komga.admin-password`: the password for the user `admin`. Defaults to `admin`. - `KOMGA_THREADS_PARSE` / `komga.threads.parse`: the number of worker threads used for book parsing. Defaults to `2`. You can experiment to get better performance. - `KOMGA_LIBRARIES_SCAN_DIRECTORY_EXCLUSIONS` / `komga.libraries-scan-directory-exclusions`: a list of patterns to exclude directories from the scan. If the full path contains any of the patterns, the directory will be ignored. If using the environment variable form use a comma-separated list. @@ -87,6 +85,26 @@ On rescans, Komga will update Series and Books, add new ones, and remove the one Then it will _parse_ each book, which consist of indexing pages (images in the archive), and generating a thumbnail. +## Security + +### User accounts + +At startup, if no user account exists in database, Komga will generate an initial administrator account with a random password, and will output the login and password in the logs: + +``` +2019-10-15 17:15:31.483 INFO 18808 --- [ restartedMain] o.g.k.i.scheduler.InitialUserController : Initial user created. Login: admin@example.org, Password: 2Qf8l85xOB8o +``` + +:exclamation: It is strongly advised to create your own account, and delete the generated account! + +### HTTPS + +If you want to open your Komga server outside your local network, it is strongly advised to secure it with `https` (especially due to the use of http basic authentication). + +Spring Boot supports `https` out of the box, but you will have to configure it, and `https` is most useful only with valid certificates (not self-signed), which most people don't readily have available. + +I recommend using [Caddy](https://caddyserver.com/) as a reverse proxy, as it supports the automatic generation of [Let's Encrypt](https://letsencrypt.org/) certificates. + ## Clients ### Tachiyomi @@ -119,11 +137,18 @@ The web interface is available on port `8080`. Features: -- add and remove libraries +- add and remove libraries (for administrators only) +- server settings (for administrators only) + - users management +- account settings + - change password Screenshots: -[![webui_screenshot](./.github/readme-images/webui_small.png)](https://raw.githubusercontent.com/gotson/komga/master/.github/readme-images/webui.png) +|Home page | Users management | +|---|---| +| [![webui_screenshot](./.github/readme-images/webui_small.png)](https://raw.githubusercontent.com/gotson/komga/master/.github/readme-images/webui.png) | [![webui-settings-users_screenshot](./.github/readme-images/webui-settings-users_small.png)](https://raw.githubusercontent.com/gotson/komga/master/.github/readme-images/webui-settings-users.png) | + ## APIs @@ -133,7 +158,7 @@ Default port for APIs is `8080`. Komga offers a REST API, which you can browse using Swagger. It's available at `/swagger-ui.html`. The API offers __file download__ and __page streaming__. -In order to access the API, you will need to authenticate using Basic Authentication, with one of the 2 built-in users (`admin` or `user`). +In order to access the API, you will need to authenticate using Basic Authentication. ### OPDS diff --git a/doc/sample-configuration/unix/application.yml b/doc/sample-configuration/unix/application.yml index 8f80c8c4d..15175006e 100644 --- a/doc/sample-configuration/unix/application.yml +++ b/doc/sample-configuration/unix/application.yml @@ -3,10 +3,8 @@ komga: libraries-scan-directory-exclusions: #patterns to exclude directories from the scan - "#recycle" #synology NAS recycle bin - "@eaDir" #synology NAS index/metadata folders - user-password: user-password - admin-password: admin-password spring: datasource: - url: jdbc:h2:./komga-database.h2;DB_CLOSE_DELAY=-1 #database will be located in the current directory + url: jdbc:h2:./komga-database.h2 #database will be located in the current directory profiles: active: prod diff --git a/doc/sample-configuration/windows/application.yml b/doc/sample-configuration/windows/application.yml index 77907b8b7..cdcab175b 100644 --- a/doc/sample-configuration/windows/application.yml +++ b/doc/sample-configuration/windows/application.yml @@ -3,11 +3,9 @@ komga: libraries-scan-directory-exclusions: #patterns to exclude directories from the scan - "#recycle" #synology NAS recycle bin - "@eaDir" #synology NAS index/metadata folders - user-password: user-password - admin-password: admin-password spring: datasource: - url: jdbc:h2:./komga-database.h2;DB_CLOSE_DELAY=-1 #database will be located in the current directory - # url: jdbc:h2:D:\\komga\komga-database.h2;DB_CLOSE_DELAY=-1 #database absolute path, uncomment if necessary and comment above line + url: jdbc:h2:./komga-database.h2 #database will be located in the current directory + # url: jdbc:h2:D:\\komga\komga-database.h2 #database absolute path, uncomment if necessary and comment above line profiles: active: prod diff --git a/komga/build.gradle.kts b/komga/build.gradle.kts index 8ac157d84..d98841896 100644 --- a/komga/build.gradle.kts +++ b/komga/build.gradle.kts @@ -20,7 +20,7 @@ plugins { } group = "org.gotson" -version = "0.6.1" +version = "0.7.0" val developmentOnly = configurations.create("developmentOnly") configurations.runtimeClasspath.get().extendsFrom(developmentOnly) diff --git a/komga/src/main/resources/application-localdb.yml b/komga/src/main/resources/application-localdb.yml index d0724573c..c1547c0c7 100644 --- a/komga/src/main/resources/application-localdb.yml +++ b/komga/src/main/resources/application-localdb.yml @@ -1,4 +1,4 @@ spring: datasource: - url: jdbc:h2:./testdb;DB_CLOSE_DELAY=-1 + url: jdbc:h2:./testdb