add docker support
This commit is contained in:
parent
35c14c2242
commit
5d2d46d8dc
|
@ -0,0 +1,46 @@
|
|||
# Packages
|
||||
node_modules
|
||||
**/node_modules
|
||||
|
||||
# Log files
|
||||
logs
|
||||
*.log
|
||||
npm-debug.log*
|
||||
|
||||
# Runtime data
|
||||
pids
|
||||
*.pid
|
||||
*.seed
|
||||
|
||||
# IDE
|
||||
.vscode
|
||||
|
||||
# Docker (experimental)
|
||||
docker/
|
||||
Dockerfile
|
||||
.dockerignore
|
||||
docker-compose.yml
|
||||
docker-compose.config.yml
|
||||
docker-compose.config.example.yml
|
||||
|
||||
# Tests
|
||||
coverage/
|
||||
jest-setup.ts
|
||||
jest.config.js
|
||||
|
||||
# Linting
|
||||
.eslingignore
|
||||
.eslintrc.json
|
||||
tsconfig.eslint.json
|
||||
|
||||
# Miscellaneous
|
||||
.tmp
|
||||
.vscode
|
||||
.git
|
||||
.gitattributes
|
||||
.gitignore
|
||||
README.md
|
||||
chibi.ps1
|
||||
chibi.sh
|
||||
dist
|
||||
.nuxt
|
|
@ -10,3 +10,5 @@ uploads/
|
|||
!src/api/routes/uploads
|
||||
db
|
||||
database.sqlite-journal
|
||||
docker/nginx/chibisafe.moe.conf
|
||||
docker-compose.config.yml
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
audit=false
|
||||
fund=false
|
||||
node-version=false
|
||||
legacy-peer-deps=true
|
|
@ -0,0 +1,3 @@
|
|||
$env = $args[0]
|
||||
$cmd = $args | Select-Object -Skip 1
|
||||
docker-compose -f docker-compose.yml -f docker-compose.$env.yml -f docker-compose.config.yml $cmd
|
|
@ -0,0 +1,2 @@
|
|||
#!/bin/sh
|
||||
docker-compose -f docker-compose.yml -f docker-compose.$1.yml -f docker-compose.config.yml ${@%$1}
|
|
@ -0,0 +1,20 @@
|
|||
FROM jrottenberg/ffmpeg:4.3-alpine312 as ffmpeg
|
||||
|
||||
FROM node:alpine3.12
|
||||
|
||||
WORKDIR /usr/chibisafe
|
||||
COPY package.json package-lock.json ./
|
||||
|
||||
RUN apk add --update \
|
||||
&& apk add --no-cache ca-certificates libwebp libwebp-tools expat \
|
||||
&& apk add --no-cache vidstab-dev --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
|
||||
&& apk add --no-cache --virtual .build-deps git curl build-base python3 g++ make \
|
||||
&& npm ci \
|
||||
&& apk del .build-deps
|
||||
|
||||
COPY --from=ffmpeg /usr/local /usr/local
|
||||
|
||||
COPY . .
|
||||
RUN mkdir uploads && mkdir database
|
||||
|
||||
CMD ["sh", "-c", "npm run migrate && npm run seed && npm run build && npm start"]
|
|
@ -0,0 +1,37 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
chibisafe:
|
||||
environment:
|
||||
CHUNK_SIZE: 90
|
||||
SECRET: "wowfcgMHqZHwOIMLadWrKu3liyqPOOILpDLSDvuxq3YGhJmiZXJCVpnF96l11WfR"
|
||||
ADMIN_ACCOUNT: "admin"
|
||||
ADMIN_PASSWORD: "admin"
|
||||
# ROUTE_PREFIX: /api
|
||||
# RATE_LIMIT_WINDOW: 2
|
||||
# RATE_LIMIT_MAX: 5
|
||||
# BLOCKED_EXTENSIONS: '.jar,.exe,.msi,.com,.bat,.cmd,.scr,.ps1,.sh'
|
||||
# UPLOAD_FOLDER: uploads
|
||||
# MAX_LINKS_PER_ALBUM: 5
|
||||
# META_THEME_COLOR: '#20222b'
|
||||
# META_DESCRIPTION: 'Blazing fast file uploader and bunker written in node! 🚀'
|
||||
# META_KEYWORDS: 'chibisafe,upload,uploader,file,vue,images,ssr,file uploader,free'
|
||||
# META_TWITTER_HANDLE: ''
|
||||
# SERVER_PORT: 5000
|
||||
# WEBSITE_PORT: 5001
|
||||
# DOMAIN: 'http://chibisafe.moe'
|
||||
# SERVICE_NAME: chibisafe
|
||||
# MAX_SIZE: 5000
|
||||
# GENERATE_THUMBNAILS: 'true'
|
||||
# GENERATE_ZIPS: 'true'
|
||||
# STRIP_EXIF: 'true'
|
||||
# SERVE_WITH_NODE: 'true'
|
||||
# GENERATED_FILENAME_LENGTH: 6
|
||||
# GENERATED_ALBUM_LENGTH: 4
|
||||
# PUBLIC_MODE: 'false'
|
||||
# USER_ACCOUNTS: 'true'
|
||||
# DB_CLIENT: 'sqlite3'
|
||||
# DB_HOST: ''
|
||||
# DB_USER: ''
|
||||
# DB_PASSWORD: ''
|
||||
# DB_DATABASE: ''
|
|
@ -0,0 +1,19 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
nginx:
|
||||
volumes:
|
||||
- nginx-data:/etc/nginx
|
||||
|
||||
chibisafe:
|
||||
volumes:
|
||||
- chibisafe-data:/usr/chibisafe/uploads
|
||||
- chibisafe-database:/usr/chibisafe/database
|
||||
|
||||
volumes:
|
||||
nginx-data:
|
||||
name: "nginx-data"
|
||||
chibisafe-data:
|
||||
name: "chibisafe-data"
|
||||
chibisafe-database:
|
||||
name: "chibisafe-database"
|
|
@ -0,0 +1,11 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
nginx:
|
||||
volumes:
|
||||
- ./nginx-data:/etc/nginx
|
||||
|
||||
chibisafe:
|
||||
volumes:
|
||||
- ./chibisafe-data:/usr/chibisafe/uploads
|
||||
- ./chibisafe-database:/usr/chibisafe/database
|
|
@ -0,0 +1,63 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
nginx:
|
||||
build:
|
||||
context: ./nginx
|
||||
dockerfile: Dockerfile
|
||||
expose:
|
||||
- "80"
|
||||
- "443"
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
restart: unless-stopped
|
||||
healthcheck:
|
||||
test: ["CMD", "service", "nginx", "status"]
|
||||
interval: 60s
|
||||
timeout: 5s
|
||||
|
||||
chibisafe:
|
||||
build:
|
||||
context: ../
|
||||
dockerfile: ./docker/chibisafe/Dockerfile
|
||||
expose:
|
||||
- "5000"
|
||||
- "5001"
|
||||
ports:
|
||||
- "5000"
|
||||
- "5001"
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
CHUNK_SIZE: 90
|
||||
ROUTE_PREFIX: /api
|
||||
RATE_LIMIT_WINDOW: 2
|
||||
RATE_LIMIT_MAX: 5
|
||||
BLOCKED_EXTENSIONS: ".jar,.exe,.msi,.com,.bat,.cmd,.scr,.ps1,.sh"
|
||||
UPLOAD_FOLDER: uploads
|
||||
SECRET: ""
|
||||
MAX_LINKS_PER_ALBUM: 5
|
||||
META_THEME_COLOR: "#20222b"
|
||||
META_DESCRIPTION: "Blazing fast file uploader and bunker written in node! 🚀"
|
||||
META_KEYWORDS: "chibisafe,upload,uploader,file,vue,images,ssr,file uploader,free"
|
||||
META_TWITTER_HANDLE: ""
|
||||
SERVER_PORT: 5000
|
||||
WEBSITE_PORT: 5001
|
||||
DOMAIN: "http://chibisafe.moe"
|
||||
SERVICE_NAME: chibisafe
|
||||
MAX_SIZE: 5000
|
||||
GENERATE_THUMBNAILS: "true"
|
||||
GENERATE_ZIPS: "true"
|
||||
STRIP_EXIF: "true"
|
||||
SERVE_WITH_NODE: "true"
|
||||
GENERATED_FILENAME_LENGTH: 6
|
||||
GENERATED_ALBUM_LENGTH: 4
|
||||
PUBLIC_MODE: "false"
|
||||
USER_ACCOUNTS: "true"
|
||||
ADMIN_ACCOUNT: ""
|
||||
ADMIN_PASSWORD: ""
|
||||
DB_CLIENT: "sqlite3"
|
||||
DB_HOST: ""
|
||||
DB_USER: ""
|
||||
DB_PASSWORD: ""
|
||||
DB_DATABASE: ""
|
|
@ -0,0 +1,5 @@
|
|||
FROM nginx
|
||||
|
||||
COPY nginxconfig.io /etc/nginx/nginxconfig.io
|
||||
COPY nginx.conf /etc/nginx/nginx.conf
|
||||
COPY chibisafe.moe.conf /etc/nginx/conf.d/chibisafe.moe.conf
|
|
@ -0,0 +1,21 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name chibisafe.moe;
|
||||
|
||||
# security
|
||||
include nginxconfig.io/security.conf;
|
||||
|
||||
# logging
|
||||
access_log /var/log/nginx/chibisafe.moe.access.log;
|
||||
error_log /var/log/nginx/chibisafe.moe.error.log warn;
|
||||
|
||||
# reverse proxy
|
||||
location / {
|
||||
proxy_pass http://localhost:5000;
|
||||
include nginxconfig.io/proxy.conf;
|
||||
}
|
||||
|
||||
# additional config
|
||||
include nginxconfig.io/general.conf;
|
||||
}
|
|
@ -0,0 +1,32 @@
|
|||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name chibisafe.moe;
|
||||
|
||||
# SSL
|
||||
ssl_certificate /etc/nginx/ssl/chibisafe.moe.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/chibisafe.moe.key;
|
||||
|
||||
# security
|
||||
include nginxconfig.io/security.conf;
|
||||
|
||||
# logging
|
||||
access_log /var/log/nginx/chibisafe.moe.access.log;
|
||||
error_log /var/log/nginx/chibisafe.moe.error.log warn;
|
||||
|
||||
# reverse proxy
|
||||
location / {
|
||||
proxy_pass http://localhost:5000;
|
||||
include nginxconfig.io/proxy.conf;
|
||||
}
|
||||
|
||||
# additional config
|
||||
include nginxconfig.io/general.conf;
|
||||
}
|
||||
|
||||
# HTTP redirect
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
|
@ -0,0 +1,54 @@
|
|||
# Generated by nginxconfig.io
|
||||
# https://www.digitalocean.com/community/tools/nginx?domains.0.server.domain=tourneys.naval-base.com&domains.0.server.documentRoot=&domains.0.https.certType=custom&domains.0.php.php=false&domains.0.reverseProxy.reverseProxy=true&domains.0.reverseProxy.proxyPass=http%3A%2F%2F127.0.0.1%3A3001&domains.0.routing.root=false&domains.0.logging.accessLog=true&domains.0.logging.errorLog=true
|
||||
|
||||
user www-data;
|
||||
pid /run/nginx.pid;
|
||||
worker_processes auto;
|
||||
worker_rlimit_nofile 65535;
|
||||
|
||||
events {
|
||||
multi_accept on;
|
||||
worker_connections 65535;
|
||||
}
|
||||
|
||||
http {
|
||||
charset utf-8;
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
server_tokens off;
|
||||
log_not_found off;
|
||||
types_hash_max_size 2048;
|
||||
client_max_body_size 90M;
|
||||
client_body_timeout 600s;
|
||||
|
||||
# MIME
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Logging
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
|
||||
# SSL
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_tickets off;
|
||||
|
||||
# Diffie-Hellman parameter for DHE ciphersuites
|
||||
# ssl_dhparam /etc/nginx/dhparam.pem;
|
||||
|
||||
# Mozilla Intermediate configuration
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
|
||||
# OCSP Stapling
|
||||
ssl_stapling off;
|
||||
ssl_stapling_verify off;
|
||||
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
|
||||
resolver_timeout 2s;
|
||||
|
||||
# Load configs
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
# include /etc/nginx/sites-enabled/*;
|
||||
}
|
|
@ -0,0 +1,18 @@
|
|||
# favicon.ico
|
||||
location = /favicon.ico {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# robots.txt
|
||||
location = /robots.txt {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# gzip
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_proxied any;
|
||||
gzip_comp_level 6;
|
||||
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
|
|
@ -0,0 +1,18 @@
|
|||
proxy_http_version 1.1;
|
||||
proxy_cache_bypass $http_upgrade;
|
||||
|
||||
# Proxy headers
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Port $server_port;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
|
||||
# Proxy timeouts
|
||||
proxy_connect_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
proxy_read_timeout 60s;
|
|
@ -0,0 +1,12 @@
|
|||
# security headers
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
||||
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'" always;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
|
||||
# . files
|
||||
location ~ /\.(?!well-known) {
|
||||
deny all;
|
||||
}
|
File diff suppressed because it is too large
Load Diff
20
package.json
20
package.json
|
@ -9,15 +9,15 @@
|
|||
"url": "https://github.com/Pitu"
|
||||
},
|
||||
"scripts": {
|
||||
"setup": "node src/setup.js && yarn build && yarn migrate && yarn seed",
|
||||
"setup": "node src/setup.js && npm run migrate && npm run seed && npm run build",
|
||||
"build": "nuxt build",
|
||||
"start": "cross-env NODE_ENV=production node src/api/structures/Server",
|
||||
"dev": "nuxt",
|
||||
"migrate": "yarn knex migrate:latest",
|
||||
"seed": "yarn knex seed:run",
|
||||
"migrate": "knex migrate:latest",
|
||||
"seed": "knex seed:run",
|
||||
"api": "node src/api/structures/Server",
|
||||
"update": "git pull && yarn install && yarn migrate && yarn build && yarn restart",
|
||||
"restart": "pm2 restart chibisafe"
|
||||
"update": "git pull && npm install && npm run migrate && npm run build && npm run restart",
|
||||
"restart": "pm2 restart lolisafe"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
@ -33,7 +33,7 @@
|
|||
"@mdi/font": "^5.3.45",
|
||||
"@nuxtjs/axios": "^5.4.1",
|
||||
"adm-zip": "^0.4.13",
|
||||
"bcrypt": "^4.0.1",
|
||||
"bcrypt": "^5.0.0",
|
||||
"body-parser": "^1.18.3",
|
||||
"buefy": "^0.9.4",
|
||||
"busboy": "^0.2.14",
|
||||
|
@ -67,8 +67,8 @@
|
|||
"rotating-file-stream": "^2.1.3",
|
||||
"search-query-parser": "^1.5.5",
|
||||
"serve-static": "^1.13.2",
|
||||
"sharp": "^0.25.2",
|
||||
"sqlite3": "^4.0.6",
|
||||
"sharp": "^0.27.0",
|
||||
"sqlite3": "^5.0.0",
|
||||
"uuid": "^3.3.2",
|
||||
"v-clipboard": "^2.2.1",
|
||||
"vue-axios": "^2.1.4",
|
||||
|
@ -86,11 +86,11 @@
|
|||
"eslint-config-aqua": "^7.3.0",
|
||||
"eslint-import-resolver-nuxt": "^1.0.1",
|
||||
"eslint-plugin-vue": "^5.2.1",
|
||||
"node-sass": "^4.11.0",
|
||||
"node-sass": "^5.0.0",
|
||||
"nodemon": "^1.19.3",
|
||||
"postcss-css-variables": "^0.11.0",
|
||||
"postcss-nested": "^3.0.0",
|
||||
"sass-loader": "^7.1.0"
|
||||
"sass-loader": "^10.1.0"
|
||||
},
|
||||
"eslintConfig": {
|
||||
"extends": [
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
// Import the initial variables
|
||||
@import "../../../node_modules/bulma/sass/utilities/initial-variables";
|
||||
@import "../../../node_modules/bulma/sass/utilities/functions";
|
||||
@import "../../../../node_modules/bulma/sass/utilities/initial-variables";
|
||||
@import "../../../../node_modules/bulma/sass/utilities/functions";
|
||||
|
||||
// Setup our custom colors
|
||||
$chibisafe: #323846;
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
@import './_colors.scss';
|
||||
|
||||
// Bulma/Buefy customization
|
||||
@import '../../../node_modules/bulma/sass/utilities/_all.sass';
|
||||
@import '../../../../node_modules/bulma/sass/utilities/_all.sass';
|
||||
|
||||
$body-size: 14px !default;
|
||||
$family-primary: 'Nunito', BlinkMacSystemFont, -apple-system, 'Segoe UI', 'Roboto', 'Oxygen', 'Ubuntu', 'Cantarell',
|
||||
|
|
Loading…
Reference in New Issue