services : ajout privatebin
This commit is contained in:
parent
7a0d656a0a
commit
ce6c767e66
15
podman-privatebin/10_install.sh
Executable file
15
podman-privatebin/10_install.sh
Executable file
|
@ -0,0 +1,15 @@
|
|||
#!/usr/bin/env bash
|
||||
git clone https://github.com/PrivateBin/docker-nginx-fpm-alpine
|
||||
sed -i 's|fastcgi_pass unix:/run/php-fpm.sock;|fastcgi_pass unix:/run/s6/php-fpm.sock;|' docker-nginx-fpm-alpine/etc/nginx/http.d/site.conf
|
||||
sed -i 's|pid /run/nginx.pid;|pid /run/s6/nginx.pid;|' docker-nginx-fpm-alpine/etc/nginx/nginx.conf
|
||||
sed -i 's|listen = /run/php-fpm.sock|listen = /run/s6/php-fpm.sock|' docker-nginx-fpm-alpine/etc/php8/php-fpm.d/zz-docker.conf
|
||||
cp conf.php docker-nginx-fpm-alpine/conf.php
|
||||
grep -q conf.php docker-nginx-fpm-alpine/Dockerfile || sed -i '/^COPY.*/a COPY conf.php /srv/cfg/conf.php' docker-nginx-fpm-alpine/Dockerfile
|
||||
podman build -t privatebin-nginx-fpm-alpine docker-nginx-fpm-alpine
|
||||
podman volume create privatebin-data
|
||||
podman volume create privatebin-run
|
||||
podman volume create privatebin-var-lib-nginx-tmp
|
||||
podman unshare chown -R 65534:82 `podman volume inspect --format '{{ .Mountpoint }}' privatebin-data`
|
||||
podman unshare chown -R 65534:82 `podman volume inspect --format '{{ .Mountpoint }}' privatebin-run`
|
||||
podman unshare chown -R 65534:82 `podman volume inspect --format '{{ .Mountpoint }}' privatebin-var-lib-nginx-tmp`
|
||||
podman run -d --read-only --restart=always --name my-privatebin -p 8084:8080 -v privatebin-run:/run:Z -v privatebin-data:/srv/data:Z -v privatebin-var-lib-nginx-tmp:/var/lib/nginx/tmp:Z privatebin-nginx-fpm-alpine
|
4
podman-privatebin/20_enable.sh
Normal file
4
podman-privatebin/20_enable.sh
Normal file
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/env bash
|
||||
podman generate systemd --files --name my-privatebin
|
||||
cp *.service ~/.config/systemd/user/
|
||||
systemctl --user enable container-my-privatebin.service
|
183
podman-privatebin/conf.php
Normal file
183
podman-privatebin/conf.php
Normal file
|
@ -0,0 +1,183 @@
|
|||
;<?php http_response_code(403); /*
|
||||
; config file for PrivateBin
|
||||
;
|
||||
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
|
||||
|
||||
[main]
|
||||
; (optional) set a project name to be displayed on the website
|
||||
; name = "PrivateBin"
|
||||
|
||||
; The full URL, with the domain name and directories that point to the PrivateBin files
|
||||
; This URL is essential to allow Opengraph images to be displayed on social networks
|
||||
; basepath = ""
|
||||
|
||||
; enable or disable the discussion feature, defaults to true
|
||||
discussion = true
|
||||
|
||||
; preselect the discussion feature, defaults to false
|
||||
opendiscussion = false
|
||||
|
||||
; enable or disable the password feature, defaults to true
|
||||
password = true
|
||||
|
||||
; enable or disable the file upload feature, defaults to false
|
||||
fileupload = false
|
||||
|
||||
; preselect the burn-after-reading feature, defaults to false
|
||||
burnafterreadingselected = false
|
||||
|
||||
; which display mode to preselect by default, defaults to "plaintext"
|
||||
; make sure the value exists in [formatter_options]
|
||||
defaultformatter = "plaintext"
|
||||
|
||||
; (optional) set a syntax highlighting theme, as found in css/prettify/
|
||||
syntaxhighlightingtheme = "sons-of-obsidian"
|
||||
|
||||
; size limit per paste or comment in bytes, defaults to 10 Mebibytes
|
||||
sizelimit = 10485760
|
||||
|
||||
; template to include, default is "bootstrap" (tpl/bootstrap.php)
|
||||
template = "bootstrap-dark"
|
||||
|
||||
; (optional) info text to display
|
||||
; use single, instead of double quotes for HTML attributes
|
||||
;info = "More information on the <a href='https://privatebin.info/'>project page</a>."
|
||||
|
||||
; (optional) notice to display
|
||||
; notice = "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service."
|
||||
|
||||
; by default PrivateBin will guess the visitors language based on the browsers
|
||||
; settings. Optionally you can enable the language selection menu, which uses
|
||||
; a session cookie to store the choice until the browser is closed.
|
||||
languageselection = false
|
||||
|
||||
; set the language your installs defaults to, defaults to English
|
||||
; if this is set and language selection is disabled, this will be the only language
|
||||
; languagedefault = "en"
|
||||
|
||||
; (optional) URL shortener address to offer after a new paste is created
|
||||
; it is suggested to only use this with self-hosted shorteners as this will leak
|
||||
; the pastes encryption key
|
||||
; urlshortener = "https://shortener.example.com/api?link="
|
||||
|
||||
; (optional) Let users create a QR code for sharing the paste URL with one click.
|
||||
; It works both when a new paste is created and when you view a paste.
|
||||
; qrcode = true
|
||||
|
||||
; (optional) IP based icons are a weak mechanism to detect if a comment was from
|
||||
; a different user when the same username was used in a comment. It might be
|
||||
; used to get the IP of a non anonymous comment poster if the server salt is
|
||||
; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
|
||||
; Can be set to one these values: "none" / "vizhash" / "identicon" (default).
|
||||
; icon = "none"
|
||||
|
||||
; Content Security Policy headers allow a website to restrict what sources are
|
||||
; allowed to be accessed in its context. You need to change this if you added
|
||||
; custom scripts from third-party domains to your templates, e.g. tracking
|
||||
; scripts or run your site behind certain DDoS-protection services.
|
||||
; Check the documentation at https://content-security-policy.com/
|
||||
; Notes:
|
||||
; - If you use a bootstrap theme, you can remove the allow-popups from the
|
||||
; sandbox restrictions.
|
||||
; - By default this disallows to load images from third-party servers, e.g. when
|
||||
; they are embedded in pastes. If you wish to allow that, you can adjust the
|
||||
; policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images
|
||||
; for details.
|
||||
; - The 'unsafe-eval' is used in two cases; to check if the browser supports
|
||||
; async functions and display an error if not and for Chrome to enable
|
||||
; webassembly support (used for zlib compression). You can remove it if Chrome
|
||||
; doesn't need to be supported and old browsers don't need to be warned.
|
||||
; cspheader = "default-src 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
|
||||
|
||||
; stay compatible with PrivateBin Alpha 0.19, less secure
|
||||
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
|
||||
; sha256 in HMAC for the deletion token
|
||||
; zerobincompatibility = false
|
||||
|
||||
; Enable or disable the warning message when the site is served over an insecure
|
||||
; connection (insecure HTTP instead of HTTPS), defaults to true.
|
||||
; Secure transport methods like Tor and I2P domains are automatically whitelisted.
|
||||
; It is **strongly discouraged** to disable this.
|
||||
; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
|
||||
; httpwarning = true
|
||||
|
||||
; Pick compression algorithm or disable it. Only applies to pastes/comments
|
||||
; created after changing the setting.
|
||||
; Can be set to one these values: "none" / "zlib" (default).
|
||||
; compression = "zlib"
|
||||
|
||||
[expire]
|
||||
; expire value that is selected per default
|
||||
; make sure the value exists in [expire_options]
|
||||
default = "1week"
|
||||
|
||||
[expire_options]
|
||||
; Set each one of these to the number of seconds in the expiration period,
|
||||
; or 0 if it should never expire
|
||||
5min = 300
|
||||
10min = 600
|
||||
1hour = 3600
|
||||
1day = 86400
|
||||
1week = 604800
|
||||
; Well this is not *exactly* one month, it's 30 days:
|
||||
1month = 2592000
|
||||
1year = 31536000
|
||||
;never = 0
|
||||
|
||||
[formatter_options]
|
||||
; Set available formatters, their order and their labels
|
||||
plaintext = "Plain Text"
|
||||
syntaxhighlighting = "Source Code"
|
||||
markdown = "Markdown"
|
||||
|
||||
[traffic]
|
||||
; time limit between calls from the same IP address in seconds
|
||||
; Set this to 0 to disable rate limiting.
|
||||
limit = 10
|
||||
|
||||
; (optional) if your website runs behind a reverse proxy or load balancer,
|
||||
; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
|
||||
header = "X_FORWARDED_FOR"
|
||||
|
||||
; directory to store the traffic limits in
|
||||
dir = PATH "data"
|
||||
|
||||
[purge]
|
||||
; minimum time limit between two purgings of expired pastes, it is only
|
||||
; triggered when pastes are created
|
||||
; Set this to 0 to run a purge every time a paste is created.
|
||||
limit = 300
|
||||
|
||||
; maximum amount of expired pastes to delete in one purge
|
||||
; Set this to 0 to disable purging. Set it higher, if you are running a large
|
||||
; site
|
||||
batchsize = 10
|
||||
|
||||
; directory to store the purge limit in
|
||||
dir = PATH "data"
|
||||
|
||||
[model]
|
||||
; name of data model class to load and directory for storage
|
||||
; the default model "Filesystem" stores everything in the filesystem
|
||||
class = Filesystem
|
||||
[model_options]
|
||||
dir = PATH "data"
|
||||
|
||||
;[model]
|
||||
; example of DB configuration for MySQL
|
||||
;class = Database
|
||||
;[model_options]
|
||||
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
|
||||
;tbl = "privatebin_" ; table prefix
|
||||
;usr = "privatebin"
|
||||
;pwd = "Z3r0P4ss"
|
||||
;opt[12] = true ; PDO::ATTR_PERSISTENT
|
||||
|
||||
;[model]
|
||||
; example of DB configuration for SQLite
|
||||
;class = Database
|
||||
;[model_options]
|
||||
;dsn = "sqlite:" PATH "data/db.sq3"
|
||||
;usr = null
|
||||
;pwd = null
|
||||
;opt[12] = true ; PDO::ATTR_PERSISTENT
|
Loading…
Reference in a new issue