mirror of
https://github.com/prasathmani/tinyfilemanager
synced 2024-06-01 21:42:12 +02:00
Added hability to import custom certs.
This commit is contained in:
parent
470e1e6d81
commit
28e36e7a5f
|
@ -25,7 +25,10 @@ COPY *.ini /usr/local/etc/php/conf.d/
|
||||||
|
|
||||||
RUN ln -sf tinyfilemanager.php index.php
|
RUN ln -sf tinyfilemanager.php index.php
|
||||||
|
|
||||||
CMD [ "php", "-S", "[::]:8080", "-t", "/var/www/html" ]
|
RUN mkdir /certs
|
||||||
|
COPY startup.sh /
|
||||||
|
|
||||||
|
CMD [ "sh", "/startup.sh" ]
|
||||||
|
|
||||||
EXPOSE 8080
|
EXPOSE 8080
|
||||||
|
|
||||||
|
|
|
@ -29,6 +29,9 @@ COPY debug-files/* /var/www/html/
|
||||||
|
|
||||||
RUN ln -sf tinyfilemanager.php index.php
|
RUN ln -sf tinyfilemanager.php index.php
|
||||||
|
|
||||||
CMD [ "php", "-S", "[::]:8080", "-t", "/var/www/html" ]
|
RUN mkdir /certs
|
||||||
|
COPY startup.sh /
|
||||||
|
|
||||||
|
CMD [ "sh", "/startup.sh" ]
|
||||||
|
|
||||||
EXPOSE 8080
|
EXPOSE 8080
|
||||||
|
|
|
@ -55,7 +55,7 @@ Then the secret will be read from `filemanager.admin_pass` secret.
|
||||||
With docker:
|
With docker:
|
||||||
```
|
```
|
||||||
docker run -it -p 8111:8080 -v /opt:/opt -e ADMIN_USER=admin -e ADMIN_PASS=password -e ROOT_FS=/opt/ \
|
docker run -it -p 8111:8080 -v /opt:/opt -e ADMIN_USER=admin -e ADMIN_PASS=password -e ROOT_FS=/opt/ \
|
||||||
-e SYSLOG_SERVER=192.168.1.131 -e SYSLOG_PORT=1514 -e SYSLOG_PROTO=udp -e SYSLOG_JSON=1 jpralvesatdocker/tinyfilemanager:2.5.2.1
|
-e SYSLOG_SERVER=192.168.1.131 -e SYSLOG_PORT=1514 -e SYSLOG_PROTO=udp -e SYSLOG_JSON=1 jpralvesatdocker/tinyfilemanager:2.5.2.3
|
||||||
```
|
```
|
||||||
|
|
||||||
With docker-compose:
|
With docker-compose:
|
||||||
|
@ -76,7 +76,7 @@ services:
|
||||||
- SYSLOG_PORT=1514
|
- SYSLOG_PORT=1514
|
||||||
- SYSLOG_PROTO=udp
|
- SYSLOG_PROTO=udp
|
||||||
- SYSLOG_JSON=1
|
- SYSLOG_JSON=1
|
||||||
image: jpralvesatdocker/tinyfilemanager:2.5.2.1
|
image: jpralvesatdocker/tinyfilemanager:2.5.2.3
|
||||||
```
|
```
|
||||||
|
|
||||||
## Building images
|
## Building images
|
||||||
|
@ -87,7 +87,7 @@ docker build . -t jpralvesatdocker/tinyfilemanager:latest
|
||||||
docker build --build-arg RUNUSER=tinyuser . -t jpralvesatdocker/tinyfilemanager:latest-user
|
docker build --build-arg RUNUSER=tinyuser . -t jpralvesatdocker/tinyfilemanager:latest-user
|
||||||
```
|
```
|
||||||
|
|
||||||
## Adding custom CA certificate to image
|
## Adding custom CA certificate to image (Option 1)
|
||||||
|
|
||||||
The trusted CA file is the one provided by alpine distro and it is located in `/etc/ssl/certs/ca-certificates.crt`.
|
The trusted CA file is the one provided by alpine distro and it is located in `/etc/ssl/certs/ca-certificates.crt`.
|
||||||
Replacing this file with a copy of it with the self-signed certificate of the custom CA appended at the end works.
|
Replacing this file with a copy of it with the self-signed certificate of the custom CA appended at the end works.
|
||||||
|
@ -106,5 +106,27 @@ services:
|
||||||
- ADMIN_USER=admin
|
- ADMIN_USER=admin
|
||||||
- ADMIN_PASS=pass
|
- ADMIN_PASS=pass
|
||||||
- ROOT_FS=/opt
|
- ROOT_FS=/opt
|
||||||
image: jpralvesatdocker/tinyfilemanager:2.5.2.1
|
image: jpralvesatdocker/tinyfilemanager:2.5.2.3
|
||||||
|
```
|
||||||
|
|
||||||
|
## Importing custom CA certs (Option 2)
|
||||||
|
|
||||||
|
With the base image (running with root) it is possible to import custom CAs to the trusted store.
|
||||||
|
The files with extension .pem or .crt are imported when container starts.
|
||||||
|
|
||||||
|
```
|
||||||
|
version: '3.3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
tinyfilemanager:
|
||||||
|
ports:
|
||||||
|
- '8111:8080'
|
||||||
|
volumes:
|
||||||
|
- '/opt:/opt'
|
||||||
|
- './certs/my-custom-cert.crt:/certs/my-custom-cert.crt'
|
||||||
|
environment:
|
||||||
|
- ADMIN_USER=admin
|
||||||
|
- ADMIN_PASS=pass
|
||||||
|
- ROOT_FS=/opt
|
||||||
|
image: jpralvesatdocker/tinyfilemanager:2.5.2.3
|
||||||
```
|
```
|
||||||
|
|
|
@ -5,7 +5,7 @@ I give credit to the original author but added the following enhancements:
|
||||||
|
|
||||||
- Docker images ready to be used. More instructions on this [document](README-docker.md).
|
- Docker images ready to be used. More instructions on this [document](README-docker.md).
|
||||||
- Ability to change owner of files and folders (Root run image)
|
- Ability to change owner of files and folders (Root run image)
|
||||||
- Added dynamic user variables to be used in docker images
|
- Added dynamic user variables to be used in docker images (with file contents)
|
||||||
- Updated external JS/CSS libraries to latest versions
|
- Updated external JS/CSS libraries to latest versions
|
||||||
- Show binary files in HEX dump format
|
- Show binary files in HEX dump format
|
||||||
- Support for webp images
|
- Support for webp images
|
||||||
|
|
20
startup.sh
Normal file
20
startup.sh
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "$(id -u)" -eq 0 ]; then
|
||||||
|
update=0
|
||||||
|
for f in /certs/*.pem /certs/*.crt; do
|
||||||
|
if [ -f "$f" ]; then
|
||||||
|
bn=$(basename "$f")
|
||||||
|
update=1
|
||||||
|
echo "import cert file ${bn}"
|
||||||
|
cp "$f" "/usr/local/share/ca-certificates/${bn}.crt"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
if [ "${update}" = "1" ]; then
|
||||||
|
update-ca-certificates
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "User cannot import certs."
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec php -S '[::]:8080' -t /var/www/html
|
|
@ -16,7 +16,7 @@ $CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":false,"hide_Cols":
|
||||||
*/
|
*/
|
||||||
|
|
||||||
//TFM version
|
//TFM version
|
||||||
define('VERSION', '2.5.2.2');
|
define('VERSION', '2.5.2.3');
|
||||||
|
|
||||||
//Application Title
|
//Application Title
|
||||||
define('APP_TITLE', 'Tiny File Manager');
|
define('APP_TITLE', 'Tiny File Manager');
|
||||||
|
|
Loading…
Reference in a new issue