4.2 KiB
tinyfilemanager
These docker images are the tinyfilemanager versions. The original work of tinyfilemanager is from this site
There are two versions of the images:
- tinyfilemanager:VERSION - With the chown capability (php is run with root)
- tinyfilemanager:VERSION-user - php is run under a non-privileged user
There are two additional images, not published, tinyfilemanager:debug and tinyfilemanager:debug-user for debugging purposes.
Options
- ADMIN_USER - (optional) The username of the admin user
- ADMIN_PASS - (optional) The password (This can be in clear-text or in the encrypted format)
- RO_USER - (optional) The username of the read/only user
- RO_PASS - (optional) The password (This can be in clear-text or in the encrypted format)
- ROOT_FS - (optional) The base of the viewed filesystem
- THEME - (optional) Set the default theme (light/dark)
Syslog Specific
- SYSLOG_SERVER - Syslog server to send auditing messages
- SYSLOG_PROTO - (optional) Protocol (tcp/udp) for syslog server (default: udp)
- SYSLOG_PORT - (optional) Port for syslog server (default: 514)
- SYSLOG_JSON - (optional) Format messages in json format
- SYSLOG_FACILITY - (optional) Facility to use (default: 13)
LDAP Specific
- LDAP_URL - URL to LDAP server (ldap://server:port)
- LDAP_BASE_SEARCH - Filter for LDAP search (dc=example,dc=org)
- LDAP_DOMAIN - (optional) LDAP domain prefix for authentication (ex: example)
- LDAP_ADMIN_GROUPS - (optional) LDAP admin groups to match separated by ';' (ex: CN=tinyfilemanager-admins,OU=GROUPS,DC=example,DC=org)
- LDAP_USER_GROUPS - (optional) LDAP user groups to match separated by ';' (ex: CN=tinyfilemanager-users,OU=GROUPS,DC=example,DC=org)
- LDAP_FILTER - (optional) - LDAP authentication attribute (default: "(|(sAMAccountName=%s)(UserPrincipalName=%s))")
For LDAP use the following Environment variables must be defined:
- LDAP_URL
- LDAP_BASE_SEARCH
If you want to use username without domain also define LDAP_DOMAIN (Users will be LDAP_DOMAIN \ username) If you want to have admin users please define group or groups to match separated by ";" If LDAP_ADMIN_GROUPS or LDAP_USER_GROUPS are not defined all authenticated users will be accepted as users. If LDAP_USER_GROUPS is defined all authenticated users must belong to one of the groups in this list.
Secrets/File support
Additionally the values used can be read from files appending _FILENAME to the environment variable. Example:
ADMIN_PASS_FILENAME=/run/secrets/tinyfilemanager.admin_pass
Then the secret will be read from filemanager.admin_pass secret.
Sample execution
With docker:
docker run -it -p 8111:8080 -v /opt:/opt -e ADMIN_USER=admin -e ADMIN_PASS=password -e ROOT_FS=/opt/ \
-e SYSLOG_SERVER=192.168.1.131 -e SYSLOG_PORT=1514 -e SYSLOG_PROTO=udp -e SYSLOG_JSON=1 jpralvesatdocker/tinyfilemanager:2.5.2.1
With docker-compose:
version: '3.3'
services:
tinyfilemanager:
ports:
- '8111:8080'
volumes:
- '/opt:/opt'
environment:
- ADMIN_USER=admin
- ADMIN_PASS=pass
- ROOT_FS=/opt
- SYSLOG_SERVER=192.168.1.131
- SYSLOG_PORT=1514
- SYSLOG_PROTO=udp
- SYSLOG_JSON=1
image: jpralvesatdocker/tinyfilemanager:2.5.2.1
Building images
git clone https://github.com/jpralves/tinyfilemanager
cd tinyfilemanager
docker build . -t jpralvesatdocker/tinyfilemanager:latest
docker build --build-arg RUNUSER=tinyuser . -t jpralvesatdocker/tinyfilemanager:latest-user
Adding custom CA certificate to image
The trusted CA file is the one provided by alpine distro and it is located in /etc/ssl/certs/ca-certificates.crt.
Replacing this file with a copy of it with the self-signed certificate of the custom CA appended at the end works.
version: '3.3'
services:
tinyfilemanager:
ports:
- '8111:8080'
volumes:
- '/opt:/opt'
- './new-ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt'
environment:
- ADMIN_USER=admin
- ADMIN_PASS=pass
- ROOT_FS=/opt
image: jpralvesatdocker/tinyfilemanager:2.5.2.1