diff --git a/conf/.env b/conf/.env new file mode 100644 index 0000000..9760273 --- /dev/null +++ b/conf/.env @@ -0,0 +1,237 @@ +# Require username for HTTP Basic Authentication when +# visiting the service. If basic auth username is set but +# basic auth password is not, just leave the password field +# empty when logging in. You can also just go to +# https://username:password@yourserver.net or +# https://username@yourserver.net if password is not set +# instead of typing into the password +# Default value: unset +# MICROBIN_BASIC_AUTH_USERNAME= + +# Require password for HTTP Basic Authentication when +# visiting the service. Will not have any affect unless +# basic auth username is also set. If basic auth username is +# set but basic auth password is not, just leave the +# password field empty when logging in. You can also just go +# to https://username:password@yourserver.net or +# https://username@yourserver.net if password is not set +# instead of typing into the password prompt. +# Default value: unset +# MICROBIN_BASIC_AUTH_PASSWORD= + +# Enables administrator interface at yourserver.com/admin/ +# if set, disables it if unset. If admin username is set but +# admin password is not, just leave the password field empty +# when logging in. +# Default value: admin +MICROBIN_ADMIN_USERNAME=__ADMIN__ + +# Enables administrator interface at yourserver.com/admin/ +# if set, disables it if unset. Will not have any affect +# unless admin username is also set. If admin username is +# set but admin password is not, just leave the password +# field empty when logging in. +# Default value: m1cr0b1n +MICROBIN_ADMIN_PASSWORD=__PASSWORD__ + +# Enables editable pastas. You will still be able to make +# finalised pastas but there will be an extra checkbox to +# make your new pasta editable from the pasta list or the +# pasta view page. +# Default value: 8080 +MICROBIN_EDITABLE=true + +# Replaces the default footer text with your own. If you +# want to hide the footer, use the hide footer option instead. +# Note that you can also embed HTML here, so you may want to escape +# '<', '>' and so on. +# MICROBIN_FOOTER_TEXT= + +# Hides the navigation bar on every page. +# Default value: false +MICROBIN_HIDE_HEADER=false + +# Hides the footer on every page. +# Default value: false +MICROBIN_HIDE_FOOTER=false + +# Hides the MicroBin logo from the navigation bar on every +# page. +# Default value: false +MICROBIN_HIDE_LOGO=false + +# Disables the /pastalist endpoint, essentially making all +# pastas private. +# Default value: false +MICROBIN_NO_LISTING=false + +# Enables syntax highlighting support. When creating a new +# pasta, a new dropdown selector will be added where you can +# select your pasta's syntax, or just leave it empty for no +# highlighting. +MICROBIN_HIGHLIGHTSYNTAX=true + +# Sets the port for the server will be listening on. +# Default value: 8080 +MICROBIN_PORT=__PORT__ + +# Sets the bind address for the server will be listening on. +# Both ipv4 and ipv6 are supported. Default value: "0.0.0.0". +# Example value: "myserver.net", "127.0.0.1". +MICROBIN_BIND="127.0.0.1" + +# Enables private pastas. Adds a new checkbox to make your +# pasta private, which then won't show up on the pastalist +# page. With the URL to your pasta, it will still be +# accessible. +# Default value: false +MICROBIN_PRIVATE=true + +# DEPRECATED: Will be removed soon. If you want to change styling (incl. removal), use custom CSS variable instead. +# Disables main CSS styling, just uses a few in-line +# stylings for the layout. With this option you will lose +# dark-mode support. +MICROBIN_PURE_HTML=false + +# Sets the name of the directory where MicroBin creates +# its database and stores attachments. +# Default value: microbin_data +MICROBIN_DATA_DIR="__DATA_DIR__" + +# Enables storing pasta data (not attachments and files) in +# a JSON file instead of the SQLite database. +# Default value: false +MICROBIN_JSON_DB=false + +# Add the given public path prefix to all urls. This allows +# you to host MicroBin behind a reverse proxy on a subpath. +# Note that MicroBin itself still expects all routes to be +# as without this option, and thus is unsuited if you are +# running MicroBin directly. Default value: unset. Example +# values: https://myserver.com/ or https://192.168.0.10:8080/ +MICROBIN_PUBLIC_PATH=https://__DOMAIN____PATH__/ + +# Sets a shortened path to use when the user copies URL from +# the application. This will also use shorter endpoints, +# such as /p/ instead if /pasta/. Default value: +# unset.Example value: https://b.in/ export +# MICROBIN_SHORT_PATH= + +# The password required for uploading, if read-only mode is enabled +# Default value: unset +# MICROBIN_UPLOADER_PASSWORD= + +# If set to true, authentication required for uploading +# Default value: false +MICROBIN_READONLY=true + +# Enables showing read count on pasta pages. +# Default value: false +MICROBIN_SHOW_READ_STATS=true + +# Adds your title of choice to the +# navigation bar. +# Default value: unset +# MICROBIN_TITLE= + +# Number of workers MicroBin is allowed to have. Increase +# this to the number of CPU cores you have if you want to go +# beast mode, but for personal use one worker is enough. +# Default value: 1. +MICROBIN_THREADS=1 + +# Sets the garbage collector time limit. Pastas not accessed +# for N days are removed even if they are set to never +# expire. +# Default value: 90. +# To turn off GC: 0. +MICROBIN_GC_DAYS=90 + +# Enables or disables the "Burn after" function +# Default value: false +MICROBIN_ENABLE_BURN_AFTER=true + +# Sets the default burn after setting on the main screen. +# Default value: 0. Available expiration options: 1, 10, +# 100, 1000, 10000, 0 (= no limit) +MICROBIN_DEFAULT_BURN_AFTER=0 + +# Changes the maximum width of the UI from 720 pixels to +# 1080 pixels. +# Default value: false +MICROBIN_WIDE=false + +# Enables generating QR codes for pastas. Requires +# the public path to also be set. +# Default value: false +MICROBIN_QR=true + +# Toggles "Never" expiry settings for pastas. Default +# value: false +MICROBIN_ETERNAL_PASTA=false + +# Enables "Read-only" uploads. These are unlisted and +# unencrypted, but can be viewed without password if you +# have the URL. Editing and removing requires password. +# Default value: true +MICROBIN_ENABLE_READONLY=true + +# Sets the default expiry time setting on the main screen. +# Default value: 24hour Available expiration options: 1min, +# 10min, 1hour, 24hour, 1week, never +MICROBIN_DEFAULT_EXPIRY=24hour + +# Disables and hides the file upload option in the UI. +# Default value: false +MICROBIN_NO_FILE_UPLOAD=false + +# Replaced the built-in water.css stylesheet with the URL +# you provide. Default value: unset. Example value: +# https://myserver.net/public/mystyle.css +# MICROBIN_CUSTOM_CSS= + +# Use short hash strings in the URLs instead of animal names +# to make URLs shorter. Does not change the underlying data +# stored, just how pastas are recalled. +# Default value: false +MICROBIN_HASH_IDS=false + +# Enables server-side encryption. This will add private +# privacy level, where the user sends plain unencrypted data +# (still secure, because you use HTTPS, right?), but the +# server sees everything that the user submits, therefore +# the user does not have complete and absolute protection. +# Default value: false +MICROBIN_ENCRYPTION_CLIENT_SIDE=true + +# Enables client-side encryption. This will add the secret +# privacy level where the user's browser encrypts all data +# with JavaScript before sending it over to MicroBin, which +# encrypt the data once again on server side. +# Default value: false +MICROBIN_ENCRYPTION_SERVER_SIDE=true + +# Limit the maximum file size users can upload without +# encryption. Default value: 256. +MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256 + +# Limit the maximum file size users can upload with +# encryption (more strain on your server than without +# encryption, so the limit should be lower. Secrets tend to +# be tiny files usually anyways.) Default value: 2048. +MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048 + +# Disables the feature that checks for available updates +# when opening the admin screen. +# Default value: false +MICROBIN_DISABLE_UPDATE_CHECKING=false + +# Disables telemetry if set to true. +# Telemetry includes your configuration and helps development. +# It does not include any sensitive data. +# Default value: false +MICROBIN_DISABLE_TELEMETRY=true + +# Enables listing your server in the public MicroBin server list. +# Default value: false +MICROBIN_LIST_SERVER=false \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index c769438..0abf708 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,38 +6,7 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -Environment="MICROBIN_ADMIN_USERNAME=__ADMIN__" -Environment="MICROBIN_ADMIN_PASSWORD=__PASSWORD__" -Environment="MICROBIN_PORT=__PORT__" -Environment="MICROBIN_BIND=127.0.0.1" -# Environment="MICROBIN_PUBLIC_PATH=https://__DOMAIN__" -# Environment="MICROBIN_SHORT_PATH=https://short.net" -Environment="MICROBIN_DATA_DIR=__DATA_DIR__ -Environment="MICROBIN_JSON_DB=false" -Environment="MICROBIN_EDITABLE=true" -Environment="MICROBIN_HIDE_HEADER=false" -Environment="MICROBIN_HIDE_FOOTER=true" -Environment="MICROBIN_HIDE_LOGO=false" -Environment="MICROBIN_NO_LISTING=false" -Environment="MICROBIN_READONLY=true" -Environment="MICROBIN_SHOW_READ_STATS=true" -Environment="MICROBIN_THREADS=1" -Environment="MICROBIN_GC_DAYS=90" -Environment="MICROBIN_WIDE=false" -Environment="MICROBIN_ETERNAL_PASTA=false" -Environment="MICROBIN_PRIVATE=true" -Environment="MICROBIN_HIGHLIGHTSYNTAX=true" -Environment="MICROBIN_QR=true" -Environment="MICROBIN_ENABLE_BURN_AFTER=true" -Environment="MICROBIN_ENABLE_READONLY=true" -Environment="MICROBIN_DEFAULT_EXPIRY=24hour" -Environment="MICROBIN_NO_FILE_UPLOAD=false" -Environment="MICROBIN_HASH_IDS=false" -Environment="MICROBIN_ENCRYPTION_CLIENT_SIDE=true" -Environment="MICROBIN_ENCRYPTION_SERVER_SIDE=true" -Environment="MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB=256" -Environment="MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB=2048" -Environment="MICROBIN_DISABLE_TELEMETRY=true" +EnvironmentFile=__INSTALL_DIR__/.env WorkingDirectory=__INSTALL_DIR__/ ExecStart=__INSTALL_DIR__/microbin diff --git a/manifest.toml b/manifest.toml index 28b44f0..1d121fa 100644 --- a/manifest.toml +++ b/manifest.toml @@ -35,6 +35,10 @@ ram.runtime = "50M" [install.domain] type = "domain" + [install.path] + type = "path" + default = "/microbin" + [install.init_main_permission] type = "group" default = "visitors" diff --git a/scripts/install b/scripts/install index dd291c6..0371e37 100755 --- a/scripts/install +++ b/scripts/install @@ -24,6 +24,16 @@ ynh_setup_source --dest_dir="$install_dir" chown -R "$app:www-data" "$install_dir" chmod +x "$install_dir/microbin" +#================================================= +# APP INITIAL CONFIGURATION +#================================================= +ynh_script_progression --message="Adding $app's configuration files..." --weight=1 + +ynh_add_config --template=".env" --destination="$install_dir/.env" + +chmod 400 "$install_dir/.env" +chown "$app:$app" "$install_dir/.env" + #================================================= # SYSTEM CONFIGURATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 9053280..4462a8f 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -25,6 +25,16 @@ ynh_setup_source --dest_dir="$install_dir" chown -R "$app:www-data" "$install_dir" chmod +x "$install_dir/microbin" +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating $app's configuration files..." --weight=1 + +ynh_add_config --template=".env" --destination="$install_dir/.env" + +chmod 400 "$install_dir/.env" +chown "$app:$app" "$install_dir/.env" + #================================================= # REAPPLY SYSTEM CONFIGURATIONS #=================================================