cangui/shelfy-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

UP

Browse Source
This commit is contained in:
cangui 2025-08-18 18:35:07 +02:00
parent b0f31821b7
commit 6117ab5b91
2 changed files with 26 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
Dockerfile
View File

@ -1,19 +1,19 @@
FROM golang:1.24 # ----- build -----
FROM golang:1.24 AS builder
WORKDIR /app WORKDIR /src
# Copie les fichiers de dépendances Go
COPY go.mod go.sum ./ COPY go.mod go.sum ./
RUN go mod download RUN go mod download
# Copie tout le reste (code + web + assets)
COPY . . COPY . .
# Si ton main est à la racine (main.go), garde ./ ; sinon mets le chemin du main
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /out/shelfy .
# Build de ton binaire # ----- runtime -----
RUN go build -o shelfy . FROM alpine:3.20
# sh est présent (utile pour le "tee")
# Expose les ports nécessaires RUN adduser -D -u 10001 appuser
EXPOSE 8080 2121 WORKDIR /app
COPY --from=builder /out/shelfy /app/shelfy
# Commande de lancement RUN chmod +x /app/shelfy && mkdir -p /app/data /app/upload /var/log/shelfy && chown -R appuser:appuser /app
CMD ["./shelfy"] USER appuser
ENTRYPOINT ["/bin/sh","-c","/app/shelfy 2>&1 | tee -a /var/log/shelfy/shelfy.log"]

26
docker-compose.yml
View File

@ -7,17 +7,19 @@ services:
dockerfile: Dockerfile dockerfile: Dockerfile
container_name: shelfy-go container_name: shelfy-go
working_dir: /app working_dir: /app
# ⚠️ Si LocalAI utilise 8080, tu as déjà mappé 8090:8080 côté HTTP, OK.
ports: ports:
- "8090:8080" - "8090:8080"
- "2121:2121" # FTP (si utilisé) - "2121:2121"
- "30000-30100:30000-30100" # FTP passive (si utilisé) - "30000-30100:30000-30100"
- "2222:2222" # SFTP - "2222:2222"
extra_hosts: extra_hosts:
- "dockerhost:host-gateway" - "dockerhost:host-gateway"
environment:
- SHELFY_DATA_DIR=/app/data
volumes: volumes:
- shelfy_upload:/app/upload - shelfy_upload:/app/upload
- shelfy_logs:/var/log/shelfy # <-- partage des logs avec Fail2ban - shelfy_data:/app/data
- shelfy_logs:/var/log/shelfy
labels: labels:
- traefik.http.routers.shelfy.middlewares=webdav-allow-methods@docker - traefik.http.routers.shelfy.middlewares=webdav-allow-methods@docker
- traefik.http.middlewares.webdav-allow-methods.headers.accesscontrolallowmethods=GET,PUT,POST,DELETE,PROPFIND,OPTIONS,LOCK,UNLOCK,HEAD - traefik.http.middlewares.webdav-allow-methods.headers.accesscontrolallowmethods=GET,PUT,POST,DELETE,PROPFIND,OPTIONS,LOCK,UNLOCK,HEAD
@ -26,27 +28,23 @@ services:
- 8.8.8.8 - 8.8.8.8
- 1.1.1.1 - 1.1.1.1
restart: unless-stopped restart: unless-stopped
# ✅ Astuce simple pour avoir un fichier de log lisible par Fail2ban # (pas besoin d'un command ici si l'ENTRYPOINT du Dockerfile fait déjà le tee)
# Remplace `./app` par ta commande/entrypoint réel si besoin.
command: [ "sh", "-c", "./app 2>&1 | tee -a /var/log/shelfy/shelfy.log" ]
fail2ban: fail2ban:
image: crazymax/fail2ban:latest image: crazymax/fail2ban:latest
container_name: fail2ban container_name: fail2ban
# On bannit via iptables du host
network_mode: host network_mode: host
cap_add: cap_add: [ "NET_ADMIN", "NET_RAW" ]
- NET_ADMIN
- NET_RAW
environment: environment:
- TZ=Europe/Paris - TZ=Europe/Paris
- F2B_LOG_TARGET=STDOUT - F2B_LOG_TARGET=STDOUT
- F2B_DB_PURGE_AGE=1d - F2B_DB_PURGE_AGE=1d
volumes: volumes:
- ./fail2ban:/data # conf jails/filters persistantes - ./fail2ban:/data
- shelfy_logs:/var/log/shelfy:ro # lit les logs de shelfy - shelfy_logs:/var/log/shelfy:ro
restart: unless-stopped restart: unless-stopped
volumes: volumes:
shelfy_upload: shelfy_upload:
shelfy_data:
shelfy_logs: shelfy_logs: