personal_interest_mirrors/Compose-Examples
1
0
Fork 0
mirror of https://github.com/Haxxnet/Compose-Examples.git synced 2025-11-23 00:44:27 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

cleanup repo

Browse Source
This commit is contained in:
L4RM4ND
2023-02-23 22:33:13 +01:00
parent 4e9a51c207
commit 153ba415ba
182 changed files with 84 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
examples/privatebin/README.md Normal file
View File

@@ -0,0 +1,3 @@
# References
- https://github.com/PrivateBin/PrivateBin

208
examples/privatebin/configs/config.php Normal file
View File

@@ -0,0 +1,208 @@
;<?php http_response_code(403); /*
; config file for PrivateBin
;
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration
[main]
; (optional) set a project name to be displayed on the website
name = "PrivateBin"
; The full URL, with the domain name and directories that point to the PrivateBin files
; This URL is essential to allow Opengraph images to be displayed on social networks
; basepath = ""
; enable or disable the discussion feature, defaults to true
discussion = false
; preselect the discussion feature, defaults to false
opendiscussion = false
; enable or disable the password feature, defaults to true
password = true
; enable or disable the file upload feature, defaults to false
fileupload = true
; preselect the burn-after-reading feature, defaults to false
burnafterreadingselected = false
; which display mode to preselect by default, defaults to "plaintext"
; make sure the value exists in [formatter_options]
defaultformatter = "plaintext"
; (optional) set a syntax highlighting theme, as found in css/prettify/
syntaxhighlightingtheme = "sons-of-obsidian"
; size limit per paste or comment in bytes, defaults to 10 Mebibytes
sizelimit = 524288000 # 500 MB
; template to include, default is "bootstrap" (tpl/bootstrap.php)
template = "bootstrap-dark"
; (optional) info text to display
; use single, instead of double quotes for HTML attributes
;info = "More information on the <a href='https://privatebin.info/'>project page</a>."
; (optional) notice to display
;notice = "Note: Kittens will die if you abuse this service."
; by default PrivateBin will guess the visitors language based on the browsers
; settings. Optionally you can enable the language selection menu, which uses
; a session cookie to store the choice until the browser is closed.
languageselection = true
; set the language your installs defaults to, defaults to English
; if this is set and language selection is disabled, this will be the only language
languagedefault = "en"
; (optional) URL shortener address to offer after a new paste is created
; it is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key
; urlshortener = "https://shortener.example.com/api?link="
; (optional) Let users create a QR code for sharing the paste URL with one click.
; It works both when a new paste is created and when you view a paste.
qrcode = true
; (optional) IP based icons are a weak mechanism to detect if a comment was from
; a different user when the same username was used in a comment. It might be
; used to get the IP of a non anonymous comment poster if the server salt is
; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
; Can be set to one these values: "none" / "vizhash" / "identicon" (default).
icon = "identicon"
; Content Security Policy headers allow a website to restrict what sources are
; allowed to be accessed in its context. You need to change this if you added
; custom scripts from third-party domains to your templates, e.g. tracking
; scripts or run your site behind certain DDoS-protection services.
; Check the documentation at https://content-security-policy.com/
; Notes:
; - If you use a bootstrap theme, you can remove the allow-popups from the
; sandbox restrictions.
; - By default this disallows to load images from third-party servers, e.g. when
; they are embedded in pastes. If you wish to allow that, you can adjust the
; policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images
; for details.
; - The 'unsafe-eval' is used in two cases; to check if the browser supports
; async functions and display an error if not and for Chrome to enable
; webassembly support (used for zlib compression). You can remove it if Chrome
; doesn't need to be supported and old browsers don't need to be warned.
; cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
; sha256 in HMAC for the deletion token
; zerobincompatibility = false
; Enable or disable the warning message when the site is served over an insecure
; connection (insecure HTTP instead of HTTPS), defaults to true.
; Secure transport methods like Tor and I2P domains are automatically whitelisted.
; It is **strongly discouraged** to disable this.
; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
httpwarning = true
; Pick compression algorithm or disable it. Only applies to pastes/comments
; created after changing the setting.
; Can be set to one these values: "none" / "zlib" (default).
; compression = "zlib"
[expire]
; expire value that is selected per default
; make sure the value exists in [expire_options]
default = "1hour"
[expire_options]
; Set each one of these to the number of seconds in the expiration period,
; or 0 if it should never expire
5min = 300
;25min = 1500
1hour = 3600
4hours = 14400
1day = 86400
;5days = 432000
1week = 604800
; Well this is not *exactly* one month, it's 30 days:
;1month = 2592000
;1year = 31536000
;never = 0
[formatter_options]
; Set available formatters, their order and their labels
plaintext = "Plain Text"
syntaxhighlighting = "Source Code"
markdown = "Markdown"
[traffic]
; time limit between calls from the same IP address in seconds
; Set this to 0 to disable rate limiting.
limit = 10
; (optional) Set IPs addresses (v4 or v6) or subnets (CIDR) which are exempted
; from the rate-limit. Invalid IPs will be ignored. If multiple values are to
; be exempted, the list needs to be comma separated. Leave unset to disable
; exemptions.
; exempted = "1.2.3.4,10.10.10/24"
; (optional) If you want only some source IP addresses (v4 or v6) or subnets
; (CIDR) to be allowed to create pastes, set these here. Invalid IPs will be
; ignored. If multiple values are to be exempted, the list needs to be comma
; separated. Leave unset to allow anyone to create pastes.
; creators = "1.2.3.4,10.10.10/24"
; (optional) if your website runs behind a reverse proxy or load balancer,
; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
header = "X_FORWARDED_FOR"
[purge]
; minimum time limit between two purgings of expired pastes, it is only
; triggered when pastes are created
; Set this to 0 to run a purge every time a paste is created.
limit = 300
; maximum amount of expired pastes to delete in one purge
; Set this to 0 to disable purging. Set it higher, if you are running a large
; site
batchsize = 10
[model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
class = Filesystem
[model_options]
dir = PATH "data"
;[model]
; example of a Google Cloud Storage configuration
;class = GoogleCloudStorage
;[model_options]
;bucket = "my-private-bin"
;prefix = "pastes"
;[model]
; example of DB configuration for MySQL
;class = Database
;[model_options]
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
;tbl = "privatebin_" ; table prefix
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true ; PDO::ATTR_PERSISTENT
;[model]
; example of DB configuration for SQLite
;class = Database
;[model_options]
;dsn = "sqlite:" PATH "data/db.sq3"
;usr = null
;pwd = null
;opt[12] = true ; PDO::ATTR_PERSISTENT
;[model]
; example of DB configuration for PostgreSQL
;class = Database
;[model_options]
;dsn = "pgsql:host=localhost;dbname=privatebin"
;tbl = "privatebin_" ; table prefix
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true ; PDO::ATTR_PERSISTENT

71
examples/privatebin/configs/nginx.conf Normal file
View File

@@ -0,0 +1,71 @@
# Sets the worker threads to the number of CPU cores available in the system for best performance.
# Should be > the number of CPU cores.
# Maximum number of connections = worker_processes * worker_connections
worker_processes auto;
# Maximum number of open files per worker process.
# Should be > worker_connections.
worker_rlimit_nofile 8192;
events {
# If you need more connections than this, you start optimizing your OS.
# That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
# Should be < worker_rlimit_nofile.
worker_connections 8000;
}
# Log errors and warnings to this file
# This is only used when you don't override it on a server{} level
error_log /dev/stderr warn;
# The file storing the process ID of the main process
pid /run/nginx.pid;
# The process is managed in the docker-env
daemon off;
# Free some CPU cycles
timer_resolution 500ms;
http {
# Specify MIME types for files.
include mime.types;
default_type application/octet-stream;
# Update charset_types to match updated mime.types.
# text/html is always included by charset module.
charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
# Include $http_x_forwarded_for within default format used in log files
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Hide used software
server_tokens off;
# Default charset
charset utf-8;
# How long to allow each connection to stay idle.
# Longer values are better for each individual client, particularly for SSL,
# but means that worker connections are tied up longer.
keepalive_timeout 20s;
# Speed up file transfers by using sendfile() to copy directly
# between descriptors rather than using read()/write().
# For performance reasons, on FreeBSD systems w/ ZFS
# this option should be disabled as ZFS's ARC caches
# frequently used files in RAM by default.
sendfile on;
# Don't send out partial frames; this increases throughput
# since TCP frames are filled up before being sent out.
tcp_nopush on;
# Allow up to 512 MiB payload, privatebin defaults to 10 MiB.
client_max_body_size 512M;
# Load even moar configs
include /etc/nginx/http.d/*.conf;
}

30
examples/privatebin/configs/nginx_sites_available_privatebin.conf Normal file
View File

@@ -0,0 +1,30 @@
# mysite_nginx.conf
# the upstream component nginx needs to connect to
upstream privatebin-docker {
server 127.0.0.1:9988;
}
# configuration of the server
server {
# the port your site will be served on
# the domain name it will serve for
server_name privatebin.example.com
charset utf-8;
# max upload size
client_max_body_size 0; # adjust to taste
# Finally, send all non-media requests to the Privatebin server.
# if you use cloudflare, please read this https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection
location / {
proxy_pass http://privatebin-docker;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
client_max_body_size 0; # adjust to taste
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
}
#add_header Permissions-Policy "geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

64
examples/privatebin/configs/php.ini Normal file
View File

@@ -0,0 +1,64 @@
; session.use_strict_mode specifies whether the module will use strict session id mode. If this
; mode is enabled, the module does not accept uninitialized session ID. If uninitialized session ID
; is sent from browser, new session ID is sent to browser. Applications are protected from session
; fixation via session adoption with strict mode. Defaults to 0 (disabled).
session.use_strict_mode=On
; Enable assert() evaluation.
assert.active=Off
; This determines whether errors should be printed to the screen as part of the output or if they
; should be hidden from the user. Value "stderr" sends the errors to stderr instead of stdout.
display_errors=Off
; Tells whether script error messages should be logged to the server's error log or error_log.
; You're strongly advised to use error logging in place of error displaying on production web sites.
log_errors=On
; increase size limits
upload_max_filesize=512M
post_max_size=512M
memory_limit = 512M
; best practices
; Disable deprecated short open tags ("<?")
short_open_tag=Off
; Do not expose php version header
expose_php=Off
; -1 can be used (like E_ALL) to report all errors - including those coming in new php versions
error_reporting=-1
; performance
; we want fast cli scripts too
opcache.enable_cli=On
; fast shutdown because we skip free() calls
opcache.fast_shutdown=On
; The amount of memory used to store interned strings, in megabytes
opcache.interned_strings_buffer=8
; The maximum number of keys (and therefore scripts) in the OPcache hash table
opcache.max_accelerated_files=20000
; The size of the shared memory storage used by OPcache, in megabytes
opcache.memory_consumption=512
; If enabled, OPcache will check for updated scripts every opcache.revalidate_freq seconds. When
; this directive is disabled, you must reset OPcache manually via opcache_reset(),
; opcache_invalidate() or by restarting the Web server for changes to the filesystem to take effect.
opcache.validate_timestamps=Off
; Determines the size of the realpath cache to be used by PHP. This value
; should be increased on systems where PHP opens many files, to reflect the
; quantity of the file operations performed.
realpath_cache_size=4096K

27
examples/privatebin/docker-compose.yml Normal file
View File

@@ -0,0 +1,27 @@
version: "3.7"
services:
privatebin:
hostname: privatebin
container_name: privatebin
image: privatebin/nginx-fpm-alpine:latest
read_only: true # not in compose 3.0 documentation but appears supported based
ports:
- 8080:8080
volumes:
- '/mnt/docker-volumes/privatebin/data:/srv/data' # volume for persisted data pastes
- '/mnt/docker-volumes/privatebin/configs/config.php:/srv/cfg/conf.php:ro' # volume for custom privatebin config
#- '/mnt/docker-volumes/privatebin/configs/nginx.conf:/etc/nginx/nginx.conf:ro' # custom nginx container config to increase file upload size
#- '/mnt/docker-volumes/privatebin/configs/php.ini:/etc/php81/conf.d/00-docker.ini:ro' # custom php container config to increase file upload size
restart: always
#labels:
# - traefik.enable=true
# - traefik.http.routers.privatebin.rule=Host(`privatebin.example.com`)
# - traefik.http.services.privatebin.loadbalancer.server.port=8080
# - traefik.docker.network=proxy
# # Part for local lan services only
# # - traefik.http.routers.privatebin.middlewares=local-ipwhitelist@file
# - traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000 # only necessary for enabled file uploads
# - traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000 # only necessary for enabled file uploads
# - traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000 # only necessary for enabled file uploads
# - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # only necessary for enabled file uploads