use the service file provided here to use as a systemd service.
# edit service file
# copy over our service, and start. Notice no sudo with systemctl command !
% mkdir -p ~/.config/systemd/user/
% cp service ~/.config/systemd/user/gossa.service
% systemctl --user start gossa
# enable at boot time
% systemctl --user enable gossathe master branch is automatically built and pushed to dockerhub under pldubouilh/gossa.
# pull from dockerhub and run
% mkdir ~/LocalDirToShare
% sudo docker run -v ~/LocalDirToShare:/shared -p 8001:8001 pldubouilh/gossa
# options are settable through env. variabes. all the options are the build.Dockerfile
% sudo docker run -e PREFIX="/gossa/" -v ~/LocalDirToShare:/shared -p 8001:8001 pldubouilh/gossaif you prefer building the image yourself :
# build gossa within a build container, needs to be ran within the sources, ../ from here, and run
% mkdir ~/LocalDirToShare
% docker build -t gossa -f support/build.Dockerfile .
% sudo docker run -v ~/LocalDirToShare:/shared -p 8001:8001 gossaa docker-compose example image is also provided. running docker compose should be straightforward : docker-compose up . have a look in docker-compose.yml for further configuration.
authentication / user routing has been left out of the design of gossa, as simple tools are already available for this purpose. caddy is used here as an example, but other proxy can be used in a similar fashion.
This sample Caddyfile will
- enable https on the domain myserver.com (http will be automatically redirected to https)
- password protect the access
- route the root user requests to 1 gossa instance
- route user1 and user2 requests to a readonly gossa instance
Legacy Caddy v1 Caddyfile
myserver.com
# proxy regular and read only instance
proxy / 127.0.0.1:8001
proxy /ro 127.0.0.1:8002 { without /ro }
# reroute non-root user to read-only
# cm9... is the output of `printf "root:password" | base64`
rewrite {
if {>Authorization} not "Basic cm9vdDpwYXNzd29yZA=="
to /ro/{path}
}
# gate access
basicauth / root password
basicauth / ro_user1 passworduser1
basicauth / ro_user2 passworduser2Caddy v2 Caddyfile
myserver.com
# gate access
basic_auth {
root $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG # password is "hiccup"
ro_user1 $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG # password is "hiccup"
ro_user2 $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG # password is "hiccup"
}
# named matcher for root user
@isroot {
vars {http.auth.user.id} root
}
# proxy regular and read only instance
handle @isroot {
reverse_proxy 127.0.0.1:8001
}
# route non-root user to read only instance
handle {
reverse_proxy 127.0.0.1:8002
}then simply start the 2 gossa instances, and caddy
# start an instance in readonly
% ./gossa -ro=true -p 8002 ~/folder &
# start an instance with access to hidden files
% ./gossa -k=false -p 8001 ~/folder &
# start caddy
% ./caddyThis sample Caddyfile will
- enable https on the domain myserver.com (http will be automatically redirected to https)
- password protect the access
- route user1 to own folder
- route user2 to own folder
- share a folder between 2 users with a symlink
Legacy Caddy v1 Caddyfile
myserver.com
proxy /user1 127.0.0.1:8001 { without /user1 }
proxy /user2 127.0.0.1:8002 { without /user2 }
basicauth / user1 passworduser1
basicauth / user2 passworduser2
rewrite {
if {>Authorization} is "Basic dXNlcjE6cGFzc3dvcmR1c2VyMQ=="
to /user1/{path}
}
rewrite {
if {>Authorization} is "Basic dXNlcjI6cGFzc3dvcmR1c2VyMg=="
to /user2/{path}
}Caddy v2 Caddyfile
myserver.com
basic_auth {
user1 $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG # password is "hiccup"
user2 $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG # password is "hiccup"
}
@user1auth {
vars {http.auth.user.id} user1
}
handle @user1auth {
reverse_proxy 127.0.0.1:8001
}
@user2auth {
vars {http.auth.user.id} user2
}
handle @user2auth {
reverse_proxy 127.0.0.1:8002
}start 2 gossa instances, and caddy
# create symlink to share folder between 2 users
% ln -s /path/shared test/user1
% ln -s /path/shared test/user2
# start gossa & caddy
% ./gossa -p 8001 -symlinks=true test/user1 &
% ./gossa -p 8002 -symlinks=true test/user2 &
% ./caddyIn order to allow for larger uploads, it's recommended to increase the maximum body size on your nginx config :
# increase maximum request size
client_max_body_size 100M;