Skip to content

Commit

Permalink
use rclone rcd instead of rclone serve, describe advanced setup w…
Browse files Browse the repository at this point in the history 
…ith an existing rclone instance
  • Loading branch information
@ShoshinNikita
ShoshinNikita committed Apr 5, 2024
1 parent 0ce362d commit d46308f
Show file tree
Hide file tree
Showing 11 changed files with 337 additions and 134 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/check.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,5 @@ jobs:
with:
go-version: "1.22.*"
- run: sudo apt-get update && sudo apt-get install libvips-tools
- run: curl https://rclone.org/install.sh | sudo bash
- run: curl https://rclone.org/install.sh | sudo bash -s beta
- run: make test
1 change: 0 additions & 1 deletion .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ linters:
- govet
- ineffassign
- misspell
- nestif
- nilerr
- nilnil
- noctx
Expand Down
4 changes: 3 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@ RUN make build && ./bin/rview --version


# Download rclone.
FROM rclone/rclone:1.64 AS rclone-src
# We use beta image because we need this fix - https://github.com/rclone/rclone/issues/7335.
# TODO: update on next release.
FROM rclone/rclone:beta AS rclone-src

RUN rclone --version

Expand Down
39 changes: 24 additions & 15 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,11 @@
- [Limitations](#limitations)
- [Demo](#demo)
- [Run](#run)
- [Advanced](#advanced)
- [Configuration](#configuration)
- [Development](#development)
- [API](#api)
- [Metrics](#metrics)
- [API](#api)
- [Metrics](#metrics)
- [Thanks](#thanks)

## Features
Expand All @@ -38,6 +39,7 @@
significantly improve response time.

## Demo

Check out the live demo [here](https://rview.0x5f3759df.stream), credentials for Basic Auth: `rview:rview`.

## Run
Expand Down Expand Up @@ -78,26 +80,32 @@ Check out the live demo [here](https://rview.0x5f3759df.stream), credentials for

5. Go to http://localhost:8080.

### Advanced

You can run **Rview** with an existing Rclone instance and without access to the internet.
Read more [here](./docs/Advanced%20Setup.md).

## Configuration

| Flag | Default Value | Description |
| -------------------------------- | -------------------------- | -------------------------------------------- |
| `--debug-log-level` | `false` | display debug log messages |
| `--dir` | `./var` | directory for app data (thumbnails and etc.) |
| `--port` | `8080` | server port |
| `--rclone-port` | `8181` | port of a rclone instance |
| `--rclone-target` | no default value, required | rclone target |
| `--read-static-files-from-disk` | `false` | read static files directly from disk |
| `--thumbnails` | `true` | generate image thumbnails |
| `--thumbnails-max-age-days` | `365` | max age of thumbnails, days |
| `--thumbnails-max-total-size-mb` | `500` | max total size of thumbnails, MiB |
| `--thumbnails-workers-count` | number of logical CPUs | number of workers for thumbnail generation |
| Flag | Default | Description |
| -------------------------------- | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `--rclone-target` | none, **required** | Rclone target |
| `--rclone-url` | none, optional | Url of an existing rclone instance. If url is not specified,<br> a local rclone instance will be launched with the default <br>config file. Url should include credentials for<br> Basic Auth, e.g., http://user:pass@rclone:80 |
| `--debug-log-level` | `false` | Display debug log messages |
| `--dir` | `./var` | Directory for app data |
| `--port` | `8080` | Server port |
| `--read-static-files-from-disk` | `false` | Read static files directly from disk |
| `--thumbnails` | `true` | Generate image thumbnails |
| `--thumbnails-max-age-days` | `365` | Max age of thumbnails, days |
| `--thumbnails-max-total-size-mb` | `500` | Max total size of thumbnails, MiB |
| `--thumbnails-workers-count` | number of logical CPUs | Number of workers for thumbnail generation |
| `--version` | | Print version and exit |

## Development

First, you have to install the following dependencies:

1. [rclone](https://github.com/rclone/rclone) - instructions can be found [here](https://rclone.org/install/).
1. [Rclone](https://github.com/rclone/rclone) - instructions can be found [here](https://rclone.org/install/).
2. [libvips](https://github.com/libvips/libvips) - you can install it with this command:

```bash
Expand Down Expand Up @@ -141,3 +149,4 @@ Special thanks to these open-source projects:
- [Rclone](https://github.com/rclone/rclone) - rsync for cloud storage.
- [Material Icon Theme](https://github.com/PKief/vscode-material-icon-theme) - Material Design icons for VS Code.
- [Feather](https://github.com/feathericons/feather) - Simply beautiful open source icons.
- [libvips](https://github.com/libvips/libvips) - A fast image processing library with low memory needs.
2 changes: 1 addition & 1 deletion cmd/rview.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ func (r *Rview) Prepare() (err error) {
}

// Rclone Instance
r.rcloneInstance, err = rclone.NewRclone(r.cfg.RclonePort, r.cfg.RcloneTarget, r.cfg.RcloneDirCacheTime)
r.rcloneInstance, err = rclone.NewRclone(r.cfg.Rclone)
if err != nil {
return fmt.Errorf("couldn't prepare rclone: %w", err)
}
Expand Down
113 changes: 113 additions & 0 deletions docs/Advanced Setup.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
# Advanced Setup for Paranoiacs

You don't have to trust **Rview** - it can work isolated from the internet with access only
to the small subset of read-only Rclone commands. Unfortunately, Rclone itself doesn't support
fine-grained permissions. So, we have to use other tools - for example, Nginx.

First, create `entrypoint.sh` with the following content and replace all the variables.
Don't forget to run `chmod +x entrypoint.sh`.

```sh
#!/bin/sh

set -e

# Start Nginx

apk update && apk add nginx

cat <<EOT > /etc/nginx/http.d/rclone.conf
server {
listen 8080;
listen [::]:8080;
# Serve dirs and files with no access to other remotes.
location /[<your_rclone_target>]/ {
proxy_pass http://localhost:5572;
}
# This command is required to build the search index. Read more: https://rclone.org/rc/#operations-list
location /operations/list {
proxy_pass http://localhost:5572;
}
location / {
return 403;
}
}
EOT

nginx

# Start Rclone. Don't forget to change values for '--rc-user' and '--rc-pass'!

rclone rcd \
--rc-addr localhost:5572 \
--rc-user user \
--rc-pass pass \
--rc-template /config/rclone/rclone.gotmpl \
--rc-serve
```

Second, create `docker-compose.yml`:

```yaml
version: "2"

services:
rview:
image: ghcr.io/shoshinnikita/rview:main
container_name: rview
volumes:
- ./var:/srv/var # mount app data directory to cache image thumbnails
ports:
- "127.0.0.1:8080:8080"
networks:
- rview # connect rclone and rview
command: [
"--rclone-url", "http://user:pass@rclone:8080", # don't forget to change username and password
"--rclone-target", "<your_rclone_target>"
]

rclone:
# We use beta image because we need this fix - https://github.com/rclone/rclone/issues/7335.
image: rclone/rclone:beta
container_name: rclone
volumes:
- ./entrypoint.sh:/entrypoint.sh # mount the script you created in the first step
- ./rclone.gotmpl:/config/rclone/rclone.gotmpl # template can be found in 'static' dir
- ~/.config/rclone/rclone.conf:/config/rclone/rclone.conf:ro # mount your Rclone config file
networks:
- internet # rclone must have access to the internet
- rview # connect rclone and rview
entrypoint: "/entrypoint.sh"

networks:
# Network with access to the internet.
internet:
# Internal network without access to the internet.
rview:
internal: true
```
Finally, you can run `docker compose up` and go to http://localhost:8080.

Optionally, you can check that everything works as expected:

1. Check `rclone` container
```sh
docker exec -it rclone sh
ping 1.1.1.1 # you should see pings
exit
```
2. Check `rview` container
```sh
docker exec -it rview sh
ping 1.1.1.1 # no pings
ping rclone # you should see pings
wget -O - -q "http://rclone:5572" # connection refused, no direct access to rclone
wget -O - -q "http://rclone:8080/[<your_rclone_target>]/" # 401, auth is on
wget -O - -q "http://user:pass@rclone:8080/[<your_rclone_target>]/" # 200, ok
wget -O - -q "http://user:pass@rclone:8080/[/bin]/" # 403, no access to other remotes
wget -O - -q --post-data "" "http://user:pass@rclone:8080/operations/list?fs=/bin&remote=" # 200, ok
```
Loading

0 comments on commit d46308f

Please sign in to comment.