静看光阴荏苒
不管不顾不问不说也不念
当前位置:荒岛 > 学无止境 > 正文

私密剪切板服务:PrivateBin

2019-06-16 分类:学无止境 阅读(7870) 评论(2)

PrivateBin是一个基于PHP的,功能齐全的开源私密剪切板程序。这里我写两个安装方法,一个基于Debian9,一个基于Docker。

添加测试源:

echo "deb http://deb.debian.org/debian testing main" > /etc/apt/sources.list.d/testing.list
echo "deb-src http://deb.debian.org/debian testing main" >> /etc/apt/sources.list.d/testing.list
apt -y update

安装PHP7.3

apt -y install php7.3 php7.3-cli php7.3-common php7.3-cgi \
php7.3-fpm php7.3-gd php7.3-mysql php7.3-sqlite3 php7.3-pgsql \
php7.3-opcache php7.3-mbstring php7.3-curl php7.3-xml php7.3-xmlrpc \
php7.3-zip php7.3-intl php7.3-json php7.3-bz2 php7.3-dev

安装libsodium:

apt -y install libsodium-dev

安装libsodium的PHP扩展:

pecl install libsodium

配置扩展:

echo "extension=sodium.so" > /etc/php/7.3/mods-available/libsodium.ini

下载源码包解压:

cd /opt
wget https://github.com/PrivateBin/PrivateBin/archive/1.2.1.tar.gz
tar -xzvf 1.2.1.tar.gz
mv PrivateBin-1.2.1 privatebin

复制一份配置文件并给与正确的权限:

cp privatebin/cfg/conf.sample.php privatebin/cfg/conf.php
chown -R www-data:www-data /opt/privatebin

安装Nginx(可选):

apt -y install nginx

如果你选择使用Nginx作为WEB服务器,那么新建站点配置文件:

nano /etc/nginx/conf.d/privatebin.conf

写入如下配置:

server {
    listen       80;
    server_name  privatebin.koko.cat;
    root /opt/privatebin;
    index index.php index.html;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        fastcgi_pass   unix:/run/php/php7.3-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

}

启动Nginx:

systemctl restart nginx
systemctl enable nginx

安装Caddy(可选):

Nginx和Caddy二选一即可,我这边推荐使用Caddy,因为可以很方便的配置SSL,安装Caddy:

curl https://getcaddy.com | bash -s personal

新建Caddy所需的目录和配置文件:

mkdir -p /etc/caddy && mkdir -p /etc/ssl/caddy
nano /etc/caddy/Caddyfile

写入如下配置:

privatebin.koko.cat {

    log stdout
    root /opt/privatebin
    gzip
    tls example@qq.com

    fastcgi / /run/php/php7.3-fpm.sock php {
        index index.php
    }
    
    rewrite {
        to {path} {path}/ /index.php?{query}
    }

}

创建Systemd服务:

nano /etc/systemd/system/caddy.service

写入:

[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-abnormal
User=root
Group=root
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile
ExecReload=/bin/kill -USR1 \$MAINPID
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s

[Install]
WantedBy=multi-user.target

启动Caddy

systemctl start caddy
systemctl enable caddy

(可选)安装MySQL作为PrivateBin的数据存储。PrivateBin支持MySQL/SQLite/文件存储,默认的配置是文件存储,但如果你是对外提供服务,为了性能考虑还是建议使用MySQL作为数据存储服务。如果不需要MySQL的话,完成上面的配置就可以拿来用了。

安装:

apt -y install mariadb-server

启动:

systemctl restart mariadb.service
systemctl enable mariadb.service

初始化数据库:

mysql_secure_installation

应答流程:

Enter current password for root (enter for none):回车
Set root password? [Y/n] Y
New password: 设置你的Mariadb数据库root密码
Re-enter new password: 重复输入一次密码
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

进入到MySQL的shell:

mysql -u root -p

创建数据库和用户:

CREATE DATABASE privatebin CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'privatebin'@'localhost' IDENTIFIED BY '设置一个你的数据库密码';
GRANT ALL PRIVILEGES ON privatebin.* TO 'privatebin'@'localhost';
FLUSH PRIVILEGES;
quit

编辑配置文件:

nano /opt/privatebin/cfg/conf.php

默认的配置:

[model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
class = Filesystem
[model_options]
dir = PATH "data"

;[model]
; example of DB configuration for MySQL
;class = Database
;[model_options]
;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
;tbl = "privatebin_"    ; table prefix
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true   ; PDO::ATTR_PERSISTENT

改为:

;[model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
;class = Filesystem
;[model_options]
;dir = PATH "data"

[model]
; example of DB configuration for MySQL
class = Database
[model_options]
dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
tbl = "privatebin_"    ; table prefix
usr = "privatebin"
pwd = "Z3r0P4ss"
opt[12] = true   ; PDO::ATTR_PERSISTENT

我先是这样部署了一遍发现一个挺简单的程序这样搞太复杂,所以就自己写了个Dockerfile。。其实官方也有Docker镜像,但是我不怎么喜欢。。我这个Dockerfile里面的环境是PHP7.2+Caddy,默认使用文件存储,配置简单方便。

安装Docker并启动:

curl -sSL https://get.docker.com/ | sh
systemctl start docker
systemctl enable docker

新建一个目录用来存放各种各样的配置文件:

mkdir -p /opt/docker-privatebin && cd /opt/docker-privatebin

新建一个Dockerfile:

FROM alpine:3.9.4

LABEL blog="lala.im"

ARG PRIVATEBIN_VERSION=1.2.1

RUN apk add --no-cache wget \
        caddy \
        php7 \
        php7-gd \
        php7-opcache \
        php7-mcrypt \
        php7-json \
        php7-xml \
        php7-fpm \
        supervisor \
        && mkdir -p /etc/supervisor.d \
        && wget https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VERSION}.tar.gz \
        && tar -xzvf ${PRIVATEBIN_VERSION}.tar.gz \
        && mv PrivateBin-${PRIVATEBIN_VERSION} /opt/privatebin \
        && cp /opt/privatebin/cfg/conf.sample.php /opt/privatebin/cfg/conf.php \
        && chown -R root:root /opt/privatebin \
        && sed -i 's/user = nobody/user = root/g' /etc/php7/php-fpm.d/www.conf \
        && sed -i 's/group = nobody/group = root/g' /etc/php7/php-fpm.d/www.conf \
        && rm -rf ${PRIVATEBIN_VERSION}.tar.gz \
        && rm -rf PrivateBin-${PRIVATEBIN_VERSION}

COPY caddy.conf /etc/caddy/caddy.conf
COPY privatebin.ini /etc/supervisor.d/

EXPOSE 80 443

VOLUME /opt/privatebin/data

CMD supervisord -c /etc/supervisor.d/privatebin.ini

新建一个Caddy配置文件:

nano Caddyfile

写入如下配置:

privatebin.koko.cat {

    log stdout
    root /opt/privatebin
    gzip
    tls example@qq.com

    fastcgi / 127.0.0.1:9000 php
    
    rewrite {
        to {path} {path}/ /index.php?{query}
    }

}

新建一个supervisor配置文件:

nanao privatebin.ini

写入:

[supervisord]
nodaemon=true

[program:php-fpm]
priority=1
command=/usr/sbin/php-fpm7 -R
autorestart=true

[program:caddy]
priority=2
command=/usr/sbin/caddy -agree=true -conf=/etc/caddy/caddy.conf
autorestart=true

构建image:

docker build -t privatebin .

完成之后启动容器:

docker run -d -p 80:80 -p 443:443 \
-v /opt/privatebin:/opt/privatebin/data \
--restart=always --name privatebin privatebin:latest

如果Caddy的配置文件将tls设置为off,那么映射2015端口启动容器:

docker run -d -p 80:2015 \
-v /opt/privatebin:/opt/privatebin/data \
--restart=always --name privatebin privatebin:latest

只是自己搭建着玩玩,推荐直接用Docker,不会对系统本身的环境造成破坏,不想玩了直接删除容器即可。

赞(2)
未经允许不得转载:荒岛 » 私密剪切板服务:PrivateBin
分享到: 更多 (0)
标签:

LALA

我什么都不卖了,告辞!

相关推荐

评论 2

取消

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
社交平台

Fediverse

您可以使用Mastodon、Pleroma、Misskey等Fediverse软件关注我的Misskey账号@goseia@showcase.meows.lol

讨论社区

滴答

一个用Discourse搭建的讨论社区,您可以在此提问,并由热心网友回答。

在线交流

Chat

这是一个用Mattermost搭建的聊天平台,没有互联网审查,您可在此畅所欲言。

置顶推荐

猜你喜欢

最新文章

密集恐惧症

Shadowsocks (31)网盘 (28)SS (26)PT (26)Proxmox (25)VPS (24)KVM (19)BT (18)Debian (18)openSUSE (18)V2Ray (17)Docker (17)nginx (14)Hetzner (14)离线下载 (11)Aria2 (11)qBitTorrent (11)Deluge (11)Mastodon (11)NextCloud (10)iOS (10)kcptun (10)IPv6 (10)WHMCS (9)

网站统计

  • 日志总数:882
  • 评论总数:10653
  • 标签总数:1329
  • 最后更新:2024-11-18

分享创造快乐

广告合作资源投稿