diff --git a/README.md b/README.md index 53f5479..30678e9 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ **PrivateBin** is a minimalist, open source online [pastebin](https://en.wikipedia.org/wiki/Pastebin) where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode). -This repository contains the Dockerfile and resources needed to create a docker image with a pre-installed PrivateBin instance in a secure default configuration. The images are based on the docker hub php:fpm-alpine image, extended with the GD module required to generate discussion avatars and the Nginx webserver to serve static JavaScript libraries, CSS & the logos. All logs of php-fpm and Nginx (access & errors) are forwarded to docker logs. +This repository contains the Dockerfile and resources needed to create a docker image with a pre-installed PrivateBin instance in a secure default configuration. The images are based on the docker hub alpine image, extended with the GD module required to generate discussion avatars and the Nginx webserver to serve static JavaScript libraries, CSS & the logos. All logs of php-fpm and Nginx (access & errors) are forwarded to docker logs. ## Running the image @@ -32,6 +32,10 @@ docker run -d --restart="always" --read-only -p 8080:80 -v conf.php:/srv/cfg/con Note: The `Filesystem` data storage is supported out of the box. The image includes PDO modules for MySQL, PostgreSQL and SQLite, required for the `Database` one, but you still need to keep the /srv/data persisted for the server salt and the traffic limiter. +### Adjusting nginx or php-fpm settings + +You can attach your own `php.ini` or nginx configuration files to the folders `/etc/php7/conf.d/` and `/etc/nginx/conf.d/` respectively. This would for example let you adjust the maximum size these two services accept for file uploads, if you need more then the default 10 MiB. + ### Timezone settings The image supports the use of the following two environment variables to adjust the timezone. This is most useful to ensure the logs show the correct local time. diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf index 4553a26..279f76d 100644 --- a/etc/nginx/nginx.conf +++ b/etc/nginx/nginx.conf @@ -63,8 +63,8 @@ http { # since TCP frames are filled up before being sent out. tcp_nopush on; - # Allow up to 3 MiB payload, privatebin defaults to 2 MiB. - client_max_body_size 3M; + # Allow up to 15 MiB payload, privatebin defaults to 10 MiB. + client_max_body_size 15M; # Load even moar configs include /etc/nginx/conf.d/*.conf; diff --git a/etc/php7/conf.d/00-docker.ini b/etc/php7/conf.d/00-docker.ini index 7d82970..dc0c7c7 100644 --- a/etc/php7/conf.d/00-docker.ini +++ b/etc/php7/conf.d/00-docker.ini @@ -17,6 +17,12 @@ log_errors=On +; increase size limits +upload_max_filesize=15M +post_max_size=15M + + + ; best practices ; Disable deprecated short open tags ("