mirror of
https://github.com/DumbWareio/DumbDrop.git
synced 2025-10-22 23:31:57 +00:00
1a8fe19416
* CORS/CSP fix * deprecate ALLOWED_IFRAME_ORIGINS * Revert "deprecate ALLOWED_IFRAME_ORIGINS" This reverts commit9792f06691. * Reapply "deprecate ALLOWED_IFRAME_ORIGINS" This reverts commit683ee93036. * Add helmet config and deprecate previous ALLOWED_IFRAME_ORIGINS * add build to docker compose for local builds * set server to listen on 0.0.0.0 and control with cors * Remove hsts from helmet and apply new pin status check limits * add back allowed_iframe_origins env as a fallback for allowed_origins * update readme for allowed_iframe_origins
34 lines
2.3 KiB
YAML
34 lines
2.3 KiB
YAML
services:
|
|
dumbdrop:
|
|
image: dumbwareio/dumbdrop:latest
|
|
# build: .
|
|
container_name: dumbdrop
|
|
restart: unless-stopped
|
|
ports:
|
|
- 3000:3000
|
|
volumes:
|
|
# Replace "./local_uploads" ( before the colon ) with the path where the files land
|
|
- ./local_uploads:/app/uploads
|
|
environment: # Environment variables for the DumbDrop service
|
|
# Explicitly set upload directory inside the container
|
|
UPLOAD_DIR: /app/uploads
|
|
DUMBDROP_TITLE: DumbDrop # The title shown in the web interface
|
|
MAX_FILE_SIZE: 1024 # Maximum file size in MB
|
|
DUMBDROP_PIN: 123456 # Optional PIN protection (4-10 digits, leave empty to disable)
|
|
AUTO_UPLOAD: true # Upload without clicking button
|
|
BASE_URL: http://localhost:3000 # The base URL for the application, You must update this to the url you use to access your site
|
|
|
|
# Comma-separated list of allowed origins for CORS
|
|
# (default: '*' if empty, replace with your base_url if you want to restrict only to base_url)
|
|
# When adding multiple origins, base_url will be included by default and does not need to the list
|
|
# ALLOWED_IFRAME_ORIGINS: #DEPRECATED and will be used as ALLOWED_ORIGINS if SET
|
|
# ALLOWED_ORIGINS: http://internalip:port,https://subdomain.example.com
|
|
|
|
# Additional available environment variables (commented out with defaults)
|
|
# PORT: 3000 # Server port (default: 3000)
|
|
# NODE_ENV: production # Node environment (development/production) - when not using production ALLOWED_ORIGINS will be set to '*' by default
|
|
# DEBUG: false # Debug mode for verbose logging (default: false in production, true in development)
|
|
# APPRISE_URL: "" # Apprise notification URL for upload notifications (default: none)
|
|
# APPRISE_MESSAGE: "New file uploaded - {filename} ({size}), Storage used {storage}" # Notification message template with placeholders: {filename}, {size}, {storage}
|
|
# APPRISE_SIZE_UNIT: "Auto" # Size unit for notifications (B, KB, MB, GB, TB, or Auto)
|
|
# ALLOWED_EXTENSIONS: ".jpg,.jpeg,.png,.pdf,.doc,.docx,.txt" # Comma-separated list of allowed file extensions (default: all allowed) |