Spaces:
Running
Running
Update Dockerfile
Browse files- Dockerfile +51 -99
Dockerfile
CHANGED
|
@@ -1,124 +1,76 @@
|
|
| 1 |
-
FROM ymlisoft/kkfileview
|
| 2 |
|
| 3 |
USER root
|
| 4 |
|
| 5 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
|
|
|
|
| 7 |
ENV SERVER_PORT=8012
|
| 8 |
ENV KKFILEVIEW_SECURITY_TRUST_HOST=default
|
| 9 |
-
ENV
|
|
|
|
| 10 |
|
| 11 |
-
#
|
| 12 |
-
RUN
|
| 13 |
-
|
| 14 |
-
|
| 15 |
-
|
| 16 |
-
import os\n\
|
| 17 |
-
import sys\n\
|
| 18 |
-
from urllib.parse import urlparse, parse_qs\n\
|
| 19 |
\n\
|
| 20 |
-
|
| 21 |
-
|
|
|
|
| 22 |
\n\
|
| 23 |
-
|
| 24 |
-
|
| 25 |
-
|
| 26 |
-
|
| 27 |
-
|
| 28 |
-
|
| 29 |
-
|
| 30 |
-
\n\
|
| 31 |
-
|
| 32 |
-
|
| 33 |
-
print(f"[ACCESS] {format % args}", flush=True)\n\
|
| 34 |
-
\n\
|
| 35 |
-
def do_GET(self):\n\
|
| 36 |
-
parsed = urlparse(self.path)\n\
|
| 37 |
-
params = parse_qs(parsed.query)\n\
|
| 38 |
-
provided_token = params.get("token", [""])[0]\n\
|
| 39 |
-
\n\
|
| 40 |
-
if provided_token != TOKEN:\n\
|
| 41 |
-
print(f"[DENIED] Invalid token from {self.client_address[0]}", flush=True)\n\
|
| 42 |
-
self.send_response(403)\n\
|
| 43 |
-
self.send_header("Content-type", "text/html; charset=utf-8")\n\
|
| 44 |
-
self.end_headers()\n\
|
| 45 |
-
html = f"""<!DOCTYPE html>\n\
|
| 46 |
-
<html><head><meta charset="utf-8"><title>Access Denied</title></head>\n\
|
| 47 |
-
<body style="font-family: Arial; padding: 50px; text-align: center;">\n\
|
| 48 |
-
<h1>🔒 Access Denied</h1>\n\
|
| 49 |
-
<p>Please provide valid token in URL</p>\n\
|
| 50 |
-
<p><code>?token=YOUR_TOKEN</code></p>\n\
|
| 51 |
-
<p style="color: #666; margin-top: 30px;">Current token: <strong>{provided_token or "(empty)"}</strong></p>\n\
|
| 52 |
-
</body></html>"""\n\
|
| 53 |
-
self.wfile.write(html.encode())\n\
|
| 54 |
-
return\n\
|
| 55 |
-
\n\
|
| 56 |
-
print(f"[ALLOWED] Valid token - forwarding to backend", flush=True)\n\
|
| 57 |
-
url = BACKEND + self.path\n\
|
| 58 |
-
try:\n\
|
| 59 |
-
req = urllib.request.Request(url)\n\
|
| 60 |
-
for header in ["User-Agent", "Accept", "Accept-Language"]:\n\
|
| 61 |
-
if header in self.headers:\n\
|
| 62 |
-
req.add_header(header, self.headers[header])\n\
|
| 63 |
-
\n\
|
| 64 |
-
response = urllib.request.urlopen(req, timeout=60)\n\
|
| 65 |
-
self.send_response(response.getcode())\n\
|
| 66 |
-
for header, value in response.headers.items():\n\
|
| 67 |
-
if header.lower() not in ["connection", "transfer-encoding"]:\n\
|
| 68 |
-
self.send_header(header, value)\n\
|
| 69 |
-
self.end_headers()\n\
|
| 70 |
-
self.wfile.write(response.read())\n\
|
| 71 |
-
except Exception as e:\n\
|
| 72 |
-
print(f"[ERROR] Backend error: {str(e)}", flush=True)\n\
|
| 73 |
-
self.send_error(502, f"Backend error: {str(e)}")\n\
|
| 74 |
-
\n\
|
| 75 |
-
do_POST = do_GET\n\
|
| 76 |
-
\n\
|
| 77 |
-
try:\n\
|
| 78 |
-
with socketserver.TCPServer(("0.0.0.0", PORT), TokenHandler) as httpd:\n\
|
| 79 |
-
print(f"[TOKEN_PROXY] ✅ Server ready on port {PORT}!", flush=True)\n\
|
| 80 |
-
print(f"[TOKEN_PROXY] Access: https://your-space.hf.space/?token={TOKEN}", flush=True)\n\
|
| 81 |
-
httpd.serve_forever()\n\
|
| 82 |
-
except Exception as e:\n\
|
| 83 |
-
print(f"[FATAL] {str(e)}", flush=True)\n\
|
| 84 |
-
import traceback\n\
|
| 85 |
-
traceback.print_exc()\n\
|
| 86 |
-
sys.exit(1)\n' > /token_check.py && \
|
| 87 |
-
chmod +x /token_check.py
|
| 88 |
|
| 89 |
# 启动脚本
|
| 90 |
RUN printf '#!/bin/bash\n\
|
| 91 |
set -e\n\
|
| 92 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 93 |
echo ""\n\
|
| 94 |
-
|
|
|
|
|
|
|
| 95 |
Xvfb :99 -screen 0 1024x768x24 >/dev/null 2>&1 &\n\
|
| 96 |
export DISPLAY=:99\n\
|
| 97 |
-
sleep
|
| 98 |
echo "✓ Xvfb started"\n\
|
|
|
|
| 99 |
\n\
|
| 100 |
-
|
| 101 |
-
|
|
|
|
| 102 |
KKFILEVIEW_PID=$!\n\
|
| 103 |
echo "✓ kkFileView PID: $KKFILEVIEW_PID"\n\
|
|
|
|
|
|
|
| 104 |
\n\
|
| 105 |
-
|
| 106 |
-
|
| 107 |
-
|
| 108 |
-
echo "✓ Backend ready after ${i}s"\n\
|
| 109 |
-
break\n\
|
| 110 |
-
fi\n\
|
| 111 |
-
if [ $i -eq 60 ]; then\n\
|
| 112 |
-
echo "✗ Backend timeout! Showing logs:"\n\
|
| 113 |
-
tail -50 /tmp/kkfileview.log\n\
|
| 114 |
-
exit 1\n\
|
| 115 |
-
fi\n\
|
| 116 |
-
sleep 1\n\
|
| 117 |
-
done\n\
|
| 118 |
-
\n\
|
| 119 |
-
echo "[4/4] Starting Token Proxy..."\n\
|
| 120 |
echo ""\n\
|
| 121 |
-
|
| 122 |
chmod +x /start.sh
|
| 123 |
|
| 124 |
EXPOSE 7860
|
|
|
|
| 1 |
+
FROM ymlisoft/kkfileview:4.4.0
|
| 2 |
|
| 3 |
USER root
|
| 4 |
|
| 5 |
+
# 安装 Nginx、xvfb 和密码工具
|
| 6 |
+
RUN apt-get update && apt-get install -y \
|
| 7 |
+
nginx \
|
| 8 |
+
apache2-utils \
|
| 9 |
+
xvfb \
|
| 10 |
+
&& rm -rf /var/lib/apt/lists/*
|
| 11 |
|
| 12 |
+
# 环境变量
|
| 13 |
ENV SERVER_PORT=8012
|
| 14 |
ENV KKFILEVIEW_SECURITY_TRUST_HOST=default
|
| 15 |
+
ENV AUTH_USERNAME=admin
|
| 16 |
+
ENV AUTH_PASSWORD=123456
|
| 17 |
|
| 18 |
+
# 配置 Nginx
|
| 19 |
+
RUN rm -f /etc/nginx/sites-enabled/default && \
|
| 20 |
+
printf 'server {\n\
|
| 21 |
+
listen 7860;\n\
|
| 22 |
+
server_name _;\n\
|
|
|
|
|
|
|
|
|
|
| 23 |
\n\
|
| 24 |
+
# 密码保护\n\
|
| 25 |
+
auth_basic "kkFileView Access";\n\
|
| 26 |
+
auth_basic_user_file /etc/nginx/.htpasswd;\n\
|
| 27 |
\n\
|
| 28 |
+
location / {\n\
|
| 29 |
+
proxy_pass http://127.0.0.1:8012;\n\
|
| 30 |
+
proxy_set_header Host $host;\n\
|
| 31 |
+
proxy_set_header X-Real-IP $remote_addr;\n\
|
| 32 |
+
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n\
|
| 33 |
+
proxy_set_header X-Forwarded-Proto $scheme;\n\
|
| 34 |
+
proxy_buffering off;\n\
|
| 35 |
+
}\n\
|
| 36 |
+
}\n' > /etc/nginx/sites-available/kkfileview && \
|
| 37 |
+
ln -s /etc/nginx/sites-available/kkfileview /etc/nginx/sites-enabled/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 38 |
|
| 39 |
# 启动脚本
|
| 40 |
RUN printf '#!/bin/bash\n\
|
| 41 |
set -e\n\
|
| 42 |
+
\n\
|
| 43 |
+
echo "=== kkFileView with Password Protection ==="\n\
|
| 44 |
+
echo ""\n\
|
| 45 |
+
\n\
|
| 46 |
+
# 创建密码文件(使用环境变量)\n\
|
| 47 |
+
echo "Creating password file..."\n\
|
| 48 |
+
htpasswd -cb /etc/nginx/.htpasswd "$AUTH_USERNAME" "$AUTH_PASSWORD"\n\
|
| 49 |
+
echo "✓ Username: $AUTH_USERNAME"\n\
|
| 50 |
+
echo "✓ Password: [HIDDEN]"\n\
|
| 51 |
echo ""\n\
|
| 52 |
+
\n\
|
| 53 |
+
# 启动 Xvfb\n\
|
| 54 |
+
echo "Starting Xvfb..."\n\
|
| 55 |
Xvfb :99 -screen 0 1024x768x24 >/dev/null 2>&1 &\n\
|
| 56 |
export DISPLAY=:99\n\
|
| 57 |
+
sleep 2\n\
|
| 58 |
echo "✓ Xvfb started"\n\
|
| 59 |
+
echo ""\n\
|
| 60 |
\n\
|
| 61 |
+
# 启动 kkFileView(后台)\n\
|
| 62 |
+
echo "Starting kkFileView on port 8012..."\n\
|
| 63 |
+
/opt/kkFileView/bin/kkFileView --server.port=8012 &\n\
|
| 64 |
KKFILEVIEW_PID=$!\n\
|
| 65 |
echo "✓ kkFileView PID: $KKFILEVIEW_PID"\n\
|
| 66 |
+
sleep 5\n\
|
| 67 |
+
echo ""\n\
|
| 68 |
\n\
|
| 69 |
+
# 启动 Nginx(前台)\n\
|
| 70 |
+
echo "Starting Nginx on port 7860..."\n\
|
| 71 |
+
echo "✓ Ready! Access with username and password"\n\
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 72 |
echo ""\n\
|
| 73 |
+
nginx -g "daemon off;"\n' > /start.sh && \
|
| 74 |
chmod +x /start.sh
|
| 75 |
|
| 76 |
EXPOSE 7860
|