Spaces:
Running
Running
Update Dockerfile
Browse files- Dockerfile +65 -15
Dockerfile
CHANGED
|
@@ -6,59 +6,109 @@ RUN apt-get update && apt-get install -y xvfb python3 && rm -rf /var/lib/apt/lis
|
|
| 6 |
|
| 7 |
ENV SERVER_PORT=8012
|
| 8 |
ENV KKFILEVIEW_SECURITY_TRUST_HOST=default
|
|
|
|
| 9 |
|
| 10 |
-
# 创建 Token
|
| 11 |
RUN printf '#!/usr/bin/env python3\n\
|
| 12 |
import http.server\n\
|
| 13 |
import socketserver\n\
|
| 14 |
import urllib.request\n\
|
| 15 |
import os\n\
|
|
|
|
| 16 |
from urllib.parse import urlparse, parse_qs\n\
|
| 17 |
\n\
|
|
|
|
|
|
|
|
|
|
|
|
|
| 18 |
PORT = 7860\n\
|
| 19 |
BACKEND = "http://127.0.0.1:8012"\n\
|
| 20 |
TOKEN = os.getenv("ACCESS_TOKEN", "changeme")\n\
|
| 21 |
\n\
|
|
|
|
|
|
|
|
|
|
|
|
|
| 22 |
class TokenHandler(http.server.SimpleHTTPRequestHandler):\n\
|
|
|
|
|
|
|
|
|
|
| 23 |
def do_GET(self):\n\
|
| 24 |
parsed = urlparse(self.path)\n\
|
| 25 |
params = parse_qs(parsed.query)\n\
|
| 26 |
\n\
|
| 27 |
-
|
| 28 |
-
|
|
|
|
|
|
|
| 29 |
self.send_response(403)\n\
|
|
|
|
| 30 |
self.end_headers()\n\
|
| 31 |
-
self.wfile.write(b"Access
|
| 32 |
return\n\
|
| 33 |
\n\
|
| 34 |
-
|
| 35 |
url = BACKEND + self.path\n\
|
| 36 |
try:\n\
|
| 37 |
-
response = urllib.request.urlopen(url)\n\
|
| 38 |
self.send_response(response.getcode())\n\
|
| 39 |
for header, value in response.headers.items():\n\
|
| 40 |
-
|
|
|
|
| 41 |
self.end_headers()\n\
|
| 42 |
self.wfile.write(response.read())\n\
|
| 43 |
except Exception as e:\n\
|
|
|
|
| 44 |
self.send_error(502, f"Backend error: {str(e)}")\n\
|
|
|
|
|
|
|
| 45 |
\n\
|
| 46 |
-
|
| 47 |
-
|
| 48 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 49 |
chmod +x /token_check.py
|
| 50 |
|
| 51 |
-
#
|
| 52 |
RUN printf '#!/bin/bash\n\
|
|
|
|
|
|
|
| 53 |
echo "=== Starting kkFileView with Token Auth ==="\n\
|
| 54 |
-
echo "
|
| 55 |
-
echo ""\n\
|
| 56 |
Xvfb :99 -screen 0 1024x768x24 &\n\
|
|
|
|
| 57 |
export DISPLAY=:99\n\
|
|
|
|
| 58 |
sleep 2\n\
|
|
|
|
|
|
|
|
|
|
| 59 |
/opt/kkFileView/bin/kkFileView --server.port=8012 &\n\
|
| 60 |
-
|
| 61 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 62 |
chmod +x /start.sh
|
| 63 |
|
| 64 |
EXPOSE 7860
|
|
|
|
| 6 |
|
| 7 |
ENV SERVER_PORT=8012
|
| 8 |
ENV KKFILEVIEW_SECURITY_TRUST_HOST=default
|
| 9 |
+
ENV ACCESS_TOKEN=your-secret-token-here
|
| 10 |
|
| 11 |
+
# 创建 Token 验证脚本(添加更多日志)
|
| 12 |
RUN printf '#!/usr/bin/env python3\n\
|
| 13 |
import http.server\n\
|
| 14 |
import socketserver\n\
|
| 15 |
import urllib.request\n\
|
| 16 |
import os\n\
|
| 17 |
+
import sys\n\
|
| 18 |
from urllib.parse import urlparse, parse_qs\n\
|
| 19 |
\n\
|
| 20 |
+
# 强制立即输出(不缓冲)\n\
|
| 21 |
+
sys.stdout = os.fdopen(sys.stdout.fileno(), "w", buffering=1)\n\
|
| 22 |
+
sys.stderr = os.fdopen(sys.stderr.fileno(), "w", buffering=1)\n\
|
| 23 |
+
\n\
|
| 24 |
PORT = 7860\n\
|
| 25 |
BACKEND = "http://127.0.0.1:8012"\n\
|
| 26 |
TOKEN = os.getenv("ACCESS_TOKEN", "changeme")\n\
|
| 27 |
\n\
|
| 28 |
+
print(f"[TOKEN_PROXY] Starting on port {PORT}", flush=True)\n\
|
| 29 |
+
print(f"[TOKEN_PROXY] Backend: {BACKEND}", flush=True)\n\
|
| 30 |
+
print(f"[TOKEN_PROXY] Token configured: {TOKEN[:5]}...", flush=True)\n\
|
| 31 |
+
\n\
|
| 32 |
class TokenHandler(http.server.SimpleHTTPRequestHandler):\n\
|
| 33 |
+
def log_message(self, format, *args):\n\
|
| 34 |
+
print(f"[TOKEN_PROXY] {format % args}", flush=True)\n\
|
| 35 |
+
\n\
|
| 36 |
def do_GET(self):\n\
|
| 37 |
parsed = urlparse(self.path)\n\
|
| 38 |
params = parse_qs(parsed.query)\n\
|
| 39 |
\n\
|
| 40 |
+
provided_token = params.get("token", [""])[0]\n\
|
| 41 |
+
\n\
|
| 42 |
+
if provided_token != TOKEN:\n\
|
| 43 |
+
print(f"[TOKEN_PROXY] Access denied - invalid token", flush=True)\n\
|
| 44 |
self.send_response(403)\n\
|
| 45 |
+
self.send_header("Content-type", "text/html")\n\
|
| 46 |
self.end_headers()\n\
|
| 47 |
+
self.wfile.write(b"<h1>Access Denied</h1><p>Please provide valid token in URL: ?token=YOUR_TOKEN</p>")\n\
|
| 48 |
return\n\
|
| 49 |
\n\
|
| 50 |
+
print(f"[TOKEN_PROXY] Valid token - forwarding request", flush=True)\n\
|
| 51 |
url = BACKEND + self.path\n\
|
| 52 |
try:\n\
|
| 53 |
+
response = urllib.request.urlopen(url, timeout=30)\n\
|
| 54 |
self.send_response(response.getcode())\n\
|
| 55 |
for header, value in response.headers.items():\n\
|
| 56 |
+
if header.lower() not in ["connection", "transfer-encoding"]:\n\
|
| 57 |
+
self.send_header(header, value)\n\
|
| 58 |
self.end_headers()\n\
|
| 59 |
self.wfile.write(response.read())\n\
|
| 60 |
except Exception as e:\n\
|
| 61 |
+
print(f"[TOKEN_PROXY] Backend error: {str(e)}", flush=True)\n\
|
| 62 |
self.send_error(502, f"Backend error: {str(e)}")\n\
|
| 63 |
+
\n\
|
| 64 |
+
do_POST = do_GET\n\
|
| 65 |
\n\
|
| 66 |
+
try:\n\
|
| 67 |
+
with socketserver.TCPServer(("", PORT), TokenHandler) as httpd:\n\
|
| 68 |
+
print(f"[TOKEN_PROXY] Server running successfully!", flush=True)\n\
|
| 69 |
+
print(f"[TOKEN_PROXY] Access URL: http://localhost:{PORT}/onlinePreview?url=YOUR_FILE&token={TOKEN}", flush=True)\n\
|
| 70 |
+
httpd.serve_forever()\n\
|
| 71 |
+
except Exception as e:\n\
|
| 72 |
+
print(f"[TOKEN_PROXY] FATAL ERROR: {str(e)}", flush=True)\n\
|
| 73 |
+
import traceback\n\
|
| 74 |
+
traceback.print_exc()\n\
|
| 75 |
+
sys.exit(1)\n' > /token_check.py && \
|
| 76 |
chmod +x /token_check.py
|
| 77 |
|
| 78 |
+
# 启动脚本(添加更多调试)
|
| 79 |
RUN printf '#!/bin/bash\n\
|
| 80 |
+
set -e\n\
|
| 81 |
+
\n\
|
| 82 |
echo "=== Starting kkFileView with Token Auth ==="\n\
|
| 83 |
+
echo "Step 1: Starting Xvfb..."\n\
|
|
|
|
| 84 |
Xvfb :99 -screen 0 1024x768x24 &\n\
|
| 85 |
+
XVFB_PID=$!\n\
|
| 86 |
export DISPLAY=:99\n\
|
| 87 |
+
echo "Xvfb started with PID: $XVFB_PID"\n\
|
| 88 |
sleep 2\n\
|
| 89 |
+
\n\
|
| 90 |
+
echo ""\n\
|
| 91 |
+
echo "Step 2: Starting kkFileView backend on port 8012..."\n\
|
| 92 |
/opt/kkFileView/bin/kkFileView --server.port=8012 &\n\
|
| 93 |
+
KKFILEVIEW_PID=$!\n\
|
| 94 |
+
echo "kkFileView started with PID: $KKFILEVIEW_PID"\n\
|
| 95 |
+
\n\
|
| 96 |
+
echo ""\n\
|
| 97 |
+
echo "Step 3: Waiting for backend to be ready..."\n\
|
| 98 |
+
for i in {1..30}; do\n\
|
| 99 |
+
if curl -s http://127.0.0.1:8012 > /dev/null 2>&1; then\n\
|
| 100 |
+
echo "Backend is ready!"\n\
|
| 101 |
+
break\n\
|
| 102 |
+
fi\n\
|
| 103 |
+
echo "Waiting... ($i/30)"\n\
|
| 104 |
+
sleep 1\n\
|
| 105 |
+
done\n\
|
| 106 |
+
\n\
|
| 107 |
+
echo ""\n\
|
| 108 |
+
echo "Step 4: Starting Token Auth Proxy on port 7860..."\n\
|
| 109 |
+
echo "Python version: $(python3 --version)"\n\
|
| 110 |
+
echo ""\n\
|
| 111 |
+
python3 -u /token_check.py\n' > /start.sh && \
|
| 112 |
chmod +x /start.sh
|
| 113 |
|
| 114 |
EXPOSE 7860
|