tonic

module
v0.0.0-...-02d3828 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 17, 2020 License: MIT

README

tonic

tonic is a zero-storage web application for managing file actions of a local storage of public images. Zero-storage means that, after configuration, no persistent storage is required like a database or flat file storage.

So, this is a really simple, single user image manager. If you are looking for something more complex and functional, take a look on this open source approach which is currently under development.

Technical Details

Basic authentication is done by a by config predefined password or password hash which is sent on login via the REST API. After successful password check, a JWT is created and signed with a randomly generated key, which is initialized on startup, and then stored as HTTP cookie. This cookie will be sent and validated on each following REST request.

The front end SPA (Single Page Application) is created with React, React Router and material-ui.

The REST API backend and file management is created with Go and Gin as web server wrapper.

The back end creates and caches (if configured) image thumbnails for faster dashboard loading times using nfnt/resize. These thumbnail files are, if cached, saved inside the container space, by default, and will be deleted on container recreate. However, if you want to have persistent cache, just bind the cache location to a volume.

Here, you can find the full list of dependencies used for the back end:
https://github.com/zekroTJA/tonic/blob/master/go.mod

Setup

The recommendet way to set up tonic is by using either the automatically built docker image or by building the image yourself using the provided Dockerfile.

Then, just create and start up the container:

$ docker run -d \
  --name tonic \
  -p 8080:8080 \
  -e 'TONIC_ADDRESS=tonic:8080' \
  -e 'TONIC_PASSWORD=$2a$10$9Ff...' \
  -v "/var/www/html/screenshots:/var/img" \
  -v "$PWD/tonic/cache:/tmp/thumbnails" # ignore this line if you 
                                        # don't want persistent cache

Or, simply using docker-compose:

version: '3.7'

# Ignore this, if you don't want persistent
# thumbnail cache
volumes:
  tonic-cache:

services:
  tonic:
    image: 'zekro/tonic:latest'
    ports:
      - '80:8080'
    environment:
      TONIC_ADDRESS:  'tonic:8080'
      TONIC_PASSWORD: '$$2a$$10$$9Ff...'
    volumes:
      - '/var/www/html/screenshots:/var/img'
      # Ignore this, if you don't want persistent
      # thumbnail cache
      - 'tonic-cache:/tmp/thumbnails'
    restart: always
Password

You can use either a clear text password has TONIC_PASSWORD or a bcrypt hash of a password.

You can use bcrypt-generator.com to generate a hash or simply use the hasher deployed within the tonic image:

$ docker-compose exec tonic hasher -c 14 -s -e 'MyPassword'
> $$2a$$14$$EkLKvDK0/MJHsAx3v/3n5eEgXYX.qqYuEOLkJs7I7oPMODMQcI.aa

You output will differ becasue bcrypt naturally uses salts within the hash.

Keep in mind that dollar signs ($) needs to be doubled when used as environment variable values inside the docker-compose.yml. Use the flag -e of the hasher tool which will then automatically escape the hash for you.

Persistent Session Keys

Defaultly, tonic generates a random 256bit key on startup which will then be used for signing the JWT session keys. That also means, that all logins are getting invalid after restart. If you want to avoid this, you can set a persistent JWT key by setting the TONIC_JWTSECRET environment variable.

© 2020 Ringo Hoffmann (zekro Development)
Covered by MIT Licence.

Directories

Path Synopsis
cmd
hasher
tonic
internal
api
config
hashing
imgstore
thumbnails
util

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.