mirror of https://github.com/thomiceli/opengist synced 2024-11-08 12:55:50 +01:00

Self-hosted pastebin powered by Git, open-source alternative to Github Gist.

docker gist git go golang pastebin pastebin-service self-hosted tailwindcss typescript

Go to file

Thomas Miceli 14dac703c8 Fix git zombie process		2023-04-20 21:48:25 +02:00
.github/workflows	Improve Dockerfile, docker build CI, Readme	2023-04-10 22:52:52 +02:00
internal	Fix git zombie process	2023-04-20 21:48:25 +02:00
public	Create admin settings and moved signup disable setting there	2023-04-17 00:17:06 +02:00
templates	Fix HTML titles in admin panel	2023-04-17 22:13:19 +02:00
.dockerignore	Better build/watch	2023-04-06 13:55:04 +02:00
.gitattributes	Update .gitattributes	2023-04-03 23:43:48 +02:00
.gitignore	Better build/watch	2023-04-06 13:55:04 +02:00
CHANGELOG.md	v1.1.0	2023-04-18 03:11:28 +02:00
config.yml	Update README.md	2023-04-17 22:00:39 +02:00
Dockerfile	Improve Dockerfile, docker build CI, Readme	2023-04-10 22:52:52 +02:00
fs_embed.go	Better build/watch	2023-04-06 13:55:04 +02:00
fs_os.go	Better build/watch	2023-04-06 13:55:04 +02:00
go.mod	Support Github and Gitea OAuth providers	2023-04-17 14:25:39 +02:00
go.sum	Support Github and Gitea OAuth providers	2023-04-17 14:25:39 +02:00
LICENSE	Initial commit	2023-03-14 16:22:52 +01:00
Makefile	Change config behavior	2023-04-07 23:58:06 +02:00
opengist.go	Change config behavior	2023-04-07 23:58:06 +02:00
package-lock.json	Better build/watch	2023-04-06 13:55:04 +02:00
package.json	Better build/watch	2023-04-06 13:55:04 +02:00
postcss.config.js	Optimize assets	2023-03-23 16:00:48 +01:00
README.md	v1.1.0	2023-04-18 03:11:28 +02:00
tailwind.config.js	Initial commit	2023-03-14 16:22:52 +01:00
tsconfig.json	Convert Javascript to Typescript	2023-04-03 23:37:54 +02:00
vite.config.js	Create admin settings and moved signup disable setting there	2023-04-17 00:17:06 +02:00
watch.sh	Better build/watch	2023-04-06 13:55:04 +02:00

README.md

Opengist

A self-hosted pastebin powered by Git. Try it here.

Features
Install
- With Docker
- From source
Configuration
Administration
- Use Nginx as a reverse proxy
- Use Fail2ban
Configure OAuth
License

Features

Create public or unlisted snippets
Clone / Pull / Push snippets via Git over HTTP or SSH
Revisions history
Syntax highlighting ; markdown & CSV support
Like / Fork snippets
Search for all snippets or for certain users snippets
Editor with indentation mode & size ; drag and drop files
Download raw files or as a ZIP archive
OAuth2 login with GitHub and Gitea
Avatars
Responsive UI
Enable or disable signups
Admin panel : delete users/gists; clean database/filesystem by syncing gists
SQLite database
Logging
Docker support

Todo

Light mode
Tests
Search for snippets
Embed snippets
Filesystem/Redis support for user sessions
Have a cool logo

Install

With Docker

A Docker image, available for each release, can be pulled

docker pull ghcr.io/thomiceli/opengist:1

It can be used in a docker-compose.yml file :

Create a docker-compose.yml file with the following content
Run docker compose up -d
Opengist is now running on port 6157, you can browse http://localhost:6157

version: "3"

services:
  opengist:
    image: ghcr.io/thomiceli/opengist:1
    container_name: opengist
    restart: unless-stopped
    ports:
      - "6157:6157" # HTTP port
      - "2222:2222" # SSH port, can be removed if you don't use SSH
    volumes:
      - "$HOME/.opengist:/root/.opengist"
    environment:
      CONFIG: |
        log-level: info

From source

Requirements : Git (2.20+), Go (1.19+), Node.js (16+)

git clone https://github.com/thomiceli/opengist
cd opengist
make
./opengist

Opengist is now running on port 6157, you can browse http://localhost:6157

Configuration

Opengist can be configured using YAML. The full configuration file is config.yml, each default key/value pair can be overridden.

With docker

Add a CONFIG environment variable in the docker-compose.yml file to the opengist service :

environment:
  CONFIG: |
    log-level: info
    ssh.git-enabled: false
    disable-signup: true
    # ...

With binary

Create a config.yml file (you can reuse this one) and run Opengist binary with the --config flag :

./opengist --config /path/to/config.yml

Administration

Use Nginx as a reverse proxy

Configure Nginx to proxy requests to Opengist. Here is an example configuration file :

server {
    listen 80;
    server_name opengist.example.com;

    location / {
        proxy_pass http://127.0.0.1:6157;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Then run :

service nginx restart

Use Fail2ban

Fail2ban can be used to ban IPs that try to bruteforce the login page. Log level must be set at least to warn.

Add this filter in etc/fail2ban/filter.d/opengist.conf :

[Definition]
failregex =  Invalid .* authentication attempt from <HOST>
ignoreregex =

Add this jail in etc/fail2ban/jail.d/opengist.conf :

[opengist]
enabled = true
filter = opengist
logpath = /home/*/.opengist/log/opengist.log
maxretry = 10
findtime = 3600
bantime = 600
banaction = iptables-allports
port = anyport

Then run

service fail2ban restart

Configure OAuth

Opengist can be configured to use OAuth to authenticate users, with GitHub or Gitea.

Integrate Github

Add a new OAuth app in your Github account settings
Set 'Authorization callback URL' to http://opengist.domain/oauth/github/callback
Copy the 'Client ID' and 'Client Secret' and add them to the configuration :
```
github.client-key: <key>
github.secret: <secret>
```

Integrate Gitea

Add a new OAuth app in Application settings from the Gitea instance
Set 'Redirect URI' to http://opengist.domain/oauth/gitea/callback

Copy the 'Client ID' and 'Client Secret' and add them to the configuration :

gitea.client-key: <key>
gitea.secret: <secret>
# URL of the Gitea instance. Default: https://gitea.com/
gitea.url: http://localhost:3000

License

Opengist is licensed under the AGPL-3.0 license.