Install Chevereto - Open Source Image Hosting Website Using Docker - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Saturday, January 9, 2021

Install Chevereto - Open Source Image Hosting Website Using Docker

Chevereto is an image hosting php application that allows you to get your own beautiful and full-featured image hosting website on your own server. There are a couple of ways to install it. In this post, I am going to show you the steps to install Chevereto using Docker.




Install Docker in Ubuntu or CentOS

For CentOS:

sudo -i
yum -y update
curl -sSL https://get.docker.com/ | sh
systemctl start docker.service
systemctl enable docker.service


For Ubuntu

sudo apt update
sudo apt upgrade
sudo apt install docker.io -y
sudo -i
systemctl start docker
systemctl enable docker
docker version
For Ubuntu 20.04 version


#Ubuntu 20.04
sudo apt install docker.io
sudo apt install docker-compose


Not necessary, here are the commands to install Docker Compose:


  1. Run this command to download the current stable release of Docker Compose:

    sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    

    To install a different version of Compose, substitute 1.27.4 with the version of Compose you want to use.


  2. Apply executable permissions to the binary:

    sudo chmod +x /usr/local/bin/docker-compose
    

Note: If the command docker-compose fails after installation, check your path. You can also create a symbolic link to /usr/bin or any other directory in your path.

For example:

sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
  1. Optionally, install command completion for the bash and zsh shell.

  2. Test the installation.

    $ docker-compose --version
    docker-compose version 1.27.4, build 1110ad01


Chevereto Docker

Docker Image from : https://hub.docker.com/r/nmtan/chevereto/

Docker compose

vi docker-compose.yaml
version: '3'

services:
  db:
    image: mariadb
    volumes:
      - database:/var/lib/mysql:rw
    restart: always
    networks:
      - private
    environment:
      MYSQL_ROOT_PASSWORD: chevereto_root
      MYSQL_DATABASE: chevereto
      MYSQL_USER: chevereto
      MYSQL_PASSWORD: chevereto

  chevereto:
    depends_on:
      - db
    image: nmtan/chevereto
    restart: always
    networks:
      - private
    environment:
      CHEVERETO_DB_HOST: db
      CHEVERETO_DB_USERNAME: chevereto
      CHEVERETO_DB_PASSWORD: chevereto
      CHEVERETO_DB_NAME: chevereto
      CHEVERETO_DB_PREFIX: chv_
    volumes:
      - chevereto_images:/var/www/html/images:rw
    ports:
      - 8080:80

networks:
  private:
volumes:
  database:
  chevereto_images:

Once docker-compose.yaml is ready, you can run

docker-compose up -d


docker ps

docker inspect <container id>


Open Browser to url : http://<public ip>:8080



1. Get php.ini location


$ php -ini

 

2. Change PHP Settings

If there is no php.ini file at /usr/local/etc/php, just create one. 

There is 

upload_max_filesize = 5M


 

3. Restart Apache Server

Restart Apache Server to apply changes

$ service apache2 restart



root@0a9be842857e:/var/www/html# cd /usr/local/etc/php
root@0a9be842857e:/usr/local/etc/php# nano php.ini

display_errors = on
log_errors = on
error_reporting = 32767
error_log = /var/www/html/err_log.txt

upload_max_filesize = 10M
post_max_size = 20M
max_execution_time = 9000
memory_limit = 256M


Install Portainer 


docker volume create portainer_data
docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
docker ps
Use your browser to access URL http://<public ip of your linuxserver>:9000
First time, it will ask you to set up admin user's password.



Create Nginx Container


Docker image:johnyan2/nginx1netsec


Nginx is using Bridge network. Restart policy is also set to Always. 


root@5fbe841d1f40:/# ls
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
root@5fbe841d1f40:/# cd etc
root@5fbe841d1f40:/etc# cd nginx
root@5fbe841d1f40:/etc/nginx# cd conf.d
root@5fbe841d1f40:/etc/nginx/conf.d# ls
default.conf  portainer.conf  webssh.conf  wordpress.conf
root@5fbe841d1f40:/etc/nginx/conf.d# nano chevereto.conf 
server {
    listen       80;
    server_name  chevereto.51sec.org;
location / {
    proxy_pass       http://132.145.9.4:8080;
    proxy_redirect             off;
    proxy_http_version         1.1;
    proxy_set_header Upgrade   $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host      $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}
root@5fbe841d1f40:/etc/nginx/conf.d# 



root@5fbe841d1f40:/etc/nginx/conf.d# cat portainer.conf 
server {
    listen       80;
    server_name  gcp1portainer.51sec.org;

location / {
    proxy_pass       http://132.145.9.41:9000;
    proxy_redirect             off;
    proxy_http_version         1.1;
    proxy_set_header Upgrade   $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host      $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

service nginx restart




Other scripts

Here is another Docker configuration file from : https://dbtechreviews.com/2020/08/chevereto-on-docker-self-hosted-imgur/

Go to Portainer and copy this to a new stack:

version: '2'
services:
db:
image: mariadb
volumes:
- /database:/var/lib/mysql:rw # I haven't had good luck putting this database in a different directory
restart: unless-stopped
networks:
- private
environment:
MYSQL_ROOT_PASSWORD: chevereto_root
MYSQL_DATABASE: chevereto
MYSQL_USER: chevereto
MYSQL_PASSWORD: chevereto
chevereto:
depends_on:
- db
image: nmtan/chevereto
restart: unless-stopped
networks:
- private
environment:
CHEVERETO_DB_HOST: db
CHEVERETO_DB_USERNAME: chevereto
CHEVERETO_DB_PASSWORD: chevereto
CHEVERETO_DB_NAME: chevereto
CHEVERETO_DB_PREFIX: chv_
volumes:
- /srv/dev-disk-by-label-ssd/conf/Chevereto/chevereto_images:/var/www/html/images:rw
- /srv/dev-disk-by-label-ssd/conf/php.ini:/usr/local/etc/php/php.ini:ro
ports:
- 8686:80
networks:
private:
volumes:
database:
chevereto_images:


Additional Chevereto Modifications

The php.ini file will need to be created by you if you don’t already have one available for use. By default, you won’t be able to upload images more than 2mb and this will fix that.

Here is the contents of my php.ini file for this setup:

upload_max_filesize = 20M
post_max_size = 20M
memory_limit = 512M
max_execution_time = 180

You’ll also need to make sure you set the correct permissions to the chevereto_images folder. To do that, and using previous setup as an example, you would use the following command:

sudo chmod -R a+rwx /srv/dev-disk-by-label-ssd/conf/Chevereto/chevereto_images


References

  • https://v3-docs.chevereto.com/setup/install.html#procedures








No comments:

Post a Comment