The Nihilism Blog
Previous Page

root@Datura - 2023-08-23

librex Setup

In this tutorial we're going to setup a librex instance:

Initial Setup

git clone it, and edit the docker-compose.yml file:


[ nowhere.moe ] [ /dev/pts/8 ] [/srv]
→ git clone https://github.com/hnhx/librex/
Cloning into 'librex'...
remote: Enumerating objects: 2295, done.
remote: Counting objects: 100% (688/688), done.
remote: Compressing objects: 100% (144/144), done.
remote: Total 2295 (delta 599), reused 544 (delta 544), pack-reused 1607
Receiving objects: 100% (2295/2295), 2.20 MiB | 6.31 MiB/s, done.
Resolving deltas: 100% (1358/1358), done.

[ nowhere.moe ] [ /dev/pts/8 ] [/srv]
→ cd librex

[ nowhere.moe ] [ /dev/pts/8 ] [/srv/librex]
→ vim docker-compose.yml
	

[ nowhere.moe ] [ /dev/pts/8 ] [/srv/librex]
→ cat docker-compose.yml
version: "2.1"
services:
  librex:
    image: librex/librex:latest
    container_name: librex
    network_mode: bridge
    ports:
      - 8084:8080
    environment:
      - PUID=1000
      - PGID=1000
      - VERSION=docker
      - TZ=America/New_York
      - CONFIG_GOOGLE_DOMAIN=com
      - CONFIG_GOOGLE_LANGUAGE_SITE=en
      - CONFIG_GOOGLE_LANGUAGE_RESULTS=en
      - CONFIG_WIKIPEDIA_LANGUAGE=en
    volumes:
      - ./nginx_logs:/var/log/nginx
      - ./php_logs:/var/log/php7
    restart: unless-stopped

[ nowhere.moe ] [ /dev/pts/8 ] [/srv/librex]
→ docker-compose up -d
Pulling librex (librex/librex:latest)...
latest: Pulling from librex/librex
63b65145d645: Pull complete
22ab6fc2c8b3: Pull complete
2b2fb351cebe: Pull complete
4f4fb700ef54: Pull complete
d16a3f4b38b2: Pull complete
48bffb4e4449: Pull complete
34c1fa5897b3: Pull complete
Digest: sha256:f9204843149f384eb1e2d3be23978494134f7b69e57886420ddef9faa60d5263
Status: Downloaded newer image for librex/librex:latest
Creating librex ... done

then configure the reverse nginx proxy:




[ nowhere.moe ] [ /dev/pts/9 ] [/etc/nginx/sites-available]
→ vim librex.nowhere.moe.conf


[ nowhere.moe ] [ /dev/pts/9 ] [/etc/nginx/sites-available]
→ cat librex.nowhere.moe.conf
server {
        listen 443 ssl;
        server_name librex.nowhere.moe;

        ssl_certificate /etc/acme/certs/librex.nowhere.moe/librex.nowhere.moe.cer;
    ssl_certificate_key /etc/acme/certs/librex.nowhere.moe/librex.nowhere.moe.key;

    ######## TOR CHANGES ########
    listen 4443;
    listen [::]:4443;
    server_name librex.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
    add_header Onion-Location "http://librex.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
    ######## TOR CHANGES ########


        ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
        ssl_prefer_server_ciphers on;
        ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
        ssl_ecdh_curve secp384r1;
        ssl_session_timeout  10m;
        ssl_session_cache shared:SSL:10m;
        ssl_session_tickets off;
        #ssl_stapling on;
        ssl_stapling_verify on;

        # Security Headers
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; media-src 'self' blob: video.twimg.com; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.twimg.com; manifest-src 'self'";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options DENY;
        add_header X-XSS-Protection "1; mode=block";

        location / {
                proxy_pass http://localhost:8084;
        }

        location = /robots.txt {
                add_header Content-Type text/plain;
                return 200 "User-agent: *\nDisallow: /\n";
        }
}

[ nowhere.moe ] [ /dev/pts/9 ] [/etc/nginx/sites-available]
→ nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

[ nowhere.moe ] [ /dev/pts/9 ] [/etc/nginx/sites-available]
→ nginx -s reload
2023/08/23 14:10:15 [notice] 2865#2865: signal process started

Then test if it works or not:

then contribute to the ecosystem like so


[ nowhere.moe ] [ /dev/pts/8 ] [/srv/librex]
→ cronitor select

✔ docker-compose -f /srv/librex/docker-compose.yml stop ; git -C /srv/librex/ pull ; docker-compose -f /srv/librex/docker-compose.yml pull ; docker-compose -f /srv/librex/docker-compose.yml up -d
----► Running command: docker-compose -f /srv/librex/docker-compose.yml stop ; git -C /srv/librex/ pull ; docker-compose -f /srv/librex/docker-compose.yml pull ; docker-compose -f /srv/librex/docker-compose.yml up -d

Stopping librex ... done
Already up to date.
Pulling librex ... done
Starting librex ... done

----► ✔ Command successful    Elapsed time 3.387s

Nihilism

Until there is Nothing left.



Creative Commons Zero: No Rights Reserved

My Links

RSS Feed
SimpleX Chat

About nihilist

Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8


Contact: nihilist@contact.nowhere.moe (PGP)