Filebrowser is great, it just lacks two things 1) 2FA and 2) the always upcoming OnlyOffice integration. If we got those two nothing else could ever compete with it. It already does pre-views and text editing, but Office documents would be great.
I can split the config to another file, not really a big deal. :)
In the simplest form it might be SSO. It does support multiple users and if you look for instance at the filebrowser it’s very possible to pass the username. But yes, this is very simple, very crude and exactly what a lot of people need.
Hmm… some people are going to say that basic auth would be insecure, I’m not going to be there because in this particular case it’s about the same thing.
However, this might be easier to configure and manage permissions than basic auth. Also this works cross-domain and basic auth will require full re-auth for every domain. Another obvious advantage is that at some point I plan to integrate 2FA.
Why not? 😀 it does have users and permissions…
You can backup the entire file then. I get your point, but it also seems like you’re referring to some container-based approach where you would place this inside a container and then mount the config file to some path. While some people might like that approach, that kind of goes against the original idea here, I didn’t want to run yet another instance of nginx for auth, nor another php-fpm - the ideia was simply to use this on a low power device , no containers, no overhead of duplicate webservers and PHP, just a single nginx running a couple of apps on the same php-fpm alongside this.
Well, it isn’t pretty, but gets the job done.
The thing with PHP in this case is that I was already serving a ton of simple websites / small apps like freshrss that use PHP and by making this tool in PHP it means I don’t need yet another process running and wasting resources, can just re-use the existing php-fpm for this.
For what’s worth PHP is better than it looks, and my implementation is very crude, but also small and auditable and contained to a single file. :)
Alternatives? https://filebrowser.org/
I get the point, but don’t forget those “secrets” are bcrypt hashes. Not really reversible.
If you manage to make it worth with Caddy can you share your config? I can add it to the readme or something. Thanks.
Well, me too. But frankly OpenIAM (24GB of RAM as a requirement) Keycloak, Authelia do too much, require too much and aren’t suitable at all for SBCs and small scale stuff.
Edit: This is targeted at people that run nginx as a standalone server or proxy.
Hm, so now people suddenly notice and care about this? lol
I would go with Prosody or Ejabberd, and here’s a good comparison: https://stackoverflow.com/a/45531372 and Ejabberd is the most used thing out there. https://xmpp.org/software/
Yeah, that’s a good one as well.