Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 3f70e5f1c7 | |||
| dd1fb6af9b | |||
| 7ac355c0d0 |
@@ -4,6 +4,10 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
:80 {
|
:80 {
|
||||||
|
basicauth /* {
|
||||||
|
{$AUTH_USER:admin} {$AUTH_HASH:$2a$14$J3A9qfgJTikjVe.XmDn49OUjOrPiiwAN3.SXbK1tvfef1XzDkIuRm}
|
||||||
|
}
|
||||||
|
|
||||||
encode zstd gzip
|
encode zstd gzip
|
||||||
|
|
||||||
@mcp path /mcp
|
@mcp path /mcp
|
||||||
|
|||||||
@@ -3,7 +3,6 @@
|
|||||||
Private self-hosted Excalidraw with Bun, Caddy, and SQLite.
|
Private self-hosted Excalidraw with Bun, Caddy, and SQLite.
|
||||||
|
|
||||||
This is bare wrapper around the excalidraw packages that adds autosave and disk-persistence.
|
This is bare wrapper around the excalidraw packages that adds autosave and disk-persistence.
|
||||||
No auth to keep things simple - you either run in a private network or put it behind Caddy auth or similar solutions.
|
|
||||||
|
|
||||||
> GPT 5.5 generated
|
> GPT 5.5 generated
|
||||||
|
|
||||||
@@ -82,3 +81,29 @@ docker run --rm \
|
|||||||
|
|
||||||
Bind-mounting a different file to `/config/styles-guide.md` overrides the bundled default for that container.
|
Bind-mounting a different file to `/config/styles-guide.md` overrides the bundled default for that container.
|
||||||
Local non-container runs are unchanged; if you want a styles guide there, you still need a file at `/config/styles-guide.md`.
|
Local non-container runs are unchanged; if you want a styles guide there, you still need a file at `/config/styles-guide.md`.
|
||||||
|
|
||||||
|
## Authentication
|
||||||
|
|
||||||
|
By default, the application is protected by basic authentication using Caddy.
|
||||||
|
The default credentials are:
|
||||||
|
- **Username:** `admin`
|
||||||
|
- **Password:** `password`
|
||||||
|
|
||||||
|
You can customize these by setting the following environment variables when running the Docker container.
|
||||||
|
The password must be hashed using `bcrypt` since Caddy requires hashed passwords for basicauth.
|
||||||
|
|
||||||
|
**Intended flow to set a custom password:**
|
||||||
|
1. Generate a bcrypt hash of your desired password. For example, using a container to run Caddy's hash-password utility:
|
||||||
|
```bash
|
||||||
|
docker run --rm caddy:2-alpine caddy hash-password --plaintext your_secure_password
|
||||||
|
```
|
||||||
|
2. Pass the generated hash and your desired username via environment variables when running the app:
|
||||||
|
```bash
|
||||||
|
docker run --rm \
|
||||||
|
-p 127.0.0.1:3000:80 \
|
||||||
|
-e PUBLIC_BASE_URL=http://localhost:3000 \
|
||||||
|
-e AUTH_USER=myuser \
|
||||||
|
-e AUTH_HASH='\$2a\$14\$exampleHash...' \
|
||||||
|
-v "$PWD/excali-box-data:/data" \
|
||||||
|
ghcr.io/ruinivist/excalidraw-box:latest
|
||||||
|
```
|
||||||
|
|||||||
@@ -1,6 +1,10 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -eu
|
set -eu
|
||||||
|
|
||||||
|
if [ "${AUTH_HASH:-}" = "\$2a\$14\$J3A9qfgJTikjVe.XmDn49OUjOrPiiwAN3.SXbK1tvfef1XzDkIuRm" ] || [ -z "${AUTH_HASH:-}" ]; then
|
||||||
|
echo "WARNING: Using the default password for basic authentication. It is highly recommended to change it by setting the AUTH_HASH environment variable." >&2
|
||||||
|
fi
|
||||||
|
|
||||||
app_pid=""
|
app_pid=""
|
||||||
mcp_pid=""
|
mcp_pid=""
|
||||||
caddy_pid=""
|
caddy_pid=""
|
||||||
|
|||||||
Reference in New Issue
Block a user