Docker搭建pigallery2目录优先的图片库网站

更新于 分类于 阅读次数: 阅读时长 ≈ 21 分钟

搭建pigallery2目录优先的图片库网站

有什么用

搭建pigallery2目录优先的图片库网站

怎么用

章节中讲解了一步步的搭建过程 和 遇到的错误(已经解决步骤)

相关内容

实现方法

DS918部署pigallery2

部署在DS918中, 执行如下命令, 预备动作: 

1
2
3
4
mkdir image && mkdir tmp && mkdir config


vi docker-compose.yml

docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
version: '3'
services:
  nginx:
    image: nginx:latest
    container_name: nginx
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./nginx/error.log:/etc/nginx/error_log.log
      - ./nginx/cache/:/etc/nginx/cache
#      - /etc/letsencrypt/:/etc/letsencrypt/
    ports:
      - 8083:80
#      - 8084:443
    restart: always

  pigallery2:
    image: bpatrik/pigallery2:latest
    container_name: pigallery2
    environment:
      - NODE_ENV=production # set to 'debug' for full debug logging
      # - NODE_OPTIONS=--enable-source-maps # enable source map support on the backend for development
    volumes:
      - "./config:/app/data/config" # CHANGE ME
      - "db-data:/app/data/db"
      - "./images:/app/data/images:ro" # CHANGE ME, ':ro' means read-only
      - "./tmp:/app/data/tmp" # CHANGE ME
    expose:
      - "80"
    restart: always

volumes:
  db-data:
1
vi nginx.conf  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
events {

}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_types
		text/css
		text/plain
		text/javascript
		text/markdown
		application/javascript
		application/json
		application/gpx+xml
		application/x-javascript
		application/xml
		application/xml+rss
		application/xhtml+xml
		application/x-font-ttf
		application/x-font-opentype
		application/vnd.ms-fontobject
		image/svg+xml
		image/x-icon
		application/rss+xml
		application/atom_xml;
  gzip_disable "MSIE [1-6]\.(?!.*SV1)";


	##
	# Virtual Host Configs
	##

   server {
  	listen 8083 default_server;
  	listen [::]:8083 default_server;

  	server_name case.carlzeng.com; # CHANGE ME
  	return 301 https://$server_name$request_uri;
  }

  server {
    server_name carlzeng.com;  # CHANGE ME


    # Only allow all methods (GET,POST,PUT,etc..) for root (/pgapi).
    # see https://github.com/bpatrik/pigallery2/issues/214
    location /pgapi { # NOTE: no ending '/' as it would forward /pgapi to /
      proxy_pass http://pigallery2:80; # forwarding to the other container, named 'pigallery2'
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }

    location / {
      limit_except GET {
        deny  all;
      }
      proxy_pass http://pigallery2:80; # forwarding to the other container, named 'pigallery2'
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection 'upgrade';
      proxy_set_header Host $host;
      proxy_cache_bypass $http_upgrade;
    }

#    listen 8084 ssl default_server;
#    listen [::]:8084 ssl default_server;

#    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # CHANGE ME
#    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # CHANGE ME
#    include /etc/letsencrypt/options-ssl-nginx.conf;
  }
}

修改过配置文件, 去掉ssl相关的配置后, 可以访问测试网站

http://192.168.6.117:8083/gallery/

没有图片.

实现: 如何映射Debian12中的图片目录到DS920中?

1
2
3
4
5
6

源目录, DS918中的
/volume2/homes/13261977480/Photos/

目标目录, Debian12中的:
/root/pigallery2/images

Debian如何配置rsync手工同步

安装rsync

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
root@debian12:~/pigallery2# apt install -y rsync                                                  
Reading package lists... Done                                                                     
Building dependency tree... Done                                                                  
Reading state information... Done                                                                 
Suggested packages:                                                                               
  python3-braceexpand                                                                             
The following NEW packages will be installed:                                                     
  rsync                                                                                           
0 upgraded, 1 newly installed, 0 to remove and 37 not upgraded.                                   
Need to get 417 kB of archives.                                                                   
After this operation, 795 kB of additional disk space will be used.                               
Err:1 http://deb.debian.org/debian bookworm/main amd64 rsync amd64 3.2.7-1                        
  404  Not Found [IP: 151.101.90.132 80]                                                          
E: Failed to fetch http://deb.debian.org/debian/pool/main/r/rsync/rsync_3.2.7-1_amd64.deb  404  No
t Found [IP: 151.101.90.132 80]                                                                   
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

错误解决办法:

apt update

apt install rsync

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
-v: 打印命令执行过程中的详细信息
-r: 递归拷贝数据(在传递文件的过程中不会保留权限信息以及时间戳)
-a: 归档模式,可以允许递归拷贝数据,并且保留链接符号,文件权限,用户和用户组的归属,时间戳
-z: 压缩数据
-h: 可读模式,输出可读的数字格式


rsync -avzh --progress root@192.168.6.203:/volume2/homes/13261977480/Photos /root/pigallery2/images


切换各种用户测试
rsync -avzh --progress DS918@192.168.6.203:/volume2/homes/132619
77480/Photos /root/pigallery2/images
DS918@192.168.6.203's password: 
Permission denied, please try again.
rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
rsync error: error in rsync protocol data stream (code 12) at io.c(232) [Receiver=3.2.7]

没办法 DS918的目录权限太绕了, 无法访问到想要的文件夹和文件; 只能让DS918来运行rsync了

rsync -avzh –progress /volume2/homes/13261977480/Photos carlzeng@192.168.6.117:/root/pigallery2/images

1
2
3
4
5
6
7
8
9
root@DS918:~# rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/root/pigallery2/images                                                                               
The authenticity of host '192.168.6.117 (192.168.6.117)' can't be established.                    
ECDSA key fingerprint is SHA256:2DtPJyL4F/scW7WqVrX7G4KimA8kokRW8DjCUV3MZp8.                      
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes                          
Warning: Permanently added '192.168.6.117' (ECDSA) to the list of known hosts.                    
carlzeng@192.168.6.117's password:                                                                
sending incremental file list                                                                     
rsync: [Receiver] ERROR: cannot stat destination "/root/pigallery2/images": Permission denied (13)
rsync error: errors selecting input/output files, dirs (code 3) at main.c(772) [Receiver=3.2.7]

切换思路, 既然root用户无法登录ssh, 其他用户又无法访问到/root目录下面的所有文件;

那就把照片的目录换到最顶级, 让大家(所有ssh登录的用户)都可以访问的位置, 比如 /

1
2
3
4
5
6
7
8
9
10
11
rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/   
carlzeng***@192.168.6.117's password:                                                                
sending incremental file list                                                                     
rsync: [generator] recv_generator: mkdir "/Photos" failed: Permission denied (13)                 
*** Skipping any contents from this failed directory ***                                          
Photos/                                                                                           
                                                                                                  
sent 2.38M bytes  received 13.90K bytes  368.38K bytes/sec                                        
total size is 8.45G  speedup is 3,528.67                                                          
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1462)
 [sender=3.1.2]                                
1
2
3
4
5
6
7
正确的目录:  /home/carlzeng

rsync -avzh --progress /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/home/carlzeng

......
sent 8.44G bytes  received 1.50M bytes  14.38M bytes/sec
total size is 8.45G  speedup is 1.00

对临时用户的访问, 在时间上做限制, 比如有效期1小时,

1小时内可访问(有效); 或者 10分钟有效期

TODO: 配置rsync 自动同步

配置成服务, 这样系统定时自动同步(时间是一个纬度, 有没有其他的触发机制?)

定时同步

编辑crontab

1
crontab -e

加入如下代码:

1
10 0 * * * rsync -avzP --delete --password-file=/tmp/rsync.password zj@192.168.7.101::zjhome /cygdrive/d/Pic/

  1. 先在~目录下(执行rsync的目录, /root )建个一个rsync_auth.txt的文件 用来存储密钥

    1
    ***car**>rsync_auth.txt

  2. 编辑命令, 准备输入给crontab -e

    1
    rsync -avzh --password-file=/root/rsync_auth.txt /volume2/homes/13261977480/Photos carlzeng***@192.168.6.117:/home/carlzeng

The –password-file option may only be used when accessing an rsync daemon. rsync error: syntax or usage error (code 1) at main.c(1666) [sender=3.1.2]

解决办法:

sshpass

DS918无法安装sshpass

切换方案到

1

  • cd to a private directory of the user which will be running the script (typically “$HOME/.ssh”, to be created if needed). That directory must be protected to write acces from other users, fix the modes if needed.
  • generate the keypair using command “ssh-keygen” (“/usr/syno/bin/ssh-keygen” if not in your PATH)
  • at the prompt “Enter file in which to save the key”, choose a file name (let’s say “mykey”)
  • at the prompt “Enter passphrase (empty for no passphrase):” press return (this will create a passwordless private key)
  • Two files will be created: “mykey” and “mykey.pub”
  • copy the contents of mykey.pub inside “$HOME/.ssh/authorized_key” file of user account on the remote machine your script is going to connect to.
  • in your script, add “-i“ as argument to the ssh command

“ssh -i’/root/.ssh/mykey’”

1
2
3
4
5
rsync -avzhe "ssh -i'/tmp/mykey'" '/volume2/homes/13261977480/Photos'  'carlzeng****@
192.168.6.117:/home/carlzeng***'                                                                     
carlzeng****@192.168.6.117's password:

还是失败了, 需要输入密码

下一步: 切换到 rsync服务

  1. 如果是群晖, 那直接使用系统的定时任务功能

    image-20250419225836532

Ubuntu/Debian 安装 rsync 服务

下一步

照片EXIF编辑器, 批量编辑照片的信息, 或者tag; 方便归类

exiftool.org

灵感来源

目录优先的图片库网站PiGallery2

PiGallery2 docker installation

(请输入关键字以后回车,检索内容涵盖全局站点)

个性化需求沟通 扫客服加V加群: