Skip to content

Commit 58d1507

Browse files
CodeShellDevCodeShellDev
committed
2 parents 85fc691 + c55a5fd commit 58d1507

File tree

1 file changed

+154
-152
lines changed

1 file changed

+154
-152
lines changed

README.md

Lines changed: 154 additions & 152 deletions
Original file line numberDiff line numberDiff line change
@@ -46,39 +46,39 @@ endpoint restrictions, placeholders, and flexible configuration.
4646
Get the latest version of the `docker-compose.yaml` file:
4747

4848
```yaml
49-
services:
50-
signal-api:
51-
image: bbernhard/signal-cli-rest-api:latest
52-
container_name: signal-api
53-
environment:
54-
- MODE=normal
55-
volumes:
56-
- ./data:/home/.local/share/signal-cli
57-
restart: unless-stopped
58-
networks:
59-
backend:
60-
aliases:
61-
- signal-api
62-
63-
secured-signal:
64-
image: ghcr.io/codeshelldev/secured-signal-api:latest
65-
container_name: secured-signal
66-
environment:
67-
API__URL: http://signal-api:8080
68-
SETTINGS__VARIABLES__RECIPIENTS:
69-
'[+123400002, +123400003, +123400004]'
70-
SETTINGS__VARIABLES__NUMBER: "+123400001"
71-
API__TOKENS: '[LOOOOOONG_STRING]'
72-
ports:
73-
- "8880:8880"
74-
restart: unless-stopped
75-
networks:
76-
backend:
77-
aliases:
78-
- secured-signal-api
79-
80-
networks:
81-
backend:
49+
services\:\
50+
\ \ signal\-api\:\
51+
\ \ \ \ image\:\ bbernhard\/signal\-cli\-rest\-api\:latest\
52+
\ \ \ \ container_name\:\ signal\-api\
53+
\ \ \ \ environment\:\
54+
\ \ \ \ \ \ \-\ MODE\=normal\
55+
\ \ \ \ volumes\:\
56+
\ \ \ \ \ \ \-\ \.\/data\:\/home\/\.local\/share\/signal\-cli\
57+
\ \ \ \ restart\:\ unless\-stopped\
58+
\ \ \ \ networks\:\
59+
\ \ \ \ \ \ backend\:\
60+
\ \ \ \ \ \ \ \ aliases\:\
61+
\ \ \ \ \ \ \ \ \ \ \-\ signal\-api\
62+
\
63+
\ \ secured\-signal\:\
64+
\ \ \ \ image\:\ ghcr\.io\/codeshelldev\/secured\-signal\-api\:latest\
65+
\ \ \ \ container_name\:\ secured\-signal\
66+
\ \ \ \ environment\:\
67+
\ \ \ \ \ \ API__URL\:\ http\:\/\/signal\-api\:8080\
68+
\ \ \ \ \ \ SETTINGS__VARIABLES__RECIPIENTS\:\
69+
\ \ \ \ \ \ \ \ \'\[\+123400002\,\ \+123400003\,\ \+123400004\]\'\
70+
\ \ \ \ \ \ SETTINGS__VARIABLES__NUMBER\:\ \"\+123400001\"\
71+
\ \ \ \ \ \ API__TOKENS\:\ \'\[LOOOOOONG_STRING\]\'\
72+
\ \ \ \ ports\:\
73+
\ \ \ \ \ \ \-\ \"8880\:8880\"\
74+
\ \ \ \ restart\:\ unless\-stopped\
75+
\ \ \ \ networks\:\
76+
\ \ \ \ \ \ backend\:\
77+
\ \ \ \ \ \ \ \ aliases\:\
78+
\ \ \ \ \ \ \ \ \ \ \-\ secured\-signal\-api\
79+
\
80+
networks\:\
81+
\ \ backend\:
8282
```
8383
8484
And add secure Token(s) to `api.tokens`. See [API TOKENs](#api-tokens).
@@ -94,109 +94,109 @@ And add secure Token(s) to `api.tokens`. See [API TOKENs](#api-tokens).
9494
Take a look at the [traefik](https://github.com/traefik/traefik) implementation:
9595

9696
```yaml
97-
services:
98-
secured-signal:
99-
image: ghcr.io/codeshelldev/secured-signal-api:latest
100-
container_name: secured-signal
101-
environment:
102-
API__URL: http://signal-api:8080
103-
SETTINGS__VARIABLES__RECIPIENTS:
104-
'[+123400002,+123400003,+123400004]'
105-
SETTINGS__VARIABLES__NUMBER: "+123400001"
106-
API__TOKENS: '[LOOOOOONG_STRING]'
107-
labels:
108-
- traefik.enable=true
109-
- traefik.http.routers.signal-api.rule=Host(`signal-api.mydomain.com`)
110-
- traefik.http.routers.signal-api.entrypoints=websecure
111-
- traefik.http.routers.signal-api.tls=true
112-
- traefik.http.routers.signal-api.tls.certresolver=cloudflare
113-
- traefik.http.routers.signal-api.service=signal-api-svc
114-
- traefik.http.services.signal-api-svc.loadbalancer.server.port=8880
115-
- traefik.docker.network=proxy
116-
restart: unless-stopped
117-
networks:
118-
proxy:
119-
backend:
120-
aliases:
121-
- secured-signal-api
122-
123-
networks:
124-
backend:
125-
proxy:
126-
external: true
97+
services\:\
98+
\ \ secured\-signal\:\
99+
\ \ \ \ image\:\ ghcr\.io\/codeshelldev\/secured\-signal\-api\:latest\
100+
\ \ \ \ container_name\:\ secured\-signal\
101+
\ \ \ \ environment\:\
102+
\ \ \ \ \ \ API__URL\:\ http\:\/\/signal\-api\:8080\
103+
\ \ \ \ \ \ SETTINGS__VARIABLES__RECIPIENTS\:\
104+
\ \ \ \ \ \ \ \ \'\[\+123400002\,\+123400003\,\+123400004\]\'\
105+
\ \ \ \ \ \ SETTINGS__VARIABLES__NUMBER\:\ \"\+123400001\"\
106+
\ \ \ \ \ \ API__TOKENS\:\ \'\[LOOOOOONG_STRING\]\'\
107+
\ \ \ \ labels\:\
108+
\ \ \ \ \ \ \-\ traefik\.enable\=true\
109+
\ \ \ \ \ \ \-\ traefik\.http\.routers\.signal\-api\.rule\=Host\(\`signal\-api\.mydomain\.com\`\)\
110+
\ \ \ \ \ \ \-\ traefik\.http\.routers\.signal\-api\.entrypoints\=websecure\
111+
\ \ \ \ \ \ \-\ traefik\.http\.routers\.signal\-api\.tls\=true\
112+
\ \ \ \ \ \ \-\ traefik\.http\.routers\.signal\-api\.tls\.certresolver\=cloudflare\
113+
\ \ \ \ \ \ \-\ traefik\.http\.routers\.signal\-api\.service\=signal\-api\-svc\
114+
\ \ \ \ \ \ \-\ traefik\.http\.services\.signal\-api\-svc\.loadbalancer\.server\.port\=8880\
115+
\ \ \ \ \ \ \-\ traefik\.docker\.network\=proxy\
116+
\ \ \ \ restart\:\ unless\-stopped\
117+
\ \ \ \ networks\:\
118+
\ \ \ \ \ \ proxy\:\
119+
\ \ \ \ \ \ backend\:\
120+
\ \ \ \ \ \ \ \ aliases\:\
121+
\ \ \ \ \ \ \ \ \ \ \-\ secured\-signal\-api\
122+
\
123+
networks\:\
124+
\ \ backend\:\
125+
\ \ proxy\:\
126+
\ \ \ \ external\:\ true
127127
```
128128

129129
#### NGINX Proxy
130130

131131
This is the [NGINX](https://github.com/nginx/nginx) `docker-compose.yaml` file:
132132

133133
```yaml
134-
services:
135-
secured-signal:
136-
image: ghcr.io/codeshelldev/secured-signal-api:latest
137-
container_name: secured-signal-api
138-
environment:
139-
API__URL: http://signal-api:8080
140-
SETTINGS__VARIABLES__RECIPIENTS: "[+123400002,+123400003,+123400004]"
141-
SETTINGS__VARIABLES__NUMBER: "+123400001"
142-
API__TOKENS: "[LOOOOOONG_STRING]"
143-
restart: unless-stopped
144-
networks:
145-
backend:
146-
aliases:
147-
- secured-signal-api
148-
149-
nginx:
150-
image: nginx:latest
151-
container_name: secured-signal-proxy
152-
volumes:
153-
- ./nginx.conf:/etc/nginx/conf.d/default.conf
154-
# Load SSL certificates: cert.key, cert.crt
155-
- ./certs:/etc/nginx/ssl
156-
ports:
157-
- "443:443"
158-
- "80:80"
159-
restart: unless-stopped
160-
networks:
161-
frontend:
162-
backend:
163-
164-
networks:
165-
backend:
166-
frontend:
134+
services\:\
135+
\ \ secured\-signal\:\
136+
\ \ \ \ image\:\ ghcr\.io\/codeshelldev\/secured\-signal\-api\:latest\
137+
\ \ \ \ container_name\:\ secured\-signal\-api\
138+
\ \ \ \ environment\:\
139+
\ \ \ \ \ \ API__URL\:\ http\:\/\/signal\-api\:8080\
140+
\ \ \ \ \ \ SETTINGS__VARIABLES__RECIPIENTS\:\ \"\[\+123400002\,\+123400003\,\+123400004\]\"\
141+
\ \ \ \ \ \ SETTINGS__VARIABLES__NUMBER\:\ \"\+123400001\"\
142+
\ \ \ \ \ \ API__TOKENS\:\ \"\[LOOOOOONG_STRING\]\"\
143+
\ \ \ \ restart\:\ unless\-stopped\
144+
\ \ \ \ networks\:\
145+
\ \ \ \ \ \ backend\:\
146+
\ \ \ \ \ \ \ \ aliases\:\
147+
\ \ \ \ \ \ \ \ \ \ \-\ secured\-signal\-api\
148+
\
149+
\ \ nginx\:\
150+
\ \ \ \ image\:\ nginx\:latest\
151+
\ \ \ \ container_name\:\ secured\-signal\-proxy\
152+
\ \ \ \ volumes\:\
153+
\ \ \ \ \ \ \-\ \.\/nginx\.conf\:\/etc\/nginx\/conf\.d\/default\.conf\
154+
\ \ \ \ \ \ \#\ Load\ SSL\ certificates\:\ cert\.key\,\ cert\.crt\
155+
\ \ \ \ \ \ \-\ \.\/certs\:\/etc\/nginx\/ssl\
156+
\ \ \ \ ports\:\
157+
\ \ \ \ \ \ \-\ \"443\:443\"\
158+
\ \ \ \ \ \ \-\ \"80\:80\"\
159+
\ \ \ \ restart\:\ unless\-stopped\
160+
\ \ \ \ networks\:\
161+
\ \ \ \ \ \ frontend\:\
162+
\ \ \ \ \ \ backend\:\
163+
\
164+
networks\:\
165+
\ \ backend\:\
166+
\ \ frontend\:
167167
```
168168

169169
Create a `nginx.conf` file in the `docker-compose.yaml` folder and mount it to `etc/nginx/conf.d/default.conf`:
170170

171171
```conf
172-
server {
173-
# Allow SSL on Port 443
174-
listen 443 ssl;
175-
176-
# Add allowed hostnames which nginx should respond to
177-
# `_` for any
178-
server_name localhost;
179-
180-
ssl_certificate /etc/nginx/ssl/cert.crt;
181-
ssl_certificate_key /etc/nginx/ssl/cert.key;
182-
183-
location / {
184-
# Use whatever network alias you set in the docker-compose file
185-
proxy_pass http://secured-signal-api:8880;
186-
proxy_set_header Host ;
187-
proxy_set_header X-Real-IP ;
188-
proxy_set_header X-Forwarded-For ;
189-
proxy_set_header X-Forwarded-Host ;
190-
proxy_set_header X-Fowarded-Proto ;
191-
}
192-
}
193-
194-
# Redirect HTTP to HTTPs
195-
server {
196-
listen 80;
197-
server_name localhost;
198-
return 301 https://;
199-
}
172+
server\ \{\
173+
\ \ \ \ \#\ Allow\ SSL\ on\ Port\ 443\
174+
\ \ \ \ listen\ 443\ ssl\;\
175+
\
176+
\ \ \ \ \#\ Add\ allowed\ hostnames\ which\ nginx\ should\ respond\ to\
177+
\ \ \ \ \#\ \`_\`\ for\ any\
178+
\ \ \ \ server_name\ localhost\;\
179+
\
180+
\ \ \ \ ssl_certificate\ \/etc\/nginx\/ssl\/cert\.crt\;\
181+
\ \ \ \ ssl_certificate_key\ \/etc\/nginx\/ssl\/cert\.key\;\
182+
\
183+
\ \ \ \ location\ \/\ \{\
184+
\ \ \ \ \ \ \ \ \#\ Use\ whatever\ network\ alias\ you\ set\ in\ the\ docker\-compose\ file\
185+
\ \ \ \ \ \ \ \ proxy_pass\ http\:\/\/secured\-signal\-api\:8880\;\
186+
\ \ \ \ \ \ \ \ proxy_set_header\ Host\ \;\
187+
\ \ \ \ \ \ \ \ proxy_set_header\ X\-Real\-IP\ \;\
188+
\ \ \ \ \ \ \ \ proxy_set_header\ X\-Forwarded\-For\ \;\
189+
\ \ \ \ \ \ \ \ proxy_set_header\ X\-Forwarded\-Host\ \;\
190+
\ \ \ \ \ \ \ \ proxy_set_header\ X\-Fowarded\-Proto\ \;\
191+
\ \ \ \ \}\
192+
\}\
193+
\
194+
\#\ Redirect\ HTTP\ to\ HTTPs\
195+
server\ \{\
196+
\ \ \ \ listen\ 80\;\
197+
\ \ \ \ server_name\ localhost\;\
198+
\ \ \ \ return\ 301\ https\:\/\/\;\
199+
\}
200200
```
201201

202202
Lastly add your `cert.key` and `cert.crt` into your `certs/` folder and mount it to `/etc/nginx/ssl`.
@@ -295,26 +295,26 @@ To change the internal config file location set `CONFIG_PATH` in your **Environm
295295
This example config shows all of the individual settings that can be applied:
296296
297297
```yaml
298-
# Example Config (all configurations shown)
299-
300-
api:
301-
port: 8880
302-
url: http://signal-api:8080
303-
tokens: [token1, token2]
304-
305-
logLevel: INFO
306-
307-
settings:
308-
variables:
309-
number: "+123400001"
310-
recipients: ["+123400002", "group.id", "user.id"]
311-
312-
messageAliases: [{ alias: "msg", score: 100 }]
313-
314-
blockedEndpoints:
315-
- /v1/about
316-
allowedEndpoints:
317-
- /v2/send
298+
\#\ Example\ Config\ \(all\ configurations\ shown\)\
299+
\
300+
api\:\
301+
\ \ port\:\ 8880\
302+
\ \ url\:\ http\:\/\/signal\-api\:8080\
303+
\ \ tokens\:\ \[token1\,\ token2\]\
304+
\
305+
logLevel\:\ INFO\
306+
\
307+
settings\:\
308+
\ \ variables\:\
309+
\ \ \ \ number\:\ \"\+123400001\"\
310+
\ \ \ \ recipients\:\ \[\"\+123400002\"\,\ \"group\.id\"\,\ \"user\.id\"\]\
311+
\
312+
\ \ messageAliases\:\ \[\{\ alias\:\ \"msg\"\,\ score\:\ 100\ \}\]\
313+
\
314+
\ \ blockedEndpoints\:\
315+
\ \ \ \ \-\ \/v1\/about\
316+
\ \ allowedEndpoints\:\
317+
\ \ \ \ \-\ \/v2\/send
318318
```
319319

320320
#### Token Configs
@@ -326,13 +326,13 @@ This way you can permission tokens by further restricting or adding [Endpoints](
326326
Here is an example:
327327

328328
```yaml
329-
tokens: [LOOOONG_STRING]
330-
331-
overrides:
332-
variables: # Disable Placeholder
333-
blockedEndpoints: # Disable Sending
334-
- /v2/send
335-
messageAliases: # Disable Aliases
329+
tokens\:\ \[LOOOONG_STRING\]\
330+
\
331+
overrides\:\
332+
\ \ variables\:\ \#\ Disable\ Placeholder\
333+
\ \ blockedEndpoints\:\ \#\ Disable\ Sending\
334+
\ \ \ \ \-\ \/v2\/send\
335+
\ \ messageAliases\:\ \#\ Disable\ Aliases
336336
```
337337

338338
### Environment
@@ -500,7 +500,9 @@ Feel free to open up an issue or create a Pull Request!
500500

501501
## Support
502502

503-
Has this Repo been helpful 👍️ to you? Then consider ⭐️'ing this Project. :)
503+
Has this Repo been helpful 👍️ to you? Then consider ⭐️'ing this Project.
504+
505+
:)
504506

505507
## License
506508

0 commit comments

Comments
 (0)