~nch/phrog

a super minimal project log cms (demo at https://c.har.li/projects/)
add libmagic install to dockerfile
fix width/height of output stream
add basic video support

clone

read-only
https://git.sr.ht/~nch/phrog
read/write
git@git.sr.ht:~nch/phrog

You can also use your local clone with git send-email.

#phrog

  @..@
 (____)
(>____<)
 ^^~~^^

a simple phroject log cms (the 'h' is silent)

A really simple project log, so I can pop screenshots onto my blog easily.

Authentication is based on IP (for use with a VPN solution like tailscale).

#Setup

To run your own instance:

  • Clone the repo to ./phrog
  • Create a docker-compose file with a tailscale sidecar and phrog:
tailscale:
  hostname: phrogtailscale
  image: tailscale/tailscale:stable
  volumes:
    - ./tailscale_var_lib:/var/lib
    - /dev/net/tun:/dev/net/tun
  cap_add:
    - net_admin
    - sys_module
  command: tailscaled
phrog:
  build: ./phrog
  network_mode: service:tailscale
  command: gunicorn phrog:app --env --workers 4 --threads 4 --bind 0.0.0.0:5000 --log-level info
  volumes:
    - ./phrog/phrog.db:/usr/src/app/phrog.db
  • docker-compose up will bring up the phrog service in a docker container accessible via tailscale.
  • You can get to it at http://phrogtailscale:5000 (and access the admin via /admin if your machine's IP is on the whitelist).
  • Setup an nginx reverse proxy
upstream phrog {
    server tailscale:5000;
}

...

location /projects {
    proxy_pass http://phrog;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_redirect off;
}
  • Get your client machine's IP and add it to the whitelist with (initial bootstrap step, you can add IPs from the admin console after).
# on client machine
$ echo TAILSCALE_IP=$(tailscale ip | head -n1)

# on machine running phrog
$ TAILSCALE_IP=<ip from above>
$ sqlite3 phrog/phrog.db "insert into allowed_ips (ip) values ('$TAILSCALE_IP')"