From a9272e438729fabc288a5312fa92d940d0a4ee60 Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Tue, 22 Feb 2022 15:49:36 +0800
Subject: [PATCH] add shadowbox

---
 README.md                                     |  1 +
 shadowbox/README.md                           | 22 +++++++++++++++++
 shadowbox/data/state/remote_access.json       |  4 ++++
 .../data/state/shadowbox_server_config.json   |  4 ++++
 shadowbox/docker-compose.yml                  | 24 +++++++++++++++++++
 5 files changed, 55 insertions(+)
 create mode 100644 shadowbox/README.md
 create mode 100644 shadowbox/data/state/remote_access.json
 create mode 100644 shadowbox/data/state/shadowbox_server_config.json
 create mode 100644 shadowbox/docker-compose.yml

diff --git a/README.md b/README.md
index 89220b3..de6faf3 100644
--- a/README.md
+++ b/README.md
@@ -428,6 +428,7 @@ A collection of delicious docker recipes.
 - [x] ansiblesemaphore/semaphore
 - [x] sentry
 - [x] atmoz/sftp
+- [x] quay.io/outline/shadowbox
 - [x] shlinkio/shlink
 - [x] snipe/snipe-it
 - [x] valeriansaliou/sonic
diff --git a/shadowbox/README.md b/shadowbox/README.md
new file mode 100644
index 0000000..1934f77
--- /dev/null
+++ b/shadowbox/README.md
@@ -0,0 +1,22 @@
+shadowbox
+=========
+
+## up and running
+
+```bash
+$ mkdir -p data/{certs,state}
+$ cd data/certs/
+$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj '/CN=localhost' -keyout easypi.key -out easypi.crt
+$ openssl x509 -in easypi.crt -noout -sha256 -fingerprint | cut -d= -f2 | tr -d :
+$ docker-compose up -d
+$ curl -s -k https://127.0.0.1:8081/easypi/access-keys
+```
+
+## remote management
+
+```bash
+$ ssh -N -L 8081:localhost:8081 remote-server
+$ open -a 'Outline Manager'
+```
+
+API: <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/shadowbox/server/api.yml>
diff --git a/shadowbox/data/state/remote_access.json b/shadowbox/data/state/remote_access.json
new file mode 100644
index 0000000..1b2d5e5
--- /dev/null
+++ b/shadowbox/data/state/remote_access.json
@@ -0,0 +1,4 @@
+{
+  "apiUrl": "https://127.0.0.1:8081/easypi",
+  "certSha256": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+}
diff --git a/shadowbox/data/state/shadowbox_server_config.json b/shadowbox/data/state/shadowbox_server_config.json
new file mode 100644
index 0000000..9344c52
--- /dev/null
+++ b/shadowbox/data/state/shadowbox_server_config.json
@@ -0,0 +1,4 @@
+{
+  "hostname": "x.x.x.x",
+  "portForNewAccessKeys": 8443
+}
diff --git a/shadowbox/docker-compose.yml b/shadowbox/docker-compose.yml
new file mode 100644
index 0000000..50495e4
--- /dev/null
+++ b/shadowbox/docker-compose.yml
@@ -0,0 +1,24 @@
+version: "3.8"
+services:
+  shadowbox:
+    image: quay.io/outline/shadowbox:stable
+    ports:
+      - "127.0.0.1:8081:8081/tcp"
+      - "8443:8443/tcp"
+      - "8443:8443/udp"
+    volumes:
+      - ./data/certs:/opt/outline-server/certs
+      - ./data/state:/opt/outline-server/state
+    environment:
+      - LOG_LEVEL=debug
+      - SB_STATE_DIR=/opt/outline-server/state
+      - SB_API_PORT=8081
+      - SB_API_PREFIX=easypi
+      # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj '/CN=localhost' -keyout easypi.key -out easypi.crt
+      # openssl x509 -in easypi.crt -noout -sha256 -fingerprint | cut -d= -f2 | tr -d :
+      - SB_CERTIFICATE_FILE=/opt/outline-server/certs/easypi.crt
+      - SB_PRIVATE_KEY_FILE=/opt/outline-server/certs/easypi.key
+      - SB_METRICS_URL=
+      - SB_DEFAULT_SERVER_NAME=EasyPi
+    stop_signal: SIGKILL
+    restart: unless-stopped