From fbc98625c04ab104f34c8fa17b9a9e070e7020b4 Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Thu, 12 Feb 2026 15:30:00 +0900 Subject: [PATCH 1/6] Stirling pdf : add login security --- Apps/Stirling-PDF/docker-compose.yml | 62 +++++++++++++++++++--------- 1 file changed, 42 insertions(+), 20 deletions(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index 527153e..525b366 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -5,6 +5,8 @@ services: image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.4.3 container_name: stirling-pdf restart: unless-stopped + networks: + - pcs expose: - 80 volumes: @@ -20,10 +22,12 @@ services: PGID: 0 PUID: 0 TZ: $TZ - DOCKER_ENABLE_SECURITY: false - SECURITY_ENABLELOGIN: false + DOCKER_ENABLE_SECURITY: true + SECURITY_ENABLELOGIN: true + SECURITY_INITIALLOGIN_USERNAME: admin + SECURITY_INITIALLOGIN_PASSWORD: $default_pwd DISABLE_ADDITIONAL_FEATURES: true - SYSTEM_DEFAULTLOCALE: en_US + SYSTEM_DEFAULTLOCALE: $TZ INSTALL_BOOK_AND_ADVANCED_HTML_OPS: false TMPDIR: /tmp # Optimized Java memory management - prevents OOM errors and improves stability @@ -38,6 +42,10 @@ services: memory: 2G # Reserve minimum memory cpu_shares: 50 # Standard application priority +networks: + pcs: + external: true + x-casaos: architectures: - amd64 @@ -47,12 +55,6 @@ x-casaos: author: Yundera Team category: Office developer: Stirling Tools - pre-install-cmd: | - docker run --rm -v /DATA/AppData/$AppID:/data ubuntu:22.04 sh -c ' - mkdir -p /data/tessdata /data/configs /data/logs /data/customFiles /data/pipeline /data/tmp && - chmod -R 777 /data && - echo "Directories created and permissions set successfully" - ' description: en_us: | **Your complete PDF toolkit - everything you need to work with PDF files, right from your web browser.** @@ -184,8 +186,12 @@ x-casaos: **⏰ Setup Time:** This app takes about 5-10 minutes to set up after installation. Please be patient and wait before trying to access it. - **🔓 No Login Required:** - This app is configured without authentication for easier access. All PDF processing happens locally on your server. (See rationale.md for security justification) + **🔒 Login Required:** + This app has built-in login protection for security. + • Username: `admin` + • Password: Auto-generated (same as $default_pwd) + + After installation, visit the app and log in with the credentials above. **✨ Features Available:** • Split, merge, and organize PDFs @@ -212,8 +218,12 @@ x-casaos: **⏰ 설정 시간:** 이 앱은 설치 후 설정이 완료되기까지 약 5-10분이 걸립니다. 인내심을 갖고 접속하기 전에 기다려 주세요. - **🔓 로그인 필요 없음:** - 이 앱은 쉬운 접근을 위해 인증 없이 구성되었습니다. 모든 PDF 처리는 로컬 서버에서 이루어집니다. (보안 정당성은 rationale.md 참조) + **🔒 로그인 필요:** + 이 앱은 보안을 위해 내장 로그인으로 보호됩니다. + • 사용자명: `admin` + • 비밀번호: 자동 생성됨 ($default_pwd와 동일) + + 설치 후 앱을 방문하여 위 자격 증명으로 로그인하세요. **✨ 사용 가능한 기능:** • PDF 분할, 병합, 정리 @@ -240,8 +250,12 @@ x-casaos: **⏰ 设置时间:** 此应用在安装后需要约5-10分钟来完成设置。请耐心等待,在尝试访问之前请等待。 - **🔓 无需登录:** - 此应用配置为无身份验证,以便于访问。所有PDF处理都在本地服务器上进行。(安全性理由见rationale.md) + **🔒 需要登录:** + 此应用具有内置登录保护以确保安全。 + • 用户名:`admin` + • 密码:自动生成(与$default_pwd相同) + + 安装后,访问应用并使用上述凭据登录。 **✨ 可用功能:** • PDF拆分、合并和整理 @@ -268,8 +282,12 @@ x-casaos: **⏰ Temps d'installation :** Cette application prend environ 5-10 minutes pour s'installer après l'installation. Veuillez être patient et attendre avant d'essayer d'y accéder. - **🔓 Aucune connexion requise :** - Cette application est configurée sans authentification pour un accès plus facile. Tout le traitement PDF se fait localement sur votre serveur. (Voir rationale.md pour la justification de sécurité) + **🔒 Connexion requise :** + Cette application dispose d'une protection de connexion intégrée pour la sécurité. + • Nom d'utilisateur : `admin` + • Mot de passe : Généré automatiquement (identique à $default_pwd) + + Après l'installation, visitez l'application et connectez-vous avec les identifiants ci-dessus. **✨ Fonctionnalités disponibles :** • Diviser, fusionner et organiser les PDF @@ -296,8 +314,12 @@ x-casaos: **⏰ Tiempo de configuración:** Esta aplicación toma aproximadamente 5-10 minutos para configurarse después de la instalación. Por favor ten paciencia y espera antes de intentar acceder. - **🔓 Sin inicio de sesión requerido:** - Esta aplicación está configurada sin autenticación para un acceso más fácil. Todo el procesamiento de PDF ocurre localmente en tu servidor. (Ver rationale.md para justificación de seguridad) + **🔒 Inicio de sesión requerido:** + Esta aplicación tiene protección de inicio de sesión integrada por seguridad. + • Usuario: `admin` + • Contraseña: Generada automáticamente (igual que $default_pwd) + + Después de la instalación, visita la aplicación e inicia sesión con las credenciales anteriores. **✨ Características disponibles:** • Dividir, combinar y organizar PDFs @@ -320,4 +342,4 @@ x-casaos: **Cómo usar:** ¡Sube archivos PDF a través de tu navegador web y comienza a editarlos de inmediato! - index: / \ No newline at end of file + index: /login \ No newline at end of file From 16dbc9d353ea98d9b542aacea389a25e48831939 Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Fri, 13 Feb 2026 15:28:08 +0900 Subject: [PATCH 2/6] update stirling pdf -> add login/password --- Apps/Stirling-PDF/docker-compose.yml | 69 +++++++++++++--------------- 1 file changed, 31 insertions(+), 38 deletions(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index 525b366..76f5ab8 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -5,10 +5,11 @@ services: image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.4.3 container_name: stirling-pdf restart: unless-stopped - networks: - - pcs expose: - 80 + labels: + - "caddy=stirlingpdf-${APP_DOMAIN}" + - "caddy.reverse_proxy={{upstreams 80}}" volumes: - /DATA/AppData/$AppID/tessdata/:/usr/share/tessdata - /DATA/AppData/$AppID/configs/:/configs @@ -25,9 +26,9 @@ services: DOCKER_ENABLE_SECURITY: true SECURITY_ENABLELOGIN: true SECURITY_INITIALLOGIN_USERNAME: admin - SECURITY_INITIALLOGIN_PASSWORD: $default_pwd + SECURITY_INITIALLOGIN_PASSWORD: $PCS_DEFAULT_PASSWORD DISABLE_ADDITIONAL_FEATURES: true - SYSTEM_DEFAULTLOCALE: $TZ + SYSTEM_DEFAULTLOCALE: en_US INSTALL_BOOK_AND_ADVANCED_HTML_OPS: false TMPDIR: /tmp # Optimized Java memory management - prevents OOM errors and improves stability @@ -42,10 +43,6 @@ services: memory: 2G # Reserve minimum memory cpu_shares: 50 # Standard application priority -networks: - pcs: - external: true - x-casaos: architectures: - amd64 @@ -55,6 +52,12 @@ x-casaos: author: Yundera Team category: Office developer: Stirling Tools + pre-install-cmd: | + docker run --rm -v /DATA/AppData/$AppID:/data ubuntu:22.04 sh -c ' + mkdir -p /data/tessdata /data/configs /data/logs /data/customFiles /data/pipeline /data/tmp && + chmod -R 777 /data && + echo "Directories created and permissions set successfully" + ' description: en_us: | **Your complete PDF toolkit - everything you need to work with PDF files, right from your web browser.** @@ -187,11 +190,9 @@ x-casaos: This app takes about 5-10 minutes to set up after installation. Please be patient and wait before trying to access it. **🔒 Login Required:** - This app has built-in login protection for security. - • Username: `admin` - • Password: Auto-generated (same as $default_pwd) - - After installation, visit the app and log in with the credentials above. + | Username | Password | + | -------- | -------- | + | `admin` | `$PCS_DEFAULT_PASSWORD` | **✨ Features Available:** • Split, merge, and organize PDFs @@ -202,7 +203,7 @@ x-casaos: • Compress PDFs to reduce file size **🌐 Access:** - Once ready, your app will be available at `https://stirlingpdf-[username].nsl.sh` + Once ready, your app will be available at `https://stirlingpdf-username.nsl.sh` **💡 New in V2.4.3:** • Stateful Processing - Upload once, use across multiple tools @@ -219,11 +220,9 @@ x-casaos: 이 앱은 설치 후 설정이 완료되기까지 약 5-10분이 걸립니다. 인내심을 갖고 접속하기 전에 기다려 주세요. **🔒 로그인 필요:** - 이 앱은 보안을 위해 내장 로그인으로 보호됩니다. - • 사용자명: `admin` - • 비밀번호: 자동 생성됨 ($default_pwd와 동일) - - 설치 후 앱을 방문하여 위 자격 증명으로 로그인하세요. + | 사용자명 | 비밀번호 | + | -------- | -------- | + | `admin` | `$PCS_DEFAULT_PASSWORD` | **✨ 사용 가능한 기능:** • PDF 분할, 병합, 정리 @@ -234,7 +233,7 @@ x-casaos: • PDF 압축으로 파일 크기 줄이기 **🌐 접근:** - 준비가 되면 `https://stirlingpdf-[username].nsl.sh`로 앱에 접근할 수 있습니다! + 준비가 되면 `https://stirlingpdf-username.nsl.sh`로 앱에 접근할 수 있습니다! **💡 V2.4.3 새로운 기능:** • Stateful Processing - 한 번 업로드로 여러 도구에서 사용 @@ -251,11 +250,9 @@ x-casaos: 此应用在安装后需要约5-10分钟来完成设置。请耐心等待,在尝试访问之前请等待。 **🔒 需要登录:** - 此应用具有内置登录保护以确保安全。 - • 用户名:`admin` - • 密码:自动生成(与$default_pwd相同) - - 安装后,访问应用并使用上述凭据登录。 + | 用户名 | 密码 | + | ------ | ---- | + | `admin` | `$PCS_DEFAULT_PASSWORD` | **✨ 可用功能:** • PDF拆分、合并和整理 @@ -266,7 +263,7 @@ x-casaos: • 压缩PDF以减少文件大小 **🌐 访问:** - 准备就绪后,您的应用将通过`https://stirlingpdf-[username].nsl.sh`可用! + 准备就绪后,您的应用将通过`https://stirlingpdf-username.nsl.sh`可用! **💡 V2.4.3 新功能:** • 状态处理 - 上传一次,跨多个工具使用 @@ -283,11 +280,9 @@ x-casaos: Cette application prend environ 5-10 minutes pour s'installer après l'installation. Veuillez être patient et attendre avant d'essayer d'y accéder. **🔒 Connexion requise :** - Cette application dispose d'une protection de connexion intégrée pour la sécurité. - • Nom d'utilisateur : `admin` - • Mot de passe : Généré automatiquement (identique à $default_pwd) - - Après l'installation, visitez l'application et connectez-vous avec les identifiants ci-dessus. + | Nom d'utilisateur | Mot de passe | + | ----------------- | ------------ | + | `admin` | `$PCS_DEFAULT_PASSWORD` | **✨ Fonctionnalités disponibles :** • Diviser, fusionner et organiser les PDF @@ -298,7 +293,7 @@ x-casaos: • Compresser les PDF pour réduire la taille **🌐 Accès :** - Une fois prêt, votre application sera disponible à `https://stirlingpdf-[username].nsl.sh` ! + Une fois prêt, votre application sera disponible à `https://stirlingpdf-username.nsl.sh` ! **💡 Nouveautés V2.4.3 :** • Traitement avec état - Téléchargez une fois, utilisez sur plusieurs outils @@ -315,11 +310,9 @@ x-casaos: Esta aplicación toma aproximadamente 5-10 minutos para configurarse después de la instalación. Por favor ten paciencia y espera antes de intentar acceder. **🔒 Inicio de sesión requerido:** - Esta aplicación tiene protección de inicio de sesión integrada por seguridad. - • Usuario: `admin` - • Contraseña: Generada automáticamente (igual que $default_pwd) - - Después de la instalación, visita la aplicación e inicia sesión con las credenciales anteriores. + | Usuario | Contraseña | + | ------- | ---------- | + | `admin` | `$PCS_DEFAULT_PASSWORD` | **✨ Características disponibles:** • Dividir, combinar y organizar PDFs @@ -330,7 +323,7 @@ x-casaos: • Comprimir PDFs para reducir el tamaño **🌐 Acceso:** - Una vez listo, tu aplicación estará disponible en `https://stirlingpdf-[username].nsl.sh`! + Una vez listo, tu aplicación estará disponible en `https://stirlingpdf-username.nsl.sh`! **💡 Novedades V2.4.3:** • Procesamiento con estado - Sube una vez, usa en múltiples herramientas From 112b2509d112ff726a114b53f19c7b1a69820c45 Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Fri, 13 Feb 2026 19:17:14 +0900 Subject: [PATCH 3/6] no message --- Apps/Stirling-PDF/docker-compose.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index 76f5ab8..810e6fd 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -20,8 +20,8 @@ services: - /DATA/AppData/$AppID/tmp/:/tmp user: "0:0" # Root user required for Java runtime and PDF tools - see rationale.md environment: - PGID: 0 - PUID: 0 + PGID: $PGID + PUID: $PUID TZ: $TZ DOCKER_ENABLE_SECURITY: true SECURITY_ENABLELOGIN: true @@ -33,7 +33,7 @@ services: TMPDIR: /tmp # Optimized Java memory management - prevents OOM errors and improves stability JAVA_TOOL_OPTIONS: "-XX:+UnlockExperimentalVMOptions -XX:MaxRAMPercentage=70 -XX:InitialRAMPercentage=40 -XX:MinRAMPercentage=30 -XX:+UseG1GC -XX:+UseStringDeduplication -XX:G1PeriodicGCInterval=30000 -XX:MaxGCPauseMillis=200 -XX:+ParallelRefProcEnabled -Djava.io.tmpdir=/tmp" - SERVER_PORT: 80 # Run on port 80 for NSL router compatibility + SERVER_PORT: 80 # Run on port 80 for Caddy reverse proxy deploy: resources: limits: @@ -41,23 +41,24 @@ services: cpus: '1.0' # Increased from 1.0 for better performance reservations: memory: 2G # Reserve minimum memory - cpu_shares: 50 # Standard application priority + networks: + - pcs + cpu_shares: 70 # Interactive + Heavy Tasks (PDF conversion, OCR, compression) + +networks: + pcs: + external: true x-casaos: architectures: - amd64 - arm64 main: stirlingpdf + store_app_id: stirlingpdf webui_port: 80 author: Yundera Team category: Office developer: Stirling Tools - pre-install-cmd: | - docker run --rm -v /DATA/AppData/$AppID:/data ubuntu:22.04 sh -c ' - mkdir -p /data/tessdata /data/configs /data/logs /data/customFiles /data/pipeline /data/tmp && - chmod -R 777 /data && - echo "Directories created and permissions set successfully" - ' description: en_us: | **Your complete PDF toolkit - everything you need to work with PDF files, right from your web browser.** From f7043de494de57d623b3bda2b6b81ada0b7845b7 Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Tue, 24 Feb 2026 18:51:11 +0900 Subject: [PATCH 4/6] no message --- Apps/Stirling-PDF/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index 810e6fd..af15140 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -2,7 +2,7 @@ name: stirlingpdf services: stirlingpdf: - image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.4.3 + image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.5.2 container_name: stirling-pdf restart: unless-stopped expose: From c9ffd15e36bccd64fe2a382e4b90173ef9b4a5ec Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Tue, 24 Feb 2026 18:51:23 +0900 Subject: [PATCH 5/6] Revert "no message" This reverts commit 112b2509d112ff726a114b53f19c7b1a69820c45. --- Apps/Stirling-PDF/docker-compose.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index af15140..5ab7e8e 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -20,8 +20,8 @@ services: - /DATA/AppData/$AppID/tmp/:/tmp user: "0:0" # Root user required for Java runtime and PDF tools - see rationale.md environment: - PGID: $PGID - PUID: $PUID + PGID: 0 + PUID: 0 TZ: $TZ DOCKER_ENABLE_SECURITY: true SECURITY_ENABLELOGIN: true @@ -33,7 +33,7 @@ services: TMPDIR: /tmp # Optimized Java memory management - prevents OOM errors and improves stability JAVA_TOOL_OPTIONS: "-XX:+UnlockExperimentalVMOptions -XX:MaxRAMPercentage=70 -XX:InitialRAMPercentage=40 -XX:MinRAMPercentage=30 -XX:+UseG1GC -XX:+UseStringDeduplication -XX:G1PeriodicGCInterval=30000 -XX:MaxGCPauseMillis=200 -XX:+ParallelRefProcEnabled -Djava.io.tmpdir=/tmp" - SERVER_PORT: 80 # Run on port 80 for Caddy reverse proxy + SERVER_PORT: 80 # Run on port 80 for NSL router compatibility deploy: resources: limits: @@ -41,24 +41,23 @@ services: cpus: '1.0' # Increased from 1.0 for better performance reservations: memory: 2G # Reserve minimum memory - networks: - - pcs - cpu_shares: 70 # Interactive + Heavy Tasks (PDF conversion, OCR, compression) - -networks: - pcs: - external: true + cpu_shares: 50 # Standard application priority x-casaos: architectures: - amd64 - arm64 main: stirlingpdf - store_app_id: stirlingpdf webui_port: 80 author: Yundera Team category: Office developer: Stirling Tools + pre-install-cmd: | + docker run --rm -v /DATA/AppData/$AppID:/data ubuntu:22.04 sh -c ' + mkdir -p /data/tessdata /data/configs /data/logs /data/customFiles /data/pipeline /data/tmp && + chmod -R 777 /data && + echo "Directories created and permissions set successfully" + ' description: en_us: | **Your complete PDF toolkit - everything you need to work with PDF files, right from your web browser.** From d2785201c67ed849e1821ca647b86287e030b3de Mon Sep 17 00:00:00 2001 From: BookJJun-IJ Date: Tue, 24 Feb 2026 18:53:03 +0900 Subject: [PATCH 6/6] Stirling-PDF update 2.4.3 -> 2.5.2 --- Apps/Stirling-PDF/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Apps/Stirling-PDF/docker-compose.yml b/Apps/Stirling-PDF/docker-compose.yml index 810e6fd..af15140 100644 --- a/Apps/Stirling-PDF/docker-compose.yml +++ b/Apps/Stirling-PDF/docker-compose.yml @@ -2,7 +2,7 @@ name: stirlingpdf services: stirlingpdf: - image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.4.3 + image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.5.2 container_name: stirling-pdf restart: unless-stopped expose: