Use Chevereto-free to Build a Private Image Bed

Motivation

When blogging online, it is possible that the same article needs to be uploaded to different platforms. For example, some articles will be placed on this website as well as in the README of the project’s GitHub repository. At this time, if the pictures in the article use local pictures, you need to put a copy on different platforms, which is not easy to update and manage in a unified manner.Hence the idea of building a personal drawing bed To unify the idea of managing these pictures.

Use the private picture bed, and directly insert the link of the picture in the private picture bed when writing an article to quote the picture, which is convenient for unified management in the future.

Prerequisites

docker and docker compose
Domain name (secondary domain name is enough)
acme.sh (to generate SSL certificate)
nginx (reverse proxy)

For the installation and preparation of the above software and tools, please refer to “Building a Personal Cloud Network Disk using Nextcloud and Docker”

Install Chevereto

Configure docker-compose

Since we have generated the SSL certificate and configured nginx above, we only need to configure Chevereto in docker.

Here I have created a separate partition on the hard disk of the server as the installation root directory of Chevereto.Create docker-compose.yml file in the root directory of Chevereto installation, write the following content:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41


version: "3.2"

services:
  database:
    container_name: chevereto-free_database
    image: mariadb:focal
    networks:
      - chevereto_network
    volumes:
      - ./database:/var/lib/mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: your_root_password
      MYSQL_DATABASE: chevereto
      MYSQL_USER: chevereto
      MYSQL_PASSWORD: your_user_password

  chevereto:
    container_name: chevereto-free_app
    image: ghcr.io/rodber/chevereto-free:1.6
    networks:
      - chevereto_network
    volumes:
      - ./images:/var/www/html/images/
      - ./content:/var/www/html/content/
    ports:
      - 8810:80
    restart: always
    environment:
      CHEVERETO_TAG: "free"
      CHEVERETO_DB_HOST: database
      CHEVERETO_DB_USER: chevereto
      CHEVERETO_DB_PASS: your_chevereto_password
      CHEVERETO_DB_PORT: 3306
      CHEVERETO_DB_NAME: chevereto
      CHEVERETO_DISABLE_UPDATE_HTTP: 1
      CHEVERETO_DISABLE_UPDATE_CLI: 1
      CHEVERETO_HTTPS: 0

networks:
  chevereto_network:

Here you need to change “MYSQL_ROOT_PASSSWORD” and “MYSQL_PASSWORD” to the database password you set yourself, and you can also change the names of “MYSQL_DATABASE” and “MYSQL_USER”.

Build containers with docker-compose

Execute the following command in the Nextcloud installation root directory to build the container:

1

sudo docker-compose up -d

Domain Certificates and Reverse Proxy

Generate a free domain name certificate with acme.sh

The specific process can be found inHow This Website Was Built 2 – Hugo Framework for Personal Blog Website。

The main steps are as follows:

Generate the certificate using the following command:

1

acme.sh --issue --dns dns_ali -d your.domain.name

Use the following command to copy the certificate to your nextcloud directory. For example, I created a new folder cert in the nextcloud installation directory to store the certificate file:
1 2 3

acme.sh --install-cert -d your.domain.name \ --key-file your_cert_path/key.pem \ --fullchain-file your_cert_path/cert.pem

Set up a reverse proxy with nginx

Create a new configuration file nextcloud.conf in the configuration directory of nginx as the reverse proxy configuration file of the cloud network disk, write in the file:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39


upstream your.domain.name {  
    server 127.0.0.1:8810; 
}

server {
    listen 80;
    server_name  your.domain.name;
    return 301 https://your.domain.name$request_uri;
}

server {
    listen 443 ssl;
    server_name  your.domain.name;
    gzip on;    

    # ssl 配置
    ssl_certificate your_cert_path/cert.pem;
    ssl_certificate_key your_cert_path/key.pem;

    location / {
        proxy_redirect off;
        proxy_pass http://your.domain.name;

        proxy_set_header  Host                $http_host;
        proxy_set_header  X-Real-IP           $remote_addr;
        proxy_set_header  X-Forwarded-Ssl     on;
        proxy_set_header  X-Forwarded-For     $proxy_add_x_forwarded_for;
        proxy_set_header  X-Forwarded-Proto   $scheme;
        proxy_set_header  X-Frame-Options     SAMEORIGIN;

        client_max_body_size        100m;
        client_body_buffer_size     128k;

        proxy_buffer_size           4k;
        proxy_buffers               4 32k;
        proxy_busy_buffers_size     64k;
        proxy_temp_file_write_size  64k;
    }
}

Here I use port 8810 as the service port of Chevereto, and limit users to upload files up to 100 M.The SSL certificate is stored in the location specified in the previous step.

After the configuration is complete, restart the nginx service to make the changes take effect:

1

sudo service nginx restart

Initialization and Subsequent Setup

After completing the above steps, you can access your private picture bed from the browser!Enter the URL of the picture bed in the browser, for example, mine is https://img.jinli.io.You will enter the following page:

Chevereto Sign In

I forgot whether I need to do additional settings when entering this page for the first time, but it should be easy to complete as long as you follow the prompts.

Then follow the prompts to create a user name and password, and you can log in!