User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
services:alist [2025/03/19 08:50] – created willyservices:alist [2025/07/25 07:34] (current) willy
Line 1: Line 1:
-====== AList  ======+====== OpenList  ======
  
-[[https://alist.nn.ci/|AList]] is a nice tool to make your shares accessible online.+[[https://doc.oplist.org/|OpenList]] is a nice tool to make your shares accessible online. Initially developed as //AList//, around mid 2025 it has then beed forked by the OpenListTeam, because //AList// has been sold/moved to a new company that has been cought doing shady stuff on the sources.
  
 +The funny thing is that this is a Chinese devleoped open source app. You can see it by the quality of the translations, somehow this make it more interesting to me, as non-English Open Source community needs to be helped and supported as much as possible for a richer and more diverse ecosystem. I am not bothered by //security// since i trust China not less nor more than the US (or whatever other country...).
  
 +I admire how OpenList guys are trying hard to provide english documentation, and it's another positive point toward the project, which is also actively maintained.
 +
 +The fuss around the AList/OpenList migration also proved how resillient can Open Source be.
  
  
 ===== Installation ===== ===== Installation =====
  
-Very simple to host without containers.+Since i installed AList then migrated to OpenList, i will keep the older paths references to AList in the following, to match my setup. Feel free to rename any AList reference to OpenList. 
 + 
 +Very simple to host without containers, the porject releases binary packages on GitHub. Download your preferred release [[https://github.com/OpenListTeam/OpenList/releases|here]], grab the appropriate binary (linux, amd64, or whatever your self hosting architecture is).
  
-Download release [[https://github.com/AlistGo/alist/releases|here]]+The OpenList will need to be installed as user //fileserver// and group //users//, see [[selfhost:fileserver|this page]] for more details.
  
-as user //fileserver// and group //users// (see [[selfhost:fileserver|this page]] for more details.+The daemon itself will be stored under **/dada/daemons/fileserver**, while it's data will be split between: 
 +  * /data/shares/alist_data: config file and SQLite database 
 +  * /var/log/alist: logs (autorotated) 
 +  * /tmp/alist_datatemp files and such
  
 +So:
 <code bash> <code bash>
 useradd -m -d /data/daemons/fileserver -g users fileserver useradd -m -d /data/daemons/fileserver -g users fileserver
 mkdir /var/log/alist mkdir /var/log/alist
 chown fileserver:users /var/log/alist chown fileserver:users /var/log/alist
 +mkdir /data/shares/alist_data
 +chown fileserver /data/shares/alist_data
 su - fileserver su - fileserver
-wget https://github.com/AlistGo/alist/releases/download/<< version >>/alist-linux-amd64.tar.gz+wgethttps://github.com/OpenListTeam/OpenList/releases/download/<< version >>/alist-linux-amd64.tar.gz
 mkdir bin mkdir bin
 cd bin cd bin
-tar xvf ../alist-linux-amd64.tar.gz+tar xvf ../openlist-linux-amd64.tar.gz
 </code> </code>
  
-AList config file and support data will be located under **/data/daemons/fileserver/alist_data**.+AList config file and support data will be located under **/data/shares/alist_data**.
  
 ===== Initial offline configuration ===== ===== Initial offline configuration =====
Line 31: Line 43:
 Run AList once to generate admin password, then replace it with one of you choice: Run AList once to generate admin password, then replace it with one of you choice:
 <code bash> <code bash>
-/data/daemons/fileserver/bin/alist --data /data/daemons/fileserver/alist_data admin +/data/daemons/fileserver/bin/alist --data /data/shares/alist_data admin 
-INFO[2025-03-19 09:34:53] reading config file: /data/daemons/fileserver/alist_data/config.json +INFO[2025-03-19 09:34:53] reading config file: /data/shares/alist_data/config.json 
 INFO[2025-03-19 09:34:53] config file not exists, creating default config file  INFO[2025-03-19 09:34:53] config file not exists, creating default config file 
 INFO[2025-03-19 09:34:53] load config from env with prefix: ALIST_      INFO[2025-03-19 09:34:53] load config from env with prefix: ALIST_     
 INFO[2025-03-19 09:34:53] init logrus...                                INFO[2025-03-19 09:34:53] init logrus...                               
 INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD  INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD 
-INFO[2025-03-19 09:34:53] Admin user's username: admin                 +INFO[2025-03-19 09:34:53] Admin user s username: admin                 
 INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed  INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed 
 INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random]  INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random] 
 INFO[2025-03-19 09:34:53] You can also set a new password by running [alist admin set NEW_PASSWORD]  INFO[2025-03-19 09:34:53] You can also set a new password by running [alist admin set NEW_PASSWORD] 
-fileserver@casa ~/bin $ ./alist --data /data/daemons/fileserver/alist_data admin set new_password +fileserver@casa ~/bin $ ./alist --data /data/shares/alist_data admin set new_password 
-INFO[2025-03-19 09:35:35] reading config file: /data/daemons/fileserver/alist_data/config.json +INFO[2025-03-19 09:35:35] reading config file: /data/shares/alist_data/config.json 
 INFO[2025-03-19 09:35:35] load config from env with prefix: ALIST_      INFO[2025-03-19 09:35:35] load config from env with prefix: ALIST_     
 INFO[2025-03-19 09:35:35] init logrus...                                INFO[2025-03-19 09:35:35] init logrus...                               
Line 50: Line 62:
 </code> </code>
  
-Now edit the configuration file **/data/daemons/fileserver/alist_data/config.json** and at leat change the following values:+Now edit the configuration file **/data/shares/alist_data/config.json** and at leat change the following values:
 <code> <code>
   "site_url": "https://drive.mydomain.com",   "site_url": "https://drive.mydomain.com",
Line 62: Line 74:
     "name": "/var/log/alist/alist.log",     "name": "/var/log/alist/alist.log",
  
 +  "database": {
 +    "db_file": "/data/shares/alist_data/data.db",
 +
 +  "temp_dir": "/tmp/alist_data/temp",
 +  "bleve_dir": "/tmp/alist_data/bleve",
 </code> </code>
  
Line 80: Line 97:
         error_log /var/log/nginx/drive.mydomain.com_error_log info;         error_log /var/log/nginx/drive.mydomain.com_error_log info;
  
-        location / { +        proxy_cache off; 
-               proxy_pass http://127.0.0.1:5244; +        proxy_max_temp_file_size 0; 
-                proxy_set_header Connection $http_connection+ 
-                proxy_set_header Connection 'upgrade'+       location / { 
-                proxy_cache_bypass $http_upgrade;+                proxy_pass http://127.0.0.1:5244; 
 +                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
 +                proxy_set_header X-Forwarded-Proto $scheme
 +                proxy_set_header Host $http_host; 
 +                proxy_set_header X-Real-IP $remote_addr; 
 +                proxy_set_header Range $http_range; 
 +                proxy_set_header If-Range $http_if_range; 
 +                proxy_redirect off; 
 +                client_max_body_size 20000m;
         }         }
 +
         include com.mydomain/certbot.conf;         include com.mydomain/certbot.conf;
 } }
Line 97: Line 123:
 Now start is manually once, or follow the autostart instruction below. Now start is manually once, or follow the autostart instruction below.
 <code bash> <code bash>
-/data/daemons/fileserver/bin/alist --data /data/daemons/fileserver/alist_data server+/data/daemons/fileserver/bin/alist --data /data/shares/alist_data server
 </code> </code>
- 
  
 Point your browser to **drive.mydomain.com** and login as **admin** with the password you changed above. Point your browser to **drive.mydomain.com** and login as **admin** with the password you changed above.
  
 You need to go to the settings page and adapt the settings to your liking. You need to go to the settings page and adapt the settings to your liking.
 +
 +=== General ===
 +
 +From //Manage// go to //Settings//.
 +The following settings can be interesting to edit.
 +
 +Under **site** settings:
 +  * title: title of your web page
 +  *  Announcement: write your announcement message or URL here
 +  * Pagination type: i suggest you enable pagination and set it to a resonable value to avoid too long loading times for huge folders
 +  * Allow indexed / Allow mounted: so far, it's unclear to me what they are for.
 +
 +Under **style** settings:
 +  * Replace Logo URL with a locally distributed file (recomended)
 +  * Replace favicon URL with a locally distributed file (recomended)
 +  * Adapt the other options to your liking
 +
 +Under **preview** settings:
 +  * Disable audio and video autoplay to prevent bandwidth usage
 +
 +Under **global** settings:
 +  * Add your own header and footer customization, that's HTML printed on top and bottom of everything.
 +
 +Under **other** settings:
 +  * Aria2: empty URL to disable. Aria2 is a downloader that AList can use to download files
 +  * qBitTorrent: empty URL to disable. It's a downloader that AList can use to download files
 +  * Transmission: empty URL to disable. It's a downloader that AList can use to download files
 +These are all downloaders. If you don't use them, don't need them linked to AList, but enpty URLs.
 +
 +The other settings (LDAP, SSO, S3..) are for various authentications approaches. Only SSO (with Authelia) will be discossed below.
 +
 +=== Locl users ===
 +
 +Local users can be added individually under the **users** tab in //manage//
 +
 +I recomend to link to the SSO, as described below instead. 
 +
 +=== Storages ===
 +
 +From //Manage// go to //storages//. Add all the storages you like. 
 +A few notes for local storage at least:
 +  * Mount point is what will appear inside AList
 +  * Root folder path is the shared path on local storage
 +  * Make sure to edit the mkdir folder permissions to something sane like 775 or 770 or even 750.
 +
 +=== Sharing files ===
 +
 +You can add a guest user, one is available but disabled by default, or you can create **meta** links with specific sharing password. See [[https://alist.nn.ci/guide/advanced/meta.html|here]] for more details.
 +
 +=== Indexing ===
 +
 +AList support indexing with many different backends. The easiest one is to enable indexing inside the SQLite database.
 +
 +According to [[https://alist.nn.ci/guide/advanced/search.html|this]] page, there are some caveats and in general it can lead to a fairly big SQLite database file, while MySQL has issues. At the same time, my usage is limited, so i don't want to spin up a dedicated indexing external service.
 +
 +In other words, i leave indexing to **none**. YMMV.
  
 === WebDAV === === WebDAV ===
Line 112: Line 193:
 https://drive.mydomain.com/dav/ <- WebDAV client login https://drive.mydomain.com/dav/ <- WebDAV client login
 </code> </code>
 +
 +=== Plugins ===
 +
 +AList support plugins, a list can be found [[https://alist.nn.ci/guide/ecosystem.html|here]]. Good luck! :)
 +
  
 === SSO === === SSO ===
  
-Authelia link...+**Note:** so far i failed at setting up Authelia in AList. The following notes are as far as i got, but currently there seems to be no communication between Authelia and AList itself. 
 + 
 +If you have setup your SSO backend, like i describe in [[selfhost:sso|this]] page, go to //management// -> //settings// -> //Single Sign ON// to enable the link to your Authelia. 
 + 
 +The official documentation [[https://alist.nn.ci/guide/advanced/sso.html#sso-full-fill-demo|here]] is very detailed, hoping you can read Chinese (i cannot)... Otherwise, follow the indications below. 
 + 
 +Authelia configuration section, to be added to /home/authelia/configuration.yml: 
 +<code> 
 +    clients: 
 +      - client_id: '<< generate a custom client id, see below >>' 
 +        client_secret: '<< generate a custom client secret, see below, the digest goes here >>' 
 +        client_name: 'alist' 
 +        public: false 
 +        authorization_policy: 'one_factor' 
 +        redirect_uris: 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=sso_get_token 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=get_sso_id 
 +        scopes: 
 +          - 'openid' 
 +          - 'profile' 
 +          - 'email' 
 +        userinfo_signed_response_alg: 'none' 
 +</code> 
 + 
 +To generate a ClientID: 
 +<code bash> 
 +authelia crypto rand --length 72 --charset rfc3986 
 +</code> 
 + 
 +To generate a Client Secret: 
 +<code bash> 
 +authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986 
 +</code> 
 +Please note **both** the digest and the password itself! 
 + 
 +In AList use the following information: 
 +  * Platform: OIDC 
 +  * Client ID: use the one generated above 
 +  * Client secret: use the one generated above, the password, not the digest 
 +  * Sso oidc username key: preferred_username 
 +  * Sso organization name: user 
 +  * Sso application name: user 
 +  * Sso extra scopes: openid email profile 
 +  * SSO endpoint name: https://login.mydomain.com/.well-known/openid-configuration 
 +  * SSO auto register: create AList users from SSO users 
 +  * SSO default permission: a sum of all the extra permissions. Use 768 for WebDAV access and editing. 
 + 
 + 
 + 
 +=== Backups === 
 + 
 +While AList has a backup function included, i strongly suggest to ignore it and follow my [[selfhost:backup|backup]] approach with rest / backrest 
 + 
 +You will need to backup the **/data/shares/alist_data** folder.
  
  
Line 130: Line 269:
 command_background=true command_background=true
 command="/data/daemons/fileserver/bin/alist" command="/data/daemons/fileserver/bin/alist"
-command_args="--data /data/daemons/fileserver/alist_data server"+command_args="--data /data/shares/alist_data server"
 command_user="fileserver:users" command_user="fileserver:users"
  
Line 145: Line 284:
 </code> </code>
  
 +
 +===== Update =====
 +
 +Just replace the binary with a new one and restart the service.