User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
services:alist [2025/03/19 09:10] willyservices:alist [2025/07/25 07:34] (current) willy
Line 1: Line 1:
-====== AList  ======+====== OpenList  ======
  
-[[https://alist.nn.ci/|AList]] is a nice tool to make your shares accessible online. +[[https://doc.oplist.org/|OpenList]] is a nice tool to make your shares accessible online. Initially developed as //AList//, around mid 2025 it has then beed forked by the OpenListTeam, because //AList// has been sold/moved to new company that has been cought doing shady stuff on the sources.
- +
-Overall documentation can be reached [[https://alist.nn.ci/guide/|here]]somehow the direct link is bit hidden in the overall mix of Chinese and English.+
  
 The funny thing is that this is a Chinese devleoped open source app. You can see it by the quality of the translations, somehow this make it more interesting to me, as non-English Open Source community needs to be helped and supported as much as possible for a richer and more diverse ecosystem. I am not bothered by //security// since i trust China not less nor more than the US (or whatever other country...). The funny thing is that this is a Chinese devleoped open source app. You can see it by the quality of the translations, somehow this make it more interesting to me, as non-English Open Source community needs to be helped and supported as much as possible for a richer and more diverse ecosystem. I am not bothered by //security// since i trust China not less nor more than the US (or whatever other country...).
 +
 +I admire how OpenList guys are trying hard to provide english documentation, and it's another positive point toward the project, which is also actively maintained.
 +
 +The fuss around the AList/OpenList migration also proved how resillient can Open Source be.
  
  
 ===== Installation ===== ===== Installation =====
  
-Very simple to host without containers.+Since i installed AList then migrated to OpenList, i will keep the older paths references to AList in the following, to match my setup. Feel free to rename any AList reference to OpenList.
  
-Download release [[https://github.com/AlistGo/alist/releases|here]]+Very simple to host without containers, the porject releases binary packages on GitHub. Download your preferred release [[https://github.com/OpenListTeam/OpenList/releases|here]], grab the appropriate binary (linux, amd64, or whatever your self hosting architecture is).
  
-as user //fileserver// and group //users// (see [[selfhost:fileserver|this page]] for more details.+The OpenList will need to be installed as user //fileserver// and group //users//see [[selfhost:fileserver|this page]] for more details.
  
 +The daemon itself will be stored under **/dada/daemons/fileserver**, while it's data will be split between:
 +  * /data/shares/alist_data: config file and SQLite database
 +  * /var/log/alist: logs (autorotated)
 +  * /tmp/alist_data: temp files and such
 +
 +So:
 <code bash> <code bash>
 useradd -m -d /data/daemons/fileserver -g users fileserver useradd -m -d /data/daemons/fileserver -g users fileserver
Line 22: Line 30:
 mkdir /data/shares/alist_data mkdir /data/shares/alist_data
 chown fileserver /data/shares/alist_data chown fileserver /data/shares/alist_data
- 
 su - fileserver su - fileserver
-wget https://github.com/AlistGo/alist/releases/download/<< version >>/alist-linux-amd64.tar.gz+wgethttps://github.com/OpenListTeam/OpenList/releases/download/<< version >>/alist-linux-amd64.tar.gz
 mkdir bin mkdir bin
 cd bin cd bin
-tar xvf ../alist-linux-amd64.tar.gz+tar xvf ../openlist-linux-amd64.tar.gz
 </code> </code>
  
Line 42: Line 49:
 INFO[2025-03-19 09:34:53] init logrus...                                INFO[2025-03-19 09:34:53] init logrus...                               
 INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD  INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD 
-INFO[2025-03-19 09:34:53] Admin user's username: admin                 +INFO[2025-03-19 09:34:53] Admin user s username: admin                 
 INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed  INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed 
 INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random]  INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random] 
Line 89: Line 96:
         access_log /var/log/nginx/drive.mydomain.com_access_log main;         access_log /var/log/nginx/drive.mydomain.com_access_log main;
         error_log /var/log/nginx/drive.mydomain.com_error_log info;         error_log /var/log/nginx/drive.mydomain.com_error_log info;
 +
 +        proxy_cache off;
 +        proxy_max_temp_file_size 0;
  
        location / {        location / {
Line 115: Line 125:
 /data/daemons/fileserver/bin/alist --data /data/shares/alist_data server /data/daemons/fileserver/bin/alist --data /data/shares/alist_data server
 </code> </code>
- 
  
 Point your browser to **drive.mydomain.com** and login as **admin** with the password you changed above. Point your browser to **drive.mydomain.com** and login as **admin** with the password you changed above.
Line 130: Line 139:
   *  Announcement: write your announcement message or URL here   *  Announcement: write your announcement message or URL here
   * Pagination type: i suggest you enable pagination and set it to a resonable value to avoid too long loading times for huge folders   * Pagination type: i suggest you enable pagination and set it to a resonable value to avoid too long loading times for huge folders
-  * +  * Allow indexed / Allow mounted: so far, it's unclear to me what they are for. 
 + 
 +Under **style** settings: 
 +  * Replace Logo URL with a locally distributed file (recomended) 
 +  * Replace favicon URL with a locally distributed file (recomended) 
 +  * Adapt the other options to your liking 
 + 
 +Under **preview** settings: 
 +  * Disable audio and video autoplay to prevent bandwidth usage 
 + 
 +Under **global** settings: 
 +  * Add your own header and footer customization, that's HTML printed on top and bottom of everything. 
 + 
 +Under **other** settings: 
 +  * Aria2: empty URL to disable. Aria2 is a downloader that AList can use to download files 
 +  * qBitTorrent: empty URL to disable. It's a downloader that AList can use to download files 
 +  * Transmission: empty URL to disable. It's a downloader that AList can use to download files 
 +These are all downloaders. If you don't use them, don't need them linked to AList, but enpty URLs. 
 + 
 +The other settings (LDAP, SSO, S3..) are for various authentications approaches. Only SSO (with Authelia) will be discossed below. 
 + 
 +=== Locl users === 
 + 
 +Local users can be added individually under the **users** tab in //manage//.  
 + 
 +I recomend to link to the SSO, as described below instead.  
 === Storages === === Storages ===
  
Line 138: Line 173:
   * Root folder path is the shared path on local storage   * Root folder path is the shared path on local storage
   * Make sure to edit the mkdir folder permissions to something sane like 775 or 770 or even 750.   * Make sure to edit the mkdir folder permissions to something sane like 775 or 770 or even 750.
- 
  
 === Sharing files === === Sharing files ===
  
 You can add a guest user, one is available but disabled by default, or you can create **meta** links with specific sharing password. See [[https://alist.nn.ci/guide/advanced/meta.html|here]] for more details. You can add a guest user, one is available but disabled by default, or you can create **meta** links with specific sharing password. See [[https://alist.nn.ci/guide/advanced/meta.html|here]] for more details.
 +
 +=== Indexing ===
 +
 +AList support indexing with many different backends. The easiest one is to enable indexing inside the SQLite database.
 +
 +According to [[https://alist.nn.ci/guide/advanced/search.html|this]] page, there are some caveats and in general it can lead to a fairly big SQLite database file, while MySQL has issues. At the same time, my usage is limited, so i don't want to spin up a dedicated indexing external service.
 +
 +In other words, i leave indexing to **none**. YMMV.
  
 === WebDAV === === WebDAV ===
Line 151: Line 193:
 https://drive.mydomain.com/dav/ <- WebDAV client login https://drive.mydomain.com/dav/ <- WebDAV client login
 </code> </code>
 +
 +=== Plugins ===
 +
 +AList support plugins, a list can be found [[https://alist.nn.ci/guide/ecosystem.html|here]]. Good luck! :)
 +
  
 === SSO === === SSO ===
  
-Authelia link...+**Note:** so far i failed at setting up Authelia in AList. The following notes are as far as i got, but currently there seems to be no communication between Authelia and AList itself. 
 + 
 +If you have setup your SSO backend, like i describe in [[selfhost:sso|this]] page, go to //management// -> //settings// -> //Single Sign ON// to enable the link to your Authelia. 
 + 
 +The official documentation [[https://alist.nn.ci/guide/advanced/sso.html#sso-full-fill-demo|here]] is very detailed, hoping you can read Chinese (i cannot)... Otherwise, follow the indications below. 
 + 
 +Authelia configuration section, to be added to /home/authelia/configuration.yml: 
 +<code> 
 +    clients: 
 +      - client_id: '<< generate a custom client id, see below >>' 
 +        client_secret: '<< generate a custom client secret, see below, the digest goes here >>' 
 +        client_name: 'alist' 
 +        public: false 
 +        authorization_policy: 'one_factor' 
 +        redirect_uris: 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=sso_get_token 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=get_sso_id 
 +        scopes: 
 +          - 'openid' 
 +          - 'profile' 
 +          - 'email' 
 +        userinfo_signed_response_alg: 'none' 
 +</code> 
 + 
 +To generate a ClientID: 
 +<code bash> 
 +authelia crypto rand --length 72 --charset rfc3986 
 +</code> 
 + 
 +To generate a Client Secret: 
 +<code bash> 
 +authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986 
 +</code> 
 +Please note **both** the digest and the password itself! 
 + 
 +In AList use the following information: 
 +  * Platform: OIDC 
 +  * Client ID: use the one generated above 
 +  * Client secret: use the one generated above, the password, not the digest 
 +  * Sso oidc username key: preferred_username 
 +  * Sso organization name: user 
 +  * Sso application name: user 
 +  * Sso extra scopes: openid email profile 
 +  * SSO endpoint name: https://login.mydomain.com/.well-known/openid-configuration 
 +  * SSO auto register: create AList users from SSO users 
 +  * SSO default permission: a sum of all the extra permissions. Use 768 for WebDAV access and editing. 
 + 
 + 
 + 
 +=== Backups === 
 + 
 +While AList has a backup function included, i strongly suggest to ignore it and follow my [[selfhost:backup|backup]] approach with rest / backrest 
 + 
 +You will need to backup the **/data/shares/alist_data** folder.
  
  
Line 184: Line 284:
 </code> </code>
  
 +
 +===== Update =====
 +
 +Just replace the binary with a new one and restart the service.