Opengist​

A self-hosted pastebin powered by Git. Try it here.

• Features
• Install
  • With Docker
  • From source
• Configuration
  • Via YAML file
  • Via Environment Variables
• Administration
  • Use Nginx as a reverse proxy
  • Use Fail2ban
• Configure OAuth
• License

Features​

• Create public or unlisted snippets
• Clone / Pull / Push snippets via Git over HTTP or SSH
• Revisions history
• Syntax highlighting ; markdown & CSV support
• Like / Fork snippets
• Search for all snippets or for certain users snippets
• Editor with indentation mode & size ; drag and drop files
• Download raw files or as a ZIP archive
• OAuth2 login with GitHub and Gitea
• Avatars via Gravatar or OAuth2 providers
• Light/Dark mode
• Responsive UI
• Enable or disable signups
• Restrict or unrestrict snippets visibility to anonymous users
• Admin panel : delete users/gists; clean database/filesystem by syncing gists
• SQLite database
• Logging
• Docker support

Todo​

• Tests
• Search for snippets
• Embed snippets
• Filesystem/Redis support for user sessions
• Have a cool logo

Install​

With Docker​

A Docker image, available for each release, can be pulled


docker pull ghcr.io/thomiceli/opengist:1.3 # most recent release

docker pull ghcr.io/thomiceli/opengist:latest # latest development version

It can be used in a docker-compose.yml file :

1. Create a docker-compose.yml file with the following content
2. Run docker compose up -d
3. Opengist is now running on port 6157, you can browse http://localhost:6157

version: "3"

services:
opengist:
image: ghcr.io/thomiceli/opengist:1.3
container_name: opengist
restart: unless-stopped
ports:
- "6157:6157" # HTTP port
- "2222:2222" # SSH port, can be removed if you don't use SSH
volumes:
- "$HOME/.opengist:/root/.opengist"

From source​

Requirements : Git (2.20+), Go (1.19+), Node.js (16+)


git clone https://github.com/thomiceli/opengist
cd opengist
make
./opengist

Opengist is now running on port 6157, you can browse http://localhost:6157

Configuration​

Opengist provides flexible configuration options through either a YAML file and/or environment variables.You would only need to specify the configuration options you want to change — for any config option left untouched, Opengist will simply apply the default values.

Configuration option list

Configuration via YAML file​

The configuration file must be specified when launching the application, using the --config flag followed by the path to your YAML file.


./opengist --config /path/to/config.yml

You can start by copying and/or modifying the provided config.yml file.

Configuration via Environment Variables​

Usage with Docker Compose :


services:
opengist:
# ...
environment:
OG_LOG_LEVEL: "info"
# etc.

Usage via command line :


OG_LOG_LEVEL=info ./opengist

Administration​

Use Nginx as a reverse proxy​

Configure Nginx to proxy requests to Opengist. Here is an example configuration file :


server {
listen 80;
server_name opengist.example.com;

location / {
proxy_pass http://127.0.0.1:6157
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}

Then run :


service nginx restart

Use Fail2ban​

Fail2ban can be used to ban IPs that try to bruteforce the login page.Log level must be set at least to warn.


Add this filter in etc/fail2ban/filter.d/opengist.conf :


[Definition]
failregex = Invalid .* authentication attempt from <HOST>
ignoreregex =

Add this jail in etc/fail2ban/jail.d/opengist.conf :


[opengist]
enabled = true
filter = opengist
logpath = /home/*/.opengist/log/opengist.log
maxretry = 10
findtime = 3600
bantime = 600
banaction = iptables-allports
port = anyport

Then run


service fail2ban restart

Configure OAuth​

Opengist can be configured to use OAuth to authenticate users, with GitHub or Gitea.

Integrate GithubIntegrate Gitea