librelad edcdf00aca feat(layout): three-root split + ownership model (phase 2)
Split the single tree into three owner-isolated roots and fix the backup
permission failure (restic, running as the container user, could not write the
manager-owned /docker/backups).

Ownership helper (libreportal-ownership), rewritten for three baked roots:
  SYSTEM_DIR (manager)  CONTAINERS_DIR + BACKUPS_DIR (container user)
- reconcile now drives each tree to its single owner; backups + the WebUI dir go
  to the container user (the actual fix). The container user reaches only the
  WebUI bind-mount sources (configs/webui/*) via a scoped _webui_bind_access —
  traverse the system root + configs, read configs/webui only, nothing else.
- defence-in-depth: refuse dangerous/relative roots even if mis-baked; new
  backups-top action.

Baking: init.sh initRootHelpers now seds __SYSTEM_DIR__/__CONTAINERS_DIR__/
__BACKUPS_DIR__ (alongside __MANAGER__) into every helper at install — the trust
boundary stays root-controlled. svc/socket/appcfg helpers updated to derive from
the baked SYSTEM_DIR; the svc unit now exports LP_*_DIR so the processor resolves
roots authoritatively. A baking-safe '*"__"*' sentinel check survives the sed.

Install/uninstall: initFolders creates the three roots; initContainerLayer hands
containers + backups to the container user; uninstall removes all three
(idempotent on legacy single-tree installs). Remaining functional /docker
literals in init.sh (config reads, setupConfigsFromRepo, uninstall) parameterised.

Compose: the WebUI's two relative ../../configs mounts (the only cross-tree
relative mounts in the tree) are now absolute, filled at generation via a new
CONFIGS_DIR_TAG; CONTAINERS_DIR_TAG likewise for the LP_CONTAINERS_DIR env.

Live box unaffected: installed helpers + the live compose only change on reinstall/
rebuild (both of which fill the tags); the CLI-wrapper heredoc paths are baked in
phase 3.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-25 15:21:28 +01:00
2026-05-21 20:37:54 +01:00

LibrePortal

Your own private corner of the internet — free, open, and yours.

LibrePortal is a self-hosted platform for running the apps you rely on, on your own server: one-click installs, a reverse proxy with automatic SSL, rootless Docker, optional VPN routing, and a clean web dashboard to manage it all.

⚠️ v0.1.0 — early days. Expect rough edges while things settle.

Why LibrePortal

Too many services today treat your data as theirs to take — quietly overstepping boundaries that should never have been crossed. LibrePortal grew out of frustration with that: it's a way to run the apps you depend on on your own server, where your data stays yours. Privacy here isn't a feature to toggle — it's the whole point.

Free & open — forever

The entire platform is free software under the GNU AGPLv3. Self-host it and you get everything — every feature, no paywalls, no telemetry. See our Promise for exactly what that means.

What you get

  • 📦 One-click self-hosted apps (Nextcloud, Vaultwarden, Jellyfin, Gitea, …)
  • 🔀 Traefik reverse proxy + automatic Let's Encrypt SSL
  • 🔒 Rootless Docker, CrowdSec, sane security defaults
  • 🛡️ Optional VPN routing (gluetun) for any app
  • 🖥️ A web dashboard to install, configure, back up, and monitor everything

Quick start

git clone https://gitea.scottwebstar.co.uk/Webstar/LibrePortal.git
cd LibrePortal
./init.sh

LibrePortal Connect (optional)

Self-hosting is free and complete. If you'd rather not fiddle with the tricky parts — like reaching your server from your phone, or keeping off-site backups — LibrePortal Connect will handle them for you. Here's the catch that makes us different: we work like a courier carrying a sealed box. We move your data between your devices and store backup copies, but it stays locked and you hold the only key — we can't open it, and we never run your apps for you. Everything we offer, you can also set up yourself for free. Our Promise spells out exactly where that line sits.

Contributing

PRs welcome — see CONTRIBUTING.md. We use a lightweight DCO sign-off (git commit -s), no CLA.

Acknowledgments

LibrePortal has been built from scratch since 2023. Its spark of inspiration was a small installer script from Brian McGonagill (OpenSourceIsAwesome): gitlab.com/bmcgonag/docker_installs. From that seed it grew start to finish — refined, extended, and refactored into the platform it is today.

License

GNU AGPLv3. What's open stays open.

Description
No description provided
Readme AGPL-3.0 12 MiB
Languages
Shell 45.2%
JavaScript 38.5%
CSS 11.6%
TypeScript 3.1%
HTML 1.5%