A family wiki and photoalbum engine (in Russian).
- Pages with Markdown text
- Media files: photos, videos (PDF documents will be supported later)
- Person tags on photos
- Relations: validation, inferrence
- Fact storage (birthday, gender, blood type, languages, hobbies, etc.)
- Access control: editor, reader and guest roles
- Changesets: browse changes to any page/media, see diffs, easily revert if necessary
-
Download the docker-compose.
-
Optional:
Configure your Bonsai instance to use HTTPS and external auth for better security. This requires a bit of work, so if you are just playing around you can skip this step.
Create a Facebook Authorization App (or Google, Yandex or Vkontakte).
Modify
docker-compose.yml
:- Save Facebook authorization credentials to
Auth__Facebook__AppId
andAuth__Facebook__AppSecret
config properties - Set
Auth__AllowPasswordAuth=false
if you want to disable the less-secure password authorization - Replace
@@YOUR_EMAIL@@
with your email address (for LetsEncrypt auto-SSL) - Replace
@@DOMAIN@@
with the domain name to use (or you can use your IP with xip.io, like192.168.1.1.xip.io
) - Uncomment two lines with
Host(`@@DOMAIN@@`)
- Comment two lines with
PathPrefix(`/`)
- Save Facebook authorization credentials to
-
Bring everything up using
docker compose
:docker-compose up -d
-
After everything is brought up Bonsai will listen on ports 80 and 443.
For development, you will need the following:
- .NET Core 3.1: the main runtime for Bonsai
-
Install NodeJS (10+)
-
Install PostgreSQL server (9.6+)
-
Download ffmpeg shared binaries for your system and extract the archive's contents into
External/ffmpeg
folder in the solution root (must contain bothffmpeg
andffprobe
executables). -
Create a file called
appsettings.Development.json
, add the connection string:{ "ConnectionStrings": { "Database": "Server=127.0.0.1;Port=5432;Database=bonsai;User Id=<login>;Password=<password>;Persist Security Info=true" }, "Auth": { "AllowPasswordAuth": true } }
-
Optional, but suggested:
Create a Facebook Authorization App (or Google, Yandex or Vkontakte).
Add the retrieved authorization credentials to the
appsettings.Development.json
and setAllowPasswordAuth
tofalse
:{ "Auth": { "AllowPasswordAuth": false, "Facebook": { "AppId": "<...>", "AppSecret": "<...>" }, "Google": { "ClientId": "<...>", "ClientSecret": "<...>" }, "Yandex": { "ClientId": "<...>", "ClientSecret": "<...>" }, "Vkontakte": { "ClientId": "<...>", "ClientSecret": "<...>" } } }
-
Create the database:
dotnet ef database update
-
Build the styles and scripts:
npm install npm run build
-
Run the app (as Visual Studio project or using
dotnet run
).
If you value the data that you store in Bonsai, make sure that you SET UP BACKUPS.
You will need to back up the following:
- Database (approximately tens of megabytes)
- Uploaded media in
wwwroot/media
(may contain gigabytes of data)
There are many options available, free and paid: uploading to a cloud storage, copying to external drives, etc. Please consider your usage/budget and select a combination that works best for you.
Bonsai features two authorization methods: OAuth and password authorization.
OAuth is the preferred method: it's easier to use for end users, more secure and versatile. Please use the OAuth method if you can! For OAuth, you will need to create an authorization app on Facebook, Google, Vkontakte or Yandex as described in the installation steps. You can enable multiple authorization apps at the same time: users will pick the one they prefer.
As a fallback, you can also create an account with classic login/password authorization. It can be used for two purposes:
- Playing around with Bonsai (easier to set up: no auth app and https configuration required)
- Giving access to elder family members who don't have a social network account
Please keep the following facts in mind:
- Any user account can only have one authorization method: password, or Facebook, or Google, etc.
- It is not possible to change the authorization type for an account once it has been created.
- Password-based accounts can be locked out if there are too many consecutive failed login attempts.
- Account password can only be reset by an administrator manually. If you only have one admin account, it is password-based, and the password is lost - there's no way to regain access besides direct database manipulation!