feat: add PairDrop file sharing service (drop.pivoine.art)

Added PairDrop stack for peer-to-peer file sharing: - WebRTC-based direct file transfers between devices - No file size limits or server storage - End-to-end encrypted transfers - Local network auto-discovery - Cross-platform support (desktop, mobile, tablets) - Progressive Web App installable on mobile - Rate limiting enabled for security PairDrop provides secure, private file sharing without uploading files to any server - all transfers happen directly between devices. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-06 21:22:12 +01:00
parent 5158817ac6
commit 7d961c2876
4 changed files with 69 additions and 0 deletions
--- a/drop/compose.yaml
+++ b/drop/compose.yaml
@@ -0,0 +1,36 @@
+services:
+  pairdrop:
+    image: lscr.io/linuxserver/pairdrop:latest
+    container_name: ${DROP_COMPOSE_PROJECT_NAME}_app
+    restart: unless-stopped
+    environment:
+      PUID: 1000
+      PGID: 1000
+      TZ: ${TIMEZONE:-Europe/Berlin}
+      RATE_LIMIT: true
+      WS_FALLBACK: false
+    networks:
+      - compose_network
+    labels:
+      - 'traefik.enable=${DROP_TRAEFIK_ENABLED}'
+      # HTTP to HTTPS redirect
+      - 'traefik.http.middlewares.${DROP_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.middlewares=${DROP_COMPOSE_PROJECT_NAME}-redirect-web-secure'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.rule=Host(`${DROP_TRAEFIK_HOST}`)'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
+      # HTTPS router
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${DROP_TRAEFIK_HOST}`)'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
+      - 'traefik.http.middlewares.${DROP_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
+      - 'traefik.http.routers.${DROP_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${DROP_COMPOSE_PROJECT_NAME}-web-secure-compress,security-headers@file'
+      # Service
+      - 'traefik.http.services.${DROP_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=3000'
+      - 'traefik.docker.network=${NETWORK_NAME}'
+      # Watchtower
+      - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
+
+networks:
+  compose_network:
+    name: ${NETWORK_NAME}
+    external: true