camagru, branch masterWebcam and upload photo editing web apphttp://git.tvcloud.fr/cgit.cgi/camagru/atom?h=master2026-03-24T12:43:28ZMove uploads to a named Docker volume2026-03-24T12:43:28ZThomas Vanbesientvanbesi@proton.me2026-03-24T12:43:28Zurn:sha1:207950e6522f54e3d5111db2bbae8ab9b8281b32
Replace the bind-mounted src/uploads/ with a named volume shared
between PHP (read-write) and Nginx (read-only). Remove entrypoint.sh
since the volume handles directory creation automatically.
Isolate database and mail behind internal Docker network2026-03-24T11:01:44ZThomas Vanbesientvanbesi@proton.me2026-03-24T11:01:44Zurn:sha1:03147e99dea93bda229634cd5980b8474ad41b14
Remove exposed MariaDB port and split services into frontend/backend
networks. Only Nginx is reachable from the host; MariaDB and Mailpit
are only accessible to the PHP container.
Add rate limiting on login and password reset endpoints2026-03-22T12:57:45ZThomas Vanbesientvanbesi@proton.me2026-03-22T12:57:45Zurn:sha1:94dbb795cc3fe9799d34beb5d6bfa052eba81b0c
Track attempts per IP in a rate_limits table with a sliding time
window. Login allows 5 failed attempts per 15 min, password reset
allows 3 requests per 15 min. Old entries are purged automatically.
Add session cookie hardening and Nginx security headers2026-03-22T12:53:01ZThomas Vanbesientvanbesi@proton.me2026-03-22T12:53:01Zurn:sha1:78e891f06ab94ef478de1c431157f7d634fe4ac8
Set httponly, samesite=Lax, and auto-detected secure flag on session
cookies. Add X-Content-Type-Options, X-Frame-Options, and
Content-Security-Policy headers in Nginx. Document both in README.
Add chmod 600 guidance for .env file in README2026-03-22T12:40:53ZThomas Vanbesientvanbesi@proton.me2026-03-22T12:40:53Zurn:sha1:de41aa4531df4515de93eba685cfeb03227a5d4eAdd upload security: size limit, per-user and site-wide post caps2026-03-22T12:34:47ZThomas Vanbesientvanbesi@proton.me2026-03-22T12:34:47Zurn:sha1:d6a9fd1c32f07b993cb8ecc3c1b7c22f7a0ce848
Reject base64 payloads over 10 MB, limit users to 50 posts each,
and cap total posts at 10,000 (~650 MB on disk). Document upload
security model in README.
Add favicon using webcam.svg2026-03-22T12:24:50ZThomas Vanbesientvanbesi@proton.me2026-03-22T12:24:18Zurn:sha1:6a2c38dff48529672411419e1f56df0671f40365Add environment variables, MailPit, and composer clarifications to README2026-03-21T22:08:15ZThomas Vanbesientvanbesi@proton.me2026-03-21T22:08:15Zurn:sha1:6ced3fae5446a8b173025d708c2f07aa23e640f8Replace home page with redirect to gallery or login2026-03-21T21:57:36ZThomas Vanbesientvanbesi@proton.me2026-03-21T21:57:36Zurn:sha1:6f300d7676aa36903c1a279aeb100d6f4caf1197Add likes, comments, email notifications, and pagination to gallery2026-03-21T21:55:13ZThomas Vanbesientvanbesi@proton.me2026-03-21T21:55:13Zurn:sha1:f9ad3f4dc05252839457579303a4e0a0f94d8b80