A simple, secure Nginx-based server that displays a random image on each page load.
- Displays random images at fixed dimensions
- Secure by default with Docker isolation
- Rate limiting to prevent abuse
- Easy to customize and deploy
- Multiple deployment options (Docker or direct installation)
There's a small attribution info tooltip in the corner, you can remove it or change it to something like a cryptocurrency donation address (I've added and commented out the code for that).
- Non-root execution: Runs as unprivileged 'nobody' user
- Rate limiting: Protects against DoS attacks (configurable, default: 30 req/min)
- Security headers: Implements modern web security headers
- Safe file access: Uses LuaFS instead of shell commands
- Input validation: Proper file extension validation
- Restricted file types: Only serves approved image formats
- No directory traversal: Path sanitization to prevent unauthorized access
- Limited server info: Hides server version information
- Container isolation: Docker provides additional security boundary
# Clone the repository
git clone https://github.com/drewherron/random-image-server.git
cd random-image-server
# Create and configure .env file
cp .env.example .env
nano .env # Edit configuration as needed
# Create images directory and add your images
mkdir -p images
cp /path/to/your/images/* images/
# Start the server
docker-compose -f docker/docker-compose.yml up -dFor servers where you prefer not to use Docker:
# Clone the repository
git clone https://github.com/drewherron/random-image-server.git
cd random-image-server
# Run the installation script (requires root privileges)
sudo ./scripts/install.sh /path/to/your/images
# The script will:
# - Install required packages (nginx-extras, lua modules)
# - Configure Nginx with the random image server
# - Set proper file permissionsVisit http://localhost to see a random image.
Edit .env file to customize:
IMAGE_DIR- Path to your images directoryPORT- Port to serve content (default: 80)IMAGE_WIDTH- Width of displayed imagesIMAGE_HEIGHT- Height of displayed imagesRATE_LIMIT- Rate limiting (requests per minute)SERVER_NAME- Domain name or IP addressENABLE_HTTPS- Enable/disable HTTPS
This repository includes two utility scripts:
-
scripts/install.sh- Installs and configures the server directly on a Linux system- Usage:
sudo ./scripts/install.sh [image_directory] - Automatically detects Debian/Ubuntu or RHEL/CentOS/Fedora
- Usage:
-
scripts/setup-permissions.sh- Sets correct file permissions for your image directory- Usage:
sudo ./scripts/setup-permissions.sh [image_directory] [nginx_user] - Runs automatically during installation
- Usage:
When deploying this server, consider these additional security measures:
- Firewall configuration: Restrict access to the server if it doesn't need to be publicly accessible
- Regular updates: Keep your system, Docker, and Nginx updated
- HTTPS: For public deployments, enable HTTPS using the configuration options
- Custom ports: Change the default port from 80 to a non-standard port for added security
- Content filtering: Only host images you've personally verified
- Access logs: Monitor access logs for suspicious activity
- Resource limits: Set Docker resource limits to prevent container escape or DoS
For production deployments, consider placing the server behind a reverse proxy like Cloudflare or Nginx Proxy Manager for additional protection.
Yes, please.