1
0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2024-11-23 15:21:25 +01:00
locally hosted web application that allows you to perform various operations on PDF files
Go to file
pixeebot[bot] b094634799
Hardening suggestions for Stirling-PDF / fix-sig-logo (#2144)
Modernize and secure temp file creation

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
2024-10-31 16:17:23 -04:00
.github Update pull_request_template.md 2024-10-31 17:46:30 +00:00
.vscode Optimize Editor and Git Ignore Settings for Improved Consistency and Security (#1611) 2024-07-31 18:49:52 +01:00
chart/stirling-pdf 💾 Update Version (#2139) 2024-10-31 13:06:55 +00:00
cucumber Frooodle/license (#1994) 2024-10-14 22:34:41 +01:00
docs [ImgBot] Optimize images (#1455) 2024-06-14 19:38:54 +01:00
exampleYmlFiles Frooodle/license (#1994) 2024-10-14 22:34:41 +01:00
gradle/wrapper update gradle wrapper version 2024-05-25 23:51:34 +03:00
images [ImgBot] Optimize images (#1455) 2024-06-14 19:38:54 +01:00
pipeline/defaultWebUIConfigs Pipeline fixes for json lists + delete func (#1425) 2024-06-09 13:56:55 +01:00
scripts remove unused translation 2024-10-20 21:00:16 +01:00
src Hardening suggestions for Stirling-PDF / fix-sig-logo (#2144) 2024-10-31 16:17:23 -04:00
.git-blame-ignore-revs misc: update .git-blame-ignore-revs to ignore normalize files commit in blame 2024-02-11 11:54:03 -05:00
.gitattributes change to Pdf.js-Legacy Version 4.3.136 (#1444) 2024-06-12 20:33:25 +01:00
.gitignore Feature/save signs (#2127) 2024-10-30 12:46:44 +00:00
.pre-commit-config.yaml Rename from translation_status.toml to ignore_translation.toml and more (#1511) 2024-06-26 21:47:20 +01:00
build.gradle Update build.gradle 2024-10-31 13:06:12 +00:00
CONTRIBUTING.md Update CONTRIBUTING.md 2024-10-15 17:22:15 +01:00
DATABASE.md adding documentation for database import and export (#1528) 2024-07-06 13:24:32 +01:00
DeveloperGuide.md Update DeveloperGuide.md 2024-10-16 18:56:51 +01:00
Dockerfile [Snyk] Security upgrade alpine from 3.20.2 to 3.20.3 (#1840) 2024-09-08 13:11:47 +01:00
Dockerfile-fat Bump alpine from 3.20.2 to 3.20.3 (#1865) 2024-09-09 23:47:16 +01:00
Dockerfile-ultra-lite Fix startup errors on ultra-lite image (#1950) 2024-09-22 21:25:38 +01:00
Endpoint-groups.md Add: Convert PDF to WebP (#1666) 2024-08-20 16:17:54 +01:00
FolderScanning.md lang, save to browser (#923) 2024-03-17 09:33:05 +00:00
gradlew Make ./gradlew executable; accept .java files improvements after running ./gradlew build 2024-01-03 03:21:11 +03:00
gradlew.bat refactor: normalize files 2024-02-11 11:47:00 -05:00
HowToAddNewLanguage.md Add info translation (#1791) 2024-09-05 09:23:04 +01:00
HowToUseOCR.md chore: fix some typos (#900) 2024-03-12 19:42:15 -04:00
Jenkinsfile refactor: normalize files 2024-02-11 11:47:00 -05:00
lauch4jConfig.xml Upload jar and .exe to release 2023-06-10 15:05:38 +01:00
LICENSE Update LICENSE to MIT 2024-09-02 11:01:17 +01:00
LocalRunGuide.md Update LocalRunGuide.md (#1885) 2024-09-20 23:24:20 +01:00
PipelineFeature.md lang, save to browser (#923) 2024-03-17 09:33:05 +00:00
README.md Update README.md 2024-10-31 14:52:41 +00:00
settings.gradle Rename app to Stirling-PDF not S-pdf 2023-06-10 18:04:06 +01:00
test2.sh remove lite package (#1012) 2024-04-01 18:33:58 +01:00
test.sh Frooodle/license (#1994) 2024-10-14 22:34:41 +01:00
Version-groups.md Rename from translation_status.toml to ignore_translation.toml and more (#1511) 2024-06-26 21:47:20 +01:00

Stirling-PDF

Docker Pulls Discord Docker Image Version (tag latest semver) GitHub Repo stars

Deploy to DO Name

This is a robust, locally hosted web-based PDF manipulation tool using Docker. It enables you to carry out various operations on PDF files, including splitting, merging, converting, reorganizing, adding images, rotating, compressing, and more. This locally hosted web application has evolved to encompass a comprehensive set of features, addressing all your PDF requirements.

Stirling PDF does not initiate any outbound calls for record-keeping or tracking purposes.

All files and PDFs exist either exclusively on the client side, reside in server memory only during task execution, or temporarily reside in a file solely for the execution of the task. Any file downloaded by the user will have been deleted from the server by that point.

stirling-home

Features

  • Dark mode support.
  • Custom download options
  • Parallel file processing and downloads
  • Custom 'Pipelines' to run multiple features in a queue
  • API for integration with external scripts
  • Optional Login and Authentication support (see here for documentation)
  • Database Backup and Import (see here for documentation)

PDF Features

Page Operations

  • View and modify PDFs - View multi page PDFs with custom viewing sorting and searching. Plus on page edit features like annotate, draw and adding text and images. (Using PDF.js with Joxit and Liberation.Liberation fonts)
  • Full interactive GUI for merging/splitting/rotating/moving PDFs and their pages.
  • Merge multiple PDFs together into a single resultant file.
  • Split PDFs into multiple files at specified page numbers or extract all pages as individual files.
  • Reorganize PDF pages into different orders.
  • Rotate PDFs in 90-degree increments.
  • Remove pages.
  • Multi-page layout (Format PDFs into a multi-paged page).
  • Scale page contents size by set %.
  • Adjust Contrast.
  • Crop PDF.
  • Auto Split PDF (With physically scanned page dividers).
  • Extract page(s).
  • Convert PDF to a single page.
  • Overlay PDFs ontop of each other

Conversion Operations

  • Convert PDFs to and from images.
  • Convert any common file to PDF (using LibreOffice).
  • Convert PDF to Word/Powerpoint/Others (using LibreOffice).
  • Convert HTML to PDF.
  • URL to PDF.
  • Markdown to PDF.

Security & Permissions

  • Add and remove passwords.
  • Change/set PDF Permissions.
  • Add watermark(s).
  • Certify/sign PDFs.
  • Sanitize PDFs.
  • Auto-redact text.

Other Operations

  • Add/Generate/Write signatures.
  • Repair PDFs.
  • Detect and remove blank pages.
  • Compare 2 PDFs and show differences in text.
  • Add images to PDFs.
  • Compress PDFs to decrease their filesize (Using OCRMyPDF).
  • Extract images from PDF.
  • Extract images from Scans.
  • Add page numbers.
  • Auto rename file by detecting PDF header text.
  • OCR on PDF (Using OCRMyPDF).
  • PDF/A conversion (Using OCRMyPDF).
  • Edit metadata.
  • Flatten PDFs.
  • Get all information on a PDF to view or export as JSON.
  • Show/Detect embedded Javascript

For a overview of the tasks and the technology each uses please view Endpoint-groups.md

Demo of the app is available here.

Technologies used

How to use

Windows

For windows users download the latest Stirling-PDF.exe from our release section or by clicking here

Locally

Please view https://github.com/Stirling-Tools/Stirling-PDF/blob/main/LocalRunGuide.md

Docker / Podman

https://hub.docker.com/r/frooodle/s-pdf

Stirling PDF has 3 different versions, a Full version and ultra-Lite version as well as a 'Fat' version. Depending on the types of features you use you may want a smaller image to save on space. To see what the different versions offer please look at our version mapping For people that don't mind about space optimization just use the latest tag. Docker Image Size (tag) Docker Image Size (tag) Docker Image Size (tag)

Please note in below examples you may need to change the volume paths as needed, current examples install them to the current working directory eg ./extraConfigs:/configs to /opt/stirlingpdf/extraConfigs:/configs

Docker Run

docker run -d \
  -p 8080:8080 \
  -v ./trainingData:/usr/share/tessdata \
  -v ./extraConfigs:/configs \
  -v ./logs:/logs \
  -e DOCKER_ENABLE_SECURITY=false \
  -e INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false \
  -e LANGS=en_GB \
  --name stirling-pdf \
  frooodle/s-pdf:latest

  Can also add these for customisation but are not required

  -v /location/of/customFiles:/customFiles \

Docker Compose

version: '3.3'
services:
  stirling-pdf:
    image: frooodle/s-pdf:latest
    ports:
      - '8080:8080'
    volumes:
      - ./trainingData:/usr/share/tessdata #Required for extra OCR languages
      - ./extraConfigs:/configs
#      - ./customFiles:/customFiles/
#      - ./logs:/logs/
    environment:
      - DOCKER_ENABLE_SECURITY=false
      - INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false
      - LANGS=en_GB

Note: Podman is CLI-compatible with Docker, so simply replace "docker" with "podman".

Enable OCR/Compression feature

Please view https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToUseOCR.md

Reuse stored files

Certain functionality like Sign Supports pre-saved files stored at /customFiles/signatures/, image files placed within here will be accesable to be used via webUI Currently this supports two folder types

  • /customFiles/signatures/ALL_USERS accessible to all users, useful for orginasations were many users use same files or for users not using authentication
  • /customFiles/signatures/{username} such as /customFiles/signatures/froodle accessible to only the froodle username, private for all others

Supported Languages

Stirling PDF currently supports 38!

Language Progress
Arabic (العربية) (ar_AR) 93%
Basque (Euskara) (eu_ES) 56%
Bulgarian (Български) (bg_BG) 98%
Catalan (Català) (ca_CA) 44%
Croatian (Hrvatski) (hr_HR) 86%
Czech (Česky) (cs_CZ) 82%
Danish (Dansk) (da_DK) 90%
Dutch (Nederlands) (nl_NL) 87%
English (English) (en_GB) 100%
English (US) (en_US) 100%
French (Français) (fr_FR) 94%
German (Deutsch) (de_DE) 97%
Greek (Ελληνικά) (el_GR) 75%
Hindi (हिंदी) (hi_IN) 71%
Hungarian (Magyar) (hu_HU) 69%
Indonesia (Bahasa Indonesia) (id_ID) 95%
Irish (Gaeilge) (ga_IE) 89%
Italian (Italiano) (it_IT) 98%
Japanese (日本語) (ja_JP) 86%
Korean (한국어) (ko_KR) 76%
Norwegian (Norsk) (no_NB) 89%
Polish (Polski) (pl_PL) 98%
Portuguese (Português) (pt_PT) 71%
Portuguese Brazilian (Português) (pt_BR) 98%
Romanian (Română) (ro_RO) 91%
Russian (Русский) (ru_RU) 76%
Serbian Latin alphabet (Srpski) (sr_LATN_RS) 71%
Simplified Chinese (简体中文) (zh_CN) 92%
Slovakian (Slovensky) (sk_SK) 83%
Spanish (Español) (es_ES) 97%
Swedish (Svenska) (sv_SE) 93%
Thai (ไทย) (th_TH) 90%
Traditional Chinese (繁體中文) (zh_TW) 98%
Turkish (Türkçe) (tr_TR) 93%
Ukrainian (Українська) (uk_UA) 81%
Vietnamese (Tiếng Việt) (vi_VN) 90%

Contributing (creating issues, translations, fixing bugs, etc.)

Please see our Contributing Guide!

Customisation

Stirling PDF allows easy customization of the app. Includes things like

  • Custom application name
  • Custom slogans, icons, HTML, images CSS etc (via file overrides)

There are two options for this, either using the generated settings file settings.yml This file is located in the /configs directory and follows standard YAML formatting

Environment variables are also supported and would override the settings file For example in the settings.yml you have

security:
  enableLogin: 'true'

To have this via an environment variable you would have SECURITY_ENABLELOGIN

The Current list of settings is

security:
  enableLogin: false # set to 'true' to enable login
  csrfDisabled: true # Set to 'true' to disable CSRF protection (not recommended for production)
  loginAttemptCount: 5 # lock user account after 5 tries; when using e.g. Fail2Ban you can deactivate the function with -1
  loginResetTimeMinutes: 120 # lock account for 2 hours after x attempts
  loginMethod: all # 'all' (Login Username/Password and OAuth2[must be enabled and configured]), 'normal'(only Login with Username/Password) or 'oauth2'(only Login with OAuth2)
  initialLogin:
    username: '' # Initial username for the first login
    password: '' # Initial password for the first login
  oauth2:
    enabled: false # set to 'true' to enable login (Note: enableLogin must also be 'true' for this to work)
    client:
      keycloak:
        issuer: '' # URL of the Keycloak realm's OpenID Connect Discovery endpoint
        clientId: '' # Client ID for Keycloak OAuth2
        clientSecret: '' # Client Secret for Keycloak OAuth2
        scopes: openid, profile, email # Scopes for Keycloak OAuth2
        useAsUsername: preferred_username # Field to use as the username for Keycloak OAuth2
      google:
        clientId: '' # Client ID for Google OAuth2
        clientSecret: '' # Client Secret for Google OAuth2
        scopes: https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile # Scopes for Google OAuth2
        useAsUsername: email # Field to use as the username for Google OAuth2
      github:
        clientId: '' # Client ID for GitHub OAuth2
        clientSecret: '' # Client Secret for GitHub OAuth2
        scopes: read:user # Scope for GitHub OAuth2
        useAsUsername: login # Field to use as the username for GitHub OAuth2
    issuer: '' # set to any provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
    clientId: '' # Client ID from your provider
    clientSecret: '' # Client Secret from your provider
    autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users
    blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
    useAsUsername: email # Default is 'email'; custom fields can be used as the username
    scopes: openid, profile, email # Specify the scopes for which the application will request permissions
    provider: google # Set this to your OAuth provider's name, e.g., 'google' or 'keycloak'
  saml2: 
    enabled: false # Currently in alpha, not recommended for use yet, enableAlphaFunctionality must be set to true
    autoCreateUser: false # set to 'true' to allow auto-creation of non-existing users
    blockRegistration: false # set to 'true' to deny login with SSO without prior registration by an admin
    registrationId: stirling
    idpMetadataUri: https://dev-XXXXXXXX.okta.com/app/externalKey/sso/saml/metadata
    idpSingleLogoutUrl: https://dev-XXXXXXXX.okta.com/app/dev-XXXXXXXX_stirlingpdf_1/externalKey/slo/saml
    idpSingleLoginUrl: https://dev-XXXXXXXX.okta.com/app/dev-XXXXXXXX_stirlingpdf_1/externalKey/sso/saml
    idpIssuer: http://www.okta.com/externalKey
    idpCert: classpath:octa.crt
    privateKey: classpath:saml-private-key.key
    spCert: classpath:saml-public-cert.crt

enterpriseEdition:
  enabled: false # set to 'true' to enable enterprise edition
  key: 00000000-0000-0000-0000-000000000000
  CustomMetadata:
    autoUpdateMetadata: false # set to 'true' to automatically update metadata with below values
    author: username # Supports text such as 'John Doe' or types such as username to autopopulate with users username
    creator: Stirling-PDF # Supports text such as 'Company-PDF'
    producer: Stirling-PDF # Supports text such as 'Company-PDF'

legal:
  termsAndConditions: https://www.stirlingpdf.com/terms-and-conditions # URL to the terms and conditions of your application (e.g. https://example.com/terms) Empty string to disable or filename to load from local file in static folder
  privacyPolicy: https://www.stirlingpdf.com/privacy-policy # URL to the privacy policy of your application (e.g. https://example.com/privacy) Empty string to disable or filename to load from local file in static folder
  accessibilityStatement: '' # URL to the accessibility statement of your application (e.g. https://example.com/accessibility) Empty string to disable or filename to load from local file in static folder
  cookiePolicy: '' # URL to the cookie policy of your application (e.g. https://example.com/cookie) Empty string to disable or filename to load from local file in static folder
  impressum: '' # URL to the impressum of your application (e.g. https://example.com/impressum) Empty string to disable or filename to load from local file in static folder

system:
  defaultLocale: en-US # Set the default language (e.g. 'de-DE', 'fr-FR', etc)
  googlevisibility: false # 'true' to allow Google visibility (via robots.txt), 'false' to disallow
  enableAlphaFunctionality: false # Set to enable functionality which might need more testing before it fully goes live (This feature might make no changes)
  showUpdate: false # see when a new update is available
  showUpdateOnlyAdmin: false # Only admins can see when a new update is available, depending on showUpdate it must be set to 'true'
  customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template html files
  tessdataDir: /usr/share/tessdata # Path to the directory containing the Tessdata files. This setting is relevant for Windows systems. For Windows users, this path should be adjusted to point to the appropriate directory where the Tessdata files are stored.
  enableAnalytics: undefined # Set to 'true' to enable analytics, set to 'false' to disable analytics, for enterprise users this is set to true

ui:
  appName: '' # Application's visible name
  homeDescription: '' # Short description or tagline shown on homepage.
  appNameNavbar: '' # Name displayed on the navigation bar

endpoints:
  toRemove: [] # List endpoints to disable (e.g. ['img-to-pdf', 'remove-pages'])
  groupsToRemove: [] # List groups to disable (e.g. ['LibreOffice'])

metrics:
  enabled: true # 'true' to enable Info APIs (`/api/*`) endpoints, 'false' to disable

# Automatically Generated Settings (Do Not Edit Directly)
AutomaticallyGenerated:
  key: example
  UUID: example

There is an additional config file /configs/custom_settings.yml were users familiar with java and spring application.properties can input their own settings on-top of Stirling-PDFs existing ones

Extra notes

  • Endpoints. Currently, the endpoints ENDPOINTS_TO_REMOVE and GROUPS_TO_REMOVE can include comma separate lists of endpoints and groups to disable as example ENDPOINTS_TO_REMOVE=img-to-pdf,remove-pages would disable both image-to-pdf and remove pages, GROUPS_TO_REMOVE=LibreOffice Would disable all things that use LibreOffice. You can see a list of all endpoints and groups here
  • customStaticFilePath. Customise static files such as the app logo by placing files in the /customFiles/static/ directory. An example of customising app logo is placing a /customFiles/static/favicon.svg to override current SVG. This can be used to change any images/icons/css/fonts/js etc in Stirling-PDF

Environment only parameters

  • SYSTEM_ROOTURIPATH ie set to /pdf-app to Set the application's root URI to localhost:8080/pdf-app
  • SYSTEM_CONNECTIONTIMEOUTMINUTES to set custom connection timeout values
  • DOCKER_ENABLE_SECURITY to tell docker to download security jar (required as true for auth login)
  • INSTALL_BOOK_AND_ADVANCED_HTML_OPS to download calibre onto stirling-pdf enabling pdf to/from book and advanced html conversion
  • LANGS to define custom font libraries to install for use for document conversions

API

For those wanting to use Stirling-PDFs backend API to link with their own custom scripting to edit PDFs you can view all existing API documentation here or navigate to /swagger-ui/index.html of your stirling-pdf instance for your versions documentation (Or by following the API button in your settings of Stirling-PDF)

Login authentication

stirling-login

Prerequisites

  • User must have the folder ./configs volumed within docker so that it is retained during updates.
  • Docker users must download the security jar version by setting DOCKER_ENABLE_SECURITY to true in environment variables.
  • Then either enable login via the settings.yml file or via setting SECURITY_ENABLE_LOGIN to true
  • Now the initial user will be generated with username admin and password stirling. On login you will be forced to change the password to a new one. You can also use the environment variables SECURITY_INITIALLOGIN_USERNAME and SECURITY_INITIALLOGIN_PASSWORD to set your own straight away (Recommended to remove them after user creation).

Once the above has been done, on restart, a new stirling-pdf-DB.mv.db will show if everything worked.

When you login to Stirling PDF you will be redirected to /login page to login with those default credentials. After login everything should function as normal

To access your account settings go to Account settings in the settings cog menu (top right in navbar) This Account settings menu is also where you find your API key.

To add new users go to the bottom of Account settings and hit 'Admin Settings', here you can add new users. The different roles mentioned within this are for rate limiting. This is a Work in progress which will be expanding on more in future

For API usage you must provide a header with 'X-API-Key' and the associated API key for that user.

FAQ

Q1: What are your planned features?

  • Progress bar/Tracking
  • Full custom logic pipelines to combine multiple operations together.
  • Folder support with auto scanning to perform operations on
  • Redact text (Via UI not just automated way)
  • Add Forms
  • Multi page layout (Stich PDF pages together) support x rows y columns and custom page sizing
  • Fill forms manually or automatically

Q2: Why is my application downloading .htm files?

This is an issue caused commonly by your NGINX configuration. The default file upload size for NGINX is 1MB, you need to add the following in your Nginx sites-available file. client_max_body_size SIZE; Where "SIZE" is 50M for example for 50MB files.

Q3: Why is my download timing out

NGINX has timeout values by default so if you are running Stirling-PDF behind NGINX you may need to set a timeout value such as adding the config proxy_read_timeout 3600;