-# About
-[Uguu.se](http://uguu.se) source code, stores files and deletes after X amount of time.
+# What is Uguu?
-# Tested with:
-* Nginx+PHP5-FPM (PHP 5.4) on Debian 7 Wheezy
-* Apache (PHP 5.4) on Ubuntu 14.04 LTS
-* Apache (PHP 5.6) on Debian 8 Jessie
-* Nginx+PHP5-FPM (PHP 5.6) on Debian 8 Jessie
-* Apache (PHP 5.6.33 (remi-php56)) on CentOS 6.9
-* Nginx+PHP7-FPM (PHP 7.0) on Debian 9 Stretch
+Uguu is a simple temporary file uploading and sharing platform where files get deleted after X amount of time.
-# Install:
+## Features
-* Deploy base code, for example with `git clone https://github.com/nokonoko/Uguu.git`
-* Modify includes/config.php (copy config.template.php as a starting point) to set up the main options for Uguu.
-* Some file extensions are blocked by default, this can be changed via includes/config.php's CONFIG_BLOCKED_EXTENSIONS value.
-* Copy `rain/template/footer.template.html` as `rain/template/footer.html` and personalize the footer as you wish
-* Execute check.sh regularly with cron to delete old files: `crontab -e` and add `0,15,30,45 * * * * cd /path/to/uguu/includes && bash check.sh` (or adapt if you know how cron works).
-* Make the Uguu/public/files and Uguu/rain/cache directory modifiable by the web server user:
-`chown -R www-data:www-data /path/to/Uguu/public/files` and `chown -R www-data:www-data /path/to/Uguu/rain/cache`
-* Make sure the Uguu/public/files folder is not indexable, you may use a virtual host config similar to this one using Apache:
+- One click uploading, no registration required
+- A minimal, modern web interface
+- Drag & drop supported
+- Upload API with multiple response choices
+ - JSON
+ - HTML
+ - Text
+ - CSV
+- Supports [ShareX](https://getsharex.com/) and other screenshot tools
+### Demo
+
+See the real world example at [uguu.se](https://uguu.se).
+
+## Requirements
+
+Original development environment is Nginx + PHP5.3 + SQLite, but is confirmed to
+work with Apache 2.4 and newer PHP versions like PHP7.3.
+
+## Install
+
+For the purposes of this guide, we won't cover setting up Nginx, PHP, SQLite,
+Node, or NPM. So we'll just assume you already have them all running well.
+
+**NPM/Node is only needed to compile the files, Uguu runs on PHP.**
+
+### Compiling
+
+First you must get a copy of the uguu code. To do so, clone this git repo.
+```bash
+git clone https://github.com/nokonoko/uguu
```
-<VirtualHost *:80>
- ServerName path.to.uguu
- DocumentRoot /var/www/Uguu/
- <Directory /var/www/Uguu/>
- AllowOverride All
- Require all granted
- </Directory>
+Assuming you already have Node and NPM working, compilation is easy.
+
+Run the following commands to do so, please configure `dist.json` before you compile.
+```bash
+cd uguu/
+make
+make install
+```
+OR
+```bash
+make install DESTDIR=/desired/path/for/site
+```
+After this, the uguu site is now compressed and set up inside `dist/`, or, if specified, `DESTDIR`.
- Alias "/files" "/var/www/Uguu/public/files/"
- <Directory /var/www/Uguu/public/files/>
- <Files *>
- SetHandler default-handler
- </Files>
- AllowOverride None
- Options -Indexes
- Require all granted
- </Directory>
+## Configuring
-</VirtualHost>
+Front-end related settings, such as the name of the site, and maximum allowable
+file size, are found in `dist.json`. Changes made here will
+only take effect after rebuilding the site pages. This may be done by running
+`make` from the root of the site directory.
+
+Back-end related settings, such as database configuration, and path for uploaded files, are found in `includes/settings.inc.php`. Changes made here take effect immediately. Change the following settings:
+```php
+define('UGUU_DB_CONN', 'sqlite:/path/to/db/uguu.sq3');
+define('UGUU_FILES_ROOT', '/path/to/file/');
+define('UGUU_URL', 'https://subdomainforyourfiles.your.site');
```
-Or something like this using Nginx+PHP-FPM:
+If you intend to allow uploading files larger than 2 MB, you may also need to
+increase POST size limits in `php.ini` and webserver configuration. For PHP,
+modify `upload_max_filesize` and `post_max_size` values. The configuration
+option for nginx webserver is `client_max_body_size`.
-uguu.se
+Edit checkdb.sh and checkfiles.sh to the proper paths:
+```bash
+sqlite3 /path/to/db/uguu.sq3 "DELETE FROM files WHERE date <= strftime('%s', datetime('now', '-1 day'));"
+```
+```bash
+find /path/to/files/ -mmin +1440 -exec rm -f {} \;
+```
+Then add them to your crontab:
+```bash
+0,30 * * * * bash /path/to/checkfiles.sh
+0,30 * * * * bash /path/to/checkdb.sh
```
-server{
- listen 104.243.35.197:80;
- server_name uguu.se www.uguu.se;
- root /home/neku/www/uguu/;
- autoindex off;
- index index.html index.php;
+These scripts check if DB entries and files are older then 24 hours and if they are deletes them.
- location ~* \.php$ {
- fastcgi_pass unix:/var/run/php5-fpm.sock;
- fastcgi_intercept_errors on;
- fastcgi_index index.php;
- fastcgi_split_path_info ^(.+\.php)(.*)$;
- include fastcgi_params;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+## MIME/EXT Blocking
+
+Blocking certain filetypes from being uploaded can be changed by editing the following settings in `includes/settings.inc.php`:
+```php
+define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat', 'cmd', 'htm', 'html', 'jar', 'msi', 'apk', 'phtml']));
+define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary']));
+```
+
+By default the most common malicious filetypes are blocked.
+
+## Using SQLite as DB engine
+
+We need to create the SQLite database before it may be used by uguu.
+Fortunately, this is incredibly simple.
+
+First create a directory for the database, e.g. `mkdir /var/db/uguu`.
+Then, create a new SQLite database from the schema, e.g. `sqlite3 /var/db/uguu/uguu.sq3 -init /home/uguu/sqlite_schema.sql`.
+Then, finally, ensure the permissions are correct, e.g.
+```bash
+chown www-data:www-data /var/db/uguu
+chmod 0750 /var/db/uguu
+chmod 0640 /var/db/uguu/uguu.sq3
+```
+
+Finally, edit `includes/settings.inc.php` to indicate this is the database engine you would like to use. Make the changes outlined below
+```php
+define('UGUU_DB_CONN', '[stuff]'); ---> define('UGUU_DB_CONN', 'sqlite:/var/db/uguu/uguu.sq3');
+define('UGUU_DB_USER', '[stuff]'); ---> define('UGUU_DB_USER', null);
+define('UGUU_DB_PASS', '[stuff]'); ---> define('UGUU_DB_PASS', null);
+```
+
+*NOTE: The directory where the SQLite database is stored, must be writable by the web server user*
+
+## Nginx example config
+
+I won't cover settings everything up, here are some Nginx examples. Use [Letsencrypt](https://letsencrypt.org) to obain a SSL cert.
+
+Main domain:
+```
+server{
+
+ listen 443 ssl;
+ server_name www.yourdomain.com yourdomain.com;
+
+ ssl on;
+ ssl_certificate /path/to/fullchain.pem;
+ ssl_certificate_key /path/toprivkey.pem;
+ ssl_protocols TLSv1.2 TLSv1.3;
+
+ root /path/to/uguu/dist/;
+ autoindex off;
+ access_log off;
+ index index.html index.php;
+
+ location ~* \.(ico|css|js|ttf)$ {
+ expires 7d;
}
- error_page 404 /404.html;
- error_page 403 /404.html;
- location /404.html {
- root /home/neku/www;
- }
+ location ~* \.php$ {
+ fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
+ fastcgi_intercept_errors on;
+ fastcgi_index index.php;
+ fastcgi_split_path_info ^(.+\.php)(.*)$;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
}
```
-a.uguu.se (notice that scripts e.g PHP will NOT be executed from this subdomain)
+Subdomain serving files (do not enable PHP here):
```
server{
- listen 104.243.35.197:80;
- server_name a.uguu.se www.a.uguu.se;
-
- root /home/neku/www/files;
+ listen 443 ssl;
+ server_name www.subdomain.serveryourfiles.com subdomain.serveryourfiles.com;
+
+ ssl on;
+ ssl_certificate /path/to/fullchain.pem;
+ ssl_certificate_key /path/to/privkey.pem;
+ ssl_protocols TLSv1.2 TLSv1.3;
+
+ root /path/where/uploaded/files/are/stored/;
autoindex off;
+ access_log off;
index index.html;
+}
+```
- error_page 404 /404.html;
- error_page 403 /404.html;
- location /404.html {
- root /home/neku/www;
- }
+To redirect HTTP to HTTPS make a config for each domain like so:
+```
+server {
+ listen 80;
+ server_name www.domain.com domain.com;
+ return 301 https://domain.com$request_uri;
}
```
+## API
+To upload using curl or make a tool you can post using:
+```
+curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php (JSON Response)
+```
+
+## Getting help
+
+Hit me up at [@nekunekus](https://twitter.com/nekunekus) or email me at neku@pomf.se
-# Using the API
+## Credits
- * Leaving POST value 'name' empty will cause it to save using the original filename.
- * Leaving POST value 'randomname' empty will cause it to use original filename or custom name if 'name' is set to file.ext.
+Uguu is based on [Pomf](http://github.com/pomf/pomf).
- * Putting anything into POST value 'randomname' will cause it to return a random filename + ext (xxxxxx.ext).
- * Putting a custom name into POST value 'name' will cause it to return a custom filename (yourpick.ext).
+## License
- E.g:
- * curl -i -F name=test.jpg -F file=@localfile.jpg http://path.to.uguu/api.php?d=upload (HTML Response)
- * curl -i -F name=test.jpg -F file=@localfile.jpg http://path.to.uguu/api.php?d=upload-tool (Plain text Response)
+Uguu is free software, and is released under the terms of the Expat license. See
+`LICENSE`.