X-Git-Url: https://jfr.im/git/uguu.git/blobdiff_plain/4e2b7d3508b70e92af1aa60f6f65f609ceeaed34..25a798afecaede9a36f1b266dffadd77ac0c2d01:/README.md diff --git a/README.md b/README.md index eaf0ac5..8d413d8 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# Uguu +# What is Uguu? -Uguu is a simple temporary file uploading and sharing platform where files get deleted after 24 hours. +Uguu is a simple temporary file uploading and sharing platform where files get deleted after X amount of time. ## Features @@ -20,14 +20,16 @@ See the real world example at [uguu.se](https://uguu.se). ## Requirements -Original development environment is Nginx + PHP7.3 + SQLite, but is confirmed to -work with Apache 2.4 and newer PHP versions. +Original development environment is Nginx + PHP5.3 + SQLite, but is confirmed to +work with Apache 2.4 and newer PHP versions like PHP7.3. ## Install For the purposes of this guide, we won't cover setting up Nginx, PHP, SQLite, Node, or NPM. So we'll just assume you already have them all running well. +**NPM/Node is only needed to compile the files, Uguu runs on PHP.** + ### Compiling First you must get a copy of the uguu code. To do so, clone this git repo. @@ -56,7 +58,7 @@ file size, are found in `dist.json`. Changes made here will only take effect after rebuilding the site pages. This may be done by running `make` from the root of the site directory. -Back-end related settings, such as database configuration, and path for uploaded files, are found in `static/php/includes/settings.inc.php`. Changes made here take effect immediately. Change the following settings: +Back-end related settings, such as database configuration, and path for uploaded files, are found in `includes/settings.inc.php`. Changes made here take effect immediately. Change the following settings: ```php define('UGUU_DB_CONN', 'sqlite:/path/to/db/uguu.sq3'); define('UGUU_FILES_ROOT', '/path/to/file/'); @@ -83,6 +85,16 @@ Then add them to your crontab: These scripts check if DB entries and files are older then 24 hours and if they are deletes them. +## MIME/EXT Blocking + +Blocking certain filetypes from being uploaded can be changed by editing the following settings in `includes/settings.inc.php`: +```php +define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat', 'cmd', 'htm', 'html', 'jar', 'msi', 'apk', 'phtml'])); +define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary'])); +``` + +By default the most common malicious filetypes are blocked. + ## Using SQLite as DB engine We need to create the SQLite database before it may be used by uguu. @@ -97,7 +109,7 @@ chmod 0750 /var/db/uguu chmod 0640 /var/db/uguu/uguu.sq3 ``` -Finally, edit `php/includes/settings.inc.php` to indicate this is the database engine you would like to use. Make the changes outlined below +Finally, edit `includes/settings.inc.php` to indicate this is the database engine you would like to use. Make the changes outlined below ```php define('UGUU_DB_CONN', '[stuff]'); ---> define('UGUU_DB_CONN', 'sqlite:/var/db/uguu/uguu.sq3'); define('UGUU_DB_USER', '[stuff]'); ---> define('UGUU_DB_USER', null); @@ -106,15 +118,74 @@ define('UGUU_DB_PASS', '[stuff]'); ---> define('UGUU_DB_PASS', null); *NOTE: The directory where the SQLite database is stored, must be writable by the web server user* -### Apache +## Nginx example config + +I won't cover settings everything up, here are some Nginx examples. Use [Letsencrypt](https://letsencrypt.org) to obain a SSL cert. + +Main domain: +``` +server{ + + listen 443 ssl; + server_name www.yourdomain.com yourdomain.com; + + ssl on; + ssl_certificate /path/to/fullchain.pem; + ssl_certificate_key /path/toprivkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + + root /path/to/uguu/dist/; + autoindex off; + access_log off; + index index.html index.php; + + location ~* \.(ico|css|js|ttf)$ { + expires 7d; + } + + location ~* \.php$ { + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_intercept_errors on; + fastcgi_index index.php; + fastcgi_split_path_info ^(.+\.php)(.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +} +``` -If you are running Apache and want to compress your output when serving files, -add to your `.htaccess` file: +Subdomain serving files (do not enable PHP here): +``` +server{ + listen 443 ssl; + server_name www.subdomain.serveryourfiles.com subdomain.serveryourfiles.com; + + ssl on; + ssl_certificate /path/to/fullchain.pem; + ssl_certificate_key /path/to/privkey.pem; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + + root /path/where/uploaded/files/are/stored/; + autoindex off; + access_log off; + index index.html; +} +``` - AddOutputFilterByType DEFLATE text/html text/plain text/css application/javascript application/x-javascript application/json +To redirect HTTP to HTTPS make a config for each domain like so: +``` +server { + listen 80; + server_name www.domain.com domain.com; + return 301 https://domain.com$request_uri; +} +``` -Remember to enable `deflate_module` and `filter_module` modules in your Apache -configuration file. +## API +To upload using curl or make a tool you can post using: +``` +curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php (JSON Response) +``` ## Getting help @@ -122,7 +193,7 @@ Hit me up at [@nekunekus](https://twitter.com/nekunekus) or email me at neku@pom ## Credits -Uguu is based off [Pomf](http://github.com/pomf/pomf). +Uguu is based on [Pomf](http://github.com/pomf/pomf). ## License