X-Git-Url: https://jfr.im/git/uguu.git/blobdiff_plain/a405e92a9bc07cc78824595e4ce4a880d616a96a..d3aa5eb9a6cb447acc6e6079a32b5462b0824966:/README.md diff --git a/README.md b/README.md index 2a146da..fe30310 100644 --- a/README.md +++ b/README.md @@ -1,116 +1,162 @@ -# About -[Uguu.se](http://uguu.se) source code, stores files and deletes after X amount of time. - -# Tested with: -* Nginx+PHP5-FPM (PHP 5.4) on Debian 7 Wheezy -* Apache (PHP 5.4) on Ubuntu 14.04 LTS -* Apache (PHP 5.6) on Debian 8 Jessie -* Nginx+PHP5-FPM (PHP 5.6) on Debian 8 Jessie -* Apache (PHP 5.6.33 (remi-php56)) on CentOS 6.9 -* [Caddy](https://caddyserver.com/) + php7.0-fpm on Ubuntu 16.04.4 LTS - -# Install: - -* Deploy base code, for example with `git clone https://github.com/nokonoko/Uguu.git` -* Modify includes/config.php (copy config.template.php as a starting point) to set up the main options for Uguu. -* Some file extensions are blocked by default, this can be changed via includes/config.php's CONFIG_BLOCKED_EXTENSIONS value. -* Copy `rain/template/footer.template.html` as `rain/template/footer.html` and personalize the footer as you wish -* Execute check.sh regularly with cron to delete old files: `crontab -e` and add `0,15,30,45 * * * * cd /path/to/uguu/includes && bash check.sh` (or adapt if you know how cron works). -* Make the Uguu/public/files and Uguu/rain/cache directory modifiable by the web server user: -`chown -R www-data:www-data /path/to/Uguu/public/files` and `chown -R www-data:www-data /path/to/Uguu/rain/cache` -* Make sure the Uguu/public/files folder is not indexable, you may use a virtual host config similar to this one using Apache: - +# What is Uguu? + +Uguu is a simple lightweight file uploading and sharing platform, with the option for files to expire. + +## Features + +- One click uploading, no registration required +- A minimal, modern web interface +- Drag & drop supported +- Upload API with multiple response choices + - JSON + - HTML + - Text + - CSV +- Supports [ShareX](https://getsharex.com/) and other screenshot tools + +### Demo + +See the real world example at [uguu.se](https://uguu.se). + +## Requirements + +Original development environment is Nginx + PHP5.3 + SQLite, but is confirmed to +work with Apache 2.4 and newer PHP versions like PHP7.3. + +Node is used to compile Uguu. + +## Install + +**Detailed installation and configuration can be found at [Uguu Documentation](https://docs.uguu.se).** + +If you don't need a detailed one just follow the instructions below. + +### Compiling + + First you must get a copy of the uguu code. To do so, clone this git repo. + ```bash + git clone https://github.com/nokonoko/uguu + ``` + + **Run the following commands to do so, please configure `dist.json` before you compile.** + ```bash + cd uguu/ + make + make install + ``` + OR + ```bash + make install DESTDIR=/desired/path/for/site + ``` + After this, the uguu site is now compressed and set up inside `dist/`, or, if specified, `DESTDIR`. + + ## Configuring + + Front-end related settings, such as the name of the site, and maximum allowable + file size, are found in `dist.json`. Changes made here will + only take effect after rebuilding the site pages. This may be done by running + `make` from the root of the site directory. + + **Back-end related settings, such as database configuration, and path for uploaded files, are found in `includes/settings.inc.php`. Changes made here take effect immediately. Change the following settings:** + ```php + define('UGUU_DB_CONN', 'sqlite:/path/to/db/uguu.sq3'); + define('UGUU_FILES_ROOT', '/path/to/file/'); + define('UGUU_URL', 'https://subdomainforyourfiles.your.site'); + ``` + + **If you intend to allow uploading files larger than 2 MB, you may also need to + increase POST size limits in `php.ini` and webserver configuration. For PHP, + modify `upload_max_filesize` and `post_max_size` values. The configuration + option for nginx webserver is `client_max_body_size`.** + + **Edit checkdb.sh and checkfiles.sh to the proper paths:** + ```bash + sqlite3 /path/to/db/uguu.sq3 "DELETE FROM files WHERE date <= strftime('%s', datetime('now', '-1 day'));" + ``` + ```bash + find /path/to/files/ -mmin +1440 -exec rm -f {} \; + ``` + **Then add them to your crontab:** + ```bash + 0,30 * * * * bash /path/to/checkfiles.sh + 0,30 * * * * bash /path/to/checkdb.sh + ``` + + These scripts check if DB entries and files are older then 24 hours and if they are deletes them. + + ## MIME/EXT Blocking + + **Blocking certain filetypes from being uploaded can be changed by editing the following settings in `includes/settings.inc.php`:** + ```php + define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat', 'cmd', 'htm', 'html', 'jar', 'msi', 'apk', 'phtml', 'svg'])); + define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary', 'image/svg+xml'])); + ``` +By default the most common malicious filetypes are blocked. + + ## IP logging + This is turned off by default, but you can enable it by changing: + ```php + define('LOG_IP', 'false'); ``` - - ServerName path.to.uguu - - DocumentRoot /var/www/Uguu/ - - AllowOverride All - Require all granted - - - Alias "/files" "/var/www/Uguu/public/files/" - - - SetHandler default-handler - - AllowOverride None - Options -Indexes - Require all granted - - - + +## Anti dupe +This is turned off by default, if a user uploads a file already uploaded the link to the already existing file will be returned instead. + ```php + define('ANTI_DUPE', 'false'); ``` -Or something like this using Nginx+PHP-FPM: + ## Using SQLite as DB engine + + We need to create the SQLite database before it may be used by uguu. + Fortunately, this is incredibly simple. + + First create a directory for the database, e.g. `mkdir /var/db/uguu`. + Then, create a new SQLite database from the schema, e.g. `sqlite3 /var/db/uguu/uguu.sq3 -init /home/uguu/sqlite_schema.sql`. + Then, finally, ensure the permissions are correct, e.g. + ```bash + chown www-data:www-data /var/db/uguu + chmod 0750 /var/db/uguu + chmod 0640 /var/db/uguu/uguu.sq3 + ``` + + Finally, edit `includes/settings.inc.php` to indicate this is the database engine you would like to use. Make the changes outlined below + ```php + define('UGUU_DB_CONN', '[stuff]'); ---> define('UGUU_DB_CONN', 'sqlite:/var/db/uguu/uguu.sq3'); + define('UGUU_DB_USER', '[stuff]'); ---> define('UGUU_DB_USER', null); + define('UGUU_DB_PASS', '[stuff]'); ---> define('UGUU_DB_PASS', null); + ``` + + *NOTE: The directory where the SQLite database is stored, must be writable by the web server user* -uguu.se +## API +To upload using curl or make a tool you can post using: ``` -server{ - listen 104.243.35.197:80; - server_name uguu.se www.uguu.se; - - root /home/neku/www/uguu/; - autoindex off; - index index.html index.php; - - location ~* \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_intercept_errors on; - fastcgi_index index.php; - fastcgi_split_path_info ^(.+\.php)(.*)$; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - } - - error_page 404 /404.html; - error_page 403 /404.html; - location /404.html { - root /home/neku/www; - } -} +curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php (JSON Response) ``` - -a.uguu.se (notice that scripts e.g PHP will NOT be executed from this subdomain) ``` -server{ - listen 104.243.35.197:80; - server_name a.uguu.se www.a.uguu.se; - - root /home/neku/www/files; - autoindex off; - index index.html; - - error_page 404 /404.html; - error_page 403 /404.html; - location /404.html { - root /home/neku/www; - } -} +curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=text (Text Response) ``` - -Or something like this for usage with caddy: ``` -uguu.se { - fastcgi / /var/run/php/php7.0-fpm.sock php - root /home/neku/www -} - -a.uguu.se { - root /home/neku/www/files -} +curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=csv (CSV Response) +``` ``` +curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=html (HTML Response) +``` + +## Getting help + +Hit me up at [@nekunekus](https://twitter.com/nekunekus) or email me at neku@pomf.se +## Credits -# Using the API +Uguu is based on [Pomf](http://github.com/pomf/pomf) which was written by Emma Lejack & Eric Johansson (nekunekus) and with help from the open source community. - * Leaving POST value 'name' empty will cause it to save using the original filename. - * Leaving POST value 'randomname' empty will cause it to use original filename or custom name if 'name' is set to file.ext. +## License - * Putting anything into POST value 'randomname' will cause it to return a random filename + ext (xxxxxx.ext). - * Putting a custom name into POST value 'name' will cause it to return a custom filename (yourpick.ext). +Uguu is free software, and is released under the terms of the Expat license. See +`LICENSE`. - E.g: - * curl -i -F name=test.jpg -F file=@localfile.jpg http://path.to.uguu/api.php?d=upload (HTML Response) - * curl -i -F name=test.jpg -F file=@localfile.jpg http://path.to.uguu/api.php?d=upload-tool (Plain text Response) +## To do in release v1.1.0 +* Mod feature and interface +* Blacklist DB (already exists on Uguu.se, but not in this code) +* Code cleanup