X-Git-Url: https://jfr.im/git/uguu.git/blobdiff_plain/d8c46ff78ae2707a580f7b0446349122297b434f..8c54a1f3497253b64480417914e871713536e185:/README.md

diff --git a/README.md b/README.md
index 961f10e..0a59c60 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-# Uguu
+# What is Uguu?
 
-uguu is a simple file uploading and sharing platform.
+Uguu is a simple temporary file uploading and sharing platform where files get deleted after X amount of time.
 
 ## Features
 
@@ -20,8 +20,8 @@ See the real world example at [uguu.se](https://uguu.se).
 
 ## Requirements
 
-Original development environment is Nginx + PHP7.3 + SQLite, but is confirmed to
-work with Apache 2.4 and newer PHP versions.
+Original development environment is Nginx + PHP5.3 + SQLite, but is confirmed to
+work with Apache 2.4 and newer PHP versions like PHP7.3.
 
 ## Install
 
@@ -31,26 +31,16 @@ Node, or NPM. So we'll just assume you already have them all running well.
 ### Compiling
 
 First you must get a copy of the uguu code.  To do so, clone this git repo.
-You will need to recursively clone the repo to get the required PHP submodule,
-and the optional user panel submodule.
-```bash
-git clone --recursive https://github.com/nokonoko/uguu
-```
-If you don't want either of the submodules run the following command,
 ```bash
 git clone https://github.com/nokonoko/uguu
 ```
 
-Assuming you already have Node and NPM working, compilation is easy. If you would like any additional submodules, or to exclude the default PHP submodule, use the `MODULES="..."` variable.
+Assuming you already have Node and NPM working, compilation is easy.
 
-Run the following commands to do so.
+Run the following commands to do so, please configure `dist.json` before you compile.
 ```bash
 cd uguu/
 make
-# alternatively
-make MODULES="" # compile no submodules; exclude the default php backend module
-make MODULES="php" # compile the php submodule
-#
 make install
 ```
 OR
@@ -66,14 +56,42 @@ file size, are found in `dist.json`.  Changes made here will
 only take effect after rebuilding the site pages.  This may be done by running
 `make` from the root of the site directory.
 
-Back-end related settings, such as database configuration, and path for uploaded files, are found in `static/php/includes/settings.inc.php`.  Changes made here take effect immediately.
+Back-end related settings, such as database configuration, and path for uploaded files, are found in `static/php/includes/settings.inc.php`.  Changes made here take effect immediately. Change the following settings:
+```php
+define('UGUU_DB_CONN', 'sqlite:/path/to/db/uguu.sq3');
+define('UGUU_FILES_ROOT', '/path/to/file/');
+define('UGUU_URL', 'https://subdomainforyourfiles.your.site');
+```
 
 If you intend to allow uploading files larger than 2 MB, you may also need to
 increase POST size limits in `php.ini` and webserver configuration. For PHP,
 modify `upload_max_filesize` and `post_max_size` values. The configuration
 option for nginx webserver is `client_max_body_size`.
 
-Example nginx configs can be found in confs/.
+Edit checkdb.sh and checkfiles.sh to the proper paths:
+```bash
+sqlite3 /path/to/db/uguu.sq3 "DELETE FROM files WHERE date <= strftime('%s', datetime('now', '-1 day'));"
+```
+```bash
+find /path/to/files/ -mmin +1440 -exec rm -f {} \;
+```
+Then add them to your crontab:
+```bash
+0,30 * * * * bash /path/to/checkfiles.sh
+0,30 * * * * bash /path/to/checkdb.sh
+```
+
+These scripts check if DB entries and files are older then 24 hours and if they are deletes them.
+
+## MIME/EXT Blocking
+
+Blocking certain filetypes from being uploaded can be changed by editing the following settings in `static/php/includes/settings.inc.php`:
+```php
+define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat', 'cmd', 'htm', 'html', 'jar', 'msi', 'apk', 'phtml']));
+define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary']));
+```
+
+By default the most common malicious filetypes are blocked.
 
 ## Using SQLite as DB engine
 
@@ -84,7 +102,7 @@ First create a directory for the database, e.g. `mkdir /var/db/uguu`.
 Then, create a new SQLite database from the schema, e.g. `sqlite3 /var/db/uguu/uguu.sq3 -init /home/uguu/sqlite_schema.sql`.
 Then, finally, ensure the permissions are correct, e.g.
 ```bash
-chown nginx:nginx /var/db/uguu
+chown www-data:www-data /var/db/uguu
 chmod 0750 /var/db/uguu
 chmod 0640 /var/db/uguu/uguu.sq3
 ```
@@ -98,19 +116,19 @@ define('UGUU_DB_PASS', '[stuff]'); ---> define('UGUU_DB_PASS', null);
 
 *NOTE: The directory where the SQLite database is stored, must be writable by the web server user*
 
-### Apache
-
-If you are running Apache and want to compress your output when serving files,
-add to your `.htaccess` file:
+## Nginx/Apache
 
-    AddOutputFilterByType DEFLATE text/html text/plain text/css application/javascript application/x-javascript application/json
+I won't cover settings everything up, however do NOT allow PHP scripts to be executed on your subdomain serving the files or someone will just upload a PHP shell and PwN you.
 
-Remember to enable `deflate_module` and `filter_module` modules in your Apache
-configuration file.
+## API
+To upload using curl or make a tool you can post using: 
+```
+curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php (JSON Response)
+```
 
 ## Getting help
 
-Hit me up at twitter or email me.
+Hit me up at [@nekunekus](https://twitter.com/nekunekus) or email me at neku@pomf.se
 
 ## Credits