No-bullshit file hosting and URL shortening service https://boop.icu | Forked from https://git.0x0.st/mia/0x0
Go to file
Siina Mashek a63e516808 merging index.html changes to boop.html 2022-12-15 11:58:50 +02:00
instance README: Add note about StreamMaxLength in clamd.conf 2022-12-12 07:40:38 +01:00
migrations Record file sizes in db 2022-12-13 23:04:48 +01:00
nsfw_model Add NSFW detection 2017-10-27 05:28:45 +02:00
services Updating service names, updating gitignore 2022-11-20 23:56:59 +02:00
templates merging index.html changes to boop.html 2022-12-15 11:58:50 +02:00
tests Merge branch 'master' into boop 2022-12-15 11:40:27 +02:00
.gitignore Updating service names, updating gitignore 2022-11-20 23:56:59 +02:00
.mailmap Add mailmap 2021-05-23 19:13:51 +02:00
0x0-prune.service Add example systemd unit files for prune job 2022-11-29 17:23:30 +01:00
0x0-prune.timer Add example systemd unit files for prune job 2022-11-29 17:23:30 +01:00
0x0-vscan.service Add support for ClamAV 2022-12-12 07:35:05 +01:00
0x0-vscan.timer Add support for ClamAV 2022-12-12 07:35:05 +01:00
LICENSE Change license to EUPL 2020-11-03 04:01:30 +01:00
README.rst README: Add note about StreamMaxLength in clamd.conf 2022-12-12 07:40:38 +01:00
boop.ini Adding uwsgi ini 2022-11-20 23:47:47 +02:00
cleanup.py Add support for expiring files 2022-11-29 13:09:26 +01:00
fhost.py Merge branch 'master' into boop 2022-12-15 11:40:27 +02:00
nsfw_detect.py nsfw_detect: Use PyAV instead of ffmpegthumbnailer 2022-11-29 21:54:43 +01:00
pyproject.toml Add tests 2021-05-23 19:13:51 +02:00
requirements.txt Applying boop changes 2022-11-20 23:44:41 +02:00

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

The Null Pointer
================

This is a no-bullshit file hosting and URL shortening service that also runs
`0x0.st <https://0x0.st>`_. Use with uWSGI.

Configuration
-------------

To configure 0x0, copy ``instance/config.example.py`` to ``instance/config.py``, then edit
it.   Resonable defaults are set, but there's a couple options you'll need to change
before running 0x0 for the first time.

By default, the configuration is stored in the Flask instance directory.
Normally, this is in `./instance`, but it might be different for your system.
For details, see
`the Flask documentation <https://flask.palletsprojects.com/en/2.0.x/config/#instance-folders>`_.

To customize the home and error pages, simply create a ``templates`` directory
in your instance directory and copy any templates you want to modify there.

If you are running nginx, you should use the ``X-Accel-Redirect`` header.
To make it work, include this in your nginx configs ``server`` block::

    location /up {
        internal;
    }

where ``/up`` is whatever youve configured as ``FHOST_STORAGE_PATH``.

For all other servers, set ``FHOST_USE_X_ACCEL_REDIRECT`` to ``False`` and
``USE_X_SENDFILE`` to ``True``, assuming your server supports this.
Otherwise, Flask will serve the file with chunked encoding, which has several
downsides, one of them being that range requests will not work. This is a
problem for example when streaming media files: It wont be possible to seek,
and some ISOBMFF (MP4) files will not play at all.

To make files expire, simply run ``FLASK_APP=fhost flask prune`` every
now and then. You can use the provided systemd unit files for this::

    0x0-prune.service
    0x0-prune.timer

Make sure to edit them to match your system configuration. In particular,
set the user and paths in ``0x0-prune.service``.

Before running the service for the first time and every time you update it
from this git repository, run ``FLASK_APP=fhost flask db upgrade``.


NSFW Detection
--------------

0x0 supports classification of NSFW content via Yahoos open_nsfw Caffe
neural network model. This works for images and video files and requires
the following:

* Caffe Python module (built for Python 3)
* `PyAV <https://github.com/PyAV-Org/PyAV>`_


Virus Scanning
--------------

0x0 can scan its files with ClamAVs daemon. As this can take a long time
for larger files, this does not happen immediately but instead every time
you run the ``vscan`` command. It is recommended to configure a systemd
timer or cronjob to do this periodically. Examples are included::

    0x0-vscan.service
    0x0-vscan.timer

Remember to adjust your size limits in clamd.conf, including
``StreamMaxLength``!

This feature requires the `clamd module <https://pypi.org/project/clamd/>`_.


Network Security Considerations
-------------------------------

Keep in mind that 0x0 can fetch files from URLs. This includes your local
network! You should take precautions so that this feature cannot be abused.
0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
use firewall rules and/or namespaces. This is less error-prone anyway.

For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
its very easy to create a group on your system and use it as a condition
in your firewall rules. You would then run the application server under that
group.