1
3
Fork
You've already forked hauserver2
2
A filehost software built in rust
  • Rust 81.6%
  • HTML 12%
  • CSS 6.4%
phin 257aa623eb v0.5.0
- exif metadata stripping (img-parts, jpeg/png/webp)
- url uploads with queue, ssrf protection, rate limiting
- download pages (/d/{id}) with pending/ready/failed states
- inline file viewing with correct content-type
- file reporting system with admin panel
- server-side render timing in footer
- shared finalize/dedup logic (finalize.rs)
- single-transaction uploads (hash+insert atomic)
- crate bumps: sha1 0.11, redb 4, aes 0.9, ctr 0.10, ureq 3 +rustls
- updated config.toml.example, benchmarks
2026年04月25日 11:12:32 -04:00
docs v0.5.0 2026年04月25日 11:12:32 -04:00
src v0.5.0 2026年04月25日 11:12:32 -04:00
templates v0.5.0 2026年04月25日 11:12:32 -04:00
utils add sysctl tuning, update systemd service 2026年03月22日 11:48:26 -04:00
.gitignore v0.3.2 2026年03月21日 13:00:24 -04:00
Cargo.toml v0.5.0 2026年04月25日 11:12:32 -04:00
config.toml.example v0.5.0 2026年04月25日 11:12:32 -04:00
README.md v0.4.1 2026年03月25日 10:46:22 -04:00

hauserver2

high-performance file hosting backend in Rust. single binary, embedded database, AES-256 encryption, torrent generation, file deduplication. no accounts, no logs, no tracking.

features

  • streaming upload/download (up to 300 GB)
  • short URLs (/f/aBcDeF/photo.jpg)
  • file deduplication via BLAKE3 hashing + symlinks
  • AES-256-CTR encryption with key-in-URL sharing (128-bit counter)
  • .torrent file generation
  • per-file expiration
  • multi-file upload (drag & drop, paste from clipboard, file picker)
  • noscript-compatible (no JS required)
  • JSON API responses (Accept: application/json)
  • ShareX support (download .sxcu)
  • concurrent upload limiting (OOM protection)
  • embedded redb database (no external DB needed)
  • master/slave mode with weighted auto-balancing
  • abuse/legal page with configurable DMCA/EU templates
  • warrant canary page
  • security headers (CSP, Referrer-Policy, X-Content-Type-Options, X-Frame-Options)
  • ~6 MB binary, zero runtime dependencies

setup

requires Rust and git. Linux only.

git clone https://codeberg.org/phin/hauserver2
cd hauserver2
cp config.toml.example config.toml
# edit config.toml — set base_url, storage_dir, etc.
cargo build --release
./target/release/hauserver2

the server creates a default config.toml if one doesn't exist.

hauserver2 works standalone, but putting it behind nginx gives you TLS, rate limiting, and faster downloads (nginx serves unencrypted files directly via sendfile).

copy utils/hauserver2.nginxconf to your nginx sites and edit:

  • server_name
  • SSL cert paths
  • $storage_dir (must match storage_dir in config.toml)
  • uncomment limit_req lines for upload rate limiting (see comments in the config)

see docs/benchmark.md for performance numbers.

usage

browser

visit the site, select a file, done. options for encryption, torrent, and expiry are on the page. works without JavaScript.

API

# upload
curl -X PUT --data-binary @file.bin https://yoursite.com/upload/file.bin
# upload (JSON response for ShareX / scripts)
curl -X PUT -H "Accept: application/json" \
 --data-binary @file.bin https://yoursite.com/upload/file.bin
# {"success":true,"url":"https://yoursite.com/f/aBcDeF/file.bin"}
# encrypted upload
curl -X PUT -H "X-Encrypt: 1" \
 --data-binary @file.bin https://yoursite.com/upload/file.bin
# one-liner for .bashrc
hau() {
 curl -X PUT --data-binary @"1ドル" \
 "https://yoursite.com/upload/$(basename "1ドル")"
}

full API docs at /api on a running instance.

ShareX

download the .sxcu config from a running instance and open it in ShareX. note: i don't use ShareX — if the config is broken, please open an issue.

config

see config.toml.example for all options. key settings:

option default description
port 4495 listen port
base_url http://localhost:4495 public URL for generated links
storage_dir ./files where uploads are stored
db_path ./hauserver2.redb embedded database file
max_file_size_gb 300 max upload size
buffer_size_kb 1024 upload buffer (tuned via benchmark)
max_concurrent_uploads 100 concurrent upload limit (OOM protection)
server_mode frontend_backend frontend_backend, backend_slave, or frontend_master

rate limiting

hauserver2 relies on nginx for rate limiting. see utils/hauserver2.nginxconf for the recommended setup. add limit_req_zone to your main nginx.conf and uncomment the limit_req lines in the site config.

multi-node mode

for distributed deployments, set server_mode = "frontend_master" and configure slaves:

[server]
server_mode = "frontend_master"
slaves = [
 { url = "https://node1.example.com", weight = "auto" },
 { url = "https://node2.example.com", weight = "auto" },
]

clients upload directly to slaves (no proxying). slaves report free disk space via /weight for automatic load balancing.

performance

on a 3-vCPU Xeon @ 2.2GHz (see docs/benchmark.md):

  • 41,000 req/s on index page
  • 100 simultaneous 1MB uploads in 1.3 seconds
  • 1.0 GB/s download throughput (direct), 3.6 GB/s behind nginx

roadmap

  • (削除) configurable short URL length (削除ここまで)
  • (削除) ShareX custom uploader config (削除ここまで)
  • (削除) JSON API responses (削除ここまで)
  • (削除) file deduplication (削除ここまで)
  • (削除) embedded database (redb) (削除ここまで)
  • (削除) sendfile for unencrypted downloads (削除ここまで)
  • (削除) concurrent upload limiting (削除ここまで)
  • (削除) refactor code into separate files/modules (削除ここまで)
  • inline file viewing (correct Content-Type for images/video, ?download to force download)
  • client-side encryption (encrypt in browser before upload — server never sees plaintext)
  • metadata stripping (auto-strip EXIF/GPS from images on upload)
  • zero-knowledge encrypted file lists (share multiple encrypted files under one URL)
  • s3-compatible storage backend (S3/MinIO/R2 instead of local disk)
  • (削除) multi-node auto-weighting (distribute uploads by node capacity/load) (削除ここまで)
  • better support for multiple frontends (shared DB, cross-node dedup, single download domain)
  • onion service auto-configuration
  • (削除) multiple file upload per request (drag & drop, paste, multi-file picker) (削除ここまで)
  • file retention policies (auto-delete after X days of no downloads)
  • (削除) canary page (削除ここまで)

privacy by design

hauserver2 collects no logs by default. there are no accounts, no analytics, no tracking cookies, no fingerprinting. IP addresses are never written to disk or database. encrypted uploads use AES-256-CTR with a unique key per file — the server stores only ciphertext and cannot decrypt without the key in the URL.

fine-tuning

see utils/sysctl.conf for recommended kernel settings (TCP buffers, BBR, connection backlog, memory tuning):

cp utils/sysctl.conf /etc/sysctl.d/99-hauserver2.conf
sysctl -p /etc/sysctl.d/99-hauserver2.conf