- Go 96.1%
- Shell 2.7%
- Dockerfile 1.2%
| init | add auto update key | |
| .gitignore | refactor storage | |
| build_and_push.sh | beep | |
| common.go | Refactor config to be a bit more dry | |
| config.go | waa | |
| Containerfile | bwaa | |
| file.go | oops | |
| go.mod | bump | |
| go.sum | bump | |
| LICENSE | license | |
| main.go | remove a few unnecessary returns | |
| randomstring.go | tidy | |
| README.md | ahaaa | |
| storage.go | oops | |
| users.go | remove a few unnecessary returns | |
A temporary upload server
Changelog!
v2.1.1
- now you can spam as much data as you want at it, and it'll no longer run into silly race conditions when trying to read and write from the global state at the same time! :D
v2.0.0
- breaking changes for end-users/clients! the shitty webpage is gone in favor of simplifying the routing and endpoints.
- the data schema has changed and is incompatible with older versions.
- Authentication now uses a base64 encoded
user:passwordto reduce the code overhead of having a large number of users and reliance on loops. - simplified the api significantly, also added
?jsonquery strings to list endpoints for programatic interaction - UPLOAD_PRESETADMINTOKEN has been renamed to UPLOAD_PRESETADMINPASSWORD
v1.1.1
fixed up a whole bunch of shit and closed some holes with incorrectly non-returning authentication based functionality 🙈
running
go build
./upload --config=/path/to/config.toml
also available as a container image
example config
It's not necessary to set all of these options, the example below lists the defaults.
dataPath = '/var/lib/upload'
ttl = '24h'
scanTime = '30s'
bindAddress = ':8080'
basePath = '/upload'
at a minimum you'll want to set dataPath, bindAddress
Time units for TTL and scanTime are taken from go's time.ParseDuration()
Valid time units are "ns", "us" (or "μs"), "ms", "s", "m", "h".
dataPathis where you want the data to be storedttlis how long you want uploaded files to live before being deletedscanTimeis how often you want to check for expired filesbindAddressis the address you want the application to listen on, (i.e :8080 or 127.0.0.1:8080)basePathis the base path to this server (i.e /upload)schemeis the target scheme for redirects if you want to explicitly set this. defaults to httpspresetAdminPasswordallows you to use a predefined string as the initial admin token instead of the default behaviour of randomly generating the initial admin passwordmaxUploadBytesis the upload limit in bytes.
It is also possible to set config options through environment variables:
- UPLOAD_DATAPATH
- UPLOAD_TTL
- UPLOAD_SCANTIME
- UPLOAD_BINDADDRESS
- UPLOAD_BASEPATH
- UPLOAD_SCHEME
- UPLOAD_PRESETADMINPASSWORD
- UPLOAD_MAXUPLOADBYTES
uploading
curl examples
curl -H"Authentication: <token>" http://localhost:8080 --form file=@somefile.png
You have the option when uploading a file to make it "private", this file can only be downloaded by another authenticated user.
curl -H"Authentication: <token>" http://localhost:8080 --form file=@somefile.png --form private=true
And make a file available only for a single download:
curl -H"Authentication: <token>" http://localhost:8080 --form file=@somefile.png --form single=true
or both
curl -H"Authentication: <token>" http://localhost:8080 --form file=@somefile.png --form private=true --form single=true
for compatibility with things that do not support multipart forms, you can also send the file in the body of the request. you can test this with curl via:
curl -H"Authentication: <token>" http://localhost:8080 --data-binary @somefile.png
when uploading a file in the body of the request, you can specify upload options for single-use or authenticated-only downloads via query strings in the url. like:
curl -H"Authentication: <token>" http://localhost:8080?single=true&private=true --data-binary @somefile.png
auth tokens
On first start, the application will output it's first admin token in the logs. keep this somewhere safe.
You can use the initial admin tokens to create new user and admin tokens.
Authentication can be done via the following:
- the header:
Authentication: <password> - the header:
Authorization: bearer <password> - basic auth: you'll need to base64 decode the token to get the basic auth credentials.
- the
?token=url query string
user actions
DELETE <basepath>/file.extmanually removes a file, users can only remove their own files, admins can remove all files.GET <basepath>/fileslists files you have uploaded. appending?jsonwill print the response in json format.
admin actions
holders of admin keys can interact with the server with the following methods:
GET <basepath>/userslists all users, their creation timestamp, and a boolean for if they are admin. appending?jsonwill print the result in json formatPUT <basepath>/users/<name>creates a new token with the name specified, returns the token's authentication keyDELETE <basepath>/users/<name>revokes a tokenGET <basepath>/files?alllists all files from all users.