2016-11-01 05:17:54 +01:00
|
|
|
|
The Null Pointer
|
|
|
|
|
================
|
|
|
|
|
|
|
|
|
|
This is a no-bullshit file hosting and URL shortening service that also runs
|
|
|
|
|
`0x0.st <https://0x0.st>`_. Use with uWSGI.
|
|
|
|
|
|
2020-12-29 12:27:21 +01:00
|
|
|
|
Configuration
|
|
|
|
|
-------------
|
|
|
|
|
|
2022-11-27 04:56:38 +01:00
|
|
|
|
To configure 0x0, copy ``instance/config.example.py`` to ``instance/config.py``, then edit
|
|
|
|
|
it. Resonable defaults are set, but there's a couple options you'll need to change
|
|
|
|
|
before running 0x0 for the first time.
|
2022-11-20 13:05:17 +01:00
|
|
|
|
|
2022-11-27 04:56:38 +01:00
|
|
|
|
By default, the configuration is stored in the Flask instance directory.
|
|
|
|
|
Normally, this is in `./instance`, but it might be different for your system.
|
|
|
|
|
For details, see
|
2022-11-20 13:05:17 +01:00
|
|
|
|
`the Flask documentation <https://flask.palletsprojects.com/en/2.0.x/config/#instance-folders>`_.
|
2020-12-29 12:27:21 +01:00
|
|
|
|
|
2021-01-01 23:08:17 +01:00
|
|
|
|
To customize the home and error pages, simply create a ``templates`` directory
|
|
|
|
|
in your instance directory and copy any templates you want to modify there.
|
|
|
|
|
|
2016-11-01 05:17:54 +01:00
|
|
|
|
If you are running nginx, you should use the ``X-Accel-Redirect`` header.
|
|
|
|
|
To make it work, include this in your nginx config’s ``server`` block::
|
|
|
|
|
|
|
|
|
|
location /up {
|
|
|
|
|
internal;
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-29 12:27:21 +01:00
|
|
|
|
where ``/up`` is whatever you’ve configured as ``FHOST_STORAGE_PATH``.
|
2016-11-01 05:17:54 +01:00
|
|
|
|
|
|
|
|
|
For all other servers, set ``FHOST_USE_X_ACCEL_REDIRECT`` to ``False`` and
|
|
|
|
|
``USE_X_SENDFILE`` to ``True``, assuming your server supports this.
|
2022-11-20 16:54:46 +01:00
|
|
|
|
Otherwise, Flask will serve the file with chunked encoding, which has several
|
|
|
|
|
downsides, one of them being that range requests will not work. This is a
|
|
|
|
|
problem for example when streaming media files: It won’t be possible to seek,
|
|
|
|
|
and some ISOBMFF (MP4) files will not play at all.
|
2016-11-01 05:17:54 +01:00
|
|
|
|
|
2022-11-29 17:23:30 +01:00
|
|
|
|
To make files expire, simply run ``FLASK_APP=fhost flask prune`` every
|
|
|
|
|
now and then. You can use the provided systemd unit files for this::
|
|
|
|
|
|
|
|
|
|
0x0-prune.service
|
|
|
|
|
0x0-prune.timer
|
|
|
|
|
|
|
|
|
|
Make sure to edit them to match your system configuration. In particular,
|
|
|
|
|
set the user and paths in ``0x0-prune.service``.
|
2016-11-01 05:17:54 +01:00
|
|
|
|
|
2022-11-29 17:23:56 +01:00
|
|
|
|
Before running the service for the first time and every time you update it
|
|
|
|
|
from this git repository, run ``FLASK_APP=fhost flask db upgrade``.
|
2016-11-01 05:17:54 +01:00
|
|
|
|
|
|
|
|
|
|
2017-10-27 05:22:11 +02:00
|
|
|
|
NSFW Detection
|
|
|
|
|
--------------
|
|
|
|
|
|
|
|
|
|
0x0 supports classification of NSFW content via Yahoo’s open_nsfw Caffe
|
|
|
|
|
neural network model. This works for images and video files and requires
|
|
|
|
|
the following:
|
|
|
|
|
|
|
|
|
|
* Caffe Python module (built for Python 3)
|
2022-11-29 21:46:33 +01:00
|
|
|
|
* `PyAV <https://github.com/PyAV-Org/PyAV>`_
|
2022-08-19 22:27:29 +02:00
|
|
|
|
|
|
|
|
|
|
2022-12-12 07:25:30 +01:00
|
|
|
|
Virus Scanning
|
|
|
|
|
--------------
|
|
|
|
|
|
|
|
|
|
0x0 can scan its files with ClamAV’s daemon. As this can take a long time
|
|
|
|
|
for larger files, this does not happen immediately but instead every time
|
|
|
|
|
you run the ``vscan`` command. It is recommended to configure a systemd
|
|
|
|
|
timer or cronjob to do this periodically. Examples are included::
|
|
|
|
|
|
|
|
|
|
0x0-vscan.service
|
|
|
|
|
0x0-vscan.timer
|
|
|
|
|
|
|
|
|
|
Remember to adjust your size limits in clamd.conf!
|
|
|
|
|
|
|
|
|
|
This feature requires the `clamd module <https://pypi.org/project/clamd/>`_.
|
|
|
|
|
|
|
|
|
|
|
2022-08-19 22:27:29 +02:00
|
|
|
|
Network Security Considerations
|
|
|
|
|
-------------------------------
|
|
|
|
|
|
|
|
|
|
Keep in mind that 0x0 can fetch files from URLs. This includes your local
|
|
|
|
|
network! You should take precautions so that this feature cannot be abused.
|
|
|
|
|
0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
|
|
|
|
|
use firewall rules and/or namespaces. This is less error-prone anyway.
|
|
|
|
|
|
|
|
|
|
For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
|
|
|
|
|
it’s very easy to create a group on your system and use it as a condition
|
|
|
|
|
in your firewall rules. You would then run the application server under that
|
|
|
|
|
group.
|