No-bullshit file hosting and URL shortening service https://0x0.st
Find a file
Mia Herkt 45a414c5ee
Implement request filters
This moves preexisting blacklists to the database, and adds the
following filter types:

    * IP address
    * IP network
    * MIME type
    * User agent

In addition, IP address handling is now done with the ipaddress
module.
2024-09-27 18:30:28 +02:00
instance Implement request filters 2024-09-27 18:30:28 +02:00
migrations Implement request filters 2024-09-27 18:30:28 +02:00
modui ModUI: Update for Textual 0.54.0 2024-03-30 18:23:37 +01:00
templates Implement request filters 2024-09-27 18:30:28 +02:00
tests Fix URL test issue 2022-12-13 23:18:40 +01:00
.gitignore Support instance config 2021-05-23 19:13:51 +02:00
.mailmap Add mailmap 2021-05-23 19:13:51 +02:00
0x0-prune.service Add example systemd unit files for prune job 2022-11-29 17:23:30 +01:00
0x0-prune.timer Add example systemd unit files for prune job 2022-11-29 17:23:30 +01:00
0x0-vscan.service Add support for ClamAV 2022-12-12 07:35:05 +01:00
0x0-vscan.timer Add support for ClamAV 2022-12-12 07:35:05 +01:00
cleanup.py Add support for expiring files 2022-11-29 13:09:26 +01:00
fhost.py Implement request filters 2024-09-27 18:30:28 +02:00
LICENSE Change license to EUPL 2020-11-03 04:01:30 +01:00
mod.css ModUI: Update for Textual 0.54.0 2024-03-30 18:23:37 +01:00
mod.py Implement request filters 2024-09-27 18:30:28 +02:00
modui.webp README: Add ModUI screenshot 2022-12-20 16:57:07 +01:00
nsfw_detect.py Replace NSFW detector implementation 2024-09-27 06:34:14 +02:00
pyproject.toml Add tests 2021-05-23 19:13:51 +02:00
README.rst Replace NSFW detector implementation 2024-09-27 06:34:14 +02:00
requirements.txt Implement request filters 2024-09-27 18:30:28 +02:00

The Null Pointer

This is a no-bullshit file hosting and URL shortening service that also runs 0x0.st. Use with uWSGI.

Configuration

To configure 0x0, copy instance/config.example.py to instance/config.py, then edit it. Resonable defaults are set, but there's a couple options you'll need to change before running 0x0 for the first time.

By default, the configuration is stored in the Flask instance directory. Normally, this is in ./instance, but it might be different for your system. For details, see the Flask documentation.

To customize the home and error pages, simply create a templates directory in your instance directory and copy any templates you want to modify there.

If you are running nginx, you should use the X-Accel-Redirect header. To make it work, include this in your nginx configs server block:

location /up {
    internal;
}

where /up is whatever youve configured as FHOST_STORAGE_PATH.

For all other servers, set FHOST_USE_X_ACCEL_REDIRECT to False and USE_X_SENDFILE to True, assuming your server supports this. Otherwise, Flask will serve the file with chunked encoding, which has several downsides, one of them being that range requests will not work. This is a problem for example when streaming media files: It wont be possible to seek, and some ISOBMFF (MP4) files will not play at all.

To make files expire, simply run FLASK_APP=fhost flask prune every now and then. You can use the provided systemd unit files for this:

0x0-prune.service
0x0-prune.timer

Make sure to edit them to match your system configuration. In particular, set the user and paths in 0x0-prune.service.

Before running the service for the first time and every time you update it from this git repository, run FLASK_APP=fhost flask db upgrade.

Moderation UI

image

0x0 features a TUI program for file moderation. With it, you can view a list of uploaded files, as well as extended information on them. It allows you to take actions like removing files temporarily or permanently, as well as blocking IP addresses and associated files.

If a sufficiently recent version of python-mpv with libmpv is present and your terminal supports it, you also get graphical file previews, including video playback. Upstream mpv currently supports sixels and the kitty graphics protocol. For this to work, set the MOD_PREVIEW_PROTO option in instance/config.py.

Requirements:

Optional:

  • python-mpv (graphical previews)
  • PyAV (information on multimedia files)
  • PyMuPDF (previews and file information for PDF, XPS, EPUB, MOBI and FB2)
  • libarchive-c (archive content listing)

Note

Mosh currently does not support sixels or kitty graphics.

Hint

You may need to set the COLORTERM environment variable to truecolor.

Tip

Using compression with SSH (-C option) can significantly reduce the bandwidth requirements for graphics.

NSFW Detection

0x0 supports classification of NSFW content via a machine learning model. This works for images and video files and requires the following Python modules:

  • torch
  • transformers
  • pillow
  • av

Virus Scanning

0x0 can scan its files with ClamAVs daemon. As this can take a long time for larger files, this does not happen immediately but instead every time you run the vscan command. It is recommended to configure a systemd timer or cronjob to do this periodically. Examples are included:

0x0-vscan.service
0x0-vscan.timer

Remember to adjust your size limits in clamd.conf, including StreamMaxLength!

This feature requires the clamd module.

Network Security Considerations

Keep in mind that 0x0 can fetch files from URLs. This includes your local network! You should take precautions so that this feature cannot be abused. 0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can use firewall rules and/or namespaces. This is less error-prone anyway.

For instance, if you are using the excellent FireHOL, its very easy to create a group on your system and use it as a condition in your firewall rules. You would then run the application server under that group.