Go to file
mutantmonkey 207c19e3df Add -s3-force-path-style flag and config option (#157)
This option forces path-style addressing instead of using a subdomain.
This appears to be needed by Minio.
2019-01-25 00:10:06 -08:00
backends Add -s3-force-path-style flag and config option (#157) 2019-01-25 00:10:06 -08:00
expiry Add linx-cleanup tool 2017-05-01 21:27:28 -07:00
helpers Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
linx-cleanup Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
linx-genkey Remove artifact 2015-10-11 21:42:00 -04:00
static Cosmetic tweaks & fixes 2019-01-16 02:27:05 -08:00
templates Cosmetic tweaks & fixes 2019-01-16 02:27:05 -08:00
torrent Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
.gitignore Add linx-cleanup tool 2017-05-01 21:27:28 -07:00
.travis.yml Fix Travis parsing of 1.10 as 1.1 2019-01-08 11:28:10 -08:00
Dockerfile Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
LICENSE.txt Updated README and license 2015-09-28 23:46:50 -04:00
README.md Add -s3-force-path-style flag and config option (#157) 2019-01-25 00:10:06 -08:00
auth.go Rename auth header to Linx-Api-Key and remove 2015-10-14 16:18:29 -04:00
auth_test.go Rename auth header to Linx-Api-Key and remove 2015-10-14 16:18:29 -04:00
build.sh Add linx-cleanup to build script 2017-10-10 22:14:53 -07:00
csp.go Switch to Referrer-Policy header (#149) 2019-01-08 11:56:09 -08:00
csp_test.go Allow changing the "selif" path name 2019-01-14 14:55:27 -08:00
csrf.go Cleanup 2015-10-14 22:47:36 -04:00
delete.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
display.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
expiry.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
fileserve.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
headers.go Infer site URL from host and headers 2016-06-04 18:34:22 -07:00
linx-server.service Add Install-section to systemd-service 2016-10-09 14:59:54 +02:00
pages.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
server.go Add -s3-force-path-style flag and config option (#157) 2019-01-25 00:10:06 -08:00
server_test.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
templates.go Allow changing the "selif" path name 2019-01-14 14:55:27 -08:00
torrent.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
torrent_test.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
upload.go Add S3 backend (#156) 2019-01-24 23:33:11 -08:00
util.go Remove mime type to extension map from util.go 2017-03-25 15:11:21 -07:00

README.md

linx-server

Build Status

Self-hosted file/media sharing website.

Features

  • Display common filetypes (image, video, audio, markdown, pdf)
  • Display syntax-highlighted code with in-place editing
  • Documented API with keys if need to restrict uploads (can use linx-client for uploading through command-line)
  • Torrent download of files using web seeding
  • File expiry, deletion key, and random filename options

Screenshots


Get release and run

  1. Grab the latest binary from the releases
  2. Run ./linx-server

Usage

Configuration

All configuration options are accepted either as arguments or can be placed in an ini-style file as such:

maxsize = 4294967296
allowhotlink = true
# etc

...and then invoke linx-server -config path/to/config.ini

Options

  • -bind 127.0.0.1:8080 -- what to bind to (default is 127.0.0.1:8080)
  • -sitename myLinx -- the site name displayed on top (default is inferred from Host header)
  • -siteurl "http://mylinx.example.org/" -- the site url (default is inferred from execution context)
  • -selifpath "selif" -- path relative to site base url (the "selif" in mylinx.example.org/selif/image.jpg) where files are accessed directly (default: selif)
  • -maxsize 4294967296 -- maximum upload file size in bytes (default 4GB)
  • -maxexpiry 86400 -- maximum expiration time in seconds (default is 0, which is no expiry)
  • -allowhotlink -- Allow file hotlinking
  • -contentsecuritypolicy "..." -- Content-Security-Policy header for pages (default is "default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; frame-ancestors 'self';")
  • -filecontentsecuritypolicy "..." -- Content-Security-Policy header for files (default is "default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; frame-ancestors 'self';")
  • -refererpolicy "..." -- Referrer-Policy header for pages (default is "same-origin")
  • -filereferrerpolicy "..." -- Referrer-Policy header for files (default is "same-origin")
  • -xframeoptions "..." -- X-Frame-Options header (default is "SAMEORIGIN")
  • -remoteuploads -- (optionally) enable remote uploads (/upload?url=https://...)
  • -nologs -- (optionally) disable request logs in stdout

Storage backends

The following storage backends are available:

Name Options Notes
LocalFS -filespath files/ -- Path to store uploads (default is files/)
-metapath meta/ -- Path to store information about uploads (default is meta/)
Enabled by default, this backend uses the filesystem
S3 -s3-endpoint https://... -- S3 endpoint
-s3-region us-east-1 -- S3 region
-s3-bucket mybucket -- S3 bucket to use for files and metadata
-s3-use-path-style -- force path-style addresing (e.g. https://s3.amazonaws.com/linx/example.txt)

Environment variables to provide:
AWS_ACCESS_KEY_ID -- the S3 access key
AWS_SECRET_ACCESS_KEY -- the S3 secret key
AWS_SESSION_TOKEN (optional) -- the S3 session token
Use with any S3-compatible provider.
This implementation will stream files through the linx instance (every download will request and stream the file from the S3 bucket).

For high-traffic environments, one might consider using an external caching layer such as described in this article.

SSL with built-in server

  • -certfile path/to/your.crt -- Path to the ssl certificate (required if you want to use the https server)
  • -keyfile path/to/your.key -- Path to the ssl key (required if you want to use the https server)

Use with http proxy

  • -realip -- let linx-server know you (nginx, etc) are providing the X-Real-IP and/or X-Forwarded-For headers.

Use with fastcgi

  • -fastcgi -- serve through fastcgi

Require API Keys for uploads

  • -authfile path/to/authfile -- (optionally) require authorization for upload/delete by providing a newline-separated file of scrypted auth keys
  • -remoteauthfile path/to/remoteauthfile -- (optionally) require authorization for remote uploads by providing a newline-separated file of scrypted auth keys

A helper utility linx-genkey is provided which hashes keys to the format required in the auth files.

Cleaning up expired files

When files expire, access is disabled immediately, but the files and metadata will persist on disk until someone attempts to access them. If you'd like to automatically clean up files that have expired, you can use the included linx-cleanup utility. To run it automatically, use a cronjob or similar type of scheduled task.

You should be careful to ensure that only one instance of linx-client runs at a time to avoid unexpected behavior. It does not implement any type of locking.

Options

  • -filespath files/ -- Path to stored uploads (default is files/)
  • -metapath meta/ -- Path to stored information about uploads (default is meta/)
  • -nologs -- (optionally) disable deletion logs in stdout

Deployment

Linx-server supports being deployed in a subdirectory (ie. example.com/mylinx/) as well as on its own (example.com/).

1. Using fastcgi

A suggested deployment is running nginx in front of linx-server serving through fastcgi. This allows you to have nginx handle the TLS termination for example.
An example configuration:

server {
    ...
    server_name yourlinx.example.org;
    ...
    
    client_max_body_size 4096M;
    location / {
        fastcgi_pass 127.0.0.1:8080;
        include fastcgi_params;
    }
}

And run linx-server with the -fastcgi option.

2. Using the built-in https server

Run linx-server with the -certfile path/to/cert.file and -keyfile path/to/key.file options.

3. Using the built-in http server

Run linx-server normally.

4. Using Docker with the built-in http server

First, build the image: docker build -t linx-server .

You'll need some directories for the persistent storage. For the purposes of this example, we will use /media/meta and /media/files.

Then, run it: docker run -p 8080:8080 -v /media/meta:/data/meta -v /media/files:/data/files linx-server

Development

Any help is welcome, PRs will be reviewed and merged accordingly.
The official IRC channel is #linx on irc.oftc.net

  1. go get -u github.com/andreimarcu/linx-server
  2. cd $GOPATH/src/github.com/andreimarcu/linx-server
  3. go build && ./linx-server

License

Copyright (C) 2015 Andrei Marcu

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Author

Andrei Marcu, http://andreim.net/