2015-09-24 07:44:49 +02:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"flag"
|
|
|
|
"log"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
2015-10-01 16:32:59 +02:00
|
|
|
"net/http/fcgi"
|
2015-09-26 04:03:14 +02:00
|
|
|
"os"
|
2015-09-28 04:17:12 +02:00
|
|
|
"regexp"
|
2015-10-01 16:32:59 +02:00
|
|
|
"strconv"
|
2015-09-30 21:54:30 +02:00
|
|
|
"time"
|
2015-09-24 07:44:49 +02:00
|
|
|
|
2015-09-29 02:46:58 +02:00
|
|
|
"github.com/GeertJohan/go.rice"
|
2015-09-25 05:21:37 +02:00
|
|
|
"github.com/flosch/pongo2"
|
2015-10-07 18:48:44 +02:00
|
|
|
"github.com/zenazn/goji/graceful"
|
2015-10-10 08:04:08 +02:00
|
|
|
"github.com/zenazn/goji/web"
|
2015-09-25 18:00:14 +02:00
|
|
|
"github.com/zenazn/goji/web/middleware"
|
2015-09-24 07:44:49 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
var Config struct {
|
2015-10-04 23:58:00 +02:00
|
|
|
bind string
|
|
|
|
filesDir string
|
|
|
|
metaDir string
|
|
|
|
siteName string
|
|
|
|
siteURL string
|
2015-10-07 18:48:44 +02:00
|
|
|
certFile string
|
|
|
|
keyFile string
|
2015-10-04 23:58:00 +02:00
|
|
|
contentSecurityPolicy string
|
|
|
|
fileContentSecurityPolicy string
|
|
|
|
xFrameOptions string
|
2015-10-08 07:38:50 +02:00
|
|
|
maxSize int64
|
2015-10-12 02:32:28 +02:00
|
|
|
realIp bool
|
2015-10-06 08:51:49 +02:00
|
|
|
noLogs bool
|
|
|
|
allowHotlink bool
|
|
|
|
fastcgi bool
|
|
|
|
remoteUploads bool
|
2015-10-10 21:26:47 +02:00
|
|
|
authFile string
|
2015-10-12 04:31:13 +02:00
|
|
|
remoteAuthFile string
|
2015-09-24 07:44:49 +02:00
|
|
|
}
|
|
|
|
|
2015-09-29 02:46:58 +02:00
|
|
|
var Templates = make(map[string]*pongo2.Template)
|
|
|
|
var TemplateSet *pongo2.TemplateSet
|
2015-09-30 21:54:30 +02:00
|
|
|
var staticBox *rice.Box
|
|
|
|
var timeStarted time.Time
|
2015-10-01 16:32:59 +02:00
|
|
|
var timeStartedStr string
|
2015-10-12 04:31:13 +02:00
|
|
|
var remoteAuthKeys []string
|
2015-09-29 02:46:58 +02:00
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
func setup() *web.Mux {
|
|
|
|
mux := web.New()
|
|
|
|
|
|
|
|
// middleware
|
|
|
|
mux.Use(middleware.RequestID)
|
|
|
|
|
2015-10-12 02:32:28 +02:00
|
|
|
if Config.realIp {
|
2015-10-10 17:22:24 +02:00
|
|
|
mux.Use(middleware.RealIP)
|
|
|
|
}
|
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
if !Config.noLogs {
|
|
|
|
mux.Use(middleware.Logger)
|
|
|
|
}
|
|
|
|
|
|
|
|
mux.Use(middleware.Recoverer)
|
|
|
|
mux.Use(middleware.AutomaticOptions)
|
|
|
|
mux.Use(ContentSecurityPolicy(CSPOptions{
|
2015-10-04 23:58:00 +02:00
|
|
|
policy: Config.contentSecurityPolicy,
|
|
|
|
frame: Config.xFrameOptions,
|
|
|
|
}))
|
|
|
|
|
2015-10-10 21:26:47 +02:00
|
|
|
if Config.authFile != "" {
|
|
|
|
mux.Use(UploadAuth(AuthOptions{
|
|
|
|
AuthFile: Config.authFile,
|
|
|
|
UnauthMethods: []string{"GET", "HEAD", "OPTIONS", "TRACE"},
|
|
|
|
}))
|
|
|
|
}
|
|
|
|
|
2015-09-28 04:17:12 +02:00
|
|
|
// make directories if needed
|
2015-09-29 02:46:58 +02:00
|
|
|
err := os.MkdirAll(Config.filesDir, 0755)
|
2015-09-26 04:03:14 +02:00
|
|
|
if err != nil {
|
2015-10-06 08:49:57 +02:00
|
|
|
log.Fatal("Could not create files directory:", err)
|
2015-09-26 04:03:14 +02:00
|
|
|
}
|
2015-09-25 18:47:55 +02:00
|
|
|
|
2015-09-28 04:17:12 +02:00
|
|
|
err = os.MkdirAll(Config.metaDir, 0700)
|
|
|
|
if err != nil {
|
2015-10-06 08:49:57 +02:00
|
|
|
log.Fatal("Could not create metadata directory:", err)
|
2015-09-28 04:17:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// ensure siteURL ends wth '/'
|
|
|
|
if lastChar := Config.siteURL[len(Config.siteURL)-1:]; lastChar != "/" {
|
|
|
|
Config.siteURL = Config.siteURL + "/"
|
|
|
|
}
|
|
|
|
|
2015-09-29 02:46:58 +02:00
|
|
|
// Template setup
|
2015-09-29 03:58:50 +02:00
|
|
|
p2l, err := NewPongo2TemplatesLoader()
|
2015-09-29 02:46:58 +02:00
|
|
|
if err != nil {
|
2015-10-06 08:49:57 +02:00
|
|
|
log.Fatal("Error: could not load templates", err)
|
2015-09-29 02:46:58 +02:00
|
|
|
}
|
|
|
|
TemplateSet := pongo2.NewSet("templates", p2l)
|
|
|
|
TemplateSet.Globals["sitename"] = Config.siteName
|
2015-10-09 03:48:06 +02:00
|
|
|
TemplateSet.Globals["siteurl"] = Config.siteURL
|
2015-10-14 21:20:41 +02:00
|
|
|
TemplateSet.Globals["using_auth"] = Config.authFile != ""
|
2015-09-29 02:46:58 +02:00
|
|
|
err = populateTemplatesMap(TemplateSet, Templates)
|
|
|
|
if err != nil {
|
2015-10-06 08:49:57 +02:00
|
|
|
log.Fatal("Error: could not load templates", err)
|
2015-09-29 02:46:58 +02:00
|
|
|
}
|
2015-09-25 05:21:37 +02:00
|
|
|
|
2015-09-30 21:54:30 +02:00
|
|
|
staticBox = rice.MustFindBox("static")
|
|
|
|
timeStarted = time.Now()
|
2015-10-01 16:32:59 +02:00
|
|
|
timeStartedStr = strconv.FormatInt(timeStarted.Unix(), 10)
|
2015-09-30 21:54:30 +02:00
|
|
|
|
2015-09-25 05:21:37 +02:00
|
|
|
// Routing setup
|
2015-09-24 07:44:49 +02:00
|
|
|
nameRe := regexp.MustCompile(`^/(?P<name>[a-z0-9-\.]+)$`)
|
|
|
|
selifRe := regexp.MustCompile(`^/selif/(?P<name>[a-z0-9-\.]+)$`)
|
2015-09-29 05:46:43 +02:00
|
|
|
selifIndexRe := regexp.MustCompile(`^/selif/$`)
|
2015-09-29 07:58:14 +02:00
|
|
|
torrentRe := regexp.MustCompile(`^/(?P<name>[a-z0-9-\.]+)/torrent$`)
|
2015-09-24 07:44:49 +02:00
|
|
|
|
2015-10-10 21:26:47 +02:00
|
|
|
if Config.authFile == "" {
|
|
|
|
mux.Get("/", indexHandler)
|
|
|
|
mux.Get("/paste/", pasteHandler)
|
|
|
|
} else {
|
|
|
|
mux.Get("/", http.RedirectHandler("/API", 303))
|
|
|
|
mux.Get("/paste/", http.RedirectHandler("/API/", 303))
|
|
|
|
}
|
2015-10-10 08:04:08 +02:00
|
|
|
mux.Get("/paste", http.RedirectHandler("/paste/", 301))
|
2015-10-10 21:26:47 +02:00
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
mux.Get("/API/", apiDocHandler)
|
|
|
|
mux.Get("/API", http.RedirectHandler("/API/", 301))
|
2015-09-25 18:00:14 +02:00
|
|
|
|
2015-10-02 02:58:08 +02:00
|
|
|
if Config.remoteUploads {
|
2015-10-10 08:04:08 +02:00
|
|
|
mux.Get("/upload", uploadRemote)
|
|
|
|
mux.Get("/upload/", uploadRemote)
|
2015-10-12 04:31:13 +02:00
|
|
|
|
|
|
|
if Config.remoteAuthFile != "" {
|
|
|
|
remoteAuthKeys = readAuthKeys(Config.remoteAuthFile)
|
|
|
|
}
|
2015-10-02 02:58:08 +02:00
|
|
|
}
|
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
mux.Post("/upload", uploadPostHandler)
|
|
|
|
mux.Post("/upload/", uploadPostHandler)
|
|
|
|
mux.Put("/upload", uploadPutHandler)
|
|
|
|
mux.Put("/upload/:name", uploadPutHandler)
|
2015-10-14 22:13:29 +02:00
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
mux.Delete("/:name", deleteHandler)
|
|
|
|
|
|
|
|
mux.Get("/static/*", staticHandler)
|
|
|
|
mux.Get("/favicon.ico", staticHandler)
|
|
|
|
mux.Get("/robots.txt", staticHandler)
|
|
|
|
mux.Get(nameRe, fileDisplayHandler)
|
|
|
|
mux.Get(selifRe, fileServeHandler)
|
|
|
|
mux.Get(selifIndexRe, unauthorizedHandler)
|
|
|
|
mux.Get(torrentRe, fileTorrentHandler)
|
|
|
|
mux.NotFound(notFoundHandler)
|
|
|
|
|
|
|
|
return mux
|
2015-09-28 18:30:21 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func main() {
|
2015-10-10 08:06:28 +02:00
|
|
|
flag.StringVar(&Config.bind, "bind", "127.0.0.1:8080",
|
2015-09-28 18:30:21 +02:00
|
|
|
"host to bind to (default: 127.0.0.1:8080)")
|
|
|
|
flag.StringVar(&Config.filesDir, "filespath", "files/",
|
|
|
|
"path to files directory")
|
|
|
|
flag.StringVar(&Config.metaDir, "metapath", "meta/",
|
|
|
|
"path to metadata directory")
|
|
|
|
flag.BoolVar(&Config.noLogs, "nologs", false,
|
|
|
|
"remove stdout output for each request")
|
2015-09-30 01:28:10 +02:00
|
|
|
flag.BoolVar(&Config.allowHotlink, "allowhotlink", false,
|
|
|
|
"Allow hotlinking of files")
|
2015-09-28 18:30:21 +02:00
|
|
|
flag.StringVar(&Config.siteName, "sitename", "linx",
|
|
|
|
"name of the site")
|
|
|
|
flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/",
|
|
|
|
"site base url (including trailing slash)")
|
2015-10-08 07:38:50 +02:00
|
|
|
flag.Int64Var(&Config.maxSize, "maxsize", 4*1024*1024*1024,
|
|
|
|
"maximum upload file size in bytes (default 4GB)")
|
2015-10-07 18:48:44 +02:00
|
|
|
flag.StringVar(&Config.certFile, "certfile", "",
|
|
|
|
"path to ssl certificate (for https)")
|
|
|
|
flag.StringVar(&Config.keyFile, "keyfile", "",
|
|
|
|
"path to ssl key (for https)")
|
2015-10-12 02:32:28 +02:00
|
|
|
flag.BoolVar(&Config.realIp, "realip", false,
|
|
|
|
"use X-Real-IP/X-Forwarded-For headers as original host")
|
2015-10-01 16:32:59 +02:00
|
|
|
flag.BoolVar(&Config.fastcgi, "fastcgi", false,
|
|
|
|
"serve through fastcgi")
|
2015-10-02 02:58:08 +02:00
|
|
|
flag.BoolVar(&Config.remoteUploads, "remoteuploads", false,
|
|
|
|
"enable remote uploads")
|
2015-10-10 21:26:47 +02:00
|
|
|
flag.StringVar(&Config.authFile, "authfile", "",
|
|
|
|
"path to a file containing newline-separated scrypted auth keys")
|
2015-10-12 04:31:13 +02:00
|
|
|
flag.StringVar(&Config.remoteAuthFile, "remoteauthfile", "",
|
|
|
|
"path to a file containing newline-separated scrypted auth keys for remote uploads")
|
2015-10-05 04:43:42 +02:00
|
|
|
flag.StringVar(&Config.contentSecurityPolicy, "contentsecuritypolicy",
|
2015-10-12 08:31:57 +02:00
|
|
|
"default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer origin;",
|
2015-10-04 23:58:00 +02:00
|
|
|
"value of default Content-Security-Policy header")
|
2015-10-05 04:43:42 +02:00
|
|
|
flag.StringVar(&Config.fileContentSecurityPolicy, "filecontentsecuritypolicy",
|
2015-10-12 08:31:57 +02:00
|
|
|
"default-src 'none'; img-src 'self'; object-src 'self'; media-src 'self'; sandbox; referrer origin;",
|
2015-10-04 23:58:00 +02:00
|
|
|
"value of Content-Security-Policy header for file access")
|
2015-10-05 04:43:42 +02:00
|
|
|
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
|
2015-10-04 23:58:00 +02:00
|
|
|
"value of X-Frame-Options header")
|
2015-09-28 18:30:21 +02:00
|
|
|
flag.Parse()
|
|
|
|
|
2015-10-10 08:04:08 +02:00
|
|
|
mux := setup()
|
2015-09-28 18:30:21 +02:00
|
|
|
|
2015-10-01 16:32:59 +02:00
|
|
|
if Config.fastcgi {
|
2015-10-07 18:48:44 +02:00
|
|
|
listener, err := net.Listen("tcp", Config.bind)
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal("Could not bind: ", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
log.Printf("Serving over fastcgi, bound on %s, using siteurl %s", Config.bind, Config.siteURL)
|
2015-10-10 08:04:08 +02:00
|
|
|
fcgi.Serve(listener, mux)
|
2015-10-07 18:48:44 +02:00
|
|
|
} else if Config.certFile != "" {
|
|
|
|
log.Printf("Serving over https, bound on %s, using siteurl %s", Config.bind, Config.siteURL)
|
2015-10-10 08:04:08 +02:00
|
|
|
err := graceful.ListenAndServeTLS(Config.bind, Config.certFile, Config.keyFile, mux)
|
2015-10-07 18:48:44 +02:00
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
2015-10-01 16:32:59 +02:00
|
|
|
} else {
|
2015-10-07 18:48:44 +02:00
|
|
|
log.Printf("Serving over http, bound on %s, using siteurl %s", Config.bind, Config.siteURL)
|
2015-10-10 08:04:08 +02:00
|
|
|
err := graceful.ListenAndServe(Config.bind, mux)
|
2015-10-07 18:48:44 +02:00
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
2015-10-01 16:32:59 +02:00
|
|
|
}
|
2015-09-24 07:44:49 +02:00
|
|
|
}
|