diff --git a/README.md b/README.md index 042169b..61a5fc0 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ The administrator of the Lufi instance you use will not be able to see what is i The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-) -**Shipped version:** 0.05.16~ynh2 +**Shipped version:** 0.05.18~ynh1 **Demo:** https://demo.lufi.io/ diff --git a/README_fr.md b/README_fr.md index 9f2d864..f08a756 100644 --- a/README_fr.md +++ b/README_fr.md @@ -19,7 +19,7 @@ The administrator of the Lufi instance you use will not be able to see what is i The encryption key part of the URL is a anchor (Cf. [Fragment Identifier](https://en.wikipedia.org/wiki/Fragment_identifier)), that means this part is only processed client-side and does not reach the server. :-) -**Version incluse :** 0.05.16~ynh2 +**Version incluse :** 0.05.18~ynh1 **Démo :** https://demo.lufi.io/ diff --git a/check_process b/check_process index 49086e5..58a4206 100644 --- a/check_process +++ b/check_process @@ -13,8 +13,10 @@ setup_private=1 setup_public=1 upgrade=1 - # 0.03.5 + # 0.03.5~ynh2 upgrade=1 from_commit=23e84578464b1fa09f79c98b6a9b5f19bbcf83f3 + # 0.05.16~ynh2 + upgrade=1 from_commit=b208e35276b861a78a28bb7d468dad9d11943023 backup_restore=1 multi_instance=1 port_already_use=0 diff --git a/conf/app.src b/conf/app.src index 1294ebf..3b6734e 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.16/lufi-0.05.16.tar.gz -SOURCE_SUM=bd8146e6062fb180897544c27f862b5de56840e3fe7cde41824538f1de55a2b6 +SOURCE_URL=https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/0.05.18/lufi-0.05.18.tar.gz +SOURCE_SUM=da388595d8c39a82ae118c1c92bb7d8ad637f7351997392bbb645929852a3963 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/lufi.conf.template b/conf/lufi.conf.template index 20993f6..b83da8d 100644 --- a/conf/lufi.conf.template +++ b/conf/lufi.conf.template @@ -18,17 +18,17 @@ clients => 1, }, - # put a way to contact you here and uncomment it - # you can put some HTML in it + # Put a way to contact you here and uncomment it + # You can put some HTML in it # MANDATORY contact => 'Contact page', - # put an URL or an email address to receive file reports and uncomment it - # it's for make reporting illegal files easy for users + # Put an URL or an email address to receive file reports and uncomment it + # It's for make reporting illegal files easy for users # MANDATORY report => 'webmaster@__DOMAIN__', - # array of random strings used to encrypt cookies + # Array of random strings used to encrypt cookies # optional, default is ['fdjsofjoihrei'], PLEASE, CHANGE IT secrets => ['__SECRET__'], @@ -36,53 +36,53 @@ # optional, default is Lufi #instance_name => 'Lufi', - # choose a theme. See the available themes in `themes` directory - # optional, default is 'default' + # Choose a theme. See the available themes in `themes` directory + # Optional, default is 'default' #theme => 'default', - # length of the random URL + # Length of the random URL # optional, default is 8 #length => 8, - # how many URLs will be provisioned in a batch ? + # How many URLs will be provisioned in a batch ? # optional, default is 5 #provis_step => 5, - # max number of URLs to be provisioned + # Max number of URLs to be provisioned # optional, default is 100 #provisioning => 100, - # length of the modify/delete token + # Length of the modify/delete token # optional, default is 32 #token_length => 32, - # max file size, in octets - # you can write it 100*1024*1024 + # Max file size, in octets + # You can write it 100*1024*1024 # optional, no default __MAX_SIZE_SET__max_file_size => __MAX_FILE_SIZE__*1024*1024, - # if you want to have piwik statistics, provide a piwik image tracker - # only the image tracker is allowed, no javascript + # If you want to have piwik statistics, provide a piwik image tracker + # Only the image tracker is allowed, no javascript # optional, no default #piwik_img => 'https://piwik.example.org/piwik.php?idsite=1&rec=1', - # broadcast_message which will displayed on the index page + # Broadcast_message which will displayed on the index page # optional, no default #broadcast_message => 'Maintenance', - # default time limit for files - # valid values are 0, 1, 7, 30 and 365 + # Default time limit for files + # Valid values are 0, 1, 7, 30 and 365 # optional, default is 0 (no limit) default_delay => 365, # Number of days after which the files will be deleted, even if they were uploaded with "no delay" (or value superior to max_delay) - # a warning message will be displayed on homepage + # A warning message will be displayed on homepage # optional, default is 0 (no limit) #max_delay => 0, - # size thresholds: if you want to define max delays for different sizes of file - # the keys are size in Bytes, you can't have 10*1000*10000 as key - # if a file is smaller than the smallest configured size, it will have a expiration delay of max_delay (see above) + # Size thresholds: if you want to define max delays for different sizes of file + # The keys are size in Bytes, you can't have 10*1000*10000 as key + # If a file is smaller than the smallest configured size, it will have a expiration delay of max_delay (see above) # optional, default is using max_delay (see above) for all sizes #delay_for_size => { # 10000000 => 90, # between 10MB and 50MB => max is 90 days, less than 10MB => max is max_delay (see above) @@ -96,33 +96,54 @@ # optional, defaut is / prefix => '__PATH__', - # array of authorized domains for API calls. - # if you want to authorize everyone to use the API: ['*'] + # Array of authorized domains for API calls. + # If you want to authorize everyone to use the API: ['*'] # optional, no domains allowed by default - #allowed_domains => ['http://1.example.com', 'http://2.example.com'], + #allowed_domains => ['http://1.example.com', 'http://2.example.com'], + + # String of the URL to be redirected to when accessing /logout + # optional, default is no redirection after logging out + #logout_custom => 'https://sso.example.com/logout?redirect_uri=https%3A%2F%2Fexample.com', # Define a path to the upload directory, where the uploaded files will be stored # You can define it relative to lufi directory or set an absolute path # Remember that it has to be in a directory writable by Lufi user # DO NOT CHANGE THIS IF FILES HAVE BEEN ALREADY UPLOADED: THEY WILL NOT BE DOWNLOADABLE ANYMORE # optional, default is 'files' - #upload_dir => 'files', + #upload_dir => 'files', - # allow to add a password on files, asked before allowing to download files + #!!!!!!!!!!!!!!! + # EXPERIMENTAL ! + #!!!!!!!!!!!!!!! + # You can store files on Swift object storage (https://en.wikipedia.org/wiki/OpenStack#Swift) instead of filesystem + # Please read https://metacpan.org/pod/Net::OpenStack::Swift#SYNOPSIS to know how to configure this setting + # IMPORTANT: add a `container` key in it, to let Lufi know which container to use. This is not a regular Net::OpenStack::Swift setting, but Lufi need it. + # EXPERIMENTAL: if the upload or download of files are stucked, reload Lufi and create a cron task to reload Lufi once a day + # You can copy Lufi files to Swift object storage by launching the command `carton exec script/lufi copyFilesToSwift` (can take a long time) + # optional, no default + #swift => { + # auth_url => 'https://auth-endpoint-url/v2.0', + # user => 'userid', + # password => 'password', + # tenant_name => 'project_id', + # container => 'lufi' + #}, + + # Allow to add a password on files, asked before allowing to download files # optional, default is 0 allow_pwd_on_files => 1, - # force all files to be in "Burn after reading mode" + # Force all files to be in "Burn after reading mode" # optional, default is 0 #force_burn_after_reading => 0, - # if set, the files' URLs will always use this domain + # If set, the files' URLs will always use this domain # optional, no default #fixed_domain => 'example.org', - # abuse reasons - # set an integer in the abuse field of a file in the database and it will not be downloadable anymore - # the reason will be displayed to the downloader, according to the reasons you will configure here. + # Abuse reasons + # Set an integer in the abuse field of a file in the database and it will not be downloadable anymore + # The reason will be displayed to the downloader, according to the reasons you will configure here. # optional, no default #abuse => { # 0 => 'Copyright infringment', @@ -135,7 +156,7 @@ # Mail configuration # See https://metacpan.org/pod/Mojolicious::Plugin::Mail#EXAMPLES - # Optional, default to sendmail method with no arguments + # optional, default to sendmail method with no arguments #mail => { # # Valid values are 'sendmail' and 'smtp' # how => 'smtp', @@ -143,27 +164,31 @@ #}, # Email sender address - # Optional, default to no-reply@lufi.io + # optional, default to no-reply@lufi.io #mail_sender => 'no-reply@lufi.io', + # Disable sending mail through the server + # optional, default is false + #disable_mail_sending => 0, + ############# # DB settings ############# - # choose what database you want to use - # valid choices are sqlite, postgresql and mysql (all lowercase) + # Choose what database you want to use + # Valid choices are sqlite, postgresql and mysql (all lowercase) # optional, default is sqlite dbtype => 'postgresql', # SQLite ONLY - only used if dbtype is set to sqlite - # define a path to the SQLite database - # you can define it relative to lufi directory or set an absolute path - # remember that it has to be in a directory writable by Lufi user + # Define a path to the SQLite database + # You can define it relative to lufi directory or set an absolute path + # Remember that it has to be in a directory writable by Lufi user # optional, default is lufi.db #db_path => 'lufi.db', # PostgreSQL ONLY - only used if dbtype is set to postgresql - # these are the credentials to access the PostgreSQL database + # These are the credentials to access the PostgreSQL database # mandatory if you choosed postgresql as dbtype pgdb => { database => '__DB_NAME__', @@ -178,7 +203,7 @@ }, # MySQL ONLY - only used if dbtype is set to mysql - # these are the credentials to access the MySQL database + # These are the credentials to access the MySQL database # mandatory if you choosed mysql as dbtype #mysqldb => { # database => 'lufi', @@ -196,8 +221,8 @@ # LDAP settings (authentication and features) ############################################# - # set `ldap` if you want that only authenticated users can upload files - # please note that everybody can still download files + # Set `ldap` if you want that only authenticated users can upload files + # Please note that everybody can still download files # optional, no default __LDAP__ldap => { __LDAP__ uri => 'ldap://localhost:389', # server URI @@ -214,7 +239,7 @@ __LDAP__ #} __LDAP__}, - # if you've set ldap above, the session will last `session_duration` seconds before + # If you've set ldap above, the session will last `session_duration` seconds before # the user needs to reauthenticate # optional, default is 3600 #session_duration => 3600, @@ -271,10 +296,32 @@ # Htpasswd authentication ######################### - # set `htpasswd` if you want to use an htpasswd file instead of ldap - # see 'man htpasswd' to know how to create such file + # Set `htpasswd` if you want to use an htpasswd file instead of ldap + # See 'man htpasswd' to know how to create such file #htpasswd => 'lufi.passwd', + ############################ + # HTTP header authentication + ############################ + + # Set `auth_headers` if you want to use HTTP header auth. + # Typically, these headers are set by a reverse-proxy + # acting as an authentication server. Useful for SSO. + # `auth_headers` should contains the user's username. + # + # /!\ LUFI BLINDLY TRUSTS THESE HEADERS + # /!\ IT'S UP TO YOU TO SANITIZE INCOMING HEADERS TO SECURE YOUR INSTANCE + # + #auth_headers => 'X-AUTH-PREFERRED-USERNAME', + #auth_headers_map_value => { + # # Like ldap_map_attr but for headers + # displayname => 'X-AUTH-DISPLAYNAME', + # firstname => 'X-AUTH-GIVENNAME', + # lastname => 'X-AUTH-LASTNAME', + # mail => 'X-AUTH-EMAIL' + #}, + + ####################### # HTTP Headers settings ####################### @@ -311,24 +358,28 @@ # Lufi cron jobs settings ######################### - # number of days senders' IP addresses are kept in database - # after that delay, they will be deleted from database (used with script/lufi cron cleanbdd) + # Expired files will be kept for 2 additional days after the expiration time has passed! + # The reasoning behind this is to allow downloads to complete and avoid deleting them while + # they are still being tranfered. + + # Number of days senders' IP addresses are kept in database + # After that delay, they will be deleted from database (used with script/lufi cron cleanbdd) # optional, default is 365 #keep_ip_during => 365, - # max size of the files directory, in octets - # used by script/lufi cron watch to trigger an action + # Max size of the files directory, in octets + # Used by script/lufi cron watch to trigger an action # optional, no default #max_total_size => 10*1024*1024*1024, - # default action when files directory is over max_total_size (used with script/lufi cron watch) - # valid values are 'warn', 'stop-upload' and 'delete' + # Default action when files directory is over max_total_size (used with script/lufi cron watch) + # Valid values are 'warn', 'stop-upload' and 'delete' # Please, see README.md # optional, default is 'warn' #policy_when_full => 'warn', # Files which are not viewed since delete_no_longer_viewed_files days will be deleted by the cron cleanfiles task - # if delete_no_longer_viewed_files is not set, the no longer viewed files will NOT be deleted + # If delete_no_longer_viewed_files is not set, the no longer viewed files will NOT be deleted # optional, no default #delete_no_longer_viewed_files => 90, }; diff --git a/manifest.json b/manifest.json index a749850..2b8bbf7 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Self hosting files and sharing anonymous application", "fr": "Application d'hébergement et de partage de fichiers anonyme" }, - "version": "0.05.16~ynh2", + "version": "0.05.18~ynh1", "url": "https://git.framasoft.org/luc/lufi", "upstream": { "license": "AGPL-3.0-or-later",