0x0/README.rst

The Null Pointer
================

This is a no-bullshit file hosting and URL shortening service that also runs
`0x0.st <https://0x0.st>`_. Use with uWSGI.

Configuration
-------------

To configure 0x0, copy ``instance/config.example.py`` to ``instance/config.py``, then edit
it.   Resonable defaults are set, but there's a couple options you'll need to change
before running 0x0 for the first time.

By default, the configuration is stored in the Flask instance directory.
Normally, this is in `./instance`, but it might be different for your system.
For details, see
`the Flask documentation <https://flask.palletsprojects.com/en/2.0.x/config/#instance-folders>`_.

To customize the home and error pages, simply create a ``templates`` directory
in your instance directory and copy any templates you want to modify there.

If you are running nginx, you should use the ``X-Accel-Redirect`` header.
To make it work, include this in your nginx config’s ``server`` block::

    location /up {
        internal;
    }

where ``/up`` is whatever you’ve configured as ``FHOST_STORAGE_PATH``.

For all other servers, set ``FHOST_USE_X_ACCEL_REDIRECT`` to ``False`` and
``USE_X_SENDFILE`` to ``True``, assuming your server supports this.
Otherwise, Flask will serve the file with chunked encoding, which has several
downsides, one of them being that range requests will not work. This is a
problem for example when streaming media files: It won’t be possible to seek,
and some ISOBMFF (MP4) files will not play at all.

To make files expire, simply run ``FLASK_APP=fhost flask prune`` every
now and then. You can use the provided systemd unit files for this::

    0x0-prune.service
    0x0-prune.timer

Make sure to edit them to match your system configuration. In particular,
set the user and paths in ``0x0-prune.service``.

Before running the service for the first time and every time you update it
from this git repository, run ``FLASK_APP=fhost flask db upgrade``.


Moderation UI
-------------

.. image:: modui.webp
  :height: 300

0x0 features a TUI program for file moderation. With it, you can view a list
of uploaded files, as well as extended information on them. It allows you to
take actions like removing files temporarily or permanently, as well as
blocking IP addresses and associated files.

If a sufficiently recent version of python-mpv with libmpv is present and
your terminal supports it, you also get graphical file previews, including
video playback. Upstream mpv currently supports sixels and the
`kitty graphics protocol <https://sw.kovidgoyal.net/kitty/graphics-protocol/>`_.
For this to work, set the ``MOD_PREVIEW_PROTO`` option in ``instance/config.py``.

Requirements:

* `Textual <https://textual.textualize.io/>`_

Optional:

* `python-mpv <https://github.com/jaseg/python-mpv>`_
  (graphical previews)
* `PyAV <https://github.com/PyAV-Org/PyAV>`_
  (information on multimedia files)
* `PyMuPDF <https://github.com/pymupdf/PyMuPDF>`_
  (previews and file information for PDF, XPS, EPUB, MOBI and FB2)
* `libarchive-c <https://github.com/Changaco/python-libarchive-c>`_
  (archive content listing)

.. note::
    `Mosh <https://mosh.org/>`_ currently does not support sixels or kitty graphics.

.. hint::
    You may need to set the ``COLORTERM`` environment variable to
    ``truecolor``.

.. tip::
    Using compression with SSH (``-C`` option) can significantly
    reduce the bandwidth requirements for graphics.


NSFW Detection
--------------

0x0 supports classification of NSFW content via
`a machine learning model <https://huggingface.co/giacomoarienti/nsfw-classifier>`_.
This works for images and video files and requires the following
Python modules:

* torch
* transformers
* pillow
* `av <https://github.com/PyAV-Org/PyAV>`_


Virus Scanning
--------------

0x0 can scan its files with ClamAV’s daemon. As this can take a long time
for larger files, this does not happen immediately but instead every time
you run the ``vscan`` command. It is recommended to configure a systemd
timer or cronjob to do this periodically. Examples are included::

    0x0-vscan.service
    0x0-vscan.timer

Remember to adjust your size limits in clamd.conf, including
``StreamMaxLength``!

This feature requires the `clamd module <https://pypi.org/project/clamd/>`_.


Network Security Considerations
-------------------------------

Keep in mind that 0x0 can fetch files from URLs. This includes your local
network! You should take precautions so that this feature cannot be abused.
0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
use firewall rules and/or namespaces. This is less error-prone anyway.

For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
it’s very easy to create a group on your system and use it as a condition
in your firewall rules. You would then run the application server under that
group.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
+								The Null Pointer
 								================
 								This is a no-bullshit file hosting and URL shortening service that also runs
 								`0x0.st <https://0x0.st>`_. Use with uWSGI.
-												Update README

											
										
										
											2020-12-29 06:27:21 -05:00
+								Configuration
 								-------------
-												Add example configuration file

See #73.

											
										
										
											2022-11-26 22:56:38 -05:00
+								To configure 0x0, copy ``instance/config.example.py`` to ``instance/config.py``, then edit
 								it.   Resonable defaults are set, but there's a couple options you'll need to change
 								before running 0x0 for the first time.
-												README: Clarify how to change configuration

											
										
										
											2022-11-20 07:05:17 -05:00
-												Add example configuration file

See #73.

											
										
										
											2022-11-26 22:56:38 -05:00
+								By default, the configuration is stored in the Flask instance directory.
 								Normally, this is in `./instance`, but it might be different for your system.
 								For details, see
-												README: Clarify how to change configuration

											
										
										
											2022-11-20 07:05:17 -05:00
+								`the Flask documentation <https://flask.palletsprojects.com/en/2.0.x/config/#instance-folders>`_.
-												Update README

											
										
										
											2020-12-29 06:27:21 -05:00
-												Support instance templates

											
										
										
											2021-01-01 17:08:17 -05:00
+								To customize the home and error pages, simply create a ``templates`` directory
 								in your instance directory and copy any templates you want to modify there.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
+								If you are running nginx, you should use the ``X-Accel-Redirect`` header.
 								To make it work, include this in your nginx config’s ``server`` block::
 								    location /up {
 								        internal;
 								    }
-												Update README

											
										
										
											2020-12-29 06:27:21 -05:00
+								where ``/up`` is whatever you’ve configured as ``FHOST_STORAGE_PATH``.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
 								For all other servers, set ``FHOST_USE_X_ACCEL_REDIRECT`` to ``False`` and
 								``USE_X_SENDFILE`` to ``True``, assuming your server supports this.
-												README: Clarify why serving file requests from the app is bad

											
										
										
											2022-11-20 10:54:46 -05:00
+								Otherwise, Flask will serve the file with chunked encoding, which has several
 								downsides, one of them being that range requests will not work. This is a
 								problem for example when streaming media files: It won’t be possible to seek,
 								and some ISOBMFF (MP4) files will not play at all.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
-												Add example systemd unit files for prune job

											
										
										
											2022-11-29 11:23:30 -05:00
+								To make files expire, simply run ``FLASK_APP=fhost flask prune`` every
 								now and then. You can use the provided systemd unit files for this::
 x0-prune.service
 x0-prune.timer
 								Make sure to edit them to match your system configuration. In particular,
 								set the user and paths in ``0x0-prune.service``.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
-												README: Also run db upgrade after git pull!

											
										
										
											2022-11-29 11:23:56 -05:00
+								Before running the service for the first time and every time you update it
 								from this git repository, run ``FLASK_APP=fhost flask db upgrade``.
-												init

											
										
										
											2016-11-01 00:17:54 -04:00
-												Add moderation TUI

This ended up way fancier than I imagined.

											
										
										
											2022-12-20 09:45:55 -05:00
+								Moderation UI
 								-------------
-												README: Add ModUI screenshot

											
										
										
											2022-12-20 10:55:11 -05:00
+								.. image:: modui.webp
 								  :height: 300
-												Add moderation TUI

This ended up way fancier than I imagined.

											
										
										
											2022-12-20 09:45:55 -05:00
+x0 features a TUI program for file moderation. With it, you can view a list
 								of uploaded files, as well as extended information on them. It allows you to
 								take actions like removing files temporarily or permanently, as well as
 								blocking IP addresses and associated files.
 								If a sufficiently recent version of python-mpv with libmpv is present and
 								your terminal supports it, you also get graphical file previews, including
-												README: Kitty support was merged in mpv

											
										
										
											2022-12-21 13:47:49 -05:00
+								video playback. Upstream mpv currently supports sixels and the
 								`kitty graphics protocol <https://sw.kovidgoyal.net/kitty/graphics-protocol/>`_.
-												Add moderation TUI

This ended up way fancier than I imagined.

											
										
										
											2022-12-20 09:45:55 -05:00
+								For this to work, set the ``MOD_PREVIEW_PROTO`` option in ``instance/config.py``.
 								Requirements:
 								* `Textual <https://textual.textualize.io/>`_
 								Optional:
 								* `python-mpv <https://github.com/jaseg/python-mpv>`_
 								  (graphical previews)
 								* `PyAV <https://github.com/PyAV-Org/PyAV>`_
 								  (information on multimedia files)
 								* `PyMuPDF <https://github.com/pymupdf/PyMuPDF>`_
 								  (previews and file information for PDF, XPS, EPUB, MOBI and FB2)
 								* `libarchive-c <https://github.com/Changaco/python-libarchive-c>`_
 								  (archive content listing)
 								.. note::
 								    `Mosh <https://mosh.org/>`_ currently does not support sixels or kitty graphics.
 								.. hint::
 								    You may need to set the ``COLORTERM`` environment variable to
 								    ``truecolor``.
 								.. tip::
 								    Using compression with SSH (``-C`` option) can significantly
 								    reduce the bandwidth requirements for graphics.
-												Add NSFW detection

											
										
										
											2017-10-26 23:22:11 -04:00
+								NSFW Detection
 								--------------
-												Replace NSFW detector implementation

											
										
										
											2024-09-25 12:12:39 -04:00
+x0 supports classification of NSFW content via
 								`a machine learning model <https://huggingface.co/giacomoarienti/nsfw-classifier>`_.
 								This works for images and video files and requires the following
 								Python modules:
 								* torch
 								* transformers
 								* pillow
 								* `av <https://github.com/PyAV-Org/PyAV>`_
-												README: Warn users about URL fetch network security implications

											
										
										
											2022-08-19 16:27:29 -04:00
-												Add support for ClamAV

											
										
										
											2022-12-12 01:25:30 -05:00
+								Virus Scanning
 								--------------
 x0 can scan its files with ClamAV’s daemon. As this can take a long time
 								for larger files, this does not happen immediately but instead every time
 								you run the ``vscan`` command. It is recommended to configure a systemd
 								timer or cronjob to do this periodically. Examples are included::
 x0-vscan.service
 x0-vscan.timer
-												README: Add note about StreamMaxLength in clamd.conf

											
										
										
											2022-12-12 01:40:38 -05:00
+								Remember to adjust your size limits in clamd.conf, including
 								``StreamMaxLength``!
-												Add support for ClamAV

											
										
										
											2022-12-12 01:25:30 -05:00
 								This feature requires the `clamd module <https://pypi.org/project/clamd/>`_.
-												README: Warn users about URL fetch network security implications

											
										
										
											2022-08-19 16:27:29 -04:00
+								Network Security Considerations
 								-------------------------------
 								Keep in mind that 0x0 can fetch files from URLs. This includes your local
 								network! You should take precautions so that this feature cannot be abused.
 x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
 								use firewall rules and/or namespaces. This is less error-prone anyway.
 								For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
 								it’s very easy to create a group on your system and use it as a condition
 								in your firewall rules. You would then run the application server under that
 								group.