mirror of
https://git.0x0.st/mia/0x0.git
synced 2024-11-09 11:48:59 -05:00
64 lines
2.3 KiB
ReStructuredText
64 lines
2.3 KiB
ReStructuredText
The Null Pointer
|
||
================
|
||
|
||
This is a no-bullshit file hosting and URL shortening service that also runs
|
||
`0x0.st <https://0x0.st>`_. Use with uWSGI.
|
||
|
||
Configuration
|
||
-------------
|
||
|
||
To configure 0x0, create ``instance/config.py``.
|
||
The defaults are at the start of ``fhost.py``. To change them,
|
||
add them to ``instance/config.py``— for example::
|
||
|
||
SQLALCHEMY_DATABASE_URI = "sqlite:///some/path/db.sqlite"
|
||
|
||
For more information on instance configuration, see
|
||
`the Flask documentation <https://flask.palletsprojects.com/en/2.0.x/config/#instance-folders>`_.
|
||
|
||
To customize the home and error pages, simply create a ``templates`` directory
|
||
in your instance directory and copy any templates you want to modify there.
|
||
|
||
If you are running nginx, you should use the ``X-Accel-Redirect`` header.
|
||
To make it work, include this in your nginx config’s ``server`` block::
|
||
|
||
location /up {
|
||
internal;
|
||
}
|
||
|
||
where ``/up`` is whatever you’ve configured as ``FHOST_STORAGE_PATH``.
|
||
|
||
For all other servers, set ``FHOST_USE_X_ACCEL_REDIRECT`` to ``False`` and
|
||
``USE_X_SENDFILE`` to ``True``, assuming your server supports this.
|
||
Otherwise, Flask will serve the file with chunked encoding, which sucks and
|
||
should be avoided at all costs.
|
||
|
||
To make files expire, simply create a cronjob that runs ``cleanup.py`` every
|
||
now and then.
|
||
|
||
Before running the service for the first time, run ``FLASK_APP=fhost flask db upgrade``.
|
||
|
||
|
||
NSFW Detection
|
||
--------------
|
||
|
||
0x0 supports classification of NSFW content via Yahoo’s open_nsfw Caffe
|
||
neural network model. This works for images and video files and requires
|
||
the following:
|
||
|
||
* Caffe Python module (built for Python 3)
|
||
* ``ffmpegthumbnailer`` executable in ``$PATH``
|
||
|
||
|
||
Network Security Considerations
|
||
-------------------------------
|
||
|
||
Keep in mind that 0x0 can fetch files from URLs. This includes your local
|
||
network! You should take precautions so that this feature cannot be abused.
|
||
0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can
|
||
use firewall rules and/or namespaces. This is less error-prone anyway.
|
||
|
||
For instance, if you are using the excellent `FireHOL <https://firehol.org/>`_,
|
||
it’s very easy to create a group on your system and use it as a condition
|
||
in your firewall rules. You would then run the application server under that
|
||
group.
|