blob: b4acd88262405cf5badc7166ae9623ad1c672d6f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
#!/bin/bash
set -eu
###############################################################################
# The Gomf binary
GOMF_BIN=/app/gomf
# Root folder for Gomf containing gomf-web files
#
# All paths in other options are relative to this.
# Defaults to current directory if not set.
GOMF_ROOT=/gomf
# The host to listen on for HTTP and/or HTTPS
#
# Use 'localhost' if using local reverse proxy, 0.0.0.0 to listen to any host
# or a specific hostname to only allow connections to that address.
LISTEN_HOST=0.0.0.0
# The port to listen on for HTTP
#
# 80 for a standard HTTP server, probably a higher port (e.g. 9000) if
# reverse-proxied.
HTTP_PORT=9000
# The port to listen on for HTTPS
#
# 443 for a standard HTTPS server. Requires TLS_CERT and TLS_KEY
#HTTPS_PORT=443
# SSL certificate for HTTPS
#TLS_CERT=cert.pem
# SSL certificate key for HTTPS
#TLS_KEY=key.pem
# Redirect traffic accepted with the HTTP handler to HTTOS
#
# Uses the same host, path and query as the incomming request, just rewrites
# the scheme to https://.
# Only works when serving directly. If a reverse proxy is used, it should be
# also used to set up this redirect instead.
#REDIRECT_HTTPS=0
source /gomf.conf
###############################################################################
flags=()
[ -n "${GOMF_ROOT:-}" ] && cd "$GOMF_ROOT"
[ -n "${NAME:-}" ] && flags+=(--name "$NAME")
[ -n "${UPLOAD_HOST:-}" ] && flags+=(--upload-host "$UPLOAD_HOST")
[ -n "${UPLOAD_URL:-}" ] && flags+=(--upload-url "$UPLOAD_URL")
[ -n "${CONTACT_EMAIL:-}" ] && flags+=(--contact "$CONTACT_EMAIL")
[ -n "${ABUSE_EMAIL:-}" ] && flags+=(--abuse "$ABUSE_EMAIL")
[ -n "${HTTP_PORT:-}" ] && flags+=(--http "${LISTEN_HOST:-localhost}:$HTTP_PORT")
[ -n "${HTTPS_PORT:-}" ] && [ -n "${TLS_CERT:-}" ] && [ -n "${TLS_KEY:-}" ] && flags+=(
--https "${LISTEN_HOST:-localhost}:$HTTPS_PORT"
--cert "$TLS_CERT" --key "$TLS_KEY")
[ "${REDIRECT_HTTPS:-0}" -ne 0 ] && flags+=(--redirect-https)
[ "${HSTS:-0}" -ne 0 ] && flags+=(--hsts)
[ -n "${ID_CHARSET:-}" ] && flags+=(--id-charset "$ID_CHARSET")
[ -n "${ID_LENGTH:-}" ] && flags+=(--id-length "$ID_LENGTH")
[ -n "${MAX_SIZE_MIB:-}" ] && flags+=(--max-size "$((MAX_SIZE_MIB*1024*1024))")
[ "${WHITELIST:-0}" -ne 0 ] && flags+=(--whitelist)
oldifs="$IFS" IFS=,
[ -n "$(declare -p FILTER_EXT 2>/dev/null)" ] && flags+=(--filter-ext "${FILTER_EXT[*]}")
[ -n "$(declare -p FILTER_MIME 2>/dev/null)" ] && flags+=(--filter-mime "${FILTER_MIME[*]}")
IFS="$oldifs"
[ "${ALLOW_HTML:-0}" -ne 0 ] && flags+=(--allow-html)
[ "${CORS:-0}" -ne 0 ] && flags+=(--cors)
[ "${GRILL:-0}" -ne 0 ] && flags+=(--grill)
[ -n "${CSP:-}" ] && [ "$CSP" = 0 ] && flags+=(--csp '')
[ -n "${CSP:-}" ] && ! [ "$CSP" = 0 ] && flags+=(--csp "$CSP")
[ "${LOG:-0}" -ne 0 ] && flags+=(--log)
[ "${LOG_IP:-0}" -ne 0 ] && flags+=(--log-ip)
[ "${LOG_IP_HASH:-0}" -ne 0 ] && flags+=(--log-ip-hash)
[ "${LOG_UA:-0}" -ne 0 ] && flags+=(--log-ua)
[ "${LOG_UA_HASH:-0}" -ne 0 ] && flags+=(--log-ua-hash)
[ "${LOG_REFERER:-0}" -ne 0 ] && flags+=(--log-referer)
[ "${LOG_REFERER_HASH:-0}" -ne 0 ] && flags+=(--log-referer-hash)
[ -n "${LOG_HASH_SALT:-}" ] && flags+=(--log-hash-salt "$LOG_HASH_SALT")
[ -n "${PROXY_COUNT:-}" ] && flags+=(--proxy-count "$PROXY_COUNT")
printf "%s" "${GOMF_BIN:-gomf}"
[ "${#flags}" -gt 0 ] && printf " \"%s\"" "${flags[@]}"
printf "\n"
exec "${GOMF_BIN:-gomf}" "${flags[@]}"
|