1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
Gomf usage
==========
Requirements
------------
- Go1.6 or newer: https://golang.org/dl/
- libmagic (on Debian/Ubuntu, `aptitude install libmagic-dev`)
Installation
------------
- `go get -u git.clsr.net/gomf`
- Go to a directory where you want to have the website files and `git clone https://git.clsr.net/gomf-web`
Running
-------
- Go to the directory with gomf-web
- Run `gomf`
Optional options for `gomf`:
--http HOST:PORT
serves HTTP on HOST:PORT
example: --http example.com:80
--https HOST:PORT
serves HTTPS on HOST:PORT
needs --cert and --key
example: --https example.com:443 --cert ssl/cert.pem --key ssl/cert.key
--cert PATH
uses PATH as the TLS certificate for HTTPS
--key PATH
uses PATH as the TLS certificate key for HTTPS
--redirect-https
redirect HTTP request to HTTPS
example: --redirect-https
--hsts
enables the HSTS header
example: --hsts
--name NAME
sets website name to NAME
example: --name Example
--id-charset CHARSET
sets the charset for file IDs in URLs to CHARSET; should only include URL-safe characters and no slashes
example: --id-charset 0123456789
--id-length LENGTH
sets the length of file IDs in the URLs to LENGTH
example: --id-length 5
--max-size BYTES
sets BYTES as the upload file size limit in bytes
example (10 MiB): --bytes 10485760
equivalent bash example: --bytes $((1024 * 1024 * 10))
--filter-ext EXTS
filter file extensions contained in the comma-separated list EXTS
forbids extensions by default, unless --whitelist is in effect
example: --filter-ext exe,dll,scr
--filter-mime TYPES
filter MIME types contained in the comma-separated list TYPES
forbids types by default, unless --whitelist is in effect
example: --filters-mime application/x-dosexec
--whitelist
treat file extension and MIME type filters as whitelists instead of blacklists
forbids any upload whose type or extension is not on at least one of the filters
example: --whitelist --filter-ext png,jpg,gif --filter-mime=
--contact EMAIL
sets the contact email address to EMAIL
example: --contact contact@example.com
--abuse EMAIL
sets the abuse email address to EMAIL
example: --abuse abuse@example.com
--upload-host HOSTS
all request to hosts in the comma-separated list HOSTS will serve files directly ($host/$file, while other hosts serve them on $host/u/$file)
example: --upload-host u.example.com
--upload-url URL
uses URL as the prefix for address of uploaded files
if missing, uses --upload-host, --https or --http to construct the URL
example: --upload-url http://u.example.com/
--csp CSP
sets the Content-Security-Header to CSP; blank to disable the header
example: --csp=
--allow-html
serve text/html and application/xhtml+xml files with their original filetype instead of text/plain
example: --allow-html
--cors
sets the Access-Control-Allow-Origin header to * to allow CORS from any origin
example: --cors
--grill
enables grills
example: --grill
--log
enables logging of uploads
example: --log --log-hash-salt 'somerandomsaltstringhere' --log-ip-hash --log-ua --log-referer --proxy-count 1
--log-hash-salt SALT
salt to use for hashed log entries
if missing, no salt is used when hashing
--log-ip
enables logging of uploaders' IP addresses
--log-ip-hash
enables logging of hashes of uploaders' IP addresses
used for privacy in order to avoid logging raw IP addresses while permitting comparison with other hashed entries
--log-ua
enables logging of uploaders' User-Agent headers
--log-ua-hash
enables logging of hashes of uploaders' User-Agent headers
used for privacy in order to avoid logging raw user-agents while permitting comparison with other hashed entries
--log-referer
enables logging of uploaders' Referer headers
--log-referer-hash
enables logging of hashes of uploaders' Referer headers
used for privacy in order to avoid logging raw referers while permitting comparison with other hashed entries
--proxy-count COUNT
the count of trusted reverse proxies (e.g. nginx) for logging IP addresses
when set to a positive number N, takes the N-th most recent entry in X-Forwarded-For as the uploader's IP address for logging
|