uuxo/hmac-file-server
1
1
Fork 0
Code Pull Requests Actions Packages Projects Releases 1 Wiki Activity

FIX: 3.3 100% - 3.4 with WEBUI

Browse Source
This commit is contained in:
Alexander Renz
2025-07-18 04:29:48 +00:00
parent dc88f9f6fb
commit 6205661acc
6 changed files with 220 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/server/chunked_upload_handler.go
View File

@ -71,6 +71,23 @@ func handleChunkedUpload(w http.ResponseWriter, r *http.Request) {
return return
} }
// Validate file size against max_upload_size if configured
if conf.Server.MaxUploadSize != "" {
maxSizeBytes, err := parseSize(conf.Server.MaxUploadSize)
if err != nil {
log.Errorf("Invalid max_upload_size configuration: %v", err)
http.Error(w, "Server configuration error", http.StatusInternalServerError)
uploadErrorsTotal.Inc()
return
}
if totalSize > maxSizeBytes {
http.Error(w, fmt.Sprintf("File size %s exceeds maximum allowed size %s",
formatBytes(totalSize), conf.Server.MaxUploadSize), http.StatusRequestEntityTooLarge)
uploadErrorsTotal.Inc()
return
}
}
// Authentication (reuse existing logic) // Authentication (reuse existing logic)
if conf.Security.EnableJWT { if conf.Security.EnableJWT {
_, err := validateJWTFromRequest(r, conf.Security.JWTSecret) _, err := validateJWTFromRequest(r, conf.Security.JWTSecret)

51
cmd/server/main.go
View File

@ -1407,6 +1407,23 @@ func handleUpload(w http.ResponseWriter, r *http.Request) {
} }
defer file.Close() defer file.Close()
// Validate file size against max_upload_size if configured
if conf.Server.MaxUploadSize != "" {
maxSizeBytes, err := parseSize(conf.Server.MaxUploadSize)
if err != nil {
log.Errorf("Invalid max_upload_size configuration: %v", err)
http.Error(w, "Server configuration error", http.StatusInternalServerError)
uploadErrorsTotal.Inc()
return
}
if header.Size > maxSizeBytes {
http.Error(w, fmt.Sprintf("File size %s exceeds maximum allowed size %s",
formatBytes(header.Size), conf.Server.MaxUploadSize), http.StatusRequestEntityTooLarge)
uploadErrorsTotal.Inc()
return
}
}
// Validate file extension if configured // Validate file extension if configured
if len(conf.Uploads.AllowedExtensions) > 0 { if len(conf.Uploads.AllowedExtensions) > 0 {
ext := strings.ToLower(filepath.Ext(header.Filename)) ext := strings.ToLower(filepath.Ext(header.Filename))
@ -1644,6 +1661,23 @@ func handleV3Upload(w http.ResponseWriter, r *http.Request) {
} }
} }
// Validate file size against max_upload_size if configured
if conf.Server.MaxUploadSize != "" {
maxSizeBytes, err := parseSize(conf.Server.MaxUploadSize)
if err != nil {
log.Errorf("Invalid max_upload_size configuration: %v", err)
http.Error(w, "Server configuration error", http.StatusInternalServerError)
uploadErrorsTotal.Inc()
return
}
if r.ContentLength > maxSizeBytes {
http.Error(w, fmt.Sprintf("File size %s exceeds maximum allowed size %s",
formatBytes(r.ContentLength), conf.Server.MaxUploadSize), http.StatusRequestEntityTooLarge)
uploadErrorsTotal.Inc()
return
}
}
// Generate filename based on configuration // Generate filename based on configuration
var filename string var filename string
switch conf.Server.FileNaming { switch conf.Server.FileNaming {
@ -1767,6 +1801,23 @@ func handleLegacyUpload(w http.ResponseWriter, r *http.Request) {
} }
} }
// Validate file size against max_upload_size if configured
if conf.Server.MaxUploadSize != "" {
maxSizeBytes, err := parseSize(conf.Server.MaxUploadSize)
if err != nil {
log.Errorf("Invalid max_upload_size configuration: %v", err)
http.Error(w, "Server configuration error", http.StatusInternalServerError)
uploadErrorsTotal.Inc()
return
}
if r.ContentLength > maxSizeBytes {
http.Error(w, fmt.Sprintf("File size %s exceeds maximum allowed size %s",
formatBytes(r.ContentLength), conf.Server.MaxUploadSize), http.StatusRequestEntityTooLarge)
uploadErrorsTotal.Inc()
return
}
}
// Create full file path // Create full file path
storagePath := conf.Server.StoragePath storagePath := conf.Server.StoragePath
if conf.ISO.Enabled { if conf.ISO.Enabled {

89
config-clean.toml Normal file
View File

@ -0,0 +1,89 @@
[server]
listen_address = ":8080"
storage_path = "/opt/hmac-file-server/data/uploads"
metrics_enabled = true
metrics_path = "/metrics"
pid_file = "/var/run/hmac-file-server.pid"
max_upload_size = "10GB"
max_header_bytes = 1048576
cleanup_interval = "24h"
max_file_age = "720h"
pre_cache = true
pre_cache_workers = 4
pre_cache_interval = "1h"
global_extensions = [".txt", ".dat", ".iso"]
deduplication_enabled = true
min_free_bytes = "1GB"
file_naming = "original"
force_protocol = ""
enable_dynamic_workers = true
worker_scale_up_thresh = 50
worker_scale_down_thresh = 10
[uploads]
allowedextensions = [".zip", ".rar", ".7z", ".tar.gz", ".tgz", ".gpg", ".enc", ".pgp", ".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp", ".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg", ".m4v", ".3gp", ".3g2", ".mp3", ".ogg"]
chunkeduploadsenabled = true
chunksize = "32MB"
resumableuploadsenabled = true
maxresumableage = "48h"
[downloads]
resumabledownloadsenabled = true
chunkeddownloadsenabled = true
chunksize = "32MB"
allowedextensions = [".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp", ".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg", ".m4v", ".3gp", ".3g2", ".mp3", ".ogg"]
[security]
secret = "f6g4ldPvQM7O2UTFeBEUUj33VrXypDAcsDt0yqKrLiOr5oQW"
enablejwt = false
jwtsecret = "f6g4ldPvQM7O2UTFeBEUUj33VrXypDAcsDt0yqKrLiOr5oQW"
jwtalgorithm = "HS256"
jwtexpiration = "24h"
[logging]
level = "debug"
file = "/var/log/hmac-file-server/hmac-file-server.log"
max_size = 100
max_backups = 7
max_age = 30
compress = true
[deduplication]
enabled = true
directory = "/opt/hmac-file-server/data/duplicates"
[iso]
enabled = false
size = "1GB"
mountpoint = "/mnt/iso"
charset = "utf-8"
containerfile = "/mnt/iso/container.iso"
[timeouts]
readtimeout = "3600s"
writetimeout = "3600s"
idletimeout = "3600s"
[versioning]
enableversioning = false
maxversions = 1
[clamav]
clamavenabled = false
clamavsocket = "/var/run/clamav/clamd.ctl"
numscanworkers = 2
scanfileextensions = [".exe", ".dll", ".bin", ".com", ".bat", ".sh", ".php", ".js"]
[redis]
redisenabled = false
redisdbindex = 0
redisaddr = "localhost:6379"
redispassword = ""
redishealthcheckinterval = "120s"
[workers]
numworkers = 4
uploadqueuesize = 5000
[file]
filerevision = 1

113
dockerenv/config/config.toml
View File

@ -1,75 +1,81 @@
[server] [server]
listenport = "8080" listen_address = ":8080"
unixsocket = false storage_path = "/srv/hmac-file-server/uploads"
storagepath = "/opt/hmac-file-server/data/uploads" metrics_enabled = true
metricsenabled = true metrics_path = "/metrics"
metricsport = "9090" pid_file = "/var/run/hmac-file-server.pid"
deduplicationenabled = true max_upload_size = "10GB" # Supports B, KB, MB, GB, TB
minfreebytes = "5GB" max_header_bytes = 1048576 # 1MB
filettl = "2y" cleanup_interval = "24h"
filettlenabled = false max_file_age = "720h" # 30 days
autoadjustworkers = true pre_cache = true
networkevents = false pre_cache_workers = 4
pidfilepath = "./hmac-file-server.pid" pre_cache_interval = "1h"
precaching = false global_extensions = [".txt", ".dat", ".iso"] # If set, overrides upload/download extensions
deduplication_enabled = true
min_free_bytes = "1GB" # Minimum free space required for uploads
file_naming = "original" # Options: "original", "HMAC"
force_protocol = "" # Options: "http", "https" - if set, redirects to this protocol
enable_dynamic_workers = true # Enable dynamic worker scaling
worker_scale_up_thresh = 50 # Queue length to scale up workers
worker_scale_down_thresh = 10 # Queue length to scale down workers
[deduplication] [uploads]
enabled = true allowed_extensions = [".zip", ".rar", ".7z", ".tar.gz", ".tgz", ".gpg", ".enc", ".pgp"]
directory = "/opt/hmac-file-server/data/duplicates" chunked_uploads_enabled = true
chunk_size = "10MB"
resumable_uploads_enabled = true
max_resumable_age = "48h"
[downloads]
resumable_downloads_enabled = true
chunked_downloads_enabled = true
chunk_size = "8192"
allowed_extensions = [".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp"]
[security]
secret = "f6g4ldPvQM7O2UTFeBEUUj33VrXypDAcsDt0yqKrLiOr5oQW"
enablejwt = false
jwtsecret = "f6g4ldPvQM7O2UTFeBEUUj33VrXypDAcsDt0yqKrLiOr5oQW"
jwtalgorithm = "HS256"
jwtexpiration = "24h"
[logging] [logging]
level = "debug" level = "info"
file = "./hmac-file-server.log" file = "/var/log/hmac-file-server.log"
max_size = 100 max_size = 100
max_backups = 7 max_backups = 7
max_age = 30 max_age = 30
compress = true compress = true
[deduplication]
enabled = true
directory = "./deduplication"
[iso] [iso]
enabled = false enabled = true
size = "1TB" size = "1GB"
mountpoint = "/mnt/nfs_vol01/hmac-file-server/iso/" mountpoint = "/mnt/iso"
charset = "utf-8" charset = "utf-8"
containerfile = "/mnt/iso/container.iso"
[timeouts] [timeouts]
readtimeout = "3600s" readtimeout = "4800s"
writetimeout = "3600s" writetimeout = "4800s"
idletimeout = "3600s" idletimeout = "4800s"
[security]
secret = "CHANGE-THIS-TO-YOUR-SECRET-KEY-MINIMUM-32-CHARACTERS"
[versioning] [versioning]
enableversioning = false enableversioning = false
maxversions = 1 maxversions = 1
[uploads]
resumableuploadsenabled = false
chunkeduploadsenabled = true
chunksize = "32MB"
allowedextensions = [
".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp",
".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg",
".m4v", ".3gp", ".3g2", ".mp3", ".ogg"
]
[downloads]
chunkeddownloadsenabled = false
chunksize = "32MB"
allowedextensions = [
".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp",
".wav", ".mp4", ".avi", ".mkv", ".mov", ".wmv", ".flv", ".webm", ".mpeg", ".mpg",
".m4v", ".3gp", ".3g2", ".mp3", ".ogg"
]
[clamav] [clamav]
clamavenabled = false clamavenabled = true
clamavsocket = "/var/run/clamav/clamd.ctl" clamavsocket = "/var/run/clamav/clamd.ctl"
numscanworkers = 4 numscanworkers = 2
scanfileextensions = [".exe", ".dll", ".bin", ".com", ".bat", ".sh", ".php", ".js"] scanfileextensions = [".txt", ".pdf", ".png", ".jpg", ".jpeg", ".gif", ".bmp", ".tiff", ".svg", ".webp"]
[redis] [redis]
redisenabled = false redisenabled = true
redisdbindex = 0 redisdbindex = 0
redisaddr = "localhost:6379" redisaddr = "localhost:6379"
redispassword = "" redispassword = ""
@ -77,7 +83,10 @@ redishealthcheckinterval = "120s"
[workers] [workers]
numworkers = 4 numworkers = 4
uploadqueuesize = 5000 uploadqueuesize = 50
[file] [file]
filerevision = 1 # Add file-specific configurations here
[build]
version = "3.2"

2
hmac-file-server.pid
View File

@ -1 +1 @@
619742 2896344

2
test_upload.txt
View File

@ -1 +1 @@
Hello, HMAC File Server! Do 17. Jul 18:59:11 CEST 2025 Hello, HMAC File Server! Thu Jul 17 05:40:07 PM UTC 2025