X-Git-Url: https://git.p6c8.net/jirafeau/pcanterino.git/blobdiff_plain/848fbb2622106822b9be50356157f93ce67c42fd..f1b3cb91458721a5c2a5a8779b35113688f8f0bd:/README.md diff --git a/README.md b/README.md index 0bd28ae..1d3de30 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Jirafeau is a "one-click-filesharing": Select your file, upload, share a link. T See [jirafeau.net](https://jirafeau.net/) for a demo. -![Screenshot1](http://i.imgur.com/TPjh48P.png) +![Screenshot1](screenshots/upload1.png) ## DISCLAMER @@ -50,21 +50,20 @@ Jirafeau project won't evolve to a file manager and will focus to keep a very fe ## Screenshots -- [Installation - Step 1](http://i.imgur.com/hmpT1eN.jpg) -- [Installation - Step 2](http://i.imgur.com/2e0UGKE.jpg) -- [Installation - Step 3](http://i.imgur.com/ofAjLXh.jpg) -- [Installation - Step 4](http://i.imgur.com/WXqnfqJ.jpg) -- [Upload - Step 1](http://i.imgur.com/SBmSwzJ.jpg) -- [Upload - Step 2](http://i.imgur.com/wzPkb1Z.jpg) -- [Upload - Progress](http://i.imgur.com/i6n95kv.jpg) -- [Upload - Confirmation page](http://i.imgur.com/P2oS1MY.jpg) -- [Admin Interface](http://i.imgur.com/nTdsVzn.png) +- [Installation - Step 1](screenshots/install1.png) +- [Installation - Step 2](screenshots/install2.png) +- [Installation - Step 3](screenshots/install3.png) +- [Upload - Step 1](screenshots/upload1.png) +- [Upload - Step 2](screenshots/upload2.png) +- [Upload - Progress](screenshots/upload_progress.png) +- [Upload - Confirmation page](screenshots/upload_confirm.png) +- [Admin Interface](screenshots/admin.png) ## Installation This shows how to install Jirafeau by your own, it's quite simple but you can -also use a [docker image](https://hub.docker.com/r/mojo42/jirafeau/) or build -it yourself. Check [docker folder](docker/README.md) for more informations. +also use a [docker image](https://gitlab.com/jirafeau/Jirafeau/container_registry/) or build +it yourself. Check [docker folder](docker/README.md) for more information. System requirements: - PHP >= 7.4 @@ -91,19 +90,30 @@ If you have some troubles, consider the following cases - Check your `/lib/config.local.php` file and compare it with `/lib/config.original.php`, the configuration syntax or a parameter may have changed - Check owner and permissions of your files -- set `debug` option to `true` to check any warning or error +- Set `debug` option to `true` to check any warning or error ## Security `var` directory contains all files and links. It is randomly named to limit access but you may add better protection to prevent un-authorized access to it. You have several options: + - Configure a `.htaccess` - Move var folder to a place on your server which can't be directly accessed - Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution) -If you are using Apache, you can add the following line to your configuration to prevent people to access to your `var` folder: +If you are using Apache, you can add the following lines to your configuration to prevent people to access to your `var` folder: + +```apache + + Require all denied + +``` -`RedirectMatch 301 ^/var-.* http://my.service.jirafeau` +Or you can put a `.htaccess` file containing this into your `var` folder: + +```apache +Require all denied +``` If you are using nginx, you can add the following to your $vhost.conf: @@ -133,14 +143,22 @@ Encryption is configured to use [XChaCha20-Poly1305](https://en.wikipedia.org/wi In case of security troubles on the server, attacker won't be able to access files. By activating this feature, you have to be aware of few things: -- Data encryption has a cost (CPU) and it takes more time for downloads to complete once file sent. -- During the download, the server will decrypt on the fly (and use resource). -- This feature needs to have the [`Sodium`](https://www.php.net/manual/en/book.sodium.php) PHP module. -- File de-duplication will stop to work (as we can't compare two encrypted files). -- Be sure your server does not log client's requests. -- Don't forget to enable HTTPS. -In a next step, encryption will be made by the client (in JavaScript). +- This is **no** [end-to-end encryption](https://en.wikipedia.org/wiki/End-to-end_encryption)! Although the file should be sent to server using HTTPS, the file is unencrypted on the server for a very short time. To have end-to-end encryption, you need to encrypt the file yourself. +- Data encryption has a cost (CPU) and it takes more time for downloads to complete once file sent. +- During the download, the server will decrypt on the fly (and use resource). +- This feature needs to have the [`Sodium`](https://www.php.net/manual/en/book.sodium.php) PHP module. +- File de-duplication will stop to work (as we can't compare two encrypted files). +- Be sure your server does not log client's requests. +- Don't forget to enable HTTPS. + +In a next step, encryption will be made by the client (in JavaScript), which will also give us end-to-end encryption. + +## Known issues + +- There is an [issue](https://gitlab.com/jirafeau/Jirafeau/-/issues/40) with asynchronous uploads not working in Chromium-based browsers on servers with HTTP/3 enabled. This seems to be caused by a [bug in Chromium](https://issues.chromium.org/issues/457463688). +This bug can be worked around by setting `max_upload_chunk_size_bytes` to a value of around 3000000 to 5000000 (3 to 5MB) which is default since Jirafeau version 4.7.1. Please note that you have to change this value manually if you're upgrading from a version of Jirafeau older than 4.7.1! +Thanks to [slt](https://gitlab.com/sltrash) for reporting this and for finding a workaround. ## License @@ -206,14 +224,14 @@ Anyway I would recommend you to use another web browser. :) You may change the default theme to any of the existing ones or a custom. -Open your `lib/config.local.php` and change setting in the `style` key to the name of any folder in the `/media` directory. +Open your `lib/config.local.php` and change setting in the `style` key to the name of any folder in the `/media` directory. If you want to change the theme for dark mode, you have to set the `dark_style` key in the config file. -Hint: To create a custom theme just copy the `courgette` folder and name your theme `custom` (this way it will be ignored by git and not overwritten during updates). You are invited to enhance the existing themes and send pull requests however. +Hint: To create a custom theme just copy the `courgette` folder and name your theme `custom` (this way it will be ignored by git and not overwritten during updates). If you want to create a custom theme for dark mode, you have to put it in a folder named `dark-custom`. You are invited to enhance the existing themes and send pull requests however. ### I found a bug, what should I do? Feel free to open a bug in the [GitLab's issues](https://gitlab.com/jirafeau/Jirafeau/issues). -If you can, please copy-paste informations related to bug opening provided in admin interface. +If you can, please copy-paste information related to bug opening provided in admin interface. Admin interface can be reached by accessing `/admin.php`. ### How to set maximum file size? @@ -227,8 +245,8 @@ If you don't want to allow unlimited upload size, you can still setup a maximal ### How can I edit an option? -Documentation of all default options are located in [lib/config.original.php](https://gitlab.com/jirafeau/Jirafeau/blob/master/lib/config.original.php). -If you want to change an option, just edit your `lib/config.local.php`. +Documentation of all default options are located in [/lib/config.original.php](https://gitlab.com/jirafeau/Jirafeau/blob/master/lib/config.original.php). +If you want to change an option, just edit your `/lib/config.local.php`. ### How can I change the Terms of Service? @@ -301,4 +319,6 @@ Feel free to create an [issue](https://gitlab.com/jirafeau/Jirafeau/-/issues) if ### Can I buy you a coffee? -You can [drop few bucks for Jérôme Jutteau](https://www.paypal.com/paypalme/jeromejutteau). +You can [drop few bucks for Jérôme Jutteau](https://www.paypal.com/paypalme/jeromejutteau) + +Many Thanks <3