X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/c8be766d3b3484e19cdcd85b3272c9d596828206..746fb97d70dcb65b925822e2818505f678f8adca:/README.md diff --git a/README.md b/README.md index bbaed76..d2abe63 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ A demonstration of the latest version is available on [jirafeau.net](http://jira - Optional Password protection (for uploading or downloading) - Time limitation - Option to self-destruct after reading -- Simple language support :gb: :fr: :de: :it: :nl: :ro: :sk: :hu: :cn: +- Simple language support :gb: :fr: :de: :it: :nl: :ro: :sk: :hu: :cn: :gr: - Small administration interface - File level [Deduplication](http://en.wikipedia.org/wiki/Data_deduplication) for storage optimization - A basic Terms Of Service which can be adapted to your needs @@ -64,10 +64,19 @@ You have several options: - Move var folder to a place on your server which can't be directly accessed - Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution) -If you are using Apache, you can add the following lineto your configuration to prevent people to access to your ```var``` folder: +If you are using Apache, you can add the following line to your configuration to prevent people to access to your ```var``` folder: ```RedirectMatch 301 ^/var-.* http://my.service.jirafeau ``` +If you are using nginx, you can add the following to your $vhost.conf: + +```nginx +location ~ /var-.* { + deny all; + return 404; +} +``` + You should also remove un-necessessary write access once the installation is done (ex: configuration file). An other obvious basic security is to let access users to the site by HTTPS. @@ -121,6 +130,17 @@ There are two ways to limit upload access (but not download): Check documentation of ```upload_password``` and ```upload_ip``` parameters in [lib/config.original.php](https://gitlab.com/mojo42/Jirafeau/blob/master/lib/config.original.php). +### How can I automatize the cleaning of old (expired) files? + +You can call the admin.php script from the command line (CLI) with the ```clean_expired``` or ```clean_async``` commands: ```sudo -u www-data php admin.php clean_expired```. + +Then the command can be placed in a cron file to automatize the process. For example: +``` +# m h dom mon dow user command +12 3 * * * www-data php /path/to/jirafeau/admin.php clean_expired +16 3 * * * www-data php /path/to/jirafeau/admin.php clean_async +``` + ### I have some troubles with IE If you have some strange behavior with IE, you may configure [compatibility mode](http://feedback.dominknow.com/knowledgebase/articles/159097-internet-explorer-ie8-ie9-ie10-and-ie11-compat). @@ -157,6 +177,22 @@ Simply go to ```/script.php``` with your web browser. Be sure your PHP installation is not using safe mode, it may cause timeouts. +If you're using nginx, you might need to increase `client_max_body_size` or remove the restriction altogether. In your nginx.conf: + +```nginx +http { + # disable max upload size + client_max_body_size 0; + # add timeouts for very large uploads + client_header_timeout 30m; + client_body_timeout 30m; +} +``` + +### How can I monitor the use of my Jirafeau instance? + +You may use Munin and simple scripts to collect the number of files in the Jirafeau instance as well as the disk space occupied by all the files. You can consult this [web page](https://blog.bandinelli.net/index.php?post/2016/05/15/Scripts-Munin-pour-Jirafeau). + ### Why forking? The original project seems not to be continued anymore and I prefer to add more features and increase security from a stable version.