Skip to content

Instantly share code, notes, and snippets.

@ansemjo

ansemjo/mozilla-send.yml

Last active November 15, 2021 06:34
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ansemjo/c24267ea4684a09dd841db910d908b9b to your computer and use it in GitHub Desktop.
Save ansemjo/c24267ea4684a09dd841db910d908b9b to your computer and use it in GitHub Desktop.
Download ZIP
simple docker compose to self-host the firefox send experiment
Raw
mozilla-send.yml
# add this to a crontab to tidy up expired uploads:
# 0 * * * * find /var/lib/send/ -type f -mmin +1450 -exec rm {} \;
version: "3"
services:
web:
# repository: https://gitlab.com/timvisee/send
image: registry.gitlab.com/timvisee/send:latest
restart: unless-stopped
links:
- redis
volumes:
# check permissions on this directory, node runs with UID 10001
- /var/lib/send:/uploads
ports:
# port needs to be reverse-proxied
- "127.0.0.1:1443:1443"
environment:
# urls
- BASE_URL=https://send.example.com
- REDIS_HOST=redis
- NODE_ENV=production
# local file storage
- FILE_DIR=/uploads
# -- upload limits:
# file size
- MAX_FILE_SIZE=10737418240 # 10 GB
# downloads
- MAX_DOWNLOADS=10
- DOWNLOAD_COUNTS=1,2,3,5,10
# expiry
- MAX_EXPIRE_SECONDS=604800 # 7 days
- EXPIRE_TIMES_SECONDS=300,900,3600,86400,259200,604800 # 5m,15m,1h,1d,3d,7d
redis:
image: redis:alpine
restart: unless-stopped
Raw
nginx.conf
# example of a vhost configuration for nginx, which restricts access to uploading websocket.
# everything in CAPS needs to be replaced, of course.
upstream send {
server 127.0.0.1:1443;
}
server {
listen [::]:80;
listen [::]:443 ssl http2;
server_name SERVERNAME;
ssl_certificate /PATH/TO/CERTIFICATE;
ssl_certificate_key /PATH/TO/KEY;
if ($scheme != https) {
return 301 https://$host$request_uri;
}
location ~ ^/(api/ws)?$ {
auth_basic "Uploads";
auth_basic_user_file /PATH/TO/AUTH/FILE; # create hashes with 'openssl passwd -6'
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_pass http://send;
}
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_pass http://send;
}
}
@reeves0x0
Copy link

not work !!!!
web_1 | {"Timestamp":1618837436813000000,"Logger":"FirefoxSend","Type":"uncaughtException","Severity":0,"Pid":1,"EnvVersion":"2.0","Fields":{"error":"Error: ENOENT: no such file or directory, unlink '/uploads/1-dc79f9df80bb6f46'","stack":"\n at Object.unlinkSync (node:fs:1252:3)\n at WriteStream. (/app/server/storage/fs.js:33:12)\n at WriteStream.emit (node:events:388:22)\n at WriteStream.EventEmitter.emit (node:domain:470:12)\n at emitErrorNT (node:internal/streams/destroy:188:8)\n at emitErrorCloseNT (node:internal/streams/destroy:153:3)\n at processTicksAndRejections (node:internal/process/task_queues:80:21)"}

@ansemjo
Copy link
Author

ansemjo commented Apr 19, 2021
edited

Check the permissions on your /var/lib/send directory. The node processes inside the container runs with UID 10001, so you'll likely have to run the following on your host:

chown 10001:10001 /var/lib/send

Alternatively, if you don't care about security that much, run the web: container as root by adding user: root:

  services:
    web:
      image: registry.gitlab.com/timvisee/send:latest
+     user: root
      links:
        - redis
      volumes:

@reeves0x0
Copy link

thanks !
Its work !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment