Blazing fast file uploader and awesome bunker written in node! 🚀
Go to file
Bobby Wibowo 33d0428e74
refactor: unset pattern in / middlewares
not having it set equals to having it be on / pattern to begin with
2022-07-21 23:59:46 +07:00
.github/workflows ci(actions): remove sass-embedded 2022-06-28 12:54:58 +07:00
controllers feat: improved serveLiveDirectory 2022-07-21 23:56:57 +07:00
dist dist: rebuilt client assets and bumped v1 version string 2022-07-15 20:03:40 +00:00
docker feat: disable proxy buffers in docker nginx config 2022-07-14 20:46:09 +07:00
pages chore: pages/custom directory 2022-06-27 06:29:07 +07:00
public feat: add info icon to fontello 2022-06-28 12:31:13 +07:00
routes fix: album pages cache 2022-07-12 10:42:14 +07:00
scripts refactor: standardize paths in require()'s 2022-07-12 08:51:22 +07:00
src dist: rebuilt client assets and bumped v1 version string 2022-07-15 20:03:40 +00:00
views chore: views/faq.njk 2022-07-14 16:39:07 +07:00
.browserslistrc Updates (very important to read) 2019-09-15 13:20:11 +07:00
.dockerignore feat: adapt docker config from upstream 2022-06-22 15:40:52 +07:00
.editorconfig feat: adapt docker config from upstream 2022-06-22 15:40:52 +07:00
.eslintignore Updated 2019-09-17 11:13:41 +07:00
.eslintrc.js fix: bump eslint to es2020 2022-06-08 21:47:30 +07:00
.gitignore chore: pages/custom directory 2022-06-27 06:29:07 +07:00
.stylelintignore chore: re-include src/libs to stylelint 2022-05-27 12:40:53 +07:00
.stylelintrc.json style: removed override for function-name-case 2022-03-03 18:56:24 +07:00
AUTHORS Updated 2019-09-12 14:44:31 +07:00
config.sample.js chore: comment for pages option in config 2022-07-12 14:53:14 +07:00
gulpfile.js ci: split some gulp watches 2022-06-24 09:22:32 +07:00
LICENSE De loli-safe (#77) 2018-04-26 08:54:07 +02:00
logger.js feat: logger.debug() outputs only on dev mode 2022-04-15 15:30:32 +07:00
lolisafe.js refactor: unset pattern in / middlewares 2022-07-21 23:59:46 +07:00
package.json feat(deps): added etag, fresh, and range-parser 2022-07-21 23:58:47 +07:00
README.md chore: improved some README.md's 2022-06-28 08:17:02 +07:00
renovate.json chore: set renovate on weekly schedule 2021-05-22 21:06:48 +07:00
yarn.lock feat(deps): added etag, fresh, and range-parser 2022-07-21 23:58:47 +07:00

lolisafe, a small safe worth protecting

safe.fiery.me

GitHub license

safe.fiery.me

JavaScript Style Guide

This fork is the one being used at https://safe.fiery.me. If you are looking for the original, head to WeebDev/lolisafe.

If you want to use an existing lolisafe v3 database with this fork, copy over database/db file from your previous installation, then run yarn migrate at least once to create the new database columns introduced in this fork (don't forget to make a backup).

Said migration script is NOT COMPATIBLE with chibisafe (a.k.a lolisafe v4/rewrite).

Configuration file of lolisafe v3 (config.js) is also NOT fully compatible with this fork. There are some options that had been renamed and/or restructured. Please make sure your config matches the sample in config.sample.js before starting.

Running in production mode

  1. Ensure you have at least Node v12.22.0 installed (fully compatible up to Node v16.x LTS, untested with v17 or later).
  2. Clone this repo.
  3. Copy config.sample.js as config.js.
  4. Modify port, domain and privacy options if desired.
  5. Run yarn install --production to install all production dependencies (Yes, use yarn).
  6. Run yarn start to start the service.

Default admin account:
Username: root
Password: changeme

You can also start it with yarn pm2 if you have PM2.

When running in production mode, the safe will use pre-built client-side CSS/JS files from dist directory, while the actual source codes are in src directory.

The pre-built files are processed with postcss-preset-env, cssnano, bublé, and terser, and done automatically with GitHub Actions.

Running in development mode

This fork has a separate development mode, with which client-side CSS/JS files in src directory will be automatically rebuilt using Gulp tasks.

  1. Follow step 1 to 4 from the production instructions above.
  2. Run yarn install to install all dependencies, including development ones.
  3. Run yarn develop to start the service in development mode.

You can configure the Gulp tasks through gulpfile.js file.

During development, the rebuilt files will be saved in dist-dev directory instead of dist directory. The service will also automatically serve the files from dist-dev directory instead. This is to avoid your IDE's Git from unnecessarily rebuilding diff of the modified files.

Once you feel like your modifications are ready for production usage, you can then run yarn build to build production-ready files that will actually go to dist directory.

If you are submitting a Pull Request, please do not stage any changes to files in dist directory.
GitHub Actions will automatically rebuild those assets if and when required.

Updating when you have modified some files

Try to use git stash.

Basically you'll be doing this:

  1. git stash to stash away your changes.
  2. git pull to pull updates.
  3. yarn install (or yarn install --production) to install dependencies matching the updated yarn.lock file.
  4. git stash pop (or git stash apply) to restore your changes.

Be warned that some files may have been updated too heavily that they will require manual merging.

If you only do some small modifications such as editing .njk files and not much else, it's generally safe to do this even in a live production environment. But it's still best practice to at least review just what have been updated, and whether you will need to do some manual merging beforehand.

Still, I heavily recommend simply forking this repository and manually merging upstream changes whenever you feel like doing so. Read more about syncing a fork. Especially if you intend to modify client-side CSS/JS files in src directory, since you will then need to rebuild assets that go into dist directory, which are guaranteed to always conflict with every updates from this fork that modify them.

Afterwards, you can instead clone your fork into your production server and pull updates from there. You can then choose to only install production dependencies with yarn install --production there to save some disk space (hint: this is how I setup safe.fiery.me).

ClamAV support

This fork has an optional virus scanning support using ClamAV, utilizing clamscan library (Linux and OS X only).

It will scan new files right after they are uploaded, then alert the uploaders of the virus names in ClamAV's database if the files are dirty.

Unfortunately, this will slow down uploads processing as it has to wait for the scans before responding the uploaders. However, it's still highly recommended for public usage, or if you're like me who find the constant buzzing from Google Safe Search too annoying.

To enable this, make sure you have ClamAV installed, or additionally have ClamAV daemon running (using daemon is considerably faster). Afterwards configure uploads.scan options, and more importantly its sub-option clamOptions. Read more about it in the config.sample.js file.

Additionally, you can also configure usergroups bypass, extensions whitelist, and max file size, to lessen the burden on your server.