Merge remote-tracking branch 'dutchcoders/master'

# Conflicts: # README.md # go.sum
mattmartinez · Dec 15, 2020 · b372dc9 · b372dc9
2 parents c89b7f5 + ae00f8c
commit b372dc9
Show file tree

Hide file tree

Showing 8 changed files with 247 additions and 64 deletions.
diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml
@@ -0,0 +1,89 @@
+name: Deploy multi-architecture Docker images for transfer.sh with buildx
+
+on:
+ schedule:
+ - cron: '0 0 * * *' # everyday at midnight UTC
+ pull_request:
+ branches: master
+ push:
+ branches: master
+ tags:
+ - v*
+
+jobs:
+ buildx:
+ runs-on: ubuntu-latest
+ steps:
+ -
+ name: Checkout
+ uses: actions/checkout@v2
+ -
+ name: Prepare
+ id: prepare
+ run: |
+ DOCKER_IMAGE=dutchcoders/transfer.sh
+ DOCKER_PLATFORMS=linux/amd64,linux/arm/v7,linux/arm64,linux/386
+ VERSION=edge
+
+ if [[ $GITHUB_REF == refs/tags/* ]]; then
+ VERSION=${GITHUB_REF#refs/tags/v}
+ fi
+
+ if [ "${{ github.event_name }}" = "schedule" ]; then
+ VERSION=nightly
+ fi
+
+ TAGS="--tag ${DOCKER_IMAGE}:${VERSION}"
+
+ if [ $VERSION = edge -o $VERSION = nightly ]; then
+ TAGS="$TAGS --tag ${DOCKER_IMAGE}:latest"
+ fi
+
+ echo ::set-output name=docker_image::${DOCKER_IMAGE}
+ echo ::set-output name=version::${VERSION}
+ echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \
+ --build-arg VERSION=${VERSION} \
+ --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \
+ --build-arg VCS_REF=${GITHUB_SHA::8} \
+ ${TAGS} .
+ -
+ name: Set up QEMU
+ uses: docker/setup-qemu-action@v1
+ with:
+ platforms: all
+ -
+ name: Set up Docker Buildx
+ id: buildx
+ uses: docker/setup-buildx-action@v1
+ with:
+ version: latest
+ -
+ name: Available platforms
+ run: echo ${{ steps.buildx.outputs.platforms }}
+ -
+ name: Docker Buildx (build)
+ run: |
+ docker buildx build --no-cache --pull --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }}
+ -
+ name: Docker Login
+ if: success() && github.event_name != 'pull_request'
+ env:
+ DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+ DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+ run: |
+ echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
+ -
+ name: Docker Buildx (push)
+ if: success() && github.event_name != 'pull_request'
+ run: |
+ docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }}
+ -
+ name: Docker Check Manifest
+ if: always() && github.event_name != 'pull_request'
+ run: |
+ docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }}
+ -
+ name: Clear
+ if: always() && github.event_name != 'pull_request'
+ run: |
+ rm -f ${HOME}/.docker/config.json
diff --git a/Dockerfile b/Dockerfile
@@ -12,7 +12,7 @@ WORKDIR /go/src/github.com/dutchcoders/transfer.sh
 ENV GO111MODULE=on
 
 # build & install server
-RUN go get -u ./... && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags -a -tags netgo -ldflags '-w -extldflags "-static"' -o /go/bin/transfersh github.com/dutchcoders/transfer.sh
+RUN go get -u ./... && CGO_ENABLED=0 go build -ldflags -a -tags netgo -ldflags '-w -extldflags "-static"' -o /go/bin/transfersh github.com/dutchcoders/transfer.sh
 
 FROM scratch AS final
 LABEL maintainer="Andrea Spacca <[email protected]>"

diff --git a/README.md b/README.md
@@ -76,42 +76,46 @@ https://transfer.sh/1lDau/test.txt --> https://transfer.sh/inline/1lDau/test.txt
 
 Parameter | Description | Value | Env
 --- | --- | --- | ---
-listener | port to use for http (:80) | |
-profile-listener | port to use for profiler (:6060)| |
-force-https | redirect to https | false |
-tls-listener | port to use for https (:443) | |
-tls-listener-only | flag to enable tls listener only | |
-tls-cert-file | path to tls certificate | |
-tls-private-key | path to tls private key | |
-http-auth-user | user for basic http auth on upload | |
-http-auth-pass | pass for basic http auth on upload | |
-ip-whitelist | comma separated list of ips allowed to connect to the service | |
-ip-blacklist | comma separated list of ips not allowed to connect to the service | |
-temp-path | path to temp folder | system temp |
-web-path | path to static web files (for development or custom front end) | |
-proxy-path | path prefix when service is run behind a proxy | |
-ga-key | google analytics key for the front end | |
-uservoice-key | user voice key for the front end  | |
+listener | port to use for http (:80) | | LISTENER |
+profile-listener | port to use for profiler (:6060) | | PROFILE_LISTENER |
+force-https | redirect to https | false | FORCE_HTTPS
+tls-listener | port to use for https (:443) | | TLS_LISTENER |
+tls-listener-only | flag to enable tls listener only | | TLS_LISTENER_ONLY |
+tls-cert-file | path to tls certificate | | TLS_CERT_FILE |
+tls-private-key | path to tls private key | | TLS_PRIVATE_KEY |
+http-auth-user | user for basic http auth on upload | | HTTP_AUTH_USER |
+http-auth-pass | pass for basic http auth on upload | | HTTP_AUTH_PASS |
+ip-whitelist | comma separated list of ips allowed to connect to the service | | IP_WHITELIST |
+ip-blacklist | comma separated list of ips not allowed to connect to the service | | IP_BLACKLIST |
+temp-path | path to temp folder | system temp | TEMP_PATH |
+web-path | path to static web files (for development or custom front end) | | WEB_PATH |
+proxy-path | path prefix when service is run behind a proxy | | PROXY_PATH |
+proxy-port | port of the proxy when the service is run behind a proxy | | PROXY_PORT |
+ga-key | google analytics key for the front end | | GA_KEY |
 provider | which storage provider to use | (s3, storj, gdrive or local) |
-aws-access-key | aws access key | | AWS_ACCESS_KEY
-aws-secret-key | aws access key | | AWS_SECRET_KEY
-bucket | aws bucket | | BUCKET
-s3-endpoint | Custom S3 endpoint. | |
-s3-region | region of the s3 bucket | eu-west-1 | S3_REGION
-s3-no-multipart | disables s3 multipart upload | false | |
-s3-path-style | Forces path style URLs, required for Minio. | false | |
-storj-access | Access for the project | | STORJ_ACCESS
-storj-bucket | Bucket to use within the project | | STORJ_BUCKET
-basedir | path storage for local/gdrive provider| |
-gdrive-client-json-filepath | path to oauth client json config for gdrive provider| |
-gdrive-local-config-path | path to store local transfer.sh config cache for gdrive provider| |
-gdrive-chunk-size | chunk size for gdrive upload in megabytes, must be lower than available memory (8 MB) | |
-lets-encrypt-hosts | hosts to use for lets encrypt certificates (comma seperated) | |
-log | path to log file| |
+uservoice-key | user voice key for the front end | | USERVOICE_KEY |
+aws-access-key | aws access key | | AWS_ACCESS_KEY |
+aws-secret-key | aws access key | | AWS_SECRET_KEY |
+bucket | aws bucket | | BUCKET |
+s3-endpoint | Custom S3 endpoint. | | S3_ENDPOINT |
+s3-region | region of the s3 bucket | eu-west-1 | S3_REGION |
+s3-no-multipart | disables s3 multipart upload | false | S3_NO_MULTIPART |
+s3-path-style | Forces path style URLs, required for Minio. | false | S3_PATH_STYLE |
+storj-access | Access for the project | | STORJ_ACCESS |
+storj-bucket | Bucket to use within the project | | STORJ_BUCKET |
+basedir | path storage for local/gdrive provider | | BASEDIR |
+gdrive-client-json-filepath | path to oauth client json config for gdrive provider | | GDRIVE_CLIENT_JSON_FILEPATH |
+gdrive-local-config-path | path to store local transfer.sh config cache for gdrive provider| | GDRIVE_LOCAL_CONFIG_PATH |
+gdrive-chunk-size | chunk size for gdrive upload in megabytes, must be lower than available memory (8 MB) | | GDRIVE_CHUNK_SIZE |
+lets-encrypt-hosts | hosts to use for lets encrypt certificates (comma seperated) | | HOSTS |
+log | path to log file| | LOG |
+cors-domains | comma separated list of domains for CORS, setting it enable CORS | | CORS_DOMAINS |
+clamav-host | host for clamav feature | | CLAMAV_HOST |
+rate-limit | request per minute | | RATE_LIMIT |
 
 If you want to use TLS using lets encrypt certificates, set lets-encrypt-hosts to your domain, set tls-listener to :443 and enable force-https.
 
-If you want to use TLS using your own certificates, set tls-listener to :443, force-https, tls-cert=file and tls-private-key.
+If you want to use TLS using your own certificates, set tls-listener to :443, force-https, tls-cert-file and tls-private-key.
 
 ## Development
 

diff --git a/cmd/cmd.go b/cmd/cmd.go
@@ -12,7 +12,7 @@ import (
  "google.golang.org/api/googleapi"
 )
 
-var Version = "1.1.4"
+var Version = "1.1.7"
 var helpTemplate = `NAME:
 {{.Name}} - {{.Usage}}
 
@@ -37,64 +37,83 @@ var globalFlags = []cli.Flag{
  Name: "listener",
  Usage: "127.0.0.1:8080",
  Value: "127.0.0.1:8080",
+ EnvVar: "LISTENER",
  },
  // redirect to https?
  // hostnames
  cli.StringFlag{
  Name: "profile-listener",
  Usage: "127.0.0.1:6060",
  Value: "",
+ EnvVar: "PROFILE_LISTENER",
  },
  cli.BoolFlag{
  Name: "force-https",
  Usage: "",
+ EnvVar: "FORCE_HTTPS",
  },
  cli.StringFlag{
  Name: "tls-listener",
  Usage: "127.0.0.1:8443",
  Value: "",
+ EnvVar: "TLS_LISTENER",
  },
  cli.BoolFlag{
  Name: "tls-listener-only",
  Usage: "",
+ EnvVar: "TLS_LISTENER_ONLY",
  },
  cli.StringFlag{
  Name: "tls-cert-file",
  Value: "",
+ EnvVar: "TLS_CERT_FILE",
  },
  cli.StringFlag{
  Name: "tls-private-key",
  Value: "",
+ EnvVar: "TLS_PRIVATE_KEY",
  },
  cli.StringFlag{
  Name: "temp-path",
  Usage: "path to temp files",
  Value: os.TempDir(),
+ EnvVar: "TEMP_PATH",
  },
  cli.StringFlag{
  Name: "web-path",
  Usage: "path to static web files",
  Value: "",
+ EnvVar: "WEB_PATH",
  },
  cli.StringFlag{
  Name: "proxy-path",
  Usage: "path prefix when service is run behind a proxy",
  Value: "",
+ EnvVar: "PROXY_PATH",
+ },
+ cli.StringFlag{
+ Name: "proxy-port",
+ Usage: "port of the proxy when the service is run behind a proxy",
+ Value: "",
+ EnvVar: "PROXY_PORT",
  },
  cli.StringFlag{
  Name: "ga-key",
  Usage: "key for google analytics (front end)",
  Value: "",
+ EnvVar: "GA_KEY",
  },
  cli.StringFlag{
  Name: "uservoice-key",
  Usage: "key for user voice (front end)",
  Value: "",
+ EnvVar: "USERVOICE_KEY",
  },
  cli.StringFlag{
  Name: "provider",
  Usage: "s3|gdrive|local",
  Value: "",
+ EnvVar: "PROVIDER",
  },
  cli.StringFlag{
  Name: "s3-endpoint",
@@ -129,25 +148,30 @@ var globalFlags = []cli.Flag{
  cli.BoolFlag{
  Name: "s3-no-multipart",
  Usage: "Disables S3 Multipart Puts",
+ EnvVar: "S3_NO_MULTIPART",
  },
  cli.BoolFlag{
  Name: "s3-path-style",
  Usage: "Forces path style URLs, required for Minio.",
+ EnvVar: "S3_PATH_STYLE",
  },
  cli.StringFlag{
  Name: "gdrive-client-json-filepath",
  Usage: "",
  Value: "",
+ EnvVar: "GDRIVE_CLIENT_JSON_FILEPATH",
  },
  cli.StringFlag{
  Name: "gdrive-local-config-path",
  Usage: "",
  Value: "",
+ EnvVar: "GDRIVE_LOCAL_CONFIG_PATH",
  },
  cli.IntFlag{
  Name: "gdrive-chunk-size",
  Usage: "",
  Value: googleapi.DefaultUploadChunkSize / 1024 / 1024,
+ EnvVar: "GDRIVE_CHUNK_SIZE",
  },
  cli.StringFlag{
  Name: "storj-access",
@@ -165,7 +189,7 @@ var globalFlags = []cli.Flag{
  Name: "rate-limit",
  Usage: "requests per minute",
  Value: 0,
- EnvVar: "",
+ EnvVar: "RATE_LIMIT",
  },
  cli.StringFlag{
  Name: "lets-encrypt-hosts",
@@ -177,11 +201,13 @@ var globalFlags = []cli.Flag{
  Name: "log",
  Usage: "/var/log/transfersh.log",
  Value: "",
+ EnvVar: "LOG",
  },
  cli.StringFlag{
  Name: "basedir",
  Usage: "path to storage",
  Value: "",
+ EnvVar: "BASEDIR",
  },
  cli.StringFlag{
  Name: "clamav-host",
@@ -198,26 +224,37 @@ var globalFlags = []cli.Flag{
  cli.BoolFlag{
  Name: "profiler",
  Usage: "enable profiling",
+ EnvVar: "PROFILER",
  },
  cli.StringFlag{
  Name: "http-auth-user",
  Usage: "user for http basic auth",
  Value: "",
+ EnvVar: "HTTP_AUTH_USER",
  },
  cli.StringFlag{
  Name: "http-auth-pass",
  Usage: "pass for http basic auth",
  Value: "",
+ EnvVar: "HTTP_AUTH_PASS",
  },
  cli.StringFlag{
  Name: "ip-whitelist",
  Usage: "comma separated list of ips allowed to connect to the service",
  Value: "",
+ EnvVar: "IP_WHITELIST",
  },
  cli.StringFlag{
  Name: "ip-blacklist",
  Usage: "comma separated list of ips not allowed to connect to the service",
  Value: "",
+ EnvVar: "IP_BLACKLIST",
+ },
+ cli.StringFlag{
+ Name: "cors-domains",
+ Usage: "comma separated list of domains allowed for CORS requests",
+ Value: "",
+ EnvVar: "CORS_DOMAINS",
  },
 }
 
@@ -226,7 +263,7 @@ type Cmd struct {
 }
 
 func VersionAction(c *cli.Context) {
- fmt.Println(color.YellowString(fmt.Sprintf("transfer.sh: Easy file sharing from the command line")))
+ fmt.Println(color.YellowString(fmt.Sprintf("transfer.sh %s: Easy file sharing from the command line", Version)))
 }
 
 func New() *Cmd {
@@ -257,6 +294,10 @@ func New() *Cmd {
  options = append(options, server.Listener(v))
  }
 
+ if v := c.String("cors-domains"); v != "" {
+ options = append(options, server.CorsDomains(v))
+ }
+
  if v := c.String("tls-listener"); v == "" {
  } else if c.Bool("tls-listener-only") {
  options = append(options, server.TLSListener(v, true))
@@ -276,6 +317,10 @@ func New() *Cmd {
  options = append(options, server.ProxyPath(v))
  }
 
+ if v := c.String("proxy-port"); v != "" {
+ options = append(options, server.ProxyPort(v))
+ }
+
  if v := c.String("ga-key"); v != "" {
  options = append(options, server.GoogleAnalytics(v))
  }