From 39ea3ba48da9a24964b493fe396040d2a791e411 Mon Sep 17 00:00:00 2001 From: skidoodle Date: Fri, 16 Jan 2026 02:50:15 +0100 Subject: [PATCH] docs: update readme Signed-off-by: skidoodle --- README.md | 89 ++++++++++++++++++++++------------------------------ compose.yaml | 2 +- 2 files changed, 38 insertions(+), 53 deletions(-) diff --git a/README.md b/README.md index be776d8..f306c91 100644 --- a/README.md +++ b/README.md @@ -4,74 +4,47 @@ ## Features -- **Server-Side Encryption**: Files are encrypted using AES-256-GCM before touching the disk. -- **Log-Safe Keys**: The decryption key is stored in the URL fragment (`#`). Since fragments are never sent to the server, the key never appears in your HTTP access logs. +- **End-to-End Encryption**: Files are encrypted using AES-128-GCM before being written to disk. +- **Key-Derived URLs**: The decryption key is part of the URL. The server uses this key to locate and decrypt the file on the fly. - **Integrity**: Uses GCM (Galois/Counter Mode) to ensure files cannot be tampered with while stored. -- **Deterministic**: Identical files result in the same ID, allowing for storage deduplication. +- **Storage Deduplication**: Identical files result in the same ID, saving disk space. +- **Chunked Uploads**: Supports large file uploads via the web interface using 8MB chunks. ## Usage -You can interact with the service via the web interface or through the command line. +### Web Interface +Simply drag and drop files into the browser. The interface handles chunking and provides a shareable link once the upload is finalized. -### Uploading a file +### Command Line (CLI) +You can upload files directly using `curl`: ```bash -curl -F 'file=@archive.zip' https://bin.example.com +curl -F 'file=@photo.jpg' https://bin.example.com ``` -The server will return a URL containing the file ID and the decryption key: -`https://bin.example.com/vS6_1_8pS-Y_8-8_...` - -### Downloading a file - -Simply open the link in a browser or use `curl`: - -```bash -curl https://bin.example.com/vS6_1_8pS-Y_8-8_... > archive.zip -``` +The server will return a direct link: +`https://bin.example.com/0iEZGtW-ikVdu...jpg` ## Configuration -`safebin` is configured via command-line flags: +`safebin` can be configured via environment variables or command-line flags: -| Flag | Description | Default | -| :--- | :--- | :--- | -| `-h` | Bind address for the server. | `0.0.0.0` | -| `-p` | Port to listen on. | `8080` | -| `-s` | Directory where encrypted files are stored. | `./storage` | -| `-m` | Maximum file size in mb. | `512` | +| Flag | Environment Variable | Description | Default | +| :--- | :--- | :--- | :--- | +| `-h` | `SAFEBIN_HOST` | Bind address for the server. | `0.0.0.0` | +| `-p` | `SAFEBIN_PORT` | Port to listen on. | `8080` | +| `-s` | `SAFEBIN_STORAGE` | Directory for encrypted storage. | `./storage` | +| `-m` | `SAFEBIN_MAX_MB` | Maximum file size in MB. | `512` | -## Running Locally - -### With Docker - -```bash -git clone https://github.com/skidoodle/safebin -cd safebin -docker compose -f compose.dev.yaml up --build -``` - -### Without Docker - -Requires Go 1.25 or higher. - -```bash -git clone https://github.com/skidoodle/safebin -cd safebin -go build -o safebin . -./safebin -p 8080 -s ./data -``` - -## Deploying +## Deployment ### Docker Compose - -The easiest way to deploy is using the provided `compose.yaml`. +The easiest way to deploy is using the provided `compose.yaml`: ```yaml services: safebin: - image: ghcr.io/skidoodle/safebin:main + image: ghcr.io/skidoodle/safebin:latest container_name: safebin restart: unless-stopped ports: @@ -88,10 +61,22 @@ volumes: data: ``` +### Manual Build +Requires Go 1.25 or higher. + +```bash +go build -o safebin . +./safebin -p 8080 -s ./data +``` + ## Retention Policy -The server runs a cleanup task every hour. Retention is calculated using a cubic scaling formula to balance disk usage: -- **Small files (< 1MB)**: Up to 365 days. -- **Large files (512MB)**: 24 hours. +The server runs a background cleanup task every hour. Retention is calculated using a cubic scaling formula to prioritize small files: -This ensures that the server doesn't run out of disk space due to large binary blobs while allowing small text files or images to persist for longer periods. +- **Small files (e.g., < 1MB)**: Kept for up to **365 days**. +- **Large files (at Max MB)**: Kept for **24 hours**. +- **Temporary Uploads**: Unfinished chunked uploads are purged after **4 hours**. + +## License + +This project is licensed under the **GNU General Public License v2.0**. diff --git a/compose.yaml b/compose.yaml index 9291b04..c75fe00 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,6 +1,6 @@ services: safebin: - image: ghcr.io/skidoodle/safebin:main + image: ghcr.io/skidoodle/safebin:latest container_name: safebin restart: unless-stopped ports: