diff --git a/code/app.py b/code/app.py index 0059d79..326580c 100644 --- a/code/app.py +++ b/code/app.py @@ -21,9 +21,10 @@ app.config['ZIP_FOLDER'] = config_values['zip_folder'] app.config['MAX_ZIP_SIZE'] = config_values['max_zip_size'] # megabytes app.config['DATE_FORMAT'] = config_values['date_format'] app.config['UID'] = config_values['uid'] +app.config['GID'] = config_values['gid'] app.config['DEBUG'] = config_values['debug'] -app.secret_key = 'Cz2dw5NiRt3PSMFBSLTAJJi7U2CdW7iPQqEeOaU6' +app.secret_key = config_values['app_secret_key'] app.wsgi_app = ReverseProxied(app.wsgi_app) @app.before_request @@ -83,7 +84,7 @@ def upload(name = None, password = None): if os.path.exists(filename): return "Overwrite forbidden", 403 file.save(filename) - os.chown(filename, app.config['UID'], -1) + os.chown(filename, app.config['UID'], app.config['GID']) return redirect(url_for('list_view',name=name)) @app.route('/send/', methods=['GET']) @@ -276,7 +277,7 @@ def get_share(name, require_auth = True): }) if not os.path.exists(share['path']): os.makedirs(share['path']) - os.chown(share['path'], app.config['UID'], -1) + os.chown(share['path'], app.config['UID'], app.config['GID']) return (True,share) def is_expired(share): @@ -296,7 +297,7 @@ def zip_share(share): if not os.path.exists(app.config['ZIP_FOLDER']): os.makedirs(app.config['ZIP_FOLDER']) - os.chown(app.config['ZIP_FOLDER'], app.config['UID'], -1) + os.chown(app.config['ZIP_FOLDER'], app.config['UID'], app.config['GID']) zip_path = os.path.join( app.config['ZIP_FOLDER'], @@ -316,7 +317,7 @@ def zip_share(share): arcname = os.path.join(share['name'],file) ) zf.close() - os.chown(zip_path, app.config['UID'], -1) + os.chown(zip_path, app.config['UID'], app.config['GID']) return zip_path def zip_clean(): diff --git a/data/config.json.example b/data/config.json.example index 3974d3d..aa2662a 100644 --- a/data/config.json.example +++ b/data/config.json.example @@ -3,17 +3,20 @@ "workers: number of parallel processes. single long upload reserves a process.", "timeout: seconds for process to last. single long upload cant take longer than this.", "uid: Docker runs as root, this changes owner of written files. -1 to skip chowning", - "max_zip_size: dont allow zip downloads if folder size exceeds this many megabytes" + "max_zip_size: dont allow zip downloads if folder size exceeds this many megabytes", + "app_secret_key: used to encrypt session cookie" ], "workers": 8, "timeout": 3600, "uid": 1000, + "gid": -1, "__do_not_edit": "most likely you will not change anything after this line", "data_folder": "data", "shares_file": "data/shares.json", "zip_folder": "data/.zip", "max_zip_size": 1000, "date_format": "%Y-%m-%d %H:%M", + "app_secret_key": "Cz2dw5NiRt3PSMFBSLTAJJi7kKrc4QU2CdQqEeOaU6", "debug": false }