1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
# Vault
Note: This software is WIP. There may be bugs or unintended behavior.
Vault is an opinionated web-based file manager. It is built in C for OpenBSD around the CGI standard, following these main principles:
* __simple__: browse, create and delete folders; download and upload files. JavaScript support is optional on the client side and its absence should be handled gracefully. Everything should work from a terminal-based web browser
* __fast__: with the server running on an ARM SBC, there should not be any noticeable delay when loading a page
It should also compile and run on any POSIX OS with minor modifications. On Linux, `bmake(1)` should be used instead of `make(1)`, and configuration should be adjusted in the `Makefile`. Please note that sandboxing is implemented for OpenBSD _only_.
## Configure
The parameters and their documentation are in the `config.h` source file. You should read and adjust this file as needed before you build. The default config assumes a chrooted web server and sets a data directory `/vault-data` (that is `/var/www/vault-data` outside of the chroot).
## Build & run
Vault comes with a Makefile:
$ make
# make install
The vault binary will be installed as `/var/www/cgi-bin/vault`. Static resources will be installed in `/var/www/vault-static` and should be served from `/static`. You need to configure your web server accordingly, see below for sample files. If the log file does not exist, you need to create it. Here is how to do it for a chrooted web server, like OpenBSD's `httpd(8)`:
# touch /var/www/logs/vault.log
# chown www /var/www/logs/vault.log
On other operating systems, assuming a web server that is _not_ chrooted, `config.h` sets the log path to `/var/log/vault.log` instead.
By default on OpenBSD, the `slowcgi(8)` daemon allows a timeout of 2 minutes for CGI programs. This might not be enough if you want to allow users to download large files. This timeout can be increased by changing the `slowcgi(8)` parameters in `/etc/rc.conf.local`, for example to allow up to 10 minutes :
slowcgi_flags="-t 600"
## Sample httpd.conf
server "server" {
listen on * port 80
connection {
# allow up to 512M uploads
max request body 536870912
}
location "/vault/*" {
root "/cgi-bin/vault"
fastcgi param VAULT_DATA_DIR "/vault-data"
request strip 1
}
location "/static/*" {
root "/vault-static"
request strip 1
gzip-static
}
}
## Sample lighttpd.conf
server.modules+=("mod_alias", "mod_cgi", "mod_setenv")
server.port=80
server.document-root="/var/www/html"
server.errorlog="/var/log/lighttpd/error.log"
server.pid-file="/run/lighttpd.pid"
server.username="www-data"
server.groupname="www-data"
index-file.names=("index.html")
setenv.set-environment=("VAULT_DATA_DIR" => "/var/www/vault-data")
alias.url = ("/static" => "/var/www/vault-static")
$HTTP["url"] =~ "^/vault(?:/|$)" {
alias.url = ("/vault" => "/var/www/cgi-bin/vault")
cgi.assign = ("" => "")
}
|