Skip to main content

Send - Temporary File Sharing

Send is a simple, private file sharing web service. It provides an interface for users to upload files temporarily for other users to download.

Access

Send is reverse-proxied by the Secure Web Application Gateway. It is published on send.kasad.com. The Send endpoint is not protected by Cloudflare Access policies in order to make it easier to share files to non-authenticated users.

Deployment

Send runs as a single Docker container using the registry.gitlab.com/timvisee/send:latest image. We deploy it as a Docker Compose stack using Portainer for easy configuration:

version: '3'

services:
  send:
    image: registry.gitlab.com/timvisee/send:latest
    container_name: send
    restart: unless-stopped
    environment:
      BASE_URL: https://send.kasad.com
      DETECT_BASE_URL: true
      MAX_FILE_SIZE: 1073741824 # 1 GB
      MAX_EXPIRE_SECONDS: 86400 # 24 hrs
      EXPIRE_TIMES_SECONDS: 120,600,1800,3600,21600,86400 # 2 min, 10 min, 30 min, 1 hr, 6 hrs, 24 hrs
    volumes:
      - /srv/send/uploads:/uploads
    networks:
      - default
      - swag
      
networks:
  swag:
    external: true
    name: swag_default

SWAG network

The Send container is reverse-proxied behind the Secure Web Application Gateway, so the SWAG container needs network access to the Send container. This has been done in the Compose stack above. See this explanation for details.

Persistent uploads storage

While it is not required, we want to ensure that if the Send container crashes or is restarted, the uploaded files will remain intact. To accomplish this, we mount a persistent storage volume on the /uploads path inside the container:

    volumes:
      - /srv/send/uploads:/uploads

Configuration

Configuration for the Send container is done using environment variables. For ease of configuration, we define these in the container's environment section within the Docker Compose file.

Base URL

We configure the base URL which is used to generate URLs for sharing. We also enable auto-detection, but this only comes into effect whenn the base URL is not defined.

BASE_URL: https://kasad.com
DETECT_BASE_URL: true

File upload limits

We don't want users abusing the service, so we impose a maximum file size of 1 GB:

MAX_FILE_SIZE: 1073741824 # 1 GB

The maximum HTTP request size is also set to 1 GB in the NGINX config for our site within the SWAG container:

# config/nginx/proxy-confs/send.subdomain.conf
server {
  # ...
  
  client_max_body_size 1G;
  
  # ...
}

File retention period

We want to allow the user to specify a file retention time. However, we don't want to allow retention past 24 hours in order to keep disk usage low.

MAX_EXPIRE_SECONDS: 86400 # 24 hrs
EXPIRE_TIMES_SECONDS: 120,600,1800,3600,21600,86400 # 2 min, 10 min, 30 min, 1 hr, 6 hrs, 24 hrs