Rid of every systemd reference
Signed-off-by: Izuru Yakumo <yakumo.izuru@chaotic.ninja>
このコミットが含まれているのは:
コミット
363d4f49a7
|
@ -1,22 +0,0 @@
|
|||
[Unit]
|
||||
Description=Prune 0x0 files
|
||||
After=remote-fs.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
User=nullptr
|
||||
WorkingDirectory=/path/to/0x0
|
||||
BindPaths=/path/to/0x0
|
||||
|
||||
Environment=FLASK_APP=fhost
|
||||
ExecStart=/usr/bin/flask prune
|
||||
ProtectProc=noaccess
|
||||
ProtectSystem=strict
|
||||
ProtectHome=tmpfs
|
||||
PrivateTmp=true
|
||||
PrivateUsers=true
|
||||
ProtectKernelLogs=true
|
||||
LockPersonality=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Prune 0x0 files
|
||||
|
||||
[Timer]
|
||||
OnCalendar=hourly
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -1,22 +0,0 @@
|
|||
[Unit]
|
||||
Description=Scan 0x0 files with ClamAV
|
||||
After=remote-fs.target clamd.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
User=nullptr
|
||||
WorkingDirectory=/path/to/0x0
|
||||
BindPaths=/path/to/0x0
|
||||
|
||||
Environment=FLASK_APP=fhost
|
||||
ExecStart=/usr/bin/flask vscan
|
||||
ProtectProc=noaccess
|
||||
ProtectSystem=strict
|
||||
ProtectHome=tmpfs
|
||||
PrivateTmp=true
|
||||
PrivateUsers=true
|
||||
ProtectKernelLogs=true
|
||||
LockPersonality=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Scan 0x0 files with ClamAV
|
||||
|
||||
[Timer]
|
||||
OnCalendar=hourly
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
14
0x0.service
14
0x0.service
|
@ -1,14 +0,0 @@
|
|||
[Unit]
|
||||
Description=The null pointer
|
||||
Documentation=https://0x0.st
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
WorkingDirectory=/usr/local/0x0
|
||||
ExecStart=/usr/bin/uwsgi --ini app.ini
|
||||
Restart=on-failure
|
||||
User=nullptr
|
||||
Group=nullptr
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,2 @@
|
|||
FLASK_APP=fhost
|
||||
* * 15 * * flask prune
|
|
@ -0,0 +1,2 @@
|
|||
FLASK_APP=fhost
|
||||
@hourly flask vscan
|
33
README.md
33
README.md
|
@ -36,13 +36,10 @@ This is a problem for example when streaming media files: It won't be
|
|||
possible to seek, and some ISOBMFF (MP4) files will not play at all.
|
||||
|
||||
To make files expire, simply run `FLASK_APP=fhost flask prune` every now
|
||||
and then. You can use the provided systemd unit files for this:
|
||||
and then. You can use the provided crontab files for this.
|
||||
|
||||
0x0-prune.service
|
||||
0x0-prune.timer
|
||||
|
||||
Make sure to edit them to match your system configuration. In
|
||||
particular, set the user and paths in `0x0-prune.service`.
|
||||
Make sure to edit them to match your system configuration, assuming
|
||||
you have read `crontab(5)` on a sane OS.
|
||||
|
||||
Before running the service for the first time and every time you update
|
||||
it from this git repository, run `FLASK_APP=fhost flask db upgrade`.
|
||||
|
@ -51,7 +48,7 @@ it from this git repository, run `FLASK_APP=fhost flask db upgrade`.
|
|||
|
||||
![image](modui.webp){height="300px"}
|
||||
|
||||
0x0 features a TUI program for file moderation. With it, you can view a
|
||||
0x0a features a TUI program for file moderation. With it, you can view a
|
||||
list of uploaded files, as well as extended information on them. It
|
||||
allows you to take actions like removing files temporarily or
|
||||
permanently, as well as blocking IP addresses and associated files.
|
||||
|
@ -59,23 +56,22 @@ permanently, as well as blocking IP addresses and associated files.
|
|||
If a sufficiently recent version of python-mpv with libmpv is present
|
||||
and your terminal supports it, you also get graphical file previews,
|
||||
including video playback. Upstream mpv currently supports sixels and the
|
||||
[kitty graphics
|
||||
protocol](https://sw.kovidgoyal.net/kitty/graphics-protocol/). For this
|
||||
[kitty graphics protocol](https://sw.kovidgoyal.net/kitty/graphics-protocol/). For this
|
||||
to work, set the `MOD_PREVIEW_PROTO` option in `instance/config.py`.
|
||||
|
||||
Requirements:
|
||||
|
||||
- [Textual](https://textual.textualize.io/)
|
||||
* [Textual](https://textual.textualize.io/)
|
||||
|
||||
Optional:
|
||||
|
||||
- [python-mpv](https://github.com/jaseg/python-mpv) (graphical
|
||||
* [python-mpv](https://github.com/jaseg/python-mpv) (graphical
|
||||
previews)
|
||||
- [PyAV](https://github.com/PyAV-Org/PyAV) (information on multimedia
|
||||
* [PyAV](https://github.com/PyAV-Org/PyAV) (information on multimedia
|
||||
files)
|
||||
- [PyMuPDF](https://github.com/pymupdf/PyMuPDF) (previews and file
|
||||
* [PyMuPDF](https://github.com/pymupdf/PyMuPDF) (previews and file
|
||||
information for PDF, XPS, EPUB, MOBI and FB2)
|
||||
- [libarchive-c](https://github.com/Changaco/python-libarchive-c)
|
||||
* [libarchive-c](https://github.com/Changaco/python-libarchive-c)
|
||||
(archive content listing)
|
||||
|
||||
** Note: [Mosh](https://mosh.org/) currently does not support sixels or kitty
|
||||
|
@ -90,7 +86,7 @@ bandwidth requirements for graphics.
|
|||
|
||||
# NSFW Detection
|
||||
|
||||
0x0 supports classification of NSFW content via Yahoo's open\_nsfw Caffe
|
||||
0x0a supports classification of NSFW content via Yahoo's open\_nsfw Caffe
|
||||
neural network model. This works for images and video files and requires
|
||||
the following:
|
||||
|
||||
|
@ -104,8 +100,7 @@ time for larger files, this does not happen immediately but instead
|
|||
every time you run the `vscan` command. It is recommended to configure a
|
||||
systemd timer or cronjob to do this periodically. Examples are included:
|
||||
|
||||
0x0-vscan.service
|
||||
0x0-vscan.timer
|
||||
0x0a-vscan.crontab
|
||||
|
||||
Remember to adjust your size limits in clamd.conf, including
|
||||
`StreamMaxLength`!
|
||||
|
@ -115,9 +110,9 @@ module](https://pypi.org/project/clamd/).
|
|||
|
||||
# Network Security Considerations
|
||||
|
||||
Keep in mind that 0x0 can fetch files from URLs. This includes your
|
||||
Keep in mind that 0x0a can fetch files from URLs. This includes your
|
||||
local network! You should take precautions so that this feature cannot
|
||||
be abused. 0x0 does not (yet) have a way to filter remote URLs, but on
|
||||
be abused. 0x0a does not (yet) have a way to filter remote URLs, but on
|
||||
Linux, you can use firewall rules and/or namespaces. This is less
|
||||
error-prone anyway.
|
||||
|
||||
|
|
読み込み中…
新しいイシューから参照