mirror of
https://github.com/DumbWareio/DumbDrop.git
synced 2025-10-22 23:31:57 +00:00
e963f2bcde
* feat: Add ALLOWED_IFRAME_ORIGINS configuration and update security headers (#47) - Introduced ALLOWED_IFRAME_ORIGINS environment variable to specify trusted origins for iframe embedding. - Updated security headers middleware to conditionally allow specified origins in Content Security Policy. - Enhanced documentation in README.md to explain the new configuration and its security implications. Fixes #35 * feat: Update .env.example and .gitignore for improved configuration management - Enhanced .env.example with detailed comments for environment variables, including upload settings, security options, and notification configurations. - Updated .gitignore to include additional editor and OS-specific files, ensuring a cleaner repository. - Modified package.json to add a predev script for Node.js version validation and adjusted the dev script for nodemon. - Improved server.js shutdown handling to prevent multiple shutdowns and ensure graceful exits. - Refactored config/index.js to log loaded environment variables and ensure the upload directory exists based on environment settings. - Cleaned up fileUtils.js by removing unused functions and improving logging for directory creation. This commit enhances clarity and maintainability of configuration settings and improves application shutdown behavior. * feat: Update Docker configuration and documentation for upload handling - Explicitly set the upload directory environment variable in docker-compose.yml to ensure clarity in file storage. - Simplified the Dockerfile by removing the creation of the local_uploads directory, as it is now managed by the host system. - Enhanced README.md to reflect changes in upload directory management and provide clearer instructions for users. - Removed outdated development configuration files to streamline the development setup. This commit improves the clarity and usability of the Docker setup for file uploads. * feat: Add Local Development Guide and update README for clarity - Introduced a comprehensive LOCAL_DEVELOPMENT.md file with setup instructions, testing guidelines, and troubleshooting tips for local development. - Updated README.md to include a link to the new Local Development Guide and revised sections for clarity regarding upload directory management. - Enhanced the Quick Start section to direct users to the dedicated local development documentation. This commit improves the onboarding experience for developers and provides clear instructions for local setup. * feat: Implement BASE_URL configuration for asset management and API requests - Added BASE_URL configuration to README.md, emphasizing the need for a trailing slash when deploying under a subpath. - Updated index.html and login.html to utilize BASE_URL for linking stylesheets, icons, and API requests, ensuring correct asset loading. - Enhanced app.js to replace placeholders with the actual BASE_URL during HTML rendering. - Implemented a validation check in config/index.js to ensure BASE_URL is a valid URL and ends with a trailing slash. This commit improves the flexibility of the application for different deployment scenarios and enhances asset management. Fixes #34, Fixes #39, Fixes #38 * Update app.js, borked some of the css n such * resolved BASE_URL breaking frontend * fix: Update BASE_URL handling and security headers - Ensured BASE_URL has a trailing slash in app.js to prevent asset loading issues. - Refactored index.html and login.html to remove leading slashes from API paths for correct concatenation with BASE_URL. - Enhanced security headers middleware to include 'connect-src' directive in Content Security Policy. This commit addresses issues with asset management and improves security configurations.
68 lines
1.9 KiB
Plaintext
68 lines
1.9 KiB
Plaintext
#########################################
|
|
# SERVER CONFIGURATION
|
|
#########################################
|
|
|
|
# Port for the server (default: 3000)
|
|
PORT=3000
|
|
|
|
# Base URL for the application (default: http://localhost:PORT)
|
|
BASE_URL=http://localhost:3000/
|
|
|
|
# Node environment (default: development)
|
|
NODE_ENV=development
|
|
|
|
#########################################
|
|
# FILE UPLOAD SETTINGS
|
|
#########################################
|
|
|
|
# Maximum file size in MB (default: 1024)
|
|
MAX_FILE_SIZE=1024
|
|
|
|
# Directory for uploads (Docker/production; optional)
|
|
UPLOAD_DIR=
|
|
|
|
# Directory for uploads (local dev, fallback: './local_uploads')
|
|
LOCAL_UPLOAD_DIR=./local_uploads
|
|
|
|
# Comma-separated list of allowed file extensions (optional, e.g. .jpg,.png,.pdf)
|
|
# ALLOWED_EXTENSIONS=.jpg,.png,.pdf
|
|
ALLOWED_EXTENSIONS=
|
|
|
|
#########################################
|
|
# SECURITY
|
|
#########################################
|
|
|
|
# PIN protection (4-10 digits, optional)
|
|
# DUMBDROP_PIN=1234
|
|
DUMBDROP_PIN=
|
|
|
|
#########################################
|
|
# UI SETTINGS
|
|
#########################################
|
|
|
|
# Site title displayed in header (default: DumbDrop)
|
|
DUMBDROP_TITLE=DumbDrop
|
|
|
|
#########################################
|
|
# NOTIFICATION SETTINGS
|
|
#########################################
|
|
|
|
# Apprise URL for notifications (optional)
|
|
APPRISE_URL=
|
|
|
|
# Notification message template (default: New file uploaded {filename} ({size}), Storage used {storage})
|
|
APPRISE_MESSAGE=New file uploaded {filename} ({size}), Storage used {storage}
|
|
|
|
# Size unit for notifications (B, KB, MB, GB, TB, or Auto; default: Auto)
|
|
APPRISE_SIZE_UNIT=Auto
|
|
|
|
#########################################
|
|
# ADVANCED
|
|
#########################################
|
|
|
|
# Enable automatic upload on file selection (true/false, default: false)
|
|
AUTO_UPLOAD=false
|
|
|
|
# Comma-separated list of origins allowed to embed the app in an iframe (optional)
|
|
# ALLOWED_IFRAME_ORIGINS=https://example.com,https://another.com
|
|
ALLOWED_IFRAME_ORIGINS= |