maxpowa / nodepomf Goto Github PK

I'd appreciate the possibility to delete an upload afterwards, probably via delete link

Ye fam https://github.com/lich/limf

A pastebin so pastes don't have to be on another subdomain.

Hi,

So I installed the website, and I go to IPADRESS/kanri/login and I connect with github, but he come back on the login page like I never login. I tried on another navigator (into private) and still doesn't work.

There is my conf file :

Github client id and secret keys, for Kanri authentication
config.GITHUB_CLIENT_ID = "xxx";
config.GITHUB_CLIENT_SECRET = "xxx";

// Session options for Kanri. !! YOU MUST SET THESE FOR KANRI TO WORK !!
// Set cookies are always signed with keys[0], while the other keys are
// valid for verification, allowing for key rotation.
// If you don't want to use key rotation, remove the 'keys' and use 'secret'
// instead.
// Documentation: https://github.com/expressjs/cookie-session#cookie-options
config.SESSION_OPTIONS = {
	name: 'kanri.session',
	keys: ['lmaotestingidk', 'lmaotestingidkoldlmao'],
	maxAge: (86400 * 1000), // 1 day (milliseconds)
	secureProxy: false, // Should be true if you are proxying w/ nginx etc
	domain: "http://94.177.249.162" // You should set this to your domain
}

And I use this configuration :

upstream npomf {
  server 127.0.0.1:3000;
  keepalive 128;
}
server {
  listen 80;
  listen [::]:80 ipv6only=on;

  server_name 94.177.249.162;

  location / {
    root home/suzu/npomf/files;
    try_files $uri @npomf;

    charset UTF-8;
  }

  location @npomf {
    proxy_pass http://localhost:3000/;
    proxy_redirect off;

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
  }
}

I hope you can help me,

Bye.

Im getting a error saying Server responded with 0 code. when uploading a img file

Need to be able to upload on a seperate domain to everything else to circumvent cloudflare.

Is this worth it? Would allow for plausible deniability for server owners with regards to the files they're hosting and allows paranoid users to upload without concerning themselves about the intent of the server owner. Would require different handling for downloads, maybe a /decrypt endpoint or something.

In config/core.js line 112

// Session options for Kanri. !! YOU MUST SET THESE FOR KANRI TO WORK !!

I understand that it's some auth. page, but could you explain what this is for, do I even need it?

Maxpowa pls

https://developers.google.com/speed/pagespeed/insights/?url=https%3A%2F%2Faww.moe%2F&tab=desktop

There should be a limit for the whole site of upload data per hour, preferably rolling limit. This prevents the drive filling up. This limit being hit should send an email (or Pushbullet) to the owner.

Might also be a good idea to stop uploads completely when it hits a certain amount of disk space left.

Maxpowa is a fgt and won't do as he is told

THis is an issue

https://github.com/pomf/pomf-standard#json

Could break uploader tools in use that had expected the old pomf response ("url" in the file object is just the path of the file, not the full http://pomf.clone/xxx.png)