mixa/ZFile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
mixa c3a758e8d6 feat: overhaul drive UI and previews
2026-03-10 17:58:02 +03:00
backend
feat: overhaul drive UI and previews
2026-03-10 17:58:02 +03:00
frontend
feat: overhaul drive UI and previews
2026-03-10 17:58:02 +03:00
.dockerignore
Initial FileZ project setup
2026-03-02 22:32:46 +03:00
.gitignore
Initial FileZ project setup
2026-03-02 22:32:46 +03:00
AGENTS.md
Add agent guide and improve drive navigation UX
2026-03-02 23:14:01 +03:00
docker-compose.yml
Initial FileZ project setup
2026-03-02 22:32:46 +03:00
Dockerfile.single
Initial FileZ project setup
2026-03-02 22:32:46 +03:00
Makefile
Autocommit test+ui polish
2026-03-06 21:32:58 +03:00
README.md
feat: overhaul drive UI and previews
2026-03-10 17:58:02 +03:00

README.md

FileZ

Drive-like app with Go backend + Bun/React frontend.

What is implemented

  • Public registration disabled
  • Admin-only account creation from web admin panel
  • Admin credentials loaded from root /.env (ADMIN_PASSWORD_HASH)
  • Secure auth: Argon2id password hashing, short-lived JWT access cookie, rotating hashed refresh tokens
  • Per-account data isolation in user-specific roots
  • File manager with upload, folder create, delete, preview, download
  • Folder download as archive (ZIP by default, optional RAR)
  • Markdown editor with live preview (.md, .markdown)
  • In-app image/video preview dialog
  • Resumable downloads via HTTP Range (Accept-Ranges: bytes)
  • Expiring share links with optional max download count
  • Programmer color schemes per user: dracula|nord|monokai|solarized|github + light|dark|auto
  • Separate Web UI URLs: /drive (files) and /admin (admin)
  • Landing page at /
  • UI uses Radix-based components (shadcn-style wrappers)
  • Auto language detection with English/Russian translations
  • Optional per-user FTP and FTPS access (same FileZ usernames/passwords)
  • Optional Google OAuth login (auto-provisions user on first sign-in or links to existing signed-in user)

Task-style commands

Run from repository root:

npx --yes concurrently -n setup-backend,setup-frontend "cd backend && go mod tidy" "cd frontend && bun install"

Start both API and Web UI:

cd frontend && bun run dev:full

Build checks:

npx --yes concurrently -n build-api,build-web "cd backend && go build ./..." "cd frontend && bun run build"

Open URLs:

  • https://file.example.com/
  • https://file.example.com/drive
  • https://file.example.com/admin

Docker (no nginx)

This stack does not run nginx. Frontend is served by Bun (vite preview) and backend is Go. All container runtime images are Alpine-based where possible.

Edit ports in root /.env:

  • APP_HOST_PORT
  • APP_INTERNAL_PORT
  • BACKEND_HOST_PORT
  • BACKEND_INTERNAL_PORT
  • FRONTEND_HOST_PORT
  • FRONTEND_INTERNAL_PORT

Use default app/backend config from root /.env.

Build and start:

make up

Run attached (foreground logs):

make run-all

Run locally without Docker (backend + frontend dev):

make run-local

Build and start as a single container (single binary backend with embedded frontend):

docker compose --profile single up -d --build

Stop:

make down

Single binary build (local)

Build one Linux binary that includes backend + frontend assets:

make build-all

Output binary:

  • dist/driveflow-allinone

Backend env

Defaults are already provided in root /.env.

Important values:

  • ADMIN_LOGIN
  • ADMIN_PASSWORD_HASH
  • JWT_SECRET
  • DB_PATH
  • STORAGE_ROOT
  • ALLOWED_HOST
  • CORS_ALLOWED_ORIGIN
  • APP_DOMAIN
  • MAX_BODY_MB
  • OCR_LANGS (default: eng+osd, example: eng+osd+rus)
  • RATE_LIMIT_PER_MIN
  • AUTH_RATE_LIMIT_PER_MIN
  • GOOGLE_AUTH_ENABLED
  • GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
  • optional GOOGLE_REDIRECT_URL (default: https://<host>/api/auth/google/callback)
  • optional overrides GOOGLE_AUTH_URL, GOOGLE_TOKEN_URL, GOOGLE_USERINFO_URL
  • FTP_ENABLED
  • FTP_HOST, FTP_PORT, FTP_PUBLIC_IP, FTP_PASSIVE_PORTS
  • FTPS_ENABLED
  • FTPS_HOST, FTPS_PORT, FTPS_PUBLIC_IP, FTPS_PASSIVE_PORTS
  • FTPS_CERT_FILE, FTPS_KEY_FILE, FTPS_EXPLICIT, FTPS_FORCE_TLS
  • FTPS_LETSENCRYPT_DOMAIN, FTPS_LETSENCRYPT_DIR

Generate admin hash:

cd backend && go run . hash-admin "your-strong-password"

Host/CORS policy:

  • Requests are allowed only when host matches ALLOWED_HOST (example: file.example.com)
  • CORS allows only CORS_ALLOWED_ORIGIN
  • If ALLOWED_HOST/CORS_ALLOWED_ORIGIN are empty, backend derives them from APP_DOMAIN

API security hardening:

  • Security headers (CSP, HSTS, X-Frame-Options, etc.)
  • Request body size limits for non-upload API endpoints
  • Built-in per-IP rate limiting (general and stricter auth limits)
  • Panic recovery middleware

Folder archive notes:

  • User can choose archive format in UI Settings modal
  • ZIP works out of the box
  • TAR.GZ works out of the box
  • RAR requires rar binary installed on the backend host/container
  • LZ4 requires lz4 binary installed on the backend host/container

File tags:

  • Users can assign tags to files/folders directly in Drive
  • Tags are stored per-user and can be used as a sidebar filter

Optional FTP server mode (same credentials as Web login):

  • FTP_ENABLED=true
  • FTP_HOST=0.0.0.0
  • FTP_PORT=2121
  • Optional passive mode config: FTP_PUBLIC_IP, FTP_PASSIVE_PORTS

Optional FTPS server mode (same credentials as Web login, per-user roots):

  • FTPS_ENABLED=true
  • FTPS_HOST=0.0.0.0
  • FTPS_PORT=2990
  • FTPS_CERT_FILE=/path/to/fullchain.pem
  • FTPS_KEY_FILE=/path/to/privkey.pem
  • OR Let's Encrypt paths auto-discovery:
    • FTPS_LETSENCRYPT_DOMAIN=file.example.com
    • optional FTPS_LETSENCRYPT_DIR=/etc/letsencrypt/live
  • Optional passive mode config: FTPS_PUBLIC_IP, FTPS_PASSIVE_PORTS
  • FTPS_EXPLICIT=true enables explicit FTPS (AUTH TLS)
  • FTPS_FORCE_TLS=true requires TLS for authenticated sessions

Optional Google OAuth login:

  • GOOGLE_AUTH_ENABLED=true
  • GOOGLE_CLIENT_ID=...
  • GOOGLE_CLIENT_SECRET=...
  • GOOGLE_REDIRECT_URL=https://file.example.com/api/auth/google/callback (recommended)
  • Add redirect URI in Google Cloud Console to match your callback URL
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 22 MiB
Languages
Go 54.6%
TypeScript 41.7%
CSS 2.8%
Makefile 0.3%
Dockerfile 0.3%
Other 0.3%