Comments (7)
@guusdk : Just to confirm that i manage to configure the plugin to keep my files on a docker volume for each openfire instances using variable plugin.httpfileupload.fileRepo. Attachement files are now manageables and it cope with docker technology. Files are located in a safer place outside each docker instances. Such a solution is much more safer and better than usual sqllite database on each client phone as whatsapp telegram does. Local sqllite storage for sensitive attachement and files is a stupidity that bring many possible security exploits and overflows
Thanks for your efforts and changes made !
from openfire-httpfileupload-plugin.
@fais3000
Hello, to awswer your questions : What i am doing is
-Create an openfire with a "docker run" instruction with -v to specifify an outside volume/mount to store attachements so something like :
docker run --name www -v /data/ATTACHEMENTS/WWW:/attachements/WWW
In this case data are stores into /data/ATTACHEMENTS/WWW on the main host
Then configure Openfire variables of your docker instance to target /attachements/WWW
Configure at least plugin.httpfileupload.fileRepo and plugin.httpfileupload.maxFileSize to modify max file size
See also attachement
You need to create a dedicated volume for it
Many thanks @guusdk for this hack, we can now manage & keep attachement for all openfire instances, it helps a lot.
Hope this helps your quest
Claude-
from openfire-httpfileupload-plugin.
This is ok to post feature requests here. Although it is preferable one per ticket 😊 i suggest keeping this ticket for the secure url and move stuff about file and folder management to a new one.
For secure link to work users would have to somehow login to the server on the web besides the regular login in a client. Maybe http bind can be used for it. Not sure if this can be automated or at least do only one login first time.
Btw, that would go against the standard's requirement:
Do not provide any kind of access control or security for file retrieval beyond Transport Layer Security in form of HTTPS and long random paths that are impossible to guess. That means everyone who knows the URL SHOULD be able to access it.
https://xmpp.org/extensions/xep-0363.html
from openfire-httpfileupload-plugin.
@wrooot Thanks a lot for yr detailed & precise answer. I fully understand limits of security suggestion as it goes against xep-0363. Any improvement for uploaded file enhanced security would be an asset. thanks a lot for considering the point.
Thanks also for considering a better storage management improvement for uploaded files, purge & specific no tmp folder.
from openfire-httpfileupload-plugin.
Although I've not tested this myself yet, it should be possible to use another folder than a tmp folder by setting the property plugin.httpfileupload.fileRepo
to a location on disk (since version 1.1.1)
from openfire-httpfileupload-plugin.
@guusdk : Thanks a lot this change/enhancement, it will be very helpful. I will investigate ASAP and test but probably a very nice way to fix attachement files that get purged into /tmp when docker instances are restarted 👍 COOL !!!
:)
from openfire-httpfileupload-plugin.
@ClaudeStabile Can you please share your configuration for plugin.httpfileupload.fileRepo
for docker setup? When I add a value of "/var/lib/openfire/files" I got 403 on PUT.
Note /var/lib/openfire is already shared with the docker host.
Here is my docker-compose
version: '2'
services:
openfire:
container_name: openfire
image: kaneymhf/openfire
ports:
- "9090:9090/tcp"
- "9091:9091/tcp"
- "5223:5222/tcp"
- "7777:7777/tcp"
- "7070:7070/tcp"
- "7443:7443/tcp"
volumes:
- /srv/docker/openfire/data:/var/lib/openfire
- /srv/docker/openfire/logs:/var/log/openfire
from openfire-httpfileupload-plugin.
Related Issues (20)
- Server returns 500 error on upload. Fixed by restarting openfire service but problem keeps appearing later. HOT 1
- How to configure HTTPS domain names HOT 1
- Allow content-security-policy headers to be defined HOT 3
- Update to HTTP File Upload Component to version 1.4.0
- Assembly jar name does not match nomenclature for other ignite openfire plugins
- Default maxFileSize value HOT 2
- Fix API incompatibilities with upcoming Openfire 4.8
- Add documentation for configuration in a clustered environment
- When using non-encrypted scheme, default to non-encrypted port
- Use SystemProperty to replace old style properties
- Slot manager should be cluster-aware HOT 1
- Announced URL configuration should be cluster-node specific HOT 2
- ClassCastException when running v1.2.0 in cluster HOT 2
- What happens when the file storage path becomes unavailable? HOT 2
- What happens when the file storage volume is full?
- What happens to the plugin during clustering interruptions?
- Add support for (virus)scanning uploaded content HOT 1
- Update component to v1.7.0
- GET URL opens directly in browser, download button missing HOT 5
- Authentication for GET and PUT url generated by httpfileupload HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openfire-httpfileupload-plugin.