Skip to content

Commit

Permalink
update README
Browse files Browse the repository at this point in the history
  • Loading branch information
@mat-sz
mat-sz committed Oct 27, 2023
1 parent d4c7173 commit 3bae533
Showing 1 changed file with 101 additions and 25 deletions.
126 changes: 101 additions & 25 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,22 +18,21 @@ Easy peer-to-peer file transfer.

### Docker

#### Requirements:
#### Requirements

- docker
- docker-compose
- bash
- openssl
- git

Clone the repo and run the following command:
#### Installation

```
./docker-start.sh
```

Make sure that your user is in the docker group.

In case another reverse proxy is used make sure to change the default port (from 80) and to add the `X-Forwarded-For` header with client's IP address.
1. Ensure that your user is in the `docker` group.
1. Run the following commands in terminal:
1. `git clone https://github.com/mat-sz/filedrop`
2. `chmod +x ./docker-start.sh`
3. `./docker-start.sh`

TURN uses TCP port 3478 and UDP ports 49152-65535.

Expand All @@ -49,9 +48,20 @@ TURN uses TCP port 3478 and UDP ports 49152-65535.

### Manual

> First you need to set up a TURN server (like [coturn](https://github.com/coturn/coturn)).
>
> Then you need to clone this repository, run `yarn build` and then `yarn start`. I also use nginx to proxy the back end through it. [Here's a guide on how to achieve that.](https://www.nginx.com/blog/websocket-nginx/)
#### Requirements

- TURN server, ideally with HMAC authentication, example: [coturn](https://github.com/coturn/coturn)
- node.js 18.x.x, 20+
- git

#### Installation

1. Set up and configure your TURN server and note down the secret for next steps.
2. Run the following in terminal:
1. `git clone https://github.com/mat-sz/filedrop`
2. `corepack yarn install`
3. `corepack yarn build`
4. `corepack yarn start`

### Environment variables

Expand All @@ -73,6 +83,7 @@ The following variables are used in the WebSockets server:
| `WS_MAX_SIZE` | `65536` | The limit should accommodate preview images (100x100 thumbnails). |
| `WS_MAX_NETWORK_CLIENTS` | `64` | Limits the amount of clients that can connect to one room. |
| `WS_REQUIRE_CRYPTO` | `0` | Set to `1` if you want to ensure that all communication between clients is encrypted. HTTPS is required for this to work. |
| `WS_STATIC_ROOT` | `../web/build` | Location of frontend build files relative to `./ws` |
| `STUN_SERVER` | `stun:stun1.l.google.com:19302` | STUN server address. |
| `TURN_MODE` | `default` | `default` for static credentials, `hmac` for time-limited credentials. |
| `TURN_SERVER` | null | TURN server address. |
Expand Down Expand Up @@ -109,24 +120,40 @@ I don't use PeerJS (while the other two projects do) and I also host TURN and We

## HTTPS setup

### Setup with a reverse proxy in front of nginx
### Reverse proxy

1. Configure your reverse proxy to proxy requests to `127.0.0.1:PORT` and then follow your usual instructions for using SSL certificates with said proxy.
2. Rebuild the application.
3. Make sure the TURN server can be connected to from the outside.
1. Configure your reverse proxy to proxy requests to `127.0.0.1:PORT` and then follow the instructions for using SSL certificates with said proxy.
2. Ensure the TURN server can be connected to from the outside.
3. Ensure the `X-Forwarded-For` header is set for every proxied request and contains the IP of the client.
4. Ensure that filedrop is configured with `WS_USE_X_FORWARDED_FOR=1` (or `-f` argument with `docker-start.sh`)

#### Nginx configuration example

More details available here: https://www.nginx.com/blog/websocket-nginx/
More details are available here: https://www.nginx.com/blog/websocket-nginx/

```nginx
worker_processes auto;
Replace `DOMAIN_NAME` with your domain name.

events {
worker_connections 1024;
}
> [!WARNING]
> To use HTTP/3 your nginx must be built with HTTP/3 support.
> To check if your installation of nginx supports HTTP/3 execute `nginx -V` and check for presence of `--with-http_v3_module`.
```nginx
# ...
http {
# BEGIN: HTTP/2 setup
http2 on;
# END: HTTP/2 setup
# BEGIN: HTTP/3 setup
# Feel free to leave this out if not using HTTP/3 or already configured.
http3 on;
http3_hq on;
quic_gso on;
quic_retry on;
# END: HTTP/3 setup
upstream filedrop {
server 127.0.0.1:5000; # 5000 = PORT
}
Expand All @@ -139,9 +166,31 @@ http {
# ...
server {
listen 80;
# server_name should be configured here.
# HTTPS should be configured here. (certbot will handle this for you, if you're using Let's Encrypt.)
server_name DOMAIN_NAME;
listen 443 ssl;
listen [::]:443 ssl;
# BEGIN: HTTP/3 (QUIC) setup
# Feel free to leave this out if not using HTTP/3.
listen 443 quic;
listen [::]:443 quic;
add_header Alt-Svc 'h3=":443"; ma=86400';
add_header x-quic 'h3';
add_header Alt-Svc 'h3-29=":443"; ma=86400';
add_header Alt-Svc 'quic=":443"; ma=86400';
# END: HTTP/3 (QUIC) setup
# BEGIN: SSL certificate
# The following lines will be most likely generated by certbot/Let's Encrypt.
# You may choose to omit them if using certbot.
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
# ...
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# END: SSL certificate
# ...
Expand All @@ -153,6 +202,33 @@ http {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# BEGIN: Caching
location ~* \.(jpg|jpeg|gif|png|svg|bin|img|js|css|woff|woff2|webp)$ {
proxy_pass http://filedrop;
proxy_http_version 1.1;
proxy_cache mycache;
proxy_cache_min_uses 1;
proxy_cache_valid 200 302 1d;
proxy_cache_valid 404 1h;
expires 12M;
add_header Cache-Control "public immutable";
add_header X-Cache-Status $upstream_cache_status;
}
# END: Caching
}
server {
if ($host = DOMAIN_NAME) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name DOMAIN_NAME;
return 404;
}
}
```

0 comments on commit 3bae533

Please sign in to comment.