DownloadTicketService

From SME Server
Jump to navigation Jump to search



Maintainer

Daniel B.
Firewall Services
mailto:daniel@firewall-services.com


Description

Download Ticket Service (or DL for short) is a file exchange service that allows you to upload any file to a web server and generate a unique ticket for others to download. The ticket is automatically expired according to the specified rules, so that you don't need to keep track or cleanup afterward. "dl" also allows you to grant an anonymous, one-time upload for others to send you a file, without the requirement of account management.

Requirement

This contrib has been developped and tested on SME Server 8 and later.

Installation

Configure Firewall-Services's repository:

db yum_repositories set fws repository \
BaseURL http://repo.firewall-services.com/centos/\$releasever \
EnableGroups no GPGCheck yes \
Name "Firewall Services" \
GPGKey http://repo.firewall-services.com/RPM-GPG-KEY \
Visible yes status disabled
signal-event yum-modify
  • install the rpms
yum --enablerepo=fws install smeserver-dl
  • Appply the needed configuration:
signal-event webapps-update
db configuration set UnsavedChanges no

You can now access the application using this URL: https://your-server.domain.tld/dl All users created on your SME Server can login with their usual credentials.

Additional options

Some settings are available from the DB

  • Authentication: Control the way users are authenticated. Correct values are http (apache protect the access) or LemonLDAP which uses LemonLDAP-NG to validate credentials. Default is http
  • AliasOnPrimary: can be enabled or disabled (default is enabled). This prop lets you disable the access to Download Ticket Service on your primary domain (the alias /dl won't be added in apache configuration). This is useful if you want the application to be available only with a virtualhost.
  • status (enabled|disabled). Enable or disable web access, as well as the demon update
  • access (public|private). Public by default, if set to private, access will only be allowed from local networks and IP address allowed to access the server-manager
  • Url: Used to generate download links in email notification. Default is https://$SystemName.$DomainName/dl.
  • DbUser, DbName and DbPassword. Controls MySQL database settings. Default to dl as database name and user. The password is randomly generated after installation. You shouldn't have to change these settings
  • MaxUploadSize: max file size in MB of uploaded files. Default is 1024

example:

db configuration setprop dl MaxUploadSize 250
signal-event webapps-update

Logs

All actions (ticket and grant creation or expiration, downloads etc...) are logged in /var/log/dl.log

Backup and restore

Uploads are stored in /var/lib/dl. You should backup this directory if you want to be able to restore active tickets.

Integration with LemonLDAP::NG

Download Ticket Service can be protected by LemonLDAP-NG. Here're the steps to protect it

Disable the access on the primary domain

You should disable the access to Download Ticket Service on your primary domain:

db configuration setprop dl AliasOnPrimary disabled
signal-event webapps-update

Enable LemonLDAP::NG integration

This contrib support LemonLDAP NG auth quite easily:

db configuration setprop dl Authentication LemonLDAP
signal-event webapps-update

Create a new virtualhost for Download Ticket Service

Lets create a new virtualhost for Download Ticket Service. You can choose the name you want, for example, lets create dl.domain.tld:

db domains set dl.$(db configuration get DomainName) domain Content Primary Description 'Download Ticket Service' \
DocumentRoot /usr/share/dl Nameservers internet TemplatePath WebAppVirtualHost \
Authentication LemonLDAP
signal-event domain-create dl.$(db configuration get DomainName)
db configuration setprop dl Url https://dl.$(db configuration get DomainName)
signal-event webapps-update

Declare this virtualhost in LemonLDAP::NG

You can now create the virtualhost in LemonLDAP management interface. Only /admin.php and /rest.php should be protected. Here're the rules I use:

  • Comment: 10auth
  • Expression: ^/(admin|rest)\.php
  • Rule: $groups =~ /\badmins|equipe\b/
  • Comment: default
  • Rule: unprotect

Thunderbird

You can use Download Ticket Service directly from Thunderbird using its FileLink feature. See http://www.thregr.org/~wavexx/software/dl/thunderbird.html for more information

Uninstall

If you want to remove the contrib, just run:

yum remove dl


Source

The source for this contrib can be found in Firewall-Services's repository [1].