# Temp File Transfer Service A Flask-based personal temporary file sharing service with a Web UI, API access, and SQLite-backed metadata. What it does - Upload files via a Web UI or an API endpoint - Choose an expiry: 1 hour, 24 hours, or 7 days - Generate a share URL (UUID) for downloaded access - File data stored on disk; metadata stored in SQLite - Web-based download page and a simple API for programmatic uploads Tech stack - Flask (Python) - SQLite (metadata) - Filesystem storage for actual file data Local development setup 1. Prerequisites - Python 3.8+ (the project currently uses Python 3.x in this environment) - pip 2. Install dependencies ```bash pip install -r requirements.txt ``` 3. Run the server ```bash python app.py ``` 4. Access - Web UI: http://localhost:5000 - API: see /api/upload and /api/file endpoints Deployment The production instance runs at: - **Domain**: `xiaji-temp.duckdns.org` - **HTTPS**: Let's Encrypt SSL with auto-renewal (certbot timer) - **Nginx**: reverse proxy with 500MB upload limit, 80→443 redirect - **Gunicorn**: 4 workers, systemd-managed Project layout - app.py # Flask application - config.py # Configuration constants - database.py # SQLite helpers and data access - requirements.txt # Python dependencies - templates/ # Jinja templates (index.html, download.html) - upload_client.py # Simple API client example for testing - uploads/ # Storage for uploaded files (created at runtime) Data model (SQLite) - Table: files - id TEXT PRIMARY KEY - filename TEXT - filepath TEXT - filesize INTEGER - expiry_hours INTEGER - created_at TIMESTAMP - expires_at TIMESTAMP Expiry and cleanup - Expiry options are defined as 1h, 24h, 7d in config - A cleanup operation removes expired files from disk and deletes DB rows - Cleanup is invoked on access endpoints (and can be wired to a cron/daemon later) Traffic limits - Maximum file size: 500 MB - Per-IP daily traffic limit: 20 GB (upload + download combined) - IP traffic tracked in SQLite `ip_traffic` table, reset daily SSL certificate - Let's Encrypt certificate deployed via certbot - Auto-renewal via systemd timer: `certbot.timer` - Manual renewal test: `certbot renew --dry-run` Security notes - Do not commit secrets. Secrets should be provided via environment variables in production. - This repository currently avoids embedding credentials. Next steps (optional) - Add authentication for admin/API usage - Add rate limiting and upload size limits per user - Add automated tests and CI integration License - MIT or your preferred license (update as needed) API Usage (Python) Upload a file via the API endpoint: ```python import requests BASE_URL = "https://xiaji-temp.duckdns.org" expiry = "24h" # 1h, 24h, 7d with open("/path/to/your/file.zip", "rb") as f: resp = requests.post( f"{BASE_URL}/api/upload", files={"file": ("file.zip", f)}, data={"expiry": expiry}, ) if resp.status_code == 200: data = resp.json() print(f"Share URL: {data['share_url']}") print(f"File ID: {data['id']}") print(f"Size: {data['filesize']} bytes") else: print(f"Upload failed: {resp.json()['error']}") ``` Response format: ```json { "id": "550e8400-e29b-41d4-a716-446655440000", "filename": "file.zip", "filesize": 1048576, "expiry_hours": 24, "share_url": "https://xiaji-temp.duckdns.org/file/550e8400..." } ``` Get file info via API: ```python resp = requests.get(f"{BASE_URL}/api/file/{file_id}") if resp.status_code == 200: info = resp.json() print(f"Daily upload: {info['daily_upload']} bytes") print(f"Daily download: {info['daily_download']} bytes") print(f"Traffic limit: {info['traffic_limit']} bytes (20GB)") ``` Or use the bundled client script: ```bash python upload_client.py /path/to/file.zip 24h ``` Contributing - Pull requests are welcome. Please follow the project style and ensure tests pass. Contact - If you need to reach the maintainer, use your preferred channel.