Temp File Transfer Service
A Flask-based personal temporary file sharing service with a Web UI, API access, and SQLite-backed metadata.
What it does
- Upload files via a Web UI or an API endpoint
- Choose an expiry: 1 hour, 24 hours, or 7 days
- Generate a share URL (UUID) for downloaded access
- File data stored on disk; metadata stored in SQLite
- Web-based download page and a simple API for programmatic uploads
Tech stack
- Flask (Python)
- SQLite (metadata)
- Filesystem storage for actual file data
Local development setup
- Prerequisites
- Python 3.8+ (the project currently uses Python 3.x in this environment)
- pip
- Install dependencies
pip install -r requirements.txt
- Run the server
python app.py
- Access
- Web UI: http://localhost:5000
- API: see /api/upload and /api/file endpoints
Deployment
The production instance runs at:
- Domain:
xiaji-temp.duckdns.org - HTTPS: Let's Encrypt SSL with auto-renewal (certbot timer)
- Nginx: reverse proxy with 500MB upload limit, 80→443 redirect
- Gunicorn: 4 workers, systemd-managed
Project layout
- app.py # Flask application
- config.py # Configuration constants
- database.py # SQLite helpers and data access
- requirements.txt # Python dependencies
- templates/ # Jinja templates (index.html, download.html)
- upload_client.py # Simple API client example for testing
- uploads/ # Storage for uploaded files (created at runtime)
Data model (SQLite)
- Table: files
- id TEXT PRIMARY KEY
- filename TEXT
- filepath TEXT
- filesize INTEGER
- expiry_hours INTEGER
- created_at TIMESTAMP
- expires_at TIMESTAMP
Expiry and cleanup
- Expiry options are defined as 1h, 24h, 7d in config
- A cleanup operation removes expired files from disk and deletes DB rows
- Cleanup is invoked on access endpoints (and can be wired to a cron/daemon later)
Traffic limits
- Maximum file size: 500 MB
- Per-IP daily traffic limit: 20 GB (upload + download combined)
- IP traffic tracked in SQLite
ip_traffictable, reset daily
SSL certificate
- Let's Encrypt certificate deployed via certbot
- Auto-renewal via systemd timer:
certbot.timer - Manual renewal test:
certbot renew --dry-run
Security notes
- Do not commit secrets. Secrets should be provided via environment variables in production.
- This repository currently avoids embedding credentials.
Next steps (optional)
- Add authentication for admin/API usage
- Add rate limiting and upload size limits per user
- Add automated tests and CI integration
License
- MIT or your preferred license (update as needed)
API Usage (Python)
Upload a file via the API endpoint:
import requests
BASE_URL = "https://xiaji-temp.duckdns.org"
expiry = "24h" # 1h, 24h, 7d
with open("/path/to/your/file.zip", "rb") as f:
resp = requests.post(
f"{BASE_URL}/api/upload",
files={"file": ("file.zip", f)},
data={"expiry": expiry},
)
if resp.status_code == 200:
data = resp.json()
print(f"Share URL: {data['share_url']}")
print(f"File ID: {data['id']}")
print(f"Size: {data['filesize']} bytes")
else:
print(f"Upload failed: {resp.json()['error']}")
Response format:
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"filename": "file.zip",
"filesize": 1048576,
"expiry_hours": 24,
"share_url": "https://xiaji-temp.duckdns.org/file/550e8400..."
}
Get file info via API:
resp = requests.get(f"{BASE_URL}/api/file/{file_id}")
if resp.status_code == 200:
info = resp.json()
print(f"Daily upload: {info['daily_upload']} bytes")
print(f"Daily download: {info['daily_download']} bytes")
print(f"Traffic limit: {info['traffic_limit']} bytes (20GB)")
Or use the bundled client script:
python upload_client.py /path/to/file.zip 24h
Contributing
- Pull requests are welcome. Please follow the project style and ensure tests pass.
Contact
- If you need to reach the maintainer, use your preferred channel.