Jyraphe, your web file repository

Jyraphe is a web application of file repository, easy to install and easy to use. Jyraphe is an entirely free application, it is distributed under the terms of the GNU Affero General Public License, version 3 or later. Jyraphe is developped according to the "Getting Real" philosophy, so it only has the necessary features.

The latest stable version is jyraphe-0.5.tar.gz.

About Jyraphe

Principles of Jyraphe

You want to send a mail with an attachment that has a size over the authorized size? You want to share a document with a mailing list without sending this document to the list? You can't send a file through an instant messenging network? Jyraphe is for you!

The aim of Jyraphe is to propose a simple web application of file repository that anyone can install on his part of server. The aim is to multiply the Jyraphes over the Internet, contrary to some sites whose aim is to centralize the service at maximum, adding some advertisements that hurts eyes.

Features

Here are the main features of Jyraphe.

One file, one link

You upload a file and you get back a link on that file that you can share. When your friends follow this link, they download the file as you uploaded it and can save it.

Direct visualisation of images and text

If the file that you uploaded is an image or a text, then it appears directly in the browser, like any image of any text.

One time download

You can also upload a file that will only be downloaded once. Le given link is only available one unique time, then the file disappears.

Time limit

It is possible to indicate a time limit for downloading a file. After this limit, the file won't be accesible any longer. It's a good way of proposing temporary files.

Access restriction by password

You can associate a password with a file, allowing to restrict the access of a file to the people to whom you gave both the URL and the password.

No database

Jyraphe works with no database. Jyraphe only needs PHP and uses the file system as a natural storage.

Jyraphe user's guide

You are now convinced that Jyraphe is good for you. It's time to get it and install it.

Simplified installation

Getting the archive

The first step is to get the archive containing the sources. For this, download the stable version: jyraphe-0.5.tar.gz. The decompressed archive will create a jyraphe directory.

Setting the site

You just have to copy the content of the pub/ directory on your web space.

Simplified configuration

Launch the simplified install script install.php and follow all the given instructions. In particular, you have to:

Once the install is finished, verify that the site works correctly and delete the install script install.php. Take the write right (but not read right) from the web server on the lib/config.local.php file.

Security

It is very important to read this section before using Jyraphe!

This default installation allow everyone to use Jyraphe but it is not the most secure installation. Jyraphe has several workarounds to avoid security risks but, far from perfect, it is possible that Jyraphe has security bugs. See the Jyraphe hacker's guide to have a more secure configuration.

However, if you don't have the skill or the possibility to change this default configuration, you must known the risks of using Jyraphe.

The first risk is about the var-.../ directory that contains your files. It is located in your website tree and so, it is accessible directly by anyone. Its name is chosen randomly so that it is unique to your installation and then more difficult to guess. In particular, you must delete the install script install.php once the installation is finished. Someone that would know this name could access to all your files without any restriction.

The second risk is about the files that are uploaded. Some files could compromise your system. Jyraphe does not allow the upload of some specific files and disable some scripts so that they can't be executed anymore. These risks are linked to the first one but not necessarily.

Now that you known the risks, you can use Jyraphe.

Distributions

Some GNU/Linux distribution have a package for Jyraphe. You are encouraged to use this package because the developper of your distribution will know better than you how to configure Jyraphe properly and efficiently.

The known packages are:

Online help

Maximum file size

This number indicates the maximum file size that PHP allows. If you want a larger maximum size, you must change two directives in php.ini, the configuration file of PHP. These two directives are: post_max_size and upload_max_filesize. Read the documentation relative to these two directives.

One time download

One time download allows you to give a link that will be usable only once. Once the link has been followed, the file disappear. If you follow the link and a 404 error appear, then someone already downloaded the file.

Password protection

Password protection allows to restrict the access of the file. You must indicate your password and then type it again to verify you did not make any mistake. While getting the file, you have to give this password. If you do not have the good password, a 403 error appears.

Time limit

The time limit allows to define a time when the file is valid. You have the choice between several times, from one minute to one month. After this time, the file disappears.

Frequently Asked Questions

If you have a question that have no answer elsewhere, you should look here.

Why Jyraphe?

The word "giraffe" nearly has the same pronounciation in every languages but is written in different manners. This is just another writing.

What is binary chaos?

101010

With Gentoo, which USE flag to use for PHP ?

You must use the nls USE flag that is necessary for the support of internationalization.

Jyraphe hacker's guide

This section tells you how to install Jyraphe in good conditions. For this, you need a privilegied access to the server where Jyraphe is installed.

Advanced installation

Getting the sources

You have several possibilities to get the sources of the Jyraphe. The simpler and the safer is to get the stable version as indicated in the Jyraphe user's guide.

If you want to benefit from the latest developments, you can download the development version: jyraphe-snapshot.tar.gz. Or better, get the source from the subversion repository of Jyraphe.

In this case, before everything else, you must generate the locales of Jyraphe. You need the gettext package. Then, execute the script:

./update-mo.sh

Setting the site

Copy the content of the pub/ directory on your web space. Beware, do not forget the .htaccess file in the pub/ directory, it is necessary for URL rewriting.

Then, choose a var/ directory outside the site tree in which there will be your files. In this directory, you must create three directories: var/files/, var/links/ and var/trash/. For Jyraphe to put your files, you must give the write right to the web server on these directories.

For example, with Debian GNU/Linux, you can execute the following commands to do these actions:

cd /your/files/       # go where your files will be
mkdir var             # create the var/ directory
mkdir var/files       # create the var/files directory
mkdir var/links       # create the var/links directory
mkdir var/trash       # create the var/trash directory
chgrp -R www-data var # change the group for the web server's group
chown -R g+w var      # give the write right to the web server

Security

Files in the website tree

If you have no other choice but put the var/ directory in the website tree, you can improve the security in two ways. First, by giving a random name to this directory (so not var/).

Second, if you use Apache, by restricting the access to the directory thanks to a .htaccess file that you put in var/ and that contains:

Order deny,allow
Deny from all

To do this, you must have the following Apache AllowOverride directive in the configuration of your virtual host:

AllowOverride Limit

Compatibility with SELinux

Jyraphe can work with SELinux. For this, you must give the property of the var/ directory to the web server and modify the SELinux security context.

For example, with Debian GNU/Linux, you can execute the following commands to make these actions:

cd /your/files/
chown -R www-data:www-data var
chcon -R -t httpd_tmp_t /your/files/var

Advanced configuration

To customize your website, you can overload some configuration item. For this, you must copy the pub/lib/config.php file in pub/lib/config.local.php and edit all the element you want to customize.

You can also launch the install.php script to get a basic skeleton of pub/lib/config.local.php file.

Base address of the website: $cfg['web_root']

To avoid conflict, you can indicate the base URL of your site in the configuration item $cfg['web_root']. You should precise this base URL. Do not forget the trailing slash!

$cfg['web_root'] = 'http://www.example.com/';

Files directory: $cfg['var_root']

You must indicate the directory you have chosen at the previous step, /your/files/var/, in the configuration item $cfg['var_root']. Do not forget the trailing slash!

$cfg['var_root'] = '/your/files/var/';

Language of the website: $cfg['lang']

The site is internationalised and may have a translation in your language. You can specify the locale that you want to use in the configuration item $cfg['lang']. Look in the l10n/po/ directory to check if a translation exists.

$cfg['lang'] = 'fr_FR.UTF-8';

Style of the website: $cfg['style']

Jyraphe allows you to create your own style. For this, you must create a directory in pub/media/ and put a file called style.css.php that contains your style. You can also put images in this directory. Look at the default style to better understand. Once your style is defined, you must put the name of the directory you created in the configuration item $cfg['style'].

$cfg['style'] = 'default';

URL rewriting: $cfg['rewrite']

You can use URL rewriting so that your URL will look better. This feature depends on your web server. If your web server is correctly configured, you juste have to put the configuration item $cfg['rewrite'] to true.

$cfg['rewrite'] = true;
Apache

If you use Apache, a .htaccess file is present in the pub/ directory and contains all that is necessary to handle URL rewriting. You just have to put the following Apache AllowOverride directive in the configuration of your virtual host:

AllowOverride FileInfo

Default password: $cfg['password']

You can specify a default password in the configuration item $cfg['password'] in case the password protection is activated and the password is empty. If the configuration item $cfg['password'] is not empty, the password protection is activated by default.

$cfg['pasword'] = 'toto42';

Jyraphe developper's guide

From a technical point of view

Jyraphe is developped according to the "Getting Real" philosophy. Jyraphe does few things but does them well. The list of features is limited to keep the code small and understandable by anyone. Jyraphe will never become a web file manager.

Jyraphe is developped in PHP and needs nothing else. Jyraphe can take advantage of URL rewriting to have pretty URLs.

When a file is uploaded, it comes in the var/files directory, and a link is created in the var/links directory. The link is only a file containing the name of the original file, its mime-type and its size (as they have been received when uploaded). The name of the link is the concatenation of a flag (R for regular links and O for one time download links) and a MD5 sum of the file.

Il a file has already been uploaded (same MD5 sum), the previous link is given. If there is a name conflict, the name is modified by adding "-1" (or "-2" or "-3" or ...) to the original name.

When downloading, the file is sent by making a save dialog box appear. If the file is an image (image/* mime-type) or a text (text/* mime-type), it is sent directly to the browser that can display it. If the file is a one time download, it is sent and then moved in the var/trash directory.

That's all for Jyraphe.

Where is the team?

You can contact the team on the discussion list of the Jyraphe, for better code or for a new translation.