Information

This page contains documentation about Uguu.

This text might have minor errors that will be fixed over time, if you find any please let me know.

Requirements

Software

  • Debian 9 or newer
  • Nginx
  • PHP/PHP-FPM-8.0 or newer
  • Git
  • SQLite3
  • NodeJS
  • Certbot

Installation

Packages

We will start off by installing the following packages:

apt-get install build-essential nginx-full php8.0-fpm php8.0 sqlite3 php8.0-sqlite3 nodejs certbot git

Domain and SSL certificate

You will need a domain for the front page and uploading and a subdomain to serve this files. e.g SuperKawaiiihost.com and a.SuperKawaiiihost.com.

Use Letsencrypt to obain a SSL cert.

Paths

We are assuming you are using the following paths for various things, if they don't exist you should create them.

mkdir /var/www
mkdir /var/www/uguu
mkdir /var/www/uguu/dist
mkdir /var/www/db
mkdir /var/www/files
  • Uguu: /var/www/uguu
  • Uguu compiled: /var/www/uguu/dist
  • Uploaded files: /var/www/files
  • Database: /var/www/db

Download Uguu, setup DB and set permissions

Run this command to clone the Uguu Github and move the files to the correct folders, or do it yourself (I don't care).

cd /var/www/uguu/
git clone https://git.pomf.se/Pomf/uguu .

Now let's setup the database, run this command:

sqlite3 /var/www/db/uguu.sq3 -init /var/www/uguu/sqlite_schema.sql

Then set the correct permissions so Nginx, PHP and SQLite can do their thing.

chown www-data:www-data /var/www/db
chown www-data:www-data /var/www/db/uguu.sq3
chown www-data:www-data /var/www/files
chmod -R 775 /var/www

Setup deletion scripts

These scripts checks the age of the files and in the DB and deletes them if they are older then 24 hours.

If you want to host files for longer you will need to edit -mmin +1440 and datetime('now', '-1 day').

However this is not needed for a default installation.

If you want files to expire follow these steps:

chmod a+x /var/www/uguu/checkdb.sh
chmod a+x /var/www/uguu/checkfiles.sh

Edit /var/www/uguu/checkdb.sh and replace /path/to/db/uguu.sq3 with /var/www/db/uguu.sq3.

Edit /var/www/uguu/checkfiles.sh and replace /path/to/files/ with /var/www/uguu/files/.

Then add them to your crontab (crontab -e) as root, or as www-data!:

0,30 * * * * bash /var/www/uguu/checkfiles.sh
0,30 * * * * bash /var/www/uguu/checkdb.sh

Nginx example config

I won't cover settings everything up, here are some Nginx examples.

Main domain:

server {
    listen            443 ssl http2;
    server_name       www.yourdomain.com yourdomain.com;

    ssl on;
    ssl_certificate   /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    ssl_protocols     TLSv1.2 TLSv1.3;
    ssl_ciphers       'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_ecdh_curve    secp384r1;  

    root              /path/to/uguu/dist/;
    autoindex         off;
    access_log        off;
    index index.html  index.php;  

    location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
      expires         30d;
    }

    gzip              on;
    gzip_min_length   1000;
    gzip_comp_level   6;
    gzip_proxied      any;
    gzip_types        text/css text/js text/javascript application/javascript application/x-javascript;

    location ~* \.php$ {
    fastcgi_pass     unix:/var/run/php/php8.0-fpm.sock;
    fastcgi_intercept_errors on;
    fastcgi_index    index.php;
    fastcgi_split_path_info ^(.+\.php)(.*)$;
    include          fastcgi_params;
    fastcgi_param    SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Subdomain serving files (do not enable PHP here):

server {
    listen           443 ssl;
    server_name      www.subdomain.serveryourfiles.com subdomain.serveryourfiles.com;

    ssl              on;
    ssl_certificate  /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    ssl_protocols    TLSv1.2 TLSv1.3;
    ssl_ciphers      'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_ecdh_curve   secp384r1;

    root             /var/www/files/;
    autoindex        off;
    access_log       off;
    index            index.html;
  }

To redirect HTTP to HTTPS make a config for each domain like so:

server {
    listen           80;
    server_name      www.domain.com domain.com;
    return 301       https://domain.com$request_uri;
  }

If you are running everything from one domain use something like this:

server {
    listen           443 ssl;
    server_name      www.yourdomain.com yourdomain.com;
    ssl              on;
    ssl_certificate  /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    ssl_protocols    TLSv1.2 TLSv1.3;
    ssl_ciphers      'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_ecdh_curve   secp384r1;

    root             /var/www/uguu/dist/;
    autoindex        off;
    access_log       off;
    index index.html index.php;

    location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
    expires          30d;
    }

    location ^~ /files/ {
     alias           /var/www/files/;
     index           index.html index.htm;
     autoindex       off;
     include         mime.types;
     types {
      text/plain     php;
    }
  }

    gzip             on;
    gzip_min_length  1000;
    gzip_comp_level  6;
    gzip_proxied     any;
    gzip_types       text/css text/js text/javascript application/javascript application/x-javascript;

    location ~* \.php$ {
    fastcgi_pass     unix:/var/run/php/php8.0-fpm.sock;
    fastcgi_intercept_errors on;
    fastcgi_index    index.php;
    fastcgi_split_path_info ^(.+\.php)(.*)$;
    include          fastcgi_params;
    fastcgi_param    SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
  }

Also change client_max_body_size in nginx.conf to the the max file upload size, e.g 128M (128MB).

PHP-FPM Configuration

Edit /etc/php/8.0/fpm/php.ini and change the settings post_max_size and upload_max_filesize to the same value as in Nginx.

No further configuration should be needed for PHP unless you want to enable e.g OPCache. I will not cover that at this time.

Restarting services

Now we just need to restart some services in order to load the new configuration.

service nginx restart
service php8.0-fpm restart

Uguu Configuration and installation

Swig Templates

You may edit the files inside templates/ to your liking.

Don't touch the strings that are formatted like {{example}} or {% extends "example.swig" %} if you want it to pull this from the configuration when you compile.

dist.json

This configuration file contains settings for the site, do not remove it. Uguu will read the config from /var/www/uguu/dist.json so if you want to have it in another location you need to change the path in "Core.namespace.php"

/var/www/uguu/dist.json

  • banners the default ones are the malware scans banner and the donation one appearing under the upload button, for starters these are not needed.
  • generateRobotstxt default as false, I'd recommend making your own robots.txt.
  • generateSitemap default as false, set as true for better SEO on e.g Google(?).
  • max_upload_size default is 128, the max file size which an user can upload in MB. Be sure this matches the PHP/Nginx configuration.
  • production default as false, set this to true when you're done tweaking.
  • siteName the name of your site, e.g SuperKawaiiHost. This will appear in the browser title and on several places on the website. If you changed the expire time remember to change that here as well.
  • siteUrl the URL to your site e.g https://SuperKawaiiHost.com
  • abuseContact the email dedicated to receive abuse reports, this can be the same as infoContact if you want. Make sure it's a valid email or else you run the risk of getting into trouble from your server provider.
  • infoContact the email dedicated to receive general email from users.
  • ServerCountryLocation the country your server is located in, this is related to abuse/DMCA since it often depends on local laws.
  • SiteMetaInfo a description of your site, search engines show this data in searches for your site.
  • ToolsDesc some text added to the tools page to inform users about the need to modify the existing tools. You can change this to whatever you want.
  • paypalUrl the URL to your Paypal donation page. This can be ignored if the donations banner isn't enabled, or if you don't want to enable that method of donating.
  • bitcoinAddress your BTC address for donations. This can be ignored if the donations banner isn't enabled. or if you don't want to enable that method of donating.
  • flattrUrl your Flattr donation URL. This can be ignored if the donations banner isn't enabled. or if you don't want to enable that method of donating.
  • DB_MODE set this to sqlite or mysql
  • DB_PATH path to your database e.g /var/www/db/uguu.sq3 or e.g unix_socket=/var/run/mysqld/mysqld.sock;dbname=uguu for MySQL.
  • DB_USER leave this as NULL if you are using SQLite.
  • DB_PASS leave this as NULL if you are using SQLite.
  • LOG_IP default is false seeing as Uguu is made to be privacy aware, if you want you can turn this on and the IP of the uploaded file will be stored in the DB.
  • ANTI_DUPE default is false, if enabled a file already uploaded won't be uploaded again and instead the existing file url will be returned.
  • FILES_ROOT the location where uploaded files are to be stored, change this to /var/www/files/.
  • FILES_RETRIES maximum number of tries to regenerate filename in case an existing one already exists, this is highly unlikely and even if it does 15 tries is more than enough.
  • FILES_LENGTH the length of the new filename, default is 8, this can be increased or decreased however setting too low makes it easier to brute force a list of uploaded files or increases the chances of the filename already existing in the DB.
  • SSL Set this to true if using HTTPS.
  • URL the URL of the subdomain serving the uploaded files, e.g https://a.superkawaiihost.com/.
  • ID_CHARSET the characters that will be used to randomly generate a new filename, just leave this as it is.
  • BLOCKED_EXTENSIONS is a list of the blocked file extensions, these can not be uploaded. It's recommended to keep the defaults since they are commonly used by malicious actors to spread malware via file sharing services. You may remove or add extensions to this list.
  • BLOCKED_MIME this is a list of blocked MIME types, a MIME identifies what kind of format a file is since you can save an executable file as a .jpg, it's recommended that blocked extensions match MIME types. You may remove or add MIME types to this list.

Compilation

Now we just need to compile the files using our configuration, the output will be in /var/www/uguu/dist/.

Simply run:

cd /var/www/uguu/
make
make install

Finishing up and troubleshooting

Navigate to your domain, if it all looks correct and works it's all good in the hood and you're done.

Blank page or 404/403 error

  • Check permissions, make sure www-data (Nginx) can read the directories and files in /var/www/.
  • Check your Nginx configuration and make sure they are correct.

Compilation errors

  • Did you install NodeJS?
  • Check for mistakes in dist.json and the template .swigs like the ones below.

Example 1:

{% extends "layout_index.swig" % 

(missing a "}" at the end)

Example 2:

"paypalUrl": "payshit.die" 

(missing a "," at the end)

Example 3:

"templates/faq.swig",
"templates/tools.swig", <---- Wrong!
],

(there should be no "," when it's the last entry in a list.)

  • If you still can't compile try cloning the repo again and start fresh.
  • Something is wrong with the repo code, please open a issue!

"Server error"

This usually means something is wrong with the configuration, permission or PHP.

  • Check permissions, make sure www-data (Nginx/PHP-FPM) can read/write to the directories and files in /var/www/.
  • Make sure PHP-FPM is working, check the error log /var/log/php8.0-fpm.log.
  • Check includes/settings.inc.php and make sure something isn't misspelled or a ' or ; is missing.

Empty response after uploading

  • Check permissions, make sure www-data (Nginx/PHP-FPM) can read/write to the directories and files in /var/www/.
  • Make sure PHP-FPM is working, check the error log /var/log/php8.0-fpm.log.
  • Check includes/settings.inc.php and make sure something isn't misspelled or a ' or ; is missing.
  • Make sure you created the /var/www/db/pomf.sq3 database and that it is populated.

"Filetype not allowed"

This means the filetype and/or MIME is blocked, check your CONFIG_BLOCKED_EXTENSIONS and CONFIG_BLOCKED_MIME.

"File too big"

This usually means you forgot change the Nginx and/or PHP configuration to allow bigger files, or the file is too big. :)

  • Check /etc/php/8.0/fpm/php.ini for the values post_max_size and upload_max_filesize.
  • Check /etc/nginx/nginx.conf for the value client_max_body_size.
  • Restart the Nginx and PHP-FPM service.

Files not getting deleted

  • Follow the steps under "Setup deletion scripts"
  • Run the crontab as root as this is probably a permission issue.
  • Set the right paths in the deletion scripts.

API

To upload using curl or make a tool you can post using:

  • curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php (JSON Response)
  • curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=text (Text Response)
  • curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=csv (CSV Response)
  • curl -i -F files[]=@yourfile.jpeg https://uguu.se/upload.php?output=html (HTML Response)

Getting help

Open a issue ticket if something seems wrong with the code.

Hit me up at @nekunekus or email me at neku@pomf.se.

Credits

Uguu is based on Pomf which was written by Emma Lejack & Eric Johansson (nekunekus) and with help from the open source community.

License

Uguu is free software, and is released under the terms of the Expat license. See LICENSE.