From 9cb93ae1edae0fb2c71a688343fcc550d65a5628 Mon Sep 17 00:00:00 2001 From: ed Date: Tue, 27 May 2025 16:29:03 +0000 Subject: [PATCH] fix upload into share with vproxy; closes #168 --- contrib/nginx/copyparty.conf | 21 ++++++++++++++++++++- copyparty/httpcli.py | 8 ++++---- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/contrib/nginx/copyparty.conf b/contrib/nginx/copyparty.conf index a0b81935..3c59a6f5 100644 --- a/contrib/nginx/copyparty.conf +++ b/contrib/nginx/copyparty.conf @@ -2,19 +2,38 @@ # not accept more consecutive clients than what copyparty is able to; # nginx default is 512 (worker_processes 1, worker_connections 512) # +# ====================================================================== +# +# to reverse-proxy a specific path/subpath/location below a domain +# (rather than a complete subdomain), for example "/qw/er", you must +# run copyparty with --rp-loc /qw/as and also change the following: +# location / { +# proxy_pass http://cpp_tcp; +# to this: +# location /qw/er/ { +# proxy_pass http://cpp_tcp/qw/er/; +# +# ====================================================================== +# # rarely, in some extreme usecases, it can be good to add -j0 # (40'000 requests per second, or 20gbps upload/download in parallel) # but this is usually counterproductive and slightly buggy # +# ====================================================================== +# # on fedora/rhel, remember to setsebool -P httpd_can_network_connect 1 # -# if you are behind cloudflare (or another protection service), +# ====================================================================== +# +# if you are behind cloudflare (or another CDN/WAF/protection service), # remember to reject all connections which are not coming from your # protection service -- for cloudflare in particular, you can # generate the list of permitted IP ranges like so: # (curl -s https://www.cloudflare.com/ips-v{4,6} | sed 's/^/allow /; s/$/;/'; echo; echo "deny all;") > /etc/nginx/cloudflare-only.conf # # and then enable it below by uncomenting the cloudflare-only.conf line +# +# ====================================================================== upstream cpp_tcp { diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py index 6f7f3297..20934ea4 100644 --- a/copyparty/httpcli.py +++ b/copyparty/httpcli.py @@ -2587,10 +2587,6 @@ class HttpCli(object): x = self.conn.hsrv.broker.ask("up2k.handle_json", body, self.u2fh.aps) ret = x.get() - if self.is_vproxied: - if "purl" in ret: - ret["purl"] = self.args.SR + ret["purl"] - if self.args.shr and self.vpath.startswith(self.args.shr1): # strip common suffix (uploader's folder structure) vp_req, vp_vfs = vroots(self.vpath, vjoin(dbv.vpath, vrem)) @@ -2600,6 +2596,10 @@ class HttpCli(object): raise Pebkac(500, t % zt) ret["purl"] = vp_req + ret["purl"][len(vp_vfs) :] + if self.is_vproxied: + if "purl" in ret: + ret["purl"] = self.args.SR + ret["purl"] + ret = json.dumps(ret) self.log(ret) self.reply(ret.encode("utf-8"), mime="application/json")