From a059bf7faa55a0370e8341f46ad2f7a090b66196 Mon Sep 17 00:00:00 2001 From: icxes Date: Thu, 26 Feb 2026 01:06:47 +0200 Subject: [PATCH] add vc-url/vc-interval and explanations to example .conf files --- contrib/systemd/copyparty.example.conf | 9 +++++++++ copyparty/__main__.py | 2 +- copyparty/svchub.py | 4 ++-- docs/chungus.conf | 9 +++++++++ 4 files changed, 21 insertions(+), 3 deletions(-) diff --git a/contrib/systemd/copyparty.example.conf b/contrib/systemd/copyparty.example.conf index 79560d0d..23558a86 100644 --- a/contrib/systemd/copyparty.example.conf +++ b/contrib/systemd/copyparty.example.conf @@ -18,6 +18,15 @@ # (note: enable compression by adding .xz at the end) q, lo: $LOGS_DIRECTORY/%Y-%m%d.log + # url to check against for vulnerable versions (default disabled); setting this will enable automatic + # vulnerability checks. the notification, in case you are running a vulnerable version, is shown on the + # admin panel (/?h) and only for users with admin permissions. you can choose between the value given here, + # or alternatively use https://api.copyparty.eu/security-advisories, or your own custom endpoint + vc-url: https://api.github.com/repos/9001/copyparty/security-advisories + + # how many seconds to wait between vulnerability checks; default is 86400 (= 1 day). + vc-interval: 86400 + # p: 80,443,3923 # listen on 80/443 as well (requires CAP_NET_BIND_SERVICE) # i: 127.0.0.1 # only allow connections from localhost (reverse-proxies) # ftp: 3921 # enable ftp server on port 3921 diff --git a/copyparty/__main__.py b/copyparty/__main__.py index a5cc986e..8b189618 100644 --- a/copyparty/__main__.py +++ b/copyparty/__main__.py @@ -1204,7 +1204,7 @@ def add_general(ap, nc, srvname): ap2.add_argument("--license", action="store_true", help="show licenses and exit") ap2.add_argument("--version", action="store_true", help="show versions and exit") ap2.add_argument("--versionb", action="store_true", help="show version and exit") - ap2.add_argument("--vc-url", metavar="URL", type=u, default="", help="URL to check for vulnerable versions (default: None)") + ap2.add_argument("--vc-url", metavar="URL", type=u, default="", help="URL to check for vulnerable versions (default: empty/disabled)") ap2.add_argument("--vc-interval", metavar="SEC", type=int, default=86400, help="how many seconds to wait between vulnerability checks (default: 86400)") diff --git a/copyparty/svchub.py b/copyparty/svchub.py index 078d6bbc..1df52122 100644 --- a/copyparty/svchub.py +++ b/copyparty/svchub.py @@ -1826,7 +1826,7 @@ class SvcHub(object): if data: try: advisories = json.loads(data) - + fixes = ( self.parse_version(vuln.get("patched_versions")) for adv in advisories @@ -1837,7 +1837,7 @@ class SvcHub(object): if newest_fix and ver_cpp < newest_fix: self.broker.say("httpsrv.set_bad_ver", True) - + except Exception as e: self.log("ver-chk", "failed to process vulnerability advisory; {}".format(e)) diff --git a/docs/chungus.conf b/docs/chungus.conf index aea1fabf..e2742ca0 100644 --- a/docs/chungus.conf +++ b/docs/chungus.conf @@ -57,6 +57,15 @@ # show versions and exit version + + # url to check against for vulnerable versions (default disabled); setting this will enable automatic + # vulnerability checks. the notification, in case you are running a vulnerable version, is shown on the + # admin panel (/?h) and only for users with admin permissions. you can choose between the value given here, + # or alternatively use https://api.copyparty.eu/security-advisories, or your own custom endpoint + vc-url: https://api.github.com/repos/9001/copyparty/security-advisories + + # how many seconds to wait between vulnerability checks; default is 86400 (= 1 day). + vc-interval: 86400 ###000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000\ ###// qr options \\000000000000000000000000000000000000000000000000000000000000000000000000000\