ky/horsieshare
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
secure file hosting for ~horses https://share.tilde.horse
67 commits 1 branch 0 tags 5.1 MiB
Find a file
Exact
ky 7a075c4b72
 fix(install): create and chown .local for uv Python downloads
2026-05-01 06:24:26 -04:00
app landing page: document request/response headers, fix feature list font size 2026-04-27 14:02:08 -04:00
config ignore unknown env vars in settings 2026-04-27 13:29:26 -04:00
docs rename daily_quota_bytes to retention_quota_bytes 2026-04-27 13:18:37 -04:00
examples fix(service): allow uv to download Python, add .local to writable paths 2026-05-01 06:23:22 -04:00
uploads Initial commit: Horsieshare - Secure file hosting for multi-user Linux environments 2025-12-09 05:49:23 -05:00
.env.example rename daily_quota_bytes to retention_quota_bytes 2026-04-27 13:18:37 -04:00
.gitignore prefer system ffmpeg, update deploy docs 2026-04-27 12:02:20 -04:00
install.sh fix(install): create and chown .local for uv Python downloads 2026-05-01 06:24:26 -04:00
LICENSE relicense from GPL-3.0 to MIT 2026-03-06 13:25:04 -05:00
pyproject.toml fix(service): allow uv to download Python, add .local to writable paths 2026-05-01 06:23:22 -04:00
README.md add installer and systemd service 2026-04-27 12:16:55 -04:00
requirements.txt prefer system ffmpeg, update deploy docs 2026-04-27 12:02:20 -04:00
run.py fix doc inaccuracies, add perf optimizations for skylake KVM, remove go client 2026-03-01 19:54:09 -05:00
SECURITY.md rename daily_quota_bytes to retention_quota_bytes 2026-04-27 13:18:37 -04:00
uv.lock build: relax dep pins for Python 3.14 compat 2026-05-01 06:14:13 -04:00

README.md

horsieshare

Secure file hosting for shared, multi-user Linux servers. Files are encrypted at rest with AES-256-GCM, authenticated via PAM on every request, and automatically expire after a configurable retention period.

Features

  • AES-256-GCM encryption at rest with per-file keys
  • PAM authentication on every request — no session tokens to steal
  • Brute-force protection — per-IP lockout after 10 failed attempts
  • EXIF stripping from images
  • Secure file shredding on deletion/expiry (configurable passes)
  • Automatic expiry via built-in hourly background task
  • Media compression — images and video via FFmpeg (optional)
  • oEmbed support for Discord/Telegram rich embeds with custom colors
  • ShareX compatible with per-user Base64 auth tokens
  • Daily upload quota per user

Quick Start

# Install from this checkout into /opt/horsieshare
git clone https://git.tilde.horse/ky/horsieshare /opt/horsieshare
cd /opt/horsieshare
sudo ./install.sh

# Configure before starting
edit /opt/horsieshare/.env
systemctl start horsieshare  # systemd
# or: rc-service horsieshare start  # OpenRC

By default horsieshare uses ffmpeg and ffprobe from the service user's PATH. Private binaries are still supported by setting FFMPEG_PATH and FFPROBE_PATH to explicit executable paths.

The installer is root-run, uses the current checkout, installs system dependencies for common package managers, creates the service user/group, copies the app to /opt/horsieshare, installs either a systemd or OpenRC service, and runs uv sync --frozen.

# Upload a file
curl -F "file=@image.png" -u username:password https://your-domain.com/api/upload

Documentation

  • Installation — full setup, nginx, OpenRC, architecture
  • Configuration — all environment variables and branding options
  • API Reference — all endpoints with request/response examples
  • Usage — upload script, ShareX, curl examples
  • Security — hardening guide for multi-user environments

License

MIT — see LICENSE.