Caution
This project is made for me, my needs, and my infrastructure.
No support will be offered for this software. Breaking changes to functionalty or features may be made any time.
Server for creating file share links and embedding media on websites. 🎀
-
Upload auto-expiry: Automatically delete uploads based how long it has been since they were last accessed.
-
Storage-efficiency: Uploads are deduplicated by storing them as a hash of their contents; Hashes are then salted with a persistent key generated on first-time startup.
-
Encrypted at rest: All uploads are encrypted by the server when stored. The decryption key is attached to the returned share url and is not kept by the server. No upload can be accessed without the decryption key, even with access to the filesystem.
- Note: encyption and decryption are handled server-side, anybody with access to the server network could intercept data unencrypted or decryption keys from logs. While an unfortunate drawback, this is an accepted flaw as it allows uploads from clients that may otherwise be unable to encrypt before upload.
-
Multiple storage providers: Save uploads to the disk locally, an S3 bucket, or even ephemeral process memory.
-
Copy compose.yml to a local file named
compose.ymlor add the service to your existing stack and fill in the environment variables. Information about configuration options can be found in the configuration section. -
Start the stack
docker compose up -d
- Ensure you have Rust installed and
in your
$PATH. - Install the project binary
cargo install --git https://github.com/Blooym/dollhouse.git
- Set configuration values as necessary. Information about configuration options can be found in the configuration section.
dollhouse
Dollhouse is configured via command-line flags or environment variables and has full support for loading from .env files. Below is a list of all supported configuration options. You can also run dollhouse --help to get an up-to-date including default values.
| Name | Description | Flag | Env | Default |
|---|---|---|---|---|
| Address | Internet socket address that the server should run on. | --address |
DOLLHOUSE_ADDRESS |
127.0.0.1:8731 |
| Public URL | Base URL to use when generating links to uploads. This affects link generation only; you are responsible for configuring any reverse proxy. | --public-url |
DOLLHOUSE_PUBLIC_URL |
http://127.0.0.1:8731 |
| Tokens | One or more bearer tokens used for accessing authenticated endpoints. Multiple tokens can be provided, separated by commas. | --tokens |
DOLLHOUSE_TOKENS |
|
| Storage Provider | Specifies the backend used for storing persistent data. Available options depend on compile-time features: memory:// (in-memory), fs://<path> (filesystem), and s3://bucket (Simple Storage Service). When using S3, configuration is loaded according to the AWS SDK credential provider chain. |
--storage |
DOLLHOUSE_STORAGE_PROVIDER |
|
| App Secret | A unique secret used for hashing operations. | --app-secret |
DOLLHOUSE_APP_SECRET |
|
| Upload Expiry Time | Duration of inactivity after which a file is automatically purged from storage. Accepts human-readable durations (e.g., 30min, 1day). If not set, files do not expire. |
--upload-expiry |
DOLLHOUSE_UPLOAD_EXPIRY |
|
| Upload Size Limit | Maximum size of a single uploaded file. Accepts human-readable sizes (e.g., 50MB, 1GB). |
--upload-size-limit |
DOLLHOUSE_UPLOAD_SIZE_LIMIT |
50MB |
| Upload Mimetypes | List of allowed MIME types for uploads. Supports wildcards (e.g., image/*, */*). File types are determined based on content (magic number detection). If detection fails and */* is not allowed, the file is rejected. If */* is allowed, the MIME type falls back to application/octet-stream. |
--upload-mimetypes |
DOLLHOUSE_UPLOAD_MIMETYPES |
image/*, video/* |