awlfile📎

An awfully simple way to share content securely with (optional) built in content expiration.

Building📎

Build the server with go build -o awlfile main.go

Build the cli used to calculate hashes with go build -o awlfile-cli awlfilecli/main.go

Usage📎

For the server, create a systemd unit. The following options are configurable by environment variable

name | values | purpose ---|---|--- AWLFILE_DIR | string path to directory | single (flat) directory from which files are served AWLFILE_PEPPER | nonempty string (required) | Makes it hashes of other access policies can not be guessed if user has downloaded the file; prevents user from maliciously causing early removal of the file AWLFILE_MAX_READS | positive number (default to 2000) | Server hard cap on max number of accesses before content is deleted. AWLFILE_SWEEP_INTERVAL | nonnegative number (defaults to 0 or disabled) | In seconds. File deletion typically occurse only when a request for a file is in excess of an access policy. If the last valid request was made but no invalid requests are ever made, then this ensures the content is still eventually deleted. AWLFILE_PORT | 1 - 65535 | HTTP port to listen on

Once the server is running, you can move files to the directory and they will be ready for serving. Because the hash is based on the content, the mandatory pepper, and an (optional) access policy, you will need to figure out the sha values yourself. The easiest way is to build the awlfile-cli binary and run it against the files of interest.

Examples:

AWLFILE_PEPPER=$MY_PEPPER awlfile-cli ~/serve-dir/some-file
# hash is based on content and the pepper

AWLFILE_PEPPER=$MY_PEPPER awlfile-cli ~/serve-dir/some-file 10
# hash is based on content, the pepper, and the 10, converted to bytes and hashed
# Once the link is accessed, an access policy for the file is created and it can only be downloaded 9 more times before it becomes inaccessible. Further accesses result in deletion.

AWLFILE_PEPPER=$MY_PEPPER awlfile-cli ~/serve-dir/some-file 2023-12-30T19:49:00Z
# hash is based on content, the pepper, and the RFC3339 timestamp, converted to bytes and hashed
# Once the link is accessed, an access policy for the file is created and it can only be downloaded 9 more times before it becomes inaccessible. Further accesses result in deletion.

Access policies📎

Note that multiple access policies can be in effect. Whichever is exceeded first causes the file to become inaccessible (and then deleted).

The format of the for a hash with no access policy is localhost:<port>/<hash>.

The format of the for a hash with a max reads access policy is localhost:<port>/<hash>/<max reads>.

The format of the for a hash with a latest read access policy is localhost:<port>/<hash>/<RFC3339 timestamp>.

Another example of interest is you can make a file readable only up to a certain date and only ten times if you generate the time hash, then a hash for 11 accesses, and then access each hash once yourself before sharing. You must access the content to put the policy in effect.

Because awlfile is a simple solution, it only keeps the access policies and history of reads in memory. That said, hashes / urls shared with others are still valid across restarts of the server, assuming the time has not expired or the file has not been deleted.

Password rotation📎

Password rotation is as simple as changing the hash env var and restarting the service, but you will need to generate updated hashes to share with all those who should have access, for each file.