{"id":14988563,"url":"https://github.com/bobbywibowo/lolisafe","last_synced_at":"2025-10-06T02:30:38.656Z","repository":{"id":37686843,"uuid":"118632631","full_name":"BobbyWibowo/lolisafe","owner":"BobbyWibowo","description":"Blazing fast file uploader and awesome bunker written in node! 🚀","archived":false,"fork":true,"pushed_at":"2025-10-05T13:40:11.000Z","size":39079,"stargazers_count":332,"open_issues_count":13,"forks_count":54,"subscribers_count":6,"default_branch":"safe.fiery.me","last_synced_at":"2025-10-05T15:23:03.370Z","etag":null,"topics":["bulma","file-sharing","file-upload","files","js","lolisafe","node","nunjucks","pomf","sqlite","sqlite3","upload","uploader","uwebsockets","uwebsocketsjs"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"chibisafe/chibisafe","license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BobbyWibowo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2018-01-23T15:53:35.000Z","updated_at":"2025-10-04T13:57:39.000Z","dependencies_parsed_at":"2023-10-10T20:07:06.402Z","dependency_job_id":null,"html_url":"https://github.com/BobbyWibowo/lolisafe","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/BobbyWibowo/lolisafe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobbyWibowo%2Flolisafe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobbyWibowo%2Flolisafe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobbyWibowo%2Flolisafe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobbyWibowo%2Flolisafe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BobbyWibowo","download_url":"https://codeload.github.com/BobbyWibowo/lolisafe/tar.gz/refs/heads/safe.fiery.me","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BobbyWibowo%2Flolisafe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278548989,"owners_count":26005013,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-06T02:00:05.630Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bulma","file-sharing","file-upload","files","js","lolisafe","node","nunjucks","pomf","sqlite","sqlite3","upload","uploader","uwebsockets","uwebsocketsjs"],"created_at":"2024-09-24T14:16:56.675Z","updated_at":"2025-10-06T02:30:37.936Z","avatar_url":"https://github.com/BobbyWibowo.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# lolisafe, a small safe worth protecting\n\n[![safe.fiery.me](https://i.fiery.me/upN1Q.png)](https://safe.fiery.me)\n\n[![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)](https://raw.githubusercontent.com/WeebDev/lolisafe/master/LICENSE)\n\n[![JavaScript Style Guide](https://cdn.rawgit.com/standard/standard/master/badge.svg)](https://github.com/standard/standard)\n\n## Features\n\n* Powered by [uWebSockets.js](https://github.com/uNetworking/uWebSockets.js) \u0026 [HyperExpress](https://github.com/kartikk221/hyper-express) for a much more performant web server, due to being a Node.js binding of [uWebSockets](https://github.com/uNetworking/uWebSockets) written in C \u0026 C++.\n* Powered by [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) for performant SQLite3 database (using [Knex.js](https://knexjs.org/) for abstraction, thus support for other database engines *may* also come in the future).\n* Faster file hashing for duplicates detection by using [BLAKE3](https://github.com/BLAKE3-team/BLAKE3) hash function.\n* ClamAV virus scanning support for Linux/OS X servers ([read more](#clamav-support)).\n* Front-end pages templating with [Nunjucks](https://mozilla.github.io/nunjucks/).\n* A more integrated Cloudflare support (automatically purge files remote cache upon deletion, and more).\n* Chunked uploads to support 100MB+ files when hosted behind Cloudflare, or any other proxies with file upload size limits.\n* Upload remote URLs (have lolisafe download those remote files for you).\n* Performant \u0026 configurable rate limits powered by [rate-limiter-flexible](https://github.com/animir/node-rate-limiter-flexible).\n* Albums with shareable pretty public pages.\n* User dashboard to manage own uploads and albums.\n* Admin dashboard to manage all uploads, albums, and users.\n* Robust files search/filters and sorting in the dashboard.\n* Usergroups-based permissions.\n* Configurable file retention periods per-usergroups.\n* Strip images EXIF tags if required (can be forced or toggleable by users, and with experimental support for stripping videos tags as well).\n* Various options configurable via header tags upon file uploads (selected file retention period, whether to strip EXIF tags, and more).\n* ShareX support with config file builder in the homepage.\n* Token-based authentication on all APIs, allowing you to easily integrate lolisafe with anything.\n* ... and more!\n\n## Differences with Upstream/Chibisafe\n\nThis fork is the one being used at [https://safe.fiery.me](https://safe.fiery.me).\n\nIt was originally based on [WeebDev/lolisafe](https://github.com/WeebDev/lolisafe) v3, but later have been so heavily rewritten that it is now simply its own thing.\n\nChibisafe is an upstream rewrite \u0026 rebrand, and technically is lolisafe v4.\n\nIf you want to use an existing lolisafe v3 database with this fork, copy over `database/db` file from your previous installation, then run `yarn migrate` at least once to create the new database columns introduced in this fork (don't forget to make a backup).\n\n\u003e [!CAUTION]  \n\u003e The migration script is **NOT COMPATIBLE** with Chibisafe's database.\n\nConfiguration file of lolisafe v3 (`config.js`) is also NOT fully compatible with this fork. There are some options that had been renamed and/or restructured\n\nPlease make sure your config matches the sample in `config.sample.js` before starting and/or migrating your previous database (hint: this fork's default config assumes your database file is named `db.sqlite3` instead of `db`).\n\n## Running in production mode\n\n1. Ensure you have at least [Node.js](https://nodejs.org/en/download/) v18.x or newer, and [Yarn](https://yarnpkg.com/getting-started/install#install-corepack) v1.x installed (incompatible with Yarn v2.x).\n\n\u003e [!NOTE]  \n\u003e Compatible up to Node.js v20.x.  \n\u003e I recommend using [Volta](https://github.com/volta-cli/volta) to ensure you will always have \u0026 use the correct Node.js and Yarn versions for lolisafe, even if the requirements change in future updates.  \n\u003e\n\u003e If you want to use this on Docker, please check out the [docker directory](https://github.com/BobbyWibowo/lolisafe/tree/safe.fiery.me/docker) instead.\n\n2. Clone this repo.\n3. Copy `config.sample.js` as `config.js`.\n4. Modify port, domain, and other options if desired.\n5. Copy `views/_globals.sample.njk` as `views/_globals.njk`.\n6. Modify front-end strings and options if desired.\n7. Run `yarn install --production` to install all production dependencies.\n8. Run `yarn start` to start lolisafe. Alternatively, you can also start lolisafe with `yarn pm2` if you have [PM2](https://pm2.keymetrics.io/) installed.\n\n\u003e [!NOTE]  \n\u003e If you see errors related to [sharp](https://github.com/lovell/sharp) engines upon starting lolisafe, try to run `yarn install --production --ignore-engines` first.\n\n\u003e [!IMPORTANT]  \n\u003e Default admin/root account:  \n\u003e Username: `root`  \n\u003e Password: `changeme`\n\nWhen running in production mode, lolisafe will use pre-built client-side CSS/JS files from `dist` directory, while the actual source codes are in `src` directory.\n\nThe pre-built files are processed with [postcss-preset-env](https://github.com/csstools/postcss-preset-env), [cssnano](https://github.com/cssnano/cssnano), [bublé](https://github.com/bublejs/buble), and [terser](https://github.com/terser/terser), and done automatically with [GitHub Actions](https://github.com/BobbyWibowo/lolisafe/blob/safe.fiery.me/.github/workflows/build.yml).\n\n## Running in development mode\n\nThis fork has a separate development mode, with which client-side CSS/JS files in `src` directory will be automatically rebuilt using [Gulp](https://github.com/gulpjs/gulp#what-is-gulp) tasks.\n\n1. Follow steps **1 to 6** from the production instructions above.\n2. Run `yarn install` to install all dependencies (by omitting `--production` option, Yarn will also install development dependencies).\n3. Run `yarn dev` to start lolisafe in development mode (or `yarn dev:reload` to also watch file changes).\n\nYou can further modify the Gulp tasks through `gulpfile.js` file.\n\nDuring development, the rebuilt files will be saved in `dist-dev` directory instead of `dist` directory. Lolisafe will also automatically serve the files from `dist-dev` directory instead.  \nThis is to ensure that your IDE's Git extension will not unnecessarily rebuild diffs of the modified files.\n\nOnce you feel like your modifications are ready for production usage, you can then run `yarn build` to build production-ready files that will actually go to `dist` directory.\n\n\u003e [!TIP]  \n\u003e If you are submitting a Pull Request, please do not stage any changes to files in `dist` directory.  \n\u003e GitHub Actions will automatically rebuild those assets if and when required.\n\n## Updating when you have modified some files\n\nTry to use [git stash](https://www.git-scm.com/docs/git-stash).\n\nBasically you'll be doing this:\n\n1. `git stash` to stash away your changes.\n2. `git pull` to pull updates.\n3. `yarn install` (or `yarn install --production`) to install dependencies matching the updated `yarn.lock` file.\n4. `git stash pop` (or `git stash apply`) to restore your changes.\n\nBe warned that some files may have been updated too heavily that they will require manual merging.\n\nIf you only do some small modifications such as editing `.njk` files and not much else, it's generally safe to do this even in a live production environment. But it's still best practice to at least review just what have been updated, and whether you will need to do some manual merging beforehand.\n\nStill, I heavily recommend simply forking this repository and manually merging upstream changes whenever you feel like doing so. Read more about [syncing a fork](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/syncing-a-fork). Especially if you intend to modify client-side CSS/JS files in `src` directory, since you will then need to rebuild assets that go into `dist` directory, which are guaranteed to always conflict with every updates from this fork that modify them.\n\nAfterwards, you can instead clone your fork into your production server and pull updates from there. You can then choose to only install production dependencies with `yarn install --production` there to save some disk space (hint: this is the workflow I use for [https://safe.fiery.me](https://safe.fiery.me)).\n\n## ClamAV support\n\nThis fork has an optional virus scanning support using [ClamAV](https://www.clamav.net/), utilizing [clamscan](https://github.com/kylefarris/clamscan) library (Linux and OS X only).\n\nIt will scan new files right after they are uploaded, then alert the uploaders of the virus names in ClamAV's database if the files are dirty.\n\nUnfortunately, this will slow down uploads processing as it has to wait for the scans before responding the uploaders. However, it's still highly recommended for public usage, or if you're like me who find the constant buzzing from Google Safe Search too annoying.\n\nTo enable this, make sure you have [ClamAV installed](https://github.com/kylefarris/clamscan#to-use-local-binary-method-of-scanning), or additionally have [ClamAV daemon running](https://github.com/kylefarris/clamscan#to-use-clamav-using-tcp-sockets) (using daemon is considerably faster). Afterwards, configure `uploads.scan` options, and more importantly its sub-option `clamOptions`. Read more about them in `config.sample.js`.\n\nAdditionally, you can also configure usergroups bypass, extensions whitelist, and max file size, to lessen the burden on your server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbobbywibowo%2Flolisafe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbobbywibowo%2Flolisafe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbobbywibowo%2Flolisafe/lists"}