Anonymous file upload to S3 using Python/Flask
- S3 anonymous uploading with python:
- https://devcenter.heroku.com/articles/s3-upload-python
- Anonymous-write S3 buckets need a special user, a special policy and a special CORS config
- reCAPTCHA v2 to reduce uploads by robots
- https://developers.google.com/recaptcha/docs/display
- You must obtain an API key pair for your site to use this software:
- Flask, Nginx and Ubuntu 16
- create a user called
filedropin thewww-datagroup (group used bynginx)
sudo adduser --disabled-password --gecos "" --ingroup www-data filedrop
- login as
filedrop, get and install the repo
git clone https://github.com/igg/FileDrop.git
cd FileDrop
virtualenv venv --no-site-packages
source venv/bin/activate
pip install -e .
- SSL configuration is beyond the scope of these docs. Try:
- https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
- As specified in
startup/nginx/filedrop, you will need to make sure your ssl cert and key are at (or symlinked from):
/etc/ssl/private/server-cert.pem /etc/ssl/private/server-cert-key.pem- You will need to manually change the name of your server from
filedrop.example.cominstartup/nginx/filedrop
- copy startup files to appropriate places
- switch back to your regular user with
sudoprivilegesfiledropuser should not have a password or sudo privileges.
- switch back to your regular user with
sudo cp ~filedrop/FileDrop/startup/nginx/filedrop /etc/nginx/sites-available/
sudo ln -s /etc/nginx/sites-available/filedrop /etc/nginx/sites-enabled/filedrop
sudo cp ~filedrop/FileDrop/startup/systemd/filedrop.service /etc/systemd/system/filedrop.service
sudo systemctl daemon-reload
sudo service filedrop start
sudo service nginx reload