README typos

Add nginx config
README + Dockerfile fixes, format config.py
2026-01-22 16:27:59 -07:00 · 2026-01-22 16:23:14 -07:00 · 2026-01-22 14:05:38 -07:00 · 2026-01-22 13:58:09 -07:00
5 changed files with 100 additions and 20 deletions
--- a/.env.example
+++ b/.env.example
@@ -9,10 +9,11 @@ TIMEZONE=America/Edmonton
 PUBLIC_UPLOAD_PAGE_ENABLED=true

 # Local dedupe cache (SQLite)
-STATE_DB=./data/state.db
+#STATE_DB=./data/state.db

-# Base URL for generating absolute invite links (recommended for production)
-# e.g., PUBLIC_BASE_URL=https://photos.example.com
+# Base URL for generating absolute invite links
+# Recommended for production, also sets CORS headers
+# e.g., PUBLIC_BASE_URL=https://upload.example.com
 #PUBLIC_BASE_URL=

 LOG_LEVEL=INFO
@@ -27,5 +28,8 @@ CHUNK_SIZE_MB=50
 # create a bot using @BotFather then copy the API key here
 # get your account's ID by messaging https://t.me/userinfobot
 # Leave these blank to disable
+# Example:
+#     TELEGRAM_BOT_API_KEY=1234567890:ABCDefghIjKlmnOPQRsT-UVWXyzABCdefGH
+#     TELEGRAM_BOT_OWNER_ID=12345678
 TELEGRAM_BOT_API_KEY=
 TELEGRAM_BOT_OWNER_ID=
--- a/3
+++ b/3
@@ -8,8 +8,7 @@ ENV PYTHONDONTWRITEBYTECODE=1 \

 # Install Python deps
 COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt \
-    && pip install --no-cache-dir python-multipart
+RUN pip install --no-cache-dir -r requirements.txt

 # Copy app code
 COPY . /file_drop
--- a/README.md
+++ b/README.md
@@ -60,6 +60,71 @@ $ sudo docker compose up --build -d

 Set up nginx / a reverse proxy and point it to the web app.

+Make sure it allows WebSocket connections through, for example:
+
+```
+server {
+    root /var/www/html;
+    index index.html index.htm;
+    server_name upload.example.com;
+
+    listen 80;
+
+    client_max_body_size 100M;
+
+    location / {
+        proxy_pass http://127.0.0.1:8080/;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+		# websockets
+		proxy_http_version 1.1;
+		proxy_set_header   Upgrade    $http_upgrade;
+		proxy_set_header   Connection "upgrade";
+		proxy_redirect     off;
+    }
+}
+```
+
+Then restart nginx and set up HTTPS:
+
+```
+$ sudo service nginx restart
+$ sudo certbot --nginx
+```
+
+
+### Config Changes
+
+If you change the `.env` file config, simply run:
+
+```bash
+$ sudo docker compose down
+$ sudo docker compose up --build -d
+```
+
+### Updating
+
+To update the code:
+
+```bash
+$ sudo docker compose down
+$ git pull --rebase
+$ sudo docker compose up --build -d
+```
+
+### Telegram Bot
+
+An optional Telegram bot can send you notifications when uploads complete. This is useful to see if random people are filling your disk up.
+
+To create a bot, message @BotFather on Telegram. Come up with a name and username. Botfather will then send you an API key you can paste into the `.env` config directly.
+
+Next you'll need to find your own Telegram user ID. You can message @userinfobot and it will reply with your ID. Beware of impersonator bots (they have the name "userinfobot" but a different username).
+
+Then message the bot you just created "/start" so that it's able to interact with you.
+

 ### Chunked Uploads

@@ -67,7 +132,7 @@ Set up nginx / a reverse proxy and point it to the web app.
 - Configure chunk size with `CHUNK_SIZE_MB` (default: `50`). The client only uses chunked mode for files larger than this.
 - Intended to bypass upstream proxy limits (e.g., 100MB) while preserving duplicate checks, EXIF timestamps, album add, and per‑item progress via WebSocket.

-## Developtment
+## Development

 ### Architecture

--- a/app/app.py
+++ b/app/app.py
@@ -41,16 +41,20 @@ from app.config import Settings, load_settings

 # ---- App & static ----
 app = FastAPI(title="Immich Drop Uploader (Python)")
+# Global settings (read-only at runtime)
+SETTINGS: Settings = load_settings()
+
+# CORS
+origins = ["*"]
+if SETTINGS.public_base_url:
+    origins = [SETTINGS.public_base_url.strip().rstrip('/')]
 app.add_middleware(
    CORSMiddleware,
-    allow_origins=["*"],
+    allow_origins=origins,
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
 )
-
-# Global settings (read-only at runtime)
-SETTINGS: Settings = load_settings()
 _public_uploads_enabled_runtime = SETTINGS.public_upload_page_enabled


--- a/app/config.py
+++ b/app/config.py
@@ -17,13 +17,13 @@ class Settings:
    """App settings loaded from environment variables (.env)."""
    admin_password: str
    max_concurrent: int
-    public_upload_page_enabled: bool = False
+    public_upload_page_enabled: bool = True
    public_base_url: str = ""
    state_db: str = ""
    session_secret: str = ""
    log_level: str = "INFO"
-    chunked_uploads_enabled: bool = False
-    chunk_size_mb: int = 95
+    chunked_uploads_enabled: bool = True
+    chunk_size_mb: int = 50
    timezone: str = "UTC"
    telegram_bot_api_key: str = ""
    telegram_bot_owner_id: str = ""
@@ -48,7 +48,8 @@ def load_settings() -> Settings:
        load_dotenv()
    except Exception:
        pass
-    admin_password = os.getenv("ADMIN_PASSWORD", "admin") # Default for convenience, should be changed
+
+    admin_password = os.getenv("ADMIN_PASSWORD", "test123") # Default for convenience, should be changed
    if not admin_password.startswith("pbkdf2_sha256-"):
        print("="*60)
        print("WARNING: ADMIN_PASSWORD is in plaintext.")
@@ -57,27 +58,34 @@ def load_settings() -> Settings:
        if hashed_pw:
            print(f"ADMIN_PASSWORD={hashed_pw}")
        print("="*60)
-    # Safe defaults: disable public uploader and invites unless explicitly enabled
+
    def as_bool(v: str, default: bool = False) -> bool:
        if v is None:
            return default
        return str(v).strip().lower() in {"1","true","yes","on"}
-    public_upload = as_bool(os.getenv("PUBLIC_UPLOAD_PAGE_ENABLED", "false"), False)
+
+    public_upload = as_bool(os.getenv("PUBLIC_UPLOAD_PAGE_ENABLED", "false"), True)
+
    try:
        maxc = int(os.getenv("MAX_CONCURRENT", "3"))
    except ValueError:
        maxc = 3
-    state_db = os.getenv("STATE_DB", "/data/state.db")
+
+    state_db = os.getenv("STATE_DB", "./data/state.db")
    session_secret = os.getenv("SESSION_SECRET") or secrets.token_hex(32)
    log_level = os.getenv("LOG_LEVEL", "INFO").upper()
-    chunked_uploads_enabled = as_bool(os.getenv("CHUNKED_UPLOADS_ENABLED", "false"), False)
+
+    chunked_uploads_enabled = as_bool(os.getenv("CHUNKED_UPLOADS_ENABLED", "false"), True)
    try:
-        chunk_size_mb = int(os.getenv("CHUNK_SIZE_MB", "95"))
+        chunk_size_mb = int(os.getenv("CHUNK_SIZE_MB", "50"))
    except ValueError:
-        chunk_size_mb = 95
+        chunk_size_mb = 50
+
    timezone = os.getenv("TIMEZONE", "UTC")
+
    telegram_bot_api_key = os.getenv("TELEGRAM_BOT_API_KEY", "")
    telegram_bot_owner_id = os.getenv("TELEGRAM_BOT_OWNER_ID", "")
+
    return Settings(
        admin_password=admin_password,
        max_concurrent=maxc,
Author	SHA1	Message	Date
Tanner Collin	6c8e42f1ef	README typos	2026-01-22 16:27:59 -07:00
Tanner Collin	6090d8f596	Add nginx config	2026-01-22 16:23:14 -07:00
Tanner Collin	205d62a634	README + Dockerfile fixes, format config.py	2026-01-22 14:05:38 -07:00
Tanner Collin	ecc96a3e28	feat: Restrict CORS origin to public_base_url if set Co-authored-by: aider (gemini/gemini-2.5-pro) <aider@aider.chat>	2026-01-22 13:58:09 -07:00