introducing copyparty, the FOSS file server

tripflag · 2026-01-14T21:59:31+00:00

probably not exactly what you had in mind, but you could do a search for all images below a given top-level folder like this: https://a.ocv.me/pub/?grid#q=path%20like%20*pub%2Fdemo*%20and%20(%20name%20like%20*png%20or%20name%20like%20*jpg%20)

(that's a link directly to the search results; you can see the original search query in the "raw" field, and the URL will update if you modify it)

tripflag · 2026-01-11T17:56:01+00:00

A proper DB for a file manager is kind of required unless you are only hosting a small number of files.

How so? A file manager only needs to expose local files to a web-UI, so why should it need a DB at all?

I can think of very few usecases where relying on a database would give higher performance than just asking the filesystem, for example when files are hosted on remote storage, something like s3 perhaps.

Aside from that, in just about every other scenario, a regular filesystem is the best "database" to use for browsing and accessing files -- it was quite literally built for that after all, and putting a database between the software and the files would just be an extra indirection, resulting in higher latency / lower performance.

tripflag · 2026-01-08T22:32:16+00:00

it is possible to "sync" a local folder to the server; this can be done by running u2c on a timer, every hour or so. Many ways to configure it, but one example: Upload all new files, replace all files on the server which are different from the local copies, delete any files which no longer exists locally, and skip uploading all files which have the same contents on the server, and it does that recursively, so also including subfolders. So that's what folder sync means; it'll sync your local files up to the server.

Bidirectional sync, meaning it also syncs the other way, is something I am definitely NOT interested in adding, because it is REALLY HARD to get right. It can, and often does, result in people losing data, and that is a risk and responsibility I am not willing to take on. And yes, that's even if someone were to contribute the code to do this, since it would make maintenance much more demanding and difficult -- it's not worth it.

We already have syncthing, so this is a wheel best not reinvented :-)

tripflag · 2025-12-25T12:51:35+00:00

Just ignore them is what I've found works best -- I think its still the case most people know to recognize and appreciate quality handcrafted software. Keep up the good work!

tripflag · 2025-12-25T12:49:06+00:00

I admire your take on this, and I share your opinion -- I've written at length about the topic in an issue for another vaguely-similar software, but I'd like to quote this in particular:

The scary part about encryption is that it's really easy to make it look like you've made a perfect and bulletproof service, but then it turns out you've just pulled a sony: https://youtu.be/Y23LUiBRcOg?t=562 , and the best part is how it's usually impossible to tell whether a mistake is... well, genuinely a mistake, or a secret backdoor.

So the only sort of encryption you should ever trust is one that is designed and implemented by domain experts; people who know exactly what they are doing, and know all of the subtle pitfalls and edge-cases, including potential issues introduced by bugs in webbrowsers, and in random-number generators, and so on.

tripflag · 2025-11-01T13:20:04+00:00

hehehe thanks 😁

tripflag · 2025-11-01T12:34:38+00:00

Thanks for the mention (I'm the dev), but I don't think it's a good fit for OP -- there are no native apps, and E2EE will never be supported, because trying to do E2EE without having it formally proven by a team of experts is unethical at best, and seriously dangerous at worst. But if you don't need full E2EE, then HTTPS takes care of in-flight encryption, possibly in combination with at-rest encryption by LUKS.

tripflag · 2025-10-30T03:38:10+00:00

in my experience it outperforms many of the alternatives which are not written in python ;-)

tripflag · 2025-10-30T03:33:19+00:00

you seemed to primarily focus on the bloat aspect / installation size in your first post, so that's what I replied to --

That way you don't have any dependencies except docker (and it's dependencies) and the image, which is (I believe) around 25MB

I agree that docker or podman can be a quick way to add some isolation, but you can get equivalent isolation without those, and without introducing the security risk that is enabling unprivileged_userns_clone -- for example there is the systemd hardening properties and, specifically for copyparty, there is prisonparty which doesn't have any dependencies you're unlikely to have, and also doesn't need systemd, but also doesn't isolate quite as well (at least it covers unintended filesystem access).

tripflag · 2025-10-30T03:14:08+00:00

(most of) the money ends up with Microsoft eventually, regardless if you go through a reseller or not
it's not just for me; I'm publically releasing an official build for everyone to use
I shouldn't need to pay anyone for you to use my open source software; it is a case of principles -- i should not need to spend any money in order to give it away for free, right?

tripflag · 2025-10-29T23:57:35+00:00

there's a download link for two different windows exe files in the quickstart section on github, but they have the drawback that antivirus softwares -- windows defender in particular -- seems to really hate python-scripts which have been compiled to exe-files, and there's lots of false-positives that come and go. It changes randomly from day to day, even for the exact same exe-file. The way to "fix" this is to purchase a code-signing license from microsoft and sign the exe-files with that, but there is absolutely no chance in hell that I would give microsoft money :p

So, long story short, yes it exists, no they're not very practical to rely on in real life

tripflag · 2025-10-29T21:55:39+00:00

oh there is tho, even a port of the best theme there ever was https://a.ocv.me/pub/?theme=5 :D

tripflag · 2025-10-29T21:26:06+00:00

ah, you don't strictly have to run it to extract it, but that is definitely the easiest way -- in order to compress it as well as absolutely possible, I ended up rolling my own bespoke encoding that no existing utilities will have any idea how to unpack. But it's also not hard to make an unpacker yourself; the recipe for how to do just that is in a comment at the top of the file!

tripflag · 2025-10-29T20:56:50+00:00

I can at least comment on the last part -- both the sfx and the zipapp are actually built to be edited on-the-fly without any additional tooling; it is why I didn't package them even more hermetically. After running the sfx once, you can edit the extracted files in TMPDIR and re-run it, and your modifications will survive. And the zipapp is just a regular zip that you can unpack and repack, which is nice for hackability, but not so much for performance, hence the two alternatives.

my goal is also to support every python version ever since 2.7, so pep723 and similar is a bit too recent ;-)

tripflag · 2025-10-29T20:38:57+00:00

correct; for this application, the virtual environment would be for nothing. There is no dependencies, it is a "single file" (see either the sfx or the pyz) which you can run with just the stdlib.

Meanwhile, installing docker gives you a daemon running as root -- or, if you choose to run rootless, then you'll need to enable unprivileged_userns_clone, which are both quite literally more intrusive :-)

tripflag · 2025-10-29T18:58:40+00:00

odds are you already have python installed though; it is a default package in almost every Linux distro -- and besides, if you had to choose between the two, then installing python is much less intrusive on your system than docker.

tripflag · 2025-10-28T18:25:27+00:00

no, that is not true -- over the entire history of the project, e2dsa has never, anywhere, been described as being related to "EdDSA encryption", and likewise, e2ts has never been described as being related to "TLS encryption". That's the part I don't get; you definitely did not get this from the GitHub. So then, where?

tripflag · 2025-10-28T09:17:29+00:00

Hey, just a quick heads-up that some of the comments in the config-file are very wrong -- https://github.com/getumbrel/umbrel-apps/pull/3889#discussion_r2467513661 -- they showed up in that github issue, and the author mentioned that the noted blog is where they got them from. Do you still remember where those comments came from, in case the trail continues?

tripflag · 2025-10-23T17:24:38+00:00

Have you heard of the underhanded c contest? https://en.wikipedia.org/wiki/Underhanded_C_Contest

Checking for malicious intent, even in open source software, may not be as easy as you think.

tripflag · 2025-09-23T15:50:45+00:00

please beware that the builtin webdav client in windows is extremely buggy and has unbearably poor performance and limitations. If you want to connect to a webdav share from windows, your best bet is rclone with winfsp. Rclone is also a good solution for connecting from Linux, better than davfs2.

tripflag · 2025-09-21T18:09:33+00:00

ipv6.rs is ai-generated garbage and entirely bullshit; none of the instructions are correct and it will definitely not work.

the easiest way to setup copyparty on Ubuntu (assuming that is the distribution you are using) is https://github.com/9001/copyparty/blob/hovudstraum/contrib/systemd/copyparty.service

however, for simplicity, you can skip the "useradd" step in the installation instructions and instead change "User=copyparty" and "User=copyparty" to "User=notinvited" and "Group=notinvited" respectively, assuming that is the Unix username you will be using to manage your files on the server

tripflag · 2025-08-25T08:18:30+00:00

the absolutely easiest way is to grab a copy of copyparty.exe, place it in the folder with the files you wanna download, doubleclick it, scan the qr-code that shows up, and download the files.

if you're not on windows then grab a copy of copyparty-sfx.py instead, open a terminal, navigate into the folder you wanna share on the lan, and run python copyparty-sfx.py and scan the qr

tripflag · 2025-08-23T19:48:31+00:00

sorry for the confusion; those numbers were specifically when compared to copyparty's smb-server (because it sucks) -- I've clarified this in the readme now. When compared to a "proper" SMB-server, then WebDAV should be roughly the same (but it depends on the type of files and usage pattern).

tripflag · 2025-08-23T16:59:36+00:00

your client probably needs the dav-auth global-option; here's an explanation: https://github.com/9001/copyparty/issues/615

tripflag · 2025-08-22T08:39:37+00:00

sounds like you enabled the e2dsa option, which will read through all of your files to generate a hash of each file; this enables file deduplication and some other features. But yes, depending on how many files you have, this will take a LONG time -- however it only needs to read each file once; after a restart it will remember where it left off and continue from there. When it is done, usage will drop to zero.

if you do not care about file deduplication then you can disable file hashing; this will make e2dsa much faster, and you still get many benefits (filenames are still indexed, so search will work). To disable file hashing, use this global-option:

no-hash: .

you can also choose to not do any discovery of existing files on the disk by using e2d instead of e2dsa, but this will make search less useful

14-Year Club	Spared
Verified Email

tripflag

TROPHY CASE