goshs is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S with either self-signed certificate or user provided certificate and you can use HTTP basic auth.
- Download or view files
- Bulk download as .zip file
- Upload files (Drag & Drop)
- Delete files
- Individually
- Bulk delete
- Basic Authentication
- Transport Layer Security (HTTPS)
- self-signed
- provide own certificate
- Non persistent clipboard
- Download clipboard entries as .json file
- WebDAV support
- Read-Only and Upload-Only mode
- Silent mode (no webserver output)
- Retrieve json on cli
- Drop user privileges before execution (Unix only)
- Example: Run on port 80, but process is "www-data"
- Themes
- Dark Mode
- Light Mode
- Command Line
- Run Commands on the system hosting
goshs
- Run Commands on the system hosting
- File Based ACLs
- You can place a
.goshsin any folder to apply custom ACLs - You can apply custom basic auth per folder
- You can restrict access to specific files completely
- You can place a
You can download the executable from the release section
go get -u github.com/patrickhener/goshs
go install github.com/patrickhener/goshs@latestBuilding requirements are ugilfy-js and sass. After installing this packages you can easily just:
git clone https://github.com/patrickhener/goshs.git
cd goshs
make build> goshs -h
goshs v0.3.4
Usage: goshs [options]
Web server options:
-i, --ip The ip/if-name to listen on (default: 0.0.0.0)
-p, --port The port to listen on (default: 8000)
-d, --dir The web root directory (default: current working path)
-w, --webdav Also serve using webdav protocol (default: false)
-wp, --webdav-port The port to listen on for webdav (default: 8001)
-ro, --read-only Read only mode, no upload possible (default: false)
-uo, --upload-only Upload only mode, no download possible (default: false)
-si, --silent Running without dir listing (default: false)
-c, --cli Enable cli (only with auth and tls) (default: false)
TLS options:
-s, --ssl Use TLS
-ss, --self-signed Use a self-signed certificate
-sk, --server-key Path to server key
-sc, --server-cert Path to server certificate
Authentication options:
-b, --basic-auth Use basic authentication (user:pass - user can be empty)
-H, --hash Hash a password for file based ACLs
Misc options:
-u --user Drop privs to user (unix only) (default: current user)
-V --verbose Activate verbose log output (default: false)
-v Print the current goshs version
Usage examples:
Start with default values: ./goshs
Start with wevdav support: ./goshs -w
Start with different port: ./goshs -p 8080
Start with self-signed cert: ./goshs -s -ss
Start with custom cert: ./goshs -s -sk <path to key> -sc <path to cert>
Start with basic auth: ./goshs -b secret-user:$up3r$3cur3
Start with basic auth empty user: ./goshs -b :$up3r$3cur3
Start with cli enabled: ./goshs -b secret-user:$up3r$3cur3 -s -ss -cServe from your current directory
goshs
Serve from your current directory with webdav enabled on custom port
goshs -w -wp 8081
Serve from another directory
goshs -d /path/to/directory
Serve from port 1337
goshs -p 1337
Password protect the service
goshs -b secret-user:VeryS3cureP4$$w0rd
Please note: goshs uses HTTP basic authentication. It is recommended to use SSL option with basic authentication to prevent from credentials beeing transfered in cleartext over the line.
Use TLS connection
Self-Signed
goshs -s -ss
Provide own certificate
goshs -s -sk server.key -sc server.crt
Run in silent mode
This mode will omit the dir listing on the web interface. Also you will not have access to the clipboard or upload form. Still you could upload a file using the corresponding post request (see examples).
goshs -si
Retrieve the directory listing in json format
You can now retrieve the directory listing in json format. This is meant to be used with curl for example in environments where you do not have a browser on hand.
curl -s localhost:8000/?json | jq
[
{
"name": ".git/",
"is_dir": true,
"is_symlink": false,
"symlink_target": "",
"extension": "",
"size_bytes": 4096,
"last_modified": "2023-02-28T15:38:11.982+01:00"
},
{
"name": ".github/",
"is_dir": true,
"is_symlink": false,
"symlink_target": "",
"extension": "",
"size_bytes": 4096,
"last_modified": "2023-02-28T10:27:35.524+01:00"
},
{
"name": ".gitignore",
"is_dir": false,
"is_symlink": false,
"symlink_target": "",
"extension": ".gitignore",
"size_bytes": 48,
"last_modified": "2023-02-20T07:58:46.436+01:00"
},
... snip ...Or with path:
curl -s localhost:8000/utils?json | jq
[
{
"name": "utils.go",
"is_dir": false,
"is_symlink": false,
"symlink_target": "",
"extension": ".go",
"size_bytes": 2218,
"last_modified": "2023-02-28T15:28:54.783+01:00"
},
{
"name": "utils_test.go",
"is_dir": false,
"is_symlink": false,
"symlink_target": "",
"extension": ".go",
"size_bytes": 2012,
"last_modified": "2023-02-28T15:28:12.748+01:00"
}
]Drop user privs
You might wanna bind to port 80 but rather not have the process running as root. So you can use -u/--user to drop privileges:
user@host:~/projects/goshs$ sudo ./goshs -p 80 --u user
INFO [2023-05-26 11:56:19] Serving on interface lo bound to 127.0.0.1:80
INFO [2023-05-26 11:56:19] Serving HTTP from /home/user/goshs
INFO [2023-05-26 11:56:19] Dropping privileges to user 'user' user@host:~$ ps aux | grep goshs
root 35975 0.0 0.0 10828 5028 pts/0 S+ 11:56 0:00 sudo ./goshs -p 80 --u user
user 35976 0.0 0.1 1166136 8460 pts/0 Sl+ 11:56 0:00 ./goshs -p 80 --u userRun with cli mode enabled
CLI mode will let you run commands on the system hosting goshs and return the output to you.
goshs -b secret-user:$up3r$3cur3 -s -ss -c
File Based ACLs
You can apply file based access control lists per folder by placing a file called .goshs in that folder. The files content is like:
{
"auth":"<user>:<hash>",
"block":[
"file1",
"file2",
"folder/"
]
}The hash you have to use can be generated with goshs -H or goshs --hash. This will generate a bCrypt hash. The username can be left empty.
goshs --hash
Enter password: *******
Hash: $2a$14$hh50ncgjLAOQT3KI1RlVYus3gMecE4/Ul2HakUp6iiBCnl2c5M0daThe block mode will hide the folders and files from the listing and restrict access to them regardless. Please be aware that a file inside a blocked folder will be accessible unless you define a new .goshs file within that blocked folder.
A special thank you goes to sc0tfree for inspiring this project with his project updog written in Python.