chore(release): 2.21.1

build(deps): bump url-parse from 1.5.4 to 1.5.7 in /frontend

.circleci/config.yml

@@ -1,83 +0,0 @@
-version: 2
-jobs:
-  linting:
-    docker:
-      - image: circleci/golang:1.10
-    working_directory: /go/src/github.com/filebrowser/filebrowser
-    steps:
-      - checkout
-      - run:
-          name: Install Dependencies
-          command: |
-            curl -sL -o $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64
-            chmod +x $GOPATH/bin/dep
-            dep ensure -v
-            go get github.com/alecthomas/gometalinter
-            gometalinter --install
-      - run:
-          name: Run linting
-          command: |
-            gometalinter --exclude="rice-box.go" \
-              --deadline=300s \
-              -D goconst \
-              -D gocyclo \
-              -D vetshadow \
-              -D errcheck \
-              -D golint \
-              -D gas
-  build:
-    docker:
-      - image: circleci/golang:1.10
-    working_directory: /go/src/github.com/filebrowser/filebrowser
-    steps:
-      - checkout
-      - run:
-          name: Install Dependencies
-          command: |
-            curl -sL -o $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64
-            chmod +x $GOPATH/bin/dep
-            dep ensure -v
-      - run:
-          name: Building
-          command: go build github.com/filebrowser/filebrowser/cmd/filebrowser
-  deploy:
-    docker:
-      - image: circleci/golang:1.10
-    working_directory: /go/src/github.com/filebrowser/filebrowser
-    steps:
-      - checkout
-      - run:
-          name: Install Dependencies
-          command: |
-            curl -sL -o $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64
-            chmod +x $GOPATH/bin/dep
-            dep ensure -v
-      - run:
-          name: Deploy
-          command: curl -sL https://git.io/goreleaser | bash
-
-workflows:
-  version: 2
-  lint-build-deploy:
-    jobs:
-      - linting:
-          filters:
-              tags:
-                only: /.*/
-              branches:
-                only: /.*/
-      - build:
-          filters:
-              tags:
-                only: /.*/
-              branches:
-                only: /.*/
-      - deploy:
-          requires:
-            - linting
-            - build
-          filters:
-            tags:
-              only: /v[0-9]+(\.[0-9]+)*(-.*)*/
-            branches:
-              ignore: /.*/

.dockerignore

@@ -1,2 +1,3 @@
-testdata/
-.github/
+*
+!docker/*
+!filebrowser

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# These owners will be the default owners for everything in the repo.
+# Unless a later match takes precedence, @o1egl will be requested for
+# review when someone opens a pull request.
+
+*       @o1egl

.github/ISSUE_TEMPLATE.md

@@ -1,24 +0,0 @@
-### Instructions (remove before submitting):
-
-1. Are you asking for help with using Caddy or File Browser? Please use our forum instead: https://forum.caddyserver.com.
-2. If you are filing a bug report, please answer the following questions.
-3. If your issue is not a bug report, you do not need to use this template.
-4. If not using with Caddy, ignore questions 1 and 2.
-
-### 1. Have you downloaded File Browser from caddyserver.com? If yes, when have you done that? If no, and you are running a custom build, which is the revision of File Browser's repository?
-
-### 2. What is your entire Caddyfile?
-```text
-(Put Caddyfile here)
-```
-
-### 3. What are you trying to do?
-
-
-### 4. What did you expect to see?
-
-
-### 5. What did you see instead (give full error messages and/or log)?
-
-
-### 6. How can someone who is starting from scratch reproduce this behaviour as minimally as possible?

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,22 @@
+---
+name: Bug report
+about: Create a report to help us improve
+---
+
+**Description**
+<!-- A clear and concise description of what the issue is about. What are you trying to do? -->
+
+**Expected behaviour**
+<!-- What did you expect to happen? -->
+
+**What is happening instead?**
+<!-- Please, give full error messages and/or log. -->
+
+**Additional context**
+<!-- Add any other context about the problem here. If applicable, add screenshots to help explain your problem. -->
+
+**How to reproduce?**
+<!-- Tell us how to reproduce this issue. How can someone who is starting from scratch reproduce this behaviour as minimally as possible? -->
+
+**Files**
+<!-- A list of relevant files for this issue. Large files can be uploaded one-by-one or in a tarball/zipfile. -->

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,16 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+---
+
+**Is your feature request related to a problem? Please describe.**
+<!-- Add a clear and concise description of what the problem is. E.g. *I'm always frustrated when [...]* -->
+
+**Describe the solution you'd like**
+<!-- Add a clear and concise description of what you want to happen.  -->
+
+**Describe alternatives you've considered**
+<!-- Add a clear and concise description of any alternative solutions or features you've considered.  -->
+
+**Additional context**
+<!-- Add any other context or screenshots about the feature request here. -->

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,20 @@
+**Description**
+<!--
+Please explain the changes you made here.
+If the feature changes current behaviour, explain why your solution is better.
+-->
+
+:rotating_light: Before submitting your PR, please read [community](https://github.com/filebrowser/community), and indicate which issues (in any of the repos) are either fixed or closed by this PR. See [GitHub Help: Closing issues using keywords](https://help.github.com/articles/closing-issues-via-commit-messages/).
+
+- [ ] DO make sure you are requesting to **pull a topic/feature/bugfix branch** (right side). Don't request your master!
+- [ ] DO make sure you are making a pull request against the **master branch** (left side). Also you should start *your branch* off *our master*.
+- [ ] DO make sure that File Browser can be successfully built. See [builds](https://github.com/filebrowser/community/blob/master/builds.md) and [development](https://github.com/filebrowser/community/blob/master/development.md).
+- [ ] DO make sure that related issues are opened in other repositories. I.e., the frontend, caddy plugins or the web page need to be updated accordingly.
+- [ ] AVOID breaking the continuous integration build.
+
+**Further comments**
+<!--
+If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did, what alternatives you considered, etc.
+
+:heart: Thank you!
+-->

.github/workflows/main.yaml

@@ -0,0 +1,100 @@
+name: main
+
+on:
+  push:
+    branches:
+      - 'master'
+    tags:
+      - 'v*'
+  pull_request:
+
+jobs:
+# linters
+  lint-frontend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+      - run: make lint-frontend
+  lint-backend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+      - run: make lint-backend
+  lint-commits:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+      - run: make lint-commits
+  lint:
+    runs-on: ubuntu-latest
+    needs: [lint-frontend, lint-backend, lint-commits]
+    steps:
+      - run: echo "done"
+
+# tests
+  test-frontend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+      - run: make test-frontend
+  test-backend:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+      - run: make test-backend
+  test:
+    runs-on: ubuntu-latest
+    needs: [test-frontend, test-backend]
+    steps:
+      - run: echo "done"
+
+# release
+  release:
+    runs-on: ubuntu-latest
+    needs: [lint, test]
+    if: startsWith(github.event.ref, 'refs/tags/v')
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Build frontend
+        run: make build-frontend
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_PAT }}

.gitignore

@@ -1,13 +1,31 @@
-.DS_Store
-node_modules/
-*/dist/*
 *.db
-*.db.lock
+*.bak
+_old
+rice-box.go
+.idea/
+/filebrowser
+/filebrowser.exe
+/dist
+
+.DS_Store
+node_modules
+
+# local env files
+.env.local
+.env.*.local
+
+# Log files
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
+
+# Editor directories and files
 .idea
 .vscode
-package-lock.json
-yarn.lock
-vendor
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw*
+bin/
+build/

.golangci.yml

@@ -0,0 +1,120 @@
+linters-settings:
+  dupl:
+    threshold: 100
+  exhaustive:
+    default-signifies-exhaustive: false
+  funlen:
+    lines: 100
+    statements: 50
+  gci:
+    local-prefixes: github.com/filebrowser/filebrowser
+  goconst:
+    min-len: 2
+    min-occurrences: 2
+  gocritic:
+    enabled-tags:
+      - diagnostic
+      - experimental
+      - opinionated
+      - performance
+      - style
+    disabled-checks:
+      - dupImport # https://github.com/go-critic/go-critic/issues/845
+      - ifElseChain
+      - octalLiteral
+      - whyNoLint
+      - wrapperFunc
+  gocyclo:
+    min-complexity: 15
+  goimports:
+    local-prefixes: github.com/filebrowser/filebrowser
+  gomnd:
+    settings:
+      mnd:
+        # don't include the "operation" and "assign"
+        checks: argument,case,condition,return
+  govet:
+    check-shadowing: true
+  lll:
+    line-length: 140
+  maligned:
+    suggest-new: true
+  misspell:
+    locale: US
+  nolintlint:
+    allow-leading-space: true # don't require machine-readable nolint directives (i.e. with no leading space)
+    allow-unused: false # report any unused nolint directives
+    require-explanation: false # don't require an explanation for nolint directives
+    require-specific: false # don't require nolint directives to be specific about which linter is being skipped
+
+linters:
+  # please, do not use `enable-all`: it's deprecated and will be removed soon.
+  # inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint
+  disable-all: true
+  enable:
+    - bodyclose
+    - deadcode
+    - depguard
+    - dogsled
+    - dupl
+    - errcheck
+    - exportloopref
+    - exhaustive
+    - funlen
+    - gochecknoinits
+    - goconst
+    - gocritic
+    - gocyclo
+    - goimports
+    - gomnd
+    - goprintffuncname
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - lll
+    - misspell
+    - nakedret
+    - nolintlint
+    - rowserrcheck
+    - staticcheck
+    - structcheck
+    - stylecheck
+    - typecheck
+    - unconvert
+    - unparam
+    - unused
+    - varcheck
+    - whitespace
+    - prealloc
+
+issues:
+  exclude-rules:
+    - path: cmd/.*.go
+      linters:
+        - gochecknoinits
+    - path: .*_test.go
+      linters:
+        - lll
+        - gochecknoinits
+        - gocyclo
+        - funlen
+        - dupl
+        - scopelint
+    - text: "Auther"
+      linters:
+        - misspell
+    - text: "strconv.Parse"
+      linters:
+        - gomnd
+
+run:
+  skip-dirs:
+    - frontend/
+  skip-files:
+    - http/rice-box.go
+
+# golangci.com configuration
+# https://github.com/golangci/golangci/wiki/Configuration
+service:
+  golangci-lint-version: 1.27.x # use the fixed version to not introduce new linters unexpectedly

.goreleaser.yml

@@ -1,39 +1,240 @@
-build:
-  main: cmd/filebrowser/main.go
-  binary: filebrowser
-  goos:
-    - darwin
-    - linux
-    - windows
-    - freebsd
-    - netbsd
-    - openbsd
-    - dragonfly
-    - solaris
-  goarch:
-    - amd64
-    - 386
-    - arm
-    - arm64
-  goarm:
-    - 5
-    - 6
-    - 7
-  ignore:
-    - goos: darwin
-      goarch: 386
-    - goos: openbsd
-      goarch: arm
-    - goos: freebsd
-      goarch: arm
-    - goos: netbsd
-      goarch: arm
-    - goos: solaris
-      goarch: arm
-
-archive:
-  name_template: "{{.Os}}-{{.Arch}}{{if .Arm}}v{{.Arm}}{{end}}-{{ .ProjectName }}"
-  format: tar.gz
-  format_overrides:
-    - goos: windows
-      format: zip
+project_name: filebrowser
+
+env:
+  - GO111MODULE=on
+
+build:
+  env:
+    - CGO_ENABLED=0
+  ldflags:
+    - -s -w -X github.com/filebrowser/filebrowser/v2/version.Version={{ .Version }} -X github.com/filebrowser/filebrowser/v2/version.CommitSHA={{ .ShortCommit }}
+  main: main.go
+  binary: filebrowser
+  goos:
+    - darwin
+    - linux
+    - windows
+    - freebsd
+  goarch:
+    - amd64
+    - 386
+    - arm
+    - arm64
+  goarm:
+    - 5
+    - 6
+    - 7
+  ignore:
+    - goos: darwin
+      goarch: 386
+    - goos: freebsd
+      goarch: arm
+
+archives:
+  -
+    name_template: "{{.Os}}-{{.Arch}}{{if .Arm}}v{{.Arm}}{{end}}-{{ .ProjectName }}"
+    format: tar.gz
+    format_overrides:
+      - goos: windows
+        format: zip
+
+dockers:
+  -
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/amd64"
+    goos: linux
+    goarch: amd64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64"
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64"
+    extra_files:
+      - docker_config.json
+  -
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm64"
+    goos: linux
+    goarch: arm64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64"
+    extra_files:
+      - docker_config.json
+  -
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm/v6"
+    goos: linux
+    goarch: arm
+    goarm: '6'
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv6"
+    extra_files:
+      - docker_config.json
+  -
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm/v7"
+    goos: linux
+    goarch: arm
+    goarm: '7'
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv7"
+    extra_files:
+      - docker_config.json
+## s6 based docker images
+  -
+    dockerfile: Dockerfile.s6
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/amd64"
+    goos: linux
+    goarch: amd64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64-s6"
+    extra_files:
+      - docker/root
+  -
+    dockerfile: Dockerfile.s6.aarch64
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm64"
+    goos: linux
+    goarch: arm64
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64-s6"
+    extra_files:
+      - docker/root
+  -
+    dockerfile: Dockerfile.s6.armhf
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm/v6"
+    goos: linux
+    goarch: arm
+    goarm: '6'
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv6-s6"
+    extra_files:
+      - docker/root
+  -
+    dockerfile: Dockerfile.s6.armhf
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.name={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.source={{.GitURL}}"
+      - "--platform=linux/arm/v7"
+    goos: linux
+    goarch: arm
+    goarm: '7'
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv7-s6"
+    extra_files:
+      - docker/root
+docker_manifests:
+  - name_template: "filebrowser/filebrowser:latest"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7"
+  - name_template: "filebrowser/filebrowser:{{ .Tag }}"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7"
+  - name_template: "filebrowser/filebrowser:v{{ .Major }}"
+    image_templates:
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv7"
+## s6 image manifests
+  - name_template: "filebrowser/filebrowser:s6"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7-s6"
+  - name_template: "filebrowser/filebrowser:{{ .Tag }}-s6"
+    image_templates:
+      - "filebrowser/filebrowser:{{ .Tag }}-amd64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-arm64-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv6-s6"
+      - "filebrowser/filebrowser:{{ .Tag }}-armv7-s6"
+  - name_template: "filebrowser/filebrowser:v{{ .Major }}-s6"
+    image_templates:
+      - "filebrowser/filebrowser:v{{ .Major }}-amd64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-arm64-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv6-s6"
+      - "filebrowser/filebrowser:v{{ .Major }}-armv7-s6"
+brews:
+  - name: filebrowser
+    tap:
+      owner: filebrowser
+      name: homebrew-tap
+    folder: Formula
+    homepage: https://filebrowser.org
+    commit_author:
+      name: FileBrowser Robot
+      email: robot@filebrowser.org
+    description: File Browser is a create-your-own-cloud-kind of software where you can install it on a server, direct it to a path and then access your files through a nice web interface
+    license: "MIT"

.tx/config

@@ -0,0 +1,10 @@
+[main]
+host = https://www.transifex.com
+lang_map = pt_BR: pt-br, zh_CN: zh-cn, zh_HK: zh-hk, zh_TW: zh-tw, nl_BE: nl-be, sv_SE: sv-se
+
+[file-browser.file-browser]
+file_filter = frontend/src/i18n/<lang>.json
+minimum_perc = 50
+source_file = frontend/src/i18n/en.json
+source_lang = en
+type = KEYVALUEJSON

.versionrc

@@ -0,0 +1,14 @@
+{
+  "types": [
+    { "type": "feat", "section": "Features" },
+    { "type": "fix", "section": "Bug Fixes" },
+    { "type": "perf", "section": "Performance improvements" },
+    { "type": "revert", "section": "Reverts" },
+    { "type": "refactor", "section": "Refactorings" },
+    { "type": "build", "section": "Build" },
+    { "type": "ci", "hidden": true },
+    { "type": "test", "hidden": true },
+    { "type": "chore", "hidden": true },
+    { "type": "docs", "hidden": true }
+  ]
+}

CHANGELOG.md

@@ -0,0 +1,448 @@
+# Changelog
+
+All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+### [2.21.1](https://github.com/filebrowser/filebrowser/compare/v2.21.0...v2.21.1) (2022-02-22)
+
+
+### Bug Fixes
+
+* display user scope for admin users ([#1834](https://github.com/filebrowser/filebrowser/issues/1834)) ([6366cf0](https://github.com/filebrowser/filebrowser/commit/6366cf0b181f13eac38f69f1760d6f6f0586a5d1))
+
+## [2.21.0](https://github.com/filebrowser/filebrowser/compare/v2.20.1...v2.21.0) (2022-02-21)
+
+
+### Features
+
+* add colorized file type icons ([2948589](https://github.com/filebrowser/filebrowser/commit/2948589fcde6d1dca7f3ea52a621d8213fa3300c))
+* add gallery view mode ([8888b9f](https://github.com/filebrowser/filebrowser/commit/8888b9f44640394df9e3583db4392472d7027a4b))
+* add Ukrainian translation / update Russian translation ([#1753](https://github.com/filebrowser/filebrowser/issues/1753)) ([665e458](https://github.com/filebrowser/filebrowser/commit/665e45889cd333f1e3500e4bf38d15d229c9fe2a))
+* add upload file list with progress ([#1825](https://github.com/filebrowser/filebrowser/issues/1825)) ([cf85404](https://github.com/filebrowser/filebrowser/commit/cf85404dd25cd7fdd73aa32878b4dc5f85ee3e96))
+* smaller column width to fit 2 columns in landscape mobiles ([7870e89](https://github.com/filebrowser/filebrowser/commit/7870e89bc04f1494f2705795476b5f1c9d621e38))
+* use real image path to calculate cache key ([c198723](https://github.com/filebrowser/filebrowser/commit/c1987237d05adcce77c614e5247a181ae5cdfacd))
+
+
+### Bug Fixes
+
+* correctly handle non-ascii passwords for shared resources ([c782f21](https://github.com/filebrowser/filebrowser/commit/c782f21b0fa4511a15e7015117d075eaf5ea332c))
+* don't expose scope for non-admin users ([0942fc7](https://github.com/filebrowser/filebrowser/commit/0942fc7042fd949cce91855169d0bcf16eb75771))
+* open all the pdf files correctly ([#1742](https://github.com/filebrowser/filebrowser/issues/1742)) ([949f0f2](https://github.com/filebrowser/filebrowser/commit/949f0f277f6004904b3edfa716a8365ec93fa0fa))
+
+
+### Build
+
+* **deps:** bump browserslist from 4.16.3 to 4.19.1 in /frontend ([8089007](https://github.com/filebrowser/filebrowser/commit/80890075e802e2a4217edbb01d6417122d702f5e))
+* **deps:** bump dns-packet from 1.3.1 to 1.3.4 in /frontend ([a73d7f1](https://github.com/filebrowser/filebrowser/commit/a73d7f14b787935c6ebe525dba64b65f8ed733e2))
+* **deps:** bump follow-redirects from 1.13.3 to 1.14.8 in /frontend ([f1f7f17](https://github.com/filebrowser/filebrowser/commit/f1f7f17ade8d40fc6cfb22c79960bce299876b56))
+* **deps:** bump hosted-git-info from 2.8.8 to 2.8.9 in /frontend ([e7659ea](https://github.com/filebrowser/filebrowser/commit/e7659ea36bdf780ce17005f7170a2fef02a2d5e5))
+* **deps:** bump path-parse from 1.0.6 to 1.0.7 in /frontend ([c014966](https://github.com/filebrowser/filebrowser/commit/c01496624a7ebfc8a7c256bd919a400367281cbb))
+* **deps:** bump postcss from 7.0.35 to 7.0.39 in /frontend ([9182d33](https://github.com/filebrowser/filebrowser/commit/9182d33e1cc375473fb18989a92d20252884f096))
+* **deps:** bump ssri from 6.0.1 to 6.0.2 in /frontend ([3717186](https://github.com/filebrowser/filebrowser/commit/371718634b11f32e68165f31c51b6b1139c829ec))
+* **deps:** bump tar from 6.1.0 to 6.1.11 in /frontend ([010d16f](https://github.com/filebrowser/filebrowser/commit/010d16fc1d8f0200e5662943aef17ee89c5877b7))
+* **deps:** bump url-parse from 1.5.1 to 1.5.4 in /frontend ([8906408](https://github.com/filebrowser/filebrowser/commit/8906408a8f0ed86d1e11ea90fc573b36815c9c0d))
+* **deps:** bump url-parse from 1.5.4 to 1.5.7 in /frontend ([228ebea](https://github.com/filebrowser/filebrowser/commit/228ebea66cc871b33459406590a80ef906298e7d))
+* **deps:** bump ws from 6.2.1 to 6.2.2 in /frontend ([73c8073](https://github.com/filebrowser/filebrowser/commit/73c80732d934bc8802a6d7c7a559cad37df405f0))
+
+### [2.20.1](https://github.com/filebrowser/filebrowser/compare/v2.20.0...v2.20.1) (2021-12-21)
+
+
+### Build
+
+* revert to using the default alpine based docker image ([46d8046](https://github.com/filebrowser/filebrowser/commit/46d80464d2a67927b06a11b83fb137ad364a90ed))
+
+## [2.20.0](https://github.com/filebrowser/filebrowser/compare/v2.19.0...v2.20.0) (2021-12-20)
+
+
+### Features
+
+* detect multiple subtitle languages ([#1723](https://github.com/filebrowser/filebrowser/issues/1723)) ([c2e03bb](https://github.com/filebrowser/filebrowser/commit/c2e03bbfab97fc6716bcdd59158e9d5129bf0ea7))
+* use linuxserver based docker image ([b8f35ce](https://github.com/filebrowser/filebrowser/commit/b8f35ce9322c2b0dbf954cfd3ff584bc9f742fdd))
+
+
+### Bug Fixes
+
+* set correct default database path in the config ([988d3e5](https://github.com/filebrowser/filebrowser/commit/988d3e5bdd224509ddc2f08444560e3087e9c67d))
+* upgrade vulnerable versions of the library ([6eb3ab0](https://github.com/filebrowser/filebrowser/commit/6eb3ab063509a015ad630ab704ae3791461d0982))
+
+
+### Build
+
+* refactor makefile ([f81857a](https://github.com/filebrowser/filebrowser/commit/f81857acce25936a700945db5ef4af545eaeb1cf))
+* remove deprecated goreleaser use_buildx param ([4d1b9dd](https://github.com/filebrowser/filebrowser/commit/4d1b9dd2112002a93bb26cece07dcfd81c31dc2c))
+
+## [2.19.0](https://github.com/filebrowser/filebrowser/compare/v2.18.0...v2.19.0) (2021-11-24)
+
+
+### Features
+
+* prefetch previous and next images in preview. ([#1627](https://github.com/filebrowser/filebrowser/issues/1627)) ([7401d16](https://github.com/filebrowser/filebrowser/commit/7401d16e457bb232fd7dd7ef427e8960d465705c))
+
+
+### Bug Fixes
+
+* empty file listing on share ([e082397](https://github.com/filebrowser/filebrowser/commit/e08239781f61e7bb25d9b8c5c6cce90f34621a76))
+* relative font sizes ([c29698d](https://github.com/filebrowser/filebrowser/commit/c29698dffac769077ab7c7869569a902979ee3d7))
+
+## [2.18.0](https://github.com/filebrowser/filebrowser/compare/v2.17.2...v2.18.0) (2021-10-31)
+
+
+### Features
+
+* add ability to select file modified time format ([#1536](https://github.com/filebrowser/filebrowser/issues/1536)) ([0426629](https://github.com/filebrowser/filebrowser/commit/0426629a59c712849570d3e29956948ae7725a4a))
+* add manifest theme color param ([#1542](https://github.com/filebrowser/filebrowser/issues/1542)) ([0358e42](https://github.com/filebrowser/filebrowser/commit/0358e42d2c206732fffa77714f5a66f4fe50a69d))
+
+
+### Bug Fixes
+
+* back button behaviour in preview ([#1573](https://github.com/filebrowser/filebrowser/issues/1573)) ([deabc80](https://github.com/filebrowser/filebrowser/commit/deabc80fd7670983039dfcd29531b45002ca5d9e))
+* fix sidebar navigation on mobile devices ([#1618](https://github.com/filebrowser/filebrowser/issues/1618)) ([f09bf3e](https://github.com/filebrowser/filebrowser/commit/f09bf3e1d076b27d29ba8a91cf448a99993bc444))
+* search box is misaligned when the browser preferred font size is other than 16px ([#1613](https://github.com/filebrowser/filebrowser/issues/1613)) ([6f345be](https://github.com/filebrowser/filebrowser/commit/6f345be3e47ba57ecc1eb9a62587ab949078c125))
+* security issue in command runner (closes [#1621](https://github.com/filebrowser/filebrowser/issues/1621)) ([74b7cd8](https://github.com/filebrowser/filebrowser/commit/74b7cd8e81840537a8206317344f118093153e8d))
+* set correct editor height regardless of preferred font size ([#1614](https://github.com/filebrowser/filebrowser/issues/1614)) ([ddd4ffa](https://github.com/filebrowser/filebrowser/commit/ddd4ffa4caa6b292a3a644ecd897aba1237c7503))
+* zoom pics when dlclick at first time ([#1561](https://github.com/filebrowser/filebrowser/issues/1561)) ([b6a51be](https://github.com/filebrowser/filebrowser/commit/b6a51bed516814944f8aa41440652242d57824c5))
+
+### [2.17.2](https://github.com/filebrowser/filebrowser/compare/v2.17.1...v2.17.2) (2021-08-27)
+
+
+### Bug Fixes
+
+* bug with inlineLink not creating url properly ([#1515](https://github.com/filebrowser/filebrowser/issues/1515)) ([43a4609](https://github.com/filebrowser/filebrowser/commit/43a460993c3f0d158b876db4b20caa7963e9f361))
+
+### [2.17.1](https://github.com/filebrowser/filebrowser/compare/v2.17.0...v2.17.1) (2021-08-23)
+
+
+### Bug Fixes
+
+* internal server error if --disable-preview-resize flag is set (closes [#1510](https://github.com/filebrowser/filebrowser/issues/1510)) ([4c3099a](https://github.com/filebrowser/filebrowser/commit/4c3099a086c206dcb3bc70ee8c8da02eee61c30b))
+
+## [2.17.0](https://github.com/filebrowser/filebrowser/compare/v2.16.1...v2.17.0) (2021-08-21)
+
+
+### Features
+
+* open file option on preview ([76add9e](https://github.com/filebrowser/filebrowser/commit/76add9e5274b0373c6b983e3b20e387a14ea6c9e))
+
+
+### Bug Fixes
+
+* 401 error in share view open file button ([#1495](https://github.com/filebrowser/filebrowser/issues/1495)) ([25c8788](https://github.com/filebrowser/filebrowser/commit/25c87883908babde073390a2e2320a8e5880a87c))
+* escape quote on index template ([23d646c](https://github.com/filebrowser/filebrowser/commit/23d646c456876d06cf48e71c1e57b69de99511f0)), closes [#1501](https://github.com/filebrowser/filebrowser/issues/1501)
+* file caching directive ([c63cc5a](https://github.com/filebrowser/filebrowser/commit/c63cc5a2d25909cc4e2f2e7235f276ec66c32bf2))
+
+### [2.16.1](https://github.com/filebrowser/filebrowser/compare/v2.16.0...v2.16.1) (2021-08-04)
+
+
+### Bug Fixes
+
+* check symlink target type (closes [#1488](https://github.com/filebrowser/filebrowser/issues/1488)) ([76b466f](https://github.com/filebrowser/filebrowser/commit/76b466f6492e74cf13e66a33e7e5f597ac92b240))
+
+## [2.16.0](https://github.com/filebrowser/filebrowser/compare/v2.15.0...v2.16.0) (2021-07-26)
+
+
+### Features
+
+* browser cache directives ([190cb99](https://github.com/filebrowser/filebrowser/commit/190cb99a79a0d438eca2da13539f8c6449ad73ac))
+* display error messages on settings ([6032038](https://github.com/filebrowser/filebrowser/commit/603203848a8b2221158088b6d849609db4c0c46c))
+* file name on page title ([16a34de](https://github.com/filebrowser/filebrowser/commit/16a34defc02554a77c6ac47b9e17e69d098a09fe))
+* gzip encoding for static js files ([aa172b8](https://github.com/filebrowser/filebrowser/commit/aa172b8bb5f17d5f5cb9666bfb5ee650d8091fb5))
+* loading spinner on views navigation ([976eb55](https://github.com/filebrowser/filebrowser/commit/976eb5583dae474125fd7ddec5dc19b6c291f98f))
+* message for connection error ([5e6f14b](https://github.com/filebrowser/filebrowser/commit/5e6f14b5dcb9c5efdf526f1346e09c2d0b2f6974))
+* mod time title on file info ([7d1e030](https://github.com/filebrowser/filebrowser/commit/7d1e03075d2c27148f60813defa0f68403d1d3c2))
+* open file option on share ([1c25f6e](https://github.com/filebrowser/filebrowser/commit/1c25f6ee69bd71eed82af7020006d0e27537a967))
+* show more button on share ([ba8c09f](https://github.com/filebrowser/filebrowser/commit/ba8c09f454feeadf4a1e97547a34151a81b389d5))
+* support for IE11 browser ([7ec24d9](https://github.com/filebrowser/filebrowser/commit/7ec24d9d7794fa37825f64ca2d1575f568fb1362))
+
+
+### Bug Fixes
+
+* break resource create/update handlers on error (closes [#1464](https://github.com/filebrowser/filebrowser/issues/1464)) ([5072bbb](https://github.com/filebrowser/filebrowser/commit/5072bbb2cbf5b29d041629faa8367f15e4d145a2))
+* copying files with special characters ([20ebbf6](https://github.com/filebrowser/filebrowser/commit/20ebbf6611b734371426fb1b9cb5e388be90bf7e))
+* delete image cache when moving ([8973c45](https://github.com/filebrowser/filebrowser/commit/8973c4598ff817647f1f1ad6ee36480054cd2776))
+* don't remove files on unsuccessful updates (closes [#1456](https://github.com/filebrowser/filebrowser/issues/1456)) ([6b19ab6](https://github.com/filebrowser/filebrowser/commit/6b19ab6613b12be7f075299cd98f4b41d43827c7))
+* failure on broken symlink deletion ([8650d2f](https://github.com/filebrowser/filebrowser/commit/8650d2ffe7a29cbafa800efcecbf6a61598a9f0c))
+* inconsistent double click on listing item ([ba7e71a](https://github.com/filebrowser/filebrowser/commit/ba7e71a7c3b0cc71012e5adf94b1c642e554972e))
+* no items displayed on file listing ([18889ad](https://github.com/filebrowser/filebrowser/commit/18889ad725f7f7e5a7e3f7abcf156487556dbeaf))
+* omit file content ([209f9fa](https://github.com/filebrowser/filebrowser/commit/209f9fa77f751054512355f2b74b9b7258465d0b))
+* short commit sha and typo fix in Makefile ([#1411](https://github.com/filebrowser/filebrowser/issues/1411)) ([46ee595](https://github.com/filebrowser/filebrowser/commit/46ee59538914dc2859f0da6b32e2d062d0a01b10))
+
+## [2.15.0](https://github.com/filebrowser/filebrowser/compare/v2.14.1...v2.15.0) (2021-04-06)
+
+
+### Features
+
+* add EXIF thumbnail support for JPEG files ([#1234](https://github.com/filebrowser/filebrowser/issues/1234)) ([7dd5b34](https://github.com/filebrowser/filebrowser/commit/7dd5b34d425dfbc2782152310483cbecf85c800a))
+* dynamic autoplay on previewer ([a76e01d](https://github.com/filebrowser/filebrowser/commit/a76e01d2b78a785f3665a8b3532c7cc566bfabce))
+* dynamic item count on file listing ([6c8ee96](https://github.com/filebrowser/filebrowser/commit/6c8ee96e6a21fae5d4608bdc7a5c5a161d7dafd3))
+* dynamic zoom limit on previewer ([e410272](https://github.com/filebrowser/filebrowser/commit/e410272e6be6a0b660efe8d4eee6c6e9dd834cc5))
+
+
+### Bug Fixes
+
+* buttons without permission on header ([1516d99](https://github.com/filebrowser/filebrowser/commit/1516d9932bf9926ac8b4cb3e738a5f51e80d5b1d))
+* check modify permission on file overwrite ([59f9964](https://github.com/filebrowser/filebrowser/commit/59f9964e80c8233775f27be33a4c16a31bfe848a))
+* empty archive name on directory download ([2697093](https://github.com/filebrowser/filebrowser/commit/2697093ac151f74eea3022951d128acfe04d1dcf))
+* empty text file on editor ([e9baf0c](https://github.com/filebrowser/filebrowser/commit/e9baf0c4b688fab291cdc842ec464c7a7a816499))
+* error causes panic on upload ([e1a6f59](https://github.com/filebrowser/filebrowser/commit/e1a6f593e1824e7fa4345a61dff5b1bb8cd22d05))
+* hidden editor header on Safari ([b521dec](https://github.com/filebrowser/filebrowser/commit/b521dec8f9b14dd92248c429e902ebc639046389))
+* image quality switch on previewer ([c0d85f3](https://github.com/filebrowser/filebrowser/commit/c0d85f3d85926c8790757bf142140d19455ae8ca))
+* list item interactions on share ([87f1881](https://github.com/filebrowser/filebrowser/commit/87f1881b429877a740ea84a8e783ad4103248289))
+* missing bold variation for Roboto font ([98d79b8](https://github.com/filebrowser/filebrowser/commit/98d79b8ed955df5691a306d709b4ab60d91da408))
+* mouse wheel zoom on previewer ([fcb115f](https://github.com/filebrowser/filebrowser/commit/fcb115f42d33db2be7a4d428ec53d65d6050320b))
+* no header button animations on file listing ([fe80730](https://github.com/filebrowser/filebrowser/commit/fe80730bb135b38e4d9de470c75cbe10b1aec201))
+
+### [2.14.1](https://github.com/filebrowser/filebrowser/compare/v2.14.0...v2.14.1) (2021-03-21)
+
+
+### Bug Fixes
+
+* display public routes with header proxy auth ([da54bd6](https://github.com/filebrowser/filebrowser/commit/da54bd6c214d7ee39b71d710ddfe6dd25fc4e5d6))
+
+## [2.14.0](https://github.com/filebrowser/filebrowser/compare/v2.13.0...v2.14.0) (2021-03-21)
+
+
+### Features
+
+* add health check handler ([a721dc1](https://github.com/filebrowser/filebrowser/commit/a721dc1f314732e60d331a1a7da97d06e0e8b613))
+
+
+### Bug Fixes
+
+* hide dotfile error on share ([5f4a031](https://github.com/filebrowser/filebrowser/commit/5f4a0317ab5685fe4a558df74e604c12e04a1c10))
+* prefix handling on http router ([93a35ad](https://github.com/filebrowser/filebrowser/commit/93a35ad2516accdcb9735db509550979d01de2c3))
+* qr code url on share ([22f4be8](https://github.com/filebrowser/filebrowser/commit/22f4be8f54162b7cf494177705ffb8b09117bd01))
+* text file detection on editor ([eeadc53](https://github.com/filebrowser/filebrowser/commit/eeadc532fe6057969b3c1a4726f236851b154cfa))
+
+## [2.13.0](https://github.com/filebrowser/filebrowser/compare/v2.12.1...v2.13.0) (2021-03-14)
+
+
+### Features
+
+* dual pane settings view ([db5aad8](https://github.com/filebrowser/filebrowser/commit/db5aad8eb679cfe1b1ace5142cf342951217f0f7))
+* improved settings navbar ([5b28aa0](https://github.com/filebrowser/filebrowser/commit/5b28aa0848710b9d3ee02a2aa912856395f48bd2))
+* improved sharing prompt ([1819377](https://github.com/filebrowser/filebrowser/commit/18193778971e27d18b5a35df8c2d0e2953b48111))
+* increased header button counter size ([4fb832c](https://github.com/filebrowser/filebrowser/commit/4fb832c0422107e16f22b7aa928224f36de4978f))
+* larger previewer content ([62fff5c](https://github.com/filebrowser/filebrowser/commit/62fff5ca60da1f887c1f95fa4808d3753596dab2))
+
+
+### Bug Fixes
+
+* archive contains parent path on Windows ([54f3570](https://github.com/filebrowser/filebrowser/commit/54f35701a2bd5cb7ec0628ca9789047072c073db))
+* check rules on http resource handlers ([5bf1554](https://github.com/filebrowser/filebrowser/commit/5bf15548d0ad147acfad5000277531be2671f7ce))
+* download current dir on file listing ([488d980](https://github.com/filebrowser/filebrowser/commit/488d98045e7476ed11e53c13d9498a9db3165bbc))
+* encoded file path on share ([7955e07](https://github.com/filebrowser/filebrowser/commit/7955e0720baef3710106c7e69bbbf078d5489220))
+* full file path on share ([e017a19](https://github.com/filebrowser/filebrowser/commit/e017a199850e19dd51b960ba59402c215fd8f1af))
+* header dropdown icon color on previewer ([f8df76f](https://github.com/filebrowser/filebrowser/commit/f8df76f52684f10722ce123fec2c90e321ddf103))
+* item dragging on file listing ([326b35a](https://github.com/filebrowser/filebrowser/commit/326b35a7ac7871afcdf892ca150349665b7f6379))
+* modified time on info prompt ([11ebaec](https://github.com/filebrowser/filebrowser/commit/11ebaec5f0671ec02ebe55d4a73a514bce3a6713))
+* root path name on archive ([426b38b](https://github.com/filebrowser/filebrowser/commit/426b38bb3362d2d477d0d8aa27d880664d537431))
+* stuck icon on header button ([6a734c0](https://github.com/filebrowser/filebrowser/commit/6a734c01391b437c2842f5d97fb63f29a0017510))
+* update image cache when replacing ([81b6f4d](https://github.com/filebrowser/filebrowser/commit/81b6f4d6f6a01886583016f61f4f1951a59f244d))
+* wait for async command exit ([#1326](https://github.com/filebrowser/filebrowser/issues/1326)) ([6d5ceae](https://github.com/filebrowser/filebrowser/commit/6d5ceae8b454edd749b3b65c88aacc0a31ce9215))
+
+
+### Refactorings
+
+* migrate from rice to embed.FS ([fc55061](https://github.com/filebrowser/filebrowser/commit/fc5506179a64e9e2f57f7b6d6cce4b95f5ebc235))
+
+### [2.12.1](https://github.com/filebrowser/filebrowser/compare/v2.12.0...v2.12.1) (2021-03-07)
+
+
+### Bug Fixes
+
+* add missing default config into the docker image ([7358b3f](https://github.com/filebrowser/filebrowser/commit/7358b3fe3178c20007b4b5ef5c03705badd538c4))
+
+## [2.12.0](https://github.com/filebrowser/filebrowser/compare/v2.11.0...v2.12.0) (2021-03-04)
+
+
+### Features
+
+* add homebrew tap ([2d2c598](https://github.com/filebrowser/filebrowser/commit/2d2c598fa6bd1ecaf39c542182890c8dd9b1cad0))
+* added tiff files preview support ([#1222](https://github.com/filebrowser/filebrowser/issues/1222)) ([e8c9d1c](https://github.com/filebrowser/filebrowser/commit/e8c9d1c53989b4b52f6fba2a8ac41ae612c03a7c))
+* allow disabling file detections by reading header ([#1175](https://github.com/filebrowser/filebrowser/issues/1175)) ([6914063](https://github.com/filebrowser/filebrowser/commit/6914063853a8a3f3cecfa4b21f223820c2a0b7df))
+* allow to password protect shares ([#1252](https://github.com/filebrowser/filebrowser/issues/1252)) ([d8f415f](https://github.com/filebrowser/filebrowser/commit/d8f415f8abd0c4301803bd968c54429dd3fe4b59))
+* build multi-arch docker images ([cf4836d](https://github.com/filebrowser/filebrowser/commit/cf4836dc757ef79ad615179bb7a6c7bbd3b09c2c))
+* share management delete confirm ([#1212](https://github.com/filebrowser/filebrowser/issues/1212)) ([b600b11](https://github.com/filebrowser/filebrowser/commit/b600b11415fd1fb90ff2f5136be95a9c737ae1cb))
+
+
+### Bug Fixes
+
+* don't allow to remove root user ([019ce80](https://github.com/filebrowser/filebrowser/commit/019ce80fc529a0437984fdc3d1ab6916f34dd594))
+* double click to zoom pics in phone's browser ([#1274](https://github.com/filebrowser/filebrowser/issues/1274)) ([f1b7bd5](https://github.com/filebrowser/filebrowser/commit/f1b7bd59f67e719b7bfd203b0d7ec016fd21ab49))
+* environmental variables not expanded in command ([#1241](https://github.com/filebrowser/filebrowser/issues/1241)) ([f3afd5c](https://github.com/filebrowser/filebrowser/commit/f3afd5cb79d6ad8b9cc8d54cb8fc2344b7c07d3d))
+* fetch resource api once when sorting (closes [#1172](https://github.com/filebrowser/filebrowser/issues/1172)) ([#1202](https://github.com/filebrowser/filebrowser/issues/1202)) ([05bb7c8](https://github.com/filebrowser/filebrowser/commit/05bb7c85531349f3e9d1d8a523bb1243587b2ebc))
+
+
+### Build
+
+* use make for building the project ([#1304](https://github.com/filebrowser/filebrowser/issues/1304)) ([23f8464](https://github.com/filebrowser/filebrowser/commit/23f84642e6c1e07f89f98d2c1bb6fc9da36cc71c))
+
+## [2.11.0](https://github.com/filebrowser/filebrowser/compare/v2.10.0...v2.11.0) (2020-12-28)
+
+
+### Features
+
+* add sharing management ([#1178](https://github.com/filebrowser/filebrowser/issues/1178)) (closes [#1000](https://github.com/filebrowser/filebrowser/issues/1000)) ([677bce3](https://github.com/filebrowser/filebrowser/commit/677bce376b024d9ff38f34e74243034fe5a1ec3c))
+* download shared subdirectory ([#1184](https://github.com/filebrowser/filebrowser/issues/1184)) ([fb5b28d](https://github.com/filebrowser/filebrowser/commit/fb5b28d9cbdee10d38fcd719b9fd832121be58ef))
+
+
+### Bug Fixes
+
+* check user input to prevent permission elevation ([#1196](https://github.com/filebrowser/filebrowser/issues/1196)) (closes [#1195](https://github.com/filebrowser/filebrowser/issues/1195)) ([f62806f](https://github.com/filebrowser/filebrowser/commit/f62806f6c9e9c7f392d1b747d65b8fe40b313e89))
+* delete extra remove prefix ([#1186](https://github.com/filebrowser/filebrowser/issues/1186)) ([7a5298a](https://github.com/filebrowser/filebrowser/commit/7a5298a7556f7dcc52f59b8ea76d040d3ddc3d12))
+* move files between different volumes (closes [#1177](https://github.com/filebrowser/filebrowser/issues/1177)) ([58835b7](https://github.com/filebrowser/filebrowser/commit/58835b7e535cc96e1c8a5d85821c1545743ca757))
+* recaptcha race condition ([#1176](https://github.com/filebrowser/filebrowser/issues/1176)) ([ac3673e](https://github.com/filebrowser/filebrowser/commit/ac3673e111afac6616af9650ca07028b6c27e6cd))
+
+## [2.10.0](https://github.com/filebrowser/filebrowser/compare/v2.9.0...v2.10.0) (2020-11-24)
+
+
+### Features
+
+* add hide dotfiles param  ([#1148](https://github.com/filebrowser/filebrowser/issues/1148)) ([10e399b](https://github.com/filebrowser/filebrowser/commit/10e399b3c3dbdcfb4465a9d4138e1da6bae0873d))
+* add single click mode ([#1139](https://github.com/filebrowser/filebrowser/issues/1139)) ([e8b4e9a](https://github.com/filebrowser/filebrowser/commit/e8b4e9af46d6e99dbeb965dd9727d9ed017d52a2))
+* automatically jump to the next photo when deleting while previewing ([#1143](https://github.com/filebrowser/filebrowser/issues/1143)) ([9515cee](https://github.com/filebrowser/filebrowser/commit/9515ceeb42e5ef5267400220a2082dec775e843d))
+* shared folder file listing ([e119bc5](https://github.com/filebrowser/filebrowser/commit/e119bc55ea82cefcbcc0571650107dfd5d73f570))
+* shared item information ([36cacdf](https://github.com/filebrowser/filebrowser/commit/36cacdf598e4e09f064c8ace0ca7a6c24b23028e))
+
+
+### Bug Fixes
+
+* empty folder in archive ([7096b3d](https://github.com/filebrowser/filebrowser/commit/7096b3dab92441981c9964e4a6175af0a255d2be))
+* fix hanging when reading a named pipe file (closes [#1155](https://github.com/filebrowser/filebrowser/issues/1155)) ([586d198](https://github.com/filebrowser/filebrowser/commit/586d198d47b525eeccc6fe587573a3ad83adb4f6))
+* previewer title overflow ([4e48ffc](https://github.com/filebrowser/filebrowser/commit/4e48ffc14d09dabeea12dc495144277db62b5b7d))
+* resource rename action invalid path ([1ce3068](https://github.com/filebrowser/filebrowser/commit/1ce3068a99c80c153fd41359255d173bce6e79e8))
+
+## [2.9.0](https://github.com/filebrowser/filebrowser/compare/v2.8.0...v2.9.0) (2020-10-21)
+
+
+### Features
+
+* support WKWebview custom protocol ([#1113](https://github.com/filebrowser/filebrowser/issues/1113)) ([0ac80e8](https://github.com/filebrowser/filebrowser/commit/0ac80e8387a69924284259bde448af2813d84ed1))
+
+
+### Bug Fixes
+
+* allow start from Windows explorer ([f2c4e78](https://github.com/filebrowser/filebrowser/commit/f2c4e78381610879eda5316d38a999c89df6c14a))
+* file upload missing path slash ([5e27ba5](https://github.com/filebrowser/filebrowser/commit/5e27ba5c8c1be603c6ae7fec8de48e3532dea1f7))
+* preview case sensitive file extension ([05bff54](https://github.com/filebrowser/filebrowser/commit/05bff54b71543fd232f1089c40504d0cbfd106be))
+* search missing path slash ([2bd163d](https://github.com/filebrowser/filebrowser/commit/2bd163d92a856d65c8d4615e37898470c1edf2f4))
+
+## [2.8.0](https://github.com/filebrowser/filebrowser/compare/v2.7.0...v2.8.0) (2020-10-05)
+
+
+### Features
+
+* add disable exec flag ([#1090](https://github.com/filebrowser/filebrowser/issues/1090)) ([97693cc](https://github.com/filebrowser/filebrowser/commit/97693cc6117ce1c956baede91de5dd48b904e175))
+
+
+### Bug Fixes
+
+* empty commands setting ([c6d4fcd](https://github.com/filebrowser/filebrowser/commit/c6d4fcd08f5f1531c2cef514dc86019e23e7289f))
+* file upload path encoding ([babd778](https://github.com/filebrowser/filebrowser/commit/babd7783afe85b790e1c558375d7b5013b2d366f))
+* fix empty command name ([#1106](https://github.com/filebrowser/filebrowser/issues/1106)) ([36fb9f5](https://github.com/filebrowser/filebrowser/commit/36fb9f562a2c005ca4390fdebde0b4690201dff9))
+* fix panic when accessing nonexistent .js file in static path ([#1105](https://github.com/filebrowser/filebrowser/issues/1105)) ([ad99bf1](https://github.com/filebrowser/filebrowser/commit/ad99bf180197e0e6d82231a86457585de16366a8))
+* preview key shortcut conflict ([dd7b9dd](https://github.com/filebrowser/filebrowser/commit/dd7b9ddd8546361060ef99e838a691b2fc6c495a))
+* search results absolute url ([26d62e4](https://github.com/filebrowser/filebrowser/commit/26d62e411716a5eb9a5a703e47484cfb3fbf3bd0))
+
+## [2.7.0](https://github.com/filebrowser/filebrowser/compare/v2.6.2...v2.7.0) (2020-09-11)
+
+
+### Features
+
+* add --socket-perm flag to control unix socket file permissions (closes [#1060](https://github.com/filebrowser/filebrowser/issues/1060)) ([65ac734](https://github.com/filebrowser/filebrowser/commit/65ac73414fadc4686c94803a93ff319e8f7ce9d1))
+* preview mobile dropdown ([7787344](https://github.com/filebrowser/filebrowser/commit/778734419de314d4cb64d07109bbab73f8e2e42a))
+* preview size button ([3d2cb83](https://github.com/filebrowser/filebrowser/commit/3d2cb838d111ee61047599f49e76de80c821f341))
+* put selected files in the root of the archive (closes [#1065](https://github.com/filebrowser/filebrowser/issues/1065)) ([8142b32](https://github.com/filebrowser/filebrowser/commit/8142b32f3865eccd3331328e0d087f805d186ed5))
+
+### [2.6.2](https://github.com/filebrowser/filebrowser/compare/v2.6.1...v2.6.2) (2020-08-05)
+
+### [2.6.1](https://github.com/filebrowser/filebrowser/compare/v2.6.0...v2.6.1) (2020-07-28)
+
+
+### Bug Fixes
+
+* delete cached previews when deleting file ([f5d02cd](https://github.com/filebrowser/filebrowser/commit/f5d02cdde97923b963878abf5a300393b9feb348))
+* escape special characters in preview url (closes [#1002](https://github.com/filebrowser/filebrowser/issues/1002)) ([c9340af](https://github.com/filebrowser/filebrowser/commit/c9340af8d045671ad3338c5d2d887c335ab92de4))
+
+## [2.6.0](https://github.com/filebrowser/filebrowser/compare/v2.5.0...v2.6.0) (2020-07-27)
+
+
+### Features
+
+* add lazy load of image thumbnails ([bc00165](https://github.com/filebrowser/filebrowser/commit/bc001650944ae963b12b5b2538a68de7cd0d8f82))
+* add param to disable img resizing ([aa78e3a](https://github.com/filebrowser/filebrowser/commit/aa78e3ab1fcae6f618e811ba4e315a7a209f9df2))
+* cache resized images ([95bc929](https://github.com/filebrowser/filebrowser/commit/95bc92955f391ece22c40d9592f2a3e6e26907b9))
+* limit image resize workers ([94ef596](https://github.com/filebrowser/filebrowser/commit/94ef59602fb50fc21b1164feda90a3b9aeb5e972))
+
+
+### Bug Fixes
+
+* conflict handling on upload button ([f228fa5](https://github.com/filebrowser/filebrowser/commit/f228fa55408824618e9f0879da67c86d22b0d324))
+* drop feedback ([f2d2c1c](https://github.com/filebrowser/filebrowser/commit/f2d2c1cbf85fba3edffb7b079f121ed3f0bc1e02))
+* missing error message ([d9be370](https://github.com/filebrowser/filebrowser/commit/d9be370e2474b8070fa58db920c9481270cc4a48))
+* parent verification on copy ([727c63b](https://github.com/filebrowser/filebrowser/commit/727c63b98e2964d0960d25914c296570f6c79478))
+* path separator inconsistency on rename ([34dfb49](https://github.com/filebrowser/filebrowser/commit/34dfb49b719c948e709a4639b4af2c5cb73b3887))
+
+## [2.5.0](https://github.com/filebrowser/filebrowser/compare/v2.4.0...v2.5.0) (2020-07-17)
+
+
+### Features
+
+* add previewer title and loading indicator ([716396a](https://github.com/filebrowser/filebrowser/commit/716396a726329f0ba42fc34167dd07497c5bf47c))
+* duplicate files in the same directory ([43526d9](https://github.com/filebrowser/filebrowser/commit/43526d9d1a8c837245e3f5059e0b4737583eeaeb))
+* file copy, move and paste conflict checking ([eed9da1](https://github.com/filebrowser/filebrowser/commit/eed9da1471723ed3fbe6c00b1d6362b1c5fd8b04))
+* rename option on replace prompt ([2636f87](https://github.com/filebrowser/filebrowser/commit/2636f876ab8f88eea6d9548de524ca2339eb0843))
+* upload queue ([6ec6a23](https://github.com/filebrowser/filebrowser/commit/6ec6a2386173410f5cab9941dbf1bacb6b70ddd2))
+
+
+### Bug Fixes
+
+* blinking previewer ([9a2ebba](https://github.com/filebrowser/filebrowser/commit/9a2ebbabe2e9f0c292701d33f36f9b7a457b1164))
+* dark theme colors ([b3b6445](https://github.com/filebrowser/filebrowser/commit/b3b644527d5673e16e61d404ff58a3c7bd6b6637))
+* directory conflict checking ([7e5beef](https://github.com/filebrowser/filebrowser/commit/7e5beeff464e75ab185c430cd96e7cc67209ccc1))
+* prompt before closing window ([194030f](https://github.com/filebrowser/filebrowser/commit/194030fcfcf54a2cf5e2f8ececcbb4754474d8f8))
+* remove incomplete uploaded files ([0727496](https://github.com/filebrowser/filebrowser/commit/0727496601a9918c8131c56f62419bfac7ac589a))
+* reset clipboard after pasting cutted files ([10570ad](https://github.com/filebrowser/filebrowser/commit/10570ade442b573ebe00af08369e28b1b0688df6))
+
+## [2.4.0](https://github.com/filebrowser/filebrowser/compare/v2.3.0...v2.4.0) (2020-07-07)
+
+
+### Features
+
+* full screen editor ([0d665e5](https://github.com/filebrowser/filebrowser/commit/0d665e528f880ceda0976ceed66070ac34de7969))
+
+
+### Bug Fixes
+
+* add preview bypass for .gif files ([#1012](https://github.com/filebrowser/filebrowser/issues/1012)) ([453636d](https://github.com/filebrowser/filebrowser/commit/453636dfe2bbf177c74617862eb763485d4774bf))
+* prompt key shortcut conflict ([0d69fbd](https://github.com/filebrowser/filebrowser/commit/0d69fbd9a342aa2695859021df0c423e3ae4a4fa))
+
+## [2.3.0](https://github.com/filebrowser/filebrowser/compare/v2.2.0...v2.3.0) (2020-06-26)
+
+
+### Features
+
+* add image thumbnails support ([#980](https://github.com/filebrowser/filebrowser/issues/980)) ([6b0d49b](https://github.com/filebrowser/filebrowser/commit/6b0d49b1fc8bdce89576ba91cc0b8ec594fcd625))
+
+
+### Bug Fixes
+
+* typo in image_templates (apline -> alpine) ([#1005](https://github.com/filebrowser/filebrowser/issues/1005)) ([84da110](https://github.com/filebrowser/filebrowser/commit/84da11008516a371fc0446d97863dc14d337aa25))
+
+## [2.2.0](https://github.com/filebrowser/filebrowser/compare/v2.1.2...v2.2.0) (2020-06-22)
+
+
+### Features
+
+* add alpine and debian docker images ([66863b7](https://github.com/filebrowser/filebrowser/commit/66863b72f7664e6cb9417f7da542a92fa77ca635))
+* add folder upload ([#981](https://github.com/filebrowser/filebrowser/issues/981)) ([8977344](https://github.com/filebrowser/filebrowser/commit/89773447a56675b298394149d7a05c5df4039f14)), closes [filebrowser/filebrowser#741](https://github.com/filebrowser/filebrowser/issues/741)
+* add key shortcuts ([95316cb](https://github.com/filebrowser/filebrowser/commit/95316cbe8c8ac3dbb28310bc11ec347c0caf699b))
+* upload progress based on total size ([#993](https://github.com/filebrowser/filebrowser/issues/993)) ([cd454ba](https://github.com/filebrowser/filebrowser/commit/cd454bae51f40b1249e6fa6133c2949970eb3018))
+
+
+### Bug Fixes
+
+* add a workaround to fix window freezing when viewing a large file [#992](https://github.com/filebrowser/filebrowser/issues/992) ([2412016](https://github.com/filebrowser/filebrowser/commit/241201657c2bf01806d02a297eb846b26102a479))
+* apply all fs user rulles ([68f8348](https://github.com/filebrowser/filebrowser/commit/68f8348ddeecba570a361e7aba4546052cc3e356))
+* frontend token validation ([dd40b0d](https://github.com/filebrowser/filebrowser/commit/dd40b0d9b9cc6268a611306ac4684a1af852b79d)), closes [filebrowser/filebrowser#638](https://github.com/filebrowser/filebrowser/issues/638)
+* multiple selection count ([963837e](https://github.com/filebrowser/filebrowser/commit/963837ef1dc6e2e84fcf924606ce388ac30f3891))
+* save event hook ([82c883f](https://github.com/filebrowser/filebrowser/commit/82c883f95eead9eebe215e230f74773c945f864a)), closes [filebrowser/filebrowser#696](https://github.com/filebrowser/filebrowser/issues/696)

Docker.json

@@ -1,10 +0,0 @@
-{
-  "port": 80,
-  "address": "",
-  "database": "/database.db",
-  "scope": "/srv",
-  "allowCommands": true,
-  "allowEdit": true,
-  "allowNew": true,
-  "commands": []
-}

Dockerfile

@@ -1,24 +1,15 @@
-FROM golang:alpine
+FROM alpine:latest
+RUN apk --update add ca-certificates \
+                     mailcap \
+                     curl
 
-COPY . /go/src/github.com/filebrowser/filebrowser
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s \
+  CMD curl -f http://localhost/health || exit 1
 
-WORKDIR /go/src/github.com/filebrowser/filebrowser
-RUN apk add --no-cache git curl && \
-  curl -fsSL -o /usr/local/bin/dep https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64 && \
-  chmod +x /usr/local/bin/dep
-RUN dep ensure -vendor-only
-
-WORKDIR /go/src/github.com/filebrowser/filebrowser/cmd/filebrowser
-RUN CGO_ENABLED=0 go build -a
-RUN mv filebrowser /go/bin/filebrowser
-
-FROM scratch
-COPY --from=0 /go/bin/filebrowser /filebrowser
-
-VOLUME /tmp
 VOLUME /srv
 EXPOSE 80
 
-COPY Docker.json /config.json
+COPY docker_config.json /.filebrowser.json
+COPY filebrowser /filebrowser
 
-ENTRYPOINT ["/filebrowser", "--config", "/config.json"]
+ENTRYPOINT [ "/filebrowser" ]

Dockerfile.s6

@@ -0,0 +1,16 @@
+FROM ghcr.io/linuxserver/baseimage-alpine:3.14
+
+RUN apk --update add ca-certificates \
+                     mailcap \
+                     curl
+
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s \
+  CMD curl -f http://localhost/health || exit 1
+
+# copy local files
+COPY docker/root/ /
+COPY filebrowser /usr/bin/filebrowser
+
+# ports and volumes
+VOLUME /srv /config /database
+EXPOSE 80

Dockerfile.s6.aarch64

@@ -0,0 +1,16 @@
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.14
+
+RUN apk --update add ca-certificates \
+                     mailcap \
+                     curl
+
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s \
+  CMD curl -f http://localhost/health || exit 1
+
+# copy local files
+COPY docker/root/ /
+COPY filebrowser /usr/bin/filebrowser
+
+# ports and volumes
+VOLUME /srv /config /database
+EXPOSE 80

Dockerfile.s6.armhf

@@ -0,0 +1,16 @@
+FROM ghcr.io/linuxserver/baseimage-alpine:arm32v7-3.14
+
+RUN apk --update add ca-certificates \
+                     mailcap \
+                     curl
+
+HEALTHCHECK --start-period=2s --interval=5s --timeout=3s \
+  CMD curl -f http://localhost/health || exit 1
+
+# copy local files
+COPY docker/root/ /
+COPY filebrowser /usr/bin/filebrowser
+
+# ports and volumes
+VOLUME /srv /config /database
+EXPOSE 80

Gopkg.lock

@@ -1,423 +0,0 @@
-# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
-
-
-[[projects]]
-  branch = "master"
-  name = "github.com/BurntSushi/toml"
-  packages = ["."]
-  revision = "a368813c5e648fee92e5f6c30e3944ff9d5e8895"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/GeertJohan/go.rice"
-  packages = [
-    ".",
-    "embedded"
-  ]
-  revision = "c02ca9a983da5807ddf7d796784928f5be4afd09"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/aead/chacha20"
-  packages = [
-    ".",
-    "chacha"
-  ]
-  revision = "c8d29375923a8e1d2a0f0dc0fc1d8a0aba5b97ba"
-
-[[projects]]
-  name = "github.com/asdine/storm"
-  packages = [
-    ".",
-    "codec",
-    "codec/json",
-    "index",
-    "internal",
-    "q"
-  ]
-  revision = "68fc73b635f890fe7ba2f3b15ce80c85b28a744f"
-  version = "v2.0.2"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/bifurcation/mint"
-  packages = [
-    ".",
-    "syntax"
-  ]
-  revision = "340be3ae8c0ff8edce24cf59e7acdb1432bd5ce5"
-
-[[projects]]
-  name = "github.com/chaseadamsio/goorgeous"
-  packages = ["."]
-  revision = "dcf1ef873b8987bf12596fe6951c48347986eb2f"
-  version = "v1.1.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/codahale/aesnicheck"
-  packages = ["."]
-  revision = "349fcc471aaccc29cd074e1275f1a494323826cd"
-
-[[projects]]
-  name = "github.com/coreos/bbolt"
-  packages = ["."]
-  revision = "583e8937c61f1af6513608ccc75c97b6abdf4ff9"
-  version = "v1.3.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/daaku/go.zipexe"
-  packages = ["."]
-  revision = "a5fe2436ffcb3236e175e5149162b41cd28bd27d"
-
-[[projects]]
-  name = "github.com/dgrijalva/jwt-go"
-  packages = [
-    ".",
-    "request"
-  ]
-  revision = "dbeaa9332f19a944acb5736b4456cfcc02140e29"
-  version = "v3.1.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/dsnet/compress"
-  packages = [
-    ".",
-    "bzip2",
-    "bzip2/internal/sais",
-    "internal",
-    "internal/errors",
-    "internal/prefix"
-  ]
-  revision = "cc9eb1d7ad760af14e8f918698f745e80377af4f"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/flynn/go-shlex"
-  packages = ["."]
-  revision = "3f9db97f856818214da2e1057f8ad84803971cff"
-
-[[projects]]
-  name = "github.com/fsnotify/fsnotify"
-  packages = ["."]
-  revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9"
-  version = "v1.4.7"
-
-[[projects]]
-  name = "github.com/gohugoio/hugo"
-  packages = ["parser"]
-  revision = "25e88ccabe9b04c42ffb43528c86743f623fac46"
-  version = "v0.36.1"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/golang/snappy"
-  packages = ["."]
-  revision = "553a641470496b2327abcac10b36396bd98e45c9"
-
-[[projects]]
-  name = "github.com/gorilla/websocket"
-  packages = ["."]
-  revision = "ea4d1f681babbce9545c9c5f3d5194a789c89f5b"
-  version = "v1.2.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/hacdias/fileutils"
-  packages = ["."]
-  revision = "76b1c6ab906773727a1ce2f7fb22830685166f85"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/hacdias/varutils"
-  packages = ["."]
-  revision = "82d3b57f667a756cfc4b1535951b46878881f3e1"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/hashicorp/go-syslog"
-  packages = ["."]
-  revision = "326bf4a7f709d263f964a6a96558676b103f3534"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/hashicorp/golang-lru"
-  packages = [
-    ".",
-    "simplelru"
-  ]
-  revision = "0fb14efe8c47ae851c0034ed7a448854d3d34cf3"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/hashicorp/hcl"
-  packages = [
-    ".",
-    "hcl/ast",
-    "hcl/parser",
-    "hcl/scanner",
-    "hcl/strconv",
-    "hcl/token",
-    "json/parser",
-    "json/scanner",
-    "json/token"
-  ]
-  revision = "23c074d0eceb2b8a5bfdbb271ab780cde70f05a8"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/kardianos/osext"
-  packages = ["."]
-  revision = "ae77be60afb1dcacde03767a8c37337fad28ac14"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/lucas-clemente/aes12"
-  packages = ["."]
-  revision = "cd47fb39b79f867c6e4e5cd39cf7abd799f71670"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/lucas-clemente/fnv128a"
-  packages = ["."]
-  revision = "393af48d391698c6ae4219566bfbdfef67269997"
-
-[[projects]]
-  name = "github.com/lucas-clemente/quic-go"
-  packages = [
-    ".",
-    "h2quic",
-    "internal/ackhandler",
-    "internal/congestion",
-    "internal/crypto",
-    "internal/flowcontrol",
-    "internal/handshake",
-    "internal/protocol",
-    "internal/utils",
-    "internal/wire",
-    "qerr"
-  ]
-  revision = "30851b9a3b4e958490b476fe72adafa67641361a"
-  version = "v0.7.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/lucas-clemente/quic-go-certificates"
-  packages = ["."]
-  revision = "d2f86524cced5186554df90d92529757d22c1cb6"
-
-[[projects]]
-  name = "github.com/magiconair/properties"
-  packages = ["."]
-  revision = "c3beff4c2358b44d0493c7dda585e7db7ff28ae6"
-  version = "v1.7.6"
-
-[[projects]]
-  name = "github.com/mholt/archiver"
-  packages = ["."]
-  revision = "26cf5bb32d07aa4e8d0de15f56ce516f4641d7df"
-
-[[projects]]
-  name = "github.com/mholt/caddy"
-  packages = [
-    ".",
-    "caddyfile",
-    "caddyhttp/httpserver",
-    "caddyhttp/staticfiles",
-    "caddytls"
-  ]
-  revision = "d3f338ddab9ee24b376b5c9c51e202581e2d43ba"
-  version = "v0.10.11"
-
-[[projects]]
-  name = "github.com/miekg/dns"
-  packages = ["."]
-  revision = "5364553f1ee9cddc7ac8b62dce148309c386695b"
-  version = "v1.0.4"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/mitchellh/mapstructure"
-  packages = ["."]
-  revision = "00c29f56e2386353d58c599509e8dc3801b0d716"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/nwaples/rardecode"
-  packages = ["."]
-  revision = "e06696f847aeda6f39a8f0b7cdff193b7690aef6"
-
-[[projects]]
-  name = "github.com/pelletier/go-toml"
-  packages = ["."]
-  revision = "acdc4509485b587f5e675510c4f2c63e90ff68a8"
-  version = "v1.1.0"
-
-[[projects]]
-  name = "github.com/pierrec/lz4"
-  packages = ["."]
-  revision = "2fcda4cb7018ce05a25959d2fe08c83e3329f169"
-  version = "v1.1"
-
-[[projects]]
-  name = "github.com/pierrec/xxHash"
-  packages = ["xxHash32"]
-  revision = "f051bb7f1d1aaf1b5a665d74fb6b0217712c69f7"
-  version = "v0.1.1"
-
-[[projects]]
-  name = "github.com/robfig/cron"
-  packages = ["."]
-  revision = "b024fc5ea0e34bc3f83d9941c8d60b0622bfaca4"
-  version = "v1"
-
-[[projects]]
-  name = "github.com/russross/blackfriday"
-  packages = ["."]
-  revision = "4048872b16cc0fc2c5fd9eacf0ed2c2fedaa0c8c"
-  version = "v1.5"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/shurcooL/sanitized_anchor_name"
-  packages = ["."]
-  revision = "86672fcb3f950f35f2e675df2240550f2a50762f"
-
-[[projects]]
-  name = "github.com/spf13/afero"
-  packages = [
-    ".",
-    "mem"
-  ]
-  revision = "bb8f1927f2a9d3ab41c9340aa034f6b803f4359c"
-  version = "v1.0.2"
-
-[[projects]]
-  name = "github.com/spf13/cast"
-  packages = ["."]
-  revision = "8965335b8c7107321228e3e3702cab9832751bac"
-  version = "v1.2.0"
-
-[[projects]]
-  branch = "master"
-  name = "github.com/spf13/jwalterweatherman"
-  packages = ["."]
-  revision = "7c0cea34c8ece3fbeb2b27ab9b59511d360fb394"
-
-[[projects]]
-  name = "github.com/spf13/pflag"
-  packages = ["."]
-  revision = "e57e3eeb33f795204c1ca35f56c44f83227c6e66"
-  version = "v1.0.0"
-
-[[projects]]
-  name = "github.com/spf13/viper"
-  packages = ["."]
-  revision = "25b30aa063fc18e48662b86996252eabdcf2f0c7"
-  version = "v1.0.0"
-
-[[projects]]
-  name = "github.com/ulikunitz/xz"
-  packages = [
-    ".",
-    "internal/hash",
-    "internal/xlog",
-    "lzma"
-  ]
-  revision = "0c6b41e72360850ca4f98dc341fd999726ea007f"
-  version = "v0.5.4"
-
-[[projects]]
-  name = "github.com/xenolf/lego"
-  packages = ["acme"]
-  revision = "67c86d860a797ce2483f50d9174d4ed24984bef2"
-  version = "v0.4.1"
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/crypto"
-  packages = [
-    "bcrypt",
-    "blowfish",
-    "curve25519",
-    "ed25519",
-    "ed25519/internal/edwards25519",
-    "hkdf",
-    "ocsp"
-  ]
-  revision = "49796115aa4b964c318aad4f3084fdb41e9aa067"
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/net"
-  packages = [
-    "bpf",
-    "http2",
-    "http2/hpack",
-    "idna",
-    "internal/iana",
-    "internal/socket",
-    "ipv4",
-    "ipv6",
-    "lex/httplex",
-    "publicsuffix"
-  ]
-  revision = "cbe0f9307d0156177f9dd5dc85da1a31abc5f2fb"
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/sys"
-  packages = ["unix"]
-  revision = "88d2dcc510266da9f7f8c7f34e1940716cab5f5c"
-
-[[projects]]
-  name = "golang.org/x/text"
-  packages = [
-    "collate",
-    "collate/build",
-    "internal/colltab",
-    "internal/gen",
-    "internal/tag",
-    "internal/triegen",
-    "internal/ucd",
-    "language",
-    "secure/bidirule",
-    "transform",
-    "unicode/bidi",
-    "unicode/cldr",
-    "unicode/norm",
-    "unicode/rangetable"
-  ]
-  revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
-  version = "v0.3.0"
-
-[[projects]]
-  name = "gopkg.in/natefinch/lumberjack.v2"
-  packages = ["."]
-  revision = "a96e63847dc3c67d17befa69c303767e2f84e54f"
-  version = "v2.1"
-
-[[projects]]
-  name = "gopkg.in/square/go-jose.v1"
-  packages = [
-    ".",
-    "cipher",
-    "json"
-  ]
-  revision = "aa2e30fdd1fe9dd3394119af66451ae790d50e0d"
-  version = "v1.1.0"
-
-[[projects]]
-  name = "gopkg.in/yaml.v2"
-  packages = ["."]
-  revision = "7f97868eec74b32b0982dd158a51a446d1da7eb5"
-  version = "v2.1.1"
-
-[solve-meta]
-  analyzer-name = "dep"
-  analyzer-version = 1
-  inputs-digest = "1f68bed4490068370884abaa296aa651c27b3f2e0d0451a1ab567f059d44f820"
-  solver-name = "gps-cdcl"
-  solver-version = 1

Gopkg.toml

@@ -1,70 +0,0 @@
-[[constraint]]
-  branch = "master"
-  name = "github.com/GeertJohan/go.rice"
-
-[[constraint]]
-  name = "github.com/asdine/storm"
-  version = "2.0.2"
-
-[[constraint]]
-  name = "github.com/dgrijalva/jwt-go"
-  version = "3.1.0"
-
-[[constraint]]
-  name = "github.com/gohugoio/hugo"
-  version = "0.36.1"
-
-[[constraint]]
-  name = "github.com/gorilla/websocket"
-  version = "1.2.0"
-
-[[constraint]]
-  branch = "master"
-  name = "github.com/hacdias/fileutils"
-
-[[constraint]]
-  branch = "master"
-  name = "github.com/hacdias/varutils"
-
-[[constraint]]
-  name = "github.com/mholt/archiver"
-# TODO: switch to version when it's available
-# this is for Archiver.Write() which was introduced in 548c791
-  revision = "26cf5bb32d07aa4e8d0de15f56ce516f4641d7df"
-# version = "2.0.0"
-
-[[constraint]]
-  name = "github.com/mholt/caddy"
-  version = "0.10.11"
-
-[[constraint]]
-  branch = "master"
-  name = "github.com/mitchellh/mapstructure"
-
-[[constraint]]
-  name = "github.com/robfig/cron"
-  version = "1.0.0"
-
-[[constraint]]
-  name = "github.com/spf13/pflag"
-  version = "1.0.0"
-
-[[constraint]]
-  name = "github.com/spf13/viper"
-  version = "1.0.0"
-
-[[constraint]]
-  branch = "master"
-  name = "golang.org/x/crypto"
-
-[[constraint]]
-  name = "gopkg.in/natefinch/lumberjack.v2"
-  version = "2.1.0"
-
-[[override]]
-  name = "github.com/russross/blackfriday"
-  version = "^1.0.0"
-
-[prune]
-  go-tests = true
-  unused-packages = true

Makefile

@@ -0,0 +1,68 @@
+include common.mk
+include tools.mk
+
+LDFLAGS += -X "$(MODULE)/version.Version=$(VERSION)" -X "$(MODULE)/version.CommitSHA=$(VERSION_HASH)"
+
+## Build:
+
+.PHONY: build
+build: | build-frontend build-backend ## Build binary
+
+.PHONY: build-frontend
+build-frontend: ## Build frontend
+	$Q cd frontend && npm ci && npm run build
+
+.PHONY: build-backend
+build-backend: ## Build backend
+	$Q $(go) build -ldflags '$(LDFLAGS)' -o .
+
+.PHONY: test
+test: | test-frontend test-backend ## Run all tests
+
+.PHONY: test-frontend
+test-frontend: ## Run frontend tests
+
+.PHONY: test-backend
+test-backend: ## Run backend tests
+	$Q $(go) test -v ./...
+
+.PHONY: lint
+lint: lint-frontend lint-backend lint-commits ## Run all linters
+
+.PHONY: lint-frontend
+lint-frontend: ## Run frontend linters
+	$Q cd frontend && npm ci && npm run lint
+
+.PHONY: lint-backend
+lint-backend: | $(golangci-lint) ## Run backend linters
+	$Q $(golangci-lint) run -v
+
+.PHONY: lint-commits
+lint-commits: $(commitlint) ## Run commit linters
+	$Q ./scripts/commitlint.sh
+
+fmt: $(goimports) ## Format source files
+	$Q $(goimports) -local $(MODULE) -w $$(find . -type f -name '*.go' -not -path "./vendor/*")
+
+clean: clean-tools ## Clean
+
+## Release:
+
+.PHONY: bump-version
+bump-version: $(standard-version) ## Bump app version
+	$Q ./scripts/bump_version.sh
+
+## Help:
+help: ## Show this help
+	@echo ''
+	@echo 'Usage:'
+	@echo '  ${YELLOW}make${RESET} ${GREEN}<target> [options]${RESET}'
+	@echo ''
+	@echo 'Options:'
+	@$(call global_option, "V [0|1]", "enable verbose mode (default:0)")
+	@echo ''
+	@echo 'Targets:'
+	@awk 'BEGIN {FS = ":.*?## "} { \
+		if (/^[a-zA-Z_-]+:.*?##.*$$/) {printf "    ${YELLOW}%-20s${GREEN}%s${RESET}\n", $$1, $$2} \
+		else if (/^## .*$$/) {printf "  ${CYAN}%s${RESET}\n", substr($$1,4)} \
+		}' $(MAKEFILE_LIST)

README.md

@@ -1,79 +1,33 @@
 <p align="center">
-  <img src="logo/banner.png" width="550"/>
+  <img src="https://raw.githubusercontent.com/filebrowser/logo/master/banner.png" width="550"/>
 </p>
 
-![Preview](https://user-images.githubusercontent.com/5447088/28537288-39be4288-70a2-11e7-8ce9-0813d59f46b7.gif)
+![Preview](https://user-images.githubusercontent.com/5447088/50716739-ebd26700-107a-11e9-9817-14230c53efd2.gif)
 
-# filebrowser
-
-[![CircleCI](https://img.shields.io/circleci/project/github/filebrowser/filebrowser.svg?style=flat-square)](https://circleci.com/gh/filebrowser/filebrowser)
+[![Build](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml/badge.svg)](https://github.com/filebrowser/filebrowser/actions/workflows/main.yaml)
 [![Go Report Card](https://goreportcard.com/badge/github.com/filebrowser/filebrowser?style=flat-square)](https://goreportcard.com/report/github.com/filebrowser/filebrowser)
 [![Documentation](https://img.shields.io/badge/godoc-reference-blue.svg?style=flat-square)](http://godoc.org/github.com/filebrowser/filebrowser)
 [![Version](https://img.shields.io/github/release/filebrowser/filebrowser.svg?style=flat-square)](https://github.com/filebrowser/filebrowser/releases/latest)
+[![Chat IRC](https://img.shields.io/badge/freenode-%23filebrowser-blue.svg?style=flat-square)](http://webchat.freenode.net/?channels=%23filebrowser)
 
 filebrowser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit your files. It allows the creation of multiple users and each user can have its own directory. It can be used as a standalone app or as a middleware.
 
-# Table of contents
+## Features
 
-+ [Getting started](#getting-started)
-+ [Features](#features)
-  - [Users](#users)
-  - [Search](#search)
-+ [Contributing](#contributing)
-+ [Donate](#donate)
+Please refer to our docs at [https://filebrowser.org/features](https://filebrowser.org/features)
 
-# Getting started
+## Install
 
-You can find the Getting Started guide on the [documentation](https://filebrowser.github.io/quick-start/).
+For installation instructions please refer to our docs at [https://filebrowser.org/installation](https://filebrowser.org/installation).
 
-# Features
+## Configuration
 
-Easy login system.
+[Authentication Method](https://filebrowser.org/configuration/authentication-method) - You can change the way the user authenticates with the filebrowser server
 
-![Login Page](https://user-images.githubusercontent.com/5447088/42046516-fe702976-7af5-11e8-9d72-c996150b09f5.png)
+[Command Runner](https://filebrowser.org/configuration/command-runner) - The command runner is a feature that enables you to execute any shell command you want before or after a certain event.
 
-Listings of your files, available in two styles: mosaic and list. You can delete, move, rename, upload and create new files, as well as directories. Single files can be downloaded directly, and multiple files as *.zip*, *.tar*, *.tar.gz*, *.tar.bz2* or *.tar.xz*.
+[Custom Branding](https://filebrowser.org/configuration/custom-branding) - You can customize your File Browser installation by change its name to any other you want, by adding a global custom style sheet and by using your own logotype if you want.
 
-![Mosaic Listing](https://user-images.githubusercontent.com/5447088/42046515-fe3f7d58-7af5-11e8-8f87-270947ed755f.png)
+## Contributing
 
-File Browser editor is powered by [Codemirror](https://codemirror.net/) and if you're working with markdown files with metadata, both parts will be separated from each other so you can focus on the content.
-
-![Markdown Editor](https://user-images.githubusercontent.com/5447088/42046519-ff17b81c-7af5-11e8-90f3-184e0ad24b7c.png)
-
-On the settings page, a regular user can set its own custom CSS to personalize the experience and change its password. For admins, they can manage the permissions of each user, set commands which can be executed when certain events are triggered (such as before saving and after saving) and change plugin's settings.
-
-![Settings](https://user-images.githubusercontent.com/5447088/42046517-fea206e4-7af5-11e8-88fe-b88513b43f43.png)
-
-We also allow the users to search in the directories and execute commands if allowed.
-
-## Users
-
-We support multiple users and each user can have its own scope and custom stylesheet. The administrator is able to choose which permissions should be given to the users, as well as the commands they can execute. Each user also have a set of rules, in which he can be prevented or allowed to access some directories (regular expressions included!).
-
-![Users](https://user-images.githubusercontent.com/5447088/42046518-fed14440-7af5-11e8-9a57-f4a611e9598d.png)
-
-## Search
-
-File Browser allows you to search through your files and it has some options. By default, your search will be something like this:
-
-```
-this are keywords
-```
-
-If you search for that it will look at every file that contains "this", "are" or "keywords" on their name. If you want to search for an exact term, you should surround your search by double quotes:
-
-```
-"this is the name"
-```
-
-That will search for any file that contains "this is the name" on its name. It won't search for each separated term this time.
-
-By default, every search will be case sensitive. Although, you can make a case insensitive search by adding `case:insensitive` to the search terms, like this:
-
-```
-this are keywords case:insensitive
-```
-
-# Contributing
-
-The contributing guidelines can be found [here](https://github.com/filebrowser/community).
+If you're interested in contributing to this project, our docs are best places to start [https://filebrowser.org/contributing](https://filebrowser.org/contributing).

SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 2.x     | :white_check_mark: |
+| < 2.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Vulnerabilities should be reported to filebrowser@googlegroups.com - which is a private, maintainer-only group. Maintainers will attempt to respond to/confirm reports within 2-3 days, but if you believe your report to be "critical" to user safety and security, please note as such in the subject. We have tens of thousands of users using our software, and take security vulnerabilities seriously.
+
+When reporting an issue, where possible, please provide at least:
+
+* The commit version the issue was identified at
+* A proof of concept (plaintext; no binaries)
+* Steps to reproduce
+* Your recommended remediation(s), if any.
+
+The FileBrowser team is a volunteer-only effort, and may reach back out for clarification.
+
+> Note: Please do not open public issues for security issues, as GitHub does not provide facility for private issues, and deleting the issue makes it hard to triage/respond back to the reporter.

auth/auth.go

@@ -0,0 +1,15 @@
+package auth
+
+import (
+	"net/http"
+
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// Auther is the authentication interface.
+type Auther interface {
+	// Auth is called to authenticate a request.
+	Auth(r *http.Request, s users.Store, root string) (*users.User, error)
+	// LoginPage indicates if this auther needs a login page.
+	LoginPage() bool
+}

auth/json.go

@@ -0,0 +1,108 @@
+package auth
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// MethodJSONAuth is used to identify json auth.
+const MethodJSONAuth settings.AuthMethod = "json"
+
+type jsonCred struct {
+	Password  string `json:"password"`
+	Username  string `json:"username"`
+	ReCaptcha string `json:"recaptcha"`
+}
+
+// JSONAuth is a json implementation of an Auther.
+type JSONAuth struct {
+	ReCaptcha *ReCaptcha `json:"recaptcha" yaml:"recaptcha"`
+}
+
+// Auth authenticates the user via a json in content body.
+func (a JSONAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
+	var cred jsonCred
+
+	if r.Body == nil {
+		return nil, os.ErrPermission
+	}
+
+	err := json.NewDecoder(r.Body).Decode(&cred)
+	if err != nil {
+		return nil, os.ErrPermission
+	}
+
+	// If ReCaptcha is enabled, check the code.
+	if a.ReCaptcha != nil && len(a.ReCaptcha.Secret) > 0 {
+		ok, err := a.ReCaptcha.Ok(cred.ReCaptcha) //nolint:govet
+
+		if err != nil {
+			return nil, err
+		}
+
+		if !ok {
+			return nil, os.ErrPermission
+		}
+	}
+
+	u, err := sto.Get(root, cred.Username)
+	if err != nil || !users.CheckPwd(cred.Password, u.Password) {
+		return nil, os.ErrPermission
+	}
+
+	return u, nil
+}
+
+// LoginPage tells that json auth doesn't require a login page.
+func (a JSONAuth) LoginPage() bool {
+	return true
+}
+
+const reCaptchaAPI = "/recaptcha/api/siteverify"
+
+// ReCaptcha identifies a recaptcha connection.
+type ReCaptcha struct {
+	Host   string `json:"host"`
+	Key    string `json:"key"`
+	Secret string `json:"secret"`
+}
+
+// Ok checks if a reCaptcha responde is correct.
+func (r *ReCaptcha) Ok(response string) (bool, error) {
+	body := url.Values{}
+	body.Set("secret", r.Secret)
+	body.Add("response", response)
+
+	client := &http.Client{}
+
+	resp, err := client.Post(
+		r.Host+reCaptchaAPI,
+		"application/x-www-form-urlencoded",
+		strings.NewReader(body.Encode()),
+	)
+	if err != nil {
+		return false, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return false, nil
+	}
+
+	var data struct {
+		Success bool `json:"success"`
+	}
+
+	err = json.NewDecoder(resp.Body).Decode(&data)
+	if err != nil {
+		return false, err
+	}
+
+	return data.Success, nil
+}

auth/none.go

@@ -0,0 +1,24 @@
+package auth
+
+import (
+	"net/http"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// MethodNoAuth is used to identify no auth.
+const MethodNoAuth settings.AuthMethod = "noauth"
+
+// NoAuth is no auth implementation of auther.
+type NoAuth struct{}
+
+// Auth uses authenticates user 1.
+func (a NoAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
+	return sto.Get(root, uint(1))
+}
+
+// LoginPage tells that no auth doesn't require a login page.
+func (a NoAuth) LoginPage() bool {
+	return false
+}

auth/proxy.go

@@ -0,0 +1,34 @@
+package auth
+
+import (
+	"net/http"
+	"os"
+
+	"github.com/filebrowser/filebrowser/v2/errors"
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// MethodProxyAuth is used to identify no auth.
+const MethodProxyAuth settings.AuthMethod = "proxy"
+
+// ProxyAuth is a proxy implementation of an auther.
+type ProxyAuth struct {
+	Header string `json:"header"`
+}
+
+// Auth authenticates the user via an HTTP header.
+func (a ProxyAuth) Auth(r *http.Request, sto users.Store, root string) (*users.User, error) {
+	username := r.Header.Get(a.Header)
+	user, err := sto.Get(root, username)
+	if err == errors.ErrNotExist {
+		return nil, os.ErrPermission
+	}
+
+	return user, err
+}
+
+// LoginPage tells that proxy auth doesn't require a login page.
+func (a ProxyAuth) LoginPage() bool {
+	return false
+}

auth/storage.go

@@ -0,0 +1,33 @@
+package auth
+
+import (
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+// StorageBackend is a storage backend for auth storage.
+type StorageBackend interface {
+	Get(settings.AuthMethod) (Auther, error)
+	Save(Auther) error
+}
+
+// Storage is a auth storage.
+type Storage struct {
+	back  StorageBackend
+	users *users.Storage
+}
+
+// NewStorage creates a auth storage from a backend.
+func NewStorage(back StorageBackend, userStore *users.Storage) *Storage {
+	return &Storage{back: back, users: userStore}
+}
+
+// Get wraps a StorageBackend.Get.
+func (s *Storage) Get(t settings.AuthMethod) (Auther, error) {
+	return s.back.Get(t)
+}
+
+// Save wraps a StorageBackend.Save.
+func (s *Storage) Save(a Auther) error {
+	return s.back.Save(a)
+}

bolt/config.go

@@ -1,26 +0,0 @@
-package bolt
-
-import (
-	"github.com/asdine/storm"
-	fb "github.com/filebrowser/filebrowser"
-)
-
-// ConfigStore is a configuration store.
-type ConfigStore struct {
-	DB *storm.DB
-}
-
-// Get gets a configuration from the database to an interface.
-func (c ConfigStore) Get(name string, to interface{}) error {
-	err := c.DB.Get("config", name, to)
-	if err == storm.ErrNotFound {
-		return fb.ErrNotExist
-	}
-
-	return err
-}
-
-// Save saves a configuration from an interface to the database.
-func (c ConfigStore) Save(name string, from interface{}) error {
-	return c.DB.Set("config", name, from)
-}

bolt/share.go

@@ -1,66 +0,0 @@
-package bolt
-
-import (
-	"github.com/asdine/storm"
-	"github.com/asdine/storm/q"
-	fb "github.com/filebrowser/filebrowser"
-)
-
-// ShareStore is a shareable links store.
-type ShareStore struct {
-	DB *storm.DB
-}
-
-// Get gets a Share Link from an hash.
-func (s ShareStore) Get(hash string) (*fb.ShareLink, error) {
-	var v fb.ShareLink
-	err := s.DB.One("Hash", hash, &v)
-	if err == storm.ErrNotFound {
-		return nil, fb.ErrNotExist
-	}
-
-	return &v, err
-}
-
-// GetPermanent gets the permanent link from a path.
-func (s ShareStore) GetPermanent(path string) (*fb.ShareLink, error) {
-	var v fb.ShareLink
-	err := s.DB.Select(q.Eq("Path", path), q.Eq("Expires", false)).First(&v)
-	if err == storm.ErrNotFound {
-		return nil, fb.ErrNotExist
-	}
-
-	return &v, err
-}
-
-// GetByPath gets all the links for a specific path.
-func (s ShareStore) GetByPath(hash string) ([]*fb.ShareLink, error) {
-	var v []*fb.ShareLink
-	err := s.DB.Find("Path", hash, &v)
-	if err == storm.ErrNotFound {
-		return v, fb.ErrNotExist
-	}
-
-	return v, err
-}
-
-// Gets retrieves all the shareable links.
-func (s ShareStore) Gets() ([]*fb.ShareLink, error) {
-	var v []*fb.ShareLink
-	err := s.DB.All(&v)
-	if err == storm.ErrNotFound {
-		return v, fb.ErrNotExist
-	}
-
-	return v, err
-}
-
-// Save stores a Share Link on the database.
-func (s ShareStore) Save(l *fb.ShareLink) error {
-	return s.DB.Save(l)
-}
-
-// Delete deletes a Share Link from the database.
-func (s ShareStore) Delete(hash string) error {
-	return s.DB.DeleteStruct(&fb.ShareLink{Hash: hash})
-}

bolt/users.go

@@ -1,90 +0,0 @@
-package bolt
-
-import (
-	"reflect"
-
-	"github.com/asdine/storm"
-	fm "github.com/filebrowser/filebrowser"
-)
-
-// UsersStore is a users store.
-type UsersStore struct {
-	DB *storm.DB
-}
-
-// Get gets a user with a certain id from the database.
-func (u UsersStore) Get(id int, builder fm.FSBuilder) (*fm.User, error) {
-	var us fm.User
-	err := u.DB.One("ID", id, &us)
-	if err == storm.ErrNotFound {
-		return nil, fm.ErrNotExist
-	}
-
-	if err != nil {
-		return nil, err
-	}
-
-	us.FileSystem = builder(us.Scope)
-	return &us, nil
-}
-
-// GetByUsername gets a user with a certain username from the database.
-func (u UsersStore) GetByUsername(username string, builder fm.FSBuilder) (*fm.User, error) {
-	var us fm.User
-	err := u.DB.One("Username", username, &us)
-	if err == storm.ErrNotFound {
-		return nil, fm.ErrNotExist
-	}
-
-	if err != nil {
-		return nil, err
-	}
-
-	us.FileSystem = builder(us.Scope)
-	return &us, nil
-}
-
-// Gets gets all the users from the database.
-func (u UsersStore) Gets(builder fm.FSBuilder) ([]*fm.User, error) {
-	var us []*fm.User
-	err := u.DB.All(&us)
-	if err == storm.ErrNotFound {
-		return nil, fm.ErrNotExist
-	}
-
-	if err != nil {
-		return us, err
-	}
-
-	for _, user := range us {
-		user.FileSystem = builder(user.Scope)
-	}
-
-	return us, err
-}
-
-// Update updates the whole user object or only certain fields.
-func (u UsersStore) Update(us *fm.User, fields ...string) error {
-	if len(fields) == 0 {
-		return u.Save(us)
-	}
-
-	for _, field := range fields {
-		val := reflect.ValueOf(us).Elem().FieldByName(field).Interface()
-		if err := u.DB.UpdateField(us, field, val); err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-// Save saves a user to the database.
-func (u UsersStore) Save(us *fm.User) error {
-	return u.DB.Save(us)
-}
-
-// Delete deletes a user from the database.
-func (u UsersStore) Delete(id int) error {
-	return u.DB.DeleteStruct(&fm.User{ID: id})
-}

build.sh

@@ -1,14 +0,0 @@
-#!/bin/bash
-set -e
-
-# Install rice tool if not present
-if ! [ -x "$(command -v rice)" ]; then
-  go get github.com/GeertJohan/go.rice/rice
-fi
-
-# Clean the dist folder and build the assets
-rm -rf node_modules
-npm install
-
-# Embed the assets using rice
-rice embed-go

caddy/filemanager/filemanager.go

@@ -1,52 +0,0 @@
-package filemanager
-
-import (
-	"net/http"
-
-	"github.com/filebrowser/filebrowser"
-	"github.com/filebrowser/filebrowser/caddy/parser"
-	h "github.com/filebrowser/filebrowser/http"
-	"github.com/mholt/caddy"
-	"github.com/mholt/caddy/caddyhttp/httpserver"
-)
-
-func init() {
-	caddy.RegisterPlugin("filemanager", caddy.Plugin{
-		ServerType: "http",
-		Action:     setup,
-	})
-}
-
-type plugin struct {
-	Next    httpserver.Handler
-	Configs []*filebrowser.FileBrowser
-}
-
-// ServeHTTP determines if the request is for this plugin, and if all prerequisites are met.
-func (f plugin) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
-	for i := range f.Configs {
-		// Checks if this Path should be handled by File Manager.
-		if !httpserver.Path(r.URL.Path).Matches(f.Configs[i].BaseURL) {
-			continue
-		}
-
-		h.Handler(f.Configs[i]).ServeHTTP(w, r)
-		return 0, nil
-	}
-
-	return f.Next.ServeHTTP(w, r)
-}
-
-// setup configures a new FileManager middleware instance.
-func setup(c *caddy.Controller) error {
-	configs, err := parser.Parse(c, "")
-	if err != nil {
-		return err
-	}
-
-	httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler {
-		return plugin{Configs: configs, Next: next}
-	})
-
-	return nil
-}

caddy/hugo/hugo.go

@@ -1,52 +0,0 @@
-package hugo
-
-import (
-	"net/http"
-
-	"github.com/filebrowser/filebrowser"
-	"github.com/filebrowser/filebrowser/caddy/parser"
-	h "github.com/filebrowser/filebrowser/http"
-	"github.com/mholt/caddy"
-	"github.com/mholt/caddy/caddyhttp/httpserver"
-)
-
-func init() {
-	caddy.RegisterPlugin("hugo", caddy.Plugin{
-		ServerType: "http",
-		Action:     setup,
-	})
-}
-
-type plugin struct {
-	Next    httpserver.Handler
-	Configs []*filebrowser.FileBrowser
-}
-
-// ServeHTTP determines if the request is for this plugin, and if all prerequisites are met.
-func (f plugin) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
-	for i := range f.Configs {
-		// Checks if this Path should be handled by File Manager.
-		if !httpserver.Path(r.URL.Path).Matches(f.Configs[i].BaseURL) {
-			continue
-		}
-
-		h.Handler(f.Configs[i]).ServeHTTP(w, r)
-		return 0, nil
-	}
-
-	return f.Next.ServeHTTP(w, r)
-}
-
-// setup configures a new FileManager middleware instance.
-func setup(c *caddy.Controller) error {
-	configs, err := parser.Parse(c, "hugo")
-	if err != nil {
-		return err
-	}
-
-	httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler {
-		return plugin{Configs: configs, Next: next}
-	})
-
-	return nil
-}

caddy/jekyll/jekyll.go

@@ -1,52 +0,0 @@
-package jekyll
-
-import (
-	"net/http"
-
-	"github.com/filebrowser/filebrowser"
-	"github.com/filebrowser/filebrowser/caddy/parser"
-	h "github.com/filebrowser/filebrowser/http"
-	"github.com/mholt/caddy"
-	"github.com/mholt/caddy/caddyhttp/httpserver"
-)
-
-func init() {
-	caddy.RegisterPlugin("jekyll", caddy.Plugin{
-		ServerType: "http",
-		Action:     setup,
-	})
-}
-
-type plugin struct {
-	Next    httpserver.Handler
-	Configs []*filebrowser.FileBrowser
-}
-
-// ServeHTTP determines if the request is for this plugin, and if all prerequisites are met.
-func (f plugin) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
-	for i := range f.Configs {
-		// Checks if this Path should be handled by File Manager.
-		if !httpserver.Path(r.URL.Path).Matches(f.Configs[i].BaseURL) {
-			continue
-		}
-
-		h.Handler(f.Configs[i]).ServeHTTP(w, r)
-		return 0, nil
-	}
-
-	return f.Next.ServeHTTP(w, r)
-}
-
-// setup configures a new FileManager middleware instance.
-func setup(c *caddy.Controller) error {
-	configs, err := parser.Parse(c, "jekyll")
-	if err != nil {
-		return err
-	}
-
-	httpserver.GetConfig(c).AddMiddleware(func(next httpserver.Handler) httpserver.Handler {
-		return plugin{Configs: configs, Next: next}
-	})
-
-	return nil
-}

caddy/parser/parser.go

@@ -1,312 +0,0 @@
-package parser
-
-import (
-	"crypto/md5"
-	"encoding/hex"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strconv"
-	"strings"
-
-	"github.com/asdine/storm"
-	"github.com/filebrowser/filebrowser"
-	"github.com/filebrowser/filebrowser/bolt"
-	"github.com/filebrowser/filebrowser/staticgen"
-	"github.com/hacdias/fileutils"
-	"github.com/mholt/caddy"
-	"github.com/mholt/caddy/caddyhttp/httpserver"
-)
-
-var databases = map[string]*storm.DB{}
-
-// Parse ...
-func Parse(c *caddy.Controller, plugin string) ([]*filebrowser.FileBrowser, error) {
-	var (
-		configs []*filebrowser.FileBrowser
-		err     error
-	)
-
-	for c.Next() {
-		u := &filebrowser.User{
-			Locale:        "en",
-			AllowCommands: true,
-			AllowEdit:     true,
-			AllowNew:      true,
-			AllowPublish:  true,
-			Commands:      []string{"git", "svn", "hg"},
-			CSS:           "",
-			ViewMode:      "mosaic",
-			Rules: []*filebrowser.Rule{{
-				Regex:  true,
-				Allow:  false,
-				Regexp: &filebrowser.Regexp{Raw: "\\/\\..+"},
-			}},
-		}
-
-		baseURL := "/"
-		scope := "."
-		database := ""
-		noAuth := false
-		alterRecaptcha := false
-		reCaptchaKey := ""
-		reCaptchaSecret := ""
-
-		if plugin != "" {
-			baseURL = "/admin"
-		}
-
-		// Get the baseURL and scope
-		args := c.RemainingArgs()
-
-		if plugin == "" {
-			if len(args) >= 1 {
-				baseURL = args[0]
-			}
-
-			if len(args) > 1 {
-				scope = args[1]
-			}
-		} else {
-			if len(args) >= 1 {
-				scope = args[0]
-			}
-
-			if len(args) > 1 {
-				baseURL = args[1]
-			}
-		}
-
-		for c.NextBlock() {
-			switch c.Val() {
-			case "database":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				database = c.Val()
-			case "locale":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				u.Locale = c.Val()
-			case "allow_commands":
-				if !c.NextArg() {
-					u.AllowCommands = true
-					continue
-				}
-
-				u.AllowCommands, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			case "allow_edit":
-				if !c.NextArg() {
-					u.AllowEdit = true
-					continue
-				}
-
-				u.AllowEdit, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			case "allow_new":
-				if !c.NextArg() {
-					u.AllowNew = true
-					continue
-				}
-
-				u.AllowNew, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			case "allow_publish":
-				if !c.NextArg() {
-					u.AllowPublish = true
-					continue
-				}
-
-				u.AllowPublish, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			case "commands":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				u.Commands = strings.Split(c.Val(), " ")
-			case "css":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				file := c.Val()
-				css, err := ioutil.ReadFile(file)
-				if err != nil {
-					return nil, err
-				}
-
-				u.CSS = string(css)
-			case "view_mode":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				u.ViewMode = c.Val()
-				if u.ViewMode != filebrowser.MosaicViewMode && u.ViewMode != filebrowser.ListViewMode {
-					return nil, c.ArgErr()
-				}
-			case "alternative_recaptcha":
-				if !c.NextArg() {
-					alterRecaptcha = true
-					continue
-				}
-
-				alterRecaptcha, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			case "recaptcha_key":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				reCaptchaKey = c.Val()
-			case "recaptcha_secret":
-				if !c.NextArg() {
-					return nil, c.ArgErr()
-				}
-
-				reCaptchaSecret = c.Val()
-			case "no_auth":
-				if !c.NextArg() {
-					noAuth = true
-					continue
-				}
-
-				noAuth, err = strconv.ParseBool(c.Val())
-				if err != nil {
-					return nil, err
-				}
-			}
-		}
-
-		caddyConf := httpserver.GetConfig(c)
-
-		path := filepath.Join(caddy.AssetsPath(), "filemanager")
-		err := os.MkdirAll(path, 0700)
-		if err != nil {
-			return nil, err
-		}
-
-		// if there is a database path and it is not absolute,
-		// it will be relative to Caddy folder.
-		if !filepath.IsAbs(database) && database != "" {
-			database = filepath.Join(path, database)
-		}
-
-		// If there is no database path on the settings,
-		// store one in .caddy/filemanager/name.db.
-		if database == "" {
-			// The name of the database is the hashed value of a string composed
-			// by the host, address path and the baseurl of this File Manager
-			// instance.
-			hasher := md5.New()
-			hasher.Write([]byte(caddyConf.Addr.Host + caddyConf.Addr.Path + baseURL))
-			sha := hex.EncodeToString(hasher.Sum(nil))
-			database = filepath.Join(path, sha+".db")
-
-			fmt.Println("[WARNING] A database is going to be created for your File Manager instance at " + database +
-				". It is highly recommended that you set the 'database' option to '" + sha + ".db'\n")
-		}
-
-		u.Scope = scope
-		u.FileSystem = fileutils.Dir(scope)
-
-		var db *storm.DB
-		if stored, ok := databases[database]; ok {
-			db = stored
-		} else {
-			db, err = storm.Open(database)
-			databases[database] = db
-		}
-
-		if err != nil {
-			return nil, err
-		}
-
-		recaptchaHost := "https://www.google.com"
-		if alterRecaptcha {
-			recaptchaHost = "https://recaptcha.net"
-		}
-
-		m := &filebrowser.FileBrowser{
-			NoAuth:          noAuth,
-			BaseURL:         "",
-			PrefixURL:       "",
-			ReCaptchaHost:   recaptchaHost,
-			ReCaptchaKey:    reCaptchaKey,
-			ReCaptchaSecret: reCaptchaSecret,
-			DefaultUser:     u,
-			Store: &filebrowser.Store{
-				Config: bolt.ConfigStore{DB: db},
-				Users:  bolt.UsersStore{DB: db},
-				Share:  bolt.ShareStore{DB: db},
-			},
-			NewFS: func(scope string) filebrowser.FileSystem {
-				return fileutils.Dir(scope)
-			},
-		}
-
-		err = m.Setup()
-		if err != nil {
-			return nil, err
-		}
-
-		switch plugin {
-		case "hugo":
-			// Initialize the default settings for Hugo.
-			hugo := &staticgen.Hugo{
-				Root:        scope,
-				Public:      filepath.Join(scope, "public"),
-				Args:        []string{},
-				CleanPublic: true,
-			}
-
-			// Attaches Hugo plugin to this file manager instance.
-			err = m.Attach(hugo)
-			if err != nil {
-				return nil, err
-			}
-		case "jekyll":
-			// Initialize the default settings for Jekyll.
-			jekyll := &staticgen.Jekyll{
-				Root:        scope,
-				Public:      filepath.Join(scope, "_site"),
-				Args:        []string{},
-				CleanPublic: true,
-			}
-
-			// Attaches Hugo plugin to this file manager instance.
-			err = m.Attach(jekyll)
-			if err != nil {
-				return nil, err
-			}
-		}
-
-		if err != nil {
-			return nil, err
-		}
-
-		m.NoAuth = noAuth
-		m.SetBaseURL(baseURL)
-		m.SetPrefixURL(strings.TrimSuffix(caddyConf.Addr.Path, "/"))
-
-		configs = append(configs, m)
-	}
-
-	return configs, nil
-}

cmd/cmd.go

@@ -0,0 +1,12 @@
+package cmd
+
+import (
+	"log"
+)
+
+// Execute executes the commands.
+func Execute() {
+	if err := rootCmd.Execute(); err != nil {
+		log.Fatal(err)
+	}
+}

cmd/cmds.go

@@ -0,0 +1,26 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	rootCmd.AddCommand(cmdsCmd)
+}
+
+var cmdsCmd = &cobra.Command{
+	Use:   "cmds",
+	Short: "Command runner management utility",
+	Long:  `Command runner management utility.`,
+	Args:  cobra.NoArgs,
+}
+
+func printEvents(m map[string][]string) {
+	for evt, cmds := range m {
+		for i, cmd := range cmds {
+			fmt.Printf("%s(%d): %s\n", evt, i, cmd)
+		}
+	}
+}

cmd/cmds_add.go

@@ -0,0 +1,27 @@
+package cmd
+
+import (
+	"strings"
+
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	cmdsCmd.AddCommand(cmdsAddCmd)
+}
+
+var cmdsAddCmd = &cobra.Command{
+	Use:   "add <event> <command>",
+	Short: "Add a command to run on a specific event",
+	Long:  `Add a command to run on a specific event.`,
+	Args:  cobra.MinimumNArgs(2), //nolint:gomnd
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		s, err := d.store.Settings.Get()
+		checkErr(err)
+		command := strings.Join(args[1:], " ")
+		s.Commands[args[0]] = append(s.Commands[args[0]], command)
+		err = d.store.Settings.Save(s)
+		checkErr(err)
+		printEvents(s.Commands)
+	}, pythonConfig{}),
+}

cmd/cmds_ls.go

@@ -0,0 +1,31 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	cmdsCmd.AddCommand(cmdsLsCmd)
+	cmdsLsCmd.Flags().StringP("event", "e", "", "event name, without 'before' or 'after'")
+}
+
+var cmdsLsCmd = &cobra.Command{
+	Use:   "ls",
+	Short: "List all commands for each event",
+	Long:  `List all commands for each event.`,
+	Args:  cobra.NoArgs,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		s, err := d.store.Settings.Get()
+		checkErr(err)
+		evt := mustGetString(cmd.Flags(), "event")
+
+		if evt == "" {
+			printEvents(s.Commands)
+		} else {
+			show := map[string][]string{}
+			show["before_"+evt] = s.Commands["before_"+evt]
+			show["after_"+evt] = s.Commands["after_"+evt]
+			printEvents(show)
+		}
+	}, pythonConfig{}),
+}

cmd/cmds_rm.go

@@ -0,0 +1,56 @@
+package cmd
+
+import (
+	"strconv"
+
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	cmdsCmd.AddCommand(cmdsRmCmd)
+}
+
+var cmdsRmCmd = &cobra.Command{
+	Use:   "rm <event> <index> [index_end]",
+	Short: "Removes a command from an event hooker",
+	Long: `Removes a command from an event hooker. The provided index
+is the same that's printed when you run 'cmds ls'. Note
+that after each removal/addition, the index of the
+commands change. So be careful when removing them after each
+other.
+
+You can also specify an optional parameter (index_end) so
+you can remove all commands from 'index' to 'index_end',
+including 'index_end'.`,
+	Args: func(cmd *cobra.Command, args []string) error {
+		if err := cobra.RangeArgs(2, 3)(cmd, args); err != nil { //nolint:gomnd
+			return err
+		}
+
+		for _, arg := range args[1:] {
+			if _, err := strconv.Atoi(arg); err != nil {
+				return err
+			}
+		}
+
+		return nil
+	},
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		s, err := d.store.Settings.Get()
+		checkErr(err)
+		evt := args[0]
+
+		i, err := strconv.Atoi(args[1])
+		checkErr(err)
+		f := i
+		if len(args) == 3 { //nolint:gomnd
+			f, err = strconv.Atoi(args[2])
+			checkErr(err)
+		}
+
+		s.Commands[evt] = append(s.Commands[evt][:i], s.Commands[evt][f+1:]...)
+		err = d.store.Settings.Save(s)
+		checkErr(err)
+		printEvents(s.Commands)
+	}, pythonConfig{}),
+}

cmd/config.go

@@ -0,0 +1,169 @@
+package cmd
+
+import (
+	"encoding/json"
+	nerrors "errors"
+	"fmt"
+	"os"
+	"strings"
+	"text/tabwriter"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+
+	"github.com/filebrowser/filebrowser/v2/auth"
+	"github.com/filebrowser/filebrowser/v2/errors"
+	"github.com/filebrowser/filebrowser/v2/settings"
+)
+
+func init() {
+	rootCmd.AddCommand(configCmd)
+}
+
+var configCmd = &cobra.Command{
+	Use:   "config",
+	Short: "Configuration management utility",
+	Long:  `Configuration management utility.`,
+	Args:  cobra.NoArgs,
+}
+
+func addConfigFlags(flags *pflag.FlagSet) {
+	addServerFlags(flags)
+	addUserFlags(flags)
+	flags.BoolP("signup", "s", false, "allow users to signup")
+	flags.String("shell", "", "shell command to which other commands should be appended")
+
+	flags.String("auth.method", string(auth.MethodJSONAuth), "authentication type")
+	flags.String("auth.header", "", "HTTP header for auth.method=proxy")
+
+	flags.String("recaptcha.host", "https://www.google.com", "use another host for ReCAPTCHA. recaptcha.net might be useful in China")
+	flags.String("recaptcha.key", "", "ReCaptcha site key")
+	flags.String("recaptcha.secret", "", "ReCaptcha secret")
+
+	flags.String("branding.name", "", "replace 'File Browser' by this name")
+	flags.String("branding.color", "", "set the theme color")
+	flags.String("branding.files", "", "path to directory with images and custom styles")
+	flags.Bool("branding.disableExternal", false, "disable external links such as GitHub links")
+}
+
+//nolint:gocyclo
+func getAuthentication(flags *pflag.FlagSet, defaults ...interface{}) (settings.AuthMethod, auth.Auther) {
+	method := settings.AuthMethod(mustGetString(flags, "auth.method"))
+
+	var defaultAuther map[string]interface{}
+	if len(defaults) > 0 {
+		if hasAuth := defaults[0]; hasAuth != true {
+			for _, arg := range defaults {
+				switch def := arg.(type) {
+				case *settings.Settings:
+					method = def.AuthMethod
+				case auth.Auther:
+					ms, err := json.Marshal(def)
+					checkErr(err)
+					err = json.Unmarshal(ms, &defaultAuther)
+					checkErr(err)
+				}
+			}
+		}
+	}
+
+	var auther auth.Auther
+	if method == auth.MethodProxyAuth {
+		header := mustGetString(flags, "auth.header")
+
+		if header == "" {
+			header = defaultAuther["header"].(string)
+		}
+
+		if header == "" {
+			checkErr(nerrors.New("you must set the flag 'auth.header' for method 'proxy'"))
+		}
+
+		auther = &auth.ProxyAuth{Header: header}
+	}
+
+	if method == auth.MethodNoAuth {
+		auther = &auth.NoAuth{}
+	}
+
+	if method == auth.MethodJSONAuth {
+		jsonAuth := &auth.JSONAuth{}
+		host := mustGetString(flags, "recaptcha.host")
+		key := mustGetString(flags, "recaptcha.key")
+		secret := mustGetString(flags, "recaptcha.secret")
+
+		if key == "" {
+			if kmap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
+				key = kmap["key"].(string)
+			}
+		}
+
+		if secret == "" {
+			if smap, ok := defaultAuther["recaptcha"].(map[string]interface{}); ok {
+				secret = smap["secret"].(string)
+			}
+		}
+
+		if key != "" && secret != "" {
+			jsonAuth.ReCaptcha = &auth.ReCaptcha{
+				Host:   host,
+				Key:    key,
+				Secret: secret,
+			}
+		}
+		auther = jsonAuth
+	}
+
+	if auther == nil {
+		panic(errors.ErrInvalidAuthMethod)
+	}
+
+	return method, auther
+}
+
+func printSettings(ser *settings.Server, set *settings.Settings, auther auth.Auther) {
+	w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0) //nolint:gomnd
+
+	fmt.Fprintf(w, "Sign up:\t%t\n", set.Signup)
+	fmt.Fprintf(w, "Create User Dir:\t%t\n", set.CreateUserDir)
+	fmt.Fprintf(w, "Auth method:\t%s\n", set.AuthMethod)
+	fmt.Fprintf(w, "Shell:\t%s\t\n", strings.Join(set.Shell, " "))
+	fmt.Fprintln(w, "\nBranding:")
+	fmt.Fprintf(w, "\tName:\t%s\n", set.Branding.Name)
+	fmt.Fprintf(w, "\tFiles override:\t%s\n", set.Branding.Files)
+	fmt.Fprintf(w, "\tDisable external links:\t%t\n", set.Branding.DisableExternal)
+	fmt.Fprintf(w, "\tColor:\t%s\n", set.Branding.Color)
+	fmt.Fprintln(w, "\nServer:")
+	fmt.Fprintf(w, "\tLog:\t%s\n", ser.Log)
+	fmt.Fprintf(w, "\tPort:\t%s\n", ser.Port)
+	fmt.Fprintf(w, "\tBase URL:\t%s\n", ser.BaseURL)
+	fmt.Fprintf(w, "\tRoot:\t%s\n", ser.Root)
+	fmt.Fprintf(w, "\tSocket:\t%s\n", ser.Socket)
+	fmt.Fprintf(w, "\tAddress:\t%s\n", ser.Address)
+	fmt.Fprintf(w, "\tTLS Cert:\t%s\n", ser.TLSCert)
+	fmt.Fprintf(w, "\tTLS Key:\t%s\n", ser.TLSKey)
+	fmt.Fprintf(w, "\tExec Enabled:\t%t\n", ser.EnableExec)
+	fmt.Fprintln(w, "\nDefaults:")
+	fmt.Fprintf(w, "\tScope:\t%s\n", set.Defaults.Scope)
+	fmt.Fprintf(w, "\tLocale:\t%s\n", set.Defaults.Locale)
+	fmt.Fprintf(w, "\tView mode:\t%s\n", set.Defaults.ViewMode)
+	fmt.Fprintf(w, "\tSingle Click:\t%t\n", set.Defaults.SingleClick)
+	fmt.Fprintf(w, "\tCommands:\t%s\n", strings.Join(set.Defaults.Commands, " "))
+	fmt.Fprintf(w, "\tSorting:\n")
+	fmt.Fprintf(w, "\t\tBy:\t%s\n", set.Defaults.Sorting.By)
+	fmt.Fprintf(w, "\t\tAsc:\t%t\n", set.Defaults.Sorting.Asc)
+	fmt.Fprintf(w, "\tPermissions:\n")
+	fmt.Fprintf(w, "\t\tAdmin:\t%t\n", set.Defaults.Perm.Admin)
+	fmt.Fprintf(w, "\t\tExecute:\t%t\n", set.Defaults.Perm.Execute)
+	fmt.Fprintf(w, "\t\tCreate:\t%t\n", set.Defaults.Perm.Create)
+	fmt.Fprintf(w, "\t\tRename:\t%t\n", set.Defaults.Perm.Rename)
+	fmt.Fprintf(w, "\t\tModify:\t%t\n", set.Defaults.Perm.Modify)
+	fmt.Fprintf(w, "\t\tDelete:\t%t\n", set.Defaults.Perm.Delete)
+	fmt.Fprintf(w, "\t\tShare:\t%t\n", set.Defaults.Perm.Share)
+	fmt.Fprintf(w, "\t\tDownload:\t%t\n", set.Defaults.Perm.Download)
+	w.Flush()
+
+	b, err := json.MarshalIndent(auther, "", "  ")
+	checkErr(err)
+	fmt.Printf("\nAuther configuration (raw):\n\n%s\n\n", string(b))
+}

cmd/config_cat.go

@@ -0,0 +1,25 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	configCmd.AddCommand(configCatCmd)
+}
+
+var configCatCmd = &cobra.Command{
+	Use:   "cat",
+	Short: "Prints the configuration",
+	Long:  `Prints the configuration.`,
+	Args:  cobra.NoArgs,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		set, err := d.store.Settings.Get()
+		checkErr(err)
+		ser, err := d.store.Settings.GetServer()
+		checkErr(err)
+		auther, err := d.store.Auth.Get(set.AuthMethod)
+		checkErr(err)
+		printSettings(ser, set, auther)
+	}, pythonConfig{}),
+}

cmd/config_export.go

@@ -0,0 +1,37 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	configCmd.AddCommand(configExportCmd)
+}
+
+var configExportCmd = &cobra.Command{
+	Use:   "export <path>",
+	Short: "Export the configuration to a file",
+	Long: `Export the configuration to a file. The path must be for a
+json or yaml file. This exported configuration can be changed,
+and imported again with 'config import' command.`,
+	Args: jsonYamlArg,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		settings, err := d.store.Settings.Get()
+		checkErr(err)
+
+		server, err := d.store.Settings.GetServer()
+		checkErr(err)
+
+		auther, err := d.store.Auth.Get(settings.AuthMethod)
+		checkErr(err)
+
+		data := &settingsFile{
+			Settings: settings,
+			Auther:   auther,
+			Server:   server,
+		}
+
+		err = marshal(args[0], data)
+		checkErr(err)
+	}, pythonConfig{}),
+}

cmd/config_import.go

@@ -0,0 +1,92 @@
+package cmd
+
+import (
+	"encoding/json"
+	"errors"
+	"path/filepath"
+	"reflect"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/auth"
+	"github.com/filebrowser/filebrowser/v2/settings"
+)
+
+func init() {
+	configCmd.AddCommand(configImportCmd)
+}
+
+type settingsFile struct {
+	Settings *settings.Settings `json:"settings"`
+	Server   *settings.Server   `json:"server"`
+	Auther   interface{}        `json:"auther"`
+}
+
+var configImportCmd = &cobra.Command{
+	Use:   "import <path>",
+	Short: "Import a configuration file",
+	Long: `Import a configuration file. This will replace all the existing
+configuration. Can be used with or without unexisting databases.
+
+If used with a nonexisting database, a key will be generated
+automatically. Otherwise the key will be kept the same as in the
+database.
+
+The path must be for a json or yaml file.`,
+	Args: jsonYamlArg,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		var key []byte
+		if d.hadDB {
+			settings, err := d.store.Settings.Get()
+			checkErr(err)
+			key = settings.Key
+		} else {
+			key = generateKey()
+		}
+
+		file := settingsFile{}
+		err := unmarshal(args[0], &file)
+		checkErr(err)
+
+		file.Settings.Key = key
+		err = d.store.Settings.Save(file.Settings)
+		checkErr(err)
+
+		err = d.store.Settings.SaveServer(file.Server)
+		checkErr(err)
+
+		var rawAuther interface{}
+		if filepath.Ext(args[0]) != ".json" { //nolint:goconst
+			rawAuther = cleanUpInterfaceMap(file.Auther.(map[interface{}]interface{}))
+		} else {
+			rawAuther = file.Auther
+		}
+
+		var auther auth.Auther
+		switch file.Settings.AuthMethod {
+		case auth.MethodJSONAuth:
+			auther = getAuther(auth.JSONAuth{}, rawAuther).(*auth.JSONAuth)
+		case auth.MethodNoAuth:
+			auther = getAuther(auth.NoAuth{}, rawAuther).(*auth.NoAuth)
+		case auth.MethodProxyAuth:
+			auther = getAuther(auth.ProxyAuth{}, rawAuther).(*auth.ProxyAuth)
+		default:
+			checkErr(errors.New("invalid auth method"))
+		}
+
+		err = d.store.Auth.Save(auther)
+		checkErr(err)
+
+		printSettings(file.Server, file.Settings, auther)
+	}, pythonConfig{allowNoDB: true}),
+}
+
+func getAuther(sample auth.Auther, data interface{}) interface{} {
+	authType := reflect.TypeOf(sample)
+	auther := reflect.New(authType).Interface()
+	bytes, err := json.Marshal(data)
+	checkErr(err)
+	err = json.Unmarshal(bytes, &auther)
+	checkErr(err)
+	return auther
+}

cmd/config_init.go

@@ -0,0 +1,69 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+)
+
+func init() {
+	configCmd.AddCommand(configInitCmd)
+	addConfigFlags(configInitCmd.Flags())
+}
+
+var configInitCmd = &cobra.Command{
+	Use:   "init",
+	Short: "Initialize a new database",
+	Long: `Initialize a new database to use with File Browser. All of
+this options can be changed in the future with the command
+'filebrowser config set'. The user related flags apply
+to the defaults when creating new users and you don't
+override the options.`,
+	Args: cobra.NoArgs,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		defaults := settings.UserDefaults{}
+		flags := cmd.Flags()
+		getUserDefaults(flags, &defaults, true)
+		authMethod, auther := getAuthentication(flags)
+
+		s := &settings.Settings{
+			Key:        generateKey(),
+			Signup:     mustGetBool(flags, "signup"),
+			Shell:      convertCmdStrToCmdArray(mustGetString(flags, "shell")),
+			AuthMethod: authMethod,
+			Defaults:   defaults,
+			Branding: settings.Branding{
+				Name:            mustGetString(flags, "branding.name"),
+				DisableExternal: mustGetBool(flags, "branding.disableExternal"),
+				Files:           mustGetString(flags, "branding.files"),
+			},
+		}
+
+		ser := &settings.Server{
+			Address: mustGetString(flags, "address"),
+			Socket:  mustGetString(flags, "socket"),
+			Root:    mustGetString(flags, "root"),
+			BaseURL: mustGetString(flags, "baseurl"),
+			TLSKey:  mustGetString(flags, "key"),
+			TLSCert: mustGetString(flags, "cert"),
+			Port:    mustGetString(flags, "port"),
+			Log:     mustGetString(flags, "log"),
+		}
+
+		err := d.store.Settings.Save(s)
+		checkErr(err)
+		err = d.store.Settings.SaveServer(ser)
+		checkErr(err)
+		err = d.store.Auth.Save(auther)
+		checkErr(err)
+
+		fmt.Printf(`
+Congratulations! You've set up your database to use with File Browser.
+Now add your first user via 'filebrowser users add' and then you just
+need to call the main command to boot up the server.
+`)
+		printSettings(ser, s, auther)
+	}, pythonConfig{noDB: true}),
+}

cmd/config_set.go

@@ -0,0 +1,80 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+func init() {
+	configCmd.AddCommand(configSetCmd)
+	addConfigFlags(configSetCmd.Flags())
+}
+
+var configSetCmd = &cobra.Command{
+	Use:   "set",
+	Short: "Updates the configuration",
+	Long: `Updates the configuration. Set the flags for the options
+you want to change. Other options will remain unchanged.`,
+	Args: cobra.NoArgs,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		flags := cmd.Flags()
+		set, err := d.store.Settings.Get()
+		checkErr(err)
+
+		ser, err := d.store.Settings.GetServer()
+		checkErr(err)
+
+		hasAuth := false
+		flags.Visit(func(flag *pflag.Flag) {
+			switch flag.Name {
+			case "baseurl":
+				ser.BaseURL = mustGetString(flags, flag.Name)
+			case "root":
+				ser.Root = mustGetString(flags, flag.Name)
+			case "socket":
+				ser.Socket = mustGetString(flags, flag.Name)
+			case "cert":
+				ser.TLSCert = mustGetString(flags, flag.Name)
+			case "key":
+				ser.TLSKey = mustGetString(flags, flag.Name)
+			case "address":
+				ser.Address = mustGetString(flags, flag.Name)
+			case "port":
+				ser.Port = mustGetString(flags, flag.Name)
+			case "log":
+				ser.Log = mustGetString(flags, flag.Name)
+			case "signup":
+				set.Signup = mustGetBool(flags, flag.Name)
+			case "auth.method":
+				hasAuth = true
+			case "shell":
+				set.Shell = convertCmdStrToCmdArray(mustGetString(flags, flag.Name))
+			case "branding.name":
+				set.Branding.Name = mustGetString(flags, flag.Name)
+			case "branding.color":
+				set.Branding.Color = mustGetString(flags, flag.Name)
+			case "branding.disableExternal":
+				set.Branding.DisableExternal = mustGetBool(flags, flag.Name)
+			case "branding.files":
+				set.Branding.Files = mustGetString(flags, flag.Name)
+			}
+		})
+
+		getUserDefaults(flags, &set.Defaults, false)
+
+		// read the defaults
+		auther, err := d.store.Auth.Get(set.AuthMethod)
+		checkErr(err)
+
+		// check if there are new flags for existing auth method
+		set.AuthMethod, auther = getAuthentication(flags, hasAuth, set, auther)
+
+		err = d.store.Auth.Save(auther)
+		checkErr(err)
+		err = d.store.Settings.Save(set)
+		checkErr(err)
+		err = d.store.Settings.SaveServer(ser)
+		checkErr(err)
+		printSettings(ser, set, auther)
+	}, pythonConfig{}),
+}

cmd/docs.go

@@ -0,0 +1,139 @@
+package cmd
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+func init() {
+	rootCmd.AddCommand(docsCmd)
+	docsCmd.Flags().StringP("path", "p", "./docs", "path to save the docs")
+}
+
+func printToc(names []string) {
+	for i, name := range names {
+		name = strings.TrimSuffix(name, filepath.Ext(name))
+		name = strings.Replace(name, "-", " ", -1)
+		names[i] = name
+	}
+
+	sort.Strings(names)
+
+	toc := ""
+	for _, name := range names {
+		toc += "* [" + name + "](cli/" + strings.Replace(name, " ", "-", -1) + ".md)\n"
+	}
+
+	fmt.Println(toc)
+}
+
+var docsCmd = &cobra.Command{
+	Use:    "docs",
+	Hidden: true,
+	Args:   cobra.NoArgs,
+	Run: func(cmd *cobra.Command, args []string) {
+		dir := mustGetString(cmd.Flags(), "path")
+		generateDocs(rootCmd, dir)
+		names := []string{}
+
+		err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
+			if err != nil || info.IsDir() {
+				return err
+			}
+
+			if !strings.HasPrefix(info.Name(), "filebrowser") {
+				return nil
+			}
+
+			names = append(names, info.Name())
+			return nil
+		})
+
+		checkErr(err)
+		printToc(names)
+	},
+}
+
+func generateDocs(cmd *cobra.Command, dir string) {
+	for _, c := range cmd.Commands() {
+		if !c.IsAvailableCommand() || c.IsAdditionalHelpTopicCommand() {
+			continue
+		}
+
+		generateDocs(c, dir)
+	}
+
+	basename := strings.Replace(cmd.CommandPath(), " ", "-", -1) + ".md"
+	filename := filepath.Join(dir, basename)
+	f, err := os.Create(filename)
+	checkErr(err)
+	defer f.Close()
+	generateMarkdown(cmd, f)
+}
+
+func generateMarkdown(cmd *cobra.Command, w io.Writer) {
+	cmd.InitDefaultHelpCmd()
+	cmd.InitDefaultHelpFlag()
+
+	buf := new(bytes.Buffer)
+	name := cmd.CommandPath()
+
+	short := cmd.Short
+	long := cmd.Long
+	if long == "" {
+		long = short
+	}
+
+	buf.WriteString("---\ndescription: " + short + "\n---\n\n")
+	buf.WriteString("# " + name + "\n\n")
+	buf.WriteString("## Synopsis\n\n")
+	buf.WriteString(long + "\n\n")
+
+	if cmd.Runnable() {
+		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.UseLine()))
+	}
+
+	if len(cmd.Example) > 0 {
+		buf.WriteString("## Examples\n\n")
+		buf.WriteString(fmt.Sprintf("```\n%s\n```\n\n", cmd.Example))
+	}
+
+	printOptions(buf, cmd)
+	_, err := buf.WriteTo(w)
+	checkErr(err)
+}
+
+func generateFlagsTable(fs *pflag.FlagSet, buf io.StringWriter) {
+	_, _ = buf.WriteString("| Name | Shorthand | Usage |\n")
+	_, _ = buf.WriteString("|------|-----------|-------|\n")
+
+	fs.VisitAll(func(f *pflag.Flag) {
+		_, _ = buf.WriteString("|" + f.Name + "|" + f.Shorthand + "|" + f.Usage + "|\n")
+	})
+}
+
+func printOptions(buf *bytes.Buffer, cmd *cobra.Command) {
+	flags := cmd.NonInheritedFlags()
+	flags.SetOutput(buf)
+	if flags.HasAvailableFlags() {
+		buf.WriteString("## Options\n\n")
+		generateFlagsTable(flags, buf)
+		buf.WriteString("\n")
+	}
+
+	parentFlags := cmd.InheritedFlags()
+	parentFlags.SetOutput(buf)
+	if parentFlags.HasAvailableFlags() {
+		buf.WriteString("### Inherited\n\n")
+		generateFlagsTable(parentFlags, buf)
+		buf.WriteString("\n")
+	}
+}

cmd/filebrowser/main.go

@@ -1,259 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"io/ioutil"
-	"log"
-	"net"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/asdine/storm"
-
-	"gopkg.in/natefinch/lumberjack.v2"
-
-	"github.com/filebrowser/filebrowser"
-	"github.com/filebrowser/filebrowser/bolt"
-	h "github.com/filebrowser/filebrowser/http"
-	"github.com/filebrowser/filebrowser/staticgen"
-	"github.com/hacdias/fileutils"
-	flag "github.com/spf13/pflag"
-	"github.com/spf13/viper"
-)
-
-var (
-	addr            string
-	config          string
-	database        string
-	scope           string
-	commands        string
-	logfile         string
-	staticg         string
-	locale          string
-	baseurl         string
-	prefixurl       string
-	viewMode        string
-	recaptchakey    string
-	recaptchasecret string
-	port            int
-	noAuth          bool
-	allowCommands   bool
-	allowEdit       bool
-	allowNew        bool
-	allowPublish    bool
-	showVer         bool
-	alterRecaptcha  bool
-)
-
-func init() {
-	flag.StringVarP(&config, "config", "c", "", "Configuration file")
-	flag.IntVarP(&port, "port", "p", 0, "HTTP Port (default is random)")
-	flag.StringVarP(&addr, "address", "a", "", "Address to listen to (default is all of them)")
-	flag.StringVarP(&database, "database", "d", "./filebrowser.db", "Database file")
-	flag.StringVarP(&logfile, "log", "l", "stdout", "Errors logger; can use 'stdout', 'stderr' or file")
-	flag.StringVarP(&scope, "scope", "s", ".", "Default scope option for new users")
-	flag.StringVarP(&baseurl, "baseurl", "b", "", "Base URL")
-	flag.StringVar(&commands, "commands", "git svn hg", "Default commands option for new users")
-	flag.StringVar(&prefixurl, "prefixurl", "", "Prefix URL")
-	flag.StringVar(&viewMode, "view-mode", "mosaic", "Default view mode for new users")
-	flag.StringVar(&recaptchakey, "recaptcha-key", "", "ReCaptcha site key")
-	flag.StringVar(&recaptchasecret, "recaptcha-secret", "", "ReCaptcha secret")
-	flag.BoolVar(&allowCommands, "allow-commands", true, "Default allow commands option for new users")
-	flag.BoolVar(&allowEdit, "allow-edit", true, "Default allow edit option for new users")
-	flag.BoolVar(&allowPublish, "allow-publish", true, "Default allow publish option for new users")
-	flag.BoolVar(&allowNew, "allow-new", true, "Default allow new option for new users")
-	flag.BoolVar(&noAuth, "no-auth", false, "Disables authentication")
-	flag.BoolVar(&alterRecaptcha, "alternative-recaptcha", false, "Use recaptcha.net for serving and handling, useful in China")
-	flag.StringVar(&locale, "locale", "", "Default locale for new users, set it empty to enable auto detect from browser")
-	flag.StringVar(&staticg, "staticgen", "", "Static Generator you want to enable")
-	flag.BoolVarP(&showVer, "version", "v", false, "Show version")
-}
-
-func setupViper() {
-	viper.SetDefault("Address", "")
-	viper.SetDefault("Port", "0")
-	viper.SetDefault("Database", "./filebrowser.db")
-	viper.SetDefault("Scope", ".")
-	viper.SetDefault("Logger", "stdout")
-	viper.SetDefault("Commands", []string{"git", "svn", "hg"})
-	viper.SetDefault("AllowCommmands", true)
-	viper.SetDefault("AllowEdit", true)
-	viper.SetDefault("AllowNew", true)
-	viper.SetDefault("AllowPublish", true)
-	viper.SetDefault("StaticGen", "")
-	viper.SetDefault("Locale", "")
-	viper.SetDefault("NoAuth", false)
-	viper.SetDefault("BaseURL", "")
-	viper.SetDefault("PrefixURL", "")
-	viper.SetDefault("ViewMode", filebrowser.MosaicViewMode)
-	viper.SetDefault("AlternativeRecaptcha", false)
-	viper.SetDefault("ReCaptchaKey", "")
-	viper.SetDefault("ReCaptchaSecret", "")
-
-	viper.BindPFlag("Port", flag.Lookup("port"))
-	viper.BindPFlag("Address", flag.Lookup("address"))
-	viper.BindPFlag("Database", flag.Lookup("database"))
-	viper.BindPFlag("Scope", flag.Lookup("scope"))
-	viper.BindPFlag("Logger", flag.Lookup("log"))
-	viper.BindPFlag("Commands", flag.Lookup("commands"))
-	viper.BindPFlag("AllowCommands", flag.Lookup("allow-commands"))
-	viper.BindPFlag("AllowEdit", flag.Lookup("allow-edit"))
-	viper.BindPFlag("AllowNew", flag.Lookup("allow-new"))
-	viper.BindPFlag("AllowPublish", flag.Lookup("allow-publish"))
-	viper.BindPFlag("Locale", flag.Lookup("locale"))
-	viper.BindPFlag("StaticGen", flag.Lookup("staticgen"))
-	viper.BindPFlag("NoAuth", flag.Lookup("no-auth"))
-	viper.BindPFlag("BaseURL", flag.Lookup("baseurl"))
-	viper.BindPFlag("PrefixURL", flag.Lookup("prefixurl"))
-	viper.BindPFlag("ViewMode", flag.Lookup("view-mode"))
-	viper.BindPFlag("AlternativeRecaptcha", flag.Lookup("alternative-recaptcha"))
-	viper.BindPFlag("ReCaptchaKey", flag.Lookup("recaptcha-key"))
-	viper.BindPFlag("ReCaptchaSecret", flag.Lookup("recaptcha-secret"))
-
-	viper.SetConfigName("filebrowser")
-	viper.AddConfigPath(".")
-}
-
-func printVersion() {
-	fmt.Println("filebrowser version", filebrowser.Version)
-	os.Exit(0)
-}
-
-func main() {
-	setupViper()
-	flag.Parse()
-
-	if showVer {
-		printVersion()
-	}
-
-	// Add a configuration file if set.
-	if config != "" {
-		ext := filepath.Ext(config)
-		dir := filepath.Dir(config)
-		config = strings.TrimSuffix(config, ext)
-
-		if dir != "" {
-			viper.AddConfigPath(dir)
-			config = strings.TrimPrefix(config, dir)
-		}
-
-		viper.SetConfigName(config)
-	}
-
-	// Read configuration from a file if exists.
-	err := viper.ReadInConfig()
-	if err != nil {
-		if _, ok := err.(viper.ConfigParseError); ok {
-			panic(err)
-		}
-	}
-
-	// Set up process log before anything bad happens.
-	switch viper.GetString("Logger") {
-	case "stdout":
-		log.SetOutput(os.Stdout)
-	case "stderr":
-		log.SetOutput(os.Stderr)
-	case "":
-		log.SetOutput(ioutil.Discard)
-	default:
-		log.SetOutput(&lumberjack.Logger{
-			Filename:   logfile,
-			MaxSize:    100,
-			MaxAge:     14,
-			MaxBackups: 10,
-		})
-	}
-
-	// Builds the address and a listener.
-	laddr := viper.GetString("Address") + ":" + viper.GetString("Port")
-	listener, err := net.Listen("tcp", laddr)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	// Tell the user the port in which is listening.
-	fmt.Println("Listening on", listener.Addr().String())
-
-	// Starts the server.
-	if err := http.Serve(listener, handler()); err != nil {
-		log.Fatal(err)
-	}
-}
-
-func handler() http.Handler {
-	db, err := storm.Open(viper.GetString("Database"))
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	recaptchaHost := "https://www.google.com"
-	if viper.GetBool("AlternativeRecaptcha") {
-		recaptchaHost = "https://recaptcha.net"
-	}
-
-	fm := &filebrowser.FileBrowser{
-		NoAuth:          viper.GetBool("NoAuth"),
-		BaseURL:         viper.GetString("BaseURL"),
-		PrefixURL:       viper.GetString("PrefixURL"),
-		ReCaptchaHost:   recaptchaHost,
-		ReCaptchaKey:    viper.GetString("ReCaptchaKey"),
-		ReCaptchaSecret: viper.GetString("ReCaptchaSecret"),
-		DefaultUser: &filebrowser.User{
-			AllowCommands: viper.GetBool("AllowCommands"),
-			AllowEdit:     viper.GetBool("AllowEdit"),
-			AllowNew:      viper.GetBool("AllowNew"),
-			AllowPublish:  viper.GetBool("AllowPublish"),
-			Commands:      viper.GetStringSlice("Commands"),
-			Rules:         []*filebrowser.Rule{},
-			Locale:        viper.GetString("Locale"),
-			CSS:           "",
-			Scope:         viper.GetString("Scope"),
-			FileSystem:    fileutils.Dir(viper.GetString("Scope")),
-			ViewMode:      viper.GetString("ViewMode"),
-		},
-		Store: &filebrowser.Store{
-			Config: bolt.ConfigStore{DB: db},
-			Users:  bolt.UsersStore{DB: db},
-			Share:  bolt.ShareStore{DB: db},
-		},
-		NewFS: func(scope string) filebrowser.FileSystem {
-			return fileutils.Dir(scope)
-		},
-	}
-
-	err = fm.Setup()
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	switch viper.GetString("StaticGen") {
-	case "hugo":
-		hugo := &staticgen.Hugo{
-			Root:        viper.GetString("Scope"),
-			Public:      filepath.Join(viper.GetString("Scope"), "public"),
-			Args:        []string{},
-			CleanPublic: true,
-		}
-
-		if err = fm.Attach(hugo); err != nil {
-			log.Fatal(err)
-		}
-	case "jekyll":
-		jekyll := &staticgen.Jekyll{
-			Root:        viper.GetString("Scope"),
-			Public:      filepath.Join(viper.GetString("Scope"), "_site"),
-			Args:        []string{"build"},
-			CleanPublic: true,
-		}
-
-		if err = fm.Attach(jekyll); err != nil {
-			log.Fatal(err)
-		}
-	}
-
-	return h.Handler(fm)
-}

cmd/hash.go

@@ -0,0 +1,25 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	rootCmd.AddCommand(hashCmd)
+}
+
+var hashCmd = &cobra.Command{
+	Use:   "hash <password>",
+	Short: "Hashes a password",
+	Long:  `Hashes a password using bcrypt algorithm.`,
+	Args:  cobra.ExactArgs(1),
+	Run: func(cmd *cobra.Command, args []string) {
+		pwd, err := users.HashPwd(args[0])
+		checkErr(err)
+		fmt.Println(pwd)
+	},
+}

cmd/root.go

@@ -0,0 +1,410 @@
+package cmd
+
+import (
+	"crypto/tls"
+	"errors"
+	"io"
+	"io/fs"
+	"log"
+	"net"
+	"net/http"
+	"os"
+	"os/signal"
+	"path/filepath"
+	"strings"
+	"syscall"
+
+	homedir "github.com/mitchellh/go-homedir"
+	"github.com/spf13/afero"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+	v "github.com/spf13/viper"
+	lumberjack "gopkg.in/natefinch/lumberjack.v2"
+
+	"github.com/filebrowser/filebrowser/v2/auth"
+	"github.com/filebrowser/filebrowser/v2/diskcache"
+	"github.com/filebrowser/filebrowser/v2/frontend"
+	fbhttp "github.com/filebrowser/filebrowser/v2/http"
+	"github.com/filebrowser/filebrowser/v2/img"
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/storage"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+var (
+	cfgFile string
+)
+
+func init() {
+	cobra.OnInitialize(initConfig)
+	cobra.MousetrapHelpText = ""
+
+	rootCmd.SetVersionTemplate("File Browser version {{printf \"%s\" .Version}}\n")
+
+	flags := rootCmd.Flags()
+	persistent := rootCmd.PersistentFlags()
+
+	persistent.StringVarP(&cfgFile, "config", "c", "", "config file path")
+	persistent.StringP("database", "d", "./filebrowser.db", "database path")
+	flags.Bool("noauth", false, "use the noauth auther when using quick setup")
+	flags.String("username", "admin", "username for the first user when using quick config")
+	flags.String("password", "", "hashed password for the first user when using quick config (default \"admin\")")
+
+	addServerFlags(flags)
+}
+
+func addServerFlags(flags *pflag.FlagSet) {
+	flags.StringP("address", "a", "127.0.0.1", "address to listen on")
+	flags.StringP("log", "l", "stdout", "log output")
+	flags.StringP("port", "p", "8080", "port to listen on")
+	flags.StringP("cert", "t", "", "tls certificate")
+	flags.StringP("key", "k", "", "tls key")
+	flags.StringP("root", "r", ".", "root to prepend to relative paths")
+	flags.String("socket", "", "socket to listen to (cannot be used with address, port, cert nor key flags)")
+	flags.Uint32("socket-perm", 0666, "unix socket file permissions") //nolint:gomnd
+	flags.StringP("baseurl", "b", "", "base url")
+	flags.String("cache-dir", "", "file cache directory (disabled if empty)")
+	flags.Int("img-processors", 4, "image processors count") //nolint:gomnd
+	flags.Bool("disable-thumbnails", false, "disable image thumbnails")
+	flags.Bool("disable-preview-resize", false, "disable resize of image previews")
+	flags.Bool("disable-exec", false, "disables Command Runner feature")
+	flags.Bool("disable-type-detection-by-header", false, "disables type detection by reading file headers")
+}
+
+var rootCmd = &cobra.Command{
+	Use:   "filebrowser",
+	Short: "A stylish web-based file browser",
+	Long: `File Browser CLI lets you create the database to use with File Browser,
+manage your users and all the configurations without acessing the
+web interface.
+
+If you've never run File Browser, you'll need to have a database for
+it. Don't worry: you don't need to setup a separate database server.
+We're using Bolt DB which is a single file database and all managed
+by ourselves.
+
+For this specific command, all the flags you have available (except
+"config" for the configuration file), can be given either through
+environment variables or configuration files.
+
+If you don't set "config", it will look for a configuration file called
+.filebrowser.{json, toml, yaml, yml} in the following directories:
+
+- ./
+- $HOME/
+- /etc/filebrowser/
+
+The precedence of the configuration values are as follows:
+
+- flags
+- environment variables
+- configuration file
+- database values
+- defaults
+
+The environment variables are prefixed by "FB_" followed by the option
+name in caps. So to set "database" via an env variable, you should
+set FB_DATABASE.
+
+Also, if the database path doesn't exist, File Browser will enter into
+the quick setup mode and a new database will be bootstraped and a new
+user created with the credentials from options "username" and "password".`,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		log.Println(cfgFile)
+
+		if !d.hadDB {
+			quickSetup(cmd.Flags(), d)
+		}
+
+		// build img service
+		workersCount, err := cmd.Flags().GetInt("img-processors")
+		checkErr(err)
+		if workersCount < 1 {
+			log.Fatal("Image resize workers count could not be < 1")
+		}
+		imgSvc := img.New(workersCount)
+
+		var fileCache diskcache.Interface = diskcache.NewNoOp()
+		cacheDir, err := cmd.Flags().GetString("cache-dir")
+		checkErr(err)
+		if cacheDir != "" {
+			if err := os.MkdirAll(cacheDir, 0700); err != nil { //nolint:govet,gomnd
+				log.Fatalf("can't make directory %s: %s", cacheDir, err)
+			}
+			fileCache = diskcache.New(afero.NewOsFs(), cacheDir)
+		}
+
+		server := getRunParams(cmd.Flags(), d.store)
+		setupLog(server.Log)
+
+		root, err := filepath.Abs(server.Root)
+		checkErr(err)
+		server.Root = root
+
+		adr := server.Address + ":" + server.Port
+
+		var listener net.Listener
+
+		switch {
+		case server.Socket != "":
+			listener, err = net.Listen("unix", server.Socket)
+			checkErr(err)
+			socketPerm, err := cmd.Flags().GetUint32("socket-perm") //nolint:govet
+			checkErr(err)
+			err = os.Chmod(server.Socket, os.FileMode(socketPerm))
+			checkErr(err)
+		case server.TLSKey != "" && server.TLSCert != "":
+			cer, err := tls.LoadX509KeyPair(server.TLSCert, server.TLSKey) //nolint:govet
+			checkErr(err)
+			listener, err = tls.Listen("tcp", adr, &tls.Config{
+				MinVersion:   tls.VersionTLS12,
+				Certificates: []tls.Certificate{cer}},
+			)
+			checkErr(err)
+		default:
+			listener, err = net.Listen("tcp", adr)
+			checkErr(err)
+		}
+
+		sigc := make(chan os.Signal, 1)
+		signal.Notify(sigc, os.Interrupt, syscall.SIGTERM)
+		go cleanupHandler(listener, sigc)
+
+		assetsFs, err := fs.Sub(frontend.Assets(), "dist")
+		if err != nil {
+			panic(err)
+		}
+
+		handler, err := fbhttp.NewHandler(imgSvc, fileCache, d.store, server, assetsFs)
+		checkErr(err)
+
+		defer listener.Close()
+
+		log.Println("Listening on", listener.Addr().String())
+		if err := http.Serve(listener, handler); err != nil {
+			log.Fatal(err)
+		}
+	}, pythonConfig{allowNoDB: true}),
+}
+
+func cleanupHandler(listener net.Listener, c chan os.Signal) { //nolint:interfacer
+	sig := <-c
+	log.Printf("Caught signal %s: shutting down.", sig)
+	listener.Close()
+	os.Exit(0)
+}
+
+//nolint:gocyclo
+func getRunParams(flags *pflag.FlagSet, st *storage.Storage) *settings.Server {
+	server, err := st.Settings.GetServer()
+	checkErr(err)
+
+	if val, set := getParamB(flags, "root"); set {
+		server.Root = val
+	}
+
+	if val, set := getParamB(flags, "baseurl"); set {
+		server.BaseURL = val
+	}
+
+	if val, set := getParamB(flags, "log"); set {
+		server.Log = val
+	}
+
+	isSocketSet := false
+	isAddrSet := false
+
+	if val, set := getParamB(flags, "address"); set {
+		server.Address = val
+		isAddrSet = isAddrSet || set
+	}
+
+	if val, set := getParamB(flags, "port"); set {
+		server.Port = val
+		isAddrSet = isAddrSet || set
+	}
+
+	if val, set := getParamB(flags, "key"); set {
+		server.TLSKey = val
+		isAddrSet = isAddrSet || set
+	}
+
+	if val, set := getParamB(flags, "cert"); set {
+		server.TLSCert = val
+		isAddrSet = isAddrSet || set
+	}
+
+	if val, set := getParamB(flags, "socket"); set {
+		server.Socket = val
+		isSocketSet = isSocketSet || set
+	}
+
+	if isAddrSet && isSocketSet {
+		checkErr(errors.New("--socket flag cannot be used with --address, --port, --key nor --cert"))
+	}
+
+	// Do not use saved Socket if address was manually set.
+	if isAddrSet && server.Socket != "" {
+		server.Socket = ""
+	}
+
+	_, disableThumbnails := getParamB(flags, "disable-thumbnails")
+	server.EnableThumbnails = !disableThumbnails
+
+	_, disablePreviewResize := getParamB(flags, "disable-preview-resize")
+	server.ResizePreview = !disablePreviewResize
+
+	_, disableTypeDetectionByHeader := getParamB(flags, "disable-type-detection-by-header")
+	server.TypeDetectionByHeader = !disableTypeDetectionByHeader
+
+	_, disableExec := getParamB(flags, "disable-exec")
+	server.EnableExec = !disableExec
+
+	return server
+}
+
+// getParamB returns a parameter as a string and a boolean to tell if it is different from the default
+//
+// NOTE: we could simply bind the flags to viper and use IsSet.
+// Although there is a bug on Viper that always returns true on IsSet
+// if a flag is binded. Our alternative way is to manually check
+// the flag and then the value from env/config/gotten by viper.
+// https://github.com/spf13/viper/pull/331
+func getParamB(flags *pflag.FlagSet, key string) (string, bool) {
+	value, _ := flags.GetString(key)
+
+	// If set on Flags, use it.
+	if flags.Changed(key) {
+		return value, true
+	}
+
+	// If set through viper (env, config), return it.
+	if v.IsSet(key) {
+		return v.GetString(key), true
+	}
+
+	// Otherwise use default value on flags.
+	return value, false
+}
+
+func getParam(flags *pflag.FlagSet, key string) string {
+	val, _ := getParamB(flags, key)
+	return val
+}
+
+func setupLog(logMethod string) {
+	switch logMethod {
+	case "stdout":
+		log.SetOutput(os.Stdout)
+	case "stderr":
+		log.SetOutput(os.Stderr)
+	case "":
+		log.SetOutput(io.Discard)
+	default:
+		log.SetOutput(&lumberjack.Logger{
+			Filename:   logMethod,
+			MaxSize:    100,
+			MaxAge:     14,
+			MaxBackups: 10,
+		})
+	}
+}
+
+func quickSetup(flags *pflag.FlagSet, d pythonData) {
+	set := &settings.Settings{
+		Key:           generateKey(),
+		Signup:        false,
+		CreateUserDir: false,
+		Defaults: settings.UserDefaults{
+			Scope:       ".",
+			Locale:      "en",
+			SingleClick: false,
+			Perm: users.Permissions{
+				Admin:    false,
+				Execute:  true,
+				Create:   true,
+				Rename:   true,
+				Modify:   true,
+				Delete:   true,
+				Share:    true,
+				Download: true,
+			},
+		},
+	}
+
+	var err error
+	if _, noauth := getParamB(flags, "noauth"); noauth {
+		set.AuthMethod = auth.MethodNoAuth
+		err = d.store.Auth.Save(&auth.NoAuth{})
+	} else {
+		set.AuthMethod = auth.MethodJSONAuth
+		err = d.store.Auth.Save(&auth.JSONAuth{})
+	}
+
+	checkErr(err)
+	err = d.store.Settings.Save(set)
+	checkErr(err)
+
+	ser := &settings.Server{
+		BaseURL: getParam(flags, "baseurl"),
+		Port:    getParam(flags, "port"),
+		Log:     getParam(flags, "log"),
+		TLSKey:  getParam(flags, "key"),
+		TLSCert: getParam(flags, "cert"),
+		Address: getParam(flags, "address"),
+		Root:    getParam(flags, "root"),
+	}
+
+	err = d.store.Settings.SaveServer(ser)
+	checkErr(err)
+
+	username := getParam(flags, "username")
+	password := getParam(flags, "password")
+
+	if password == "" {
+		password, err = users.HashPwd("admin")
+		checkErr(err)
+	}
+
+	if username == "" || password == "" {
+		log.Fatal("username and password cannot be empty during quick setup")
+	}
+
+	user := &users.User{
+		Username:     username,
+		Password:     password,
+		LockPassword: false,
+	}
+
+	set.Defaults.Apply(user)
+	user.Perm.Admin = true
+
+	err = d.store.Users.Save(user)
+	checkErr(err)
+}
+
+func initConfig() {
+	if cfgFile == "" {
+		home, err := homedir.Dir()
+		checkErr(err)
+		v.AddConfigPath(".")
+		v.AddConfigPath(home)
+		v.AddConfigPath("/etc/filebrowser/")
+		v.SetConfigName(".filebrowser")
+	} else {
+		v.SetConfigFile(cfgFile)
+	}
+
+	v.SetEnvPrefix("FB")
+	v.AutomaticEnv()
+	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
+
+	if err := v.ReadInConfig(); err != nil {
+		if _, ok := err.(v.ConfigParseError); ok {
+			panic(err)
+		}
+		cfgFile = "No config file used"
+	} else {
+		cfgFile = "Using config file: " + v.ConfigFileUsed()
+	}
+}

cmd/rule_rm.go

@@ -0,0 +1,66 @@
+package cmd
+
+import (
+	"strconv"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	rulesCmd.AddCommand(rulesRmCommand)
+	rulesRmCommand.Flags().Uint("index", 0, "index of rule to remove")
+	_ = rulesRmCommand.MarkFlagRequired("index")
+}
+
+var rulesRmCommand = &cobra.Command{
+	Use:   "rm <index> [index_end]",
+	Short: "Remove a global rule or user rule",
+	Long: `Remove a global rule or user rule. The provided index
+is the same that's printed when you run 'rules ls'. Note
+that after each removal/addition, the index of the
+commands change. So be careful when removing them after each
+other.
+
+You can also specify an optional parameter (index_end) so
+you can remove all commands from 'index' to 'index_end',
+including 'index_end'.`,
+	Args: func(cmd *cobra.Command, args []string) error {
+		if err := cobra.RangeArgs(1, 2)(cmd, args); err != nil { //nolint:gomnd
+			return err
+		}
+
+		for _, arg := range args {
+			if _, err := strconv.Atoi(arg); err != nil {
+				return err
+			}
+		}
+
+		return nil
+	},
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		i, err := strconv.Atoi(args[0])
+		checkErr(err)
+		f := i
+		if len(args) == 2 { //nolint:gomnd
+			f, err = strconv.Atoi(args[1])
+			checkErr(err)
+		}
+
+		user := func(u *users.User) {
+			u.Rules = append(u.Rules[:i], u.Rules[f+1:]...)
+			err := d.store.Users.Save(u)
+			checkErr(err)
+		}
+
+		global := func(s *settings.Settings) {
+			s.Rules = append(s.Rules[:i], s.Rules[f+1:]...)
+			err := d.store.Settings.Save(s)
+			checkErr(err)
+		}
+
+		runRules(d.store, cmd, user, global)
+	}, pythonConfig{}),
+}

cmd/rules.go

@@ -0,0 +1,92 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+
+	"github.com/filebrowser/filebrowser/v2/rules"
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/storage"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	rootCmd.AddCommand(rulesCmd)
+	rulesCmd.PersistentFlags().StringP("username", "u", "", "username of user to which the rules apply")
+	rulesCmd.PersistentFlags().UintP("id", "i", 0, "id of user to which the rules apply")
+}
+
+var rulesCmd = &cobra.Command{
+	Use:   "rules",
+	Short: "Rules management utility",
+	Long: `On each subcommand you'll have available at least two flags:
+"username" and "id". You must either set only one of them
+or none. If you set one of them, the command will apply to
+an user, otherwise it will be applied to the global set or
+rules.`,
+	Args: cobra.NoArgs,
+}
+
+func runRules(st *storage.Storage, cmd *cobra.Command, usersFn func(*users.User), globalFn func(*settings.Settings)) {
+	id := getUserIdentifier(cmd.Flags())
+	if id != nil {
+		user, err := st.Users.Get("", id)
+		checkErr(err)
+
+		if usersFn != nil {
+			usersFn(user)
+		}
+
+		printRules(user.Rules, id)
+		return
+	}
+
+	s, err := st.Settings.Get()
+	checkErr(err)
+
+	if globalFn != nil {
+		globalFn(s)
+	}
+
+	printRules(s.Rules, id)
+}
+
+func getUserIdentifier(flags *pflag.FlagSet) interface{} {
+	id := mustGetUint(flags, "id")
+	username := mustGetString(flags, "username")
+
+	if id != 0 {
+		return id
+	} else if username != "" {
+		return username
+	}
+
+	return nil
+}
+
+func printRules(rulez []rules.Rule, id interface{}) {
+	if id == nil {
+		fmt.Printf("Global Rules:\n\n")
+	} else {
+		fmt.Printf("Rules for user %v:\n\n", id)
+	}
+
+	for id, rule := range rulez {
+		fmt.Printf("(%d) ", id)
+		if rule.Regex {
+			if rule.Allow {
+				fmt.Printf("Allow Regex: \t%s\n", rule.Regexp.Raw)
+			} else {
+				fmt.Printf("Disallow Regex: \t%s\n", rule.Regexp.Raw)
+			}
+		} else {
+			if rule.Allow {
+				fmt.Printf("Allow Path: \t%s\n", rule.Path)
+			} else {
+				fmt.Printf("Disallow Path: \t%s\n", rule.Path)
+			}
+		}
+	}
+}

cmd/rules_add.go

@@ -0,0 +1,58 @@
+package cmd
+
+import (
+	"regexp"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/rules"
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	rulesCmd.AddCommand(rulesAddCmd)
+	rulesAddCmd.Flags().BoolP("allow", "a", false, "indicates this is an allow rule")
+	rulesAddCmd.Flags().BoolP("regex", "r", false, "indicates this is a regex rule")
+}
+
+var rulesAddCmd = &cobra.Command{
+	Use:   "add <path|expression>",
+	Short: "Add a global rule or user rule",
+	Long:  `Add a global rule or user rule.`,
+	Args:  cobra.ExactArgs(1),
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		allow := mustGetBool(cmd.Flags(), "allow")
+		regex := mustGetBool(cmd.Flags(), "regex")
+		exp := args[0]
+
+		if regex {
+			regexp.MustCompile(exp)
+		}
+
+		rule := rules.Rule{
+			Allow: allow,
+			Regex: regex,
+		}
+
+		if regex {
+			rule.Regexp = &rules.Regexp{Raw: exp}
+		} else {
+			rule.Path = exp
+		}
+
+		user := func(u *users.User) {
+			u.Rules = append(u.Rules, rule)
+			err := d.store.Users.Save(u)
+			checkErr(err)
+		}
+
+		global := func(s *settings.Settings) {
+			s.Rules = append(s.Rules, rule)
+			err := d.store.Settings.Save(s)
+			checkErr(err)
+		}
+
+		runRules(d.store, cmd, user, global)
+	}, pythonConfig{}),
+}

cmd/rules_ls.go

@@ -0,0 +1,19 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	rulesCmd.AddCommand(rulesLsCommand)
+}
+
+var rulesLsCommand = &cobra.Command{
+	Use:   "ls",
+	Short: "List global rules or user specific rules",
+	Long:  `List global rules or user specific rules.`,
+	Args:  cobra.NoArgs,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		runRules(d.store, cmd, nil, nil)
+	}, pythonConfig{}),
+}

cmd/upgrade.go

@@ -0,0 +1,31 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/storage/bolt/importer"
+)
+
+func init() {
+	rootCmd.AddCommand(upgradeCmd)
+
+	upgradeCmd.Flags().String("old.database", "", "")
+	upgradeCmd.Flags().String("old.config", "", "")
+	_ = upgradeCmd.MarkFlagRequired("old.database")
+}
+
+var upgradeCmd = &cobra.Command{
+	Use:   "upgrade",
+	Short: "Upgrades an old configuration",
+	Long: `Upgrades an old configuration. This command DOES NOT
+import share links because they are incompatible with
+this version.`,
+	Args: cobra.NoArgs,
+	Run: func(cmd *cobra.Command, args []string) {
+		flags := cmd.Flags()
+		oldDB := mustGetString(flags, "old.database")
+		oldConf := mustGetString(flags, "old.config")
+		err := importer.Import(oldDB, oldConf, getParam(flags, "database"))
+		checkErr(err)
+	},
+}

cmd/users.go

@@ -0,0 +1,134 @@
+package cmd
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"strconv"
+	"text/tabwriter"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	rootCmd.AddCommand(usersCmd)
+}
+
+var usersCmd = &cobra.Command{
+	Use:   "users",
+	Short: "Users management utility",
+	Long:  `Users management utility.`,
+	Args:  cobra.NoArgs,
+}
+
+func printUsers(usrs []*users.User) {
+	w := tabwriter.NewWriter(os.Stdout, 0, 0, 2, ' ', 0) //nolint:gomnd
+	fmt.Fprintln(w, "ID\tUsername\tScope\tLocale\tV. Mode\tS.Click\tAdmin\tExecute\tCreate\tRename\tModify\tDelete\tShare\tDownload\tPwd Lock")
+
+	for _, u := range usrs {
+		fmt.Fprintf(w, "%d\t%s\t%s\t%s\t%s\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t%t\t\n",
+			u.ID,
+			u.Username,
+			u.Scope,
+			u.Locale,
+			u.ViewMode,
+			u.SingleClick,
+			u.Perm.Admin,
+			u.Perm.Execute,
+			u.Perm.Create,
+			u.Perm.Rename,
+			u.Perm.Modify,
+			u.Perm.Delete,
+			u.Perm.Share,
+			u.Perm.Download,
+			u.LockPassword,
+		)
+	}
+
+	w.Flush()
+}
+
+func parseUsernameOrID(arg string) (username string, id uint) {
+	id64, err := strconv.ParseUint(arg, 10, 64) //nolint:gomnd
+	if err != nil {
+		return arg, 0
+	}
+	return "", uint(id64)
+}
+
+func addUserFlags(flags *pflag.FlagSet) {
+	flags.Bool("perm.admin", false, "admin perm for users")
+	flags.Bool("perm.execute", true, "execute perm for users")
+	flags.Bool("perm.create", true, "create perm for users")
+	flags.Bool("perm.rename", true, "rename perm for users")
+	flags.Bool("perm.modify", true, "modify perm for users")
+	flags.Bool("perm.delete", true, "delete perm for users")
+	flags.Bool("perm.share", true, "share perm for users")
+	flags.Bool("perm.download", true, "download perm for users")
+	flags.String("sorting.by", "name", "sorting mode (name, size or modified)")
+	flags.Bool("sorting.asc", false, "sorting by ascending order")
+	flags.Bool("lockPassword", false, "lock password")
+	flags.StringSlice("commands", nil, "a list of the commands a user can execute")
+	flags.String("scope", ".", "scope for users")
+	flags.String("locale", "en", "locale for users")
+	flags.String("viewMode", string(users.ListViewMode), "view mode for users")
+	flags.Bool("singleClick", false, "use single clicks only")
+}
+
+func getViewMode(flags *pflag.FlagSet) users.ViewMode {
+	viewMode := users.ViewMode(mustGetString(flags, "viewMode"))
+	if viewMode != users.ListViewMode && viewMode != users.MosaicViewMode {
+		checkErr(errors.New("view mode must be \"" + string(users.ListViewMode) + "\" or \"" + string(users.MosaicViewMode) + "\""))
+	}
+	return viewMode
+}
+
+//nolint:gocyclo
+func getUserDefaults(flags *pflag.FlagSet, defaults *settings.UserDefaults, all bool) {
+	visit := func(flag *pflag.Flag) {
+		switch flag.Name {
+		case "scope":
+			defaults.Scope = mustGetString(flags, flag.Name)
+		case "locale":
+			defaults.Locale = mustGetString(flags, flag.Name)
+		case "viewMode":
+			defaults.ViewMode = getViewMode(flags)
+		case "singleClick":
+			defaults.SingleClick = mustGetBool(flags, flag.Name)
+		case "perm.admin":
+			defaults.Perm.Admin = mustGetBool(flags, flag.Name)
+		case "perm.execute":
+			defaults.Perm.Execute = mustGetBool(flags, flag.Name)
+		case "perm.create":
+			defaults.Perm.Create = mustGetBool(flags, flag.Name)
+		case "perm.rename":
+			defaults.Perm.Rename = mustGetBool(flags, flag.Name)
+		case "perm.modify":
+			defaults.Perm.Modify = mustGetBool(flags, flag.Name)
+		case "perm.delete":
+			defaults.Perm.Delete = mustGetBool(flags, flag.Name)
+		case "perm.share":
+			defaults.Perm.Share = mustGetBool(flags, flag.Name)
+		case "perm.download":
+			defaults.Perm.Download = mustGetBool(flags, flag.Name)
+		case "commands":
+			commands, err := flags.GetStringSlice(flag.Name)
+			checkErr(err)
+			defaults.Commands = commands
+		case "sorting.by":
+			defaults.Sorting.By = mustGetString(flags, flag.Name)
+		case "sorting.asc":
+			defaults.Sorting.Asc = mustGetBool(flags, flag.Name)
+		}
+	}
+
+	if all {
+		flags.VisitAll(visit)
+	} else {
+		flags.Visit(visit)
+	}
+}

cmd/users_add.go

@@ -0,0 +1,51 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	usersCmd.AddCommand(usersAddCmd)
+	addUserFlags(usersAddCmd.Flags())
+}
+
+var usersAddCmd = &cobra.Command{
+	Use:   "add <username> <password>",
+	Short: "Create a new user",
+	Long:  `Create a new user and add it to the database.`,
+	Args:  cobra.ExactArgs(2), //nolint:gomnd
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		s, err := d.store.Settings.Get()
+		checkErr(err)
+		getUserDefaults(cmd.Flags(), &s.Defaults, false)
+
+		password, err := users.HashPwd(args[1])
+		checkErr(err)
+
+		user := &users.User{
+			Username:     args[0],
+			Password:     password,
+			LockPassword: mustGetBool(cmd.Flags(), "lockPassword"),
+		}
+
+		s.Defaults.Apply(user)
+
+		servSettings, err := d.store.Settings.GetServer()
+		checkErr(err)
+		// since getUserDefaults() polluted s.Defaults.Scope
+		// which makes the Scope not the one saved in the db
+		// we need the right s.Defaults.Scope here
+		s2, err := d.store.Settings.Get()
+		checkErr(err)
+
+		userHome, err := s2.MakeUserDir(user.Username, user.Scope, servSettings.Root)
+		checkErr(err)
+		user.Scope = userHome
+
+		err = d.store.Users.Save(user)
+		checkErr(err)
+		printUsers([]*users.User{user})
+	}, pythonConfig{}),
+}

cmd/users_export.go

@@ -0,0 +1,24 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	usersCmd.AddCommand(usersExportCmd)
+}
+
+var usersExportCmd = &cobra.Command{
+	Use:   "export <path>",
+	Short: "Export all users to a file.",
+	Long: `Export all users to a json or yaml file. Please indicate the
+path to the file where you want to write the users.`,
+	Args: jsonYamlArg,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		list, err := d.store.Users.Gets("")
+		checkErr(err)
+
+		err = marshal(args[0], list)
+		checkErr(err)
+	}, pythonConfig{}),
+}

cmd/users_find.go

@@ -0,0 +1,51 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	usersCmd.AddCommand(usersFindCmd)
+	usersCmd.AddCommand(usersLsCmd)
+}
+
+var usersFindCmd = &cobra.Command{
+	Use:   "find <id|username>",
+	Short: "Find a user by username or id",
+	Long:  `Find a user by username or id. If no flag is set, all users will be printed.`,
+	Args:  cobra.ExactArgs(1),
+	Run:   findUsers,
+}
+
+var usersLsCmd = &cobra.Command{
+	Use:   "ls",
+	Short: "List all users.",
+	Args:  cobra.NoArgs,
+	Run:   findUsers,
+}
+
+var findUsers = python(func(cmd *cobra.Command, args []string, d pythonData) {
+	var (
+		list []*users.User
+		user *users.User
+		err  error
+	)
+
+	if len(args) == 1 {
+		username, id := parseUsernameOrID(args[0])
+		if username != "" {
+			user, err = d.store.Users.Get("", username)
+		} else {
+			user, err = d.store.Users.Get("", id)
+		}
+
+		list = []*users.User{user}
+	} else {
+		list, err = d.store.Users.Gets("")
+	}
+
+	checkErr(err)
+	printUsers(list)
+}, pythonConfig{})

cmd/users_import.go

@@ -0,0 +1,89 @@
+package cmd
+
+import (
+	"errors"
+	"fmt"
+	"os"
+	"strconv"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	usersCmd.AddCommand(usersImportCmd)
+	usersImportCmd.Flags().Bool("overwrite", false, "overwrite users with the same id/username combo")
+	usersImportCmd.Flags().Bool("replace", false, "replace the entire user base")
+}
+
+var usersImportCmd = &cobra.Command{
+	Use:   "import <path>",
+	Short: "Import users from a file",
+	Long: `Import users from a file. The path must be for a json or yaml
+file. You can use this command to import new users to your
+installation. For that, just don't place their ID on the files
+list or set it to 0.`,
+	Args: jsonYamlArg,
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		fd, err := os.Open(args[0])
+		checkErr(err)
+		defer fd.Close()
+
+		list := []*users.User{}
+		err = unmarshal(args[0], &list)
+		checkErr(err)
+
+		for _, user := range list {
+			err = user.Clean("")
+			checkErr(err)
+		}
+
+		if mustGetBool(cmd.Flags(), "replace") {
+			oldUsers, err := d.store.Users.Gets("")
+			checkErr(err)
+
+			err = marshal("users.backup.json", list)
+			checkErr(err)
+
+			for _, user := range oldUsers {
+				err = d.store.Users.Delete(user.ID)
+				checkErr(err)
+			}
+		}
+
+		overwrite := mustGetBool(cmd.Flags(), "overwrite")
+
+		for _, user := range list {
+			onDB, err := d.store.Users.Get("", user.ID)
+
+			// User exists in DB.
+			if err == nil {
+				if !overwrite {
+					checkErr(errors.New("user " + strconv.Itoa(int(user.ID)) + " is already registred"))
+				}
+
+				// If the usernames mismatch, check if there is another one in the DB
+				// with the new username. If there is, print an error and cancel the
+				// operation
+				if user.Username != onDB.Username {
+					if conflictuous, err := d.store.Users.Get("", user.Username); err == nil { //nolint:govet
+						checkErr(usernameConflictError(user.Username, conflictuous.ID, user.ID))
+					}
+				}
+			} else {
+				// If it doesn't exist, set the ID to 0 to automatically get a new
+				// one that make sense in this DB.
+				user.ID = 0
+			}
+
+			err = d.store.Users.Save(user)
+			checkErr(err)
+		}
+	}, pythonConfig{}),
+}
+
+func usernameConflictError(username string, originalID, newID uint) error {
+	return fmt.Errorf(`can't import user with ID %d and username "%s" because the username is already registred with the user %d`,
+		newID, username, originalID)
+}

cmd/users_rm.go

@@ -0,0 +1,31 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	usersCmd.AddCommand(usersRmCmd)
+}
+
+var usersRmCmd = &cobra.Command{
+	Use:   "rm <id|username>",
+	Short: "Delete a user by username or id",
+	Long:  `Delete a user by username or id`,
+	Args:  cobra.ExactArgs(1),
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		username, id := parseUsernameOrID(args[0])
+		var err error
+
+		if username != "" {
+			err = d.store.Users.Delete(username)
+		} else {
+			err = d.store.Users.Delete(id)
+		}
+
+		checkErr(err)
+		fmt.Println("user deleted successfully")
+	}, pythonConfig{}),
+}

cmd/users_update.go

@@ -0,0 +1,75 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/users"
+)
+
+func init() {
+	usersCmd.AddCommand(usersUpdateCmd)
+
+	usersUpdateCmd.Flags().StringP("password", "p", "", "new password")
+	usersUpdateCmd.Flags().StringP("username", "u", "", "new username")
+	addUserFlags(usersUpdateCmd.Flags())
+}
+
+var usersUpdateCmd = &cobra.Command{
+	Use:   "update <id|username>",
+	Short: "Updates an existing user",
+	Long: `Updates an existing user. Set the flags for the
+options you want to change.`,
+	Args: cobra.ExactArgs(1),
+	Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
+		username, id := parseUsernameOrID(args[0])
+		flags := cmd.Flags()
+		password := mustGetString(flags, "password")
+		newUsername := mustGetString(flags, "username")
+
+		var (
+			err  error
+			user *users.User
+		)
+
+		if id != 0 {
+			user, err = d.store.Users.Get("", id)
+		} else {
+			user, err = d.store.Users.Get("", username)
+		}
+
+		checkErr(err)
+
+		defaults := settings.UserDefaults{
+			Scope:       user.Scope,
+			Locale:      user.Locale,
+			ViewMode:    user.ViewMode,
+			SingleClick: user.SingleClick,
+			Perm:        user.Perm,
+			Sorting:     user.Sorting,
+			Commands:    user.Commands,
+		}
+		getUserDefaults(flags, &defaults, false)
+		user.Scope = defaults.Scope
+		user.Locale = defaults.Locale
+		user.ViewMode = defaults.ViewMode
+		user.SingleClick = defaults.SingleClick
+		user.Perm = defaults.Perm
+		user.Commands = defaults.Commands
+		user.Sorting = defaults.Sorting
+		user.LockPassword = mustGetBool(flags, "lockPassword")
+
+		if newUsername != "" {
+			user.Username = newUsername
+		}
+
+		if password != "" {
+			user.Password, err = users.HashPwd(password)
+			checkErr(err)
+		}
+
+		err = d.store.Users.Update(user)
+		checkErr(err)
+		printUsers([]*users.User{user})
+	}, pythonConfig{}),
+}

cmd/utils.go

@@ -0,0 +1,193 @@
+package cmd
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/asdine/storm"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+	yaml "gopkg.in/yaml.v2"
+
+	"github.com/filebrowser/filebrowser/v2/settings"
+	"github.com/filebrowser/filebrowser/v2/storage"
+	"github.com/filebrowser/filebrowser/v2/storage/bolt"
+)
+
+func checkErr(err error) {
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func mustGetString(flags *pflag.FlagSet, flag string) string {
+	s, err := flags.GetString(flag)
+	checkErr(err)
+	return s
+}
+
+func mustGetBool(flags *pflag.FlagSet, flag string) bool {
+	b, err := flags.GetBool(flag)
+	checkErr(err)
+	return b
+}
+
+func mustGetUint(flags *pflag.FlagSet, flag string) uint {
+	b, err := flags.GetUint(flag)
+	checkErr(err)
+	return b
+}
+
+func generateKey() []byte {
+	k, err := settings.GenerateKey()
+	checkErr(err)
+	return k
+}
+
+type cobraFunc func(cmd *cobra.Command, args []string)
+type pythonFunc func(cmd *cobra.Command, args []string, data pythonData)
+
+type pythonConfig struct {
+	noDB      bool
+	allowNoDB bool
+}
+
+type pythonData struct {
+	hadDB bool
+	store *storage.Storage
+}
+
+func dbExists(path string) (bool, error) {
+	stat, err := os.Stat(path)
+	if err == nil {
+		return stat.Size() != 0, nil
+	}
+
+	if os.IsNotExist(err) {
+		d := filepath.Dir(path)
+		_, err = os.Stat(d)
+		if os.IsNotExist(err) {
+			if err := os.MkdirAll(d, 0700); err != nil { //nolint:govet,gomnd
+				return false, err
+			}
+			return false, nil
+		}
+	}
+
+	return false, err
+}
+
+func python(fn pythonFunc, cfg pythonConfig) cobraFunc {
+	return func(cmd *cobra.Command, args []string) {
+		data := pythonData{hadDB: true}
+
+		path := getParam(cmd.Flags(), "database")
+		exists, err := dbExists(path)
+
+		if err != nil {
+			panic(err)
+		} else if exists && cfg.noDB {
+			log.Fatal(path + " already exists")
+		} else if !exists && !cfg.noDB && !cfg.allowNoDB {
+			log.Fatal(path + " does not exist. Please run 'filebrowser config init' first.")
+		}
+
+		data.hadDB = exists
+		db, err := storm.Open(path)
+		checkErr(err)
+		defer db.Close()
+		data.store, err = bolt.NewStorage(db)
+		checkErr(err)
+		fn(cmd, args, data)
+	}
+}
+
+func marshal(filename string, data interface{}) error {
+	fd, err := os.Create(filename)
+	checkErr(err)
+	defer fd.Close()
+
+	switch ext := filepath.Ext(filename); ext {
+	case ".json":
+		encoder := json.NewEncoder(fd)
+		encoder.SetIndent("", "    ")
+		return encoder.Encode(data)
+	case ".yml", ".yaml": //nolint:goconst
+		encoder := yaml.NewEncoder(fd)
+		return encoder.Encode(data)
+	default:
+		return errors.New("invalid format: " + ext)
+	}
+}
+
+func unmarshal(filename string, data interface{}) error {
+	fd, err := os.Open(filename)
+	checkErr(err)
+	defer fd.Close()
+
+	switch ext := filepath.Ext(filename); ext {
+	case ".json":
+		return json.NewDecoder(fd).Decode(data)
+	case ".yml", ".yaml":
+		return yaml.NewDecoder(fd).Decode(data)
+	default:
+		return errors.New("invalid format: " + ext)
+	}
+}
+
+func jsonYamlArg(cmd *cobra.Command, args []string) error {
+	if err := cobra.ExactArgs(1)(cmd, args); err != nil {
+		return err
+	}
+
+	switch ext := filepath.Ext(args[0]); ext {
+	case ".json", ".yml", ".yaml":
+		return nil
+	default:
+		return errors.New("invalid format: " + ext)
+	}
+}
+
+func cleanUpInterfaceMap(in map[interface{}]interface{}) map[string]interface{} {
+	result := make(map[string]interface{})
+	for k, v := range in {
+		result[fmt.Sprintf("%v", k)] = cleanUpMapValue(v)
+	}
+	return result
+}
+
+func cleanUpInterfaceArray(in []interface{}) []interface{} {
+	result := make([]interface{}, len(in))
+	for i, v := range in {
+		result[i] = cleanUpMapValue(v)
+	}
+	return result
+}
+
+func cleanUpMapValue(v interface{}) interface{} {
+	switch v := v.(type) {
+	case []interface{}:
+		return cleanUpInterfaceArray(v)
+	case map[interface{}]interface{}:
+		return cleanUpInterfaceMap(v)
+	default:
+		return v
+	}
+}
+
+// convertCmdStrToCmdArray checks if cmd string is blank (whitespace included)
+// then returns empty string array, else returns the splitted word array of cmd.
+// This is to ensure the result will never be []string{""}
+func convertCmdStrToCmdArray(cmd string) []string {
+	var cmdArray []string
+	trimmedCmdStr := strings.TrimSpace(cmd)
+	if trimmedCmdStr != "" {
+		cmdArray = strings.Split(trimmedCmdStr, " ")
+	}
+	return cmdArray
+}

cmd/version.go

@@ -0,0 +1,21 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+
+	"github.com/filebrowser/filebrowser/v2/version"
+)
+
+func init() {
+	rootCmd.AddCommand(versionCmd)
+}
+
+var versionCmd = &cobra.Command{
+	Use:   "version",
+	Short: "Print the version number",
+	Run: func(cmd *cobra.Command, args []string) {
+		fmt.Println("File Browser v" + version.Version + "/" + version.CommitSHA)
+	},
+}

commitlint.config.js

@@ -0,0 +1,34 @@
+module.exports = {
+    rules: {
+        'body-leading-blank': [1, 'always'],
+        'body-max-line-length': [2, 'always', 100],
+        'footer-leading-blank': [1, 'always'],
+        'footer-max-line-length': [2, 'always', 100],
+        'header-max-length': [2, 'always', 100],
+        'scope-case': [2, 'always', 'lower-case'],
+        'subject-case': [
+            2,
+            'never',
+            ['sentence-case', 'start-case', 'pascal-case', 'upper-case'],
+        ],
+        'subject-full-stop': [2, 'never', '.'],
+        'type-case': [2, 'always', 'lower-case'],
+        'type-empty': [2, 'never'],
+        'type-enum': [
+            2,
+            'always',
+            [
+                'feat',
+                'fix',
+                'perf',
+                'revert',
+                'refactor',
+                'build',
+                'ci',
+                'test',
+                'chore',
+                'docs',
+            ],
+        ],
+    },
+};

common.mk

@@ -0,0 +1,28 @@
+SHELL := /bin/bash
+DATE ?= $(shell date +%FT%T%z)
+BASE_PATH := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+VERSION ?= $(shell git describe --tags --always --match=v* 2> /dev/null || \
+           			cat $(CURDIR)/.version 2> /dev/null || echo v0)
+VERSION_HASH = $(shell git rev-parse HEAD)
+BRANCH = $(shell git rev-parse --abbrev-ref HEAD)
+
+go = GOGC=off go
+MODULE = $(shell env GO111MODULE=on go list -m)
+
+# printing
+# $Q (quiet) is used in the targets as a replacer for @.
+# This macro helps to print the command for debugging by setting V to 1. Example `make test-unit V=1`
+V = 0
+Q = $(if $(filter 1,$V),,@)
+# $M is a macro to print a colored ▶ character. Example `$(info $(M) running coverage tests…)` will print "▶ running coverage tests…"
+M = $(shell printf "\033[34;1m▶\033[0m")
+
+GREEN  := $(shell tput -Txterm setaf 2)
+YELLOW := $(shell tput -Txterm setaf 3)
+WHITE  := $(shell tput -Txterm setaf 7)
+CYAN   := $(shell tput -Txterm setaf 6)
+RESET  := $(shell tput -Txterm sgr0)
+
+define global_option
+    printf "  ${YELLOW}%-20s${GREEN}%s${RESET}\n" $(1) $(2)
+endef

diskcache/cache.go

@@ -0,0 +1,11 @@
+package diskcache
+
+import (
+	"context"
+)
+
+type Interface interface {
+	Store(ctx context.Context, key string, value []byte) error
+	Load(ctx context.Context, key string) (value []byte, exist bool, err error)
+	Delete(ctx context.Context, key string) error
+}

diskcache/file_cache.go

@@ -0,0 +1,110 @@
+package diskcache
+
+import (
+	"context"
+	"crypto/sha1" //nolint:gosec
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sync"
+
+	"github.com/spf13/afero"
+)
+
+type FileCache struct {
+	fs afero.Fs
+
+	// granular locks
+	scopedLocks struct {
+		sync.Mutex
+		sync.Once
+		locks map[string]sync.Locker
+	}
+}
+
+func New(fs afero.Fs, root string) *FileCache {
+	return &FileCache{
+		fs: afero.NewBasePathFs(fs, root),
+	}
+}
+
+func (f *FileCache) Store(ctx context.Context, key string, value []byte) error {
+	mu := f.getScopedLocks(key)
+	mu.Lock()
+	defer mu.Unlock()
+
+	fileName := f.getFileName(key)
+	if err := f.fs.MkdirAll(filepath.Dir(fileName), 0700); err != nil { //nolint:gomnd
+		return err
+	}
+
+	if err := afero.WriteFile(f.fs, fileName, value, 0700); err != nil { //nolint:gomnd
+		return err
+	}
+
+	return nil
+}
+
+func (f *FileCache) Load(ctx context.Context, key string) (value []byte, exist bool, err error) {
+	r, ok, err := f.open(key)
+	if err != nil || !ok {
+		return nil, ok, err
+	}
+	defer r.Close()
+
+	value, err = io.ReadAll(r)
+	if err != nil {
+		return nil, false, err
+	}
+	return value, true, nil
+}
+
+func (f *FileCache) Delete(ctx context.Context, key string) error {
+	mu := f.getScopedLocks(key)
+	mu.Lock()
+	defer mu.Unlock()
+
+	fileName := f.getFileName(key)
+	if err := f.fs.Remove(fileName); err != nil && !errors.Is(err, os.ErrNotExist) {
+		return err
+	}
+	return nil
+}
+
+func (f *FileCache) open(key string) (afero.File, bool, error) {
+	fileName := f.getFileName(key)
+	file, err := f.fs.Open(fileName)
+	if err != nil {
+		if errors.Is(err, os.ErrNotExist) {
+			return nil, false, nil
+		}
+		return nil, false, err
+	}
+
+	return file, true, nil
+}
+
+// getScopedLocks pull lock from the map if found or create a new one
+func (f *FileCache) getScopedLocks(key string) (lock sync.Locker) {
+	f.scopedLocks.Do(func() { f.scopedLocks.locks = map[string]sync.Locker{} })
+
+	f.scopedLocks.Lock()
+	lock, ok := f.scopedLocks.locks[key]
+	if !ok {
+		lock = &sync.Mutex{}
+		f.scopedLocks.locks[key] = lock
+	}
+	f.scopedLocks.Unlock()
+
+	return lock
+}
+
+func (f *FileCache) getFileName(key string) string {
+	hasher := sha1.New() //nolint:gosec
+	_, _ = hasher.Write([]byte(key))
+	hash := hex.EncodeToString(hasher.Sum(nil))
+	return fmt.Sprintf("%s/%s/%s", hash[:1], hash[1:3], hash)
+}

diskcache/file_cache_test.go

@@ -0,0 +1,55 @@
+package diskcache
+
+import (
+	"context"
+	"path/filepath"
+	"testing"
+
+	"github.com/spf13/afero"
+	"github.com/stretchr/testify/require"
+)
+
+func TestFileCache(t *testing.T) {
+	ctx := context.Background()
+	const (
+		key            = "key"
+		value          = "some text"
+		newValue       = "new text"
+		cacheRoot      = "/cache"
+		cachedFilePath = "a/62/a62f2225bf70bfaccbc7f1ef2a397836717377de"
+	)
+
+	fs := afero.NewMemMapFs()
+	cache := New(fs, "/cache")
+
+	// store new key
+	err := cache.Store(ctx, key, []byte(value))
+	require.NoError(t, err)
+	checkValue(t, ctx, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, value)
+
+	// update existing key
+	err = cache.Store(ctx, key, []byte(newValue))
+	require.NoError(t, err)
+	checkValue(t, ctx, fs, filepath.Join(cacheRoot, cachedFilePath), cache, key, newValue)
+
+	// delete key
+	err = cache.Delete(ctx, key)
+	require.NoError(t, err)
+	exists, err := afero.Exists(fs, filepath.Join(cacheRoot, cachedFilePath))
+	require.NoError(t, err)
+	require.False(t, exists)
+}
+
+func checkValue(t *testing.T, ctx context.Context, fs afero.Fs, fileFullPath string, cache *FileCache, key, wantValue string) { //nolint:golint
+	t.Helper()
+	// check actual file content
+	b, err := afero.ReadFile(fs, fileFullPath)
+	require.NoError(t, err)
+	require.Equal(t, wantValue, string(b))
+
+	// check cache content
+	b, ok, err := cache.Load(ctx, key)
+	require.NoError(t, err)
+	require.True(t, ok)
+	require.Equal(t, wantValue, string(b))
+}

diskcache/noop_cache.go

@@ -0,0 +1,24 @@
+package diskcache
+
+import (
+	"context"
+)
+
+type NoOp struct {
+}
+
+func NewNoOp() *NoOp {
+	return &NoOp{}
+}
+
+func (n *NoOp) Store(ctx context.Context, key string, value []byte) error {
+	return nil
+}
+
+func (n *NoOp) Load(ctx context.Context, key string) (value []byte, exist bool, err error) {
+	return nil, false, nil
+}
+
+func (n *NoOp) Delete(ctx context.Context, key string) error {
+	return nil
+}

doc.go

@@ -1,73 +0,0 @@
-/*
-Package filebrowser provides a web interface to access your files
-wherever you are. To use this package as a middleware for your app,
-you'll need to import both File Browser and File Browser HTTP packages.
-
-	import (
-		fm "github.com/filebrowser/filebrowser"
-		h "github.com/filebrowser/filebrowser/http"
-	)
-
-Then, you should create a new FileBrowser object with your options. In this
-case, I'm using BoltDB (via Storm package) as a Store. So, you'll also need
-to import "github.com/filebrowser/filebrowser/bolt".
-
-	db, _ := storm.Open("bolt.db")
-
-	m := &fm.FileBrowser{
-		NoAuth: false,
-		DefaultUser: &fm.User{
-			AllowCommands: true,
-			AllowEdit:     true,
-			AllowNew:      true,
-			AllowPublish:  true,
-			Commands:      []string{"git"},
-			Rules:         []*fm.Rule{},
-			Locale:        "en",
-			CSS:           "",
-			Scope:         ".",
-			FileSystem:    fileutils.Dir("."),
-		},
-		Store: &fm.Store{
-			Config: bolt.ConfigStore{DB: db},
-			Users:  bolt.UsersStore{DB: db},
-			Share:  bolt.ShareStore{DB: db},
-		},
-		NewFS: func(scope string) fm.FileSystem {
-			return fileutils.Dir(scope)
-		},
-	}
-
-The credentials for the first user are always 'admin' for both the user and
-the password, and they can be changed later through the settings. The first
-user is always an Admin and has all of the permissions set to 'true'.
-
-Then, you should set the Prefix URL and the Base URL, using the following
-functions:
-
-		m.SetBaseURL("/")
-		m.SetPrefixURL("/")
-
-The Prefix URL is a part of the path that is already stripped from the
-r.URL.Path variable before the request arrives to File Browser's handler.
-This is a function that will rarely be used. You can see one example on Caddy
-filemanager plugin.
-
-The Base URL is the URL path where you want File Browser to be available in. If
-you want to be available at the root path, you should call:
-
-		m.SetBaseURL("/")
-
-But if you want to access it at '/admin', you would call:
-
-		m.SetBaseURL("/admin")
-
-Now, that you already have a File Browser instance created, you just need to
-add it to your handlers using m.ServeHTTP which is compatible to http.Handler.
-We also have a m.ServeWithErrorsHTTP that returns the status code and an error.
-
-One simple implementation for this, at port 80, in the root of the domain, would be:
-
-		http.ListenAndServe(":80", h.Handler(m))
-*/
-package filebrowser

docker/root/defaults/settings.json

@@ -0,0 +1,8 @@
+{
+  "port": 80,
+  "baseURL": "",
+  "address": "",
+  "log": "stdout",
+  "database": "/database/filebrowser.db",
+  "root": "/srv"
+}

docker/root/etc/cont-init.d/20-config

@@ -0,0 +1,15 @@
+#!/usr/bin/with-contenv bash
+
+# make folders
+mkdir -p /database
+
+# copy config
+if [ ! -f "/config/settings.json" ]; then
+  cp -a /defaults/settings.json /config/settings.json
+fi
+
+# permissions
+chown abc:abc \
+	/config/settings.json \
+	/database \
+	/srv

docker/root/etc/services.d/filebrowser/run

@@ -0,0 +1,3 @@
+#!/usr/bin/with-contenv bash
+
+exec s6-setuidgid abc filebrowser -c /config/settings.json -d /database/filebrowser.db;

docker_config.json

@@ -0,0 +1,8 @@
+{
+  "port": 80,
+  "baseURL": "",
+  "address": "",
+  "log": "stdout",
+  "database": "/database.db",
+  "root": "/srv"
+}

errors/errors.go

@@ -0,0 +1,21 @@
+package errors
+
+import "errors"
+
+var (
+	ErrEmptyKey             = errors.New("empty key")
+	ErrExist                = errors.New("the resource already exists")
+	ErrNotExist             = errors.New("the resource does not exist")
+	ErrEmptyPassword        = errors.New("password is empty")
+	ErrEmptyUsername        = errors.New("username is empty")
+	ErrEmptyRequest         = errors.New("empty request")
+	ErrScopeIsRelative      = errors.New("scope is a relative path")
+	ErrInvalidDataType      = errors.New("invalid data type")
+	ErrIsDirectory          = errors.New("file is directory")
+	ErrInvalidOption        = errors.New("invalid option")
+	ErrInvalidAuthMethod    = errors.New("invalid auth method")
+	ErrPermissionDenied     = errors.New("permission denied")
+	ErrInvalidRequestParams = errors.New("invalid request params")
+	ErrSourceIsParent       = errors.New("source is parent")
+	ErrRootUserDeletion     = errors.New("user with id 1 can't be deleted")
+)

file.go

@@ -1,486 +0,0 @@
-package filebrowser
-
-import (
-	"bytes"
-	"crypto/md5"
-	"crypto/sha1"
-	"crypto/sha256"
-	"crypto/sha512"
-	"encoding/hex"
-	"hash"
-	"io"
-	"io/ioutil"
-	"mime"
-	"net/http"
-	"net/url"
-	"os"
-	"path/filepath"
-	"sort"
-	"strings"
-	"time"
-
-	"github.com/gohugoio/hugo/parser"
-)
-
-// File contains the information about a particular file or directory.
-type File struct {
-	// Indicates the Kind of view on the front-end (Listing, editor or preview).
-	Kind string `json:"kind"`
-	// The name of the file.
-	Name string `json:"name"`
-	// The Size of the file.
-	Size int64 `json:"size"`
-	// The absolute URL.
-	URL string `json:"url"`
-	// The extension of the file.
-	Extension string `json:"extension"`
-	// The last modified time.
-	ModTime time.Time `json:"modified"`
-	// The File Mode.
-	Mode os.FileMode `json:"mode"`
-	// Indicates if this file is a directory.
-	IsDir bool `json:"isDir"`
-	// Absolute path.
-	Path string `json:"path"`
-	// Relative path to user's virtual File System.
-	VirtualPath string `json:"virtualPath"`
-	// Indicates the file content type: video, text, image, music or blob.
-	Type string `json:"type"`
-	// Stores the content of a text file.
-	Content string `json:"content,omitempty"`
-
-	*Listing `json:",omitempty"`
-
-	Metadata string `json:"metadata,omitempty"`
-	Language string `json:"language,omitempty"`
-}
-
-// A Listing is the context used to fill out a template.
-type Listing struct {
-	// The items (files and folders) in the path.
-	Items []*File `json:"items"`
-	// The number of directories in the Listing.
-	NumDirs int `json:"numDirs"`
-	// The number of files (items that aren't directories) in the Listing.
-	NumFiles int `json:"numFiles"`
-	// Which sorting order is used.
-	Sort string `json:"sort"`
-	// And which order.
-	Order string `json:"order"`
-}
-
-// GetInfo gets the file information and, in case of error, returns the
-// respective HTTP error code
-func GetInfo(url *url.URL, c *FileBrowser, u *User) (*File, error) {
-	var err error
-
-	i := &File{
-		URL:         "/files" + url.String(),
-		VirtualPath: url.Path,
-		Path:        filepath.Join(u.Scope, url.Path),
-	}
-
-	info, err := u.FileSystem.Stat(url.Path)
-	if err != nil {
-		return i, err
-	}
-
-	i.Name = info.Name()
-	i.ModTime = info.ModTime()
-	i.Mode = info.Mode()
-	i.IsDir = info.IsDir()
-	i.Size = info.Size()
-	i.Extension = filepath.Ext(i.Name)
-
-	if i.IsDir && !strings.HasSuffix(i.URL, "/") {
-		i.URL += "/"
-	}
-
-	return i, nil
-}
-
-// GetListing gets the information about a specific directory and its files.
-func (i *File) GetListing(u *User, r *http.Request) error {
-	// Gets the directory information using the Virtual File System of
-	// the user configuration.
-	f, err := u.FileSystem.OpenFile(i.VirtualPath, os.O_RDONLY, 0)
-	if err != nil {
-		return err
-	}
-	defer f.Close()
-
-	// Reads the directory and gets the information about the files.
-	files, err := f.Readdir(-1)
-	if err != nil {
-		return err
-	}
-
-	var (
-		fileinfos           []*File
-		dirCount, fileCount int
-	)
-
-	baseurl, err := url.PathUnescape(i.URL)
-	if err != nil {
-		return err
-	}
-
-	for _, f := range files {
-		name := f.Name()
-		allowed := u.Allowed("/" + name)
-
-		if !allowed {
-			continue
-		}
-
-		if strings.HasPrefix(f.Mode().String(), "L") {
-			// It's a symbolic link. We try to follow it. If it doesn't work,
-			// we stay with the link information instead if the target's.
-			info, err := os.Stat(f.Name())
-			if err == nil {
-				f = info
-			}
-		}
-
-		if f.IsDir() {
-			name += "/"
-			dirCount++
-		} else {
-			fileCount++
-		}
-
-		// Absolute URL
-		url := url.URL{Path: baseurl + name}
-
-		i := &File{
-			Name:        f.Name(),
-			Size:        f.Size(),
-			ModTime:     f.ModTime(),
-			Mode:        f.Mode(),
-			IsDir:       f.IsDir(),
-			URL:         url.String(),
-			Extension:   filepath.Ext(name),
-			VirtualPath: filepath.Join(i.VirtualPath, name),
-			Path:        filepath.Join(i.Path, name),
-		}
-
-		i.GetFileType(false)
-		fileinfos = append(fileinfos, i)
-	}
-
-	i.Listing = &Listing{
-		Items:    fileinfos,
-		NumDirs:  dirCount,
-		NumFiles: fileCount,
-	}
-
-	return nil
-}
-
-// GetEditor gets the editor based on a Info struct
-func (i *File) GetEditor() error {
-	i.Language = editorLanguage(i.Extension)
-	// If the editor will hold only content, leave now.
-	if editorMode(i.Language) == "content" {
-		return nil
-	}
-
-	// If the file doesn't have any kind of metadata, leave now.
-	if !hasRune(i.Content) {
-		return nil
-	}
-
-	buffer := bytes.NewBuffer([]byte(i.Content))
-	page, err := parser.ReadFrom(buffer)
-
-	// If there is an error, just ignore it and return nil.
-	// This way, the file can be served for editing.
-	if err != nil {
-		return nil
-	}
-
-	i.Content = strings.TrimSpace(string(page.Content()))
-	i.Metadata = strings.TrimSpace(string(page.FrontMatter()))
-	return nil
-}
-
-// GetFileType obtains the mimetype and converts it to a simple
-// type nomenclature.
-func (i *File) GetFileType(checkContent bool) error {
-	var content []byte
-	var err error
-
-	// Tries to get the file mimetype using its extension.
-	mimetype := mime.TypeByExtension(i.Extension)
-
-	if mimetype == "" && checkContent {
-		file, err := os.Open(i.Path)
-		if err != nil {
-			return err
-		}
-		defer file.Close()
-
-		// Only the first 512 bytes are used to sniff the content type.
-		buffer := make([]byte, 512)
-		_, err = file.Read(buffer)
-		if err != nil && err != io.EOF {
-			return err
-		}
-
-		// Tries to get the file mimetype using its first
-		// 512 bytes.
-		mimetype = http.DetectContentType(buffer)
-	}
-
-	if strings.HasPrefix(mimetype, "video") {
-		i.Type = "video"
-		return nil
-	}
-
-	if strings.HasPrefix(mimetype, "audio") {
-		i.Type = "audio"
-		return nil
-	}
-
-	if strings.HasPrefix(mimetype, "image") {
-		i.Type = "image"
-		return nil
-	}
-
-	if strings.HasPrefix(mimetype, "text") {
-		i.Type = "text"
-		goto End
-	}
-
-	if strings.HasPrefix(mimetype, "application/javascript") {
-		i.Type = "text"
-		goto End
-	}
-
-	// If the type isn't text (and is blob for example), it will check some
-	// common types that are mistaken not to be text.
-	if isInTextExtensions(i.Name) {
-		i.Type = "text"
-	} else {
-		i.Type = "blob"
-	}
-
-End:
-	// If the file type is text, save its content.
-	if i.Type == "text" {
-		if len(content) == 0 {
-			content, err = ioutil.ReadFile(i.Path)
-			if err != nil {
-				return err
-			}
-		}
-
-		i.Content = string(content)
-	}
-
-	return nil
-}
-
-// Checksum retrieves the checksum of a file.
-func (i File) Checksum(algo string) (string, error) {
-	file, err := os.Open(i.Path)
-	if err != nil {
-		return "", err
-	}
-
-	defer file.Close()
-
-	var h hash.Hash
-
-	switch algo {
-	case "md5":
-		h = md5.New()
-	case "sha1":
-		h = sha1.New()
-	case "sha256":
-		h = sha256.New()
-	case "sha512":
-		h = sha512.New()
-	default:
-		return "", ErrInvalidOption
-	}
-
-	_, err = io.Copy(h, file)
-	if err != nil {
-		return "", err
-	}
-
-	return hex.EncodeToString(h.Sum(nil)), nil
-}
-
-// CanBeEdited checks if the extension of a file is supported by the editor
-func (i File) CanBeEdited() bool {
-	return i.Type == "text"
-}
-
-// ApplySort applies the sort order using .Order and .Sort
-func (l Listing) ApplySort() {
-	// Check '.Order' to know how to sort
-	if l.Order == "desc" {
-		switch l.Sort {
-		case "name":
-			sort.Sort(sort.Reverse(byName(l)))
-		case "size":
-			sort.Sort(sort.Reverse(bySize(l)))
-		case "modified":
-			sort.Sort(sort.Reverse(byModified(l)))
-		default:
-			// If not one of the above, do nothing
-			return
-		}
-	} else { // If we had more Orderings we could add them here
-		switch l.Sort {
-		case "name":
-			sort.Sort(byName(l))
-		case "size":
-			sort.Sort(bySize(l))
-		case "modified":
-			sort.Sort(byModified(l))
-		default:
-			sort.Sort(byName(l))
-			return
-		}
-	}
-}
-
-// Implement sorting for Listing
-type byName Listing
-type bySize Listing
-type byModified Listing
-
-// By Name
-func (l byName) Len() int {
-	return len(l.Items)
-}
-
-func (l byName) Swap(i, j int) {
-	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
-}
-
-// Treat upper and lower case equally
-func (l byName) Less(i, j int) bool {
-	if l.Items[i].IsDir && !l.Items[j].IsDir {
-		return true
-	}
-
-	if !l.Items[i].IsDir && l.Items[j].IsDir {
-		return false
-	}
-
-	return strings.ToLower(l.Items[i].Name) < strings.ToLower(l.Items[j].Name)
-}
-
-// By Size
-func (l bySize) Len() int {
-	return len(l.Items)
-}
-
-func (l bySize) Swap(i, j int) {
-	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
-}
-
-const directoryOffset = -1 << 31 // = math.MinInt32
-func (l bySize) Less(i, j int) bool {
-	iSize, jSize := l.Items[i].Size, l.Items[j].Size
-	if l.Items[i].IsDir {
-		iSize = directoryOffset + iSize
-	}
-	if l.Items[j].IsDir {
-		jSize = directoryOffset + jSize
-	}
-	return iSize < jSize
-}
-
-// By Modified
-func (l byModified) Len() int {
-	return len(l.Items)
-}
-
-func (l byModified) Swap(i, j int) {
-	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
-}
-
-func (l byModified) Less(i, j int) bool {
-	iModified, jModified := l.Items[i].ModTime, l.Items[j].ModTime
-	return iModified.Sub(jModified) < 0
-}
-
-// textExtensions is the sorted list of text extensions which
-// can be edited.
-var textExtensions = []string{
-	".ad", ".ada", ".adoc", ".asciidoc",
-	".bas", ".bash", ".bat",
-	".c", ".cc", ".cmd", ".conf", ".cpp", ".cr", ".cs", ".css", ".csv",
-	".d",
-	".f", ".f90",
-	".h", ".hh", ".hpp", ".htaccess", ".html",
-	".ini",
-	".java", ".js", ".json",
-	".markdown", ".md", ".mdown", ".mmark",
-	".nim",
-	".php", ".pl", ".ps1", ".py",
-	".rss", ".rst", ".rtf",
-	".sass", ".scss", ".sh", ".sty",
-	".tex", ".tml", ".toml", ".txt",
-	".vala", ".vapi",
-	".xml",
-	".yaml", ".yml",
-	"Caddyfile",
-}
-
-// isInTextExtensions checks if a file can be edited by its extensions.
-func isInTextExtensions(name string) bool {
-	search := filepath.Ext(name)
-	if search == "" {
-		search = name
-	}
-
-	i := sort.SearchStrings(textExtensions, search)
-	return i < len(textExtensions) && textExtensions[i] == search
-}
-
-// hasRune checks if the file has the frontmatter rune
-func hasRune(file string) bool {
-	return strings.HasPrefix(file, "---") ||
-		strings.HasPrefix(file, "+++") ||
-		strings.HasPrefix(file, "{")
-}
-
-func editorMode(language string) string {
-	switch language {
-	case "markdown", "asciidoc", "rst":
-		return "content+metadata"
-	}
-
-	return "content"
-}
-
-func editorLanguage(mode string) string {
-	mode = strings.TrimPrefix(mode, ".")
-
-	switch mode {
-	case "md", "markdown", "mdown", "mmark":
-		mode = "markdown"
-	case "yml":
-		mode = "yaml"
-	case "asciidoc", "adoc", "ad":
-		mode = "asciidoc"
-	case "rst":
-		mode = "rst"
-	case "html", "htm", "xml":
-		mode = "htmlmixed"
-	case "js":
-		mode = "javascript"
-	case "go":
-		mode = "golang"
-	case "":
-		mode = "text"
-	}
-
-	return mode
-}

filebrowser.go

@@ -1,558 +0,0 @@
-package filebrowser
-
-import (
-	"crypto/rand"
-	"errors"
-	"fmt"
-	"log"
-	"net/http"
-	"os"
-	"os/exec"
-	"reflect"
-	"regexp"
-	"strings"
-	"time"
-
-	"golang.org/x/crypto/bcrypt"
-
-	"github.com/GeertJohan/go.rice"
-	"github.com/hacdias/fileutils"
-	"github.com/mholt/caddy"
-	"github.com/robfig/cron"
-)
-
-const (
-	// Version is the current File Browser version.
-	Version = "1.8.0"
-
-	ListViewMode   = "list"
-	MosaicViewMode = "mosaic"
-)
-
-var (
-	ErrExist              = errors.New("the resource already exists")
-	ErrNotExist           = errors.New("the resource does not exist")
-	ErrEmptyRequest       = errors.New("request body is empty")
-	ErrEmptyPassword      = errors.New("password is empty")
-	ErrEmptyUsername      = errors.New("username is empty")
-	ErrEmptyScope         = errors.New("scope is empty")
-	ErrWrongDataType      = errors.New("wrong data type")
-	ErrInvalidUpdateField = errors.New("invalid field to update")
-	ErrInvalidOption      = errors.New("invalid option")
-)
-
-// FileBrowser is a file manager instance. It should be creating using the
-// 'New' function and not directly.
-type FileBrowser struct {
-	// Cron job to manage schedulings.
-	Cron *cron.Cron
-
-	// The key used to sign the JWT tokens.
-	Key []byte
-
-	// The static assets.
-	Assets *rice.Box
-
-	// The Store is used to manage users, shareable links and
-	// other stuff that is saved on the database.
-	Store *Store
-
-	// PrefixURL is a part of the URL that is already trimmed from the request URL before it
-	// arrives to our handlers. It may be useful when using File Browser as a middleware
-	// such as in caddy-filemanager plugin. It is only useful in certain situations.
-	PrefixURL string
-
-	// BaseURL is the path where the GUI will be accessible. It musn't end with
-	// a trailing slash and mustn't contain PrefixURL, if set. It shouldn't be
-	// edited directly. Use SetBaseURL.
-	BaseURL string
-
-	// NoAuth disables the authentication. When the authentication is disabled,
-	// there will only exist one user, called "admin".
-	NoAuth bool
-
-	// ReCaptcha host, key and secret.
-	ReCaptchaHost   string
-	ReCaptchaKey    string
-	ReCaptchaSecret string
-
-	// StaticGen is the static websit generator handler.
-	StaticGen StaticGen
-
-	// The Default User needed to build the New User page.
-	DefaultUser *User
-
-	// A map of events to a slice of commands.
-	Commands map[string][]string
-
-	// Global stylesheet.
-	CSS string
-
-	// NewFS should build a new file system for a given path.
-	NewFS FSBuilder
-}
-
-var commandEvents = []string{
-	"before_save",
-	"after_save",
-	"before_publish",
-	"after_publish",
-	"before_copy",
-	"after_copy",
-	"before_rename",
-	"after_rename",
-	"before_upload",
-	"after_upload",
-	"before_delete",
-	"after_delete",
-}
-
-// Command is a command function.
-type Command func(r *http.Request, m *FileBrowser, u *User) error
-
-// FSBuilder is the File System Builder.
-type FSBuilder func(scope string) FileSystem
-
-// Setup loads the configuration from the database and configures
-// the Assets and the Cron job. It must always be run after
-// creating a File Browser object.
-func (m *FileBrowser) Setup() error {
-	// Creates a new File Browser instance with the Users
-	// map and Assets box.
-	m.Assets = rice.MustFindBox("./node_modules/filebrowser-frontend/dist")
-	m.Cron = cron.New()
-
-	// Tries to get the encryption key from the database.
-	// If it doesn't exist, create a new one of 256 bits.
-	err := m.Store.Config.Get("key", &m.Key)
-	if err != nil && err == ErrNotExist {
-		var bytes []byte
-		bytes, err = GenerateRandomBytes(64)
-		if err != nil {
-			return err
-		}
-
-		m.Key = bytes
-		err = m.Store.Config.Save("key", m.Key)
-	}
-
-	if err != nil {
-		return err
-	}
-
-	// Get the global CSS.
-	err = m.Store.Config.Get("css", &m.CSS)
-	if err != nil && err == ErrNotExist {
-		err = m.Store.Config.Save("css", "")
-	}
-
-	if err != nil {
-		return err
-	}
-
-	// Tries to get the event commands from the database.
-	// If they don't exist, initialize them.
-	err = m.Store.Config.Get("commands", &m.Commands)
-
-	if err == nil {
-		// Add hypothetically new command handlers.
-		for _, command := range commandEvents {
-			if _, ok := m.Commands[command]; ok {
-				continue
-			}
-
-			m.Commands[command] = []string{}
-		}
-	}
-
-	if err != nil && err == ErrNotExist {
-		m.Commands = map[string][]string{}
-
-		// Initialize the command handlers.
-		for _, command := range commandEvents {
-			m.Commands[command] = []string{}
-		}
-
-		err = m.Store.Config.Save("commands", m.Commands)
-	}
-
-	if err != nil {
-		return err
-	}
-
-	// Tries to fetch the users from the database.
-	users, err := m.Store.Users.Gets(m.NewFS)
-	if err != nil && err != ErrNotExist {
-		return err
-	}
-
-	// If there are no users in the database, it creates a new one
-	// based on 'base' User that must be provided by the function caller.
-	if len(users) == 0 {
-		u := *m.DefaultUser
-		u.Username = "admin"
-
-		// Hashes the password.
-		u.Password, err = HashPassword("admin")
-		if err != nil {
-			return err
-		}
-
-		// The first user must be an administrator.
-		u.Admin = true
-		u.AllowCommands = true
-		u.AllowNew = true
-		u.AllowEdit = true
-		u.AllowPublish = true
-
-		// Saves the user to the database.
-		if err := m.Store.Users.Save(&u); err != nil {
-			return err
-		}
-	}
-
-	m.DefaultUser.Username = ""
-	m.DefaultUser.Password = ""
-
-	m.Cron.AddFunc("@hourly", m.ShareCleaner)
-	m.Cron.Start()
-
-	return nil
-}
-
-// RootURL returns the actual URL where
-// File Browser interface can be accessed.
-func (m FileBrowser) RootURL() string {
-	return m.PrefixURL + m.BaseURL
-}
-
-// SetPrefixURL updates the prefixURL of a File
-// Manager object.
-func (m *FileBrowser) SetPrefixURL(url string) {
-	url = strings.TrimPrefix(url, "/")
-	url = strings.TrimSuffix(url, "/")
-	url = "/" + url
-	m.PrefixURL = strings.TrimSuffix(url, "/")
-}
-
-// SetBaseURL updates the baseURL of a File Browser
-// object.
-func (m *FileBrowser) SetBaseURL(url string) {
-	url = strings.TrimPrefix(url, "/")
-	url = strings.TrimSuffix(url, "/")
-	url = "/" + url
-	m.BaseURL = strings.TrimSuffix(url, "/")
-}
-
-// Attach attaches a static generator to the current File Browser.
-func (m *FileBrowser) Attach(s StaticGen) error {
-	if reflect.TypeOf(s).Kind() != reflect.Ptr {
-		return errors.New("data should be a pointer to interface, not interface")
-	}
-
-	err := s.Setup()
-	if err != nil {
-		return err
-	}
-
-	m.StaticGen = s
-
-	err = m.Store.Config.Get("staticgen_"+s.Name(), s)
-	if err == ErrNotExist {
-		return m.Store.Config.Save("staticgen_"+s.Name(), s)
-	}
-
-	return err
-}
-
-// ShareCleaner removes sharing links that are no longer active.
-// This function is set to run periodically.
-func (m FileBrowser) ShareCleaner() {
-	// Get all links.
-	links, err := m.Store.Share.Gets()
-	if err != nil {
-		log.Print(err)
-		return
-	}
-
-	// Find the expired ones.
-	for i := range links {
-		if links[i].Expires && links[i].ExpireDate.Before(time.Now()) {
-			err = m.Store.Share.Delete(links[i].Hash)
-			if err != nil {
-				log.Print(err)
-			}
-		}
-	}
-}
-
-// Runner runs the commands for a certain event type.
-func (m FileBrowser) Runner(event string, path string, destination string, user *User) error {
-	commands := []string{}
-
-	// Get the commands from the File Browser instance itself.
-	if val, ok := m.Commands[event]; ok {
-		commands = append(commands, val...)
-	}
-
-	// Execute the commands.
-	for _, command := range commands {
-		args := strings.Split(command, " ")
-		nonblock := false
-
-		if len(args) > 1 && args[len(args)-1] == "&" {
-			// Run command in background; non-blocking
-			nonblock = true
-			args = args[:len(args)-1]
-		}
-
-		command, args, err := caddy.SplitCommandAndArgs(strings.Join(args, " "))
-		if err != nil {
-			return err
-		}
-
-		cmd := exec.Command(command, args...)
-		cmd.Env = append(os.Environ(), fmt.Sprintf("FILE=%s", path))
-		cmd.Env = append(cmd.Env, fmt.Sprintf("ROOT=%s", user.Scope))
-		cmd.Env = append(cmd.Env, fmt.Sprintf("TRIGGER=%s", event))
-		cmd.Env = append(cmd.Env, fmt.Sprintf("USERNAME=%s", user.Username))
-
-		if destination != "" {
-			cmd.Env = append(cmd.Env, fmt.Sprintf("DESTINATION=%s", destination))
-		}
-
-		cmd.Stdin = os.Stdin
-		cmd.Stdout = os.Stdout
-		cmd.Stderr = os.Stderr
-
-		if nonblock {
-			log.Printf("[INFO] Nonblocking Command:\"%s %s\"", command, strings.Join(args, " "))
-			if err := cmd.Start(); err != nil {
-				return err
-			}
-
-			continue
-		}
-
-		log.Printf("[INFO] Blocking Command:\"%s %s\"", command, strings.Join(args, " "))
-		if err := cmd.Run(); err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-// DefaultUser is used on New, when no 'base' user is provided.
-var DefaultUser = User{
-	AllowCommands: true,
-	AllowEdit:     true,
-	AllowNew:      true,
-	AllowPublish:  true,
-	LockPassword:  false,
-	Commands:      []string{},
-	Rules:         []*Rule{},
-	CSS:           "",
-	Admin:         true,
-	Locale:        "",
-	Scope:         ".",
-	FileSystem:    fileutils.Dir("."),
-	ViewMode:      "mosaic",
-}
-
-// User contains the configuration for each user.
-type User struct {
-	// ID is the required primary key with auto increment0
-	ID int `storm:"id,increment"`
-
-	// Tells if this user is an admin.
-	Admin bool `json:"admin"`
-
-	// These indicate if the user can perform certain actions.
-	AllowCommands bool `json:"allowCommands"` // Execute commands
-	AllowEdit     bool `json:"allowEdit"`     // Edit/rename files
-	AllowNew      bool `json:"allowNew"`      // Create files and folders
-	AllowPublish  bool `json:"allowPublish"`  // Publish content (to use with static gen)
-
-	// Prevents the user to change its password.
-	LockPassword bool `json:"lockPassword"`
-
-	// Commands is the list of commands the user can execute.
-	Commands []string `json:"commands"`
-
-	// Custom styles for this user.
-	CSS string `json:"css"`
-
-	// FileSystem is the virtual file system the user has access.
-	FileSystem FileSystem `json:"-"`
-
-	// Locale is the language of the user.
-	Locale string `json:"locale"`
-
-	// The hashed password. This never reaches the front-end because it's temporarily
-	// emptied during JSON marshall.
-	Password string `json:"password"`
-
-	// Rules is an array of access and deny rules.
-	Rules []*Rule `json:"rules"`
-
-	// Scope is the path the user has access to.
-	Scope string `json:"filesystem"`
-
-	// Username is the user username used to login.
-	Username string `json:"username" storm:"index,unique"`
-
-	// User view mode for files and folders.
-	ViewMode string `json:"viewMode"`
-}
-
-// Allowed checks if the user has permission to access a directory/file.
-func (u User) Allowed(url string) bool {
-	var rule *Rule
-	i := len(u.Rules) - 1
-
-	for i >= 0 {
-		rule = u.Rules[i]
-
-		if rule.Regex {
-			if rule.Regexp.MatchString(url) {
-				return rule.Allow
-			}
-		} else if strings.HasPrefix(url, rule.Path) {
-			return rule.Allow
-		}
-
-		i--
-	}
-
-	return true
-}
-
-// Rule is a dissalow/allow rule.
-type Rule struct {
-	// Regex indicates if this rule uses Regular Expressions or not.
-	Regex bool `json:"regex"`
-
-	// Allow indicates if this is an allow rule. Set 'false' to be a disallow rule.
-	Allow bool `json:"allow"`
-
-	// Path is the corresponding URL path for this rule.
-	Path string `json:"path"`
-
-	// Regexp is the regular expression. Only use this when 'Regex' was set to true.
-	Regexp *Regexp `json:"regexp"`
-}
-
-// Regexp is a regular expression wrapper around native regexp.
-type Regexp struct {
-	Raw    string `json:"raw"`
-	regexp *regexp.Regexp
-}
-
-// MatchString checks if this string matches the regular expression.
-func (r *Regexp) MatchString(s string) bool {
-	if r.regexp == nil {
-		r.regexp = regexp.MustCompile(r.Raw)
-	}
-
-	return r.regexp.MatchString(s)
-}
-
-// ShareLink is the information needed to build a shareable link.
-type ShareLink struct {
-	Hash       string    `json:"hash" storm:"id,index"`
-	Path       string    `json:"path" storm:"index"`
-	Expires    bool      `json:"expires"`
-	ExpireDate time.Time `json:"expireDate"`
-}
-
-// Store is a collection of the stores needed to get
-// and save information.
-type Store struct {
-	Users  UsersStore
-	Config ConfigStore
-	Share  ShareStore
-}
-
-// UsersStore is the interface to manage users.
-type UsersStore interface {
-	Get(id int, builder FSBuilder) (*User, error)
-	GetByUsername(username string, builder FSBuilder) (*User, error)
-	Gets(builder FSBuilder) ([]*User, error)
-	Save(u *User) error
-	Update(u *User, fields ...string) error
-	Delete(id int) error
-}
-
-// ConfigStore is the interface to manage configuration.
-type ConfigStore interface {
-	Get(name string, to interface{}) error
-	Save(name string, from interface{}) error
-}
-
-// ShareStore is the interface to manage share links.
-type ShareStore interface {
-	Get(hash string) (*ShareLink, error)
-	GetPermanent(path string) (*ShareLink, error)
-	GetByPath(path string) ([]*ShareLink, error)
-	Gets() ([]*ShareLink, error)
-	Save(s *ShareLink) error
-	Delete(hash string) error
-}
-
-// StaticGen is a static website generator.
-type StaticGen interface {
-	SettingsPath() string
-	Name() string
-	Setup() error
-
-	Hook(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
-	Preview(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
-	Publish(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
-}
-
-// FileSystem is the interface to work with the file system.
-type FileSystem interface {
-	Mkdir(name string, perm os.FileMode) error
-	OpenFile(name string, flag int, perm os.FileMode) (*os.File, error)
-	RemoveAll(name string) error
-	Rename(oldName, newName string) error
-	Stat(name string) (os.FileInfo, error)
-	Copy(src, dst string) error
-}
-
-// Context contains the needed information to make handlers work.
-type Context struct {
-	*FileBrowser
-	User *User
-	File *File
-	// On API handlers, Router is the APi handler we want.
-	Router string
-}
-
-// HashPassword generates an hash from a password using bcrypt.
-func HashPassword(password string) (string, error) {
-	bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-	return string(bytes), err
-}
-
-// CheckPasswordHash compares a password with an hash to check if they match.
-func CheckPasswordHash(password, hash string) bool {
-	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
-	return err == nil
-}
-
-// GenerateRandomBytes returns securely generated random bytes.
-// It will return an fm.Error if the system's secure random
-// number generator fails to function correctly, in which
-// case the caller should not continue.
-func GenerateRandomBytes(n int) ([]byte, error) {
-	b := make([]byte, n)
-	_, err := rand.Read(b)
-	// Note that err == nil only if we read len(b) bytes.
-	if err != nil {
-		return nil, err
-	}
-
-	return b, nil
-}

files/file.go

@@ -0,0 +1,364 @@
+package files
+
+import (
+	"crypto/md5"  //nolint:gosec
+	"crypto/sha1" //nolint:gosec
+	"crypto/sha256"
+	"crypto/sha512"
+	"encoding/hex"
+	"hash"
+	"io"
+	"log"
+	"mime"
+	"net/http"
+	"os"
+	"path"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/spf13/afero"
+
+	"github.com/filebrowser/filebrowser/v2/errors"
+	"github.com/filebrowser/filebrowser/v2/rules"
+)
+
+// FileInfo describes a file.
+type FileInfo struct {
+	*Listing
+	Fs        afero.Fs          `json:"-"`
+	Path      string            `json:"path"`
+	Name      string            `json:"name"`
+	Size      int64             `json:"size"`
+	Extension string            `json:"extension"`
+	ModTime   time.Time         `json:"modified"`
+	Mode      os.FileMode       `json:"mode"`
+	IsDir     bool              `json:"isDir"`
+	IsSymlink bool              `json:"isSymlink"`
+	Type      string            `json:"type"`
+	Subtitles []string          `json:"subtitles,omitempty"`
+	Content   string            `json:"content,omitempty"`
+	Checksums map[string]string `json:"checksums,omitempty"`
+	Token     string            `json:"token,omitempty"`
+}
+
+// FileOptions are the options when getting a file info.
+type FileOptions struct {
+	Fs         afero.Fs
+	Path       string
+	Modify     bool
+	Expand     bool
+	ReadHeader bool
+	Token      string
+	Checker    rules.Checker
+	Content    bool
+}
+
+// NewFileInfo creates a File object from a path and a given user. This File
+// object will be automatically filled depending on if it is a directory
+// or a file. If it's a video file, it will also detect any subtitles.
+func NewFileInfo(opts FileOptions) (*FileInfo, error) {
+	if !opts.Checker.Check(opts.Path) {
+		return nil, os.ErrPermission
+	}
+
+	file, err := stat(opts)
+	if err != nil {
+		return nil, err
+	}
+
+	if opts.Expand {
+		if file.IsDir {
+			if err := file.readListing(opts.Checker, opts.ReadHeader); err != nil { //nolint:govet
+				return nil, err
+			}
+			return file, nil
+		}
+
+		err = file.detectType(opts.Modify, opts.Content, true)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return file, err
+}
+
+func stat(opts FileOptions) (*FileInfo, error) {
+	var file *FileInfo
+
+	if lstaterFs, ok := opts.Fs.(afero.Lstater); ok {
+		info, _, err := lstaterFs.LstatIfPossible(opts.Path)
+		if err != nil {
+			return nil, err
+		}
+		file = &FileInfo{
+			Fs:        opts.Fs,
+			Path:      opts.Path,
+			Name:      info.Name(),
+			ModTime:   info.ModTime(),
+			Mode:      info.Mode(),
+			IsDir:     info.IsDir(),
+			IsSymlink: IsSymlink(info.Mode()),
+			Size:      info.Size(),
+			Extension: filepath.Ext(info.Name()),
+			Token:     opts.Token,
+		}
+	}
+
+	// regular file
+	if file != nil && !file.IsSymlink {
+		return file, nil
+	}
+
+	// fs doesn't support afero.Lstater interface or the file is a symlink
+	info, err := opts.Fs.Stat(opts.Path)
+	if err != nil {
+		// can't follow symlink
+		if file != nil && file.IsSymlink {
+			return file, nil
+		}
+		return nil, err
+	}
+
+	// set correct file size in case of symlink
+	if file != nil && file.IsSymlink {
+		file.Size = info.Size()
+		file.IsDir = info.IsDir()
+		return file, nil
+	}
+
+	file = &FileInfo{
+		Fs:        opts.Fs,
+		Path:      opts.Path,
+		Name:      info.Name(),
+		ModTime:   info.ModTime(),
+		Mode:      info.Mode(),
+		IsDir:     info.IsDir(),
+		Size:      info.Size(),
+		Extension: filepath.Ext(info.Name()),
+		Token:     opts.Token,
+	}
+
+	return file, nil
+}
+
+// Checksum checksums a given File for a given User, using a specific
+// algorithm. The checksums data is saved on File object.
+func (i *FileInfo) Checksum(algo string) error {
+	if i.IsDir {
+		return errors.ErrIsDirectory
+	}
+
+	if i.Checksums == nil {
+		i.Checksums = map[string]string{}
+	}
+
+	reader, err := i.Fs.Open(i.Path)
+	if err != nil {
+		return err
+	}
+	defer reader.Close()
+
+	var h hash.Hash
+
+	//nolint:gosec
+	switch algo {
+	case "md5":
+		h = md5.New()
+	case "sha1":
+		h = sha1.New()
+	case "sha256":
+		h = sha256.New()
+	case "sha512":
+		h = sha512.New()
+	default:
+		return errors.ErrInvalidOption
+	}
+
+	_, err = io.Copy(h, reader)
+	if err != nil {
+		return err
+	}
+
+	i.Checksums[algo] = hex.EncodeToString(h.Sum(nil))
+	return nil
+}
+
+func (i *FileInfo) RealPath() string {
+	if realPathFs, ok := i.Fs.(interface {
+		RealPath(name string) (fPath string, err error)
+	}); ok {
+		realPath, err := realPathFs.RealPath(i.Path)
+		if err == nil {
+			return realPath
+		}
+	}
+
+	return i.Path
+}
+
+//nolint:goconst
+//TODO: use constants
+func (i *FileInfo) detectType(modify, saveContent, readHeader bool) error {
+	if IsNamedPipe(i.Mode) {
+		i.Type = "blob"
+		return nil
+	}
+	// failing to detect the type should not return error.
+	// imagine the situation where a file in a dir with thousands
+	// of files couldn't be opened: we'd have immediately
+	// a 500 even though it doesn't matter. So we just log it.
+
+	mimetype := mime.TypeByExtension(i.Extension)
+
+	var buffer []byte
+	if readHeader {
+		buffer = i.readFirstBytes()
+
+		if mimetype == "" {
+			mimetype = http.DetectContentType(buffer)
+		}
+	}
+
+	switch {
+	case strings.HasPrefix(mimetype, "video"):
+		i.Type = "video"
+		i.detectSubtitles()
+		return nil
+	case strings.HasPrefix(mimetype, "audio"):
+		i.Type = "audio"
+		return nil
+	case strings.HasPrefix(mimetype, "image"):
+		i.Type = "image"
+		return nil
+	case strings.HasSuffix(mimetype, "pdf"):
+		i.Type = "pdf"
+		return nil
+	case (strings.HasPrefix(mimetype, "text") || !isBinary(buffer)) && i.Size <= 10*1024*1024: // 10 MB
+		i.Type = "text"
+
+		if !modify {
+			i.Type = "textImmutable"
+		}
+
+		if saveContent {
+			afs := &afero.Afero{Fs: i.Fs}
+			content, err := afs.ReadFile(i.Path)
+			if err != nil {
+				return err
+			}
+
+			i.Content = string(content)
+		}
+		return nil
+	default:
+		i.Type = "blob"
+	}
+
+	return nil
+}
+
+func (i *FileInfo) readFirstBytes() []byte {
+	reader, err := i.Fs.Open(i.Path)
+	if err != nil {
+		log.Print(err)
+		i.Type = "blob"
+		return nil
+	}
+	defer reader.Close()
+
+	buffer := make([]byte, 512) //nolint:gomnd
+	n, err := reader.Read(buffer)
+	if err != nil && err != io.EOF {
+		log.Print(err)
+		i.Type = "blob"
+		return nil
+	}
+
+	return buffer[:n]
+}
+
+func (i *FileInfo) detectSubtitles() {
+	if i.Type != "video" {
+		return
+	}
+
+	i.Subtitles = []string{}
+	ext := filepath.Ext(i.Path)
+
+	// detect multiple languages. Base*.vtt
+	// TODO: give subtitles descriptive names (lang) and track attributes
+	parentDir := strings.TrimRight(i.Path, i.Name)
+	dir, err := afero.ReadDir(i.Fs, parentDir)
+	if err == nil {
+		base := strings.TrimSuffix(i.Name, ext)
+		for _, f := range dir {
+			if !f.IsDir() && strings.HasPrefix(f.Name(), base) && strings.HasSuffix(f.Name(), ".vtt") {
+				i.Subtitles = append(i.Subtitles, path.Join(parentDir, f.Name()))
+			}
+		}
+	}
+}
+
+func (i *FileInfo) readListing(checker rules.Checker, readHeader bool) error {
+	afs := &afero.Afero{Fs: i.Fs}
+	dir, err := afs.ReadDir(i.Path)
+	if err != nil {
+		return err
+	}
+
+	listing := &Listing{
+		Items:    []*FileInfo{},
+		NumDirs:  0,
+		NumFiles: 0,
+	}
+
+	for _, f := range dir {
+		name := f.Name()
+		fPath := path.Join(i.Path, name)
+
+		if !checker.Check(fPath) {
+			continue
+		}
+
+		isSymlink := false
+		if IsSymlink(f.Mode()) {
+			isSymlink = true
+			// It's a symbolic link. We try to follow it. If it doesn't work,
+			// we stay with the link information instead of the target's.
+			info, err := i.Fs.Stat(fPath)
+			if err == nil {
+				f = info
+			}
+		}
+
+		file := &FileInfo{
+			Fs:        i.Fs,
+			Name:      name,
+			Size:      f.Size(),
+			ModTime:   f.ModTime(),
+			Mode:      f.Mode(),
+			IsDir:     f.IsDir(),
+			IsSymlink: isSymlink,
+			Extension: filepath.Ext(name),
+			Path:      fPath,
+		}
+
+		if file.IsDir {
+			listing.NumDirs++
+		} else {
+			listing.NumFiles++
+
+			err := file.detectType(true, false, readHeader)
+			if err != nil {
+				return err
+			}
+		}
+
+		listing.Items = append(listing.Items, file)
+	}
+
+	i.Listing = listing
+	return nil
+}

files/listing.go

@@ -0,0 +1,110 @@
+package files
+
+import (
+	"sort"
+	"strings"
+
+	"github.com/maruel/natural"
+)
+
+// Listing is a collection of files.
+type Listing struct {
+	Items    []*FileInfo `json:"items"`
+	NumDirs  int         `json:"numDirs"`
+	NumFiles int         `json:"numFiles"`
+	Sorting  Sorting     `json:"sorting"`
+}
+
+// ApplySort applies the sort order using .Order and .Sort
+//nolint:goconst
+func (l Listing) ApplySort() {
+	// Check '.Order' to know how to sort
+	// TODO: use enum
+	if !l.Sorting.Asc {
+		switch l.Sorting.By {
+		case "name":
+			sort.Sort(sort.Reverse(byName(l)))
+		case "size":
+			sort.Sort(sort.Reverse(bySize(l)))
+		case "modified":
+			sort.Sort(sort.Reverse(byModified(l)))
+		default:
+			// If not one of the above, do nothing
+			return
+		}
+	} else { // If we had more Orderings we could add them here
+		switch l.Sorting.By {
+		case "name":
+			sort.Sort(byName(l))
+		case "size":
+			sort.Sort(bySize(l))
+		case "modified":
+			sort.Sort(byModified(l))
+		default:
+			sort.Sort(byName(l))
+			return
+		}
+	}
+}
+
+// Implement sorting for Listing
+type byName Listing
+type bySize Listing
+type byModified Listing
+
+// By Name
+func (l byName) Len() int {
+	return len(l.Items)
+}
+
+func (l byName) Swap(i, j int) {
+	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
+}
+
+// Treat upper and lower case equally
+func (l byName) Less(i, j int) bool {
+	if l.Items[i].IsDir && !l.Items[j].IsDir {
+		return l.Sorting.Asc
+	}
+
+	if !l.Items[i].IsDir && l.Items[j].IsDir {
+		return !l.Sorting.Asc
+	}
+
+	return natural.Less(strings.ToLower(l.Items[j].Name), strings.ToLower(l.Items[i].Name))
+}
+
+// By Size
+func (l bySize) Len() int {
+	return len(l.Items)
+}
+
+func (l bySize) Swap(i, j int) {
+	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
+}
+
+const directoryOffset = -1 << 31 // = math.MinInt32
+func (l bySize) Less(i, j int) bool {
+	iSize, jSize := l.Items[i].Size, l.Items[j].Size
+	if l.Items[i].IsDir {
+		iSize = directoryOffset + iSize
+	}
+	if l.Items[j].IsDir {
+		jSize = directoryOffset + jSize
+	}
+	return iSize < jSize
+}
+
+// By Modified
+func (l byModified) Len() int {
+	return len(l.Items)
+}
+
+func (l byModified) Swap(i, j int) {
+	l.Items[i], l.Items[j] = l.Items[j], l.Items[i]
+}
+
+func (l byModified) Less(i, j int) bool {
+	iModified, jModified := l.Items[i].ModTime, l.Items[j].ModTime
+	return iModified.Sub(jModified) < 0
+}

files/sorting.go

@@ -0,0 +1,7 @@
+package files
+
+// Sorting contains a sorting order.
+type Sorting struct {
+	By  string `json:"by"`
+	Asc bool   `json:"asc"`
+}

files/utils.go

@@ -0,0 +1,59 @@
+package files
+
+import (
+	"os"
+	"unicode/utf8"
+)
+
+func isBinary(content []byte) bool {
+	maybeStr := string(content)
+	runeCnt := utf8.RuneCount(content)
+	runeIndex := 0
+	gotRuneErrCnt := 0
+	firstRuneErrIndex := -1
+
+	const (
+		// 8 and below are control chars (e.g. backspace, null, eof, etc)
+		maxControlCharsCode = 8
+		// 0xFFFD(65533) is  the "error" Rune or "Unicode replacement character"
+		// see https://golang.org/pkg/unicode/utf8/#pkg-constants
+		unicodeReplacementChar = 0xFFFD
+	)
+
+	for _, b := range maybeStr {
+		if b <= maxControlCharsCode {
+			return true
+		}
+
+		if b == unicodeReplacementChar {
+			// if it is not the last (utf8.UTFMax - x) rune
+			if runeCnt > utf8.UTFMax && runeIndex < runeCnt-utf8.UTFMax {
+				return true
+			}
+			// else it is the last (utf8.UTFMax - x) rune
+			// there maybe Vxxx, VVxx, VVVx, thus, we may got max 3 0xFFFD rune (assume V is the byte we got)
+			// for Chinese, it can only be Vxx, VVx, we may got max 2 0xFFFD rune
+			gotRuneErrCnt++
+
+			// mark the first time
+			if firstRuneErrIndex == -1 {
+				firstRuneErrIndex = runeIndex
+			}
+		}
+		runeIndex++
+	}
+
+	// if last (utf8.UTFMax - x ) rune has the "error" Rune, but not all
+	if firstRuneErrIndex != -1 && gotRuneErrCnt != runeCnt-firstRuneErrIndex {
+		return true
+	}
+	return false
+}
+
+func IsNamedPipe(mode os.FileMode) bool {
+	return mode&os.ModeNamedPipe != 0
+}
+
+func IsSymlink(mode os.FileMode) bool {
+	return mode&os.ModeSymlink != 0
+}

fileutils/copy.go

@@ -0,0 +1,39 @@
+package fileutils
+
+import (
+	"os"
+	"path"
+
+	"github.com/spf13/afero"
+)
+
+// Copy copies a file or folder from one place to another.
+func Copy(fs afero.Fs, src, dst string) error {
+	if src = path.Clean("/" + src); src == "" {
+		return os.ErrNotExist
+	}
+
+	if dst = path.Clean("/" + dst); dst == "" {
+		return os.ErrNotExist
+	}
+
+	if src == "/" || dst == "/" {
+		// Prohibit copying from or to the virtual root directory.
+		return os.ErrInvalid
+	}
+
+	if dst == src {
+		return os.ErrInvalid
+	}
+
+	info, err := fs.Stat(src)
+	if err != nil {
+		return err
+	}
+
+	if info.IsDir() {
+		return CopyDir(fs, src, dst)
+	}
+
+	return CopyFile(fs, src, dst)
+}

fileutils/dir.go

@@ -0,0 +1,62 @@
+package fileutils
+
+import (
+	"errors"
+
+	"github.com/spf13/afero"
+)
+
+// CopyDir copies a directory from source to dest and all
+// of its sub-directories. It doesn't stop if it finds an error
+// during the copy. Returns an error if any.
+func CopyDir(fs afero.Fs, source, dest string) error {
+	// Get properties of source.
+	srcinfo, err := fs.Stat(source)
+	if err != nil {
+		return err
+	}
+
+	// Create the destination directory.
+	err = fs.MkdirAll(dest, srcinfo.Mode())
+	if err != nil {
+		return err
+	}
+
+	dir, _ := fs.Open(source)
+	obs, err := dir.Readdir(-1)
+	if err != nil {
+		return err
+	}
+
+	var errs []error
+
+	for _, obj := range obs {
+		fsource := source + "/" + obj.Name()
+		fdest := dest + "/" + obj.Name()
+
+		if obj.IsDir() {
+			// Create sub-directories, recursively.
+			err = CopyDir(fs, fsource, fdest)
+			if err != nil {
+				errs = append(errs, err)
+			}
+		} else {
+			// Perform the file copy.
+			err = CopyFile(fs, fsource, fdest)
+			if err != nil {
+				errs = append(errs, err)
+			}
+		}
+	}
+
+	var errString string
+	for _, err := range errs {
+		errString += err.Error() + "\n"
+	}
+
+	if errString != "" {
+		return errors.New(errString)
+	}
+
+	return nil
+}

fileutils/file.go

@@ -0,0 +1,128 @@
+package fileutils
+
+import (
+	"io"
+	"os"
+	"path"
+	"path/filepath"
+
+	"github.com/spf13/afero"
+)
+
+// MoveFile moves file from src to dst.
+// By default the rename filesystem system call is used. If src and dst point to different volumes
+// the file copy is used as a fallback
+func MoveFile(fs afero.Fs, src, dst string) error {
+	if fs.Rename(src, dst) == nil {
+		return nil
+	}
+	// fallback
+	err := CopyFile(fs, src, dst)
+	if err != nil {
+		_ = fs.Remove(dst)
+		return err
+	}
+	if err := fs.Remove(src); err != nil {
+		return err
+	}
+	return nil
+}
+
+// CopyFile copies a file from source to dest and returns
+// an error if any.
+func CopyFile(fs afero.Fs, source, dest string) error {
+	// Open the source file.
+	src, err := fs.Open(source)
+	if err != nil {
+		return err
+	}
+	defer src.Close()
+
+	// Makes the directory needed to create the dst
+	// file.
+	err = fs.MkdirAll(filepath.Dir(dest), 0666) //nolint:gomnd
+	if err != nil {
+		return err
+	}
+
+	// Create the destination file.
+	dst, err := fs.OpenFile(dest, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0775) //nolint:gomnd
+	if err != nil {
+		return err
+	}
+	defer dst.Close()
+
+	// Copy the contents of the file.
+	_, err = io.Copy(dst, src)
+	if err != nil {
+		return err
+	}
+
+	// Copy the mode
+	info, err := fs.Stat(source)
+	if err != nil {
+		return err
+	}
+	err = fs.Chmod(dest, info.Mode())
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// CommonPrefix returns common directory path of provided files
+func CommonPrefix(sep byte, paths ...string) string {
+	// Handle special cases.
+	switch len(paths) {
+	case 0:
+		return ""
+	case 1:
+		return path.Clean(paths[0])
+	}
+
+	// Note, we treat string as []byte, not []rune as is often
+	// done in Go. (And sep as byte, not rune). This is because
+	// most/all supported OS' treat paths as string of non-zero
+	// bytes. A filename may be displayed as a sequence of Unicode
+	// runes (typically encoded as UTF-8) but paths are
+	// not required to be valid UTF-8 or in any normalized form
+	// (e.g. "é" (U+00C9) and "é" (U+0065,U+0301) are different
+	// file names.
+	c := []byte(path.Clean(paths[0]))
+
+	// We add a trailing sep to handle the case where the
+	// common prefix directory is included in the path list
+	// (e.g. /home/user1, /home/user1/foo, /home/user1/bar).
+	// path.Clean will have cleaned off trailing / separators with
+	// the exception of the root directory, "/" (in which case we
+	// make it "//", but this will get fixed up to "/" bellow).
+	c = append(c, sep)
+
+	// Ignore the first path since it's already in c
+	for _, v := range paths[1:] {
+		// Clean up each path before testing it
+		v = path.Clean(v) + string(sep)
+
+		// Find the first non-common byte and truncate c
+		if len(v) < len(c) {
+			c = c[:len(v)]
+		}
+		for i := 0; i < len(c); i++ {
+			if v[i] != c[i] {
+				c = c[:i]
+				break
+			}
+		}
+	}
+
+	// Remove trailing non-separator characters and the final separator
+	for i := len(c) - 1; i >= 0; i-- {
+		if c[i] == sep {
+			c = c[:i]
+			break
+		}
+	}
+
+	return string(c)
+}

fileutils/file_test.go

@@ -0,0 +1,46 @@
+package fileutils
+
+import "testing"
+
+func TestCommonPrefix(t *testing.T) {
+	testCases := map[string]struct {
+		paths []string
+		want  string
+	}{
+		"same lvl": {
+			paths: []string{
+				"/home/user/file1",
+				"/home/user/file2",
+			},
+			want: "/home/user",
+		},
+		"sub folder": {
+			paths: []string{
+				"/home/user/folder",
+				"/home/user/folder/file",
+			},
+			want: "/home/user/folder",
+		},
+		"relative path": {
+			paths: []string{
+				"/home/user/folder",
+				"/home/user/folder/../folder2",
+			},
+			want: "/home/user",
+		},
+		"no common path": {
+			paths: []string{
+				"/home/user/folder",
+				"/etc/file",
+			},
+			want: "",
+		},
+	}
+	for name, tt := range testCases {
+		t.Run(name, func(t *testing.T) {
+			if got := CommonPrefix('/', tt.paths...); got != tt.want {
+				t.Errorf("CommonPrefix() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

frontend/assets.go

@@ -0,0 +1,13 @@
+//go:build !dev
+// +build !dev
+
+package frontend
+
+import "embed"
+
+//go:embed dist/*
+var assets embed.FS
+
+func Assets() embed.FS {
+	return assets
+}

frontend/assets_dev.go

@@ -0,0 +1,15 @@
+//go:build dev
+// +build dev
+
+package frontend
+
+import (
+	"io/fs"
+	"os"
+)
+
+var assets fs.FS = os.DirFS("frontend")
+
+func Assets() fs.FS {
+	return assets
+}

frontend/babel.config.js

@@ -0,0 +1,3 @@
+module.exports = {
+  presets: ["@vue/app"],
+};

frontend/dist/.gitignore

@@ -0,0 +1,4 @@
+# Ignore everything in this directory
+*
+# Except this file
+!.gitignore

frontend/package.json

@@ -0,0 +1,72 @@
+{
+  "name": "filebrowser-frontend",
+  "version": "2.0.0",
+  "private": true,
+  "scripts": {
+    "serve": "vue-cli-service serve",
+    "build": "find ./dist -maxdepth 1 -mindepth 1 ! -name '.gitignore' -exec rm -r {} + && vue-cli-service build --no-clean",
+    "lint": "npx vue-cli-service lint --no-fix --max-warnings=0",
+    "fix": "npx vue-cli-service lint",
+    "watch": "find ./dist -maxdepth 1 -mindepth 1 ! -name '.gitignore' -exec rm -r {} + && vue-cli-service build --watch --no-clean"
+  },
+  "dependencies": {
+    "ace-builds": "^1.4.7",
+    "clipboard": "^2.0.4",
+    "core-js": "^3.9.1",
+    "css-vars-ponyfill": "^2.4.3",
+    "js-base64": "^2.5.1",
+    "lodash.clonedeep": "^4.5.0",
+    "lodash.throttle": "^4.1.1",
+    "material-icons": "^1.10.5",
+    "moment": "^2.24.0",
+    "normalize.css": "^8.0.1",
+    "noty": "^3.2.0-beta",
+    "qrcode.vue": "^1.7.0",
+    "utif": "^3.1.0",
+    "vue": "^2.6.10",
+    "vue-i18n": "^8.15.3",
+    "vue-lazyload": "^1.3.3",
+    "vue-router": "^3.1.3",
+    "vuex": "^3.1.2",
+    "vuex-router-sync": "^5.0.0",
+    "whatwg-fetch": "^3.6.2"
+  },
+  "devDependencies": {
+    "@vue/cli-plugin-babel": "^4.1.2",
+    "@vue/cli-plugin-eslint": "~4.5.0",
+    "@vue/cli-service": "^4.1.2",
+    "@vue/eslint-config-prettier": "^6.0.0",
+    "babel-eslint": "^10.1.0",
+    "compression-webpack-plugin": "^6.0.3",
+    "eslint": "^6.7.2",
+    "eslint-plugin-prettier": "^3.3.1",
+    "eslint-plugin-vue": "^6.2.2",
+    "prettier": "^2.2.1",
+    "vue-template-compiler": "^2.6.10"
+  },
+  "eslintConfig": {
+    "root": true,
+    "env": {
+      "node": true
+    },
+    "extends": [
+      "plugin:vue/essential",
+      "eslint:recommended",
+      "@vue/prettier"
+    ],
+    "rules": {},
+    "parserOptions": {
+      "parser": "babel-eslint"
+    }
+  },
+  "postcss": {
+    "plugins": {
+      "autoprefixer": {}
+    }
+  },
+  "browserslist": [
+    "> 1%",
+    "last 2 versions",
+    "not ie < 11"
+  ]
+}

frontend/public/img/icons/browserconfig.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig>
+    <msapplication>
+        <tile>
+            <square150x150logo src="/mstile-150x150.png"/>
+            <TileColor>#455a64</TileColor>
+        </tile>
+    </msapplication>
+</browserconfig>