The best and recommended way to connect to copyparty (either from windows, linux, or macos) is with WebDAV – this will give you much higher performance. WebDAV is also a MUCH safer choice when connecting over the internet, since it is just https after all. Meanwhile, exposing SMB to the internet is generally a recipe for, well… nasty surprises :-)

There are also very copyparty-specific reasons to not use the SMB-server, and these are explained in the readme. That’s also why the SMB-server is not possible to enable in any of the official copyparty distributions without manually obtaining the necessary dependencies for that (impacket).

There were comments about security risks though, based on being a small project with a LOT of integrations.

time will show, but the only thing i actively regret adding was the support for discord embeds (the “og” option); opengraph is an awfully designed concept and, unrelatedly, it has been a source of a handful of bugs in how it was implemented in copyparty (that one’s on me). Keeping that disabled avoids a lot of edgecases, most of which are decreed by the opengraph spec.

That said, there’s no features keeping me up at night; i think for the most part things are fine – just don’t enable the smb server 😁

hfs v2 (the old banger of an exe) is no longer being maintained and has some known unfixed vulnerabilities, however there is now a rewrite (hfs v3) which is shaping up really nicely.

should also mention that copyparty is also available as a windows exe which will run without python or any other dependencies

sooo this is one of the things that started with someone saying “wouldn’t it be funny if…”

if you open copyparty-sfx.py in a text editor, you’ll see how – but please make sure to use an editor which is able to handle about 600 KiB of comments which contain invalid utf8 / binary garbage 😁

I ended up rolling my own packer since I wanted optimal encoding efficiency, and everything I could find would do stuff like base85 or ucs2 tricks, but it turns out python is perfectly happy with binary garbage in comments if you declare that the file is latin-1 so it realizes all hope is lost :D

the only drawback of the sfx.py is that it needs to extract to $TEMP before running, so that’s the slight advantage of the zipapp (the .pyz alternative), but that suffers from some performance reduction in return, and is more hermetic (doesn’t let you swap out the bundled dependencies with fresh versions as easily if necessary)

Yep! Depending on what your home connection looks like, you have a few options:

if you are lucky enough to have your own private IP-address and are able to open ports, then you’re almost done already – you can put copyparty on some port (or keep the default 3923), and then anyone could connect to it by going to https://your.ip.address:3923/

(with this approach, you will want to create your own HTTPS certificate so the traffic is properly encrypted – the best option here is to get a domain and get a certificate for the domain)

however, if you are behind CGNAT, meaning your internet provider has given you a shared IP-address, then people cannot connect directly to your home-PC. One way around that issue is by setting up a machine somewhere on the internet which bridges the gap back home to your PC. Cloudflare offers this as service, and this is explained in the copyparty readme – see the “at home” section for one way to do that.

if you are against using Cloudflare for idealistic reasons (they are becoming quite powerful since they run a whole lot of the internet), then you can set up a cheap VPS which serves the same purpose. That’s my setup, and how you are accessing the copyparty demo server right now – I have the cheapest VPS you can get from Hetzner. The VPS is running nginx, and it forwards the traffic to my homeserver through an SSH tunnel. I haven’t documented this approach in the copyparty readme, but I have a feeling a lot of other people have :>

it’s such an impressive project! Amazing what they’ve accomplished in so little time, and so important too – we need as many options as we can get.

BTRFS and ZFS support real deduplication via copy on write, and would eliminate all current disadvantages of symlink and hardlink deduplication. It just works.

yeah that’s a good point, I’ll add an option to take advantage of this if you know you’re running on a filesystem where that works as intended.

Why have it be one huge python source file?

oh don’t worry, it’s all separate files during development – there’s a build-stage which bundles everything up into a single file for distribution. But thanks for the concern :D

Thanks a lot for the kind words! ready to answer questions if you hit any bumps :>

As long as it’s not causing any issues or drawbacks for modern python versions (and it isn’t), I don’t see any reason to do that – on the contrary, I know people are running copyparty on retro equipment, so I’d very much prefer to keep it for as long as possible :>

SFTP is not currently on the roadmap, but it’s not entirely implausible.

FTPS is supported, but it requires an optional dependency to be installed (pyopenssl), so it’s not available in the Windows EXE. And I just realized that the dependency is currently not present inside the docker images either, so I’ll get that fixed right away.

That’s a neat idea – I’ve heard that a lot of stuff uses the subsonic API under the hood, so I’ll see what it would take to become compatible with that. At first glance it looks like I’d have to mine and index way more information about audio files, but could still be doable :>

what’s stopping you? was the very first thing I did, don’t regret it for a second – https://ocv.me/b/img/IMG_20230811_121845_049.1ssy.jpg “i’m about to finish setting up my pixel alright” :p

So for example if you updated the file and need to re-upload it, there is no way for you to delete the previous one.

if this is something you’d fancy then copyparty might be worth a look – it lets uploaders undo their own uploads within a configurable timeframe, even in folders where they only have write-only access (the ability to upload files without seeing existing files).

disclaimer: I’m the author – and also thrilled to see someone else suggesting it in the thread!

It depends who you ask (which we can already tell hehe), but I’d say YES, because you’re the one running the show – you’re free to grab all of your bits and pieces at any time, and move to a different provider. That flexibility of not being locked into one specific cloud service (which can suddenly take a bad turn) is what’s precious to me.

And on a related note, I also make sure that this applies to my software-stack too – I’m not running anything that would be annoying to swap out if it turns bad.

Hadn’t heard about PirateBox before – love the concept, but nah aside from a small amount of overlap they’re very different things :-)

When users join the PirateBox wireless network and open a web browser, they are automatically redirected to the PirateBox welcome page. Users can anonymously chat, post images or comments on the bulletin board, watch or listen to streaming media, or upload and download files inside their web browser.

I guess if you put copyparty on a raspberry pi (or boot the copyparty live-cd on a nuc) then you get something vaguely similar – a wifi node where you can download and upload files, but none of the other stuff (chat, messageboard, captive portal). Maybe cool ideas for future spinoff projects hehe

Mind if I suggest my own software, copyparty?

Regarding authentication, someone who has an account (in this case just yourself) can create password-protected shares which other people can browse, or upload, or browse+upload to (configurable when creating the share).

There is WebDAV support, and it should integrate well enough with shares, but I haven’t tested that specifically.

It has photo and video thumbnails, and a basic image-viewer, and with some elbow-grease it can also show exif-tags (gps-coordinates etc).

There is also optional file dedup, so if two people upload the same file, it’ll detect and skip that during the 2nd upload (doesn’t waste any bandwidth) and swap out the new file with a symlink to the existing one. Default disabled to avoid surprising someone with symlinks.

I think the following command would be enough to get you started:

wget https://github.com/9001/copyparty/releases/latest/download/copyparty-sfx.py
python3 copyparty-sfx.py -a sintan:yourpassword -v .::A,sintan --shr=/shr -e2dsa -e2ts

but since that’s entirely unreadable, you can do it with a config file instead,

[global]
  e2dsa  # enable filesystem indexing 
  e2ts  # enable media indexing (music tags)
  shr: /shr  # enable shares under this url

[accounts]
  sintan: yourpassword 

[/]  # create a volume at this url
  /srv/share/partypics  # the filesystem path to share
  accs:
    sintan: A  # give sintan read-write-move-delete-admin

and use it like this:

python3 copyparty-sfx.py -c the.conf

there’s another example here and here for inspiration.

one of the main reasons SQLite is gaining in popularity is because people are realizing it has higher performance than separate databases in many usecases. Keeping the communication in-process cuts a lot of overhead (network, memcpys). The fact that you also don’t have to go through the trouble of configuring a separate service is just a bonus :-)

Absolutely; if I was a company, or hosting something important, or something that was intended for the general public, then I’d agree.

But I’m just an idiot hosting whimsical stuff from my basement, and 99% of it is only of interest for my friends. I know ~everyone in my target audience, and I know that none of them use a VPN for general-purpose browsing.

As it is, I don’t mind keeping the door open to the general public, but nothing of value will be lost if I need to pull the plug on some more ASN’s to preserve my bandwidth. For example when a guy hopping through a VPN in Sweden decides to download the same zip file thousands of times, wasting terabytes of traffic over a few hours (this happened a week ago).

and filtering malicious traffic is more important to me than you visiting my services, so I guess that makes us even :-)

hey, copyparty dev here - I’ll be upfront and warn that if you’re looking for a service to do full bidirectional file syncing, with proper file tracking and versioning, then something like syncthing is a better choice. Copyparty is able to do single-direction syncing of local folders to the server pretty well (using copyparty’s u2c or rclone), but that’s about it.

But if you’re looking for something to handle file uploads faster than many alternatives, or any of the other features listed in the readme, then I’d be happy to help if you ever get stuck somewhere :>