124

GitHub - SinTan1729/chhoto-url: A simple, blazingly fast, selfhosted URL shortener with no unnecessary features; written in Rust. (github.com)

submitted 4 days ago by SinTan1729@programming.dev to c/selfhosted@lemmy.world

15 comments fedilink hide all child comments

A simple selfhosted URL shortener with no unnecessary features. Simplicity and speed are the main foci of this project. The docker image is ~6 MB (compressed), and it uses <5 MB of RAM under regular use.

you are viewing a single comment's thread
view the rest of the comments

[-] glizzyguzzler 5 points 4 days ago

Looks awesome and very efficient, does it also run with read_only: true (with a db volume provided, of course!)? Many containers just need a /tmp, but not always

[-] SinTan1729@programming.dev 3 points 4 days ago* (last edited 4 days ago)

Thanks. I had never tested this before. Seems like it throws errors. Of course, adding and deleting links don't work. But that's to be expected. But also link resolution fails since it cannot update the hit count properly. If this is a legitimate use case for you, I might work on making it work.

[-] glizzyguzzler 4 points 4 days ago* (last edited 4 days ago)

I try to slap anything I’d face the Internet with with the read_only to further restrict exploit possibilities, would be abs great if you could make it work! I just follow all reqs on the security cheat sheet, with read_only being one of them: https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html

With how simple it is I guessed that running as a userand restricting cap_drop: all wouldn’t be a problem.

For read_only many containers just need tmpfs: /tmp in addition to the volume for the db. I think many containers just try to contain temporary file writing to one directory to make applying read_only easier.

So again, I’d abs use it with read_only when you get the time to tune it!!

[-] SinTan1729@programming.dev 2 points 3 days ago* (last edited 3 days ago)

Upon further testing, this does actually work. You may set both read_only: true, and cap_drop: all and it will work as long as you have a named volume. I had it mount a database file from the host system for my test config, which is why I was getting the errors. I don't know how to make that work though i.e. when the db is bind mounted from the host system. Setting the mount :rw doesn't seem to fix it.

[-] glizzyguzzler 2 points 2 days ago

Odd, I’ll try to deploy this when I can and see!

I’ve never had a problem with a volume being on the host system, except with user permissions messed up. But if you haven’t given it a user parameter it’s running as root and shouldn’t have a problem. So I’ll see sometime and get back to you!

load more comments (1 replies)

this post was submitted on 28 Mar 2025

124 points (100.0% liked)

Selfhosted

45389 readers

507 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz