This issue made me think of an app idea: https://github.com/nextcloud/server/issues/2523
Leaving the technical details aside, from a user experience point of view, I imagine an app that would provide a generic user (such as “static-bot”). Whenever a real user shares a folder with this user, the contents of the folder will be synced to a location that is publicly available.
Quick example:
User X of example.org/nextcloud
wants to share a static site, consisting of a folder animalfarm
with these files:
– index.html
– logo.png
– animals
–– dog.jpg
–– cat.jpg
–– cow.jpg
They put them in a folder in their nextcloud and share it with the user “static-bot” to have read permission.
Now the static site will be available at static.example.org/animalfarm
.
As a bonus the user could add a file auth.txt
with the content kittenlover:secret
which will be translated to a Basic Authentication by the „static-bot“ and not copied to the public directory.
I know this is a very specific use case and also not the solution for the linked issue. It’s just an idea for a specific scenario that I personally could find useful. Now my question is, which prerequisites would need to be fulfilled to make this work as secure as possible. (As I read about some security concerns in the linked issue already).
My (amateurish) mind would come up with the following problems to solve:
- I don’t know if PHP can do all that stuff. Maybe a shell-script would be easier to do the job, but then how to listen to file changes and have a simple user to share the files with? I know how I would do this stuff with rsync, but I wouldn’t know how to do it in PHP.
- Maybe the public dir (for security reasons) shouldn’t be able to run any PHP-files, but only be able to serve static content. This requires special server configuration, but I wouldn’t mind that for this use case.
- How would I keep the folders in sync, in case the user changes some files in the shared folder?
Well, maybe this isn’t a good idea at all. But feel free to share your thoughts on this specific use case with me …