Nuckel simple cloud storage

Nuckel is a simple PHP script for uploading and downloading files on any web server allowing PHP and write access to its file system.

Nuckel is Open Source Software. It is released under the terms of the MIT License.

It is alpha software, i.e. do not expect it to be complete, error free or documented in any way. If you want to give it a shot, grab it from the Sourceforge download page and place it on your web server in a directory that is writable from PHP. Navigate your browser to the URL of the file. It will create an initial passwd.php file that you must edit so you can log in.

If you like and your web server supports it, you can add an .htaccess file to hide the PHP script from the user. Mine looks like this:

order allow,deny
allow from all

<Files .*>
    deny from all

RewriteEngine on

RewriteBase /
RewriteRule ^$ nuckel.php [last]
RewriteCond %{REQUEST_URI} !/nuckel.php
RewriteRule (.*) nuckel.php/$1 [L,NS]

AddType image/x-icon ico

php_value upload_max_filesize 100M
php_value post_max_size 100M

Web interface

As long as you are not logged in, you'll probably see a very boring page. The most interesting feature is the → Login... link on the top. Click it and enter your username and password you have provided in passwd.php (you have already edited it, yes?).

If you are logged in, you'll see a list of Children, probabbly still empty. If you are logged in as some member of the uploaders group (in passwd.php), you also see a simple upload form. Use it and upload what you want by selecting some file and hitting the  (upload) button.

If you upload two files with the same name, the Overwrite checkbox controls whether the second one just overwrites the first one or if it gets appended to the list, leaving it inaccessible to mundane users (the URL always accesses the first of several like-named files).

Beneath each child file name there are a bunch of buttons.

Delete the file, no question asked. If this was the first (topmost) of several files with the same name, the next one gets active, i.e. accessible via the file name URL
Replace the active version with this version. This deletes the first (topmost) file with this name and moves the one you clicked to its position. Obviously this only makes sense when several files with the same name exist
 (move up)
Move this file one up in the listing. If you push the second one of several files with the same name before (above) the first one, the moved one becomes active, i.e. accessible via the file name URL. Obviously this only makes sense from the second file down
 (move down)
Move this file one down in the listing. Just like with ▴ this can change the active file with this name. Obviously this only makes sense from the second-last file up
 (set as proxy page)
Show this file to any user not logged in, instead of the boring, mostly-empty page. This mimicks a normal web server's index.html mechanism and allows for using Nuckel as a static web server with web-based upload. In fact, the very page you are reading now is served by a Nuckel as a proxy page. How you can log in without the link on the boring page? Bookmark it!

Below the Children list there is another form for editing the proxy page. You can freely enter an absolute path here (e.g. /index.html) and hit , or you can remove the proxy by hitting .

On the top, right between the upload form and the big heading, there is a button to trigger garbage collection. Deleting a file from a directory listing does not really delete the data from disk. So watch the size displayed here and colelct garbage when too much space is used.

Data format

All content is stored in the data/ directory. The root is described by a descriptor stored in root.json, which mainly refers to some file blob-ripemd128-xyzzy. This file contains, again in JSON format, descriptors for all children (referring to more blob- files) and possibly a proxy path (for ).

Every file is named after its content's ripemd-128 hash. This implies that if identical data gets uploaded several times, it gets only stored once. Which doesn't really make sense right now, but as soon as subdirectories are supported... It also implies that you cannot simply remove one of these files without checking first whether it is still referred to somewhere. That's what the garbage collection is for.