C4illin
Adding antivirus scanning capabilities with ClamAV via API calls and Add User fucntion
new function will scan every file uploaded and if an infected file is found the action will be aborted
for this 2 new containers are needed, CLAMAV and CLAMAV API
clamav-rest-api: image: benzino77/clamav-rest-api:latest container_name: clamav-rest-api restart: unless-stopped environment: - NODE_ENV=production # field name expected in the multipart form - APP_FORM_KEY=FILES # talk to your existing ClamAV daemon - CLAMD_IP=CLAMAV_server_IP - CLAMD_PORT=3310 # max allowed file size (here: 250 MB) - APP_MAX_FILE_SIZE=262144000 ports: # outside:inside - "3000:3000"
clamav: image: clamav/clamav:latest container_name: clamav restart: unless-stopped ports: - "3310:3310" environment: - CLAMAV_NO_FRESHCLAMD=false
In ConvertX compose file we need a new field in environment - CLAMAV_URL=http://clam_av_api:3000/api/v1/scan
Summary by cubic
Add antivirus scanning for file uploads using ClamAV via a REST API; infected files are blocked before saving, the UI warns the user, and scanning can be toggled at runtime. Also adds one-click sharing of converted files via Erugo from the results page, plus a light/dark theme toggle and admin user management.
-
New Features
- Scan each uploaded file via CLAMAV_URL before writing to disk.
- If malware is found, return infected=true with virus details; infected files are not saved and conversion is aborted.
- Frontend shows an alert, removes the file row, and keeps Convert disabled until only clean files remain.
- Added logging; if ClamAV is unreachable, uploads proceed and are logged as a fail-open.
- New /api/antivirus to get/set AV status; scanning can be enabled/disabled at runtime.
- Share converted files to Erugo with optional email notification; share link is shown in the results UI. Requires ERUGO_BASE_URL and ERUGO_API_TOKEN.
- Added light/dark theme toggle with saved preference and a small theme-init script.
- User roles and admin tools: first user becomes admin; admins can add/edit/delete users from Account.
-
Migration
- Add clamav-rest-api and clamav services to docker compose.
- Set CLAMAV_URL to the REST API endpoint (e.g., http://clamav-rest-api:3000/api/v1/scan) in the app service.
- Configure clamav-rest-api to point to the clamav daemon (CLAMD_IP and CLAMD_PORT=3310).
- App external port changed to 8080.
- Optional: set ANTIVIRUS_ENABLED_DEFAULT=false to start with scanning disabled.
- Optional: set ERUGO_BASE_URL and ERUGO_API_TOKEN to enable result sharing.
Written for commit 2b7491a4b1ba69958b8752f60ff709143ccf1c71. Summary will update on new commits.
Nice idea! I would like this function to be behind a toggle. There isn't really that many things that could be infected since most conversions are images of different kinds.
Hi,
that will be also a good option, if you can help implementing it will be amassing, unfortunately something like that is over my skills.
Thank you
I have quite a lot to do at the moment sorry, but the toggle is just implementing an environment variable. Take a look at how the other ones are done if you want :)
HI,
Following your suggestion i added the toggle
If a Clam av server is not setup in docker-compose.yml using - CLAMAV_URL=http://clam_av_api:3000/api/v1/scan the toggle will be by inactive and deactivated and uploads will follow like normal.
Added User management function:
- add user;
- delete
- update First user created after application installation will be administrator by default, the rest of the users can be admin users or normal users.