Lib.rs

Authentication
#file-server #web-server #http-file-server #tls #basic-auth #content-security-policy #listing #directory #logging

app servive

A stupid simple program to serve files over HTTP

by metdxt

5 releases (3 breaking)

Uses new Rust 2024

0.4.0 Jun 18, 2025
0.3.0 Jun 17, 2025
0.2.1 May 21, 2025
0.2.0 May 21, 2025
0.1.0 May 20, 2025

#176 in Authentication

Download history 64/week @ 2025-05-14 286/week @ 2025-05-21 1/week @ 2025-05-28 68/week @ 2025-06-11 187/week @ 2025-06-18 5/week @ 2025-06-25

260 downloads per month

MIT license

40KB
865 lines

servive - Simple HTTP File Server

A lightweight, secure HTTP file server written in Rust with TLS and basic authentication support.

Features

  • Serve files over HTTP/HTTPS
  • Basic authentication support
  • TLS encryption (via rustls)
  • Optional directory listing
  • Security headers (CSP, XSS protection, etc.)
  • Configurable logging levels
  • CLI configuration interface

Installation

From crates.io

cargo install servive

From source

git clone https://github.com/metdxt/servive.git
cd servive
cargo install --path .

Usage

Basic usage

servive -p 8080 -d ./public

With authentication

servive --username admin --password secret

With TLS

servive --tls --tls-cert cert.pem --tls-key key.pem

Disable directory listing

servive --no-list-dirs

Enable Content Security Policy

servive --enable-csp

Enable HSTS (requires TLS)

servive --tls --enable-hsts

With specific bind address

IPv4:

servive -b 192.168.1.100

IPv6:

servive -b ::1

Configuration Options

Option Description Default
-p, --port Port to listen on 8000
-d, --directory Directory to serve files from . (current dir)
--username Username for basic auth None
--password Password for basic auth None
--log-level Logging level (error, warn, info, debug, trace) info
--tls Enable TLS false
--tls-cert TLS certificate file path None
--tls-key TLS private key file path None
--no-list-dirs Disable directory listing false
-b, --bind Bind address (IPv4 or IPv6) 127.0.0.1
--show-dotfiles Show dotfiles (hidden by default) false
--enable-csp Enable Content Security Policy headers false
--enable-hsts Enable HTTP Strict Transport Security headers false
--max-file-size Maximum file size in bytes (0 for unlimited) unlimited

File Size Limits

If you wish to limit file size served to clients you can:

  • Set a custom limit with --max-file-size BYTES
  • Allow unlimited file sizes with --max-file-size 0 (this is default)

If limit is set servive will return 403 Forbidden if requested file is larger than the limit.

Security Considerations

  • Basic authentication credentials are transmitted in plaintext when not using TLS
  • Always use TLS in production environments
  • The server adds security headers by default:
    • X-Content-Type-Options
    • X-Frame-Options
    • X-XSS-Protection
  • Content-Security-Policy is optional (enabled with --enable-csp)
  • HSTS (HTTP Strict Transport Security) is now opt-in (enabled with --enable-hsts when using TLS)

Building from Source

  1. Clone the repository:
git clone https://github.com/metdxt/servive.git
cd servive
  1. Build in release mode:
cargo build --release

The binary will be available at target/release/servive

License

The project is distributed under the MIT license

Dependencies

~9–21MB
~292K SLoC