Disk space limitation option

[MuratovAS]

It would be very nice if I could allocate a certain quota of disk space for this application. This will limit the malicious use of the service.

[Rouji]

Would that offer any benefits over things like filesystem quotas, partitioning, loopback mounts, --storage-opt size=<something> in docker, etc.? (Not sure about OSs other than linux, but I suspect most people using this are going to be on linux)

[MuratovAS]

Indeed, most of the users are using Linux. At the same time, it seems to me that not everyone is ready to allocate a separate section for the needs of your application. Resizing a file system partition is generally not an easy task.

The tool provided by docker (--storage-opt), as I understand it, only applies to the container. If we bury files in volume, we cannot limit their size.

My proposal was primarily aimed at more aggressive use of Purging in case of insufficient disk space.

[Rouji]

The thing is, if you want to prevent bad things from happening because someone uploads a tonne of stuff, a thick-provisioned kind of thing is exactly what you want (apart from rate limiting etc).
If you limit the size of the upload dir to 500gb on a 1000gb partition, and then happen to have 600gb of other stuff on there too, someone can still make you run into all kinds of ENOSPC. (I'm guessing this is what you're trying to avoid) So you kind of need to reserve the entirety of your upload space anyway.

I'm not really sure what you mean by aggressive purging; sounds very different from quotas. Can you elaborate?

[MuratovAS]

You got it right. Indeed, it is possible to maliciously consume the entire disk space. But the limitation I suggested would free up the disk much faster (without waiting for MIN_FILEAGE).

The question is really difficult. We'll have to compromise. If we do not limit the space in any way, we will encounter overflow, thereby making the service unavailable. Or we cannot guarantee the storage period of the files.

Probably better to leave everything as it is :) the user needs guarantees of the file storage period.

[Rouji]

The problem with that is, if you start purging files earlier than normal, people can spam your server and basically delete other people's files. Another option for that kind of thing is the EXTERNAL_HOOK, which is sort of undocumented (see implementation here), but could be used to enforce a quota pretty easily.