Skip to main content

Overview

Running copyparty as a systemd service ensures it starts automatically on boot and can be managed using standard systemd commands. This guide covers installation and configuration of copyparty as both a system-wide and user service.

System Service Installation

1

Download copyparty

Download the latest copyparty SFX to /usr/local/bin:
wget https://github.com/9001/copyparty/releases/latest/download/copyparty-sfx.py -O /usr/local/bin/copyparty-sfx.py
chmod +x /usr/local/bin/copyparty-sfx.py
Or if installed via package manager:
# Arch Linux
pacman -S copyparty

# Homebrew
brew install copyparty
2

Create copyparty user

Create a dedicated user for running the service:
useradd -r -s /sbin/nologin -m -d /var/lib/copyparty copyparty
3

Configure firewall

Open the required ports:
# For HTTP only
firewall-cmd --permanent --add-port=3923/tcp

# For all features (HTTP, FTP, SFTP, TFTP, etc.)
firewall-cmd --permanent --add-port={80,443,3921,3922,3923,3945,3990}/tcp
firewall-cmd --permanent --add-port=12000-12099/tcp  # FTP passive mode
firewall-cmd --permanent --add-port={69,1900,3969,5353}/udp  # TFTP, SSDP, mDNS

firewall-cmd --reload
4

Install service file

Download and install the systemd service file:
wget https://raw.githubusercontent.com/9001/copyparty/hovudstraum/contrib/systemd/copyparty.service
cp copyparty.service /etc/systemd/system/
Or create /etc/systemd/system/copyparty.service with the following content:
[Unit]
Description=copyparty file server

[Service]
Type=notify
SyslogIdentifier=copyparty
Environment=PYTHONUNBUFFERED=x
ExecReload=/bin/kill -s USR1 $MAINPID
PermissionsStartOnly=true

# User to run as + where the TLS certificate is (if any)
User=copyparty
Group=copyparty
WorkingDirectory=/var/lib/copyparty
Environment=XDG_CONFIG_HOME=/var/lib/copyparty/.config

# OPTIONAL: allow copyparty to listen on low ports (80/443)
AmbientCapabilities=CAP_NET_BIND_SERVICE

# Security hardening
MemoryMax=50%
MemorySwapMax=50%
ProtectClock=true
ProtectControlGroups=true
ProtectHostname=true
ProtectKernelLogs=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectProc=invisible
RemoveIPC=true
RestrictNamespaces=true
RestrictRealtime=true
RestrictSUIDSGID=true

# Create logs directory
LogsDirectory=copyparty

# Start copyparty
ExecStart=/usr/bin/python3 /usr/local/bin/copyparty-sfx.py -c /etc/copyparty.conf

# If installed from package manager, use:
# ExecStart=/usr/bin/copyparty -c /etc/copyparty.conf

[Install]
WantedBy=multi-user.target
5

Create configuration file

Create /etc/copyparty.conf with your settings:
[global]
  e2dsa  # enable file indexing
  e2ts   # enable multimedia indexing
  ansi   # colors in log messages
  
  # Log to file instead of journalctl
  q, lo: $LOGS_DIRECTORY/%Y-%m%d.log
  
  # Uncomment to listen on ports 80/443 (requires CAP_NET_BIND_SERVICE)
  # p: 80,443,3923

[accounts]
  admin: your_password_here

[/]
  /var/lib/copyparty-jail
  accs:
    r: *
    rwmda: admin
  flags:
    grid
The default configuration provides read access to everyone and full access to the admin user. Customize permissions according to your security requirements.
6

SELinux configuration (Fedora/RHEL)

If using SELinux:
restorecon -vr /etc/systemd/system/copyparty.service
7

Enable and start service

systemctl daemon-reload
systemctl enable --now copyparty
8

Verify service status

Check that the service is running:
systemctl status copyparty

# View logs
journalctl -u copyparty -f

# Or if logging to file:
tail -f /var/log/copyparty/$(date +%Y-%m%d).log

User Service Installation

For running copyparty as a regular user without root privileges:
1

Install user service file

Create ~/.config/systemd/user/copyparty.service:
[Unit]
Description=copyparty file server

[Service]
Type=notify
SyslogIdentifier=copyparty
WorkingDirectory=/var/lib/copyparty-jail
Environment=PYTHONUNBUFFERED=x
Environment=PRTY_CONFIG=%h/.config/copyparty/copyparty.conf
ExecReload=/bin/kill -s USR1 $MAINPID

# Ensure config exists
ExecStartPre=/bin/bash -c 'if [[ ! -f %h/.config/copyparty/copyparty.conf ]]; then mkdir -p %h/.config/copyparty; cp /etc/copyparty/copyparty.conf %h/.config/copyparty/copyparty.conf; fi'

# Run copyparty
ExecStart=/usr/bin/python3 /usr/bin/copyparty

[Install]
WantedBy=default.target
2

Create user configuration

Create ~/.config/copyparty/copyparty.conf with your settings.
3

Enable user service

systemctl --user daemon-reload
systemctl --user enable --now copyparty

# Enable linger to start service on boot without login
loginctl enable-linger $USER

Multi-Instance Setup

Run multiple copyparty instances with different configurations using template services:
1

Create template service

Create /etc/systemd/system/[email protected]:
[Unit]
Description=copyparty file server

[Service]
Type=notify
SyslogIdentifier=copyparty
WorkingDirectory=/var/lib/copyparty-jail
Environment=PYTHONUNBUFFERED=x
Environment=PRTY_CONFIG=/etc/copyparty/copyparty.conf
ExecReload=/bin/kill -s USR1 $MAINPID

# %i = instance name (e.g., copyparty@alice -> %i = alice)
User=%i
Environment=XDG_CONFIG_HOME=/home/%i/.config

ExecStart=/usr/bin/python3 /usr/bin/copyparty

[Install]
WantedBy=multi-user.target
2

Start instance for specific user

systemctl enable --now copyparty@alice
systemctl enable --now copyparty@bob

Chroot (prisonparty) Setup

For enhanced security, run copyparty in a chroot environment:
1

Download prisonparty script

wget https://raw.githubusercontent.com/9001/copyparty/hovudstraum/bin/prisonparty.sh -O /usr/local/bin/prisonparty.sh
chmod +x /usr/local/bin/prisonparty.sh
2

Create jail directory

mkdir -p /var/lib/copyparty-jail
3

Install prisonparty service

Create /etc/systemd/system/prisonparty.service:
[Unit]
Description=copyparty file server

[Service]
SyslogIdentifier=prisonparty
Environment=PYTHONUNBUFFERED=x
WorkingDirectory=/var/lib/copyparty-jail
ExecReload=/bin/kill -s USR1 $MAINPID

# Prevent systemd-tmpfiles-clean from deleting copyparty
ExecStartPre=+/bin/bash -c 'mkdir -p /run/tmpfiles.d/ && echo "x /tmp/pe-copyparty*" > /run/tmpfiles.d/copyparty.conf'

# Run in chroot: args are [jail_dir] [user] [group] [mount_points...] -- [copyparty args...]
ExecStart=/bin/bash /usr/local/bin/prisonparty.sh /var/lib/copyparty-jail cpp cpp \
  /mnt \
  -- \
  /usr/bin/python3 /usr/local/bin/copyparty-sfx.py -q -v /mnt::rw

[Install]
WantedBy=multi-user.target
The chroot setup provides additional isolation but requires careful configuration of mounted directories.
4

Enable and start

systemctl daemon-reload
systemctl enable --now prisonparty

Service Management

Common Commands

# Start service
systemctl start copyparty

# Stop service
systemctl stop copyparty

# Restart service
systemctl restart copyparty

# Reload configuration (no downtime)
systemctl reload copyparty
# or
kill -s USR1 $(pidof copyparty)

# View status
systemctl status copyparty

# View logs
journalctl -u copyparty -f

# Enable on boot
systemctl enable copyparty

# Disable on boot
systemctl disable copyparty

Configuration Reload

Copyparty supports reloading accounts and volumes without restarting: 
# Reload configuration
systemctl reload copyparty
Changes to the [global] section require a full restart to take effect.

Troubleshooting

Service Won’t Start

  1. Check service status: 
    systemctl status copyparty
  2. View detailed logs: 
    journalctl -u copyparty -n 100
  3. Verify configuration: 
    /usr/bin/python3 /usr/local/bin/copyparty-sfx.py -c /etc/copyparty.conf --help

Thumbnails Not Working

If thumbnails aren’t working, try removing the security hardening options temporarily: 
# Comment out these lines in the service file:
# ProtectClock=true
# ProtectControlGroups=true
# ...
Then reload and restart: 
systemctl daemon-reload
systemctl restart copyparty

Permission Issues

Ensure the copyparty user has access to shared directories: 
# Check ownership
ls -la /path/to/shared/folder

# Fix ownership if needed
chown -R copyparty:copyparty /path/to/shared/folder

Advanced Configuration

Logging to File

The service creates /var/log/copyparty/ automatically. Configure logging in /etc/copyparty.conf: 
[global]
  q  # Quiet mode (no stdout)
  lo: $LOGS_DIRECTORY/%Y-%m%d.log  # Log to dated files
  # Add .xz extension for compression:
  # lo: $LOGS_DIRECTORY/%Y-%m%d.log.xz

Listening on Ports 80/443

To listen on privileged ports without running as root:
  1. Ensure AmbientCapabilities=CAP_NET_BIND_SERVICE is in the service file
  2. Update configuration: 
    [global]
  p: 80,443,3923
  3. Reload and restart: 
    systemctl daemon-reload
systemctl restart copyparty
A reverse proxy (nginx/Apache) is recommended instead of direct port 80/443 access.

Next Steps

Docker Deployment

Run copyparty in a container

Reverse Proxy

Set up nginx or Apache

Security

Harden your installation

Build docs developers (and LLMs) love

Get started for freeTalk to us