Storage
Local filesystem storage for images and uploads.
Overview
Retrospend stores uploaded files (avatars, project images, receipts) on the local filesystem. In Docker, this is a named volume mounted at /data/uploads. No extra services or configuration required.
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
| UPLOAD_DIR | optional | /data/uploads | Directory path where uploaded files are stored. In Docker this is a named volume mounted at /data/uploads. |
Directory Structure
/data/uploads/
avatars/{userId}-{timestamp}.webp
projects/{projectId}-{timestamp}.webp
receipts/{userId}/{filename}.webpImage Processing
Uploaded images are automatically resized and converted to WebP.
Avatars
400x400 WebP. Cropped on upload via the avatar editor.
Project Images
400x400 WebP. Used as project cover images.
Receipts
Max 1200px wide, WebP. Original aspect ratio preserved.
Supported Formats
JPEG, PNG, WebP, and GIF. Files are validated by magic bytes, not just the file extension. Maximum upload size is 5 MB.
Security
Images are served through the /api/images/ route, not directly from the filesystem. Path traversal is prevented by rejecting paths containing .. and validating all path characters.
Backups
The uploads directory is a standard Docker named volume. Back it up with your preferred Docker volume backup tool, or mount a host directory instead for direct filesystem backups.