cryptgeon/README.md

222 lines
11 KiB
Markdown
Raw Normal View History

2021-05-02 12:40:06 +00:00
<p align="center">
2021-11-23 14:43:57 +00:00
<img src="./design/Github.png" alt="logo">
2021-05-02 12:40:06 +00:00
</p>
2021-05-01 10:40:02 +00:00
2021-11-23 14:43:57 +00:00
<a href="https://discord.gg/nuby6RnxZt">
<img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
<img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
<img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
<img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
</a>
2021-05-02 14:02:57 +00:00
2022-07-08 08:45:40 +00:00
<br/><br/>
2022-03-02 15:32:36 +00:00
<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" height="50" /></a>
<a href=""><img src="./.github/lokalise.png" height="50">
2024-09-03 13:57:29 +00:00
<a title="Install cryptgeon Raycast Extension" href="https://www.raycast.com/cupcakearmy/cryptgeon"><img src="https://www.raycast.com/cupcakearmy/cryptgeon/install_button@2x.png?v=1.1" height="64" alt="" style="height: 64px;"></a>
2022-07-08 08:45:40 +00:00
<br/><br/>
2021-06-01 10:23:08 +00:00
2024-08-23 09:02:30 +00:00
EN | [简体中文](README_zh-CN.md) | [ES](README_ES.md)
2021-05-02 12:40:06 +00:00
## About?
2023-05-25 17:06:07 +00:00
_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com).
It includes a server, a web page and a CLI client.
2021-05-02 12:40:06 +00:00
2022-03-02 15:32:36 +00:00
> 🌍 If you want to translate the project feel free to reach out to me.
>
> Thanks to [Lokalise](https://lokalise.com/) for providing free access to their platform.
2022-10-24 14:35:54 +00:00
## Live Service / Demo
2021-05-02 13:24:19 +00:00
2023-05-25 17:06:07 +00:00
### Web
2022-10-24 14:35:54 +00:00
Check out the live service / demo and see for yourself [cryptgeon.org](https://cryptgeon.org)
2021-05-02 13:24:19 +00:00
2023-05-25 17:06:07 +00:00
### CLI
```
npx cryptgeon send text "This is a secret note"
```
For more documentation about the CLI see the [readme](./packages/cli/README.md).
2024-09-03 13:57:29 +00:00
### Raycast Extension
There is an [official Raycast extension](https://www.raycast.com/cupcakearmy/cryptgeon).
<a title="Install cryptgeon Raycast Extension" href="https://www.raycast.com/cupcakearmy/cryptgeon"><img src="https://www.raycast.com/cupcakearmy/cryptgeon/install_button@2x.png?v=1.1" height="64" alt="" style="height: 64px;"></a>
2021-05-02 12:40:06 +00:00
## Features
2023-05-25 17:06:07 +00:00
- send text or files
2021-05-03 10:21:44 +00:00
- server cannot decrypt contents due to client side encryption
2021-12-22 13:54:02 +00:00
- view or time constraints
2021-05-02 12:40:06 +00:00
- in memory, no persistence
2021-05-02 14:57:56 +00:00
- obligatory dark mode support
2021-05-02 12:40:06 +00:00
## How does it work?
2021-12-30 21:36:28 +00:00
each note has a generated <code>id (256bit)</code> and <code>key 256(bit)</code>. The
<code>id</code>
is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the
client side with the <code>key</code> and then sent to the server. data is stored in memory and
never persisted to disk. the server never sees the encryption key and cannot decrypt the contents
of the notes even if it tried to.
2021-05-02 12:40:06 +00:00
2025-01-18 02:52:13 +00:00
> View counts are guaranteed with one running instance of cryptgeon. Multiple instances connected to the same Redis instance can run into race conditions, where a note might be retrieved more than the view count allows.
2021-05-02 13:12:04 +00:00
## Screenshot
2021-05-02 15:12:12 +00:00
![screenshot](./design/Screens.png)
2021-05-02 13:12:04 +00:00
## Environment Variables
| Variable | Default | Description |
| ----------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `REDIS` | `redis://redis/` | Redis URL to connect to. [According to format](https://docs.rs/redis/latest/redis/#connection-parameters) |
| `SIZE_LIMIT` | `1 KiB` | Max size for body. Accepted values according to [byte-unit](https://docs.rs/byte-unit/). <br> `512 MiB` is the maximum allowed. <br> The frontend will show that number including the ~35% encoding overhead. |
| `MAX_VIEWS` | `100` | Maximal number of views. |
| `MAX_EXPIRATION` | `360` | Maximal expiration in minutes. |
| `ALLOW_ADVANCED` | `true` | Allow custom configuration. If set to `false` all notes will be one view only. |
| `ALLOW_FILES` | `true` | Allow uploading files. If set to `false`, users will only be allowed to create text notes. |
| `ID_LENGTH` | `32` | Set the size of the note `id` in bytes. By default this is `32` bytes. This is useful for reducing link size. _This setting does not affect encryption strength_. |
| `VERBOSITY` | `warn` | Verbosity level for the backend. [Possible values](https://docs.rs/env_logger/latest/env_logger/#enabling-logging) are: `error`, `warn`, `info`, `debug`, `trace` |
| `THEME_IMAGE` | `""` | Custom image for replacing the logo. Must be publicly reachable |
| `THEME_TEXT` | `""` | Custom text for replacing the description below the logo |
| `THEME_PAGE_TITLE` | `""` | Custom text the page title |
| `THEME_FAVICON` | `""` | Custom url for the favicon. Must be publicly reachable |
2024-08-27 13:11:18 +00:00
| `THEME_NEW_NOTE_NOTICE` | `true` | Show the message about how notes are stored in the memory and may be evicted after creating a new note. Defaults to `true`. |
2024-09-24 08:23:53 +00:00
| `IMPRINT_URL` | `""` | Custom url for an Imprint hosted somewhere else. Must be publicly reachable. Takes precedence above `IMPRINT_HTML`. |
| `IMPRINT_HTML` | `""` | Alternative to `IMPRINT_URL`, this can be used to specify the HTML code to show on `/imprint`. Only `IMPRINT_HTML` or `IMPRINT_URL` should be specified, not both.|
2021-05-02 12:40:06 +00:00
## Deployment
2023-06-23 08:15:31 +00:00
> `https` is required otherwise browsers will not support the cryptographic functions.
> There is a health endpoint available at `/api/health/`. It returns either 200 or 503.
2021-09-01 09:10:02 +00:00
2021-12-16 12:54:15 +00:00
### Docker
2021-05-02 14:02:57 +00:00
Docker is the easiest way. There is the [official image here](https://hub.docker.com/r/cupcakearmy/cryptgeon).
2021-05-02 12:40:06 +00:00
```yaml
# docker-compose.yml
version: '3.8'
2021-05-02 12:40:06 +00:00
services:
redis:
image: redis:7-alpine
2022-10-24 14:11:50 +00:00
# Set a size limit. See link below on how to customise.
# https://redis.io/docs/manual/eviction/
2023-06-23 08:15:31 +00:00
# command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
2021-05-02 12:40:06 +00:00
app:
image: cupcakearmy/cryptgeon:latest
2021-05-04 17:30:25 +00:00
depends_on:
- redis
2021-12-22 13:54:02 +00:00
environment:
2022-10-24 14:11:50 +00:00
# Size limit for a single note.
SIZE_LIMIT: 4 MiB
2021-05-02 12:40:06 +00:00
ports:
2023-01-13 18:36:26 +00:00
- 80:8000
2023-06-23 08:15:31 +00:00
# Optional health checks
# healthcheck:
# test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
# interval: 1m
# timeout: 3s
# retries: 2
# start_period: 5s
2021-05-02 12:40:06 +00:00
```
2021-12-16 12:54:15 +00:00
### NGINX Proxy
2021-12-20 16:42:35 +00:00
2021-12-16 12:54:15 +00:00
See the [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.
### Traefik 2
2022-07-26 13:49:06 +00:00
See the [examples/traefik](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/traefik) folder.
2021-12-16 12:54:15 +00:00
2022-07-26 13:49:06 +00:00
### Scratch
2021-12-16 12:54:15 +00:00
2022-07-26 13:49:06 +00:00
See the [examples/scratch](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/scratch) folder. There you'll find a guide how to setup a server and install cryptgeon from scratch.
2021-12-16 12:54:15 +00:00
2022-07-26 13:49:06 +00:00
### Synology
2021-12-16 12:54:15 +00:00
2022-07-26 13:49:06 +00:00
There is a [guide](https://mariushosting.com/how-to-install-cryptgeon-on-your-synology-nas/) you can follow.
2021-12-20 16:42:35 +00:00
2022-10-24 14:35:54 +00:00
### YouTube Guides
2023-05-13 06:41:05 +00:00
- English by [Webnestify](https://www.youtube.com/watch?v=XAyD42I7wyI)
2022-10-24 14:35:54 +00:00
- English by [DB Tech](https://www.youtube.com/watch?v=S0jx7wpOfNM) [Previous Video](https://www.youtube.com/watch?v=JhpIatD06vE)
- German by [ApfelCast](https://www.youtube.com/watch?v=84ZMbE9AkHg)
2024-06-16 20:34:44 +00:00
### Written Guides
- French by [zarevskaya](https://belginux.com/installer-cryptgeon-avec-docker/)
2024-08-27 13:11:18 +00:00
- Italian by [@nicfab](https://notes.nicfab.eu/it/posts/cryptgeon/)
- English by [@nicfab](https://notes.nicfab.eu/en/posts/cryptgeon/)
2024-06-16 20:34:44 +00:00
2021-05-02 13:52:03 +00:00
## Development
2022-04-12 07:12:40 +00:00
**Requirements**
2021-05-02 13:52:03 +00:00
2024-08-23 09:02:30 +00:00
- `pnpm`: `>=9`
- `node`: `>=22`
2022-04-12 07:12:40 +00:00
- `rust`: edition `2021`
**Install**
```bash
pnpm install
# Also you need cargo watch if you don't already have it installed.
# https://lib.rs/crates/cargo-watch
cargo install cargo-watch
```
**Run**
Make sure you have docker running.
```bash
pnpm run dev
```
Running `pnpm run dev` in the root folder will start the following things:
2021-05-02 13:52:03 +00:00
- redis docker container
- rust backend
- client
2023-05-25 17:06:07 +00:00
- cli
2021-05-02 13:52:03 +00:00
2024-08-23 12:27:59 +00:00
You can see the app under [localhost:3000](http://localhost:3000).
2021-05-02 13:52:03 +00:00
2023-05-30 07:43:41 +00:00
> There is a Postman collection with some example requests [available in the repo](./Cryptgeon.postman_collection.json)
### Tests
Tests are end to end tests written with Playwright.
```sh
pnpm run test:prepare
# Use the test or test:local script. The local version only runs in one browser for quicker development.
pnpm run test:local
```
2022-09-10 11:13:09 +00:00
## Security
Please refer to the security section [here](./SECURITY.md).
2023-05-25 17:06:07 +00:00
---
_Attributions_
2021-05-02 12:40:06 +00:00
- Test data:
- Text for tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)
- [AES Paper](https://www.cs.miami.edu/home/burt/learning/Csc688.012/rijndael/rijndael_doc_V2.pdf)
- [Unsplash Pictures](https://unsplash.com/)
- Loading animation by [Nikhil Krishnan](https://codepen.io/nikhil8krishnan/pen/rVoXJa)
- Icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>