cryptgeon/README.md

137 lines
4.4 KiB
Markdown
Raw Permalink Normal View History

2021-05-02 12:40:06 +00:00
<p align="center">
2021-11-23 14:43:57 +00:00
<img src="./design/Github.png" alt="logo">
2021-05-02 12:40:06 +00:00
</p>
2021-05-01 10:40:02 +00:00
2021-11-23 14:43:57 +00:00
<a href="https://discord.gg/nuby6RnxZt">
<img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
<img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
<img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
<img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
</a>
2021-05-02 14:02:57 +00:00
2021-11-23 14:43:57 +00:00
<br/>
2021-06-01 10:23:08 +00:00
<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" style="width: 250px; height: 54px;" width="250" height="54" /></a>
2021-11-23 14:43:57 +00:00
<br/>
2021-06-01 10:23:08 +00:00
2021-05-02 12:40:06 +00:00
## About?
2021-12-22 13:54:02 +00:00
_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com)
2021-05-02 12:40:06 +00:00
2021-05-02 13:24:19 +00:00
## Demo
Check out the demo and see for yourself https://cryptgeon.nicco.io.
2021-05-02 12:40:06 +00:00
## Features
2021-05-03 10:21:44 +00:00
- server cannot decrypt contents due to client side encryption
2021-12-22 13:54:02 +00:00
- view or time constraints
2021-05-02 12:40:06 +00:00
- in memory, no persistence
2021-05-02 14:57:56 +00:00
- obligatory dark mode support
2021-05-02 12:40:06 +00:00
## How does it work?
2021-12-30 21:36:28 +00:00
each note has a generated <code>id (256bit)</code> and <code>key 256(bit)</code>. The
<code>id</code>
is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the
client side with the <code>key</code> and then sent to the server. data is stored in memory and
never persisted to disk. the server never sees the encryption key and cannot decrypt the contents
of the notes even if it tried to.
2021-05-02 12:40:06 +00:00
2021-05-02 13:12:04 +00:00
## Screenshot
2021-05-02 15:12:12 +00:00
![screenshot](./design/Screens.png)
2021-05-02 13:12:04 +00:00
## Environment Variables
| Variable | Default | Description |
| ------------ | ----------------- | --------------------------------------------------------------------------------------- |
| `MEMCACHE` | `memcached:11211` | Memcached URL to connect to. |
| `SIZE_LIMIT` | `1 KiB` | Max size for body. Accepted values according to [byte-unit](https://docs.rs/byte-unit/) |
2021-05-02 12:40:06 +00:00
## Deployment
2021-09-01 09:10:02 +00:00
`https` is required otherwise browsers will not support the cryptographic functions.
2021-12-16 12:54:15 +00:00
### Docker
2021-05-02 14:02:57 +00:00
Docker is the easiest way. There is the [official image here](https://hub.docker.com/r/cupcakearmy/cryptgeon).
2021-05-02 12:40:06 +00:00
```yaml
# docker-compose.yml
version: '3.7'
services:
memcached:
image: memcached:1-alpine
2021-12-22 12:10:08 +00:00
entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will.
2021-05-02 12:40:06 +00:00
app:
image: cupcakearmy/cryptgeon:latest
2021-05-04 17:30:25 +00:00
depends_on:
2021-09-01 08:19:15 +00:00
- memcached
2021-12-22 13:54:02 +00:00
environment:
SIZE_LIMIT: 4M
2021-05-02 12:40:06 +00:00
ports:
- 80:5000
```
2021-12-16 12:54:15 +00:00
### NGINX Proxy
2021-12-20 16:42:35 +00:00
2021-12-16 12:54:15 +00:00
See the [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.
### Traefik 2
Assumptions:
- External proxy docker network `proxy`
- A certificate resolver `le`
- A https entrypoint `secure`
- Domain name `example.org`
```yaml
version: '3.8'
networks:
proxy:
external: true
services:
memcached:
image: memcached:1-alpine
restart: unless-stopped
2021-12-22 13:54:02 +00:00
entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will.
2021-12-16 12:54:15 +00:00
app:
image: cupcakearmy/cryptgeon:latest
restart: unless-stopped
depends_on:
- memcached
networks:
- default
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.cryptgeon.rule=Host(`example.org`)
- traefik.http.routers.cryptgeon.entrypoints=secure
- traefik.http.routers.cryptgeon.tls.certresolver=le
```
2021-12-20 16:42:35 +00:00
2021-05-02 13:52:03 +00:00
## Development
1. Clone
2021-12-16 12:40:50 +00:00
2. run `pnpm i` in the root and and client `client/` folders.
3. Run `pnpm run dev` to start development.
2021-05-02 13:52:03 +00:00
Running `npm run dev` in the root folder will start the following things
- a memcache docker container
- rust backend with hot reload
- client with hot reload
2021-12-20 17:14:59 +00:00
You can see the app under [localhost:1234](http://localhost:1234).
2021-05-02 13:52:03 +00:00
2021-05-02 12:40:06 +00:00
###### Attributions
Icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>