Merge pull request #106 from cupcakearmy/2.4.0

2.4.0

.github/workflows/release.yml

@@ -12,15 +12,22 @@ jobs:
     steps:
       - uses: actions/checkout@v3
 
+      - uses: pnpm/action-setup@v2
       - uses: actions/setup-node@v3
         with:
+          cache: 'pnpm'
           node-version-file: '.nvmrc'
-      - uses: pnpm/action-setup@v2
+          registry-url: 'https://registry.npmjs.org'
 
       - run: |
           pnpm install --frozen-lockfile
           pnpm run build
 
+      - run: npm publish
+        working-directory: ./packages/cli
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
   docker:
     runs-on: ubuntu-latest
     steps:

.github/workflows/test.yaml

@@ -13,10 +13,11 @@ jobs:
       - uses: actions/checkout@v3
 
       # Node
+      - uses: pnpm/action-setup@v2
       - uses: actions/setup-node@v3
         with:
+          cache: 'pnpm'
           node-version-file: '.nvmrc'
-      - uses: pnpm/action-setup@v2
 
       # Docker
       - uses: docker/setup-qemu-action@v2

.nvmrc

@@ -1 +1 @@
-v18.16
+v20.9.0

CHANGELOG.md

@@ -5,18 +5,30 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [2.3.0] - 2023-05-XX
-
-### Added
-
-- New CLI 🎉
-- Russian language
+## [2.4.0] - 2023-11-01
 
 ### Changed
 
-- Moved to monorepo
+- Removed HTML sanitation, display the original message as string
+- Links are now displayed under the note in a separate section
 
-## [2.2.0] - 2023-01-14
+## [2.3.1] - 2023-06-23
+
+### Added
+
+- #92: Endpoint (`/api/live/`) for checking health status.
+
+## [2.3.0] - 2023-05-30
+
+### Added
+
+- New CLI 🎉.
+- Russian language.
+- Option for reducing note id size (`ID_LENGTH`).
+
+### Changed
+
+- Moved to monorepo.
 
 ### Changed
 

Cryptgeon.postman_collection.json

@@ -1,6 +1,6 @@
 {
 	"info": {
-		"_postman_id": "52d9e661-2d99-47f8-b09a-40b6a1c0b364",
+		"_postman_id": "3aaeac19-4eac-4911-b3c8-912b17a48634",
 		"name": "Cryptgeon",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
 	},
@@ -137,7 +137,7 @@
 								}
 							],
 							"cookie": [],
-							"body": null
+							"body": ""
 						}
 					]
 				},
@@ -479,7 +479,7 @@
 								}
 							],
 							"cookie": [],
-							"body": null
+							"body": ""
 						}
 					]
 				}
@@ -489,7 +489,7 @@
 			"name": "Status",
 			"item": [
 				{
-					"name": "Get",
+					"name": "Get server status",
 					"request": {
 						"method": "GET",
 						"header": [],
@@ -554,6 +554,106 @@
 							"body": "{\n    \"version\": \"2.3.0-beta.4\",\n    \"max_size\": 10485760,\n    \"max_views\": 100,\n    \"max_expiration\": 360,\n    \"allow_advanced\": true,\n    \"theme_image\": \"\",\n    \"theme_text\": \"\",\n    \"theme_page_title\": \"\",\n    \"theme_favicon\": \"\"\n}"
 						}
 					]
+				},
+				{
+					"name": "Health Check",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/live/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"live",
+								""
+							]
+						},
+						"description": "Return `200` for healthy service. `503` if service is unavailable."
+					},
+					"response": [
+						{
+							"name": "Healthy",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/live/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"live",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Thu, 22 Jun 2023 20:17:58 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						},
+						{
+							"name": "Service Unavilable",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/live/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"live",
+										""
+									]
+								}
+							},
+							"status": "Service Unavailable",
+							"code": 503,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Thu, 22 Jun 2023 20:18:55 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						}
+					]
 				}
 			]
 		}

Dockerfile

@@ -8,11 +8,9 @@ RUN pnpm run build
 
 
 # BACKEND
-FROM rust:1.69-alpine as backend
+FROM rust:1.73-alpine as backend
 WORKDIR /tmp
 RUN apk add libc-dev openssl-dev alpine-sdk
-COPY ./packages/backend/Cargo.* ./
-RUN cargo fetch
 COPY ./packages/backend ./
 RUN cargo build --release
 
@@ -20,6 +18,7 @@ RUN cargo build --release
 # RUNNER
 FROM alpine
 WORKDIR /app
+RUN apk add --no-cache curl 
 COPY --from=backend /tmp/target/release/cryptgeon .
 COPY --from=client /tmp/packages/frontend/build ./frontend
 ENV FRONTEND_PATH="./frontend"

README.md

@@ -14,11 +14,12 @@
 <a href=""><img src="./.github/lokalise.png" height="50">
 <br/><br/>
 
-EN | [简体中文](README_zh-CN.md)
+EN | [简体中文](README_zh-CN.md) | [ES](README_ES.md) 
 
 ## About?
 
-_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com)
+_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com).
+It includes a server, a web page and a CLI client.
 
 > 🌍 If you want to translate the project feel free to reach out to me.
 >
@@ -26,10 +27,21 @@ _cryptgeon_ is a secure, open source sharing note or file service inspired by [_
 
 ## Live Service / Demo
 
+### Web
+
 Check out the live service / demo and see for yourself [cryptgeon.org](https://cryptgeon.org)
 
+### CLI
+
+```
+npx cryptgeon send text "This is a secret note"
+```
+
+For more documentation about the CLI see the [readme](./packages/cli/README.md).
+
 ## Features
 
+- send text or files
 - server cannot decrypt contents due to client side encryption
 - view or time constraints
 - in memory, no persistence
@@ -57,6 +69,7 @@ of the notes even if it tried to.
 | `MAX_VIEWS`        | `100`            | Maximal number of views.                                                                                                                                                                                      |
 | `MAX_EXPIRATION`   | `360`            | Maximal expiration in minutes.                                                                                                                                                                                |
 | `ALLOW_ADVANCED`   | `true`           | Allow custom configuration. If set to `false` all notes will be one view only.                                                                                                                                |
+| `ID_LENGTH`        | `32`             | Set the size of the note `id` in bytes. By default this is `32` bytes. This is useful for reducing link size. _This setting does not affect encryption strength_.                                             |
 | `VERBOSITY`        | `warn`           | Verbosity level for the backend. [Possible values](https://docs.rs/env_logger/latest/env_logger/#enabling-logging) are: `error`, `warn`, `info`, `debug`, `trace`                                             |
 | `THEME_IMAGE`      | `""`             | Custom image for replacing the logo. Must be publicly reachable                                                                                                                                               |
 | `THEME_TEXT`       | `""`             | Custom text for replacing the description below the logo                                                                                                                                                      |
@@ -65,7 +78,9 @@ of the notes even if it tried to.
 
 ## Deployment
 
-ℹ️ `https` is required otherwise browsers will not support the cryptographic functions.
+> ℹ️ `https` is required otherwise browsers will not support the cryptographic functions.
+
+> ℹ️ There is a health endpoint available at `/api/health/`. It returns either 200 or 503.
 
 ### Docker
 
@@ -81,7 +96,7 @@ services:
     image: redis:7-alpine
     # Set a size limit. See link below on how to customise.
     # https://redis.io/docs/manual/eviction/
-    command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
+    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
 
   app:
     image: cupcakearmy/cryptgeon:latest
@@ -92,6 +107,14 @@ services:
       SIZE_LIMIT: 4 MiB
     ports:
       - 80:8000
+
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s
 ```
 
 ### NGINX Proxy
@@ -121,14 +144,13 @@ There is a [guide](https://mariushosting.com/how-to-install-cryptgeon-on-your-sy
 **Requirements**
 
 - `pnpm`: `>=6`
-- `node`: `>=16`
+- `node`: `>=18`
 - `rust`: edition `2021`
 
 **Install**
 
 ```bash
 pnpm install
-pnpm --prefix frontend install
 
 # Also you need cargo watch if you don't already have it installed.
 # https://lib.rs/crates/cargo-watch
@@ -148,19 +170,19 @@ Running `pnpm run dev` in the root folder will start the following things:
 - redis docker container
 - rust backend
 - client
+- cli
 
 You can see the app under [localhost:1234](http://localhost:1234).
 
-## Tests
+> There is a Postman collection with some example requests [available in the repo](./Cryptgeon.postman_collection.json)
+
+### Tests
 
 Tests are end to end tests written with Playwright.
 
 ```sh
 pnpm run test:prepare
-docker compose up redis -d
-pnpm run test:server
 
-# In another terminal.
 # Use the test or test:local script. The local version only runs in one browser for quicker development.
 pnpm run test:local
 ```
@@ -169,7 +191,9 @@ pnpm run test:local
 
 Please refer to the security section [here](./SECURITY.md).
 
-###### Attributions
+---
+
+_Attributions_
 
 - Test data:
   - Text for tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)

README_ES.md

@@ -0,0 +1,200 @@
+<p align="center">
+  <img src="./design/Github.png" alt="logo">
+</p>
+
+<a href="https://discord.gg/nuby6RnxZt">
+  <img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
+  <img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
+</a>
+
+<br/><br/>
+<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" height="50" /></a>
+<a href=""><img src="./.github/lokalise.png" height="50">
+<br/><br/>
+
+[EN](README.md) | [简体中文](README_zh-CN.md) | ES
+
+## Acerca de
+
+_cryptgeon_ es un servicio seguro y de código abierto para compartir notas o archivos inspirado en [_PrivNote_](https://privnote.com).
+Incluye un servidor, una página web y una interfaz de línea de comandos (CLI, por sus siglas en inglés).
+
+> 🌍 Si quieres traducir este proyecto no dudes en ponerte en contacto conmigo.
+>
+> Gracias a [Lokalise](https://lokalise.com/) por darnos acceso gratis a su plataforma.
+
+## Demo
+
+### Web
+
+Prueba la demo y experimenta por ti mismo [cryptgeon.org](https://cryptgeon.org)
+
+### CLI
+
+```
+npx cryptgeon send text "Esto es una nota secreta"
+```
+
+Puedes revisar la documentación sobre el CLI en este [readme](./packages/cli/README.md).
+
+## Características
+
+- enviar texto o archivos
+- el servidor no puede desencriptar el contenido debido a que la encriptación se hace del lado del cliente
+- restriccion de vistas o de tiempo
+- en memoria, sin persistencia
+- compatibilidad obligatoria con el modo oscuro
+
+## ¿Cómo funciona?
+
+Se genera una <code>id (256bit)</code> y una <code>llave 256(bit)</code> para cada nota. La
+<code>id</code>
+se usa para guardar y recuperar la nota. Después la nota es encriptada con la <code>llave</code> y con aes en modo gcm del lado del cliente y por último se envía al servidor. La información es almacenada en memoria y nunca persiste en el disco. El servidor nunca ve la llave de encriptación por lo que no puede desencriptar el contenido de las notas aunque lo intentara.
+
+## Capturas de pantalla
+
+![screenshot](./design/Screens.png)
+
+## Variables de entorno
+
+| Variable           | Default          | Descripción                                                                                                                                                                                                   |
+| ------------------ | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `REDIS`            | `redis://redis/` | Redis URL a la que conectarse. [Según el formato](https://docs.rs/redis/latest/redis/#connection-parameters)                                                                                                     |
+| `SIZE_LIMIT`       | `1 KiB`          | Tamaño máximo. Valores aceptados según la [unidad byte](https://docs.rs/byte-unit/). <br> `512 MiB` es el máximo permitido. <br> El frontend mostrará ese número, incluyendo el ~35% de sobrecarga de codificación. |
+| `MAX_VIEWS`        | `100`            | Número máximo de vistas.                                                                                                                                                                                      |
+| `MAX_EXPIRATION`   | `360`            | Tiempo máximo de expiración en minutos.                                                                                                                                                                                |
+| `ALLOW_ADVANCED`   | `true`           | Permitir configuración personalizada. Si se establece en `false` todas las notas serán de una sola vista.                                                                                                                                |
+| `ID_LENGTH`        | `32`             | Establece el tamaño en bytes de la `id` de la nota. Por defecto es de `32` bytes. Esto es util para reducir el tamaño del link. _Esta configuración no afecta el nivel de encriptación_.                                             |
+| `VERBOSITY`        | `warn`           | Nivel de verbosidad del backend. [Posibles valores](https://docs.rs/env_logger/latest/env_logger/#enabling-logging): `error`, `warn`, `info`, `debug`, `trace`                                             |
+| `THEME_IMAGE`      | `""`             | Imagen personalizada para reemplazar el logo. Debe ser accesible públicamente.                                                                                                                                               |
+| `THEME_TEXT`       | `""`             | Texto personalizado para reemplazar la descripción bajo el logo.                                                                                                                                                      |
+| `THEME_PAGE_TITLE` | `""`             | Texto personalizado para el título                                                                                                                                                                                    |
+| `THEME_FAVICON`    | `""`             | Url personalizada para el favicon. Debe ser accesible públicamente.                                                                                                                                                        |
+
+## Despliegue
+
+> ℹ️ Se requiere `https` de lo contrario el navegador no soportará las funciones de encriptacón.
+
+> ℹ️ Hay un endpoint para verificar el estado, lo encontramos en `/api/health/`. Regresa un código 200 o 503.
+
+### Docker
+
+Docker es la manera más fácil. Aquí encontramos [la imágen oficial](https://hub.docker.com/r/cupcakearmy/cryptgeon).
+
+```yaml
+# docker-compose.yml
+
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+    # Set a size limit. See link below on how to customise.
+    # https://redis.io/docs/manual/eviction/
+    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    environment:
+      # Size limit for a single note.
+      SIZE_LIMIT: 4 MiB
+    ports:
+      - 80:8000
+
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s
+```
+
+### NGINX Proxy
+
+Ver la carpeta de [ejemplo/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx). Hay un ejemplo con un proxy simple y otro con https. Es necesario que especifiques el nombre del servidor y los certificados.
+
+### Traefik 2
+
+Ver la carpeta de [ejemplo/traefik](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/traefik).
+
+### Scratch
+
+Ver la carpeta de [ejemplo/scratch](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/scratch). Ahí encontrarás una guía de cómo configurar el servidor e instalar cryptgeon desde cero.
+
+### Synology
+
+Hay una [guía](https://mariushosting.com/how-to-install-cryptgeon-on-your-synology-nas/) (en inglés) que puedes seguir.
+
+### Guías en Youtube
+
+- En inglés, por [Webnestify](https://www.youtube.com/watch?v=XAyD42I7wyI)
+- En inglés, por [DB Tech](https://www.youtube.com/watch?v=S0jx7wpOfNM) [Previous Video](https://www.youtube.com/watch?v=JhpIatD06vE)
+- En alemán, por [ApfelCast](https://www.youtube.com/watch?v=84ZMbE9AkHg)
+
+## Desarrollo
+
+**Requisitos**
+
+- `pnpm`: `>=6`
+- `node`: `>=18`
+- `rust`: edition `2021`
+
+**Instalación**
+
+```bash
+pnpm install
+
+# También necesitas cargo-watch, si no lo tienes instalado.
+# https://lib.rs/crates/cargo-watch
+cargo install cargo-watch
+```
+
+**Ejecutar**
+
+Asegurate de que docker se esté ejecutando.
+
+```bash
+pnpm run dev
+```
+
+Ejecutando `pnpm run dev` en la carpeta raíz iniciará lo siguiente:
+
+- redis docker container
+- rust backend
+- client
+- cli
+
+Puedes ver la app en [localhost:1234](http://localhost:1234).
+
+> Existe una colección de Postman con algunas peticiones de ejemplo [disponible en el repo](./Cryptgeon.postman_collection.json)
+
+### Tests
+
+Los tests son end-to-end tests escritos con Playwright.
+
+```sh
+pnpm run test:prepare
+
+# Usa el script test o test:local. La versión local solo corre en el navegador para acelerar el desarrollo.
+pnpm run test:local
+```
+
+## Seguridad
+
+Por favor dirigite a la sección de seguridad [aquí](./SECURITY.md).
+
+---
+
+_Atribuciones_
+
+- Datos del Test:
+  - Texto para los tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)
+  - [AES Paper](https://www.cs.miami.edu/home/burt/learning/Csc688.012/rijndael/rijndael_doc_V2.pdf)
+  - [Unsplash Imágenes](https://unsplash.com/)
+- Animación de carga por [Nikhil Krishnan](https://codepen.io/nikhil8krishnan/pen/rVoXJa)
+- Iconos hechos por <a href="https://www.freepik.com" title="Freepik">freepik</a> de <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>

README_zh-CN.md

@@ -14,7 +14,7 @@
 <a href=""><img src="./.github/lokalise.png" height="50">
 <br/>
 
-[EN](README.md) | 简体中文
+[EN](README.md) | 简体中文 | [ES](README_ES.md) 
 
 ## 关于本项目
 

cryptgeon.code-workspace

@@ -17,7 +17,7 @@
     }
   ],
   "settings": {
-    "i18n-ally.localesPaths": ["packages/frontend/locales"],
+    "i18n-ally.localesPaths": ["locales"],
     "cSpell.words": ["cryptgeon"]
   }
 }

docker-compose.dev.yaml

@@ -16,3 +16,10 @@ services:
       - redis
     ports:
       - 1234:8000
+
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+      interval: 1m
+      timeout: 3s
+      retries: 2
+      start_period: 5s

docker-compose.yaml

@@ -16,3 +16,11 @@ services:
       SIZE_LIMIT: 4 MiB
     ports:
       - 80:8000
+    
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s

package.json

@@ -1,5 +1,5 @@
 {
-  "packageManager": "pnpm@8.4.0",
+  "packageManager": "pnpm@8.10.1",
   "scripts": {
     "dev:docker": "docker-compose -f docker-compose.dev.yaml up redis",
     "dev:packages": "pnpm --parallel run dev",
@@ -13,8 +13,8 @@
     "build": "pnpm run --recursive --filter=!@cryptgeon/backend build"
   },
   "devDependencies": {
-    "@playwright/test": "^1.33.0",
-    "@types/node": "^20.1.3",
+    "@playwright/test": "^1.39.0",
+    "@types/node": "^20.8.10",
     "npm-run-all": "^4.1.5",
     "shelljs": "^0.8.5"
   }

packages/backend/Cargo.toml

@@ -1,18 +1,14 @@
 [package]
 name = "cryptgeon"
-version = "2.3.0-beta.4"
+version = "2.4.0"
 authors = ["cupcakearmy <hi@nicco.io>"]
 edition = "2021"
+rust-version = "1.73"
 
 [[bin]]
 name = "cryptgeon"
 path = "src/main.rs"
 
-[registries.crates-io]
-protocol = "sparse"
-
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
 [dependencies]
 actix-web = "4"
 actix-files = "0.6"
@@ -25,4 +21,5 @@ byte-unit = "4"
 dotenv = "0.15"
 mime = "0.3"
 env_logger = "0.9"
-redis = "0.21.5"
+log = "0.4"
+redis = "0.23"

packages/backend/src/api.rs

@@ -1,5 +1,6 @@
 use actix_web::web;
 
+use crate::health;
 use crate::note;
 use crate::status;
 
@@ -7,6 +8,7 @@ pub fn init(cfg: &mut web::ServiceConfig) {
     cfg.service(
         web::scope("/api")
             .service(note::init())
-            .service(status::init()),
+            .service(status::init())
+            .service(health::init()),
     );
 }

packages/backend/src/config.rs

@@ -30,6 +30,10 @@ lazy_static! {
     .unwrap_or("true".to_string())
     .parse()
     .unwrap();
+  pub static ref ID_LENGTH: u32 = std::env::var("ID_LENGTH")
+    .unwrap_or("32".to_string())
+    .parse()
+    .unwrap();
 }
 
 // THEME

packages/backend/src/health/mod.rs

@@ -0,0 +1,3 @@
+mod routes;
+
+pub use routes::*;

packages/backend/src/health/routes.rs

@@ -0,0 +1,16 @@
+use actix_web::{get, web, HttpResponse, Responder, Scope};
+
+use crate::store;
+
+#[get("/")]
+async fn get_live() -> impl Responder {
+    if store::can_reach_redis() {
+        return HttpResponse::Ok();
+    } else {
+        return HttpResponse::ServiceUnavailable();
+    }
+}
+
+pub fn init() -> Scope {
+    web::scope("/live").service(get_live)
+}

packages/backend/src/main.rs

@@ -1,8 +1,10 @@
 use actix_web::{
     middleware::{self, Logger},
-    web, App, HttpServer,
+    web::{self},
+    App, HttpServer,
 };
 use dotenv::dotenv;
+use log::error;
 
 #[macro_use]
 extern crate lazy_static;
@@ -10,6 +12,7 @@ extern crate lazy_static;
 mod api;
 mod client;
 mod config;
+mod health;
 mod note;
 mod size;
 mod status;
@@ -20,6 +23,11 @@ async fn main() -> std::io::Result<()> {
     dotenv().ok();
     env_logger::init_from_env(env_logger::Env::new().default_filter_or(config::VERBOSITY.as_str()));
 
+    if !store::can_reach_redis() {
+        error!("cannot reach redis");
+        panic!("canont reach redis");
+    }
+
     return HttpServer::new(|| {
         App::new()
             .wrap(Logger::new("\"%r\" %s %b %T"))

packages/backend/src/note/model.rs

@@ -2,6 +2,8 @@ use bs62;
 use ring::rand::SecureRandom;
 use serde::{Deserialize, Serialize};
 
+use crate::config;
+
 #[derive(Serialize, Deserialize, Clone)]
 pub struct Note {
     pub meta: String,
@@ -22,8 +24,13 @@ pub struct NotePublic {
 }
 
 pub fn generate_id() -> String {
-    let mut id: [u8; 32] = [0; 32];
+    let mut result = "".to_owned();
+    let mut id: [u8; 1] = [0; 1];
     let sr = ring::rand::SystemRandom::new();
-    let _ = sr.fill(&mut id);
-    return bs62::encode_data(&id);
+
+    for _ in 0..*config::ID_LENGTH {
+        let _ = sr.fill(&mut id);
+        result.push_str(&bs62::encode_data(&id));
+    }
+    return result;
 }

packages/backend/src/store.rs

@@ -19,6 +19,14 @@ fn get_connection() -> Result<redis::Connection, &'static str> {
         .map_err(|_| "Unable to connect to redis")
 }
 
+pub fn can_reach_redis() -> bool {
+    let conn = get_connection();
+    return match conn {
+        Ok(_) => true,
+        Err(_) => false,
+    };
+}
+
 pub fn set(id: &String, note: &Note) -> Result<(), &'static str> {
     let serialized = serde_json::to_string(&note.clone()).unwrap();
     let mut conn = get_connection()?;

packages/cli/README.md

@@ -0,0 +1,54 @@
+# Cryptgeon CLI
+
+The CLI is a functionally identical way to interact with cryptgeon notes.
+It supports text, files, expiration, password, etc.
+
+## Installation
+
+```bash
+npx cryptgeon
+
+# Or install globally
+npm -g install cryptgeon
+cryptgeon
+```
+
+## Examples
+
+```bash
+# Create simple note
+cryptgeon send text "Foo bar"
+
+# Send two files
+cryptgeon send file my.pdf picture.png
+
+# 3 views
+cryptgeon send text "My message" --views 3
+
+# 10 minutes
+cryptgeon send text "My message" --minutes 10
+
+# Custom password
+cryptgeon send text "My message" --password "1337"
+
+# Password from stdin
+echo "1337" | cryptgeon send text "My message"
+
+# Open a link
+cryptgeon open https://cryptgeon.org/note/16gOIkxWjCxYNuXM8tCqMUzl...
+```
+
+## Options
+
+### Custom server
+
+The default server is `cryptgeon.org`, however you can use any cryptgeon server by passing the `-s` or `--server` option, or by setting the `CRYPTGEON_SERVER` environment variable.
+
+### Password
+
+Optionally, just like in the web ui, you can choose to use a manual password. You can do that by passing the `-p` or `--password` options, or by piping it into stdin.
+
+```bash
+echo "my pw" | cryptgeon send text "my text"
+cat pass.txt | cryptgeon send text "my text"
+```

packages/cli/package.json

@@ -1,6 +1,12 @@
 {
-  "version": "2.3.0-beta.4",
+  "version": "2.4.0",
   "name": "cryptgeon",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/cupcakearmy/cryptgeon.git",
+    "directory": "packages/cli"
+  },
+  "homepage": "https://github.com/cupcakearmy/cryptgeon",
   "type": "module",
   "engines": {
     "node": ">=18"
@@ -20,18 +26,18 @@
     "dist"
   ],
   "devDependencies": {
-    "@commander-js/extra-typings": "^10.0.3",
+    "@commander-js/extra-typings": "^11.1.0",
     "@cryptgeon/shared": "workspace:*",
-    "@types/inquirer": "^9.0.3",
-    "@types/mime": "^3.0.1",
-    "@types/node": "^20.1.3",
-    "commander": "^10.0.1",
-    "esbuild": "^0.17.19",
-    "inquirer": "^9.2.2",
+    "@types/inquirer": "^9.0.6",
+    "@types/mime": "^3.0.3",
+    "@types/node": "^20.8.10",
+    "commander": "^11.1.0",
+    "esbuild": "^0.19.5",
+    "inquirer": "^9.2.11",
     "mime": "^3.0.0",
     "occulto": "^2.0.1",
     "pkg": "^5.8.1",
-    "pretty-bytes": "^6.1.0",
-    "typescript": "^5.0.4"
+    "pretty-bytes": "^6.1.1",
+    "typescript": "^5.2.2"
   }
 }

packages/cli/src/index.ts

@@ -42,6 +42,7 @@ program.name('cryptgeon').version(version).configureHelp({ showGlobalOptions: tr
 
 program
   .command('info')
+  .description('show information about the server')
   .addOption(server)
   .action(async (options) => {
     setBase(options.server)
@@ -56,7 +57,7 @@ program
     console.table(formatted)
   })
 
-const send = program.command('send')
+const send = program.command('send').description('send a note')
 send
   .command('file')
   .addArgument(files)
@@ -86,6 +87,7 @@ send
 
 program
   .command('open')
+  .description('open a link with text or files inside')
   .addArgument(url)
   .addOption(password)
   .addOption(all)

packages/frontend/locales/de.json

@@ -47,7 +47,8 @@
 		"explanation": "Klicken Sie unten, um die Notiz anzuzeigen und zu löschen, wenn der Zähler sein Limit erreicht hat",
 		"show_note": "Notiz anzeigen",
 		"warning_will_not_see_again": "haben Sie <b>keine</b> Gelegenheit, die Notiz noch einmal zu sehen.",
-		"download_all": "alle herunterladen"
+		"download_all": "alle herunterladen",
+		"links_found": "Links in der Notiz:"
 	},
 	"file_upload": {
 		"selected_files": "Ausgewählte Dateien",

packages/frontend/locales/en.json

@@ -47,7 +47,8 @@
 		"explanation": "click below to show and delete the note if the counter has reached it's limit",
 		"show_note": "show note",
 		"warning_will_not_see_again": "you will <b>not</b> get the chance to see the note again.",
-		"download_all": "download all"
+		"download_all": "download all",
+		"links_found": "links found inside the note:"
 	},
 	"file_upload": {
 		"selected_files": "Selected Files",

packages/frontend/locales/es.json

@@ -23,7 +23,7 @@
 		"intro": "Envía fácilmente notas o archivos <i>totalmente encriptados</i> y seguros con un solo clic. Solo tienes que crear una nota y compartir el enlace.",
 		"explanation": "la nota expirará y se destruirá después de {type}.",
 		"new_note": "nueva nota",
-		"new_note_notice": "<b>disponibilidad:</b><br />no se garantiza que la nota se almacene, ya que todo se guarda en la memoria RAM, si se llena se eliminarán las notas más antiguas.<br />(probablemente estará bien, sólo está advertido.)",
+		"new_note_notice": "<b>disponibilidad:</b><br />no se garantiza que la nota se almacene, ya que todo se guarda en la memoria RAM, si se llena se eliminarán las notas más antiguas.<br />(probablemente estará bien, solo está advertido.)",
 		"errors": {
 			"note_to_big": "no se pudo crear la nota. la nota es demasiado grande",
 			"note_error": "No se ha podido crear la nota. Por favor, inténtelo de nuevo.",
@@ -34,7 +34,7 @@
 			"note_created": "nota creada."
 		},
 		"advanced": {
-			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, que no se incluye en el enlace.",
+			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, la cual no se incluye en el enlace.",
 			"custom_password": "contraseña personalizada"
 		}
 	},
@@ -47,7 +47,8 @@
 		"explanation": "pulse abajo para mostrar y borrar la nota si el contador ha llegado a su límite",
 		"show_note": "mostrar nota",
 		"warning_will_not_see_again": "<b>no</b> tendrás la oportunidad de volver a ver la nota.",
-		"download_all": "descargar todo"
+		"download_all": "descargar todo",
+		"links_found": "enlaces que se encuentran dentro de la nota:"
 	},
 	"file_upload": {
 		"selected_files": "Archivos seleccionados",

packages/frontend/locales/fr.json

@@ -47,7 +47,8 @@
 		"explanation": "Cliquez ci-dessous pour afficher et supprimer la note si le compteur a atteint sa limite.",
 		"show_note": "note de présentation",
 		"warning_will_not_see_again": "vous <b>n'aurez pas</b> la chance de revoir la note.",
-		"download_all": "télécharger tout"
+		"download_all": "télécharger tout",
+		"links_found": "liens trouvés à l’intérieur de la note :"
 	},
 	"file_upload": {
 		"selected_files": "Fichiers sélectionnés",

packages/frontend/locales/it.json

@@ -47,7 +47,8 @@
 		"explanation": "clicca sotto per mostrare e cancellare la nota se il contatore ha raggiunto il suo limite",
 		"show_note": "mostra la nota",
 		"warning_will_not_see_again": "<b>non</b> avrete la possibilità di rivedere la nota.",
-		"download_all": "scarica tutti"
+		"download_all": "scarica tutti",
+		"links_found": "link presenti all'interno della nota:"
 	},
 	"file_upload": {
 		"selected_files": "File selezionati",

packages/frontend/locales/ja.json

@@ -47,7 +47,8 @@
 		"explanation": "カウンターが上限に達した場合、ノートの表示と削除を行うには、以下をクリックします。",
 		"show_note": "メモを表示",
 		"warning_will_not_see_again": "あなた <b>できません</b> このノートをもう一度見る",
-		"download_all": "すべてダウンロード"
+		"download_all": "すべてダウンロード",
+		"links_found": "メモ内にあるリンク:"
 	},
 	"file_upload": {
 		"selected_files": "選択したファイル",

packages/frontend/locales/ru.json

@@ -47,7 +47,8 @@
 		"explanation": "щелкните ниже, чтобы показать и удалить примечание, если счетчик достиг предела",
 		"show_note": "показать заметку",
 		"warning_will_not_see_again": "вы <b>не сможете</b> больше просмотреть заметку.",
-		"download_all": "скачать всё"
+		"download_all": "скачать всё",
+		"links_found": "ссылки внутри заметки:"
 	},
 	"file_upload": {
 		"selected_files": "Выбранные файлы",

packages/frontend/locales/zh.json

@@ -47,7 +47,8 @@
 		"explanation": "点击下方按钮即可查看密信，阅后即焚。",
 		"show_note": "查看密信",
 		"warning_will_not_see_again": "你将<b>无法</b>再次查看该密信，请尽快复制到粘贴板。",
-		"download_all": "下载全部"
+		"download_all": "下载全部",
+		"links_found": "注释中找到的链接："
 	},
 	"file_upload": {
 		"selected_files": "已选中的文件",

packages/frontend/package.json

@@ -13,29 +13,27 @@
 	},
 	"type": "module",
 	"devDependencies": {
-		"@lokalise/node-api": "^9.8.0",
-		"@sveltejs/adapter-static": "^2.0.2",
-		"@sveltejs/kit": "^1.16.3",
-		"@types/dompurify": "^3.0.2",
-		"@types/file-saver": "^2.0.5",
-		"@zerodevx/svelte-toast": "^0.9.3",
+		"@lokalise/node-api": "^12.0.0",
+		"@sveltejs/adapter-static": "^2.0.3",
+		"@sveltejs/kit": "^1.27.2",
+		"@types/file-saver": "^2.0.6",
+		"@zerodevx/svelte-toast": "^0.9.5",
 		"adm-zip": "^0.5.10",
-		"dotenv": "^16.0.3",
-		"svelte": "^3.59.1",
-		"svelte-check": "^3.3.2",
-		"svelte-intl-precompile": "^0.12.1",
-		"tslib": "^2.5.0",
-		"typescript": "^5.0.4",
-		"vite": "^4.3.5"
+		"dotenv": "^16.3.1",
+		"svelte": "^4.2.2",
+		"svelte-check": "^3.5.2",
+		"svelte-intl-precompile": "^0.12.3",
+		"tslib": "^2.6.2",
+		"typescript": "^5.2.2",
+		"vite": "^4.5.0"
 	},
 	"dependencies": {
 		"@cryptgeon/shared": "workspace:*",
-		"@fontsource/fira-mono": "^4.5.10",
+		"@fontsource/fira-mono": "^5.0.8",
 		"copy-to-clipboard": "^3.3.3",
-		"dompurify": "^3.0.3",
 		"file-saver": "^2.0.5",
 		"occulto": "^2.0.1",
-		"pretty-bytes": "^6.1.0",
+		"pretty-bytes": "^6.1.1",
 		"qrious": "^4.0.2"
 	}
 }

packages/frontend/src/lib/ui/AdvancedParameters.svelte

@@ -8,10 +8,11 @@
 
 	export let note: Note
 	export let timeExpiration = false
+	export let customPassword: string | null = null
 
-	let customPassword = false
+	let hasCustomPassword = false
 
-	$: if (!customPassword) note.password = undefined
+	$: if (!hasCustomPassword) customPassword = null
 </script>
 
 <div class="flex col">
@@ -49,15 +50,15 @@
 	<div class="flex">
 		<Switch
 			data-testid="custom-password"
-			bind:value={customPassword}
+			bind:value={hasCustomPassword}
 			label={$t('home.advanced.custom_password')}
 		/>
 		<TextInput
 			data-testid="password"
 			type="password"
-			bind:value={note.password}
+			bind:value={customPassword}
 			label={$t('common.password')}
-			disabled={!customPassword}
+			disabled={!hasCustomPassword}
 			random
 		/>
 	</div>

packages/frontend/src/lib/ui/ShowNote.svelte

@@ -3,7 +3,6 @@
 </script>
 
 <script lang="ts">
-	import DOMPurify from 'dompurify'
 	import { saveAs } from 'file-saver'
 	import prettyBytes from 'pretty-bytes'
 	import { t } from 'svelte-intl-precompile'
@@ -34,22 +33,29 @@
 		saveAs(f)
 	}
 
-	function contentWithLinks(content: string): string {
-		const replaced = content.replace(
-			RE_URL,
-			(url) => `<a href="${url}" rel="noreferrer">${url}</a>`
-		)
-		return DOMPurify.sanitize(replaced, { USE_PROFILES: { html: true } })
-	}
+	$: links = typeof note.contents === 'string' ? note.contents.match(RE_URL) : []
 </script>
 
 <p class="error-text">{@html $t('show.warning_will_not_see_again')}</p>
 <div data-testid="result">
 	{#if note.meta.type === 'text'}
 		<div class="note">
-			{@html contentWithLinks(note.contents)}
+			{note.contents}
 		</div>
 		<Button on:click={() => copy(note.contents)}>{$t('common.copy_clipboard')}</Button>
+
+		{#if links && links.length}
+			<div class="links">
+				{$t('show.links_found')}
+				<ul>
+					{#each links as link}
+						<li>
+							<a href={link} target="_blank" rel="noopener noreferrer">{link}</a>
+						</li>
+					{/each}
+				</ul>
+			</div>
+		{/if}
 	{:else}
 		{#each files as file}
 			<div class="note file">
@@ -92,4 +98,20 @@
 	.note.file small {
 		padding-left: 1rem;
 	}
+
+	.links {
+		margin-top: 2rem;
+	}
+	.links ul {
+		margin: 0;
+		padding: 0;
+		margin-top: 0.5rem;
+		padding-left: 1rem;
+		list-style: square;
+	}
+
+	.links ul li {
+		margin-bottom: 0.5rem;
+		word-wrap: break-word;
+	}
 </style>

packages/frontend/src/lib/views/Create.svelte

@@ -1,5 +1,5 @@
 <script lang="ts">
-	import { AES, Hex, Bytes } from 'occulto'
+	import { AES, Hex } from 'occulto'
 	import { t } from 'svelte-intl-precompile'
 	import { blur } from 'svelte/transition'
 
@@ -14,7 +14,7 @@
 	import Switch from '$lib/ui/Switch.svelte'
 	import TextArea from '$lib/ui/TextArea.svelte'
 	import type { FileDTO, Note } from '@cryptgeon/shared'
-	import { Adapters, create, PayloadToLargeError } from '@cryptgeon/shared'
+	import { Adapters, PayloadToLargeError, create } from '@cryptgeon/shared'
 
 	let note: Note = {
 		contents: '',
@@ -27,6 +27,7 @@
 	let advanced = false
 	let isFile = false
 	let timeExpiration = false
+	let customPassword: string | null = null
 	let description = ''
 	let loading: string | null = null
 
@@ -57,7 +58,7 @@
 		try {
 			loading = $t('common.encrypting')
 
-			const derived = note.password && (await AES.derive(note.password))
+			const derived = customPassword && (await AES.derive(customPassword))
 			const key = derived ? derived[0] : await AES.generateKey()
 
 			const data: Note = {
@@ -79,7 +80,7 @@
 			const response = await create(data)
 			result = {
 				id: response.id,
-				password: note.password ? undefined : Hex.encode(key),
+				password: customPassword ? undefined : Hex.encode(key),
 			}
 			notify.success($t('home.messages.note_created'))
 		} catch (e) {
@@ -148,9 +149,9 @@
 			</p>
 
 			{#if advanced}
-				<div transition:blur={{ duration: 250 }}>
+				<div transition:blur|global={{ duration: 250 }}>
 					<hr />
-					<AdvancedParameters bind:note bind:timeExpiration />
+					<AdvancedParameters bind:note bind:timeExpiration bind:customPassword />
 				</div>
 			{/if}
 		</fieldset>

packages/frontend/src/routes/about/+page.svelte

@@ -75,6 +75,9 @@
 <style>
 	section {
 		width: 100%;
+		display: flex;
+		flex-direction: column;
+		gap: 2rem;
 	}
 
 	ul {

packages/shared/package.json

@@ -14,7 +14,7 @@
     "build": "tsc"
   },
   "devDependencies": {
-    "typescript": "^5.0.4"
+    "typescript": "^5.2.2"
   },
   "dependencies": {
     "occulto": "^2.0.1"