Merge pull request #106 from cupcakearmy/2.4.0

2.4.0

.dev.env

@@ -0,0 +1,2 @@
+SIZE_LIMIT=10MiB
+VERBOSITY=debug

.dockerignore

@@ -1 +1,15 @@
-target
+*
+
+!/packages
+!/package.json
+!/pnpm-lock.yaml
+!/pnpm-workspace.yaml
+
+**/target
+**/node_modules
+**/dist
+**/bin
+**/*.tsbuildinfo
+**/build
+**/.svelte
+**/.svelte-kit

.gitattributes

@@ -1 +1,2 @@
 *.afdesign filter=lfs diff=lfs merge=lfs -text
+test/assets/** filter=lfs diff=lfs merge=lfs -text

.github/FUNDING.yml

@@ -0,0 +1,12 @@
+# These are supported funding model platforms
+
+github: cupcakearmy
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/workflows/docker.yml

@@ -1,37 +0,0 @@
-name: ci
-
-on:
-  workflow_dispatch:
-  push:
-    tags:
-      - "v*.*.*"
-
-jobs:
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Docker Labels
-        id: meta
-        uses: crazy-max/ghaction-docker-meta@v2
-        with:
-          images: cupcakearmy/cryptgeon
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Build and push
-        id: docker_build
-        uses: docker/build-push-action@v2
-        with:
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-      - name: Image digest
-        run: echo ${{ steps.docker_build.outputs.digest }}

.github/workflows/release.yml

@@ -0,0 +1,58 @@
+name: Publish
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - 'v*.*.*'
+
+jobs:
+  cli:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: pnpm/action-setup@v2
+      - uses: actions/setup-node@v3
+        with:
+          cache: 'pnpm'
+          node-version-file: '.nvmrc'
+          registry-url: 'https://registry.npmjs.org'
+
+      - run: |
+          pnpm install --frozen-lockfile
+          pnpm run build
+
+      - run: npm publish
+        working-directory: ./packages/cli
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+      - name: Docker Labels
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: cupcakearmy/cryptgeon
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}

.github/workflows/test.yaml

@@ -0,0 +1,39 @@
+name: Test
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      # Node
+      - uses: pnpm/action-setup@v2
+      - uses: actions/setup-node@v3
+        with:
+          cache: 'pnpm'
+          node-version-file: '.nvmrc'
+
+      # Docker
+      - uses: docker/setup-qemu-action@v2
+      - uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+
+      - name: Prepare
+        run: |
+          pnpm install --frozen-lockfile
+          pnpm exec playwright install --with-deps
+          pnpm run test:prepare
+
+      - name: Run your tests
+        run: pnpm test
+      - uses: actions/upload-artifact@v3
+        with:
+          name: test-results
+          path: test-results

.gitignore

@@ -1,10 +1,10 @@
-
-# Backend
-/target
-
-# Client
-.DS_Store
+.env
+*.tsbuildinfo
 node_modules
-/.svelte
-/build
-/functions
+dist
+bin
+
+target
+
+# Testing
+test-results

.nvmrc

@@ -0,0 +1 @@
+v20.9.0

.vscode/settings.json

@@ -1,6 +0,0 @@
-{
-  "cSpell.words": [
-    "ciphertext",
-    "cryptgeon"
-  ]
-}

CHANGELOG.md

@@ -5,22 +5,325 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.4.0] - 2023-11-01
+
+### Changed
+
+- Removed HTML sanitation, display the original message as string
+- Links are now displayed under the note in a separate section
+
+## [2.3.1] - 2023-06-23
+
+### Added
+
+- #92: Endpoint (`/api/live/`) for checking health status.
+
+## [2.3.0] - 2023-05-30
+
+### Added
+
+- New CLI 🎉.
+- Russian language.
+- Option for reducing note id size (`ID_LENGTH`).
+
+### Changed
+
+- Moved to monorepo.
+
+### Changed
+
+- Default port is now 8000, not 5000.
+- Moved to generic encryption library `occulto`.
+
+### Fixed
+
+- Bad chinese language code.
+
+### Security
+
+- Updated dependencies.
+
+## [2.1.0] - 2023-01-04
+
+### Added
+
+- QR Code to more easily copy and share links.
+
+## [2.0.7] - 2022-12-26
+
+### Changed
+
+- Svelte Kit now stable 🎉
+
+## [2.0.6] - 2022-11-12
+
+### Fixed
+
+- #66 Set minimum a view.
+
+### Security
+
+- Updated dependencies.
+
+## [2.0.5] - 2022-11-04
+
+### Fixed
+
+- Docker build pipeline.
+
+## [2.0.4] - 2022-10-29
+
+### Added
+
+- `THEME_PAGE_TITLE`.
+- `THEME_FAVICON`.
+
+## [2.0.3] - 2022-10-07
+
+### Added
+
+- Flag for verbosity.
+
+### Fixed
+
+- #58 Fixed bug in the max views frontend form.
+
+## [2.0.2] - 2022-07-20
+
+### Added
+
+- Toasts for events.
+- E2E Tests.
+- Make backend more configurable.
+
+## [2.0.1] - 2022-07-18
+
+### Added
+
+- Max file size on the client now.
+- Loading information.
+
+### Changed
+
+- Changed encoding from hex to base64.
+- Chinese language code.
+- Notable speed improvements for big files.
+
+## [2.0.0] - 2022-07-16
+
+### Added
+
+- Theming for logo and description text.
+
+### Changed
+
+- Moved to redis.
+- New html sanitizing library.
+
+## [2.0.0-rc.0] - 2022-07-15
+
+### Added
+
+- Theming for logo and description text.
+
+### Changed
+
+- Moved to redis.
+- New html sanitizing library.
+
+## [1.5.3] - 2022-06-07
+
+### Changed
+
+- Use the value from the `MEMCACHE` env variable in startup script.
+
+## [1.5.2] - 2022-06-07
+
+### Added
+
+- Wait for script for memecached.
+
+### Security
+
+- Updated dependencies.
+
+## [1.5.1] - 2022-05-15
+
+### Fixed
+
+- Remove double note content.
+
+## [1.5.0] - 2022-05-14
+
+### Added
+
+- Links in notes are not highlighted and can be directly clicked #30.
+
+## [1.4.1] - 2022-03-05
+
+### Fixed
+
+- Router in prod build.
+
+## [1.4.0] - 2022-03-02
+
+### Added
+
+- Support for multiple languages.
+- Select multiple files without removing already selected ones.
+- Tooltip for copy action.
+- Configure maximum views, expiration and advanced options for the server.
+
+### Changed
+
+- Use native SVGs instead of images.
+- Update robots.txt file to allow only root.
+- Stronger frontend types.
+
+## [1.3.3] - 2022-01-03
+
+### Fixed
+
+- Bug fix due to dependency update.
+
+## [1.3.2] - 2022-01-02
+
+### Changed
+
+- Dependencies updates.
+- Folder structure.
+
+## [1.3.1] - 2021-12-30
+
+### Added
+
+- Short explanation in the home page.
+
+### Changed
+
+- Explanation in about & readme.
+- Shorten server ids from 512 to 256bit.
+
+## [1.3.0] - 2021-12-22
+
+### Added
+
+- Option to set a custom size limit.
+- Options to share files.
+
+### Changed
+
+- Don't delete note if time is not expired yet
+- Use pnpm instead of npm.
+
+## [1.2.0] - 2021-11-11
+
+### Changed
+
+- Switch to pnpm.
+
+### Security
+
+- Dependencies updated.
+
+## [1.1.1] - 2021-05-17
+
+### Fixed
+
+- Height on big displays.
+- About page.
+
+## [1.1.0] - 2021-05-16
+
+### Security
+
+- Using hash `#` instead of path.
+
+## [1.0.11] - 2021-05-08
+
+### Added
+
+- loading text.
+- description for created notes about availability.
+
+### Changed
+
+- iterations from 100 to 100k.
+
+### Fixed
+
+- time based view bug.
+
+## [1.0.10] - 2021-05-08
+
+### Fixed
+
+- API endpoint was not reachable.
+
+## [1.0.9] - 2021-05-07
+
+## Changed
+
+- Removed a dependency.
+
+## [1.0.8] - 2021-05-05
+
+### Added
+
+- Manual theme override option.
+
+### Fixed
+
+- Removed Arm builds for now.
+- iOS style bugs.
+
+## [1.0.7] - 2021-05-04
+
+### Added
+
+- Arm images.
+
+## [1.0.6] - 2021-05-04
+
+### Added
+
+- Always use encryption with random passwords included links.
+
+## [1.0.5] - 2021-05-03
+
+### Fixed
+
+- Typos.
+
+## [1.0.4] - 2021-05-02
+
+### Added
+
+- From scratch docker image.
+
+## [1.0.3] - 2021-05-02
+
+### Fixed
+
+- Higher default text area.
+- Mobile touchups.
+
 ## [1.0.2] - 2021-05-02
 
 ### Fixed
 
-- SVG Icons
+- SVG Icons.
 
 ## [1.0.1] - 2021-05-02
 
 ### Added
 
-- Dark mode support
+- Dark mode support.
 
 ### Fixed
 
-- Don't reload data on wrong password
+- Don't reload data on wrong password.
 
 ## [1.0.0] - 2021-05-02
 
-Initial release
+Initial release.

Cargo.toml

@@ -1,21 +0,0 @@
-[package]
-name = "cryptgeon"
-version = "1.0.0"
-authors = ["cupcakearmy <hi@nicco.io>"]
-edition = "2018"
-
-[[bin]]
-name = "cryptgeon"
-path = "src/main.rs"
-
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
-
-[dependencies]
-actix-web = "3"
-actix-files = "0.5"
-serde = "1"
-serde_json = "1"
-lazy_static = "1"
-ring = "0.16"
-bs62 = "0.1"
-memcache = "0.15"

Cryptgeon.postman_collection.json

@@ -0,0 +1,693 @@
+{
+	"info": {
+		"_postman_id": "3aaeac19-4eac-4911-b3c8-912b17a48634",
+		"name": "Cryptgeon",
+		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
+	},
+	"item": [
+		{
+			"name": "Notes",
+			"item": [
+				{
+					"name": "Preview",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/notes/:id",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								":id"
+							],
+							"variable": [
+								{
+									"key": "id",
+									"value": "{{NOTE_ID}}",
+									"description": "Id of the Note"
+								}
+							]
+						},
+						"description": "This endpoint is to query wether a note exists, without actually opening it. No view limits are used here, as contents of the note are not available, only the `meta` field is returned, which is public."
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}",
+											"description": "Id of the Note"
+										}
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:24:29 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{}"
+						},
+						{
+							"name": "404",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}",
+											"description": "Id of the Note"
+										}
+									]
+								}
+							},
+							"status": "Not Found",
+							"code": 404,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:25:26 GMT"
+								}
+							],
+							"cookie": [],
+							"body": ""
+						}
+					]
+				},
+				{
+					"name": "Create",
+					"event": [
+						{
+							"listen": "test",
+							"script": {
+								"exec": [
+									"const jsonData = pm.response.json();",
+									"pm.collectionVariables.set('NOTE_ID', jsonData.id)",
+									""
+								],
+								"type": "text/javascript"
+							}
+						}
+					],
+					"request": {
+						"method": "POST",
+						"header": [],
+						"body": {
+							"mode": "raw",
+							"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 1,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+							"options": {
+								"raw": {
+									"language": "json"
+								}
+							}
+						},
+						"url": {
+							"raw": "{{BASE}}/notes/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								""
+							]
+						}
+					},
+					"response": [
+						{
+							"name": "Simple",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 1,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						},
+						{
+							"name": "5 Minutes",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"expiration\": 5,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						},
+						{
+							"name": "3 Views",
+							"originalRequest": {
+								"method": "POST",
+								"header": [],
+								"body": {
+									"mode": "raw",
+									"raw": "{\n    \"contents\": \"Some encrypted content\",\n    \"views\": 3,\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\"\n}",
+									"options": {
+										"raw": {
+											"language": "json"
+										}
+									}
+								},
+								"url": {
+									"raw": "{{BASE}}/notes/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:31:54 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"id\": \"1QeEWDQbQY9dOo8cDDQjykaEjouqugTR6A78sjgn4VMv\"\n}"
+						}
+					]
+				},
+				{
+					"name": "Read",
+					"request": {
+						"method": "DELETE",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/notes/:id",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"notes",
+								":id"
+							],
+							"variable": [
+								{
+									"key": "id",
+									"value": "{{NOTE_ID}}"
+								}
+							]
+						},
+						"description": "This endpoint gets the actual contents of a note. It's a `DELETE` endpoint, es it decreases the `view` counter, and deletes the note if `0` is reached."
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "DELETE",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}"
+										}
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:59:07 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"meta\": \"{\\\"type\\\":\\\"text\\\"}\",\n    \"contents\": \"Some encrypted content\"\n}"
+						},
+						{
+							"name": "404",
+							"originalRequest": {
+								"method": "DELETE",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/notes/:id",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"notes",
+										":id"
+									],
+									"variable": [
+										{
+											"key": "id",
+											"value": "{{NOTE_ID}}"
+										}
+									]
+								}
+							},
+							"status": "Not Found",
+							"code": 404,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:59:15 GMT"
+								}
+							],
+							"cookie": [],
+							"body": ""
+						}
+					]
+				}
+			]
+		},
+		{
+			"name": "Status",
+			"item": [
+				{
+					"name": "Get server status",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/status/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"status",
+								""
+							]
+						}
+					},
+					"response": [
+						{
+							"name": "200",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/status/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"status",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "json",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "connection",
+									"value": "close"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-type",
+									"value": "application/json"
+								},
+								{
+									"key": "date",
+									"value": "Tue, 23 May 2023 05:56:45 GMT"
+								}
+							],
+							"cookie": [],
+							"body": "{\n    \"version\": \"2.3.0-beta.4\",\n    \"max_size\": 10485760,\n    \"max_views\": 100,\n    \"max_expiration\": 360,\n    \"allow_advanced\": true,\n    \"theme_image\": \"\",\n    \"theme_text\": \"\",\n    \"theme_page_title\": \"\",\n    \"theme_favicon\": \"\"\n}"
+						}
+					]
+				},
+				{
+					"name": "Health Check",
+					"request": {
+						"method": "GET",
+						"header": [],
+						"url": {
+							"raw": "{{BASE}}/live/",
+							"host": [
+								"{{BASE}}"
+							],
+							"path": [
+								"live",
+								""
+							]
+						},
+						"description": "Return `200` for healthy service. `503` if service is unavailable."
+					},
+					"response": [
+						{
+							"name": "Healthy",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/live/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"live",
+										""
+									]
+								}
+							},
+							"status": "OK",
+							"code": 200,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "date",
+									"value": "Thu, 22 Jun 2023 20:17:58 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						},
+						{
+							"name": "Service Unavilable",
+							"originalRequest": {
+								"method": "GET",
+								"header": [],
+								"url": {
+									"raw": "{{BASE}}/live/",
+									"host": [
+										"{{BASE}}"
+									],
+									"path": [
+										"live",
+										""
+									]
+								}
+							},
+							"status": "Service Unavailable",
+							"code": 503,
+							"_postman_previewlanguage": "plain",
+							"header": [
+								{
+									"key": "transfer-encoding",
+									"value": "chunked"
+								},
+								{
+									"key": "content-encoding",
+									"value": "gzip"
+								},
+								{
+									"key": "vary",
+									"value": "accept-encoding"
+								},
+								{
+									"key": "date",
+									"value": "Thu, 22 Jun 2023 20:18:55 GMT"
+								}
+							],
+							"cookie": [],
+							"body": null
+						}
+					]
+				}
+			]
+		}
+	],
+	"event": [
+		{
+			"listen": "prerequest",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		},
+		{
+			"listen": "test",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		}
+	],
+	"variable": [
+		{
+			"key": "BASE",
+			"value": "http://localhost:1234/api",
+			"type": "default"
+		},
+		{
+			"key": "NOTE_ID",
+			"value": "",
+			"type": "default"
+		}
+	]
+}

Dockerfile

@@ -1,26 +1,27 @@
-FROM node:16-alpine as CLIENT
-
+# FRONTEND
+FROM node:18-alpine as client 
 WORKDIR /tmp
-COPY ./client .
+RUN npm install -g pnpm@8
+COPY . .
+RUN pnpm install --frozen-lockfile
+RUN pnpm run build
 
-RUN npm ci
-RUN npm run build
-
-FROM rust:1.51-alpine as RUST
 
+# BACKEND
+FROM rust:1.73-alpine as backend
 WORKDIR /tmp
 RUN apk add libc-dev openssl-dev alpine-sdk
-COPY ./Cargo* .
-COPY ./src ./src
-
+COPY ./packages/backend ./
 RUN cargo build --release
 
+
+# RUNNER
 FROM alpine
-
 WORKDIR /app
-COPY --from=RUST /tmp/target/release/cryptgeon .
-COPY --from=CLIENT /tmp/build ./client/build
-
-ENV MEMCACHE=memcached:11211
-
+RUN apk add --no-cache curl 
+COPY --from=backend /tmp/target/release/cryptgeon .
+COPY --from=client /tmp/packages/frontend/build ./frontend
+ENV FRONTEND_PATH="./frontend"
+ENV REDIS="redis://redis/"
+EXPOSE 8000
 ENTRYPOINT [ "/app/cryptgeon" ]

README.md

@@ -1,67 +1,203 @@
 <p align="center">
-<img src="./design/github.svg">
+  <img src="./design/Github.png" alt="logo">
 </p>
 
-![Docker pulls badge](https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon)
-![Docker image size badge](https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon)
-![Latest version](https://img.shields.io/github/v/release/cupcakearmy/cryptgeon)
+<a href="https://discord.gg/nuby6RnxZt">
+  <img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
+  <img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
+</a>
+
+<br/><br/>
+<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" height="50" /></a>
+<a href=""><img src="./.github/lokalise.png" height="50">
+<br/><br/>
+
+EN | [简体中文](README_zh-CN.md) | [ES](README_ES.md) 
 
 ## About?
 
-_cryptgeon_ is an secure, open source sharing note service inspired by [_PrivNote_](https://privnote.com)
+_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com).
+It includes a server, a web page and a CLI client.
 
-## Demo
+> 🌍 If you want to translate the project feel free to reach out to me.
+>
+> Thanks to [Lokalise](https://lokalise.com/) for providing free access to their platform.
 
-Check out the demo and see for yourself https://cryptgeon.nicco.io.
+## Live Service / Demo
+
+### Web
+
+Check out the live service / demo and see for yourself [cryptgeon.org](https://cryptgeon.org)
+
+### CLI
+
+```
+npx cryptgeon send text "This is a secret note"
+```
+
+For more documentation about the CLI see the [readme](./packages/cli/README.md).
 
 ## Features
 
-- view and time constrains
+- send text or files
+- server cannot decrypt contents due to client side encryption
+- view or time constraints
 - in memory, no persistence
-- in browser encryption → server cannot decrypt contents
+- obligatory dark mode support
 
 ## How does it work?
 
-each note has a 512bit generated <i>id</i> that is used to retrieve the note. data is stored in memory and never persisted to disk.
+each note has a generated <code>id (256bit)</code> and <code>key 256(bit)</code>. The
+<code>id</code>
+is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the
+client side with the <code>key</code> and then sent to the server. data is stored in memory and
+never persisted to disk. the server never sees the encryption key and cannot decrypt the contents
+of the notes even if it tried to.
 
 ## Screenshot
 
-![screenshot](./design/screen.jpg)
+![screenshot](./design/Screens.png)
+
+## Environment Variables
+
+| Variable           | Default          | Description                                                                                                                                                                                                   |
+| ------------------ | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `REDIS`            | `redis://redis/` | Redis URL to connect to. [According to format](https://docs.rs/redis/latest/redis/#connection-parameters)                                                                                                     |
+| `SIZE_LIMIT`       | `1 KiB`          | Max size for body. Accepted values according to [byte-unit](https://docs.rs/byte-unit/). <br> `512 MiB` is the maximum allowed. <br> The frontend will show that number including the ~35% encoding overhead. |
+| `MAX_VIEWS`        | `100`            | Maximal number of views.                                                                                                                                                                                      |
+| `MAX_EXPIRATION`   | `360`            | Maximal expiration in minutes.                                                                                                                                                                                |
+| `ALLOW_ADVANCED`   | `true`           | Allow custom configuration. If set to `false` all notes will be one view only.                                                                                                                                |
+| `ID_LENGTH`        | `32`             | Set the size of the note `id` in bytes. By default this is `32` bytes. This is useful for reducing link size. _This setting does not affect encryption strength_.                                             |
+| `VERBOSITY`        | `warn`           | Verbosity level for the backend. [Possible values](https://docs.rs/env_logger/latest/env_logger/#enabling-logging) are: `error`, `warn`, `info`, `debug`, `trace`                                             |
+| `THEME_IMAGE`      | `""`             | Custom image for replacing the logo. Must be publicly reachable                                                                                                                                               |
+| `THEME_TEXT`       | `""`             | Custom text for replacing the description below the logo                                                                                                                                                      |
+| `THEME_PAGE_TITLE` | `""`             | Custom text the page title                                                                                                                                                                                    |
+| `THEME_FAVICON`    | `""`             | Custom url for the favicon. Must be publicly reachable                                                                                                                                                        |
 
 ## Deployment
 
+> ℹ️ `https` is required otherwise browsers will not support the cryptographic functions.
+
+> ℹ️ There is a health endpoint available at `/api/health/`. It returns either 200 or 503.
+
+### Docker
+
 Docker is the easiest way. There is the [official image here](https://hub.docker.com/r/cupcakearmy/cryptgeon).
 
 ```yaml
 # docker-compose.yml
 
-version: '3.7'
+version: '3.8'
 
 services:
-  memcached:
-    image: memcached:1-alpine
-    entrypoint: memcached -m 128 # Limit to 128 MB Ram, customize at free will.
+  redis:
+    image: redis:7-alpine
+    # Set a size limit. See link below on how to customise.
+    # https://redis.io/docs/manual/eviction/
+    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
 
   app:
     image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    environment:
+      # Size limit for a single note.
+      SIZE_LIMIT: 4 MiB
     ports:
-      - 80:5000
+      - 80:8000
+
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s
 ```
 
+### NGINX Proxy
+
+See the [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.
+
+### Traefik 2
+
+See the [examples/traefik](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/traefik) folder.
+
+### Scratch
+
+See the [examples/scratch](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/scratch) folder. There you'll find a guide how to setup a server and install cryptgeon from scratch.
+
+### Synology
+
+There is a [guide](https://mariushosting.com/how-to-install-cryptgeon-on-your-synology-nas/) you can follow.
+
+### YouTube Guides
+
+- English by [Webnestify](https://www.youtube.com/watch?v=XAyD42I7wyI)
+- English by [DB Tech](https://www.youtube.com/watch?v=S0jx7wpOfNM) [Previous Video](https://www.youtube.com/watch?v=JhpIatD06vE)
+- German by [ApfelCast](https://www.youtube.com/watch?v=84ZMbE9AkHg)
+
 ## Development
 
-1. Clone
-2. run `npm i` in the root and and client `client/` folders.
-3. Run `npm run dev` to start development.
+**Requirements**
 
-Running `npm run dev` in the root folder will start the following things
+- `pnpm`: `>=6`
+- `node`: `>=18`
+- `rust`: edition `2021`
 
-- a memcache docker container
-- rust backend with hot reload
-- client with hot reload
+**Install**
 
-You can see the app under [localhost:3000](http://localhost:3000).
+```bash
+pnpm install
 
-###### Attributions
+# Also you need cargo watch if you don't already have it installed.
+# https://lib.rs/crates/cargo-watch
+cargo install cargo-watch
+```
 
-Icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
+**Run**
+
+Make sure you have docker running.
+
+```bash
+pnpm run dev
+```
+
+Running `pnpm run dev` in the root folder will start the following things:
+
+- redis docker container
+- rust backend
+- client
+- cli
+
+You can see the app under [localhost:1234](http://localhost:1234).
+
+> There is a Postman collection with some example requests [available in the repo](./Cryptgeon.postman_collection.json)
+
+### Tests
+
+Tests are end to end tests written with Playwright.
+
+```sh
+pnpm run test:prepare
+
+# Use the test or test:local script. The local version only runs in one browser for quicker development.
+pnpm run test:local
+```
+
+## Security
+
+Please refer to the security section [here](./SECURITY.md).
+
+---
+
+_Attributions_
+
+- Test data:
+  - Text for tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)
+  - [AES Paper](https://www.cs.miami.edu/home/burt/learning/Csc688.012/rijndael/rijndael_doc_V2.pdf)
+  - [Unsplash Pictures](https://unsplash.com/)
+- Loading animation by [Nikhil Krishnan](https://codepen.io/nikhil8krishnan/pen/rVoXJa)
+- Icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>

README_ES.md

@@ -0,0 +1,200 @@
+<p align="center">
+  <img src="./design/Github.png" alt="logo">
+</p>
+
+<a href="https://discord.gg/nuby6RnxZt">
+  <img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
+  <img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
+</a>
+
+<br/><br/>
+<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" height="50" /></a>
+<a href=""><img src="./.github/lokalise.png" height="50">
+<br/><br/>
+
+[EN](README.md) | [简体中文](README_zh-CN.md) | ES
+
+## Acerca de
+
+_cryptgeon_ es un servicio seguro y de código abierto para compartir notas o archivos inspirado en [_PrivNote_](https://privnote.com).
+Incluye un servidor, una página web y una interfaz de línea de comandos (CLI, por sus siglas en inglés).
+
+> 🌍 Si quieres traducir este proyecto no dudes en ponerte en contacto conmigo.
+>
+> Gracias a [Lokalise](https://lokalise.com/) por darnos acceso gratis a su plataforma.
+
+## Demo
+
+### Web
+
+Prueba la demo y experimenta por ti mismo [cryptgeon.org](https://cryptgeon.org)
+
+### CLI
+
+```
+npx cryptgeon send text "Esto es una nota secreta"
+```
+
+Puedes revisar la documentación sobre el CLI en este [readme](./packages/cli/README.md).
+
+## Características
+
+- enviar texto o archivos
+- el servidor no puede desencriptar el contenido debido a que la encriptación se hace del lado del cliente
+- restriccion de vistas o de tiempo
+- en memoria, sin persistencia
+- compatibilidad obligatoria con el modo oscuro
+
+## ¿Cómo funciona?
+
+Se genera una <code>id (256bit)</code> y una <code>llave 256(bit)</code> para cada nota. La
+<code>id</code>
+se usa para guardar y recuperar la nota. Después la nota es encriptada con la <code>llave</code> y con aes en modo gcm del lado del cliente y por último se envía al servidor. La información es almacenada en memoria y nunca persiste en el disco. El servidor nunca ve la llave de encriptación por lo que no puede desencriptar el contenido de las notas aunque lo intentara.
+
+## Capturas de pantalla
+
+![screenshot](./design/Screens.png)
+
+## Variables de entorno
+
+| Variable           | Default          | Descripción                                                                                                                                                                                                   |
+| ------------------ | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `REDIS`            | `redis://redis/` | Redis URL a la que conectarse. [Según el formato](https://docs.rs/redis/latest/redis/#connection-parameters)                                                                                                     |
+| `SIZE_LIMIT`       | `1 KiB`          | Tamaño máximo. Valores aceptados según la [unidad byte](https://docs.rs/byte-unit/). <br> `512 MiB` es el máximo permitido. <br> El frontend mostrará ese número, incluyendo el ~35% de sobrecarga de codificación. |
+| `MAX_VIEWS`        | `100`            | Número máximo de vistas.                                                                                                                                                                                      |
+| `MAX_EXPIRATION`   | `360`            | Tiempo máximo de expiración en minutos.                                                                                                                                                                                |
+| `ALLOW_ADVANCED`   | `true`           | Permitir configuración personalizada. Si se establece en `false` todas las notas serán de una sola vista.                                                                                                                                |
+| `ID_LENGTH`        | `32`             | Establece el tamaño en bytes de la `id` de la nota. Por defecto es de `32` bytes. Esto es util para reducir el tamaño del link. _Esta configuración no afecta el nivel de encriptación_.                                             |
+| `VERBOSITY`        | `warn`           | Nivel de verbosidad del backend. [Posibles valores](https://docs.rs/env_logger/latest/env_logger/#enabling-logging): `error`, `warn`, `info`, `debug`, `trace`                                             |
+| `THEME_IMAGE`      | `""`             | Imagen personalizada para reemplazar el logo. Debe ser accesible públicamente.                                                                                                                                               |
+| `THEME_TEXT`       | `""`             | Texto personalizado para reemplazar la descripción bajo el logo.                                                                                                                                                      |
+| `THEME_PAGE_TITLE` | `""`             | Texto personalizado para el título                                                                                                                                                                                    |
+| `THEME_FAVICON`    | `""`             | Url personalizada para el favicon. Debe ser accesible públicamente.                                                                                                                                                        |
+
+## Despliegue
+
+> ℹ️ Se requiere `https` de lo contrario el navegador no soportará las funciones de encriptacón.
+
+> ℹ️ Hay un endpoint para verificar el estado, lo encontramos en `/api/health/`. Regresa un código 200 o 503.
+
+### Docker
+
+Docker es la manera más fácil. Aquí encontramos [la imágen oficial](https://hub.docker.com/r/cupcakearmy/cryptgeon).
+
+```yaml
+# docker-compose.yml
+
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+    # Set a size limit. See link below on how to customise.
+    # https://redis.io/docs/manual/eviction/
+    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    environment:
+      # Size limit for a single note.
+      SIZE_LIMIT: 4 MiB
+    ports:
+      - 80:8000
+
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s
+```
+
+### NGINX Proxy
+
+Ver la carpeta de [ejemplo/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx). Hay un ejemplo con un proxy simple y otro con https. Es necesario que especifiques el nombre del servidor y los certificados.
+
+### Traefik 2
+
+Ver la carpeta de [ejemplo/traefik](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/traefik).
+
+### Scratch
+
+Ver la carpeta de [ejemplo/scratch](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/scratch). Ahí encontrarás una guía de cómo configurar el servidor e instalar cryptgeon desde cero.
+
+### Synology
+
+Hay una [guía](https://mariushosting.com/how-to-install-cryptgeon-on-your-synology-nas/) (en inglés) que puedes seguir.
+
+### Guías en Youtube
+
+- En inglés, por [Webnestify](https://www.youtube.com/watch?v=XAyD42I7wyI)
+- En inglés, por [DB Tech](https://www.youtube.com/watch?v=S0jx7wpOfNM) [Previous Video](https://www.youtube.com/watch?v=JhpIatD06vE)
+- En alemán, por [ApfelCast](https://www.youtube.com/watch?v=84ZMbE9AkHg)
+
+## Desarrollo
+
+**Requisitos**
+
+- `pnpm`: `>=6`
+- `node`: `>=18`
+- `rust`: edition `2021`
+
+**Instalación**
+
+```bash
+pnpm install
+
+# También necesitas cargo-watch, si no lo tienes instalado.
+# https://lib.rs/crates/cargo-watch
+cargo install cargo-watch
+```
+
+**Ejecutar**
+
+Asegurate de que docker se esté ejecutando.
+
+```bash
+pnpm run dev
+```
+
+Ejecutando `pnpm run dev` en la carpeta raíz iniciará lo siguiente:
+
+- redis docker container
+- rust backend
+- client
+- cli
+
+Puedes ver la app en [localhost:1234](http://localhost:1234).
+
+> Existe una colección de Postman con algunas peticiones de ejemplo [disponible en el repo](./Cryptgeon.postman_collection.json)
+
+### Tests
+
+Los tests son end-to-end tests escritos con Playwright.
+
+```sh
+pnpm run test:prepare
+
+# Usa el script test o test:local. La versión local solo corre en el navegador para acelerar el desarrollo.
+pnpm run test:local
+```
+
+## Seguridad
+
+Por favor dirigite a la sección de seguridad [aquí](./SECURITY.md).
+
+---
+
+_Atribuciones_
+
+- Datos del Test:
+  - Texto para los tests [Nietzsche Ipsum](https://nietzsche-ipsum.com/)
+  - [AES Paper](https://www.cs.miami.edu/home/burt/learning/Csc688.012/rijndael/rijndael_doc_V2.pdf)
+  - [Unsplash Imágenes](https://unsplash.com/)
+- Animación de carga por [Nikhil Krishnan](https://codepen.io/nikhil8krishnan/pen/rVoXJa)
+- Iconos hechos por <a href="https://www.freepik.com" title="Freepik">freepik</a> de <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>

README_zh-CN.md

@@ -0,0 +1,184 @@
+<p align="center">
+  <img src="./design/Github_zh-CN.png" alt="logo">
+</p>
+
+<a href="https://discord.gg/nuby6RnxZt">
+  <img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
+  <img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
+  <img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
+</a>
+
+<br/>
+<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" height="50" /></a>
+<a href=""><img src="./.github/lokalise.png" height="50">
+<br/>
+
+[EN](README.md) | 简体中文 | [ES](README_ES.md) 
+
+## 关于本项目
+
+_加密鸽_ 是一个受 [_PrivNote_](https://privnote.com)项目启发的安全、开源共享密信和文件共享服务器
+
+> 🌍 如果你想翻译此项目请随时与我联系.
+>
+> 感谢 [Lokalise](https://lokalise.com/) 提供免费的平台服务支持
+
+## 演示示例
+
+查看加密鸽的在线演示 demo： [cryptgeon.org](https://cryptgeon.org)
+
+## 功能
+
+- 服务端无法解密和查看客户端加密的内容
+- 查看次数或时间限制，阅后即焚
+- 您发送的数据将存放于内存中，不会写入到磁盘中
+- 黑暗模式支持
+
+## 加密鸽是如何工作的？
+
+加密鸽会为每条笔记都生成一个独立的 <code>id (256bit)</code> 和 <code>key 256(bit)</code>。
+
+其中<code>id</code>用于保存和提取密信， 在这之后这封密信将会被客户端使用 AES 算法的 GCM 模式和`key`进行加密然后发送至服务器，数据将会保存在服务器的内存中且永远不会被持久化到硬盘上，服务端永远不会得到密钥并且无法解读密信的内容。
+
+## 屏幕截图
+
+![screenshot](./design/Screens.png)
+
+## 环境变量
+
+| 变量名称          | 默认值           | 描述                                                                              |
+| ----------------- | ---------------- | --------------------------------------------------------------------------------- |
+| `REDIS`           | `redis://redis/` | Redis 连接 URL。                                                                  |
+| `SIZE_LIMIT`      | `1 KiB`          | 最大请求体(body)限制。有关支持的数值请查看 [字节单位](https://docs.rs/byte-unit/) |
+| `MAX_VIEWS`       | `100`            | 密信最多查看次数限制                                                              |
+| ` MAX_EXPIRATION` | `360`            | 密信最长过期时间限制(分钟)                                                        |
+| `ALLOW_ADVANCED`  | `true`           | 是否允许自定义设置，该项如果设为`false`，则不会显示自定义设置模块                 |
+| `THEME_IMAGE`     | `""`             | 自定义 Logo 图片，你在这里填写的的图片链接必须是可以公开访问的。                  |
+| `THEME_TEXT`      | `""`             | 自定义在 Logo 下方的文本。                                                        |
+
+## 部署
+
+ℹ️ 加密鸽必须使用`https`，否则浏览器可能将不会支援加密鸽的加密算法。
+
+### Docker
+
+Docker 是最简单的部署方式。这里是[官方镜像的地址](https://hub.docker.com/r/cupcakearmy/cryptgeon)。
+
+附：译者的[部署笔记](https://www.hash070.top/archives/cryptgeon-docker-deploy.html)
+
+```yaml
+# docker-compose.yml
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    environment:
+      SIZE_LIMIT: 4 MiB
+    ports:
+      - 80:8000
+```
+
+### NGINX 反向代理
+
+查看 [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) 目录。那里有几个示例反代配置文件模板，其中一个是带 https 配置的反代配置模板，你需要指定服务器的名称和证书才能生效。
+
+### Traefik 2
+
+假设:
+
+- 外部 Docker 代理网络 `proxy`
+- 证书解析器 `le`
+- 一个 https 入站点 `secure`
+- 域名 `example.org`
+
+```yaml
+version: '3.8'
+
+networks:
+  proxy:
+    external: true
+
+services:
+  redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    restart: unless-stopped
+    depends_on:
+      - redis
+    networks:
+      - default
+      - proxy
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.cryptgeon.rule=Host(`example.org`)
+      - traefik.http.routers.cryptgeon.entrypoints=secure
+      - traefik.http.routers.cryptgeon.tls.certresolver=le
+```
+
+## 开发
+
+**环境要求**
+
+- `pnpm`: `>=6`
+- `node`: `>=14`
+- `rust`: edition `2021`
+
+**安装**
+
+```bash
+pnpm install
+pnpm --prefix frontend install
+
+# 你还需要安装CargoWatch.
+# https://lib.rs/crates/cargo-watch
+cargo install cargo-watch
+```
+
+**运行**
+
+确保你的 Docker 正在运行
+
+```bash
+pnpm run dev
+```
+
+在根目录执行 `pnpm run dev` 会开启下列服务:
+
+- 一个 redis docker 容器
+- 无热重载的 rust 后端
+- 可热重载的客户端
+
+你可以通过 1234 端口进入该应用，即 [localhost:1234](http://localhost:1234).
+
+## 测试
+
+这些测试是用 Playwright 实现的一些端到端测试用例。
+
+```sh
+pnpm run test:prepare
+docker compose up redis -d
+pnpm run test:server
+
+# 在另一个终端中：
+# 使用test或者test:local script。为了更快的开发，本地版本只会在一个浏览器中运行。
+pnpm run test:local
+```
+
+###### Attributions
+
+- 测试数据:
+  - 测试文本 [Nietzsche Ipsum](https://nietzsche-ipsum.com/)
+  - [AES Paper](https://www.cs.miami.edu/home/burt/learning/Csc688.012/rijndael/rijndael_doc_V2.pdf)
+  - [Unsplash Pictures](https://unsplash.com/)
+- 加载动画由 [Nikhil Krishnan](https://codepen.io/nikhil8krishnan/pen/rVoXJa) 提供
+- 图标由来自 <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a> 的 <a href="https://www.freepik.com" title="Freepik">freepik</a> 提供

SECURITY.md

@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+Please ensure that you are using the latest major version available.
+
+| Version | Supported |
+| ------- | --------- |
+| 2.x     | ✅        |
+| < 1.x   | ❌        |
+
+## Reporting a vulnerability
+
+_cryptgeon_ has a full disclosure vulnerability policy.
+Report any bug / vulnerability directly to the [issue tracker](https://github.com/cupcakearmy/cryptgeon/issues).
+Please do NOT attempt to report any security vulnerability in this code privately to anybody.
+
+> Shamefully copied of the [ring security section](https://github.com/briansmith/ring#bug-reporting).

client/.dockerignore

@@ -1,5 +0,0 @@
-.DS_Store
-node_modules
-/.svelte
-/build
-/functions

client/.npmrc

@@ -1 +0,0 @@
-engine-strict=true

client/README.md

@@ -1,38 +0,0 @@
-# create-svelte
-
-Everything you need to build a Svelte project, powered by [`create-svelte`](https://github.com/sveltejs/kit/tree/master/packages/create-svelte);
-
-## Creating a project
-
-If you're seeing this, you've probably already done this step. Congrats!
-
-```bash
-# create a new project in the current directory
-npm init svelte@next
-
-# create a new project in my-app
-npm init svelte@next my-app
-```
-
-> Note: the `@next` is temporary
-
-## Developing
-
-Once you've created a project and installed dependencies with `npm install` (or `pnpm install` or `yarn`), start a development server:
-
-```bash
-npm run dev
-
-# or start the server and open the app in a new browser tab
-npm run dev -- --open
-```
-
-## Building
-
-Before creating a production version of your app, install an [adapter](https://kit.svelte.dev/docs#adapters) for your target environment. Then:
-
-```bash
-npm run build
-```
-
-> You can preview the built app with `npm run preview`, regardless of whether you installed an adapter. This should _not_ be used to serve your app in production.

client/licenses.csv

@@ -1,7 +0,0 @@
-├─ MIT: 43
-├─ MIT*: 2
-├─ BSD-3-Clause: 2
-├─ ISC: 1
-├─ 0BSD: 1
-└─ Apache-2.0: 1
-

client/package.json

@@ -1,24 +0,0 @@
-{
-	"private": true,
-	"scripts": {
-		"dev": "svelte-kit dev",
-		"build": "svelte-kit build",
-		"preview": "svelte-kit preview",
-		"licenses": "npx license-checker --summary > licenses.csv"
-	},
-	"devDependencies": {
-		"@sveltejs/adapter-static": "next",
-		"@sveltejs/kit": "next",
-		"svelte": "^3.34.0",
-		"svelte-preprocess": "^4.0.0",
-		"tslib": "^2.0.0",
-		"typescript": "^4.0.0",
-		"vite": "^2.1.0"
-	},
-	"type": "module",
-	"dependencies": {
-		"@fontsource/fira-mono": "^4.2.2",
-		"axios": "^0.21.1",
-		"copy-to-clipboard": "^3.3.1"
-	}
-}

client/src/app.css

@@ -1,80 +0,0 @@
-@import '@fontsource/fira-mono';
-
-* {
-	box-sizing: border-box;
-}
-
-:root {
-	font-family: 'Fira Mono', monospace;
-
-	--ui-bg-0: #fefefe;
-	--ui-bg-0-85: #fefefed9;
-	--ui-bg-1: #eee;
-	--ui-bg-2: #e2e2e2;
-	--ui-text-0: #111;
-	--ui-text-1: #222;
-	--ui-clr-primary: hsl(186, 65%, 55%);
-	--ui-clr-error: hsl(357, 77%, 51%);
-
-	--ui-anim: all 150ms ease;
-}
-
-@media (prefers-color-scheme: dark) {
-	:root {
-		--ui-bg-0: #111;
-		--ui-bg-0-85: #111111d9;
-		--ui-bg-1: #222;
-		--ui-bg-2: #282828;
-		--ui-text-0: #fefefe;
-		--ui-text-1: #eee;
-	}
-}
-
-.error-text {
-	color: var(--ui-clr-error);
-}
-
-body {
-	min-height: 100vh;
-	margin: 0;
-	background-color: var(--ui-bg-0);
-	color: var(--ui-text-0);
-}
-
-a {
-	color: inherit;
-	text-decoration: inherit;
-	box-sizing: content-box;
-	border-bottom: 2px solid var(--ui-bg-2);
-	cursor: pointer;
-}
-
-a:active {
-	border-color: var(--ui-clr-primary);
-}
-
-a:hover {
-	border-color: var(--ui-text-0);
-}
-
-input,
-textarea,
-button {
-	appearance: none;
-	transition: var(--ui-anim);
-	font-family: inherit;
-	font-size: inherit;
-	background: inherit;
-	color: inherit;
-}
-
-*:disabled,
-*[disabled='true'] {
-	opacity: 0.5;
-}
-
-fieldset {
-	margin: 0;
-	padding: 0;
-	border: none;
-}

client/src/global.d.ts

@@ -1,3 +0,0 @@
-/// <reference types="@sveltejs/kit" />
-/// <reference types="svelte" />
-/// <reference types="vite/client" />

client/src/lib/api.ts

@@ -1,38 +0,0 @@
-import axios from 'axios'
-import { dev } from '$app/env'
-
-const base = axios.create({ baseURL: dev ? 'http://localhost:5000' : undefined })
-
-export type Note = {
-	contents: string
-	password: boolean
-	views?: number
-	expiration?: number
-}
-export type NoteInfo = Pick<Note, 'password'>
-export type NotePublic = Pick<Note, 'contents'>
-
-export async function create(note: Note) {
-	const { data } = await base({
-		url: '/api/notes',
-		method: 'post',
-		data: note,
-	})
-	return data as { id: string }
-}
-
-export async function get(id: string) {
-	const { data } = await base({
-		url: `/api/notes/${id}`,
-		method: 'delete',
-	})
-	return data as NotePublic
-}
-
-export async function info(id: string) {
-	const { data } = await base({
-		url: `/api/notes/${id}`,
-		method: 'get',
-	})
-	return data as NoteInfo
-}

client/src/lib/crypto.ts

@@ -1,71 +0,0 @@
-export class Hex {
-	static encode(buffer: ArrayBuffer): string {
-		let s = ''
-		for (const i of new Uint8Array(buffer)) {
-			s += i.toString(16).padStart(2, '0')
-		}
-		return s
-	}
-
-	static decode(s: string): ArrayBuffer {
-		const size = s.length / 2
-		const buffer = new Uint8Array(size)
-		for (let i = 0; i < size; i++) {
-			const idx = i * 2
-			const segment = s.slice(idx, idx + 2)
-			buffer[i] = parseInt(segment, 16)
-		}
-		return buffer
-	}
-}
-
-const ALG = 'AES-GCM'
-
-export function getRandomBytes(size = 16): Uint8Array {
-	return window.crypto.getRandomValues(new Uint8Array(size))
-}
-
-export function getKeyFromString(password: string) {
-	return window.crypto.subtle.importKey(
-		'raw',
-		new TextEncoder().encode(password),
-		'PBKDF2',
-		false,
-		['deriveBits', 'deriveKey']
-	)
-}
-
-export async function getDerivedForKey(key: CryptoKey, salt: ArrayBuffer) {
-	const iterations = 1_000
-	return window.crypto.subtle.deriveKey(
-		{
-			name: 'PBKDF2',
-			salt,
-			iterations,
-			hash: 'SHA-512',
-		},
-		key,
-		{ name: ALG, length: 256 },
-		true,
-		['encrypt', 'decrypt']
-	)
-}
-
-export async function encrypt(plaintext: string, key: CryptoKey) {
-	const salt = getRandomBytes(16)
-	const derived = await getDerivedForKey(key, salt)
-	const iv = getRandomBytes(16)
-	const encrypted = await window.crypto.subtle.encrypt(
-		{ name: ALG, iv },
-		derived,
-		new TextEncoder().encode(plaintext)
-	)
-	return [salt, iv, encrypted].map(Hex.encode).join(':')
-}
-
-export async function decrypt(ciphertext: string, key: CryptoKey) {
-	const [salt, iv, encrypted] = ciphertext.split(':').map(Hex.decode)
-	const derived = await getDerivedForKey(key, salt)
-	const plaintext = await window.crypto.subtle.decrypt({ name: ALG, iv }, derived, encrypted)
-	return new TextDecoder().decode(plaintext)
-}

client/src/lib/ui/Icon.svelte

@@ -1,33 +0,0 @@
-<script lang="ts">
-	import { onMount } from 'svelte'
-	export let icon: string
-
-	$: src = `/icons/${icon}.svg`
-
-	let html = null
-
-	onMount(async () => {
-		html = await fetch(src).then((res) => res.text())
-	})
-</script>
-
-{#if html === null}
-	<img on:click {...$$restProps} {src} alt={icon} />
-{:else}
-	<div on:click {...$$restProps}>
-		{@html html}
-	</div>
-{/if}
-
-<style>
-	img,
-	div {
-		display: inline-block;
-		contain: strict;
-		box-sizing: content-box;
-	}
-	div > :global(svg) {
-		display: block;
-		fill: currentColor;
-	}
-</style>

client/src/lib/ui/TextArea.svelte

@@ -1,29 +0,0 @@
-<script lang="ts">
-	export let label: string = ''
-	export let value: string
-</script>
-
-<label>
-	<small>
-		{label}
-	</small>
-	<textarea {...$$restProps} bind:value />
-</label>
-
-<style>
-	textarea {
-		width: 100%;
-		min-height: 8rem;
-		margin: 0;
-		padding: 0;
-		border: 2px solid var(--ui-bg-1);
-		resize: vertical;
-		outline: none;
-		padding: 0.5rem;
-	}
-
-	textarea:hover,
-	textarea:focus {
-		border-color: var(--ui-clr-primary);
-	}
-</style>

client/src/lib/views/Create.svelte

@@ -1,159 +0,0 @@
-<script lang="ts">
-	import type { Note } from '$lib/api'
-	import { create } from '$lib/api'
-	import { getKeyFromString, encrypt } from '$lib/crypto'
-
-	import Button from '$lib/ui/Button.svelte'
-	import Switch from '$lib/ui/Switch.svelte'
-	import TextArea from '$lib/ui/TextArea.svelte'
-	import TextInput from '$lib/ui/TextInput.svelte'
-
-	let note: Note = {
-		contents: '',
-		password: false,
-		views: 1,
-		expiration: 60,
-	}
-	let password: string = ''
-	let result: { password: string; id: string } | null = null
-	let advanced = false
-	let type = false
-	let message = ''
-	let loading = false
-	let error: string | null = null
-
-	$: if (!advanced) {
-		note.views = 1
-		type = false
-	}
-
-	$: {
-		let fraction: string
-		fraction = type ? `${note.expiration} minutes` : `${note.views} views`
-		message = 'the note will expire and be destroyed after ' + fraction
-	}
-
-	async function submit() {
-		try {
-			error = null
-			loading = true
-			const data: Note = {
-				contents: note.contents,
-				password: !!password,
-			}
-			// @ts-ignore
-			if (type) data.expiration = parseInt(note.expiration)
-			// @ts-ignore
-			else data.views = parseInt(note.views)
-			if (data.password) {
-				const key = await getKeyFromString(password)
-				data.contents = await encrypt(data.contents, key)
-			}
-
-			const response = await create(data)
-			result = {
-				password: password,
-				id: response.id,
-			}
-		} catch {
-			error = 'could not create note.'
-		} finally {
-			loading = false
-		}
-	}
-
-	function reset() {
-		window.location.reload()
-	}
-</script>
-
-{#if result}
-	{#if result.password}
-		<TextInput type="password" readonly value={result.password} copy />
-		<br />
-	{/if}
-	<TextInput type="text" readonly value="{window.location.origin}/note/{result.id}" copy />
-	<br />
-	<Button on:click={reset}>new</Button>
-{:else}
-	<form on:submit|preventDefault={submit}>
-		<fieldset disabled={loading}>
-			<TextArea label="note" bind:value={note.contents} placeholder="..." />
-
-			<div class="bottom">
-				<Switch label="advanced" bind:value={advanced} />
-				<Button type="submit">create</Button>
-			</div>
-
-			{#if error}
-				<div class="error-text">{error}</div>
-			{/if}
-
-			<p><br />{message}</p>
-
-			<div class="advanced" class:hidden={!advanced}>
-				<br />
-				<div class="fields">
-					<TextInput
-						type="number"
-						label="views"
-						bind:value={note.views}
-						disabled={type}
-						max={100}
-					/>
-					<div class="middle-switch">
-						<Switch label="mode" bind:value={type} color={false} />
-					</div>
-					<TextInput
-						type="number"
-						label="minutes"
-						bind:value={note.expiration}
-						disabled={!type}
-						max={360}
-					/>
-				</div>
-				<br />
-				<TextInput
-					type="password"
-					label="password"
-					placeholder="optional"
-					bind:value={password}
-					copy
-					random
-				/>
-			</div>
-
-			<style>
-				.fields {
-					display: flex;
-				}
-				.spacer {
-					width: 3rem;
-				}
-			</style>
-		</fieldset>
-	</form>
-{/if}
-
-<style>
-	.bottom {
-		display: flex;
-		justify-content: space-between;
-		align-items: flex-end;
-		margin-top: 0.5rem;
-	}
-
-	.middle-switch {
-		margin: 0 1rem;
-	}
-
-	.advanced {
-		max-height: 14em;
-		overflow: hidden;
-		transition: var(--ui-anim);
-	}
-
-	.advanced.hidden {
-		max-height: 0;
-	}
-</style>

client/src/lib/views/Header/Logo.svg

@@ -1 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg width="100%" height="100%" viewBox="0 0 475 200" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:2;"><g id="Logo"><clipPath id="_clip1"><rect x="4.516" y="3.225" width="193.55" height="193.55"/></clipPath><g clip-path="url(#_clip1)"><g><g><path d="M171.604,43.296c-2.087,-0 -3.78,1.693 -3.78,3.78c-0,2.087 1.693,3.78 3.78,3.78c2.087,0 3.78,-1.693 3.78,-3.78c0,-2.087 -1.693,-3.78 -3.78,-3.78Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M101.291,134.023c-2.087,-0 -3.78,1.693 -3.78,3.78c-0,2.087 1.693,3.78 3.78,3.78c2.087,0 3.78,-1.693 3.78,-3.78c0,-2.087 -1.693,-3.78 -3.78,-3.78Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M154.215,96.22c-2.088,-0 -3.78,1.692 -3.78,3.78c-0,18.76 -15.263,34.023 -34.023,34.023c-2.088,-0 -3.78,1.692 -3.78,3.78c-0,2.088 1.692,3.78 3.78,3.78c22.929,0 41.583,-18.654 41.583,-41.583c0,-2.088 -1.692,-3.78 -3.78,-3.78Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M197.667,60.507l-9.515,-19.026c-4.101,-8.207 -12.349,-13.306 -21.526,-13.306c-7.48,-0 -14.627,3.547 -19.155,9.498l-10.678,12.016c-2.847,-4.047 -7.021,-7.049 -11.831,-8.421l-19.102,-5.459c-14.623,-4.178 -28.92,-15.441 -39.227,-30.901c-0.924,-1.386 -2.646,-2.003 -4.24,-1.521c-1.595,0.483 -2.685,1.953 -2.685,3.618l-0,20.372c-0,9.468 1.418,18.804 4.219,27.813c-2.936,0.73 -5.896,1.34 -8.842,1.816c-5.773,0.936 -11.654,1.411 -17.48,1.411l-29.309,-0c-1.374,-0 -2.64,0.746 -3.306,1.948c-0.666,1.202 -0.628,2.671 0.101,3.836l22.636,36.219c9.672,15.473 26.33,25.183 44.578,25.983l-36.36,41.158c-5.602,5.728 -3.654,15.315 3.746,18.396l20.018,9.887c0.088,0.044 0.179,0.084 0.271,0.121c5.789,2.313 12.389,-0.496 14.725,-6.279l13.969,-32.982l27.738,0c31.966,0 58.972,-25.967 58.972,-56.704l0,-22.682c0,-6.253 5.088,-11.341 11.341,-11.341l7.561,0c1.31,0 2.527,-0.678 3.216,-1.793c0.688,-1.114 0.751,-2.506 0.165,-3.677Zm-130.399,-42.236c10.418,12.203 23.307,21.034 36.515,24.808l19.104,5.459c3.725,1.063 6.865,3.624 8.666,7.048l-10.049,11.307l-17.652,-10.591c-7.646,-4.588 -16.746,-6.412 -25.776,-4.951c-2.837,0.46 -4.648,1.038 -6.877,1.759c-2.609,-8.332 -3.931,-16.971 -3.931,-25.733l0,-9.106Zm119.457,40.146c-10.422,-0 -18.901,8.479 -18.901,18.901l-0,22.682c-0,26.639 -23.544,49.144 -51.412,49.144l-30.242,-0c-10.771,-0 -20.452,5.983 -25.265,15.615l-0.798,1.596c-0.934,1.867 -0.177,4.137 1.691,5.071c1.867,0.934 4.138,0.176 5.072,-1.691c0.44,-0.586 3.306,-9.102 13.21,-12.125l-12.349,29.159c-0.01,0.024 -0.02,0.047 -0.03,0.071c-0.75,1.877 -2.864,2.851 -4.8,2.148c-21.279,-10.506 -19.997,-9.888 -20.252,-9.99c-2.526,-1.01 -3.191,-4.259 -1.267,-6.182c0.131,-0.131 8.026,-9.078 41.009,-46.411c13.867,-0.617 26.842,-6.319 36.694,-16.172c1.477,-1.476 1.477,-3.87 0,-5.346c-1.476,-1.477 -3.869,-1.476 -5.346,-0c-16.827,16.828 -36.803,13.634 -39.027,14.014c-16.604,0 -31.772,-8.407 -40.574,-22.488l-2.417,-3.868l2.729,1.065c17.308,6.753 38.919,4.347 53.817,-5.586c1.737,-1.158 2.206,-3.505 1.048,-5.242c-1.158,-1.737 -3.505,-2.207 -5.243,-1.048c-13.085,8.724 -31.922,10.666 -46.874,4.832l-12.185,-4.753l-9.896,-15.836l22.488,0c6.23,0 12.518,-0.507 18.688,-1.507c12.711,-2.055 18.051,-4.855 22.993,-5.655c7.181,-1.163 14.516,0.274 20.677,3.97l29.625,17.775c1.79,1.074 4.112,0.494 5.187,-1.296c1.074,-1.79 0.494,-4.113 -1.296,-5.187l-5.377,-3.226c26.559,-29.893 25.139,-28.272 25.319,-28.511c3.102,-4.136 8.038,-6.605 13.205,-6.605c6.293,0 11.95,3.497 14.764,9.127l6.779,13.555l-1.444,-0Z" style="fill-rule:nonzero;"/></g></g></g><text x="195.418px" y="127.131px" style="font-family:'Sofia-Regular', 'Sofia';font-size:60.681px;">cryptogeon</text></g></svg>

client/src/lib/views/Header/index.svelte

@@ -1,74 +0,0 @@
-<script lang="ts">
-</script>
-
-<header>
-	<a href="/">
-		<svg
-			width="100%"
-			height="100%"
-			viewBox="0 0 475 200"
-			version="1.1"
-			xmlns="http://www.w3.org/2000/svg"
-			xmlns:xlink="http://www.w3.org/1999/xlink"
-			xml:space="preserve"
-			style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:2;"
-			fill="currentColor"
-			><g id="Logo"
-				><clipPath id="_clip1"><rect x="4.516" y="3.225" width="193.55" height="193.55" /></clipPath
-				><g clip-path="url(#_clip1)"
-					><g
-						><g
-							><path
-								d="M171.604,43.296c-2.087,-0 -3.78,1.693 -3.78,3.78c-0,2.087 1.693,3.78 3.78,3.78c2.087,0 3.78,-1.693 3.78,-3.78c0,-2.087 -1.693,-3.78 -3.78,-3.78Z"
-								style="fill-rule:nonzero;"
-							/></g
-						></g
-					><g
-						><g
-							><path
-								d="M101.291,134.023c-2.087,-0 -3.78,1.693 -3.78,3.78c-0,2.087 1.693,3.78 3.78,3.78c2.087,0 3.78,-1.693 3.78,-3.78c0,-2.087 -1.693,-3.78 -3.78,-3.78Z"
-								style="fill-rule:nonzero;"
-							/></g
-						></g
-					><g
-						><g
-							><path
-								d="M154.215,96.22c-2.088,-0 -3.78,1.692 -3.78,3.78c-0,18.76 -15.263,34.023 -34.023,34.023c-2.088,-0 -3.78,1.692 -3.78,3.78c-0,2.088 1.692,3.78 3.78,3.78c22.929,0 41.583,-18.654 41.583,-41.583c0,-2.088 -1.692,-3.78 -3.78,-3.78Z"
-								style="fill-rule:nonzero;"
-							/></g
-						></g
-					><g
-						><g
-							><path
-								d="M197.667,60.507l-9.515,-19.026c-4.101,-8.207 -12.349,-13.306 -21.526,-13.306c-7.48,-0 -14.627,3.547 -19.155,9.498l-10.678,12.016c-2.847,-4.047 -7.021,-7.049 -11.831,-8.421l-19.102,-5.459c-14.623,-4.178 -28.92,-15.441 -39.227,-30.901c-0.924,-1.386 -2.646,-2.003 -4.24,-1.521c-1.595,0.483 -2.685,1.953 -2.685,3.618l-0,20.372c-0,9.468 1.418,18.804 4.219,27.813c-2.936,0.73 -5.896,1.34 -8.842,1.816c-5.773,0.936 -11.654,1.411 -17.48,1.411l-29.309,-0c-1.374,-0 -2.64,0.746 -3.306,1.948c-0.666,1.202 -0.628,2.671 0.101,3.836l22.636,36.219c9.672,15.473 26.33,25.183 44.578,25.983l-36.36,41.158c-5.602,5.728 -3.654,15.315 3.746,18.396l20.018,9.887c0.088,0.044 0.179,0.084 0.271,0.121c5.789,2.313 12.389,-0.496 14.725,-6.279l13.969,-32.982l27.738,0c31.966,0 58.972,-25.967 58.972,-56.704l0,-22.682c0,-6.253 5.088,-11.341 11.341,-11.341l7.561,0c1.31,0 2.527,-0.678 3.216,-1.793c0.688,-1.114 0.751,-2.506 0.165,-3.677Zm-130.399,-42.236c10.418,12.203 23.307,21.034 36.515,24.808l19.104,5.459c3.725,1.063 6.865,3.624 8.666,7.048l-10.049,11.307l-17.652,-10.591c-7.646,-4.588 -16.746,-6.412 -25.776,-4.951c-2.837,0.46 -4.648,1.038 -6.877,1.759c-2.609,-8.332 -3.931,-16.971 -3.931,-25.733l0,-9.106Zm119.457,40.146c-10.422,-0 -18.901,8.479 -18.901,18.901l-0,22.682c-0,26.639 -23.544,49.144 -51.412,49.144l-30.242,-0c-10.771,-0 -20.452,5.983 -25.265,15.615l-0.798,1.596c-0.934,1.867 -0.177,4.137 1.691,5.071c1.867,0.934 4.138,0.176 5.072,-1.691c0.44,-0.586 3.306,-9.102 13.21,-12.125l-12.349,29.159c-0.01,0.024 -0.02,0.047 -0.03,0.071c-0.75,1.877 -2.864,2.851 -4.8,2.148c-21.279,-10.506 -19.997,-9.888 -20.252,-9.99c-2.526,-1.01 -3.191,-4.259 -1.267,-6.182c0.131,-0.131 8.026,-9.078 41.009,-46.411c13.867,-0.617 26.842,-6.319 36.694,-16.172c1.477,-1.476 1.477,-3.87 0,-5.346c-1.476,-1.477 -3.869,-1.476 -5.346,-0c-16.827,16.828 -36.803,13.634 -39.027,14.014c-16.604,0 -31.772,-8.407 -40.574,-22.488l-2.417,-3.868l2.729,1.065c17.308,6.753 38.919,4.347 53.817,-5.586c1.737,-1.158 2.206,-3.505 1.048,-5.242c-1.158,-1.737 -3.505,-2.207 -5.243,-1.048c-13.085,8.724 -31.922,10.666 -46.874,4.832l-12.185,-4.753l-9.896,-15.836l22.488,0c6.23,0 12.518,-0.507 18.688,-1.507c12.711,-2.055 18.051,-4.855 22.993,-5.655c7.181,-1.163 14.516,0.274 20.677,3.97l29.625,17.775c1.79,1.074 4.112,0.494 5.187,-1.296c1.074,-1.79 0.494,-4.113 -1.296,-5.187l-5.377,-3.226c26.559,-29.893 25.139,-28.272 25.319,-28.511c3.102,-4.136 8.038,-6.605 13.205,-6.605c6.293,0 11.95,3.497 14.764,9.127l6.779,13.555l-1.444,-0Z"
-								style="fill-rule:nonzero;"
-							/></g
-						></g
-					></g
-				><text
-					x="195.418px"
-					y="127.131px"
-					style="font-family:'Sofia-Regular', 'Sofia';font-size:60.681px;">cryptogeon</text
-				></g
-			></svg
-		>
-	</a>
-</header>
-
-<style>
-	a {
-		border: none;
-	}
-
-	header {
-		text-align: center;
-		margin-top: calc(min(15vh, 6rem));
-		margin-bottom: 4rem;
-	}
-
-	header svg {
-		width: 100%;
-		max-width: 16rem;
-		transform: translateX(-1rem);
-	}
-</style>

client/src/routes/$layout.svelte

@@ -1,45 +0,0 @@
-<script lang="ts">
-	import '../app.css'
-	import Header from '$lib/views/Header/index.svelte'
-</script>
-
-<svelte:head>
-	<title>cryptgeon</title>
-</svelte:head>
-
-<main>
-	<Header />
-	<slot />
-</main>
-
-<footer>
-	<a href="/">/home</a>
-	<a href="/about">/about</a>
-	<a href="https://github.com/cupcakearmy/cryptgeon" target="_blank" rel="noopener">/code</a>
-</footer>
-
-<style>
-	a {
-		margin: 0 0.5rem;
-	}
-	main {
-		padding: 1rem;
-		padding-bottom: 4rem;
-		width: 100%;
-		max-width: 35rem;
-		margin: 0 auto;
-	}
-
-	footer {
-		display: flex;
-		flex-direction: row;
-		justify-content: flex-end;
-		align-items: center;
-		padding: 1rem;
-		position: fixed;
-		bottom: 0;
-		right: 0;
-		width: 100%;
-		background-color: var(--ui-bg-0-85);
-	}
-</style>

client/src/routes/about.svelte

@@ -1,66 +0,0 @@
-<script context="module">
-	import { browser, dev } from '$app/env'
-	export const hydrate = dev
-	export const router = browser
-	export const prerender = true
-</script>
-
-<svelte:head>
-	<title>About</title>
-</svelte:head>
-
-<section class="content">
-	<h1>About</h1>
-
-	<p>
-		<i>cryptgeon</i> is an secure, open source sharing note service inspired by
-		<a href="https://privnote.com"><i>PrivNote</i></a>.
-	</p>
-
-	<p>
-		<b>▶ how does it work?</b>
-		<br />
-		each note has a 512bit generated <i>id</i> that is used to retrieve the note. data is stored in memory
-		and never persisted to disk.
-	</p>
-
-	<b>▶ Features</b>
-	<ul>
-		<li>view and time constrains</li>
-		<li>in memory, no persistence</li>
-		<li>in browser encryption → server cannot decrypt contents</li>
-	</ul>
-
-	<p>
-		<b>▶ tech stack</b>
-		<br />
-		the backend is written in rust and the frontend is svelte and typescript.
-		<br />
-		you are welcomed to check & audit the
-		<a href="https://github.com/cupcakearmy/cryptgeon" target="_blank" rel="noopener">source code</a
-		>.
-	</p>
-
-	<p>
-		<br />
-		<b>▶ attributions</b>
-		<br />
-		<small>
-			icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from
-			<a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
-		</small>
-	</p>
-</section>
-
-<style>
-	section {
-		width: 100%;
-	}
-
-	ul {
-		margin: 0;
-		padding: 0;
-		padding-left: 1rem;
-		list-style: square;
-	}
-</style>

client/src/routes/note/[id].svelte

@@ -1,98 +0,0 @@
-<script context="module" lang="ts">
-	export async function load({ page }) {
-		return {
-			props: page.params,
-		}
-	}
-</script>
-
-<script lang="ts">
-	import type { NotePublic } from '$lib/api'
-	import { info, get } from '$lib/api'
-	import { decrypt, getKeyFromString } from '$lib/crypto'
-	import Button from '$lib/ui/Button.svelte'
-	import TextInput from '$lib/ui/TextInput.svelte'
-	import copy from 'copy-to-clipboard'
-
-	import { onMount } from 'svelte'
-
-	export let id: string
-	let needPassword = false
-	let password: string = ''
-	let note: NotePublic | null = null
-	let exists = false
-
-	let loading = true
-	let error = false
-
-	onMount(async () => {
-		try {
-			loading = true
-			error = null
-			const data = await info(id)
-			needPassword = data.password
-			exists = true
-		} catch {
-			exists = false
-		} finally {
-			loading = false
-		}
-	})
-
-	async function show() {
-		const data = note || (await get(id)) // Don't get the content twice on wrong password.
-		if (needPassword) {
-			try {
-				const key = await getKeyFromString(password)
-				data.contents = await decrypt(data.contents, key)
-				error = false
-			} catch {
-				error = true
-			}
-		}
-		note = data
-	}
-</script>
-
-{#if !loading}
-	{#if !exists}
-		<p class="error-text">note was not found or was already deleted.</p>
-	{:else if note && !error}
-		<p class="error-text">you will not get the chance to see the note again.</p>
-		<div class="note">
-			{note.contents}
-		</div>
-		<br />
-		<Button on:click={() => copy(note.contents)}>copy to clipboard</Button>
-	{:else}
-		<form on:submit|preventDefault={show}>
-			<p>click below to show and delete the note if the counter has reached it's limit</p>
-			{#if needPassword}
-				<TextInput type="password" label="password" bind:value={password} />
-				<br />
-			{/if}
-			<Button type="submit">show note</Button>
-			{#if error}
-				<br />
-				<p class="error-text">
-					wrong password. could not decipher.
-					<br />
-					note already destroyed. try again without reloading the page.
-				</p>
-			{/if}
-		</form>
-	{/if}
-{/if}
-
-<style>
-	.note {
-		width: 100%;
-		margin: 0;
-		padding: 0;
-		border: 2px solid var(--ui-bg-1);
-		outline: none;
-		padding: 0.5rem;
-		white-space: pre;
-		overflow: auto;
-	}
-</style>

client/static/icons/copy-sharp.svg

@@ -1 +0,0 @@
-<svg xmlns='http://www.w3.org/2000/svg' class='ionicon' viewBox='0 0 512 512'><title>Copy</title><path d='M456 480H136a24 24 0 01-24-24V128a16 16 0 0116-16h328a24 24 0 0124 24v320a24 24 0 01-24 24z'/><path d='M112 80h288V56a24 24 0 00-24-24H60a28 28 0 00-28 28v316a24 24 0 0024 24h24V112a32 32 0 0132-32z'/></svg>

client/static/icons/dice-sharp.svg

@@ -1 +0,0 @@
-<svg xmlns='http://www.w3.org/2000/svg' class='ionicon' viewBox='0 0 512 512'><title>Dice</title><path d='M48 366.92L240 480V284L48 170zM192 288c8.84 0 16 10.75 16 24s-7.16 24-16 24-16-10.75-16-24 7.16-24 16-24zm-96 32c8.84 0 16 10.75 16 24s-7.16 24-16 24-16-10.75-16-24 7.16-24 16-24zM272 284v196l192-113.08V170zm48 140c-8.84 0-16-10.75-16-24s7.16-24 16-24 16 10.75 16 24-7.16 24-16 24zm0-88c-8.84 0-16-10.75-16-24s7.16-24 16-24 16 10.75 16 24-7.16 24-16 24zm96 32c-8.84 0-16-10.75-16-24s7.16-24 16-24 16 10.75 16 24-7.16 24-16 24zm0-88c-8.84 0-16-10.75-16-24s7.16-24 16-24 16 10.75 16 24-7.16 24-16 24zm32 77.64zM256 32L64 144l192 112 192-112zm0 120c-13.25 0-24-7.16-24-16s10.75-16 24-16 24 7.16 24 16-10.75 16-24 16z'/></svg>

client/static/icons/eye-off-sharp.svg

@@ -1 +0,0 @@
-<svg xmlns='http://www.w3.org/2000/svg' class='ionicon' viewBox='0 0 512 512'><title>Eye Off</title><path d='M63.998 86.004l21.998-21.998L448 426.01l-21.998 21.998zM259.34 192.09l60.57 60.57a64.07 64.07 0 00-60.57-60.57zM252.66 319.91l-60.57-60.57a64.07 64.07 0 0060.57 60.57z'/><path d='M256 352a96 96 0 01-92.6-121.34l-69.07-69.08C66.12 187.42 39.24 221.14 16 256c26.42 44 62.56 89.24 100.2 115.18C159.38 400.92 206.33 416 255.76 416A233.47 233.47 0 00335 402.2l-53.61-53.6A95.84 95.84 0 01256 352zM256 160a96 96 0 0192.6 121.34L419.26 352c29.15-26.25 56.07-61.56 76.74-96-26.38-43.43-62.9-88.56-101.18-114.82C351.1 111.2 304.31 96 255.76 96a222.92 222.92 0 00-78.21 14.29l53.11 53.11A95.84 95.84 0 01256 160z'/></svg>

client/static/icons/eye-sharp.svg

@@ -1 +0,0 @@
-<svg xmlns='http://www.w3.org/2000/svg' class='ionicon' viewBox='0 0 512 512'><title>Eye</title><circle cx='256' cy='256' r='64'/><path d='M394.82 141.18C351.1 111.2 304.31 96 255.76 96c-43.69 0-86.28 13-126.59 38.48C88.52 160.23 48.67 207 16 256c26.42 44 62.56 89.24 100.2 115.18C159.38 400.92 206.33 416 255.76 416c49 0 95.85-15.07 139.3-44.79C433.31 345 469.71 299.82 496 256c-26.38-43.43-62.9-88.56-101.18-114.82zM256 352a96 96 0 1196-96 96.11 96.11 0 01-96 96z'/></svg>

client/static/icons/lock-closed-sharp.svg

@@ -1 +0,0 @@
-<svg xmlns='http://www.w3.org/2000/svg' class='ionicon' viewBox='0 0 512 512'><title>Lock Closed</title><path d='M420 192h-68v-80a96 96 0 10-192 0v80H92a12 12 0 00-12 12v280a12 12 0 0012 12h328a12 12 0 0012-12V204a12 12 0 00-12-12zm-106 0H198v-80.75a58 58 0 11116 0z'/></svg>

client/svelte.config.cjs

@@ -1,17 +0,0 @@
-const preprocess = require('svelte-preprocess')
-const adapter = require('@sveltejs/adapter-static')
-
-/** @type {import('@sveltejs/kit').Config} */
-module.exports = {
-	// Consult https://github.com/sveltejs/svelte-preprocess
-	// for more information about preprocessors
-	preprocess: preprocess(),
-
-	kit: {
-		adapter: adapter({
-			fallback: 'index.html',
-		}),
-		// hydrate the <div id="svelte"> element in src/app.html
-		target: '#svelte',
-	},
-}

client/tsconfig.json

@@ -1,30 +0,0 @@
-{
-	"compilerOptions": {
-		"moduleResolution": "node",
-		"module": "es2020",
-		"lib": ["es2020"],
-		"target": "es2019",
-		/**
-			svelte-preprocess cannot figure out whether you have a value or a type, so tell TypeScript
-			to enforce using \`import type\` instead of \`import\` for Types.
-			*/
-		"importsNotUsedAsValues": "error",
-		"isolatedModules": true,
-		"resolveJsonModule": true,
-		/**
-			To have warnings/errors of the Svelte compiler at the correct position,
-			enable source maps by default.
-			*/
-		"sourceMap": true,
-		"esModuleInterop": true,
-		"skipLibCheck": true,
-		"forceConsistentCasingInFileNames": true,
-		"baseUrl": ".",
-		"allowJs": true,
-		"checkJs": true,
-		"paths": {
-			"$lib/*": ["src/lib/*"]
-		}
-	},
-	"include": ["src/**/*.d.ts", "src/**/*.js", "src/**/*.ts", "src/**/*.svelte"]
-}

cryptgeon.code-workspace

@@ -0,0 +1,23 @@
+{
+  "folders": [
+    {
+      "path": "."
+    },
+    {
+      "path": "packages/backend"
+    },
+    {
+      "path": "packages/frontend"
+    },
+    {
+      "path": "packages/cli"
+    },
+    {
+      "path": "packages/shared"
+    }
+  ],
+  "settings": {
+    "i18n-ally.localesPaths": ["locales"],
+    "cSpell.words": ["cryptgeon"]
+  }
+}

design/github.svg

@@ -1 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg width="100%" height="100%" viewBox="0 0 475 200" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:2;"><path d="M475,20.713c0,-11.432 -9.281,-20.713 -20.713,-20.713l-433.574,0c-11.432,0 -20.713,9.281 -20.713,20.713l0,158.574c0,11.432 9.281,20.713 20.713,20.713l433.574,0c11.432,0 20.713,-9.281 20.713,-20.713l0,-158.574Z" style="fill:#fff;"/><g id="Logo"><clipPath id="_clip1"><rect x="29.237" y="13.493" width="173.013" height="173.013"/></clipPath><g clip-path="url(#_clip1)"><g><g><path d="M178.596,49.313c-1.865,-0 -3.379,1.513 -3.379,3.379c0,1.865 1.514,3.379 3.379,3.379c1.865,-0 3.379,-1.514 3.379,-3.379c0,-1.866 -1.514,-3.379 -3.379,-3.379Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M115.744,130.412c-1.866,0 -3.379,1.514 -3.379,3.38c-0,1.865 1.513,3.379 3.379,3.379c1.865,-0 3.379,-1.514 3.379,-3.379c-0,-1.866 -1.514,-3.38 -3.379,-3.38Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M163.052,96.621c-1.866,-0 -3.379,1.513 -3.379,3.379c-0,16.769 -13.643,30.412 -30.413,30.412c-1.866,0 -3.379,1.513 -3.379,3.38c0,1.866 1.513,3.379 3.379,3.379c20.496,-0 37.171,-16.675 37.171,-37.171c0,-1.866 -1.513,-3.379 -3.379,-3.379Z" style="fill-rule:nonzero;"/></g></g><g><g><path d="M201.894,64.697l-8.506,-17.006c-3.666,-7.337 -11.039,-11.895 -19.242,-11.895c-6.686,-0 -13.075,3.171 -17.122,8.49l-9.545,10.741c-2.545,-3.617 -6.277,-6.301 -10.576,-7.527l-17.075,-4.88c-13.071,-3.735 -25.851,-13.803 -35.064,-27.622c-0.826,-1.239 -2.366,-1.791 -3.791,-1.36c-1.425,0.432 -2.4,1.746 -2.4,3.235l-0,18.21c-0,8.463 1.268,16.809 3.771,24.862c-2.624,0.652 -5.27,1.198 -7.904,1.623c-5.16,0.837 -10.417,1.261 -15.625,1.261l-26.199,0c-1.228,0 -2.36,0.667 -2.955,1.741c-0.595,1.075 -0.561,2.388 0.09,3.429l20.235,32.376c8.646,13.832 23.535,22.511 39.847,23.226l-32.501,36.791c-5.008,5.121 -3.267,13.69 3.348,16.444l17.894,8.838c0.079,0.039 0.16,0.075 0.242,0.108c5.175,2.068 11.074,-0.443 13.163,-5.612l12.487,-29.483l24.794,0c28.575,0 52.715,-23.211 52.715,-50.687l0,-20.275c0,-5.59 4.548,-10.137 10.138,-10.137l6.758,-0c1.171,-0 2.259,-0.607 2.875,-1.603c0.616,-0.996 0.671,-2.241 0.148,-3.288Zm-116.563,-37.754c9.313,10.908 20.834,18.802 32.64,22.176l17.077,4.879c3.33,0.951 6.137,3.24 7.747,6.301l-8.983,10.107l-15.779,-9.467c-6.835,-4.101 -14.969,-5.732 -23.041,-4.426c-2.536,0.411 -4.155,0.927 -6.147,1.573c-2.332,-7.449 -3.514,-15.171 -3.514,-23.003l0,-8.14Zm106.782,35.886c-9.316,0 -16.896,7.58 -16.896,16.896l0,20.275c0,23.812 -21.045,43.929 -45.957,43.929l-27.033,0c-9.627,0 -18.281,5.349 -22.584,13.959l-0.713,1.426c-0.835,1.669 -0.158,3.699 1.511,4.533c1.67,0.835 3.699,0.158 4.534,-1.511c0.393,-0.524 2.955,-8.137 11.808,-10.839l-11.038,26.065c-0.01,0.021 -0.018,0.042 -0.027,0.064c-0.67,1.678 -2.56,2.548 -4.29,1.919c-19.022,-9.39 -17.875,-8.838 -18.104,-8.929c-2.258,-0.903 -2.852,-3.807 -1.132,-5.527c0.116,-0.116 7.174,-8.114 36.658,-41.486c12.395,-0.551 23.993,-5.648 32.8,-14.456c1.32,-1.319 1.32,-3.459 0,-4.779c-1.319,-1.32 -3.459,-1.319 -4.779,0c-15.042,15.043 -32.897,12.188 -34.886,12.528c-14.842,-0 -28.4,-7.515 -36.269,-20.103l-2.16,-3.457l2.439,0.952c15.471,6.036 34.79,3.886 48.107,-4.993c1.552,-1.035 1.972,-3.133 0.937,-4.686c-1.036,-1.553 -3.134,-1.972 -4.687,-0.937c-11.696,7.799 -28.535,9.535 -41.901,4.32l-10.892,-4.249l-8.846,-14.155l20.102,-0c5.57,-0 11.19,-0.454 16.706,-1.348c11.362,-1.837 16.135,-4.34 20.552,-5.055c6.42,-1.039 12.976,0.245 18.484,3.549l26.481,15.888c1.6,0.961 3.676,0.442 4.637,-1.158c0.96,-1.6 0.441,-3.676 -1.159,-4.636l-4.806,-2.884c23.741,-26.721 22.472,-25.272 22.633,-25.486c2.772,-3.697 7.185,-5.904 11.803,-5.904c5.626,0 10.683,3.126 13.198,8.159l6.059,12.116l-1.29,0Z" style="fill-rule:nonzero;"/></g></g></g><text x="199.883px" y="124.252px" style="font-family:'Sofia-Regular', 'Sofia';font-size:54.242px;">cryptogeon</text></g></svg>

docker-compose.dev.yaml

@@ -0,0 +1,25 @@
+# DEV Compose file.
+# For a production file see: README.md
+
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+    ports:
+      - 6379:6379
+
+  app:
+    build: .
+    env_file: .dev.env
+    depends_on:
+      - redis
+    ports:
+      - 1234:8000
+
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+      interval: 1m
+      timeout: 3s
+      retries: 2
+      start_period: 5s

docker-compose.yaml

@@ -0,0 +1,26 @@
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+    # Set a size limit. See link below on how to customise.
+    # https://redis.io/docs/manual/eviction/
+    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    environment:
+      # Size limit for a single note.
+      SIZE_LIMIT: 4 MiB
+    ports:
+      - 80:8000
+    
+    # Optional health checks
+    # healthcheck:
+    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+    #   interval: 1m
+    #   timeout: 3s
+    #   retries: 2
+    #   start_period: 5s

docker-compose.yml

@@ -1,16 +0,0 @@
-# DEV Compose file.
-# For a production file see: README.md
-
-version: '3.7'
-
-services:
-  memcached:
-    image: memcached:1-alpine
-    entrypoint: memcached -m 128
-    ports:
-      - 11211:11211
-
-  app:
-    build: .
-    ports:
-      - 80:5000

examples/nginx/docker-compose.yaml

@@ -0,0 +1,21 @@
+version: '3.8'
+
+services:
+  redis:
+    image: redis:7-alpine
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    depends_on:
+      - redis
+    
+  proxy:
+    image: nginx:alpine
+    depends_on:
+      - app
+    volumes:
+      - ./nginx-plain.conf:/etc/nginx/conf.d/default.conf
+      # Or with tls
+      # - ./nginx-tls.conf:/etc/nginx/conf.d/default.conf
+    ports:
+      - 80:80

examples/nginx/nginx-plain.conf

@@ -0,0 +1,13 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name _;
+
+    location / {
+      proxy_pass http://app:8000/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

examples/nginx/nginx-tls.conf

@@ -0,0 +1,29 @@
+# You should change the server_name to something sensible.
+# Also you need to specify the path to the ssl certificates.
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name _;
+
+    # Enforce HTTPS
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443      ssl http2;
+    listen [::]:443 ssl http2;
+    server_name _;
+
+    ssl_certificate     /path/to/fullchain.pem;
+    ssl_certificate_key /path/to/privkey.pem;
+    ssl_trusted_certificate /path/to/fullchain.pem;
+
+    location / {
+      proxy_pass http://app:8000/;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

examples/scratch/README.md

@@ -0,0 +1,160 @@
+# Install from scratch.
+
+This is a tiny guide to install cryptgeon on (probably) any unix system (and maybe windows?) from scratch using traefik as the proxy, which will manage certificates and handle https for us.
+
+1. Install Docker & Docker Compose.
+2. Install Traefik.
+3. Run the cryptgeon.
+4. [Optional] install watchtower to keep up to date.
+
+## Install Docker & Docker Compose
+
+- [Docker](https://docs.docker.com/engine/install/)
+- [Compose](https://docs.docker.com/compose/install/)
+
+## Install Traefik 2.0
+
+[Traefik](https://doc.traefik.io/traefik/) is a router & proxy that makes deployment of containers incredibly easy. It will manage all the https certificates, routing, etc.
+
+```sh
+/foo/bar/traefik/
+├── docker-compose.yaml
+└── traefik.yaml
+```
+
+```yaml
+# docker-compose.yaml
+
+version: '3.8'
+services:
+  traefik:
+    image: traefik:2.6
+    restart: unless-stopped
+    ports:
+      - '80:80'
+      - '443:443'
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./traefik.yaml:/etc/traefik/traefik.yaml:ro
+      - ./data:/data
+    labels:
+      - 'traefik.enable=true'
+
+      # HTTP to HTTPS redirection
+      - 'traefik.http.routers.http_catchall.rule=HostRegexp(`{any:.+}`)'
+      - 'traefik.http.routers.http_catchall.entrypoints=insecure'
+      - 'traefik.http.routers.http_catchall.middlewares=https_redirect'
+      - 'traefik.http.middlewares.https_redirect.redirectscheme.scheme=https'
+      - 'traefik.http.middlewares.https_redirect.redirectscheme.permanent=true'
+
+networks:
+  default:
+    external: true
+    name: proxy
+```
+
+```yaml
+# traefik.yaml
+
+api:
+  dashboard: true
+
+# Define HTTP and HTTPS entrypoint
+entryPoints:
+  insecure:
+    address: ':80'
+  secure:
+    address: ':443'
+
+# Dynamic configuration will come from docker labels
+providers:
+  docker:
+    endpoint: 'unix:///var/run/docker.sock'
+    network: 'proxy'
+    exposedByDefault: false
+
+# Enable acme with http file challenge
+certificatesResolvers:
+  le:
+    acme:
+      email: me@example.org
+      storage: /data/acme.json
+      httpChallenge:
+        entryPoint: insecure
+```
+
+**Run**
+
+```sh
+docker network create proxy
+docker-compose up -d
+```
+
+## Cryptgeon
+
+Create another docker-compose.yaml file in another folder. We will assume that the domain is `cryptgeon.example.org`.
+
+```sh
+/foo/bar/cryptgeon/
+└── docker-compose.yaml
+```
+
+```yaml
+version: '3.8'
+
+networks:
+  proxy:
+    external: true
+
+services:
+  redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    restart: unless-stopped
+    depends_on:
+      - redis
+    environment:
+      SIZE_LIMIT: 4 MiB
+    networks:
+      - default
+      - proxy
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.cryptgeon.rule=Host(`cryptgeon.example.org`)
+      - traefik.http.routers.cryptgeon.entrypoints=secure
+      - traefik.http.routers.cryptgeon.tls.certresolver=le
+```
+
+**Run**
+
+```sh
+docker-compose up -d
+```
+
+## Watchtower
+
+> A container-based solution for automating Docker container base image updates.
+
+[Watchtower](https://containrrr.dev/watchtower/) will keep our containers up to date. The interval is set to once a day and also configured to delete old images to prevent cluttering.
+
+```sh
+/foo/bar/watchtower/
+└── docker-compose.yaml
+```
+
+```yaml
+# docker-compose.yaml
+
+version: '3.8'
+
+services:
+  watchtower:
+    image: containrrr/watchtower
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    command: --cleanup --interval 86400
+```

examples/traefik/README.md

@@ -0,0 +1,36 @@
+# Install Cryptgeon with Traefik
+
+Assumptions:
+
+- Traefik 2 installed.
+- External proxy docker network `proxy`.
+- A certificate resolver `le`.
+- A https entrypoint `secure`.
+- Domain name `example.org`.
+
+```yaml
+version: '3.8'
+
+networks:
+  proxy:
+    external: true
+
+services:
+  redis:
+    image: redis:7-alpine
+    restart: unless-stopped
+
+  app:
+    image: cupcakearmy/cryptgeon:latest
+    restart: unless-stopped
+    depends_on:
+      - redis
+    networks:
+      - default
+      - proxy
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.cryptgeon.rule=Host(`example.org`)
+      - traefik.http.routers.cryptgeon.entrypoints=secure
+      - traefik.http.routers.cryptgeon.tls.certresolver=le
+```

package.json

@@ -1,11 +1,21 @@
 {
+  "packageManager": "pnpm@8.10.1",
   "scripts": {
-    "dev:docker": "docker-compose up memcached",
-    "dev:backend": "cargo watch -x 'run --bin cryptgeon'",
-    "dev:front": "npm --prefix client run dev",
-    "dev": "run-p dev:*"
+    "dev:docker": "docker-compose -f docker-compose.dev.yaml up redis",
+    "dev:packages": "pnpm --parallel run dev",
+    "dev": "run-p dev:*",
+    "docker:up": "docker compose -f docker-compose.dev.yaml up",
+    "docker:build": "docker compose -f docker-compose.dev.yaml build",
+    "test": "playwright test --project chrome firefox safari",
+    "test:local": "playwright test --project chrome",
+    "test:server": "run-s docker:up",
+    "test:prepare": "run-p build docker:build",
+    "build": "pnpm run --recursive --filter=!@cryptgeon/backend build"
   },
   "devDependencies": {
-    "npm-run-all": "^4.1.5"
+    "@playwright/test": "^1.39.0",
+    "@types/node": "^20.8.10",
+    "npm-run-all": "^4.1.5",
+    "shelljs": "^0.8.5"
   }
 }

packages/backend/Cargo.toml

@@ -0,0 +1,25 @@
+[package]
+name = "cryptgeon"
+version = "2.4.0"
+authors = ["cupcakearmy <hi@nicco.io>"]
+edition = "2021"
+rust-version = "1.73"
+
+[[bin]]
+name = "cryptgeon"
+path = "src/main.rs"
+
+[dependencies]
+actix-web = "4"
+actix-files = "0.6"
+serde = { version = "1.0", features = ["derive"] }
+serde_json = "1"
+lazy_static = "1"
+ring = "0.16"
+bs62 = "0.1"
+byte-unit = "4"
+dotenv = "0.15"
+mime = "0.3"
+env_logger = "0.9"
+log = "0.4"
+redis = "0.23"

packages/backend/package.json

@@ -0,0 +1,10 @@
+{
+  "private": true,
+  "name": "@cryptgeon/backend",
+  "scripts": {
+    "dev": "cargo watch -x 'run --bin cryptgeon'",
+    "build": "cargo build --release",
+    "test:server": "SIZE_LIMIT=10MiB LISTEN_ADDR=0.0.0.0:1234 cargo run",
+    "test:prepare": "cargo build"
+  }
+}

packages/backend/src/api.rs

@@ -0,0 +1,14 @@
+use actix_web::web;
+
+use crate::health;
+use crate::note;
+use crate::status;
+
+pub fn init(cfg: &mut web::ServiceConfig) {
+    cfg.service(
+        web::scope("/api")
+            .service(note::init())
+            .service(status::init())
+            .service(health::init()),
+    );
+}

packages/backend/src/client.rs

@@ -0,0 +1,17 @@
+use actix_files::{Files, NamedFile};
+use actix_web::{web, Result};
+
+use crate::config;
+
+pub fn init(cfg: &mut web::ServiceConfig) {
+    cfg.service(
+        Files::new("/", config::FRONTEND_PATH.to_string())
+            .index_file("index.html")
+            .use_etag(true),
+    );
+}
+
+pub async fn index() -> Result<NamedFile> {
+    let index = format!("{}{}", config::FRONTEND_PATH.to_string(), "/index.html");
+    Ok(NamedFile::open(index)?)
+}

packages/backend/src/config.rs

@@ -0,0 +1,57 @@
+use byte_unit::Byte;
+
+// Internal
+lazy_static! {
+    pub static ref VERSION: String = option_env!("CARGO_PKG_VERSION")
+        .unwrap_or("Unknown")
+        .to_string();
+    pub static ref FRONTEND_PATH: String =
+        std::env::var("FRONTEND_PATH").unwrap_or("../frontend/build".to_string());
+    pub static ref LISTEN_ADDR: String =
+        std::env::var("LISTEN_ADDR").unwrap_or("0.0.0.0:8000".to_string());
+    pub static ref VERBOSITY: String = std::env::var("VERBOSITY").unwrap_or("warn".to_string());
+}
+
+// CONFIG
+lazy_static! {
+  pub static ref LIMIT: usize =
+    Byte::from_str(std::env::var("SIZE_LIMIT").unwrap_or("1 KiB".to_string()))
+      .unwrap()
+      .get_bytes() as usize;
+  pub static ref MAX_VIEWS: u32 = std::env::var("MAX_VIEWS")
+    .unwrap_or("100".to_string())
+    .parse()
+    .unwrap();
+  pub static ref MAX_EXPIRATION: u32 = std::env::var("MAX_EXPIRATION")
+    .unwrap_or("360".to_string()) // 6 hours in minutes
+    .parse()
+    .unwrap();
+  pub static ref ALLOW_ADVANCED: bool = std::env::var("ALLOW_ADVANCED")
+    .unwrap_or("true".to_string())
+    .parse()
+    .unwrap();
+  pub static ref ID_LENGTH: u32 = std::env::var("ID_LENGTH")
+    .unwrap_or("32".to_string())
+    .parse()
+    .unwrap();
+}
+
+// THEME
+lazy_static! {
+    pub static ref THEME_IMAGE: String = std::env::var("THEME_IMAGE")
+        .unwrap_or("".to_string())
+        .parse()
+        .unwrap();
+    pub static ref THEME_TEXT: String = std::env::var("THEME_TEXT")
+        .unwrap_or("".to_string())
+        .parse()
+        .unwrap();
+    pub static ref THEME_PAGE_TITLE: String = std::env::var("THEME_PAGE_TITLE")
+        .unwrap_or("".to_string())
+        .parse()
+        .unwrap();
+    pub static ref THEME_FAVICON: String = std::env::var("THEME_FAVICON")
+        .unwrap_or("".to_string())
+        .parse()
+        .unwrap();
+}

packages/backend/src/health/mod.rs

@@ -0,0 +1,3 @@
+mod routes;
+
+pub use routes::*;

packages/backend/src/health/routes.rs

@@ -0,0 +1,16 @@
+use actix_web::{get, web, HttpResponse, Responder, Scope};
+
+use crate::store;
+
+#[get("/")]
+async fn get_live() -> impl Responder {
+    if store::can_reach_redis() {
+        return HttpResponse::Ok();
+    } else {
+        return HttpResponse::ServiceUnavailable();
+    }
+}
+
+pub fn init() -> Scope {
+    web::scope("/live").service(get_live)
+}

packages/backend/src/main.rs

@@ -0,0 +1,44 @@
+use actix_web::{
+    middleware::{self, Logger},
+    web::{self},
+    App, HttpServer,
+};
+use dotenv::dotenv;
+use log::error;
+
+#[macro_use]
+extern crate lazy_static;
+
+mod api;
+mod client;
+mod config;
+mod health;
+mod note;
+mod size;
+mod status;
+mod store;
+
+#[actix_web::main]
+async fn main() -> std::io::Result<()> {
+    dotenv().ok();
+    env_logger::init_from_env(env_logger::Env::new().default_filter_or(config::VERBOSITY.as_str()));
+
+    if !store::can_reach_redis() {
+        error!("cannot reach redis");
+        panic!("canont reach redis");
+    }
+
+    return HttpServer::new(|| {
+        App::new()
+            .wrap(Logger::new("\"%r\" %s %b %T"))
+            .wrap(middleware::Compress::default())
+            .wrap(middleware::DefaultHeaders::default())
+            .configure(size::init)
+            .configure(api::init)
+            .configure(client::init)
+            .default_service(web::to(client::index))
+    })
+    .bind(config::LISTEN_ADDR.to_string())?
+    .run()
+    .await;
+}

packages/backend/src/note/model.rs

@@ -0,0 +1,36 @@
+use bs62;
+use ring::rand::SecureRandom;
+use serde::{Deserialize, Serialize};
+
+use crate::config;
+
+#[derive(Serialize, Deserialize, Clone)]
+pub struct Note {
+    pub meta: String,
+    pub contents: String,
+    pub views: Option<u32>,
+    pub expiration: Option<u32>,
+}
+
+#[derive(Serialize, Deserialize, Clone)]
+pub struct NoteInfo {
+    pub meta: String,
+}
+
+#[derive(Serialize, Deserialize, Clone)]
+pub struct NotePublic {
+    pub meta: String,
+    pub contents: String,
+}
+
+pub fn generate_id() -> String {
+    let mut result = "".to_owned();
+    let mut id: [u8; 1] = [0; 1];
+    let sr = ring::rand::SystemRandom::new();
+
+    for _ in 0..*config::ID_LENGTH {
+        let _ = sr.fill(&mut id);
+        result.push_str(&bs62::encode_data(&id));
+    }
+    return result;
+}

packages/backend/src/note/routes.rs

@@ -0,0 +1,143 @@
+use actix_web::{delete, get, post, web, HttpResponse, Responder, Scope};
+use serde::{Deserialize, Serialize};
+use std::time::SystemTime;
+
+use crate::config;
+use crate::note::{generate_id, Note, NoteInfo, NotePublic};
+use crate::store;
+
+pub fn now() -> u32 {
+    SystemTime::now()
+        .duration_since(SystemTime::UNIX_EPOCH)
+        .unwrap()
+        .as_secs() as u32
+}
+
+#[derive(Serialize, Deserialize)]
+struct NotePath {
+    id: String,
+}
+
+#[get("/{id}")]
+async fn one(path: web::Path<NotePath>) -> impl Responder {
+    let p = path.into_inner();
+    let note = store::get(&p.id);
+
+    match note {
+        Ok(Some(n)) => HttpResponse::Ok().json(NoteInfo { meta: n.meta }),
+        Ok(None) => HttpResponse::NotFound().finish(),
+        Err(e) => HttpResponse::InternalServerError().body(e.to_string()),
+    }
+}
+
+#[derive(Serialize, Deserialize)]
+struct CreateResponse {
+    id: String,
+}
+
+#[post("/")]
+async fn create(note: web::Json<Note>) -> impl Responder {
+    let mut n = note.into_inner();
+    let id = generate_id();
+    let bad_req = HttpResponse::BadRequest().finish();
+    if n.views == None && n.expiration == None {
+        return bad_req;
+    }
+    if !*config::ALLOW_ADVANCED {
+        n.views = Some(1);
+        n.expiration = None;
+    }
+    match n.views {
+        Some(v) => {
+            if v > *config::MAX_VIEWS || v < 1 {
+                return bad_req;
+            }
+            n.expiration = None; // views overrides expiration
+        }
+        _ => {}
+    }
+    match n.expiration {
+        Some(e) => {
+            if e > *config::MAX_EXPIRATION {
+                return bad_req;
+            }
+            let expiration = now() + (e * 60);
+            n.expiration = Some(expiration);
+        }
+        _ => {}
+    }
+    match store::set(&id.clone(), &n.clone()) {
+        Ok(_) => return HttpResponse::Ok().json(CreateResponse { id: id }),
+        Err(e) => return HttpResponse::InternalServerError().body(e.to_string()),
+    }
+}
+
+#[delete("/{id}")]
+async fn delete(path: web::Path<NotePath>) -> impl Responder {
+    let p = path.into_inner();
+    let note = store::get(&p.id);
+    match note {
+        Err(e) => HttpResponse::InternalServerError().body(e.to_string()),
+        Ok(None) => return HttpResponse::NotFound().finish(),
+        Ok(Some(note)) => {
+            let mut changed = note.clone();
+            if changed.views == None && changed.expiration == None {
+                return HttpResponse::BadRequest().finish();
+            }
+            match changed.views {
+                Some(v) => {
+                    changed.views = Some(v - 1);
+                    let id = p.id.clone();
+                    if v <= 1 {
+                        match store::del(&id) {
+                            Err(e) => {
+                                return HttpResponse::InternalServerError().body(e.to_string())
+                            }
+                            _ => {}
+                        }
+                    } else {
+                        match store::set(&id, &changed.clone()) {
+                            Err(e) => {
+                                return HttpResponse::InternalServerError().body(e.to_string())
+                            }
+                            _ => {}
+                        }
+                    }
+                }
+                _ => {}
+            }
+
+            let n = now();
+            match changed.expiration {
+                Some(e) => {
+                    if e < n {
+                        match store::del(&p.id.clone()) {
+                            Ok(_) => return HttpResponse::BadRequest().finish(),
+                            Err(e) => {
+                                return HttpResponse::InternalServerError().body(e.to_string())
+                            }
+                        }
+                    }
+                }
+                _ => {}
+            }
+            return HttpResponse::Ok().json(NotePublic {
+                contents: changed.contents,
+                meta: changed.meta,
+            });
+        }
+    }
+}
+
+#[derive(Serialize, Deserialize)]
+struct Status {
+    version: String,
+    max_size: usize,
+}
+
+pub fn init() -> Scope {
+    web::scope("/notes")
+        .service(one)
+        .service(create)
+        .service(delete)
+}

packages/backend/src/size.rs

@@ -0,0 +1,12 @@
+use crate::config;
+use actix_web::web;
+use mime;
+
+pub fn init(cfg: &mut web::ServiceConfig) {
+    let json = web::JsonConfig::default().limit(*config::LIMIT);
+    let plain = web::PayloadConfig::default()
+        .limit(*config::LIMIT)
+        .mimetype(mime::STAR_STAR);
+    // cfg.app_data(plain);
+    cfg.app_data(json).app_data(plain);
+}

packages/backend/src/status/mod.rs

@@ -0,0 +1,5 @@
+mod model;
+mod routes;
+
+pub use model::*;
+pub use routes::*;

packages/backend/src/status/model.rs

@@ -0,0 +1,17 @@
+use serde::{Deserialize, Serialize};
+
+#[derive(Serialize, Deserialize)]
+pub struct Status {
+    // General
+    pub version: String,
+    // Config
+    pub max_size: u32,
+    pub max_views: u32,
+    pub max_expiration: u32,
+    pub allow_advanced: bool,
+    // Theme
+    pub theme_image: String,
+    pub theme_text: String,
+    pub theme_page_title: String,
+    pub theme_favicon: String,
+}

packages/backend/src/status/routes.rs

@@ -0,0 +1,23 @@
+use actix_web::{get, web, HttpResponse, Responder, Scope};
+
+use crate::config;
+use crate::status::Status;
+
+#[get("/")]
+async fn get_status() -> impl Responder {
+    return HttpResponse::Ok().json(Status {
+        version: config::VERSION.to_string(),
+        max_size: *config::LIMIT as u32,
+        max_views: *config::MAX_VIEWS,
+        max_expiration: *config::MAX_EXPIRATION,
+        allow_advanced: *config::ALLOW_ADVANCED,
+        theme_image: config::THEME_IMAGE.to_string(),
+        theme_text: config::THEME_TEXT.to_string(),
+        theme_page_title: config::THEME_PAGE_TITLE.to_string(),
+        theme_favicon: config::THEME_FAVICON.to_string()
+    });
+}
+
+pub fn init() -> Scope {
+    web::scope("/status").service(get_status)
+}

packages/backend/src/store.rs

@@ -0,0 +1,63 @@
+use redis;
+use redis::Commands;
+
+use crate::note::now;
+use crate::note::Note;
+
+lazy_static! {
+    static ref REDIS_CLIENT: String = std::env::var("REDIS")
+        .unwrap_or("redis://127.0.0.1/".to_string())
+        .parse()
+        .unwrap();
+}
+
+fn get_connection() -> Result<redis::Connection, &'static str> {
+    let client =
+        redis::Client::open(REDIS_CLIENT.to_string()).map_err(|_| "Unable to connect to redis")?;
+    client
+        .get_connection()
+        .map_err(|_| "Unable to connect to redis")
+}
+
+pub fn can_reach_redis() -> bool {
+    let conn = get_connection();
+    return match conn {
+        Ok(_) => true,
+        Err(_) => false,
+    };
+}
+
+pub fn set(id: &String, note: &Note) -> Result<(), &'static str> {
+    let serialized = serde_json::to_string(&note.clone()).unwrap();
+    let mut conn = get_connection()?;
+
+    conn.set(id, serialized)
+        .map_err(|_| "Unable to set note in redis")?;
+    match note.expiration {
+        Some(e) => {
+            let seconds = e - now();
+            conn.expire(id, seconds as usize)
+                .map_err(|_| "Unable to set expiration on notion")?
+        }
+        None => {}
+    };
+    Ok(())
+}
+
+pub fn get(id: &String) -> Result<Option<Note>, &'static str> {
+    let mut conn = get_connection()?;
+    let value: Option<String> = conn.get(id).map_err(|_| "Could not load note in redis")?;
+    match value {
+        None => return Ok(None),
+        Some(s) => {
+            let deserialize: Note = serde_json::from_str(&s).unwrap();
+            return Ok(Some(deserialize));
+        }
+    }
+}
+
+pub fn del(id: &String) -> Result<(), &'static str> {
+    let mut conn = get_connection()?;
+    conn.del(id).map_err(|_| "Unable to delete note in redis")?;
+    Ok(())
+}

packages/cli/README.md

@@ -0,0 +1,54 @@
+# Cryptgeon CLI
+
+The CLI is a functionally identical way to interact with cryptgeon notes.
+It supports text, files, expiration, password, etc.
+
+## Installation
+
+```bash
+npx cryptgeon
+
+# Or install globally
+npm -g install cryptgeon
+cryptgeon
+```
+
+## Examples
+
+```bash
+# Create simple note
+cryptgeon send text "Foo bar"
+
+# Send two files
+cryptgeon send file my.pdf picture.png
+
+# 3 views
+cryptgeon send text "My message" --views 3
+
+# 10 minutes
+cryptgeon send text "My message" --minutes 10
+
+# Custom password
+cryptgeon send text "My message" --password "1337"
+
+# Password from stdin
+echo "1337" | cryptgeon send text "My message"
+
+# Open a link
+cryptgeon open https://cryptgeon.org/note/16gOIkxWjCxYNuXM8tCqMUzl...
+```
+
+## Options
+
+### Custom server
+
+The default server is `cryptgeon.org`, however you can use any cryptgeon server by passing the `-s` or `--server` option, or by setting the `CRYPTGEON_SERVER` environment variable.
+
+### Password
+
+Optionally, just like in the web ui, you can choose to use a manual password. You can do that by passing the `-p` or `--password` options, or by piping it into stdin.
+
+```bash
+echo "my pw" | cryptgeon send text "my text"
+cat pass.txt | cryptgeon send text "my text"
+```

packages/cli/package.json

@@ -0,0 +1,43 @@
+{
+  "version": "2.4.0",
+  "name": "cryptgeon",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/cupcakearmy/cryptgeon.git",
+    "directory": "packages/cli"
+  },
+  "homepage": "https://github.com/cupcakearmy/cryptgeon",
+  "type": "module",
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "dev": "./scripts/build.js --watch",
+    "build": "./scripts/build.js",
+    "package": "./scripts/package.js",
+    "bin": "run-s build package",
+    "prepublishOnly": "run-s build"
+  },
+  "main": "./dist/index.cjs",
+  "bin": {
+    "cryptgeon": "./dist/index.cjs"
+  },
+  "files": [
+    "dist"
+  ],
+  "devDependencies": {
+    "@commander-js/extra-typings": "^11.1.0",
+    "@cryptgeon/shared": "workspace:*",
+    "@types/inquirer": "^9.0.6",
+    "@types/mime": "^3.0.3",
+    "@types/node": "^20.8.10",
+    "commander": "^11.1.0",
+    "esbuild": "^0.19.5",
+    "inquirer": "^9.2.11",
+    "mime": "^3.0.0",
+    "occulto": "^2.0.1",
+    "pkg": "^5.8.1",
+    "pretty-bytes": "^6.1.1",
+    "typescript": "^5.2.2"
+  }
+}

packages/cli/scripts/build.js

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+
+import { build, context } from 'esbuild'
+import pkg from '../package.json' assert { type: 'json' }
+
+const options = {
+  entryPoints: ['./src/index.ts'],
+  bundle: true,
+  minify: true,
+  platform: 'node',
+  outfile: './dist/index.cjs',
+  define: { VERSION: `"${pkg.version}"` },
+}
+
+const watch = process.argv.slice(2)[0] === '--watch'
+if (watch) (await context(options)).watch()
+else await build(options)

packages/cli/scripts/package.js

@@ -0,0 +1,17 @@
+#!/usr/bin/env node
+
+import { exec } from 'pkg'
+
+const targets = [
+  'node18-macos-arm64',
+  'node18-macos-x64',
+  'node18-linux-arm64',
+  'node18-linux-x64',
+  'node18-win-arm64',
+  'node18-win-x64',
+]
+
+for (const target of targets) {
+  console.log(`🚀 Building ${target}`)
+  await exec(['./dist/index.cjs', '--target', target, '--output', `./bin/${target.replace('node18', 'cryptgeon')}`])
+}

packages/cli/src/download.ts

@@ -0,0 +1,86 @@
+import { Adapters, get, info, setBase } from '@cryptgeon/shared'
+import inquirer from 'inquirer'
+import { access, constants, writeFile } from 'node:fs/promises'
+import { basename, resolve } from 'node:path'
+import { AES, Hex } from 'occulto'
+import pretty from 'pretty-bytes'
+
+import { exit } from './utils'
+
+export async function download(url: URL, all: boolean, suggestedPassword?: string) {
+  setBase(url.origin)
+  const id = url.pathname.split('/')[2]
+  const preview = await info(id).catch(() => exit('Note does not exist or is expired'))
+
+  // Password
+  let password: string
+  const derivation = preview?.meta.derivation
+  if (derivation) {
+    if (suggestedPassword) {
+      password = suggestedPassword
+    } else {
+      const response = await inquirer.prompt([
+        {
+          type: 'password',
+          message: 'Note password',
+          name: 'password',
+        },
+      ])
+      password = response.password
+    }
+  } else {
+    password = url.hash.slice(1)
+  }
+
+  const key = derivation ? (await AES.derive(password, derivation))[0] : Hex.decode(password)
+  const note = await get(id)
+
+  const couldNotDecrypt = () => exit('Could not decrypt note. Probably an invalid password')
+  switch (note.meta.type) {
+    case 'file':
+      const files = await Adapters.Files.decrypt(note.contents, key).catch(couldNotDecrypt)
+      if (!files) {
+        exit('No files found in note')
+        return
+      }
+
+      let selected: typeof files
+      if (all) {
+        selected = files
+      } else {
+        const { names } = await inquirer.prompt([
+          {
+            type: 'checkbox',
+            message: 'What files should be saved?',
+            name: 'names',
+            choices: files.map((file) => ({
+              value: file.name,
+              name: `${file.name} - ${file.type} - ${pretty(file.size, { binary: true })}`,
+              checked: true,
+            })),
+          },
+        ])
+        selected = files.filter((file) => names.includes(file.name))
+      }
+
+      if (!selected.length) exit('No files selected')
+      await Promise.all(
+        selected.map(async (file) => {
+          let filename = resolve(file.name)
+          try {
+            // If exists -> prepend timestamp to not overwrite the current file
+            await access(filename, constants.R_OK)
+            filename = resolve(`${Date.now()}-${file.name}`)
+          } catch {}
+          await writeFile(filename, file.contents)
+          console.log(`Saved: ${basename(filename)}`)
+        })
+      )
+
+      break
+    case 'text':
+      const plaintext = await Adapters.Text.decrypt(note.contents, key).catch(couldNotDecrypt)
+      console.log(plaintext)
+      break
+  }
+}

packages/cli/src/index.ts

@@ -0,0 +1,104 @@
+#!/usr/bin/env node
+
+import { Argument, Option, program } from '@commander-js/extra-typings'
+import { setBase, status } from '@cryptgeon/shared'
+import prettyBytes from 'pretty-bytes'
+
+import { download } from './download.js'
+import { parseFile, parseNumber } from './parsers.js'
+import { getStdin } from './stdin.js'
+import { upload } from './upload.js'
+import { exit } from './utils.js'
+
+const defaultServer = process.env['CRYPTGEON_SERVER'] || 'https://cryptgeon.org'
+const server = new Option('-s --server <url>', 'the cryptgeon server to use').default(defaultServer)
+const files = new Argument('<file...>', 'Files to be sent').argParser(parseFile)
+const text = new Argument('<text>', 'Text content of the note')
+const password = new Option('-p --password <string>', 'manually set a password')
+const all = new Option('-a --all', 'Save all files without prompt').default(false)
+const url = new Argument('<url>', 'The url to open')
+const views = new Option('-v --views <number>', 'Amount of views before getting destroyed').argParser(parseNumber)
+const minutes = new Option('-m --minutes <number>', 'Minutes before the note expires').argParser(parseNumber)
+
+// Node 18 guard
+parseInt(process.version.slice(1).split(',')[0]) < 18 && exit('Node 18 or higher is required')
+
+// @ts-ignore
+const version: string = VERSION
+
+async function checkConstrains(constrains: { views?: number; minutes?: number }) {
+  const { views, minutes } = constrains
+  if (views && minutes) exit('cannot set view and minutes constrains simultaneously')
+  if (!views && !minutes) constrains.views = 1
+
+  const response = await status()
+  if (views && views > response.max_views)
+    exit(`Only a maximum of ${response.max_views} views allowed. ${views} given.`)
+  if (minutes && minutes > response.max_expiration)
+    exit(`Only a maximum of ${response.max_expiration} minutes allowed. ${minutes} given.`)
+}
+
+program.name('cryptgeon').version(version).configureHelp({ showGlobalOptions: true })
+
+program
+  .command('info')
+  .description('show information about the server')
+  .addOption(server)
+  .action(async (options) => {
+    setBase(options.server)
+    const response = await status()
+    const formatted = {
+      ...response,
+      max_size: prettyBytes(response.max_size),
+    }
+    for (const key of Object.keys(formatted)) {
+      if (key.startsWith('theme_')) delete formatted[key as keyof typeof formatted]
+    }
+    console.table(formatted)
+  })
+
+const send = program.command('send').description('send a note')
+send
+  .command('file')
+  .addArgument(files)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (files, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    await upload(files, { views: options.views, expiration: options.minutes, password: options.password })
+  })
+send
+  .command('text')
+  .addArgument(text)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (text, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    await upload(text, { views: options.views, expiration: options.minutes, password: options.password })
+  })
+
+program
+  .command('open')
+  .description('open a link with text or files inside')
+  .addArgument(url)
+  .addOption(password)
+  .addOption(all)
+  .action(async (note, options) => {
+    try {
+      const url = new URL(note)
+      options.password ||= await getStdin()
+      await download(url, options.all, options.password)
+    } catch {
+      exit('Invalid URL')
+    }
+  })
+
+program.parse()

packages/cli/src/parsers.ts

@@ -0,0 +1,27 @@
+import { InvalidArgumentError, InvalidOptionArgumentError } from '@commander-js/extra-typings'
+import { accessSync, constants } from 'node:fs'
+import { resolve } from 'node:path'
+
+export function parseFile(value: string, before: string[] = []) {
+  try {
+    const file = resolve(value)
+    accessSync(file, constants.R_OK)
+    return [...before, file]
+  } catch {
+    throw new InvalidArgumentError('cannot access file')
+  }
+}
+
+export function parseURL(value: string, _: URL): URL {
+  try {
+    return new URL(value)
+  } catch {
+    throw new InvalidArgumentError('is not a valid url')
+  }
+}
+
+export function parseNumber(value: string, _: number): number {
+  const n = parseInt(value, 10)
+  if (isNaN(n)) throw new InvalidOptionArgumentError('invalid number')
+  return n
+}

packages/cli/src/stdin.ts

@@ -0,0 +1,24 @@
+export function getStdin(timeout: number = 10): Promise<string> {
+  return new Promise<string>((resolve, reject) => {
+    // Store the data from stdin in a buffer
+    let buffer = ''
+    let t: NodeJS.Timeout
+
+    const dataHandler = (d: Buffer) => (buffer += d.toString())
+    const endHandler = () => {
+      clearTimeout(t)
+      resolve(buffer.trim())
+    }
+
+    // Stop listening for data after the timeout, otherwise hangs indefinitely
+    t = setTimeout(() => {
+      process.stdin.removeListener('data', dataHandler)
+      process.stdin.removeListener('end', endHandler)
+      process.stdin.pause()
+      resolve('')
+    }, timeout)
+
+    process.stdin.on('data', dataHandler)
+    process.stdin.on('end', endHandler)
+  })
+}

packages/cli/src/upload.ts

@@ -0,0 +1,51 @@
+import { readFile, stat } from 'node:fs/promises'
+import { basename } from 'node:path'
+
+import { Adapters, BASE, create, FileDTO, Note, NoteMeta } from '@cryptgeon/shared'
+import mime from 'mime'
+import { AES, Hex, TypedArray } from 'occulto'
+
+import { exit } from './utils.js'
+
+type UploadOptions = Pick<Note, 'views' | 'expiration'> & { password?: string }
+
+export async function upload(input: string | string[], options: UploadOptions) {
+  try {
+    const { password, ...noteOptions } = options
+    const derived = options.password ? await AES.derive(options.password) : undefined
+    const key = derived ? derived[0] : await AES.generateKey()
+
+    let contents: string
+    let type: NoteMeta['type']
+    if (typeof input === 'string') {
+      contents = await Adapters.Text.encrypt(input, key)
+      type = 'text'
+    } else {
+      const files: FileDTO[] = await Promise.all(
+        input.map(async (path) => {
+          const data = new Uint8Array(await readFile(path))
+          const stats = await stat(path)
+          const extension = path.substring(path.indexOf('.') + 1)
+          const type = mime.getType(extension) ?? 'application/octet-stream'
+          return {
+            name: basename(path),
+            size: stats.size,
+            contents: data,
+            type,
+          } satisfies FileDTO
+        })
+      )
+      contents = await Adapters.Files.encrypt(files, key)
+      type = 'file'
+    }
+
+    // Create the actual note and upload it.
+    const note: Note = { ...noteOptions, contents, meta: { type, derivation: derived?.[1] } }
+    const result = await create(note)
+    let url = `${BASE}/note/${result.id}`
+    if (!derived) url += `#${Hex.encode(key)}`
+    console.log(`Note created:\n\n${url}`)
+  } catch {
+    exit('Could not create note')
+  }
+}

packages/cli/src/utils.ts

@@ -0,0 +1,6 @@
+import { exit as exitNode } from 'node:process'
+
+export function exit(message: string) {
+  console.error(message)
+  exitNode(1)
+}

packages/cli/tsconfig.json

@@ -0,0 +1,10 @@
+{
+  "compilerOptions": {
+    "target": "es2022",
+    "module": "es2022",
+    "moduleResolution": "node",
+    "noEmit": true,
+    "strict": true,
+    "allowSyntheticDefaultImports": true
+  }
+}

packages/frontend/.gitignore

@@ -1,5 +1,6 @@
 .DS_Store
 node_modules
 /.svelte
+/.svelte-kit
 /build
 /functions

packages/frontend/README.md

@@ -0,0 +1,18 @@
+# Cryptgeon Frontend
+
+## Locale
+
+Download with these settings:
+
+```json
+{
+	"format": "json",
+	"indentation": "tab",
+	"json_unescaped_slashes": true,
+	"export_sort": "first_added",
+	"original_filenames": false,
+	"export_empty_as": "skip",
+	"add_newline_eof": true,
+	"replace_breaks": false
+}
+```

packages/frontend/licenses.csv

@@ -0,0 +1,8 @@
+├─ MIT: 13
+├─ ISC: 2
+├─ BSD-3-Clause: 1
+├─ (MPL-2.0 OR Apache-2.0): 1
+├─ BSD-2-Clause: 1
+├─ 0BSD: 1
+└─ Apache-2.0: 1
+

packages/frontend/locales/de.json

@@ -0,0 +1,57 @@
+{
+	"common": {
+		"note": "Hinweis",
+		"file": "Datei",
+		"advanced": "erweitert",
+		"create": "erstellen",
+		"loading": "läd",
+		"mode": "Modus",
+		"views": "{n, plural, =0 {Ansichten} =1 {1 Ansicht} other {# Ansichten}}",
+		"minutes": "{n, plural, =0 {Minuten} =1 {1 Minute} other {# Minuten}}",
+		"max": "max",
+		"share_link": "Link teilen",
+		"copy_clipboard": "in die Zwischenablage kopieren",
+		"copied_to_clipboard": "in die Zwischenablage kopiert",
+		"encrypting": "verschlüsseln",
+		"decrypting": "entschlüsselt",
+		"uploading": "hochladen",
+		"downloading": "wird heruntergeladen",
+		"qr_code": "qr-code",
+		"password": "Passwort"
+	},
+	"home": {
+		"intro": "Senden Sie ganz einfach <i>vollständig verschlüsselte</i>, sichere Notizen oder Dateien mit einem Klick. Erstellen Sie einfach eine Notiz und teilen Sie den Link.",
+		"explanation": "die Notiz verfällt und wird nach {type} zerstört.",
+		"new_note": "neue Note",
+		"new_note_notice": "<b>Verfügbarkeit:</b><br />es ist nicht garantiert, dass die Notiz gespeichert wird, da alles im Speicher gehalten wird. Wenn dieser voll ist, werden die ältesten Notizen entfernt.<br />(Sie werden wahrscheinlich keine Probleme haben, seien Sie nur gewarnt).",
+		"errors": {
+			"note_to_big": "Notiz konnte nicht erstellt werden. Notiz ist zu groß",
+			"note_error": "konnte keine Notiz erstellen. Bitte versuchen Sie es erneut.",
+			"max": "max: {n}",
+			"empty_content": "Notiz ist leer."
+		},
+		"messages": {
+			"note_created": "notiz erstellt."
+		},
+		"advanced": {
+			"explanation": "Standardmäßig wird für jede Notiz ein sicher generiertes Passwort verwendet. Sie können jedoch auch ein eigenes Kennwort wählen, das nicht in dem Link enthalten ist.",
+			"custom_password": "benutzerdefiniertes Passwort"
+		}
+	},
+	"show": {
+		"errors": {
+			"not_found": "wurde nicht gefunden oder wurde bereits gelöscht.",
+			"decryption_failed": "falsches Passwort. konnte nicht entziffert werden. wahrscheinlich ein defekter Link. Notiz wurde zerstört.",
+			"unsupported_type": "nicht unterstützter Notiztyp."
+		},
+		"explanation": "Klicken Sie unten, um die Notiz anzuzeigen und zu löschen, wenn der Zähler sein Limit erreicht hat",
+		"show_note": "Notiz anzeigen",
+		"warning_will_not_see_again": "haben Sie <b>keine</b> Gelegenheit, die Notiz noch einmal zu sehen.",
+		"download_all": "alle herunterladen",
+		"links_found": "Links in der Notiz:"
+	},
+	"file_upload": {
+		"selected_files": "Ausgewählte Dateien",
+		"no_files_selected": "Keine Dateien ausgewählt"
+	}
+}

packages/frontend/locales/en.json

@@ -0,0 +1,57 @@
+{
+	"common": {
+		"note": "note",
+		"file": "file",
+		"advanced": "advanced",
+		"create": "create",
+		"loading": "loading",
+		"mode": "mode",
+		"views": "{n, plural, =0 {views} =1 {1 view} other {# views}}",
+		"minutes": "{n, plural, =0 {minutes} =1 {1 minute} other {# minutes}}",
+		"max": "max",
+		"share_link": "share link",
+		"copy_clipboard": "copy to clipboard",
+		"copied_to_clipboard": "copied to clipboard",
+		"encrypting": "encrypting",
+		"decrypting": "decrypting",
+		"uploading": "uploading",
+		"downloading": "downloading",
+		"qr_code": "qr code",
+		"password": "password"
+	},
+	"home": {
+		"intro": "Easily send <i>fully encrypted</i>, secure notes or files with one click. Just create a note and share the link.",
+		"explanation": "the note will expire and be destroyed after {type}.",
+		"new_note": "new note",
+		"new_note_notice": "<b>availability:</b><br />the note is not guaranteed to be stored as everything is kept in ram, if it fills up the oldest notes will be removed.<br />(you probably will be fine, just be warned.)",
+		"errors": {
+			"note_to_big": "could not create note. note is to big",
+			"note_error": "could not create note. please try again.",
+			"max": "max: {n}",
+			"empty_content": "note is empty."
+		},
+		"messages": {
+			"note_created": "note created."
+		},
+		"advanced": {
+			"explanation": "By default, a securely generated password is used for each note. You can however also choose your own password, which is not included in the link.",
+			"custom_password": "custom password"
+		}
+	},
+	"show": {
+		"errors": {
+			"not_found": "note was not found or was already deleted.",
+			"decryption_failed": "wrong password. could not decipher. probably a broken link. note was destroyed.",
+			"unsupported_type": "unsupported note type."
+		},
+		"explanation": "click below to show and delete the note if the counter has reached it's limit",
+		"show_note": "show note",
+		"warning_will_not_see_again": "you will <b>not</b> get the chance to see the note again.",
+		"download_all": "download all",
+		"links_found": "links found inside the note:"
+	},
+	"file_upload": {
+		"selected_files": "Selected Files",
+		"no_files_selected": "No Files Selected"
+	}
+}

packages/frontend/locales/es.json

@@ -0,0 +1,57 @@
+{
+	"common": {
+		"note": "nota",
+		"file": "archivo",
+		"advanced": "avanzado",
+		"create": "crear",
+		"loading": "cargando",
+		"mode": "modo",
+		"views": "{n, plural, =0 {vistas} =1 {1 vista} other {# vistas}}",
+		"minutes": "{n, plural, =0 {minutos} =1 {1 minuto} other {# minutos}}",
+		"max": "max",
+		"share_link": "compartir enlace",
+		"copy_clipboard": "copiar al portapapeles",
+		"copied_to_clipboard": "copiado al portapapeles",
+		"encrypting": "encriptando",
+		"decrypting": "descifrando",
+		"uploading": "cargando",
+		"downloading": "descargando",
+		"qr_code": "código qr",
+		"password": "contraseña"
+	},
+	"home": {
+		"intro": "Envía fácilmente notas o archivos <i>totalmente encriptados</i> y seguros con un solo clic. Solo tienes que crear una nota y compartir el enlace.",
+		"explanation": "la nota expirará y se destruirá después de {type}.",
+		"new_note": "nueva nota",
+		"new_note_notice": "<b>disponibilidad:</b><br />no se garantiza que la nota se almacene, ya que todo se guarda en la memoria RAM, si se llena se eliminarán las notas más antiguas.<br />(probablemente estará bien, solo está advertido.)",
+		"errors": {
+			"note_to_big": "no se pudo crear la nota. la nota es demasiado grande",
+			"note_error": "No se ha podido crear la nota. Por favor, inténtelo de nuevo.",
+			"max": "max: {n}",
+			"empty_content": "la nota está vacía."
+		},
+		"messages": {
+			"note_created": "nota creada."
+		},
+		"advanced": {
+			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, la cual no se incluye en el enlace.",
+			"custom_password": "contraseña personalizada"
+		}
+	},
+	"show": {
+		"errors": {
+			"not_found": "la nota no se encontró o ya fue borrada.",
+			"decryption_failed": "contraseña incorrecta. no se pudo descifrar. probablemente un enlace roto. la nota fue destruida.",
+			"unsupported_type": "tipo de nota no compatible."
+		},
+		"explanation": "pulse abajo para mostrar y borrar la nota si el contador ha llegado a su límite",
+		"show_note": "mostrar nota",
+		"warning_will_not_see_again": "<b>no</b> tendrás la oportunidad de volver a ver la nota.",
+		"download_all": "descargar todo",
+		"links_found": "enlaces que se encuentran dentro de la nota:"
+	},
+	"file_upload": {
+		"selected_files": "Archivos seleccionados",
+		"no_files_selected": "No hay archivos seleccionados"
+	}
+}