logo

discord docker pulls Docker image size badge Latest version
Cryptgeon - Securely share self-destructing notes | Product Hunt
## About? _cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com) ## Demo Check out the demo and see for yourself https://cryptgeon.nicco.io. ## Features - server cannot decrypt contents due to client side encryption - view or time constraints - in memory, no persistence - obligatory dark mode support ## How does it work? each note has a generated id (256bit) and key 256(bit). The id is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the key and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to. ## Screenshot ![screenshot](./design/Screens.png) ## Environment Variables | Variable | Default | Description | | ------------ | ----------------- | --------------------------------------------------------------------------------------- | | `MEMCACHE` | `memcached:11211` | Memcached URL to connect to. | | `SIZE_LIMIT` | `1 KiB` | Max size for body. Accepted values according to [byte-unit](https://docs.rs/byte-unit/) | ## Deployment ℹ️ `https` is required otherwise browsers will not support the cryptographic functions. ### Docker Docker is the easiest way. There is the [official image here](https://hub.docker.com/r/cupcakearmy/cryptgeon). ```yaml # docker-compose.yml version: '3.7' services: memcached: image: memcached:1-alpine entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will. app: image: cupcakearmy/cryptgeon:latest depends_on: - memcached environment: SIZE_LIMIT: 4M ports: - 80:5000 ``` ### NGINX Proxy See the [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates. ### Traefik 2 Assumptions: - External proxy docker network `proxy` - A certificate resolver `le` - A https entrypoint `secure` - Domain name `example.org` ```yaml version: '3.8' networks: proxy: external: true services: memcached: image: memcached:1-alpine restart: unless-stopped entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will. app: image: cupcakearmy/cryptgeon:latest restart: unless-stopped depends_on: - memcached networks: - default - proxy labels: - traefik.enable=true - traefik.http.routers.cryptgeon.rule=Host(`example.org`) - traefik.http.routers.cryptgeon.entrypoints=secure - traefik.http.routers.cryptgeon.tls.certresolver=le ``` ## Development 1. Clone 2. run `pnpm i` in the root and and client `client/` folders. 3. Run `pnpm run dev` to start development. Running `npm run dev` in the root folder will start the following things - a memcache docker container - rust backend with hot reload - client with hot reload You can see the app under [localhost:1234](http://localhost:1234). ###### Attributions Icons made by freepik from www.flaticon.com