cryptgeon

cryptgeon is a secure, open source note / file sharing service inspired by PrivNote written in rust & svelte.

file-sharing note-sharing private-notes privnote secure-notes

Go to file

cupcakearmy 88ea828b66 upload		2022-11-15 12:35:02 +01:00
.github	upload	2022-11-15 12:35:02 +01:00
.vscode	restructuring (#56 )	2022-10-07 21:28:25 +02:00
design	Completed the Chinese translation of README	2022-07-08 16:18:12 +08:00
examples	readme	2022-07-26 15:49:06 +02:00
packages	update dependencies and fix some a11y issues	2022-11-12 14:40:17 +01:00
test	restructuring (#56 )	2022-10-07 21:28:25 +02:00
.dev.env	testing	2022-11-14 15:55:49 +01:00
.dockerignore	wrong docker compose	2022-10-29 19:43:59 +02:00
.gitattributes	Testing (#44 )	2022-07-19 21:55:05 +02:00
.gitignore	Testing (#41 )	2022-07-19 14:12:51 +02:00
CHANGELOG.md	changelog	2022-11-12 14:40:21 +01:00
Dockerfile	use nightly cargo with sparse registry	2022-11-02 13:24:30 +01:00
LICENSE	Create LICENSE	2021-05-02 12:13:13 +02:00
README.md	#62 (#63 )	2022-10-27 17:26:56 +02:00
README_zh-CN.md	restructuring (#56 )	2022-10-07 21:28:25 +02:00
SECURITY.md	security reporting	2022-09-10 13:13:09 +02:00
docker-compose.dev.yaml	test	2022-11-14 16:16:50 +01:00
docker-compose.yaml	test on docker image	2022-11-14 15:47:12 +01:00
package.json	ci	2022-11-15 12:17:52 +01:00
playwright.config.ts	testing	2022-11-14 15:55:49 +01:00
pnpm-lock.yaml	update dependencies and fix some a11y issues	2022-11-12 14:40:17 +01:00
pnpm-workspace.yaml	restructuring (#56 )	2022-10-07 21:28:25 +02:00
proxy.mjs	bug due to dep update	2022-01-03 18:16:54 +01:00

README.md

logo

EN | 简体中文

About?

cryptgeon is a secure, open source sharing note or file service inspired by PrivNote

🌍 If you want to translate the project feel free to reach out to me.

Thanks to Lokalise for providing free access to their platform.

Live Service / Demo

Check out the live service / demo and see for yourself cryptgeon.org

Features

server cannot decrypt contents due to client side encryption
view or time constraints
in memory, no persistence
obligatory dark mode support

How does it work?

each note has a generated id (256bit) and key 256(bit). The id is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the key and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to.

Screenshot

Environment Variables

Variable	Default	Description
`REDIS`	`redis://redis/`	Redis URL to connect to. According to format
`SIZE_LIMIT`	`1 KiB`	Max size for body. Accepted values according to byte-unit. `512 MiB` is the maximum allowed. The frontend will show that number including the ~35% encoding overhead.
`MAX_VIEWS`	`100`	Maximal number of views.
`MAX_EXPIRATION`	`360`	Maximal expiration in minutes.
`ALLOW_ADVANCED`	`true`	Allow custom configuration. If set to `false` all notes will be one view only.
`VERBOSITY`	`warn`	Verbosity level for the backend. Possible values are: `error`, `warn`, `info`, `debug`, `trace`
`THEME_IMAGE`	`""`	Custom image for replacing the logo. Must be publicly reachable
`THEME_TEXT`	`""`	Custom text for replacing the description below the logo
`THEME_PAGE_TITLE`	`""`	Custom text the page title
`THEME_FAVICON`	`""`	Custom url for the favicon. Must be publicly reachable

Deployment

ℹ️ https is required otherwise browsers will not support the cryptographic functions.

Docker

Docker is the easiest way. There is the official image here.

# docker-compose.yml

version: '3.8'

services:
  redis:
    image: redis:7-alpine
    # Set a size limit. See link below on how to customise.
    # https://redis.io/docs/manual/eviction/
    command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru

  app:
    image: cupcakearmy/cryptgeon:latest
    depends_on:
      - redis
    environment:
      # Size limit for a single note.
      SIZE_LIMIT: 4 MiB
    ports:
      - 80:5000

NGINX Proxy

See the examples/nginx folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.

Traefik 2

See the examples/traefik folder.

Scratch

See the examples/scratch folder. There you'll find a guide how to setup a server and install cryptgeon from scratch.

Synology

There is a guide you can follow.

YouTube Guides

English by DB Tech Previous Video
German by ApfelCast

Development

Requirements

pnpm: >=6
node: >=16
rust: edition 2021

Install

pnpm install
pnpm --prefix frontend install

# Also you need cargo watch if you don't already have it installed.
# https://lib.rs/crates/cargo-watch
cargo install cargo-watch

Run

Make sure you have docker running.

If you are on macOS you might need to disable AirPlay Receiver as it uses port 5000 (So stupid...) https://developer.apple.com/forums/thread/682332

pnpm run dev

Running pnpm run dev in the root folder will start the following things:

redis docker container
rust backend
client

You can see the app under localhost:1234.

Tests

Tests are end to end tests written with Playwright.

pnpm run test:prepare
docker compose up redis -d
pnpm run test:server

# In another terminal.
# Use the test or test:local script. The local version only runs in one browser for quicker development.
pnpm run test:local

Security

Please refer to the security section here.

Attributions

Test data:
- Text for tests Nietzsche Ipsum
- AES Paper
- Unsplash Pictures
Loading animation by Nikhil Krishnan
Icons made by freepik from www.flaticon.com

README.md Unescape Escape