cryptgeon is a secure, open source note / file sharing service inspired by PrivNote written in rust & svelte.
Go to file
Nicco 9590c9b567
2 (#38)
* use redis

* update frontend and switch sanitize library

* changelog

* theming

* docker image

* documentation

* changelog

* clear up limit sizes

* version bump

* version bump
2022-07-16 14:16:54 +02:00
.github lokalise 2022-03-02 16:32:36 +01:00
.vscode translate the app 2022-01-16 14:02:53 +01:00
backend 2 (#38) 2022-07-16 14:16:54 +02:00
design Completed the Chinese translation of README 2022-07-08 16:18:12 +08:00
examples 2 (#38) 2022-07-16 14:16:54 +02:00
frontend 2 (#38) 2022-07-16 14:16:54 +02:00
.dockerignore 2 (#38) 2022-07-16 14:16:54 +02:00
.gitattributes move svg from lfs to repo 2021-05-02 16:24:31 +02:00
.gitignore move folder 2022-01-02 23:46:08 +01:00
CHANGELOG.md 2 (#38) 2022-07-16 14:16:54 +02:00
docker-compose.yml 2 (#38) 2022-07-16 14:16:54 +02:00
Dockerfile 2 (#38) 2022-07-16 14:16:54 +02:00
LICENSE Create LICENSE 2021-05-02 12:13:13 +02:00
package.json 2 (#38) 2022-07-16 14:16:54 +02:00
pnpm-lock.yaml 2 (#38) 2022-07-16 14:16:54 +02:00
proxy.mjs bug due to dep update 2022-01-03 18:16:54 +01:00
README_zh-CN.md 2 (#38) 2022-07-16 14:16:54 +02:00
README.md 2 (#38) 2022-07-16 14:16:54 +02:00

logo

discord docker pulls Docker image size badge Latest version



Cryptgeon - Securely share self-destructing notes | Product Hunt

EN | 简体中文

About?

cryptgeon is a secure, open source sharing note or file service inspired by PrivNote

🌍 If you want to translate the project feel free to reach out to me.

Thanks to Lokalise for providing free access to their platform.

Demo

Check out the demo and see for yourself https://cryptgeon.nicco.io.

Features

  • server cannot decrypt contents due to client side encryption
  • view or time constraints
  • in memory, no persistence
  • obligatory dark mode support

How does it work?

each note has a generated id (256bit) and key 256(bit). The id is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the key and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to.

Screenshot

screenshot

Environment Variables

Variable Default Description
REDIS redis://redis/ Redis URL to connect to.
SIZE_LIMIT 1 KiB Max size for body. Accepted values according to byte-unit. 512 MiB is the maximum allowed
MAX_VIEWS 100 Maximal number of views.
MAX_EXPIRATION 360 Maximal expiration in minutes.
ALLOW_ADVANCED true Allow custom configuration. If set to false all notes will be one view only.
THEME_IMAGE "" Custom image for replacing the logo. Must be publicly reachable
THEME_TEXT "" Custom text for replacing the description below the logo

Deployment

https is required otherwise browsers will not support the cryptographic functions.

Docker

Docker is the easiest way. There is the official image here.

# docker-compose.yml

version: '3.8'

services:
  redis:
    image: redis:7-alpine

  app:
    image: cupcakearmy/cryptgeon:latest
    depends_on:
      - redis
    environment:
      SIZE_LIMIT: 4 MiB
    ports:
      - 80:5000

NGINX Proxy

See the examples/nginx folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.

Traefik 2

Assumptions:

  • External proxy docker network proxy
  • A certificate resolver le
  • A https entrypoint secure
  • Domain name example.org
version: '3.8'

networks:
  proxy:
    external: true

services:
  redis:
    image: redis:7-alpine
    restart: unless-stopped

  app:
    image: cupcakearmy/cryptgeon:latest
    restart: unless-stopped
    depends_on:
      - redis
    networks:
      - default
      - proxy
    labels:
      - traefik.enable=true
      - traefik.http.routers.cryptgeon.rule=Host(`example.org`)
      - traefik.http.routers.cryptgeon.entrypoints=secure
      - traefik.http.routers.cryptgeon.tls.certresolver=le

Development

Requirements

  • pnpm: >=6
  • node: >=16
  • rust: edition 2021

Install

pnpm install
pnpm --prefix frontend install

# Also you need cargo watch if you don't already have it installed.
# https://lib.rs/crates/cargo-watch
cargo install cargo-watch

Run

Make sure you have docker running.

If you are on macOS you might need to disable AirPlay Receiver as it uses port 5000 (So stupid...) https://developer.apple.com/forums/thread/682332

pnpm run dev

Running pnpm run dev in the root folder will start the following things:

  • redis docker container
  • rust backend
  • client

You can see the app under localhost:1234.

Attributions

Icons made by freepik from www.flaticon.com