mirror of
https://github.com/cupcakearmy/cryptgeon.git
synced 2025-01-08 00:16:26 +00:00
137 lines
4.4 KiB
Markdown
137 lines
4.4 KiB
Markdown
<p align="center">
|
||
<img src="./design/Github.png" alt="logo">
|
||
</p>
|
||
|
||
<a href="https://discord.gg/nuby6RnxZt">
|
||
<img alt="discord" src="https://img.shields.io/discord/252403122348097536?style=for-the-badge" />
|
||
<img alt="docker pulls" src="https://img.shields.io/docker/pulls/cupcakearmy/cryptgeon?style=for-the-badge" />
|
||
<img alt="Docker image size badge" src="https://img.shields.io/docker/image-size/cupcakearmy/cryptgeon?style=for-the-badge" />
|
||
<img alt="Latest version" src="https://img.shields.io/github/v/release/cupcakearmy/cryptgeon?style=for-the-badge" />
|
||
</a>
|
||
|
||
<br/>
|
||
<a href="https://www.producthunt.com/posts/cryptgeon?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-cryptgeon" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=295189&theme=light" alt="Cryptgeon - Securely share self-destructing notes | Product Hunt" style="width: 250px; height: 54px;" width="250" height="54" /></a>
|
||
<br/>
|
||
|
||
## About?
|
||
|
||
_cryptgeon_ is a secure, open source sharing note or file service inspired by [_PrivNote_](https://privnote.com)
|
||
|
||
## Demo
|
||
|
||
Check out the demo and see for yourself https://cryptgeon.nicco.io.
|
||
|
||
## Features
|
||
|
||
- server cannot decrypt contents due to client side encryption
|
||
- view or time constraints
|
||
- in memory, no persistence
|
||
- obligatory dark mode support
|
||
|
||
## How does it work?
|
||
|
||
each note has a generated <code>id (256bit)</code> and <code>key 256(bit)</code>. The
|
||
<code>id</code>
|
||
is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the
|
||
client side with the <code>key</code> and then sent to the server. data is stored in memory and
|
||
never persisted to disk. the server never sees the encryption key and cannot decrypt the contents
|
||
of the notes even if it tried to.
|
||
|
||
## Screenshot
|
||
|
||
![screenshot](./design/Screens.png)
|
||
|
||
## Environment Variables
|
||
|
||
| Variable | Default | Description |
|
||
| ------------ | ----------------- | --------------------------------------------------------------------------------------- |
|
||
| `MEMCACHE` | `memcached:11211` | Memcached URL to connect to. |
|
||
| `SIZE_LIMIT` | `1 KiB` | Max size for body. Accepted values according to [byte-unit](https://docs.rs/byte-unit/) |
|
||
|
||
## Deployment
|
||
|
||
ℹ️ `https` is required otherwise browsers will not support the cryptographic functions.
|
||
|
||
### Docker
|
||
|
||
Docker is the easiest way. There is the [official image here](https://hub.docker.com/r/cupcakearmy/cryptgeon).
|
||
|
||
```yaml
|
||
# docker-compose.yml
|
||
|
||
version: '3.7'
|
||
|
||
services:
|
||
memcached:
|
||
image: memcached:1-alpine
|
||
entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will.
|
||
|
||
app:
|
||
image: cupcakearmy/cryptgeon:latest
|
||
depends_on:
|
||
- memcached
|
||
environment:
|
||
SIZE_LIMIT: 4M
|
||
ports:
|
||
- 80:5000
|
||
```
|
||
|
||
### NGINX Proxy
|
||
|
||
See the [examples/nginx](https://github.com/cupcakearmy/cryptgeon/tree/main/examples/nginx) folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.
|
||
|
||
### Traefik 2
|
||
|
||
Assumptions:
|
||
|
||
- External proxy docker network `proxy`
|
||
- A certificate resolver `le`
|
||
- A https entrypoint `secure`
|
||
- Domain name `example.org`
|
||
|
||
```yaml
|
||
version: '3.8'
|
||
|
||
networks:
|
||
proxy:
|
||
external: true
|
||
|
||
services:
|
||
memcached:
|
||
image: memcached:1-alpine
|
||
restart: unless-stopped
|
||
entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will.
|
||
|
||
app:
|
||
image: cupcakearmy/cryptgeon:latest
|
||
restart: unless-stopped
|
||
depends_on:
|
||
- memcached
|
||
networks:
|
||
- default
|
||
- proxy
|
||
labels:
|
||
- traefik.enable=true
|
||
- traefik.http.routers.cryptgeon.rule=Host(`example.org`)
|
||
- traefik.http.routers.cryptgeon.entrypoints=secure
|
||
- traefik.http.routers.cryptgeon.tls.certresolver=le
|
||
```
|
||
|
||
## Development
|
||
|
||
1. Clone
|
||
2. run `pnpm i` in the root and and client `client/` folders.
|
||
3. Run `pnpm run dev` to start development.
|
||
|
||
Running `npm run dev` in the root folder will start the following things
|
||
|
||
- a memcache docker container
|
||
- rust backend with hot reload
|
||
- client with hot reload
|
||
|
||
You can see the app under [localhost:1234](http://localhost:1234).
|
||
|
||
###### Attributions
|
||
|
||
Icons made by <a href="https://www.freepik.com" title="Freepik">freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
|