algolia/sup3rS3cretMes5age algolia/sup3rS3cretMes5age

  • Stars
    star
    506
  • Rank 87,236 (Top 2 %)
  • Language
    Go
  • License
    MIT License
  • Created about 7 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
algolia/sup3rS3cretMes5age
github

algolia

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

sup3rS3cretMes5age!

A simple, secure self-destructing message service, using HashiCorp Vault product as a backend.

self-destruct

Read more about the reasoning behind this project in the relevant blog post.

Now using Let's Encrypt for simple and free SSL certs!

Deployment

Testing it locally

You can just run docker-compose up --build: it will build the Docker image and then run it alongside a standalone Vault server.

By default, the docker-compose.yml is configured to run the webapp on port 8082 in cleartext HTTP (so you can access it on http://localhost:8082).

Optionally, you can modify the docker-compose.yml and tweak the options (enable HTTPS, disable HTTP or enable redirection to HTTPS, etc.). See Configuration options.

Production Deployment

We recommend deploying the project via Docker and a container orchestration tool:

  • Build the Docker image using the provided Dockerfile
  • Host it in a Docker registry (Docker Hub, AWS ECR, etc.)
  • Deploy the image (alongside with a standalone Vault server) using a container orchestration tool (Kubernetes, Docker Swarm, AWS ECS, etc.)

You can read the configuration examples below.

Security notice!

Whatever deployment method you choose, you should always run this behind SSL/TLS, otherwise secrets will be sent unencrypted!

Depending on your infrastructure/deployment, you can have TLS termination either inside the container (see Configuration examples - TLS), or before e.g. at a load balancer/reverse proxy in front of the service. It is interesting to have TLS termination before the container so you don't have to manage the certificate/key there, but make sure the network between your TLS termination point and your container is secure.

Configuration options

  • VAULT_ADDR: address of the Vault server used for storing the temporary secrets.
  • VAULT_TOKEN: Vault token used to authenticate to the Vault server.
  • SUPERSECRETMESSAGE_HTTP_BINDING_ADDRESS: HTTP binding address (e.g. :80).
  • SUPERSECRETMESSAGE_HTTPS_BINDING_ADDRESS: HTTPS binding address (e.g. :443).
  • SUPERSECRETMESSAGE_HTTPS_REDIRECT_ENABLED: whether to enable HTTPS redirection or not (e.g. true).
  • SUPERSECRETMESSAGE_TLS_AUTO_DOMAIN: domain to use for "Auto" TLS, i.e. automatic generation of certificate with Let's Encrypt. See Configuration examples - TLS - Auto TLS.
  • SUPERSECRETMESSAGE_TLS_CERT_FILEPATH: certificate filepath to use for "manual" TLS.
  • SUPERSECRETMESSAGE_TLS_CERT_KEY_FILEPATH: certificate key filepath to use for "manual" TLS.
  • SUPERSECRETMESSAGE_VAULT_PREFIX: vault prefix for secrets (default cubbyhole/)

Configuration example

Here is an example of a functionnal docker-compose.yml file

version: '3.2'

services:
  vault:
    image: vault:latest
    container_name: vault
    environment:
      VAULT_DEV_ROOT_TOKEN_ID: root
    cap_add:
      - IPC_LOCK
    expose:
      - 8200

  supersecret:
    build: ./
    image: algolia/supersecretmessage:latest
    container_name: supersecret
    environment:
      VAULT_ADDR: http://vault:8200
      VAULT_TOKEN: root
      SUPERSECRETMESSAGE_HTTP_BINDING_ADDRESS: ":80"
      SUPERSECRETMESSAGE_HTTPS_BINDING_ADDRESS: ":443"
      SUPERSECRETMESSAGE_HTTPS_REDIRECT_ENABLED: "true"
      SUPERSECRETMESSAGE_TLS_AUTO_DOMAIN: secrets.example.com
    ports:
      - "80:80"
      - "443:443"
    depends_on:
      - vault

Configuration types

Plain HTTP

VAULT_ADDR=http://vault:8200
VAULT_TOKEN=root

SUPERSECRETMESSAGE_HTTP_BINDING_ADDRESS=:80

TLS

Auto TLS
VAULT_ADDR=http://vault:8200
VAULT_TOKEN=root

SUPERSECRETMESSAGE_HTTPS_BINDING_ADDRESS=:443
SUPERSECRETMESSAGE_TLS_AUTO_DOMAIN=secrets.example.com
Auto TLS with HTTP > HTTPS redirection
VAULT_ADDR=http://vault:8200
VAULT_TOKEN=root

SUPERSECRETMESSAGE_HTTP_BINDING_ADDRESS=:80
SUPERSECRETMESSAGE_HTTPS_BINDING_ADDRESS=:443
SUPERSECRETMESSAGE_HTTPS_REDIRECT_ENABLED=true
SUPERSECRETMESSAGE_TLS_AUTO_DOMAIN=secrets.example.com
Manual TLS
VAULT_ADDR=http://vault:8200
VAULT_TOKEN=root

SUPERSECRETMESSAGE_HTTPS_BINDING_ADDRESS=:443
SUPERSECRETMESSAGE_TLS_CERT_FILEPATH=/mnt/ssl/cert_secrets.example.com.pem
SUPERSECRETMESSAGE_TLS_CERT_KEY_FILEPATH=/mnt/ssl/key_secrets.example.com.pem

Screenshot

secretmsg

Contributing

Pull requests are very welcome! They will be reviewed by our team at Algolia.

Thanks!

This project is heavaily depandent on Echo Go Web Frameworkand on Hashicorp Vault.

More Repositories

1

places

🌐 Turn any <input> into an address autocomplete
JavaScript
5,372
star
2

autocomplete

🔮 Fast and full-featured autocomplete library
TypeScript
5,047
star
3

docsearch

📘 The easiest way to add search to your documentation.
TypeScript
3,980
star
4

instantsearch

⚡️ Libraries for building performant and instant search and recommend experiences with Algolia. Compatible with JavaScript, TypeScript, React and Vue.
TypeScript
3,700
star
5

react-instantsearch

⚡️ Lightning-fast search for React and React Native applications, by Algolia.
TypeScript
1,969
star
6

algoliasearch-client-javascript

⚡️ A fully-featured and blazing-fast JavaScript API client to interact with Algolia.
TypeScript
1,259
star
7

github-awesome-autocomplete

:octocat: Add instant search capabilities to GitHub's search bar
JavaScript
1,062
star
8

vue-instantsearch

👀 Algolia components for building search UIs with Vue.js
JavaScript
854
star
9

shipjs

Take control of what is going to be your next release.
JavaScript
749
star
10

awesome-algolia

🔍👋 START HERE! A curated list of Algolia libraries, resources and projects.
696
star
11

algoliasearch-client-php

⚡️ A fully-featured and blazing-fast PHP API client to interact with Algolia.
PHP
670
star
12

instantsearch-ios

⚡️ A library of widgets and helpers to build instant-search applications on iOS.
Swift
573
star
13

voice-overlay-ios

🗣 An overlay that gets your user’s voice permission and input as text in a customizable UI
Swift
544
star
14

react-element-to-jsx-string

Turn a ReactElement into the corresponding JSX string
JavaScript
490
star
15

hn-search

Hacker News Search
TypeScript
489
star
16

docsearch-configs

DocSearch - Configurations
JavaScript
455
star
17

expect-jsx

✅ toEqualJSX for expect assertion library
JavaScript
410
star
18

algoliasearch-rails

AlgoliaSearch integration to your favorite ORM
Ruby
398
star
19

scout-extended

Scout Extended: The Full Power of Algolia in Laravel
PHP
382
star
20

algoliasearch-wordpress

❌🗑🙅‍♂️ Algolia Search plugin for WordPress is no longer supported. Please use our API client guide instead
JavaScript
360
star
21

docsearch-scraper

DocSearch - Scraper
Python
298
star
22

color-extractor

Extract the dominant color(s) of your fashion articles!
Python
271
star
23

algoliasearch-netlify

Official Algolia Plugin for Netlify. Index your website to Algolia when deploying your project to Netlify with the Algolia Crawler
TypeScript
260
star
24

angular-instantsearch

⚡️Lightning-fast search for Angular apps, by Algolia
TypeScript
255
star
25

voice-overlay-android

🗣 An overlay that gets your user’s voice permission and input as text in a customizable UI
Kotlin
253
star
26

algoliasearch-laravel

[Deprecated] We now recommend using Laravel Scout, see =>
PHP
238
star
27

jekyll-algolia

Add fast and relevant search to your Jekyll site
Ruby
214
star
28

algoliasearch-client-swift

⚡️ A fully-featured and blazing-fast Swift API client to interact with Algolia.
Swift
203
star
29

algoliasearch-client-python

⚡️ A fully-featured and blazing-fast Python API client to interact with Algolia.
Python
194
star
30

algoliasearch-client-go

⚡️ A fully-featured and blazing-fast Go API client to interact with Algolia.
Go
193
star
31

search-bundle

Seamless integration of Algolia Search into your Symfony project.
PHP
190
star
32

atom-autocomplete-module-import

⚛️ Search & install npm packages from import/require statements.
JavaScript
182
star
33

gatsby-plugin-algolia

A plugin to push to Algolia based on graphQl queries
JavaScript
176
star
34

algoliasearch-helper-js

Helper for implementing advanced search features with Algolia
JavaScript
174
star
35

datasets

Interesting datasets you could use with Algolia
173
star
36

youtube-captions-scraper

Fetch youtube user submitted or fallback to auto-generated captions
JavaScript
173
star
37

pwa-ecom-ui-template

React/Next.js based starter kit, focused on delivering a rich Search & Discovery e-commerce experience.
TypeScript
172
star
38

algoliasearch-django

Seamless integration of Algolia into your Django project.
Python
167
star
39

algoliasearch-client-ruby

⚡️ A fully-featured and blazing-fast Ruby API client to interact with Algolia.
Ruby
166
star
40

algoliasearch-magento-2

Algolia Search integration for Magento 2 - compatible with versions from 2.3.x to 2.4.x
PHP
156
star
41

instantsearch-android

A library of widgets and helpers to build instant-search applications on Android.
Kotlin
153
star
42

instant-search-demo

Instant-search demo (facets, sliders, paginations & more)
CSS
140
star
43

npm-search

🗿 npm ↔️ Algolia replication tool ⛷️ 🐌 🛰️
TypeScript
134
star
44

algoliasearch-jekyll

⚠ DEPRECATED Use jekyll-algolia instead.
Ruby
124
star
45

algoliasearch-client-csharp

⚡️ A fully-featured and blazing-fast C# API client to interact with Algolia.
C#
113
star
46

firestore-algolia-search

TypeScript
112
star
47

kubernetes-hands-on

Kubernetes Hands-on by Algolia
110
star
48

frontman

💎 A Ruby-based static website generator
Ruby
108
star
49

create-instantsearch-app

⚡️ Build InstantSearch apps at the speed of thought
JavaScript
107
star
50

algoliasearch-client-android

Algolia Search API Client for Android
Java
98
star
51

faux-jax

NO MORE MAINTAINED: Intercept and respond to requests in the browser (AJAX) and Node.js (http(s) module)
JavaScript
96
star
52

cli

🔍 Algolia’s official CLI devtool
Go
94
star
53

algolia-cli-old

[DEPRECATED] This repo and npm package are no longer maintained or supported. The new official command line tool can be found here: https://github.com/algolia/cli
JavaScript
82
star
54

doc-code-samples

This repository holds the Algolia documentation big code samples like GeoSearch, Calendar...
TypeScript
82
star
55

rollup-jest-boilerplate

🎉 Full featured boilerplate for building JavaScript libraries the modern way
JavaScript
80
star
56

marvel-search

Searchable list of all Marvel superheroes and supervillains
JavaScript
77
star
57

examples

Set of code samples highlighting the different ways to use the Algolia API
CSS
76
star
58

instantsearch-ios-examples

Example apps built with InstantSearch iOS
Swift
67
star
59

instantsearch-android-examples

Example apps built with algolia/instantsearch-android
Kotlin
63
star
60

algoliasearch-client-css

Algolia Search API Client for CSS
JavaScript
63
star
61

mongoolia

Keep your mongoose schemas synced with Algolia
JavaScript
58
star
62

algoliasearch-client-kotlin

⚡️ A fully-featured and blazing-fast Kotlin/Android API client to interact with Algolia.
Kotlin
56
star
63

hn-reactnative-sample

Sample Hacker News Search app by Algolia based on React Native.
JavaScript
54
star
64

search-insights.js

Library for reporting click, conversion and view metrics using the Algolia Insights API
TypeScript
53
star
65

jest-serializer-html

Jest snapshot serializer that beautifies HTML.
JavaScript
51
star
66

redux-updeep

small reducer generator that uses updeep to immutably deep merge partial updates into the reducer's state
JavaScript
50
star
67

algoliasearch-alexa

🔊 Search by voice in Alexa, powered by Algolia
JavaScript
44
star
68

chunk-text

🔪 chunk/split a string by length without cutting/truncating words.
JavaScript
44
star
69

algoliasearch-client-java

⚡️ A fully-featured and blazing-fast Java API client to interact with Algolia.
Java
43
star
70

react-nouislider

CSS
42
star
71

react-test-boilerplate

Companion project for Algolia's React unit testing blog post
JavaScript
41
star
72

algoliasearch-crawler-github-actions

Algolia Crawler Github action
TypeScript
40
star
73

demo-geo-search

Demo code illustrating the geo search features of Algolia
JavaScript
39
star
74

laravel-scout-algolia-macros

DEPRECATED: Use of this repository is deprecated. Please use Scout Extended - https://github.com/algolia/scout-extended instead.
PHP
39
star
75

algoliasearch-client-objc

Algolia Search API Client for iOS & OS X
Objective-C
38
star
76

docsearch-website

Previous repository for the DocSearch documentation website, now at https://github.com/algolia/docsearch/tree/next/packages/website
CSS
38
star
77

algoliasearch-client-node

DEPRECATED
36
star
78

algoliasearch-rails-example

AlgoliaSearch+Ruby on Rails examples
Ruby
36
star
79

elasticsearch-topk-plugin

Elasticsearch Top-K Aggregation Plugin
Java
35
star
80

wordpress-docker

Simple docker based environment for WordPress plugins and themes development.
Shell
34
star
81

algolia-sitemap

a node library allowing you to generate sitemaps from an Algolia index.
JavaScript
33
star
82

jekyll-algolia-example

Front-end example of the jekyll-algolia plugin
HTML
33
star
83

vue-instantsearch-examples

Examples for Vue InstantSearch v1, v2 links: https://github.com/algolia/vue-instantsearch-examples/issues/50
Shell
33
star
84

unified-instantsearch-ecommerce

The fastest way to implement Algolia, for e-commerce customers.
JavaScript
32
star
85

algoliasearch-client-java-legacy

*DEPRECATED* Algolia Search API Client for Java, see https://github.com/algolia/algoliasearch-client-java-2
Java
31
star
86

talksearch-scraper

Extract captions and metadata from YouTube playlists and push them to Algolia
JavaScript
31
star
87

diffable-html

Opinionated HTML formatter focused towards making HTML diffs readable.
JavaScript
30
star
88

api-clients-automation

🤖 Monorepo of the Algolia API specs and their auto-generated clients and documentation
PHP
30
star
89

recommend

A UI library for Algolia Recommend, available for Vanilla JavaScript and React.
TypeScript
29
star
90

eslint-config-algolia

Algolia's ESLint config and prettier instructions for JavaScript projects
JavaScript
27
star
91

talksearch

🎤 An interactive search experience for video titles and transcripts
JavaScript
25
star
92

algolia-firebase-nodejs

An example showing how to push data from Firebase to Algolia
JavaScript
24
star
93

algoliasearch-client-scala

⚡️ A fully-featured and blazing-fast Scala API client to interact with Algolia.
Scala
24
star
94

redux-magic-async-middleware

redux-magic-async-middleware is a middleware which makes it easy to handle asynchronous data with redux
JavaScript
23
star
95

laravel-scout-settings

DEPRECATED: Use of this repository is deprecated. Please use Scout Extended - https://github.com/algolia/scout-extended instead.
PHP
23
star
96

pdrone

Control Parrot drones with JavaScript
JavaScript
23
star
97

algoliasearch-helper-flutter

⚡️ Building block to create instant-search applications with Flutter
Dart
23
star
98

algolia-swift-demo

iOS instant search tutorial
Swift
23
star
99

algolia-react-boilerplate

🔥 A highly scalable, and customizable boilerplate, made with ReactInstantSearchHooks and with many Algolia's features. Ready to configure and deploy. You have just to follow steps in readme file. 💥
JavaScript
23
star
100

algolia-coding-contest

Welcome to the first Algolia Coding Contest, until May 5th.
22
star