cupcakearmy/cryptgeon

EN | 简体中文 | ES

About?

cryptgeon is a secure, open source sharing note or file service inspired by PrivNote. It includes a server, a web page and a CLI client.

🌍 If you want to translate the project feel free to reach out to me.

Thanks to Lokalise for providing free access to their platform.

Live Service / Demo

Web

Check out the live service / demo and see for yourself cryptgeon.org

CLI

npx cryptgeon send text "This is a secret note"

For more documentation about the CLI see the readme.

Features

• send text or files
• server cannot decrypt contents due to client side encryption
• view or time constraints
• in memory, no persistence
• obligatory dark mode support

How does it work?

each note has a generated id (256bit) and key 256(bit). The id is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the key and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to.

Screenshot

Environment Variables

Deployment

ℹ️ https is required otherwise browsers will not support the cryptographic functions.

ℹ️ There is a health endpoint available at /api/health/. It returns either 200 or 503.

Docker

Docker is the easiest way. There is the official image here.

# docker-compose.yml

version: '3.8'

services:
  redis:
    image: redis:7-alpine
    # Set a size limit. See link below on how to customise.
    # https://redis.io/docs/manual/eviction/
    # command: redis-server --maxmemory 1gb --maxmemory-policy allkeys-lru

  app:
    image: cupcakearmy/cryptgeon:latest
    depends_on:
      - redis
    environment:
      # Size limit for a single note.
      SIZE_LIMIT: 4 MiB
    ports:
      - 80:8000

    # Optional health checks
    # healthcheck:
    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
    #   interval: 1m
    #   timeout: 3s
    #   retries: 2
    #   start_period: 5s

NGINX Proxy

See the examples/nginx folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.

Traefik 2

See the examples/traefik folder.

Scratch

See the examples/scratch folder. There you'll find a guide how to setup a server and install cryptgeon from scratch.

Synology

There is a guide you can follow.

YouTube Guides

• English by Webnestify
• English by DB Tech Previous Video
• German by ApfelCast

Development

Requirements

• pnpm: >=6
• node: >=18
• rust: edition 2021

Install

pnpm install

# Also you need cargo watch if you don't already have it installed.
# https://lib.rs/crates/cargo-watch
cargo install cargo-watch

Run

Make sure you have docker running.

pnpm run dev

Running pnpm run dev in the root folder will start the following things:

• redis docker container
• rust backend
• client
• cli

You can see the app under localhost:1234.

There is a Postman collection with some example requests available in the repo

Tests

Tests are end to end tests written with Playwright.

pnpm run test:prepare

# Use the test or test:local script. The local version only runs in one browser for quicker development.
pnpm run test:local

Security

Please refer to the security section here.

Attributions

• Test data:
  • Text for tests Nietzsche Ipsum
  • AES Paper
  • Unsplash Pictures
• Loading animation by Nikhil Krishnan
• Icons made by freepik from www.flaticon.com