4.4.0 • Published 1 year ago

hemmelig v4.4.0

Weekly downloads
-
License
MIT
Repository
github
Last release
1 year ago

Quality Gate Status Better Uptime Badge

SaaS

Hemmelig is available at https://hemmelig.app

Desktop

How it works

You enter https://hemmelig.app, write your sensitive information, expire time, optional password, and click create a secret link. You share the secret link. The receiver of the link opens it, writes the optional password, and retrieves the sensitive information. When a secret link is created, it gets its unique encryption key that is not saved to the database and only will be part of the URL. This is how the encryption works: encrypt(DATA, YOUR_UNIQUE_ENCRYPTION_KEY). The encryption of the text and files is done in the client; this means the server will get the encrypted information, and nothing in clear text.

Features

  • Client side encryption
  • Encrypted sensitive information sharing
  • Encrypted file upload for signed in users
  • Secret lifetime
  • Set max views per secret
  • Optional encrypted title
  • Optional password protection
  • Optional IP address restriction
  • QR Code of the secret link
  • Encrypted key is part of the URL, and not saved to the database for an extra layer of security
  • It will detect if the secret is base64 encoded, and add a button to convert it to plain text on read
  • Self-hosted version. Keywords: Regulatory compliance
  • CLI Support

Linode Referral

Hemmelig.app is running on Linode, and is not being sponsored by anyone. If you want to support Hemmelig, and use Linode. Here is a referral link that we get free credit if you use. By using this link you will get $100 of credit as well: https://www.linode.com/lp/refer/?r=a47390eeafc5a46b8e5407a5d2bf28368d474993

Docker image

  • hemmeligapp/hemmelig:weekly (pushed every week on Friday)
  • hemmeligapp/hemmelig:arm-weekly
  • hemmeligapp/hemmelig:daily
  • hemmeligapp/hemmelig:arm-daily
  • hemmeligapp/hemmelig:v3.4.0 (see the github tags)
  • hemmeligapp/hemmelig:arm-vX.X.X (will be from > 4.2.0)
  • hemmeligapp/hemmelig:latest (Is created on each version release)
  • hemmeligapp/hemmelig:arm-latest (will be from > 4.2.0)

Self-hosting

If you have to follow some sort of compliance, and have to self-host, https://hemmelig.app is available as a docker image. The following is the bare minimum to run the docker image.

# To use this image you need a redis database enabled.
# Example:
#
# $ docker run -p 6379:6379 --name some-redis -d redis
#

docker run -p 3000:3000 -d --name=hemmelig \
    -e SECRET_REDIS_HOST=127.0.0.1 \
    -v /var/tmp/hemmelig:/var/tmp/hemmelig/upload/files # this is how you mount a local directory if you choose to use disk upload, and not do/s3
    hemmeligapp/hemmelig:latest

Alternatively you can use docker-compose:

# fetch docker-compose.yml
wget https://raw.githubusercontent.com/HemmeligOrg/Hemmelig.app/main/docker-compose.yml

# start hemmelig & redis
docker-compose up -d

# stop containers
docker-compose down

Have a look at the Dockerfile for a full example of how to run this application.

CLI

Hemmelig can be used as a CLI to create secrets on the fly!

# Pipe data to hemmelig
cat mysecretfile | npx hemmelig

# For the documentaiton
npx hemmelig --help

Environment variables

ENV varsDescriptionDefault
SECRET_LOCAL_HOSTNAMEThe local hostname for the fastify instance0.0.0.0
SECRET_PORTThe port number for the fastify instance3000
SECRET_HOSTUsed for i.e. set cors/cookies to your domain name""
SECRET_REDIS_HOSTOverride this for your redis host address""
SECRET_REDIS_PORTThe redis port number6379
SECRET_REDIS_TLSIf the redis instance is using tlsfalse
SECRET_REDIS_USERYour redis user name""
SECRET_REDIS_PASSWORDYour redis password""
SECRET_MAX_TEXT_SIZEThe max text size for the secret. Is set in kb. i.e. 256 for 256kb.256
SECRET_JWT_SECRETOverride this for the secret signin JWT tokens for log ingood_luck_have_fun
SECRET_FILE_SIZESet the total allowed upload file size in mb.4
SECRET_ENABLE_FILE_UPLOADEnable or disable file uploadtrue
SECRET_DISABLE_USERSDisable user registrationfalse
SECRET_FORCED_LANGUAGESet the default language for the application.en
SECRET_DO_SPACES_ENDPOINTThe Digital Ocean Spaces/AWS s3 endpoint""
SECRET_DO_SPACES_KEYThe Digital Ocean Spaces/AWS s3 key""
SECRET_DO_SPACES_SECRETThe Digital Ocean Spaces/AWS s3 secret""
SECRET_DO_SPACES_BUCKETThe Digital Ocean Spaces/AWS s3 bucket name""
SECRET_DO_SPACES_FOLDERThe Digital Ocean Spaces/AWS s3 folder for the uploaded files""

Supported languages

Have a look at the public/locales/ folder.

Run locally

# First you have to run redis
# Example by using docker
docker run -itd -p 6379:6379 redis

npm install

# Start the frontend/backend
npm run dev
# http://0.0.0.0:3000

Discord

Discord

My lovely contributors

Contribution

Feel free to contribute to this repository. Have a look at CONTRIBUTION.md for guidelines.

@fastify/cookie@fastify/cors@fastify/helmet@fastify/jwt@fastify/multipart@fastify/static@mantine/core@mantine/form@mantine/hooks@mantine/modals@tabler/iconsasync-redisaws-sdkbcryptjsconfigdayjsemail-validatorfastifyfastify-pluginfile-typeip-range-checkis-base64meownanoidnode-fetchpretty-bytesreact-qr-coderedisreplace-in-filesanitize-filenametweetnacltweetnacl-utilunfetchvalidator
@infinitebrahmanuniverse/nolb-hem@everything-registry/sub-chunk-1839
4.4.0

1 year ago

4.3.0

1 year ago

4.2.1

1 year ago

4.2.0

1 year ago

4.1.6

2 years ago

4.1.5

2 years ago

4.1.4

2 years ago

4.1.3

2 years ago

4.1.2

2 years ago

4.1.1

2 years ago

4.1.0

2 years ago