A simple, encrypted, one-time secret sharing app
This is intended to be used as a Docker container. You can either use the image ghcr.io/cyllective/olim or build the image yourself with make docker-image. As an example on how to deploy it, see docker-compose.yaml.
Important
HTTPS is required! The Web Crypto API will only work on localhost or HTTPS connections.
The app is configured with environment variables.
| Variable | Affects | Default |
|---|---|---|
DEBUG |
If debug output should be printed | - |
DB_PATH |
Where the SQLite3 database will be saved | ./olim.sqlite |
For development, use air. There is a configuration file already present. It opens a proxy on port 8081.
The Web Crypto API is used to generate AES-GCM keys. Those encrypt the text (or the contents of the file). This encrypted blob is then sent to the server. The keys are added as a URL fragment (#) to the share URL. Since those are not sent to the HTTP server when opening them in a browser, the server never gets the keys necessary for decryption.
The word "olim" is Latin for "once upon a time".
This was inspired by transfer.pw.