passed/README.md

# PassED
[![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/NuGxJKtDKS)
[![Demo](https://img.shields.io/website-up-down-green-red/https/passed.1e99.eu.svg)](https://passed.1e99.eu/)
[![Made with Go](https://img.shields.io/badge/Made%20with-Go-1f425f.svg)](https://go.dev/)

EMail, but for passwords.

Did you ever run into the issue of needing to share a password with someone securely?

You want to share it using EMail, but there it will surely get logged along the way.

You want to share it using WhatsApp, but there it will show up in the notifications for everyone to read.

You want to share it on paper, but everyone can read that too.

PassED solves this issue by allowing you to generate single-use URLs with your password.

## How it works
When you generate a URL...
1. The browser generates an AES key.
2. The password you entered gets encrypted using this key.
3. The encrypted password is uploaded to the server, which responds with an ID to uniquely identify the password.
4. A URL is generated that contains the ID and AES key.

When you view a password...
1. The browser imports the AES key from the URL.
2. The browser asks the server for the password using the ID in the URL.
3. The browser decrypts the password from the server using the AES key from the URL.

## Setup
Setting up PassED can be done with docker compose or from source. As the website relies on the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) it requires a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). In other words you must setup a reverse proxy for HTTPS, or access the site via `localhost`.

### Docker compose
```yaml
services:
  "passed":
    image: "git.1e99.eu/1e99/passed:latest"
    volumes:
      - "./passed:/etc/passed"
    environment:
      - "PASSED_ADDRESS=:3000"
      - "PASSED_STORE_TYPE=dir"
      - "PASSED_STORE_DIR_PATH=/etc/passed"
    ports:
      - "3000:3000"
```

### From Source
1. Clonse the source code
```bash
git clone https://git.1e99.eu/1e99/passed.git --depth 1
```
2. Ensure that you have go installed, if not follow this [guide](https://go.dev/doc/install).
3. Build the project.
```bash
go build -o passed .
```
4. Run the binary.
```bash
PASSED_STORE_TYPE=dir ./passed
```

## Configuration
Configuration is done using environment variables.
- `PASSED_ADDRESS`: The address that PassED should listen on, defaults to `:3000`.
- `PASSED_LOG_REQUESTS`: Should requests be logged, defaults to `true`.
- `PASSED_MAX_LENGTH`: Maximum password length in KiB, defaults to `12288`.
- `PASSED_STORE_TYPE`: Store type to pick, defaults to `ram`.
  - `ram`: Passwords are stored in RAM.
  - `dir`: Passwords are stored in a directory. The directory is specified using `PASSED_STORE_DIR_PATH`, which defaults to `passwords`. PassED will **not** create the directory for you.
- `PASSED_STORE_CLEAR_INTERVAL`: Time that should pass between clearing expired passwords in seconds, defaults to `30`.

## Credits
- RoryBD
- Nexio
first commit 2024-10-29 23:08:11 +00:00			`# PassED`
rework readme 2024-11-09 21:13:32 +00:00			`[![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/NuGxJKtDKS)`
			`[![Demo](https://img.shields.io/website-up-down-green-red/https/passed.1e99.eu.svg)](https://passed.1e99.eu/)`
			`[![Made with Go](https://img.shields.io/badge/Made%20with-Go-1f425f.svg)](https://go.dev/)`
add discord and demo to readme 2024-10-30 09:20:37 +00:00
first commit 2024-10-29 23:08:11 +00:00			`EMail, but for passwords.`

rework readme 2024-11-09 21:13:32 +00:00			`Did you ever run into the issue of needing to share a password with someone securely?`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`You want to share it using EMail, but there it will surely get logged along the way.`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`You want to share it using WhatsApp, but there it will show up in the notifications for everyone to read.`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`You want to share it on paper, but everyone can read that too.`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`PassED solves this issue by allowing you to generate single-use URLs with your password.`
first commit 2024-10-29 23:08:11 +00:00
			`## How it works`
rework readme 2024-11-09 21:13:32 +00:00			`When you generate a URL...`
			`1. The browser generates an AES key.`
			`2. The password you entered gets encrypted using this key.`
			`3. The encrypted password is uploaded to the server, which responds with an ID to uniquely identify the password.`
			`4. A URL is generated that contains the ID and AES key.`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`When you view a password...`
			`1. The browser imports the AES key from the URL.`
			`2. The browser asks the server for the password using the ID in the URL.`
			`3. The browser decrypts the password from the server using the AES key from the URL.`
first commit 2024-10-29 23:08:11 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`## Setup`
			Setting up PassED can be done with docker compose or from source. As the website relies on the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) it requires a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). In other words you must setup a reverse proxy for HTTPS, or access the site via `localhost`.
document installation 2024-10-30 16:05:12 +00:00
rework readme 2024-11-09 21:13:32 +00:00			`### Docker compose`
document installation 2024-10-30 16:05:12 +00:00			```yaml
			`services:`
			`"passed":`
document docker image 2024-11-09 18:37:50 +00:00			`image: "git.1e99.eu/1e99/passed:latest"`
document installation 2024-10-30 16:05:12 +00:00			`volumes:`
			`- "./passed:/etc/passed"`
			`environment:`
rework readme 2024-11-09 21:13:32 +00:00			`- "PASSED_ADDRESS=:3000"`
document installation 2024-10-30 16:05:12 +00:00			`- "PASSED_STORE_TYPE=dir"`
			`- "PASSED_STORE_DIR_PATH=/etc/passed"`
			`ports:`
			`- "3000:3000"`
			```

rework readme 2024-11-09 21:13:32 +00:00			`### From Source`
			`1. Clonse the source code`
			```bash
			`git clone https://git.1e99.eu/1e99/passed.git --depth 1`
add instructions for building from source 2024-10-30 16:17:29 +00:00			```
			`2. Ensure that you have go installed, if not follow this [guide](https://go.dev/doc/install).`
rework readme 2024-11-09 21:13:32 +00:00			`3. Build the project.`
			```bash
add instructions for building from source 2024-10-30 16:17:29 +00:00			`go build -o passed .`
			```
rework readme 2024-11-09 21:13:32 +00:00			`4. Run the binary.`
			```bash
add instructions for building from source 2024-10-30 16:17:29 +00:00			`PASSED_STORE_TYPE=dir ./passed`
			```

document installation 2024-10-30 16:05:12 +00:00			`## Configuration`
rework readme 2024-11-09 21:13:32 +00:00			`Configuration is done using environment variables.`
			- `PASSED_ADDRESS`: The address that PassED should listen on, defaults to `:3000`.
			- `PASSED_LOG_REQUESTS`: Should requests be logged, defaults to `true`.
			- `PASSED_MAX_LENGTH`: Maximum password length in KiB, defaults to `12288`.
			- `PASSED_STORE_TYPE`: Store type to pick, defaults to `ram`.
			- `ram`: Passwords are stored in RAM.
			- `dir`: Passwords are stored in a directory. The directory is specified using `PASSED_STORE_DIR_PATH`, which defaults to `passwords`. PassED will not create the directory for you.
			- `PASSED_STORE_CLEAR_INTERVAL`: Time that should pass between clearing expired passwords in seconds, defaults to `30`.
add romanian language 2024-11-10 16:14:32 +00:00
			`## Credits`
			`- RoryBD`
			`- Nexio`