passed/README.md
2024-11-10 17:15:36 +01:00

75 lines
3 KiB
Markdown

# PassED
[![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/NuGxJKtDKS)
[![Demo](https://img.shields.io/website-up-down-green-red/https/passed.1e99.eu.svg)](https://passed.1e99.eu/)
[![Made with Go](https://img.shields.io/badge/Made%20with-Go-1f425f.svg)](https://go.dev/)
EMail, but for passwords.
Did you ever run into the issue of needing to share a password with someone securely?
You want to share it using EMail, but there it will surely get logged along the way.
You want to share it using WhatsApp, but there it will show up in the notifications for everyone to read.
You want to share it on paper, but everyone can read that too.
PassED solves this issue by allowing you to generate single-use URLs with your password.
## How it works
When you generate a URL...
1. The browser generates an AES key.
2. The password you entered gets encrypted using this key.
3. The encrypted password is uploaded to the server, which responds with an ID to uniquely identify the password.
4. A URL is generated that contains the ID and AES key.
When you view a password...
1. The browser imports the AES key from the URL.
2. The browser asks the server for the password using the ID in the URL.
3. The browser decrypts the password from the server using the AES key from the URL.
## Setup
Setting up PassED can be done with docker compose or from source. As the website relies on the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) it requires a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). In other words you must setup a reverse proxy for HTTPS, or access the site via `localhost`.
### Docker compose
```yaml
services:
"passed":
image: "git.1e99.eu/1e99/passed:latest"
volumes:
- "./passed:/etc/passed"
environment:
- "PASSED_ADDRESS=:3000"
- "PASSED_STORE_TYPE=dir"
- "PASSED_STORE_DIR_PATH=/etc/passed"
ports:
- "3000:3000"
```
### From Source
1. Clonse the source code
```bash
git clone https://git.1e99.eu/1e99/passed.git --depth 1
```
2. Ensure that you have go installed, if not follow this [guide](https://go.dev/doc/install).
3. Build the project.
```bash
go build -o passed .
```
4. Run the binary.
```bash
PASSED_STORE_TYPE=dir ./passed
```
## Configuration
Configuration is done using environment variables.
- `PASSED_ADDRESS`: The address that PassED should listen on, defaults to `:3000`.
- `PASSED_LOG_REQUESTS`: Should requests be logged, defaults to `true`.
- `PASSED_MAX_LENGTH`: Maximum password length in KiB, defaults to `12288`.
- `PASSED_STORE_TYPE`: Store type to pick, defaults to `ram`.
- `ram`: Passwords are stored in RAM.
- `dir`: Passwords are stored in a directory. The directory is specified using `PASSED_STORE_DIR_PATH`, which defaults to `passwords`. PassED will **not** create the directory for you.
- `PASSED_STORE_CLEAR_INTERVAL`: Time that should pass between clearing expired passwords in seconds, defaults to `30`.
## Translators
- RoryBD
- Nexio