{"id":13551810,"url":"https://github.com/alttch/secureshare","last_synced_at":"2025-04-28T22:31:04.549Z","repository":{"id":57465207,"uuid":"309821710","full_name":"alttch/secureshare","owner":"alttch","description":"secure file sharing personal server","archived":false,"fork":false,"pushed_at":"2022-09-12T23:26:00.000Z","size":1619,"stargazers_count":18,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-05T11:24:17.173Z","etag":null,"topics":["exchange","file","local","personal","secure","server","sharing"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alttch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-11-03T22:25:49.000Z","updated_at":"2024-05-21T19:12:24.000Z","dependencies_parsed_at":"2022-09-17T18:00:39.928Z","dependency_job_id":null,"html_url":"https://github.com/alttch/secureshare","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alttch%2Fsecureshare","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alttch%2Fsecureshare/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alttch%2Fsecureshare/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alttch%2Fsecureshare/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alttch","download_url":"https://codeload.github.com/alttch/secureshare/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251397576,"owners_count":21583034,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exchange","file","local","personal","secure","server","sharing"],"created_at":"2024-08-01T12:01:54.045Z","updated_at":"2025-04-28T22:31:03.232Z","avatar_url":"https://github.com/alttch.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# SecureShare\n\nSimple secure file sharing personal server, Docker/Kubernetes compatible.\nSecureShare can share any text information (pastebin-like) and small binary\nfiles as well.\n\n## What is SecureShare\n\nSecureShare allows quickly and securely share small files, documents and\ncommand pipe outputs. The files are uploaded via HTTP POST to your host or\nSecureShare Kubernetes pod, encrypted and securely stored inside the database.\n\nAfter the server returns you the shared HTTP URL. It's not possible to retrieve\nuploaded file contents without the URL, as the file content is AES256-encrypted\ninside the database.\n\nThe URLS can be one-shot (self-destructing after the first access). Also, all\nURLs expire after the specified period of time.\n\nSecureShare is useful for:\n\n* sharing sensitive data with co-workers/customers\n* requesting sensitive data from co-workers/customers\n* get rid of garbage-full public \"exchange\" directories.\n\nSecureShare isn't yet-another cloud service. You run your own secure dedicated\ninstance, on any Linux system or inside K8S-cluster.\n\n\u003cimg src=\"https://github.com/alttch/secureshare/blob/main/media/demo.gif?raw=true\" width=\"750\" /\u003e\n\n## Installing\n\n```\npip3 install secureshare\n# install gunicorn for Python3, if not present in system\npip3 install gunicorn\n```\n\nSQL database is required. Supported and tested:\n\n* SQLite\n* MySQL\n* PostgreSQL\n\nDocker image: https://hub.docker.com/r/altertech/secureshare\n\n(config should be mounted as /config/secureshare.yml)\n\n## Client\n\nhttps://github.com/alttch/sshare\n\n```\npip3 install sshare\n```\n\n## Launching server\n\nUse *secureshare-control* script to manage the server.\n\n## Using client\n\nSecure sharing files from the command line has never been easier:\n\n```\n# share a file\nsshare path/to/file\n```\n\n```\n# share a file with self-destructing one-shot link\nsshare path/to/file -s\n```\n\n```\n# share a command output\ncat /etc/passwd | sshare\n# don't share that ;)\n```\n\n## Sharing something really important\n\nOption \"-c\" tells the client to encrypt file on the local machine. The server\nstores such files as-is:\n\n```\nsshare /etc/passwd -c\n```\n\nThe data is encrypted using OpenSSL AES-256-CBC with PBKDF2 derivation\nfunction. After uploading, the client generates a hint command, which can be\nused as-is to download file:\n\n```\n=========================================================\nDecrypt password: 9aIEE8cZAFbc\n\ncurl -s https://domainx/d/329pmriChoQ8DhZkE/-/passwd |\n    openssl aes-256-cbc -d -a -pbkdf2 -out passwd\n=========================================================\n```\n\nPasswords are auto-generated, use \"-w\" option to specify the own one.\n\n## Usage without a client on 3rd party servers:\n\n```\n# generate one-time token (on a trusted system)\nsshare c:token\n```\n\n```\n# upload desired file with generated token (on an untrusted system)\ncurl -v -F 'oneshot=1' -F 'file=@path/to/file' -Hx-auth-key:GENERATED_TOKEN https://YOUR_DOMAIN/u\n```\n\n## API\n\n### Authentication\n\nSet *X-Auth-Key* HTTP header to *upload-key* value from the server config.\nThere's only one upload / management key (at this moment) but one-time tokens\ncan be additionally generated.\n\n### Generating new one-time token\n\nA HTTP POST request to /api/v1/token will return new one-time authentication\ntoken, arguments:\n\n* **expires** set token expiration time (in seconds from now), optional\n\n### Uploading\n\nSend files as multipart MIME forms POST requests to \n\n```\n    http://YOURDOMAIN/u\n```\n\nwith arguments:\n\n* **file** file data (required)\n* **oneshot=1** generate one-shot (self-destructing) link\n* **expires** set link expiration time (in seconds from now)\n* **fname** override file name\n* **sha256sum** ask server to check SHA256 sum of the received file\n* **raw=1** store raw (don't encrypt) file in DB. Useful for already encrypted\n  data\n\n### Deleting files / tokens\n\nUploaded files and tokens can be deleted with DELETE HTTP method (requires\nvalid key)\n\nFiles can be also deleted by specifying *?c=delete* URL ending (requires URL\nknowledge only)\n\n## Security\n\nA shared file URL looks like:\n\n```\n    http://YOURDOMAIN/d/\u003cID\u003e/\u003cKEY\u003e/\u003cFILENAME\u003e\n```\n\nID is used to locate file in the storage database. The database stores files\nencrypted, so the server can't decrypt a requested file without the complete\ngenerated URL.\n\nIf the URL is lost, file decryption becomes impossible.\n\n### Previews\n\nWhen sharing links with messengers, they may fetch content for preview, which's\ninsecure and may destroy one-shot links. The following messenger user agents\nare banned automatically:\n\n* WhatsApp\n* Viber\n* Telegram\n* Facebook Messenger\n* Skype\n\nThe list is located in secureshare/server.py BANNED_AGENTS variable (send me a\npull request to extend).\n\n## WebUI\n\nMaybe later.\n\n## Size limits\n\nSecureShare is created to securely share small files \u003c 100MB. Sharing larger\nfiles isn't recommended, as it may produce DB / encryption overheads.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falttch%2Fsecureshare","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falttch%2Fsecureshare","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falttch%2Fsecureshare/lists"}