{"id":17788698,"url":"https://github.com/devel0/security-manager","last_synced_at":"2026-04-18T07:31:51.434Z","repository":{"id":122983025,"uuid":"137366400","full_name":"devel0/security-manager","owner":"devel0","description":"Webapi + webapp personal cloud wallet","archived":false,"fork":false,"pushed_at":"2023-06-04T09:28:59.000Z","size":172,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-03T00:03:21.917Z","etag":null,"topics":["codefirst","entity-framework-core","javascript","netcore","postgres","security","webapi"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devel0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SecurityManagerClient/.vscode/launch.json","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-14T14:06:37.000Z","updated_at":"2023-04-20T14:29:10.000Z","dependencies_parsed_at":"2025-04-02T00:36:39.079Z","dependency_job_id":"bfa53343-c123-43d2-8d54-30a0812757c5","html_url":"https://github.com/devel0/security-manager","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/devel0/security-manager","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devel0%2Fsecurity-manager","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devel0%2Fsecurity-manager/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devel0%2Fsecurity-manager/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devel0%2Fsecurity-manager/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devel0","download_url":"https://codeload.github.com/devel0/security-manager/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devel0%2Fsecurity-manager/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31961108,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T00:39:45.007Z","status":"online","status_checked_at":"2026-04-18T02:00:07.018Z","response_time":103,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["codefirst","entity-framework-core","javascript","netcore","postgres","security","webapi"],"created_at":"2024-10-27T10:20:52.994Z","updated_at":"2026-04-18T07:31:51.426Z","avatar_url":"https://github.com/devel0.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# security manager\n\nWebapi + webapp personal wallet cloud \n\n## Summary\n\n- [security manager](#security-manager)\n  * [Summary](#summary)\n  * [motivations and architecture overview](#motivations-and-architecture-overview)\n  * [screenshoots](#screenshoots)\n  * [features](#features)\n  * [prerequisites](#prerequisites)\n  * [setup](#setup)\n  * [debug](#debug)\n  * [code map](#code-map)\n    + [webapi ( server )](#webapi--server-)\n    + [js ( client )](#js--client-)\n    + [docker ( container )](#docker--container-)\n  * [nginx config](#nginx-config)\n  * [firewall rules](#firewall-rules)\n  * [install execution example](#install-execution-example)\n\n## motivations and architecture overview\n\n- don't want your password stored into external cloud\n  - have your own server with\n    - nginx https ( [letsencrypt](https://letsencrypt.org/) ) valid certificate\n    - docker container in separate dedicated network space (/30) with [custom firewall rules](https://github.com/devel0/linux-scripts-utils/blob/master/fw.sh)\n- use of firefox browser ( browser password stored local and synced between your device, not device-cloud ; must backup your data )\n- on your palm device access through browser https to the wallet with\n  - password ( real random ) to protect against internet face ( browser can store that password )\n  - pin ( 4 numbers ) to protect against wallet use ( browser can't store that pin )\n\n## screenshoots\n\n\u003cimg src=\"doc/Selection_079.png\" width=250/\u003e\n\n\u003cimg src=\"doc/Selection_080.png\" width=250/\u003e\n\n\u003cimg src=\"doc/Selection_081.png\" width=400/\u003e\n\n## features\n\n- short list credentials ( service, username, email )\n- filter list credentials by any field ( note included )\n- edit credential ( add, edit, remove ) with changes detect and warn on unsave when close\n- password copy to clipboard\n- change master password, pin by editing \"Security Manager\" account\n- password regenerate ( allow to set password length foreach record avoiding ambiguous chars 'I', 'l', '0', 'O' )\n- security manager levels ( server side filtered and authorized )\n  - initial superuser with lvl 99\n  - other Security Manager user can be created with lower levels\n  - if logged in user have lvl below 99\n    - can't see records with higher level\n    - can't change existing record levels\n    - can create record only with its own level\n\n## prerequisites\n\n- build [ubuntu bionic](https://github.com/devel0/docker-ubuntu/tree/bionic)\n- build [dotnet bionic](https://github.com/devel0/docker-dotnet/blob/bionic/README.md)\n\nnote: to build `bionic` branch of prerequisites docker, after clone, exec `git checkout bionic`\n\n## setup\n\n- create a config json file with follow initial structure\n\n```json\n{\n  \"AdminPassword\": \"supersecret\",\n  \"Pin\": nnnn\n}\n```\n\nreplacing\n- `supersecret` with a cleartext real random password\n- `nnnn` with a 4 number pin\n\nchmod that file 600 otherwise application generate an error\n\n- increase security : encrypt your hard disk to avoid, if stolen, data can be read\n\n- create a docker network\n\n```\ndocker network create sec0 --subnet=10.10.0.56/30\n```\n\n- adjust the sample [config-sec0.json](docker/config-sec0.json) with your own `security_dbfile` place and `external_url` that is the real url\n- create autorestarting container\n\n```\ncd ./docker\n./run config-sec0.json\n```\n\n## debug\n\n- prerequisites\n  - [nodejs, local web server](https://github.com/devel0/docker-ubuntu/blob/db474a1a65638d42351bbefe318ffc47736b820b/Dockerfile#L21-L26)\n  - bower ( install using `npm install -g bower` )\n  - vscode ( suggested [extensions](https://github.com/devel0/knowledge/blob/daea0a3439467e882326ecc3a9e5fbd7d7b17441/tools/vscode-useful-extensions.md) )\n  - firefox ( debug [settings](https://github.com/devel0/knowledge/blob/daea0a3439467e882326ecc3a9e5fbd7d7b17441/webdevel/vscode-debug-firefox.md) )\n\n- vscode and start **webapi server**\n\n```\ncd ./SecurityManagerWebapi\ncode . \u0026\n```\n\nand hit F5 `.NET Core Launch (console)` after Omnisharp initializes\n\n- close firefox and start firefox debug using `firefox --start-debugger-server` ( may useful to disable breakpoint on unhandled exception from F12 to avoid occasional thirdy pages browsing breakpoint )\n\n- vscode and start **web server**\n\n```\ncd ./SecurityManagerClient\nbower install --allow-root\ncode . \u0026\nws -p 8000 --spa index.html\n```\n\nand hit F5 `Launch localhost`\n\n- browse http://localhost:8000 from opened firefox debug window\n\n- notes:\n  - breakpoint will work on webapi and client javascript\n\n## code map\n\n### webapi ( server )\n\n|**section**|**description**|\n|---|---|\n| [Global](SecurityManagerWebapi/Global.cs) | path names and logging functions |\n| [LinuxHelper](SecurityManagerWebapi/LinuxHelper.cs) | unix syscall mapping through Mono.Posix.NETStandard net core library |\n| Startup,Program | standard from `dotnet new webapi` |\n| [Types/Common](SecurityManagerWebapi/Types/Common.cs) | common json request data structure |\n| [Types/CommonResponse](SecurityManagerWebapi/Types/CommonResponse.cs) | common json response data structure |\n| [Types/Config](SecurityManagerWebapi/Types/Config.cs) | dbfile structure - will json (de)serialized |\n| [Types/CredInfo](SecurityManagerWebapi/Types/CredInfo.cs) | base dbfile record type - credential record and json file locking add/remove record, save |\n| [Controllers/ApiController](SecurityManagerWebapi/Controllers/ApiController.cs) | server side api implementation |\n\n### js ( client )\n\n|**section**|**description**|\n|---|---|\n| [site.css](SecurityManagerClient/site.css) | website custom css |\n| [bower.json](SecurityManagerClient/bower.json) | file populated initially with `bower init` and then with `bower install dep --save` containing js libraries dependencies |\n| js-utils.js | js utils from [js-util.js](https://github.com/devel0/js-util/blob/master/src/js-util.js) |\n| [utils.js](SecurityManagerClient/utils.js) | minor app utils |\n| [app.js](SecurityManagerClient/app.js) | main client-side SPA app logic |\n| [index.html](SecurityManagerClient/index.html) | graphics markup |\n\n### docker ( container )\n\n|**section**|**description**|\n|---|---|\n| [replace-token-with](docker/replace-token-with) | c# util to replace text in files ( sed -i makes it difficult when escaping ) |\n| [config-sec0.json](docker/config-sec0.json) | example docker container config file ) |\n| [run.sh](docker/run.sh) | create docker container |\n| [entrypoint.sh](docker/entrypoint.sh) | every restart entry script that compile and install first time from source distro into binary and that start local web server + webapi server everytime |\n\n## nginx config\n\n- [example](https://github.com/devel0/knowledge/blob/d997a40cfba5fda2fbc99fec672594b3d40ce18f/webdevel/nginx-webapi-conf.md)\n\n## firewall rules\n\nif using [fw.sh](https://github.com/devel0/linux-scripts-utils/blob/master/fw.sh) insert follow rules (replacing net_sec0, ip_sec0_srv accordingly to your [docker network](https://github.com/devel0/knowledge/blob/master/doc/quick-and-dirty-server-install-notes.md#create-docker-networks)):\n\n```sh\nnet_sec0=\"10.10.0.56/30\"\n\nip_sec0_srv=\"10.10.0.58\"\n\nif_dksec0=$(dk-if sec0)\n\ncomment=\"http nginx -\u003e sec0 (80,5000)\"\naccept FORWARD-2 -i $if_dknginx -o $if_dksec0 -s $ip_nginx_srv -d $ip_sec0_srv -p tcp -m multiport --dports $svc_http,5000\n\n#============\n# dksec0\n#============\n\ncomment=\"dns from sec0 to dns (udp)\"\naccept FORWARD-2 -i $if_dksec0 -o $if_dkdns -s $ip_sec0_srv -d $ip_dns_srv -p udp --dport $svc_dns\n\ncomment=\"dns from sec0 to dns (tcp)\"\naccept FORWARD-2 -i $if_dksec0 -o $if_dkdns -s $ip_sec0_srv -d $ip_dns_srv -p tcp --dport $svc_dns\n\ncomment=\"http(s) from sec0\"\naccept FORWARD-2 -i $if_dksec0 -s $ip_sec0_srv -p tcp -m multiport --dports $svc_http,$svc_https\n```\n\n## install execution example\n\n```sh\nsearchathing root@main:/opensource/devel0/securitymanager/docker# ll\ntotal 28\ndrwxr-xr-x 3 root root 4096 giu 14 16:13 ./\ndrwxr-xr-x 7 root root 4096 giu 14 16:13 ../\n-rw-r--r-- 1 root root  188 giu 14 16:13 config-sec0.json\n-rw-r--r-- 1 root root  188 giu 14 16:13 config-sec1.json\n-rwxr-xr-x 1 root root 1337 giu 14 16:13 entrypoint.sh*\ndrwxr-xr-x 2 root root 4096 giu 14 16:13 replace-token-with/\n-rwxr-xr-x 1 root root 1387 giu 14 16:13 run.sh*\nsearchathing root@main:/opensource/devel0/securitymanager/docker# ./run.sh config-sec0.json \ncontainer [sec0]\ndocker network [sec0]\ncontainer ip [10.10.0.58]\nurlbase [https://sec0.searchathing.com]\ndbfile [/security/sec0.json]\n\n---\u003e press a key to continue or ctrl+c to break\n\n\n\n---\u003e removing previous container if exists\n\nsec0\nsec0\n579c4c5d33f93af58b6b8c30dfb6815d16c33b1ca4b6719c065c07909bb6f7b0\n\n---\u003e Executing entrypoint [/entrypoint.d/start.sh]\n\n---\u003e copying distro src to /opt\n\n\n---\u003e building replace-token-with utility\n\n\nWelcome to .NET Core!\n---------------------\nLearn more about .NET Core: https://aka.ms/dotnet-docs\nUse 'dotnet --help' to see available commands or visit: https://aka.ms/dotnet-cli-docs\n\nTelemetry\n---------\nThe .NET Core tools collect usage data in order to help us improve your experience. The data is anonymous and doesn't include command-line arguments. The data is collected by Microsoft and shared with the community. You can opt-out of telemetry by setting the DOTNET_CLI_TELEMETRY_OPTOUT environment variable to '1' or 'true' using your favorite shell.\n\nRead more about .NET Core CLI Tools telemetry: https://aka.ms/dotnet-cli-telemetry\n\nASP.NET Core\n------------\nSuccessfully installed the ASP.NET Core HTTPS Development Certificate.\nTo trust the certificate run 'dotnet dev-certs https --trust' (Windows and macOS only). For establishing trust on other platforms refer to the platform specific documentation.\nFor more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.\nMicrosoft (R) Build Engine version 15.7.179.6572 for .NET Core\nCopyright (C) Microsoft Corporation. All rights reserved.\n\n  Restoring packages for /opt/securitymanager/docker/replace-token-with/replace-token-with.csproj...\n  Installing Microsoft.NETCore.DotNetAppHost 2.0.0.\n  Installing Microsoft.NETCore.DotNetHostResolver 2.0.0.\n  Installing NETStandard.Library 2.0.0.\n  Installing Microsoft.NETCore.DotNetHostPolicy 2.0.0.\n  Installing Microsoft.NETCore.App 2.0.0.\n  Generating MSBuild file /opt/securitymanager/docker/replace-token-with/obj/replace-token-with.csproj.nuget.g.props.\n  Generating MSBuild file /opt/securitymanager/docker/replace-token-with/obj/replace-token-with.csproj.nuget.g.targets.\n  Restore completed in 6.38 sec for /opt/securitymanager/docker/replace-token-with/replace-token-with.csproj.\n  replace-token-with -\u003e /opt/securitymanager/docker/replace-token-with/bin/Debug/netcoreapp2.0/replace-token-with.dll\n\nBuild succeeded.\n    0 Warning(s)\n    0 Error(s)\n\nTime Elapsed 00:00:08.64\n\n---\u003e setup webapi url to [https://sec0.searchathing.com]\n\n\n---\u003e building web api server\n\nMicrosoft (R) Build Engine version 15.7.179.6572 for .NET Core\nCopyright (C) Microsoft Corporation. All rights reserved.\n\nBuild started 6/14/18 3:00:12 PM.\n\nBuild succeeded.\n    0 Warning(s)\n    0 Error(s)\n\nTime Elapsed 00:00:00.43\n  Restoring packages for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj...\n  Restoring packages for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj...\n  Installing Microsoft.IdentityModel.Logging 1.1.4.\n  Installing Microsoft.IdentityModel.Tokens 5.1.4.\n  ...  \n  Installing System.Text.Encoding.CodePages 4.0.1.\n  Installing Microsoft.Build.Utilities.Core 15.3.409.\n  Generating MSBuild file /opt/securitymanager/SecurityManagerWebapi/obj/SecurityManagerWebapi.csproj.nuget.g.props.\n  Generating MSBuild file /opt/securitymanager/SecurityManagerWebapi/obj/SecurityManagerWebapi.csproj.nuget.g.targets.\n  Restore completed in 23.84 sec for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj.\n  Restore completed in 24.19 sec for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj.\nMicrosoft (R) Build Engine version 15.7.179.6572 for .NET Core\nCopyright (C) Microsoft Corporation. All rights reserved.\n\n  Restore completed in 22.26 ms for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj.\n  Restore completed in 75.86 ms for /opt/securitymanager/SecurityManagerWebapi/SecurityManagerWebapi.csproj.\n  SecurityManagerWebapi -\u003e /opt/securitymanager/SecurityManagerWebapi/bin/Release/netcoreapp2.0/SecurityManagerWebapi.dll\n\nBuild succeeded.\n    0 Warning(s)\n    0 Error(s)\n\nTime Elapsed 00:00:02.61\n\n---\u003e run webapi server\n\n\n---\u003e run web server\n\n\n===\u003e app ready ( ctrl+c to stop log )\n\n[docker 579c4c5d33f9:/]# Serving at http://579c4c5d33f9:80, http://127.0.0.1:80, http://10.10.0.58:80\nwarn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[35]\n      No XML encryptor configured. Key {7344b722-09a5-4c98-87e3-9e95bafa18c6} may be persisted to storage in unencrypted form.\nHosting environment: Production\nContent root path: /opt/securitymanager/SecurityManagerWebapi\nNow listening on: http://0.0.0.0:5000\nApplication started. Press Ctrl+C to shut down.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevel0%2Fsecurity-manager","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevel0%2Fsecurity-manager","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevel0%2Fsecurity-manager/lists"}