{"id":41676728,"url":"https://github.com/mitchell/selfpass","last_synced_at":"2026-01-24T18:13:19.987Z","repository":{"id":57492110,"uuid":"181409299","full_name":"mitchell/selfpass","owner":"mitchell","description":"A self-hosted, single-user password manager. Deployable locally and to popular cloud platforms.","archived":false,"fork":false,"pushed_at":"2020-02-17T05:49:47.000Z","size":413,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-10T13:12:43.213Z","etag":null,"topics":["cli","cloud-platforms","docker","encryption","grpc","password-manager","protobuf"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mitchell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-15T03:58:45.000Z","updated_at":"2021-11-27T16:26:55.000Z","dependencies_parsed_at":"2022-08-28T11:50:38.553Z","dependency_job_id":null,"html_url":"https://github.com/mitchell/selfpass","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mitchell/selfpass","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitchell%2Fselfpass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitchell%2Fselfpass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitchell%2Fselfpass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitchell%2Fselfpass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mitchell","download_url":"https://codeload.github.com/mitchell/selfpass/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitchell%2Fselfpass/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28733678,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-24T17:51:25.893Z","status":"ssl_error","status_checked_at":"2026-01-24T17:50:48.377Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","cloud-platforms","docker","encryption","grpc","password-manager","protobuf"],"created_at":"2026-01-24T18:13:19.880Z","updated_at":"2026-01-24T18:13:19.976Z","avatar_url":"https://github.com/mitchell.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# selfpass\n\nThis is the project home of *selfpass*, the self-hosted password manager. This project is\na single-user password manager capable of encrypting/decrypting credentials and storing them\nremotely through encrypted transportation. All of which is deployable locally or to popular cloud\nplatforms such as GCP and AWS.\n\nIt is still currently in development. However, the server is already capable of serving a gRPC\nbased API using mutual TLS encryption, backed by BoltDB. It is also capable\nof being deployed in a semi-automated fashion locally and to GCP thanks to Docker.\n\n**Server Roadmap**\n\n| Goal                                                                | Progress | Comment         |\n| ---                                                                 | :---:    | ---             |\n| Support credentials CRUD on gRPC API.                               | 100%     |                 |\n| Enable server-side mutual TLS, using cfssl.                         | 100%     |                 |\n| Deployable on Docker.                                               | 100%     |                 |\n| Automatically deployable to GCP using docker-machine and Terraform. | 50%      | TODO: Terraform |\n| Automatically deployable to AWS using docker-machine and Terraform. | 0%       |                 |\n\n## sp CLI\n\nIn addition to the server there is `sp`, which is a fully fledged *selfpass* client capable of\ninteracting with the whole selfpass API and creating AES-CBC encrypted credentials using a *private\nkey* and *master password*. All of which is done using mutual TLS and an AES-GCM encrypted config.\n\n**CLI Roadmap**\n\n| Goal                                                                   | Progress | Comment |\n| ---                                                                    | :---:    | ---     |\n| Support mutual TLS.                                                    | 100%     |         |\n| Support credentials CRUD via gRPC.                                     | 100%     |         |\n| Support storage of certs, PK, and host in AES-GCM encrypted config.    | 100%     |         |\n| Support AES-CBC encryption of passes and OTP secrets, using MP and PK. | 100%     |         |\n| Support AES-GCM encryption of local files, using MP and PK.            | 100%     |         |\n\n## Client\n\nThe newest addition to the *selfpass* project is the client built using Flutter, which makes it\ncapable of targeting to iOS, Android, and Desktop. It supports all the same features as the CLI tool\nusing GUIs, with all the same safety and encryption as the CLI.\n\n| Goal                                                                     | Progress | Comment   |\n| ---                                                                      | :---:    | ---       |\n| Support mutual TLS.                                                      | 100%     |           |\n| Support credentials CRUD via gRPC.                                       | 25%      | TODO: CUD |\n| Support storage of certs, PK, and host in shared preferences, encrypted. | 100%     |           |\n| Support AES-CBC encryption of passes and OTP secrets, using MP and PK.   | 100%     |           |\n\n## Other Info\n\n**Unplanned Goals**\n\n- Sensitive financial info support.\n- Miscellaneous text/file encryption and storage support.\n- Vault separation.\n\n**Architectural 3rd-party Technologies in Use (and where)**\n\n- Golang: services, sp, \u0026 protobuf\n- Dart: client \u0026 protobuf\n- Flutter: client\n- Go-Kit: services\n- gRPC/Protobuf: all\n- Cobra Commander \u0026 Viper Config: sp\n- BoltDB/Redis: services\n- Docker: services\n- Debian: docker images \u0026 machines\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitchell%2Fselfpass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmitchell%2Fselfpass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitchell%2Fselfpass/lists"}