https://github.com/seibert-media/fluesterfix

A simple tool for sharing secrets which will self-destruct on retrieval
https://github.com/seibert-media/fluesterfix

Last synced: 6 days ago
JSON representation

A simple tool for sharing secrets which will self-destruct on retrieval

• Host: GitHub
• URL: https://github.com/seibert-media/fluesterfix
• Owner: seibert-media
• License: mit
• Created: 2020-10-19T10:58:43.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2024-03-11T06:17:23.000Z (8 months ago)
• Last Synced: 2024-06-11T03:34:02.540Z (5 months ago)
• Language: Python
• Size: 200 KB
• Stars: 7
• Watchers: 8
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

        
fluesterfix

===========

A simple tool for sharing secrets which will self-destruct on retrieval.

Installation

------------

You need:

-   Python 3

-   Flask

-   PyNaCl

-   shred, usually from GNU coreutils

You don’t need a database. However, this program expects to operate on a

file system that guarantees POSIX semantics.

Running

-------

For development and testing, just run the script:

    $ ./fluesterfix/__init__.py

For anything else, set up a WSGI environment. A Python package can be

installed using `pip install -e .`.

Use the following environment variables:

-   `$FLUESTERFIX_DATA`: The directory where data will be stored. Must

    exist prior to running the program. Should be created by sysadmin

    with correct permissions. Defaults to `/tmp` for quick tests.

-   `$FLUESTERFIX_CSS`: URL to custom CSS to use, defaults to

    `style.css`.

-   `$FLUESTERFIX_LOGO`: URL to custom logo to use, defaults to

    `logo.png`.

-   `$FLUESTERFIX_LOGO_DARK`: URL to custom logo in dark mode to use,

    defaults to `logo-darkmode.png`.

-   `$FLUESTERFIX_LABEL`: Custom alternative name for logo, defaults to

    `//SEIBERT/MEDIA`.

-   `$FLUESTERFIX_MAX_FILE_SIZE`: Maximum allowed size (in bytes) for

    file uploads. The actual filtering must be done in your reverse

    proxy; this variable only displays that limit. Unset by default.

The program does not automatically remove secrets which have never been

retrieved. You might want to install a cron job on your system to remove

old directories in `$FLUESTERFIX_DATA` based on their mtime.

API

---

Post a JSON object to `/new` to create a new secret programmatically,

this object must contain a `string` typed member called `data` holding

your secret:

    $ curl -X POST https://my.ff/new -H 'Content-Type: application/json' \

        --data '{ "data": "this is my secret" }'

    {"secret_link":"https://my.ff/get/foo/bar","status":"ok"}

As you can see, you’ll get a JSON response containing the secret link.

On errors, `status` will be the string `error` and there will be an

additional field called `msg` that indicates what went wrong:

    $ curl -X POST https://my.ff/new -H 'Content-Type: application/json' \

        --data '{ "data": "" }'

    {"msg":"empty secret","status":"error"}

To upload “files”, use `data_base64` and provide the `filename` field:

    $ curl -X POST https://my.ff/new -H 'Content-Type: application/json' \

        --data '{"data_base64": "'"$(base64