sup3rs3cretmes5age

Very simple secret message service using Hashicorp Vault as a secrets storage.
Sup3rS3cretMes5age
15 May 20202628
91go27golang1hashicorp-vault1secrets13security1vault22pastebins943selfhosted329docker

sup3rS3cretMes5age! Build Status

A simple, secure self-destructing message service, using HashiCorp Vault product as a backend.

self-destruct

Read more about the reasoning behind this project in the relevant blog post.

Now using Let's Encrypt for simple and free SSL certs!

Prerequisites

Running Locally

Running locally will use a self-signed SSL certificate for whatever your local dev domain is. The default is localhost, to change it just pass an argument to make. For example, if you set 127.0.0.1 secret.test in your /etc/hosts you would run locally as:

$ make run-local VIRTUAL_HOST=secret.test

Try it! (you can ignore the safety warning since it's a self-signed cert)

https://secret.test

Running with Let's Encrypt

Using lets-encrypt-nginx-proxy-companion you can now get a free (and valid) SSL cert when running this project on a live server. Thanks to evertramos's docker-compose-letsencrypt-nginx-proxy-companion for a great working example.

  1. Clone this repo
  2. Ensure you have docker and docker-compose installed on server
  3. run `make run VIRTUAL_HOST=<YOUR_DOMAIN_HERE>
  4. Let's Encrypt may take a few minutes to validate your domain
  5. open https://your-domain

Security notice!

You should always run this behind SSL/TLS; otherwise, a message will be sent unencrypted!

Screenshot

secretmsg

Contributing

Pull requests are very welcome!