Introduction:

Cryptgeon is a secure, open-source lightweight platform for sharing encrypted messages and documents, inspired by PrivNote.

Features:

  • Encrypts on the client-side, so the server can't decrypt content.
  • Allows setting view or time limits (e.g., message auto-deletes after 5 views or after 5 hours).
  • Data is stored in memory and is not persisted to disk.
  • Supports dark mode.

How it works:

Every note has a generated ID (256 bits) and a 256-bit key. The ID is used to save and retrieve notes. Notes are encrypted on the client-side using AES in GCM mode using the key, then sent to the server.

Notes:

  1. Messages are stored in memory. If memory fills up, the earliest messages are deleted to free up space, so there's no guarantee of their availability. However, this usually doesn't happen, so no need to worry.
  2. It's necessary to use a domain and set up an SSL certificate; otherwise, Cryptgeon won't work correctly.

Screenshots:

Deployment:

Step 1: Update sources

Ubuntu/Debian:

apt update -y && apt upgrade -y    

Centos:

yum update -y && yum upgrade -y   

Step 2: Install and configure Docker

Install Docker:

curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh ./get-docker.sh

Start Docker:

sudo systemctl start docker

Set Docker to start on boot:

sudo systemctl enable docker

Step 3: Install Docker Compose:

sudo curl -L "https://github.com/docker/compose/releases/download/v2.20.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

Step 4: Create docker-compose.yml:

  1. Create a directory:

    mkdir cryptgeon && cd cryptgeon/
  2. Create and open docker-compose.yml:

    nano docker-compose.yml
  3. Add the following content:

    version: '3.8'
    
    services:
      redis:
     image: redis:7-alpine
    
      app:
     image: cupcakearmy/cryptgeon:latest
     depends_on:
       - redis
     environment:
       # Maximum storage space for each encrypted message/mail
       SIZE_LIMIT: 4 MiB 
     ports:
       # Change the left side to an unoccupied port
       - 80:8000  
    
     # Service health check (optional)
     # healthcheck:
     #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
     #   interval: 1m
     #   timeout: 3s
     #   retries: 2
     #   start_period: 5s
    
  4. Save and exit:
    Use Ctrl+X/Command+X

Step 5: Install and run the Cryptgeon container:

docker-compose up -d

After deployment, you can access Cryptgeon at http://<your-ip>:80 (change the port to the one you've set).

Step 6: Reverse proxy to domain:

Here we use a straightforward method: Origin Rules provided by Cloudflare.
Set up as follows:

Change Field to Hostname, Value to the full domain you chose, and Rewrite to the port you set earlier.

Remember to map your subdomain to the server IP:
Use an A record, set Name to the domain prefix, and Content to the server address.


Tag:Configure, Document Sharing Platform, Lightweight, Cryptgeon

Original link:http://enblog.fuyiran.link/Technology/24.html

Copyright: All posts on this blog, unless otherwise stated, are published using theCC BY-NC-SA 4.0 license agreement. Please indicate the source for reprinting Fu Speaking (enblog.fuyiran.link)

Add a new comment.