Skip to content
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
nginx Remove downloading of nginx.tmpl Oct 20, 2017
static
.env Add in WIP docker-compose with lets-encrypt and nginx proxying. Vendo… Oct 20, 2017
.gitignore
.travis.yml
Dockerfile
Gopkg.lock
Gopkg.toml chore: use go dep for vendoring Jan 10, 2018
LICENSE Create LICENSE Aug 16, 2017
Makefile chore: remove unused variables in Makefile Jan 10, 2018
README.md Fix #21 Mar 28, 2018
docker-compose.yml Fix docker-compsoe dependecies #22 Mar 28, 2018
handlers.go test: start tests Oct 16, 2017
handlers_test.go test: continue Oct 16, 2017
main.go test(vault): test vault message store & get Oct 16, 2017
vault.go
vault_test.go test(vault): message can only be accessed once Oct 16, 2017

README.md

sup3rS3cretMes5age! Build Status

A simple, secure self-destructing message service, using HashiCorp Vault product as a backend.

self-destruct

Read more about the reasoning behind this project in the relevant blog post.

Now using Let's Encrypt for simple and free SSL certs!

Prerequisites

Running Locally

Running locally will use a self-signed SSL certificate for whatever your local dev domain is. The default is localhost, to change it just pass an argument to make. For example, if you set 127.0.0.1 secret.test in your /etc/hosts you would run locally as:

$ make run-local VIRTUAL_HOST=secret.test

Try it! (you can ignore the safety warning since it's a self-signed cert)

https://secret.test

Running with Let's Encrypt

Using lets-encrypt-nginx-proxy-companion you can now get a free (and valid) SSL cert when running this project on a live server. Thanks to evertramos's docker-compose-letsencrypt-nginx-proxy-companion for a great working example.

  1. Clone this repo
  2. Ensure you have docker and docker-compose installed on server
  3. run `make run VIRTUAL_HOST=<YOUR_DOMAIN_HERE>
  4. Let's Encrypt may take a few minutes to validate your domain
  5. open https://your-domain

Security notice!

You should always run this behind SSL/TLS; otherwise, a message will be sent unencrypted!

Screenshot

secretmsg

Contributing

Pull requests are very welcome!

You can’t perform that action at this time.