Kharec/spasteg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Kharec 53ab8ef297 refactor: use pipe
2026-03-17 10:41:45 +01:00
screenshots
docs: add screenshots
2026-03-04 06:56:42 +01:00
src
refactor: use pipe
2026-03-17 10:41:45 +01:00
test
test: add an unit test for generate()
2026-03-01 12:41:48 +01:00
.gitignore
git: ignore
2026-03-01 08:10:49 +01:00
Dockerfile
clean: one RUN, no custom port
2026-03-01 13:12:46 +01:00
gleam.toml
fix: remove comma in description
2026-03-02 09:39:06 +01:00
LICENSE
Initial commit
2026-02-28 21:10:12 +01:00
manifest.toml
gleam: add manifest
2026-03-01 08:40:35 +01:00
README.md
docs: update readme
2026-03-04 06:58:35 +01:00

README.md

spasteg

A secure self-hostable burn-after-reading paste service with ephemeral storage written in Gleam.

Have a glimpse of the interface, check out screenshots!

Features

  • Deletes pastes after they are viewed
  • Data is stored only in memory
  • No user accounts needed
  • Easy to run yourself
  • Fast and reliable
  • Written in Gleam (type-safe)

Architecture

Component Description
Backend/Core Gleam (type-safe language built upon the BEAM)
Web Wisp framework + Mist HTTP server
Frontend Lustre for HTML rendering
Storage In-memory only (no persistence)
Security AES-256-GCM client-side encryption, CSRF tokens, rate limiting, security headers

Configuration

SECRET_KEY_BASE (Required for Production)

The application uses a secret key base for signing cookies and security tokens.

You must set this for production deployments to ensure security and session persistence across restarts.

# Generate a secure key (48 bytes of random data)
export SECRET_KEY_BASE=$(openssl rand -base64 48)

# Or set it manually
export SECRET_KEY_BASE="your-secret-key-here"

⚠️ Warning: If not set, a temporary key will be generated on each startup. This:

  • Invalidates all existing user sessions/cookies after restart
  • Reduces security (new key generated each time)
  • Generates a warning in the logs

For development, you can use:

SECRET_KEY_BASE=dev gleam run

How to run

Development

# Clone and build
git clone https://git.kharec.info/Kharec/spasteg.git
cd spasteg
gleam run

The server starts on http://localhost:3000.

Note: you can run tests with gleam test.

Production

The production environment is designed to run via Docker.

You can build the Docker image with:

docker build -t spasteg .

Then run the container with:

docker run -d --name pasteg -p <your_port>:3000 -e SECRET_KEY_BASE=$(openssl rand -base64 48) spasteg

The key is generated at startup here, and the container exposes port 3000 so feel free to use the port you want. It also runs as a non-root user with a health check configured.

Usage

  1. Visit http://localhost:3000
  2. Enter your text in the form
  3. Click "Create Paste"
  4. Share the generated URL
  5. The paste auto-destructs after first access

License

This project is licensed under the GNU General Public License v3.0 or later (GPLv3+).

See the LICENSE file for details.

Reference in New Issue View Git Blame Copy Permalink
Description
A secure self-hostable burn-after-reading paste service
gleam
Readme GPL-3.0 287 KiB
Languages
Gleam 97.8%
Dockerfile 2.2%