Kharec/spasteg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
26 Commits 1 Branch 0 Tags
53dd416c17e5fd3308cf258625d7081d274f24c8
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Kharec 53dd416c17 docs: update readme
2026-03-01 12:59:36 +01:00
src
feat: bind mist on all interfaces
2026-03-01 12:57:24 +01:00
test
test: add an unit test for generate()
2026-03-01 12:41:48 +01:00
.gitignore
git: ignore
2026-03-01 08:10:49 +01:00
Dockerfile
feat: dockerfile
2026-03-01 12:57:30 +01:00
gleam.toml
fix: avoid using quotation marks in the description, even escaped one
2026-03-01 08:49:10 +01:00
LICENSE
Initial commit
2026-02-28 21:10:12 +01:00
manifest.toml
gleam: add manifest
2026-03-01 08:40:35 +01:00
README.md
docs: update readme
2026-03-01 12:59:36 +01:00

README.md

spasteg

A secure, self-hostable "burn after reading" paste service with ephemeral storage written in Gleam.

Features

  • Deletes pastes after they are viewed
  • Data is stored only in memory
  • No user accounts needed
  • Easy to run yourself
  • Fast and reliable
  • Written in Gleam (type-safe)

Architecture

  • Gleam: Type-safe language built upon the BEAM
  • Web: Wisp framework + Mist HTTP server
  • Frontend: Lustre for HTML rendering
  • Storage: In-memory only (no persistence)
  • Security: AES-256-GCM client-side encryption, CSRF tokens, rate limiting, security headers

Configuration

SECRET_KEY_BASE (Required for Production)

The application uses a secret key base for signing cookies and security tokens.

You must set this for production deployments to ensure security and session persistence across restarts.

# Generate a secure key (48 bytes of random data)
export SECRET_KEY_BASE=$(openssl rand -base64 48)

# Or set it manually
export SECRET_KEY_BASE="your-secret-key-here"

⚠️ Warning: If not set, a temporary key will be generated on each startup. This:

  • Invalidates all existing user sessions/cookies after restart
  • Reduces security (new key generated each time)
  • Generates a warning in the logs

For development, you can use:

SECRET_KEY_BASE=dev gleam run

Quick Start

# Clone and build
git clone https://git.kharec.info/Kharec/spasteg.git
cd spasteg
gleam run

The server starts on http://localhost:3000.

Docker image+deployment

Build

docker build -t spasteg .

Run

# Generate a secure key
docker run -p 3000:3000 -e SECRET_KEY_BASE=$(openssl rand -base64 48) spasteg

With custom port:

docker run -p 8080:3000 -e SECRET_KEY_BASE=$(openssl rand -base64 48) -e PORT=3000 spasteg

The container exposes port 3000 and runs as a non-root user with a health check configured.

Usage

  1. Visit http://localhost:3000
  2. Enter your text in the form
  3. Click "Create Paste"
  4. Share the generated URL
  5. The paste auto-destructs after first access

Note: the creator cannot see their post with the copied link (except in private browsing) - it would be burned immediately.

License

This project is licensed under the GNU General Public License v3.0 or later (GPLv3+). See the LICENSE file for details.

Reference in New Issue View Git Blame Copy Permalink
Description
A secure self-hostable burn-after-reading paste service
gleam
Readme GPL-3.0 287 KiB
Languages
Gleam 97.8%
Dockerfile 2.2%