Kharec/spasteg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
80fcf291097c1fb06d47d585bbe5c2d217395aa9
spasteg/README.md
Kharec 80fcf29109 docs: jump line
2026-03-01 14:26:14 +01:00

98 lines
2.7 KiB
Markdown
Raw Blame History

# spasteg
A secure, self-hostable "burn after reading" paste service with ephemeral storage written in [Gleam](https://gleam.run).
## Features
- Deletes pastes after they are viewed
- Data is stored only in memory
- No user accounts needed
- Easy to run yourself
- Fast and reliable
- Written in Gleam (type-safe)
## Architecture
| Component | Description |
| ------------ | -------------------------------------------------------------------------------- |
| Backend/Core | Gleam (type-safe language built upon the BEAM) |
| Web | Wisp framework + Mist HTTP server |
| Frontend | Lustre for HTML rendering |
| Storage | In-memory only (no persistence) |
| Security | AES-256-GCM client-side encryption, CSRF tokens, rate limiting, security headers |
## Configuration
### SECRET_KEY_BASE (Required for Production)
The application uses a secret key base for signing cookies and security tokens.
You **must** set this for production deployments to ensure security and session persistence across restarts.
```bash
# Generate a secure key (48 bytes of random data)
export SECRET_KEY_BASE=$(openssl rand -base64 48)
# Or set it manually
export SECRET_KEY_BASE="your-secret-key-here"
```
**⚠️ Warning**: If not set, a temporary key will be generated on each startup. This:
- Invalidates all existing user sessions/cookies after restart
- Reduces security (new key generated each time)
- Generates a warning in the logs
For development, you can use:
```bash
SECRET_KEY_BASE=dev gleam run
```
## How to run
### Development
```bash
# Clone and build
git clone https://git.kharec.info/Kharec/spasteg.git
cd spasteg
gleam run
```
The server starts on <http://localhost:3000>.
Note: you can run tests with `gleam test`.
### Production
The production environment is designed to run via Docker.
You can build the Docker image with:
```bash
docker build -t spasteg .
```
Then run the container with:
```bash
docker run -d --name pasteg -p <your_port>:3000 -e SECRET_KEY_BASE=$(openssl rand -base64 48) spasteg
```
The key is generated at startup here, and the container exposes port 3000 so feel free to use the port you want. It also runs as a non-root user with a health check configured.
## Usage
1. Visit `http://localhost:3000`
2. Enter your text in the form
3. Click "Create Paste"
4. Share the generated URL
5. The paste auto-destructs after first access
## License
This project is licensed under the GNU General Public License v3.0 or later (GPLv3+).
See the [LICENSE](LICENSE) file for details.
Reference in New Issue View Git Blame Copy Permalink