root/pssecret-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Self-hosted service for secrets sharing
54 commits 2 branches 4 tags 350 KiB
Python 100%
Find a file
Ivan Golikov 65137b99ac Version bump
2025-01-08 23:51:43 +01:00
pssecret_server Added --version option 2025-01-08 23:50:59 +01:00
tests Added support for all Redis versions (>=1.0.0) (#5) 2025-01-08 21:22:25 +00:00
.gitignore Added aider files to .gitignore 2025-01-01 20:10:12 +01:00
.pre-commit-config.yaml Integration tests (#3) 2025-01-01 18:18:38 +00:00
CONTRIBUTING.md Renamed project to pssecret-server 2025-01-01 20:03:46 +01:00
LICENSE Version bump 2025-01-06 17:56:26 +01:00
poetry.lock Secrets encryption (#4) 2025-01-03 15:06:08 +00:00
pyproject.toml Version bump 2025-01-08 23:51:43 +01:00
README.md Added --version option 2025-01-08 23:50:59 +01:00

README.md

Pssecret server

Code style: black PyPI - Downloads

Pssecret is self-hosted service to share secrets (like passwords) with somebody over the network, but don't want them to appear in chats, unencrypted e-mails, etc.

This service tries to be as anonymous as possible. The only personal information that will be stored on a server will be IP address of the client that made request to the server.

Service is built with Python, FastAPI and is using Redis for data storage.

Installation

Requirements

  • Python 3.11+
  • Redis
  • Python development libraries (optional, only needed for hiredis module installation)

How to install

Quick way

If you don't need to configure a lot of things, you can install from pipx

$ pipx install pssecret-server

For better performance, install application with hiredis support.

$ pipx install pssecret-server[hiredis]

After that just run the app with

$ pssecret-server

This will start the uvicorn server on 127.0.0.1:8000. Available configuration options:

--host TEXT        Bind socket to this host.  [default: 127.0.0.1]
--port INTEGER     Bind socket to this port. If 0, an available port will be
                   picked.  [default: 8000]
--uds TEXT         Bind to a UNIX domain socket.
--workers INTEGER  Number of worker processes.  Defaults to the
                   $WEB_CONCURRENCY environment variable if available, or 1.
--version          Show the version and exit.
--help             Show this message and exit.

If you'd like more control

Create virtual environment, install application, run using uvicorn directly.

$ python -m venv .venv
$ source .venv/bin/activate
$ pip install pssecret-server
$ uvicorn pssecret_server.main:app --workers 4 --uds /path/to/socket.sock

You can also run uvicorn without activating virtualenv, e.g. from SystemD service

$ /path/to/your/.venv/bin/python -m uvicorn pssecret_server.main:app --workers 4 --uds /path/to/socket.sock

Running Pssecret server

Make sure you have the Redis service running.

After installation is done, you can start pssecret server with pssecret-server command. The web server will be started with uvicorn ASGI web server.

$ pssecret-server

Configuration

Configuration is done via environment variables.

Environment variables:

  • REDIS_URL: URL for Redis access. Check what values are supported here.
  • SECRETS_ENCRYPTION_KEY: Key used for encrypting stored data.

You can also declare these variables in a .env file in the working directory. Protect this file (or other source from where SECRETS_ENCRYPTION_KEY is read by application) from being read by unauthorized parties.