2025-01-01 19:01:10 +00:00
# Pssecret server
2022-06-09 22:08:36 +00:00
2022-06-12 12:45:42 +00:00
[![Code style: black ](https://img.shields.io/badge/code%20style-black-000000.svg )](https://github.com/psf/black)
2024-12-25 11:40:57 +00:00
Pssecret is self-hosted service to share secrets (like passwords) with somebody
2022-06-09 22:08:36 +00:00
over the network, but don't want them to appear in chats, unencrypted e-mails, etc.
This service tries to be as anonymous as possible. The only personal information that will be stored
2022-06-12 10:50:48 +00:00
on a server will be IP address of the client that made request to the server.
Service is built with Python, FastAPI and is using Redis for data storage.
2022-06-12 12:44:27 +00:00
2022-06-12 21:56:09 +00:00
## Installation
### Requirements
2022-12-17 08:37:41 +00:00
- Python 3.11+
2022-06-12 21:56:09 +00:00
- Redis
- Python development libraries (optional, only needed for `hiredis` module installation)
### How to install
2025-01-02 22:59:06 +00:00
#### Quick way
If you don't need to configure a lot of things, you can install from [pipx ](https://pipx.pypa.io/stable/ )
2022-06-12 21:56:09 +00:00
2024-12-25 17:35:01 +00:00
```console
2025-01-01 19:01:10 +00:00
$ pipx install pssecret-server
2022-06-12 21:56:09 +00:00
```
2025-01-01 18:21:24 +00:00
For better performance, install application with [hiredis ](https://github.com/redis/hiredis ) support.
2022-06-12 21:56:09 +00:00
2024-12-25 17:35:01 +00:00
```console
2025-01-01 19:01:10 +00:00
$ pipx install pssecret-server[hiredis]
2024-12-25 17:35:01 +00:00
```
2022-06-12 21:56:09 +00:00
2025-01-02 22:59:06 +00:00
After that just run the app with
```console
$ pssecret-server
```
This will start the [uvicorn ](https://www.uvicorn.org/ ) server on `127.0.0.1:8000` .
Available configuration options:
```
--host TEXT Bind socket to this host. [default: 127.0.0.1]
--port INTEGER Bind socket to this port. If 0, an available port will be
picked. [default: 8000]
--uds TEXT Bind to a UNIX domain socket.
--workers INTEGER Number of worker processes. Defaults to the
$WEB_CONCURRENCY environment variable if available, or 1.
--help Show this message and exit.
```
#### If you'd like more control
Create virtual environment, install application, run using [uvicorn ](https://www.uvicorn.org/ ) directly.
```console
$ python -m venv .venv
$ source .venv/bin/activate
$ pip install pssecret-server
$ uvicorn pssecret_server.main:app --workers 4 --uds /path/to/socket.sock
```
You can also run [uvicorn ](https://www.uvicorn.org/ ) without activating virtualenv, e.g. from SystemD service
```console
$ /path/to/your/.venv/bin/python -m uvicorn pssecret_server.main:app --workers 4 --uds /path/to/socket.sock
```
2024-12-25 11:40:57 +00:00
### Running Pssecret server
2022-06-12 22:03:13 +00:00
2024-12-25 17:35:01 +00:00
Make sure you have the Redis service running.
2025-01-01 19:01:10 +00:00
After installation is done, you can start pssecret server with `pssecret-server` command.
2025-01-02 22:59:06 +00:00
The web server will be started with [uvicorn ](https://www.uvicorn.org/ ) ASGI web server.
2022-06-12 22:03:13 +00:00
2024-12-25 17:35:01 +00:00
```console
2025-01-01 19:01:10 +00:00
$ pssecret-server
2022-06-12 22:03:13 +00:00
```
2022-06-12 21:56:09 +00:00
2022-12-17 08:53:50 +00:00
### Configuration
2024-12-26 23:34:54 +00:00
Configuration is done via environment variables.
2022-12-17 08:53:50 +00:00
2024-12-26 23:34:54 +00:00
Environment variables:
- `REDIS_URL` : URL for Redis access. Check what values are supported [here ](https://redis.readthedocs.io/en/stable/connections.html#redis.Redis.from_url ).
2025-01-03 15:06:08 +00:00
- `SECRETS_ENCRYPTION_KEY` : Key used for encrypting stored data.
2022-12-17 08:53:50 +00:00
2024-12-26 23:34:54 +00:00
You can also declare these variables in a `.env` file in the working directory.
2025-01-03 15:06:08 +00:00
Protect this file (or other source from where `SECRETS_ENCRYPTION_KEY` is read by application)
from being read by unauthorized parties.