From f1b5f017bd169f9e3d84eb14c276b2e941e5694c Mon Sep 17 00:00:00 2001 From: Andrej Onufrak Date: Thu, 7 Dec 2023 11:53:09 +0100 Subject: [PATCH] Initial commit --- .github/workflows/GitHubActions.yml | 18 + .gitignore | 172 +++++++++ Code of Conduct.md | 17 + Dockerfile | 8 + LICENSE.md | 21 ++ README.md | 29 ++ bun.lockb | Bin 0 -> 5279 bytes favicon.png | Bin 0 -> 2732 bytes gui_landing.html | 543 ++++++++++++++++++++++++++++ gui_message.html | 102 ++++++ gui_secret.html | 201 ++++++++++ index.ts | 84 +++++ package.json | 18 + tsconfig.json | 21 ++ 14 files changed, 1234 insertions(+) create mode 100644 .github/workflows/GitHubActions.yml create mode 100644 .gitignore create mode 100644 Code of Conduct.md create mode 100644 Dockerfile create mode 100644 LICENSE.md create mode 100644 README.md create mode 100755 bun.lockb create mode 100644 favicon.png create mode 100644 gui_landing.html create mode 100644 gui_message.html create mode 100644 gui_secret.html create mode 100644 index.ts create mode 100644 package.json create mode 100644 tsconfig.json diff --git a/.github/workflows/GitHubActions.yml b/.github/workflows/GitHubActions.yml new file mode 100644 index 0000000..a52ed02 --- /dev/null +++ b/.github/workflows/GitHubActions.yml @@ -0,0 +1,18 @@ +name: GitHub Actions + +on: + push: + tags: + [ 'v**' ] + +jobs: + Image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: oven-sh/setup-bun@v1 + - run: | + bun install + docker build -t ${{ secrets.DOCKERHUB_REPOSITORY_NAME }}/safe:${{ github.ref_name }} -f ./Dockerfile . + docker login --username ${{ secrets.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKERHUB_PASSWORD_TOKEN }} + docker push ${{ secrets.DOCKERHUB_REPOSITORY_NAME }}/safe:${{ github.ref_name }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3d75225 --- /dev/null +++ b/.gitignore @@ -0,0 +1,172 @@ +# Based on https://raw.githubusercontent.com/github/gitignore/main/Node.gitignore + +# Logs + +logs +_.log +npm-debug.log_ +yarn-debug.log* +yarn-error.log* +lerna-debug.log* +.pnpm-debug.log* + +# Diagnostic reports (https://nodejs.org/api/report.html) + +report.[0-9]_.[0-9]_.[0-9]_.[0-9]_.json + +# Runtime data + +pids +_.pid +_.seed +\*.pid.lock + +# Directory for instrumented libs generated by jscoverage/JSCover + +lib-cov + +# Coverage directory used by tools like istanbul + +coverage +\*.lcov + +# nyc test coverage + +.nyc_output + +# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) + +.grunt + +# Bower dependency directory (https://bower.io/) + +bower_components + +# node-waf configuration + +.lock-wscript + +# Compiled binary addons (https://nodejs.org/api/addons.html) + +build/Release + +# Dependency directories + +node_modules/ +jspm_packages/ + +# Snowpack dependency directory (https://snowpack.dev/) + +web_modules/ + +# TypeScript cache + +\*.tsbuildinfo + +# Optional npm cache directory + +.npm + +# Optional eslint cache + +.eslintcache + +# Optional stylelint cache + +.stylelintcache + +# Microbundle cache + +.rpt2_cache/ +.rts2_cache_cjs/ +.rts2_cache_es/ +.rts2_cache_umd/ + +# Optional REPL history + +.node_repl_history + +# Output of 'npm pack' + +\*.tgz + +# Yarn Integrity file + +.yarn-integrity + +# dotenv environment variable files + +.env +.env.development.local +.env.test.local +.env.production.local +.env.local + +# parcel-bundler cache (https://parceljs.org/) + +.cache +.parcel-cache + +# Next.js build output + +.next +out + +# Nuxt.js build / generate output + +.nuxt +dist + +# Gatsby files + +.cache/ + +# Comment in the public line in if your project uses Gatsby and not Next.js + +# https://nextjs.org/blog/next-9-1#public-directory-support + +# public + +# vuepress build output + +.vuepress/dist + +# vuepress v2.x temp and cache directory + +.temp +.cache + +# Docusaurus cache and generated files + +.docusaurus + +# Serverless directories + +.serverless/ + +# FuseBox cache + +.fusebox/ + +# DynamoDB Local files + +.dynamodb/ + +# TernJS port file + +.tern-port + +# Stores VSCode versions used for testing VSCode extensions + +.vscode-test + +# yarn v2 + +.yarn/cache +.yarn/unplugged +.yarn/build-state.yml +.yarn/install-state.gz +.pnp.\* + +# IntelliJ based IDEs +.idea diff --git a/Code of Conduct.md b/Code of Conduct.md new file mode 100644 index 0000000..3aa98dc --- /dev/null +++ b/Code of Conduct.md @@ -0,0 +1,17 @@ +# Code of Conduct + +## Our public Safe information sharing tool with MIT License is committed to creating a safe and inclusive community for all contributors, users, and maintainers. As such, we have established this code of conduct that applies to all members of our community. By contributing to or using our tool, you agree to abide by this code of conduct. + +- Respectful and Inclusive Behavior: We value and respect diversity in all forms and will not tolerate any form of discrimination, harassment, or bullying based on race, ethnicity, gender identity or expression, sexual orientation, disability, religion, age, or any other characteristic protected by law. We are committed to providing a welcoming and inclusive environment to all community members. + +- Professional Conduct: We expect all members of our community to conduct themselves in a professional and courteous manner. We will not tolerate any behavior that is disrespectful, disruptive, or harmful to other community members or to the tool itself. This includes, but is not limited to, trolling, flaming, personal attacks, or any other form of aggressive or hostile behavior. + +- Open Communication: We encourage open and constructive communication within our community. We value feedback and welcome constructive criticism. However, we do not tolerate any form of hate speech, bullying, or harassment. + +- Collaborative Community: Our community is built on collaboration, and we value contributions from all members. We expect all community members to work together in a respectful and constructive manner to achieve our common goals. + +- Legal Compliance: We expect all members of our community to comply with all applicable laws, including but not limited to, copyright law, data protection law, and privacy law. We will not tolerate any behavior that violates these laws or our licensing terms. + +- Reporting and Enforcement: We take all reports of violations of this code of conduct seriously. If you witness or experience any behavior that violates this code of conduct, please report it immediately to the tool maintainers. We will investigate all reports and take appropriate action, which may include warning the offending party, temporarily or permanently banning the offending party from the community, or reporting the offending party to law enforcement. + +## Thank you for contributing to and using our public Safe information sharing tool with MIT License. We look forward to building a strong, collaborative, and inclusive community together. \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..444bc42 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,8 @@ +FROM oven/bun + +RUN mkdir -p /home/app +WORKDIR /home/app +COPY . . + +EXPOSE 8000 +CMD ["bun", "start"] diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..ef6c55b --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2023 GoodRequest + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..2fd6123 --- /dev/null +++ b/README.md @@ -0,0 +1,29 @@ +# GoodRequest, s.r.o.Safe + +**Safe** enables sharing **confidential information** with a limited **number of views** and **overall lifetime**. + +## Features + +🕸ī¸ _Web Native_ frontend build with pure **HTML**, **CSS** and **JS**.
+đŸĒļ _Simple_ and _lightweight_ single-file backend with **Bun**.
+🔏 _Fast_ and _secure_ data management with **Redis**. + +## A (Very) Quick Start + +Deploy the app in a Docker Compose stack with (non-persistent) **Redis** and (reverse proxy) **NGINX**. + +Once deployed, open the app, input the data, stash it and share the generated **Safe** link as needed. + +## Additional Resources + +Bun[**Bun**](https://bun.sh) documentation is available [here](https://bun.sh/docs). + +Bun[**Redis**](https://redis.io) documentation is available [here](https://redis.io/docs). + +Bun[**Docker**](https://www.docker.com) documentation is available [here](https://docs.docker.com). + +Bun[**NGINX**](https://www.nginx.com) documentation is available [here](https://nginx.org/en/docs/). + +## License + +**Safe** is released under the MIT license. See [LICENSE.md](./LICENSE.md) for details. \ No newline at end of file diff --git a/bun.lockb b/bun.lockb new file mode 100755 index 0000000000000000000000000000000000000000..8083cb69dad1a518ffe3c2630aa950b3c4b8d4ba GIT binary patch literal 5279 zcmeHLYgAKL7QSFWhzJOb3qhI4fK!nK2#BbtRIp%Cv7jx;hz4>AfxNsoLBR*X+G?qS zGgNtuQii&$Xp1uf>MA}v3W5WQtx{etu_&}4N{bKV;p~F15Qd91Ga;m*3*=bU}M zZ}04L&$)N!chlWeH02g8mbsC#L{79y#)gY4k;f#&iX|jBR!&I;N^YV%+mIj#EA#b_ zDJPc`j;i|H%0fx){26xxD#OJmT`n9r7<=(?o`nre0-2~)gvm=<&GaMi1WkVuL8!%Y ziWG`zq69{OM12Ib8R!FyP6KTP{mq~)KnqFP1{FyVLNZz|`P5tejdR{B z4cu(@Vu3@*X;$8fZBzRq;%=wEPk6Q1Rh1tqxpcF%E+eQc^yBNaSAbFd6i*MfX-44Y zPEqwPs}4s4@Q36DBkHA7f;NpKh%1M*<3U~88Rc315w){lB{v$Is<` zQBzd$#4FcovCVIfH?$@tejoaCWI^!T9DDDc>wAI=;kEuXpi&$hGQ%}Nh3+_&M{ z$s0diGJN((hZp4>3(G90+@S6A)Mqwv6%U zUo0%j_Ow?b8GG2juDm2|eZ|4dj)`|7SKM6QN&e&OmV*H)@dZtOdp@2c4y~fkRQt%I zRNp4KRBS2g4lueFdcwrwFc9H*jWH=`)=}RO*Nq#G?``{AZ7%iM?y#eg1IH?>zuQ`} z`bkyX8^Yyf#&LCDG@ZY?y*=LPw!!)I+lKuH&zIUYe7f#QUc-CY0v+D*y1dg?v6=|` z!2?UWdx!#;!gChU%^g2}HL<0@)oyQR&N#!^zGL;tlUoIe%B<}hg741pw_eaSxJGO( z$hg{@ZyS}V!)v0;yWlq;IJAD!eCL5*=EDQG<~vt9oC@zbm02|JBJJDXne5kFpR=Vf z@G_^{vDoNG$L?EG-l<7VDYNhU+UvWhoo4I)sKbl)I2P7l#TFI!V)*sy_RCMY)IK(o z0$f+-h<2Qg`uxMWisKzu!=8ITJr`12S+IYR|2MOozsxS#U3)%P6>#Zn*=*mpb~XYL z&MzC2f@TF&^-Q*3xAun=c$zruqFG0pxA9kd4*8dw+;}k4jQ`=i zu4BKi=t@mvhmO&kC4tg&$GYUkv1SDEF2>y1-}vMdaZFs%FGF= zy@D?b_jVU8-JX%TpNS8t_VI+~{X+Mg&@sPm>SW+`j&zdoy7}K_AfI_dDPc6*m!@KP zVi~OzNF+R5U-4E^B)O2ocjwUJWKtgM%JJd|Bw~?F9y@%34KlR^3J9GOcNj`b<|T*i ztMcS81mp-D=$=N;a`fCq&q(wV(gyFY=Vhst~HckSS`KlmKXq2S&ia6i zwltW{bLY9kD6a5u1!iI>5hzJoNf5ZE#5JEGU_5#7R!-pR5La)822mb7_zc&NxV~d7 z;0RZmxDo`57tleGfNN1)D}sd&Y=FVlDy}9q7(TM3K@_N-#q}mwJhd2H@#2aUEFL@! z<_KUQ*J@m|YA~84lz_zsEV!x#3lqVJY#I!%m~lmGXn-InJ5iSKrK5j&>(Zn&k)(J_ zHYrI;CXj?FDX~nnkmE7DY(7KFwu@mJ55XaUI~7*gV}u13l8JH!O_MPcsifls@SUU} z=@?3^P@?}MG`%>bQbEsibE8O+m{w9rJefioPxIuI$ce$Mxvr2c5VWh#HA&2r9>_i&~ZE=87ojplrW;{ifI8QQb|dflGgk)!6hk5PBCqT zfTBqXwz5nppoClj&5eOw9W97S7$wG$rbECZ4RbZChoT>aPaBpt6yVYAay`-J&k#_ULQ<%1w-jnEP3;#Twc~032!q(p~FXyFLH^ GzW)gtWE%be literal 0 HcmV?d00001 diff --git a/favicon.png b/favicon.png new file mode 100644 index 0000000000000000000000000000000000000000..ab764ef1e6d0bde29f5928f3c25a6b2f589cbf15 GIT binary patch literal 2732 zcmZ{mc{~%28^@>IM=DpA^Xq4FWrQ+UvtiRlj$Dyzj=8TDiy3l7&dpIIcPJ7nbCY{= zl_N(b$L6SLlDU4qfBydX{qa1X*XQ$m-v2*IH%*QCxPjaN0DupPfLoj>@!#QOJ=xf+ zmDf*%)f0+_0swVsJO?gpCtk`8VSxq!@Sv040|0<|5)o+t01gZQtT_V!kX!&jBru<1 zu5)rY<$A*y4meIoqqd(ou0Vuc2mo+4|KDK&4MWsVLXJ=*+K^*~i;w3rhj-kQ!;@Me z5)QQr`@C7;<7?F?)E9NXRkK%#P4GWT0+Ue#`upENjZei*r`+;EuDL&fhtG9bWNyM4IU< z-EO~I^YaIFzV62H>glffUFur^@;w@aP7vN&7V0Srxr=P@uL9D~hB?{efv^CY(? zKLRlpu*k0;6HEj&FrUlCVTs{To8^}GLo&zLDC|}@%}mekCFBlIMC7@XzNZY@6HS5PX>R$;{$LQzP4syCC`o_{ ziHi0m-zzmfaK3Kuo}(jOB!!Qm)PW4Ehdr6kH!}R4J|>jhnY@ure;ZW!r??PVGQ%sg zO&JL`W3@3In(9&Yi4nMS|DgtG^(bq}Se|@GH-v{ z@MJXpQ?_?mrINvGC?zFbjx_ zD)TVDsx1-mHeymIvM4Psc2h4kAmgQKPZ$xo;aOidFP|eB*qdJC(!cVg6p{@IU_qzo?K+jbpg7*pB3ai3bHPCs4x zIdl=3vRdTa#%gS`>3rX7%#y4!r9;1mL_;`b6_vNnRKRxyXcbQx`WbS*mT0BR8Pjl@ zd~4nf)i1vhtz9M}|?7U8&-7Nf5n3@N%3<42rdx;8}F^cue zykpA^j$4N)W68$r`lP1|I=Cj&HrNAKaTx+EZ@h z&Ca^?&WMCyalT}d-lh4CdUSyAgG)GuSW??Fow~rp^*8iAXl2Q&5u;RXnds+zbe8Li zNYH`;XK<5C6ar^mM5WAFuEzMxHYZ>8nT;8%zN{12+|lXbYA-ol#l_ z4Pi@4Pr)-v>IGgrJ>~QYO;rhQAtw6Kzc+j(k3nyT%zkO=;1uF)dY7_$Q*hZm<ULklnWNGh(eXHIo?}QKsEbcBd{@~a;lbr~I_$Y9YtD#Qnl)D1i9?Slgd8sS0 zXKXBMSw^3ukOMHsq`q*6jNq(f$irF)exyCN8e#WS)!bC#HhIXpZzp^HvJdbptVZ6V z{MDxmhnyqw6RGq|!uH}H=%_gSUiCk+?=?Lxs&(95HumR_8Z+MrX4&3()7!pSr*y<2 zGqk9xXx!hE`#BC*^kW1S4xnVa&S%$U zing`j*21z`=BIQ!dW()Djb@8ue6Ox4RCjTJ#AuFfnsX9%pvCKtaoMIRH}GGMgRsd7 zt0^kUyT8l*3u0K_u(c@8eW>@iTR<3T&4{wctaZE(;FHL`kecQmoir}OJZ}ur2*s$u z2rj?+sZt9$O&&DGRO)rI^v?NAzHuz6MKQo6TAt~@7_#&=mp6s^T&xiYG08JMH-i};^79WQTQ5t*svZoQ zaq?YyhF#nUkc(oza!l6^$_kN+n+pQ!Xx-Av zikPFz^4|k%5JiqWyXbzXxTE9K3a9K^{0fLQVq-jwj@P0Wk#Y)$?1$jl3@&l&DMaFC z63})pzv{dt(qQ#7I}*e^L?n+Y>qM1s~vSKh)~h? zT|n5o>`-)bAi}dUlCj<1KxHaF`!y&I!i>=GFYU!#x0aN3(kIl+rF0i%mS8ENxJQT8 znzw8_szI)n3Z(@$93|1IPAGif*6RTU$>uPvQDhBP@TT9!+Gf>Py?~hZ2;DAAB~N*G z!TnTQ!LqF1`Q_2y8_s#DmoxZeEE8`UX@w+$v#^30urn@FgN{E&d-(L06-1i)wQA(* z(<)+*0S$SM@!f^ku#@jiHq_8I6yp-=4si>1KM{Z$SWQhCtfj1a#Y$BbqOJ)6UsVKy kAz-lg1w{G(0Db`&tVj6&2QC`^0-gW>q@gLi#=tq|zxGZT>;M1& literal 0 HcmV?d00001 diff --git a/gui_landing.html b/gui_landing.html new file mode 100644 index 0000000..3f60bb7 --- /dev/null +++ b/gui_landing.html @@ -0,0 +1,543 @@ + + + + + + Safe + + + + + + + + + + + + +
+ +
+
+ Number of views +
+ + + + +
+ +
+
+ Accessible for +
+ + + + +
+ +
+
+ +
+ + + \ No newline at end of file diff --git a/gui_message.html b/gui_message.html new file mode 100644 index 0000000..8a12ae7 --- /dev/null +++ b/gui_message.html @@ -0,0 +1,102 @@ + + + + + + Safe + + + + + + + + + + +

MESSAGE_VALUE

+ + \ No newline at end of file diff --git a/gui_secret.html b/gui_secret.html new file mode 100644 index 0000000..8887fb4 --- /dev/null +++ b/gui_secret.html @@ -0,0 +1,201 @@ + + + + + + Safe + + + + + + + + + + + +
+ + +
+
Copied
+
+
+ + \ No newline at end of file diff --git a/index.ts b/index.ts new file mode 100644 index 0000000..1426062 --- /dev/null +++ b/index.ts @@ -0,0 +1,84 @@ +import { type Serve } from 'bun' +import Redis from 'ioredis' + +const redis = new Redis(process.env.REDIS_URL || 'redis://redis:6379', { + retryStrategy: (times: number) => Math.min(times * 100, 30_000) +}) + +const responseWithLoadedAndRegexedHtmlFile = async (fileName: string, replacements?: Array>) => { + let fileContent = await Bun.file(import.meta.dir + '/' + fileName).text() + + if (replacements && replacements.length) { + replacements.forEach(([pattern, value]) => { + fileContent = fileContent.replace(pattern, value) + }) + } + + return new Response(fileContent, { headers: { 'Content-Type': 'text/html' } }) +} + +export default { + port: process.env.PORT || 8000, + fetch: async ({ url, method, body }) => { + try { + const { pathname } = new URL(url) + + if (pathname === '/favicon.png') { + return new Response(Bun.file('./favicon.png')) + } + + if (pathname === '/') { + if (method === 'GET') { + return responseWithLoadedAndRegexedHtmlFile('gui_landing.html') + } + + if (method === 'POST' && body) { + const { secret, requestLimit, timeLimitInMinutes } = await Bun.readableStreamToJSON(body) + + const secretID = crypto.randomUUID() + + await redis.set(`${secretID}-value`, secret, 'EX', timeLimitInMinutes * 60) + await redis.set(`${secretID}-requests`, requestLimit, 'EX', timeLimitInMinutes * 60) + + return new Response(secretID) + } + } + + const secretID = pathname.substring(1) + if (secretID) { + const secretValue = await redis.get(`${secretID}-value`) + + if (secretValue) { + const requestLimit = await redis.get(`${secretID}-requests`) + + if (requestLimit) { + if (parseInt(requestLimit) > 0) { + await redis.decr(`${secretID}-requests`) + + const preciseTimeToLive = await redis.pttl(`${secretID}-value`) + + return responseWithLoadedAndRegexedHtmlFile('gui_secret.html', [ + ['PRECISE_TIME_TO_LIVE', preciseTimeToLive.toString()], + ['SECRET_VALUE', Bun.escapeHTML(secretValue)] + ]) + } + + await redis.del(`${secretID}-requests`) + } + + await redis.del(`${secretID}-value`) + } + } + + return responseWithLoadedAndRegexedHtmlFile('gui_message.html', [ + ['MESSAGE_VALUE', 'Gone'] + ]) + } catch (e) { + console.error(e) + + return responseWithLoadedAndRegexedHtmlFile('gui_message.html', [ + ['MESSAGE_VALUE', 'Something went wrong'] + ]) + } + }, +} satisfies Serve diff --git a/package.json b/package.json new file mode 100644 index 0000000..e029f28 --- /dev/null +++ b/package.json @@ -0,0 +1,18 @@ +{ + "name": "safe", + "type": "module", + "version": "1.0.0", + "private": true, + "scripts": { + "start": "bun index.ts" + }, + "dependencies": { + "ioredis": "5.3.2" + }, + "devDependencies": { + "bun-types": "latest" + }, + "peerDependencies": { + "typescript": "5.0.0" + } +} diff --git a/tsconfig.json b/tsconfig.json new file mode 100644 index 0000000..ac2359c --- /dev/null +++ b/tsconfig.json @@ -0,0 +1,21 @@ +{ + "compilerOptions": { + "types": ["bun-types"], + "lib": ["esnext"], + "module": "esnext", + "target": "esnext", + "moduleResolution": "bundler", + "noEmit": true, + "allowImportingTsExtensions": true, + "moduleDetection": "force", + "jsx": "react-jsx", + "allowJs": true, + "esModuleInterop": true, + "strict": true, + "forceConsistentCasingInFileNames": true, + "skipLibCheck": true, + "composite": true, + "downlevelIteration": true, + "allowSyntheticDefaultImports": true + } +}