Cryptgeon

cryptgeon is a secure, open source note / file sharing service inspired by PrivNote written in rust & svelte.

Generate Convert Improve

Install / Use

/learn @cupcakearmy/Cryptgeon

About this skill

Quality Score

0/100

README

EN | 简体中文 | ES

About?

cryptgeon is a secure, open source sharing note or file service inspired by PrivNote. It includes a server, a web page and a CLI client.

🌍 If you want to translate the project feel free to reach out to me.

Thanks to Lokalise for providing free access to their platform.

Live Service / Demo

Web

Check out the live service / demo and see for yourself cryptgeon.org

CLI

npx cryptgeon send text "This is a secret note"

For more documentation about the CLI see the readme.

Raycast Extension

There is an official Raycast extension.

Features

send text or files
server cannot decrypt contents due to client side encryption
view or time constraints
in memory, no persistence
obligatory dark mode support

How does it work?

each note has a generated <code>id (256bit)</code> and <code>key 256(bit)</code>. The <code>id</code> is used to save & retrieve the note. the note is then encrypted with aes in gcm mode on the client side with the <code>key</code> and then sent to the server. data is stored in memory and never persisted to disk. the server never sees the encryption key and cannot decrypt the contents of the notes even if it tried to.

View counts are guaranteed with one running instance of cryptgeon. Multiple instances connected to the same Redis instance can run into race conditions, where a note might be retrieved more than the view count allows.

Screenshot

screenshot

Environment Variables

| Variable | Default | Description | | ----------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | REDIS | redis://redis/ | Redis URL to connect to. According to format | | SIZE_LIMIT | 1 KiB | Max size for body. Accepted values according to byte-unit. 512 MiB is the maximum allowed. The frontend will show that number including the ~35% encoding overhead. | | MAX_VIEWS | 100 | Maximal number of views. | | MAX_EXPIRATION | 360 | Maximal expiration in minutes. | | ALLOW_ADVANCED | true | Allow custom configuration. If set to false all notes will be one view only. | | ALLOW_FILES | true | Allow uploading files. If set to false, users will only be allowed to create text notes. | | ID_LENGTH | 32 | Set the size of the note id in bytes. By default this is 32 bytes. This is useful for reducing link size. This setting does not affect encryption strength. | | VERBOSITY | warn | Verbosity level for the backend. Possible values are: error, warn, info, debug, trace | | THEME_IMAGE | "" | Custom image for replacing the logo. Must be publicly reachable | | THEME_TEXT | "" | Custom text for replacing the description below the logo | | THEME_PAGE_TITLE | "" | Custom text the page title | | THEME_FAVICON | "" | Custom url for the favicon. Must be publicly reachable | | THEME_NEW_NOTE_NOTICE | true | Show the message about how notes are stored in the memory and may be evicted after creating a new note. Defaults to true. | | IMPRINT_URL | "" | Custom url for an Imprint hosted somewhere else. Must be publicly reachable. Takes precedence above IMPRINT_HTML. | | IMPRINT_HTML | "" | Alternative to IMPRINT_URL, this can be used to specify the HTML code to show on /imprint. Only IMPRINT_HTML or IMPRINT_URL should be specified, not both. |

Deployment

ℹ️ https is required otherwise browsers will not support the cryptographic functions.

ℹ️ There is a health endpoint available at /api/health/. It returns either 200 or 503.

Docker

Docker is the easiest way. There is the official image here.

# docker-compose.yml

version: '3.8'

services:
  redis:
    image: redis:7-alpine
    # This is required to stay in RAM only.
    command: redis-server --save "" --appendonly no
    # Set a size limit. See link below on how to customise.
    # https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/
    # --maxmemory 1gb --maxmemory-policy allkeys-lrulpine
    # This prevents the creation of an anonymous volume.
    tmpfs:
      - /data

  app:
    image: cupcakearmy/cryptgeon:latest
    depends_on:
      - redis
    environment:
      # Size limit for a single note.
      SIZE_LIMIT: 4 MiB
    ports:
      - 80:8000

    # Optional health checks
    # healthcheck:
    #   test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
    #   interval: 1m
    #   timeout: 3s
    #   retries: 2
    #   start_period: 5s

NGINX Proxy

See the examples/nginx folder. There an example with a simple proxy, and one with https. You need to specify the server names and certificates.

Traefik 2

See the examples/traefik folder.

Scratch

See the examples/scratch folder. There you'll find a guide how to setup a server and install cryptgeon from scratch.

Synology

There is a guide you can follow.

YouTube Guides

English by Webnestify
English by DB Tech Previous Video
German by ApfelCast

Written Guides

French by zarevskaya
Italian by @nicfab
English by @nicfab

Development

Requirements

pnpm: >=9
node: >=22
rust: edition 2021

**In

Related Skills

node-connect

352.2k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

111.1k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

352.2k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

352.2k

QQBot 富媒体收发能力。使用 <qqmedia> 标签，系统根据文件扩展名自动识别类型（图片/语音/视频/文件）。