jekyll-secret-posts 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: '032359338c8f0f94913d90be4ba0c17e1f86cff32c37636d7e493b77250ccc92'
+  data.tar.gz: a56e6bc96d5e924ed8897afe4f75b2dfb56f44a329bce40338f1a7844d1faa00
+SHA512:
+  metadata.gz: 7fc592e410680cd2e0604245bcbcd7395c87486073e1c195fcd42f377c742aec3fae393e4f73d33c77a97e8e940496c7262e03e59bd0359fbb311a331ab72ee4
+  data.tar.gz: b0f75614598f7cca7ee4517f72288016e05c4b2d7e8fc4060cbd48432593a687af1c00a4fa1be842b05112e985d48ffe41dc1489b00b39117a8fc04c0ef93a54

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,151 @@
+# Jekyll Secret Posts
+
+[![Gem Version](https://badge.fury.io/rb/jekyll-secret-posts.svg)](https://badge.fury.io/rb/jekyll-secret-posts)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+**Jekyll Secret Posts** is a lightweight, open-source [Jekyll](https://jekyllrb.com) plugin designed to publish "share-only" posts. It easily integrates with any Jekyll project and is compatible with other Jekyll plugins.
+
+At build time, the plugin hashes the Markdown file path with SHA-256 to generate unique URLs. Since these hashed URLs are excluded from sitemaps and search engine indexing, your posts remain accessible only to those with the direct link.
+
+By enabling link-only access, the plugin allows for exclusive content sharing and gives more privacy to your website.
+
+<br>
+
+* [Installation](#installation)
+* [Getting Started](#getting-started)
+* [Configuration](#configuration)
+* [Compatibility](#compatibility)
+* [Contributions](#contributions)
+
+<br>
+
+## Installation
+
+### With Bundler
+
+Add `jekyll-secret-posts` gem to your `Gemfile`:
+
+```ruby
+gem "jekyll-secret-posts"
+```
+
+or use GitHub repository link:
+
+```ruby
+gem "jekyll-secret-posts", git: "https://github.com/developerlee79/jekyll-secret-posts.git"
+```
+
+### Manual
+
+Or install the gem manually and specify the plugin in your `_config.yml`:
+
+```shell
+gem install jekyll-secret-posts
+```
+
+```yaml
+plugins:
+  - jekyll-secret-posts
+```
+
+<br>
+
+## Getting Started
+
+Create a `_secret` directory in your Jekyll project root and add markdown file(same as regular posts).
+
+```text
+my-jekyll-site/
+├── _config.yml
+├── _layouts/
+└── _secret/
+    └── article.md # Any .md files in this directory or its subfolders are supported
+```
+
+Since the URL is hashed, you cannot know it without inspecting the built output. The easiest way to see it is in the build log when you build; this plugin only exposes those URLs in the log via the `list_urls` option. 
+
+However, enabling this in production or CI can expose hashed URLs on external servers or in pipeline logs. For that reason, `list_urls` defaults to `false` so you can turn it on manually only in safe environments. 
+
+For this guide, we enable it so you can verify that secret URLs are generated. Add the `list_urls` option to `_config.yml`:
+
+```yaml
+secret_posts:
+  list_urls: true
+```
+
+URLs are hashed using the `JEKYLL_SECRET_SALT` environment variable as salt. the plugin is able to hash without it, but in that case the URL can be guessed, so setting a salt is highly recommended for security. 
+
+Set it before build and build:
+
+```bash
+export JEKYLL_SECRET_SALT="my-secret"
+bundle exec jekyll build
+```
+
+or run build with the environment variable:
+
+```bash
+JEKYLL_SECRET_SALT="my-secret" bundle exec jekyll build
+```
+
+Then you will be able to find the hashed URL in the build log like this:
+
+```log
+Secret post URL: /s/eac1bc3d5e2cb1881215f42c7926d462/
+        AutoPages: Disabled/Not configured in site.config.
+        Pagination: Complete, processed 1 pagination page(s)
+                    done in 1.825 seconds.
+```
+
+All done! Share the URL only with people who should see the post.
+
+<br>
+
+## Configuration
+
+You can add custom settings to your `_config.yml` as follows:
+
+```yaml
+secret_posts:
+  source_dir: "_secret"
+  collection_name: "secret"
+  url_prefix: "/s/"
+  index_layout: "default"
+  redirect_url: "/"
+  list_urls: false
+```
+
+| Key | Default | Description |
+|----------------------------|---------|-------------|
+| `source_dir` | `"_secret"` | Directory containing target Markdown files |
+| `collection_name` | `"secret"` | Internal Jekyll collection name |
+| `url_prefix` | `"/s/"` | URL prefix for hashed URLs |
+| `index_layout` | `"default"` | Layout used for the redirect page at the `url_prefix` |
+| `redirect_url` | `baseurl` | URL to which the `url_prefix` index page redirects (If unset, the site `baseurl` is used; if that is also unset, `/` is used) |
+| `list_urls` | `false` | When `true`, prints hashed URLs in Jekyll build log (Use only in safe environment) |
+
+<br>
+
+## Compatibility
+
+### Jekyll Pagination
+
+Secret posts live in a collection, not in `site.posts`, so they are not included in pagination.
+
+### Jekyll Sitemap
+
+Secret documents are set to `sitemap: false`, so they do not appear in the sitemap.
+
+### Jekyll Polyglot
+
+If you use Polyglot for localization and do not plan to support multiple languages for secret posts, add the secret source directory to `exclude_from_localization` in your `_config.yml` so that secret posts are not processed for multiple languages:
+
+```yaml
+exclude_from_localization: ["images", "css", "scss", "js", "_secret"]
+```
+
+<br>
+
+## Contributions
+
+Contributions are welcome. If you have an improvement or idea, feel free to open a pull request.

data/lib/jekyll/secret_posts/config.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module Jekyll
+  module SecretPosts
+    class Config
+      DEFAULT_SOURCE_DIR = "_secret"
+      DEFAULT_COLLECTION_NAME = "secret"
+      DEFAULT_URL_PREFIX = "/s/"
+      DEFAULT_INDEX_LAYOUT = "default"
+      TOKEN_LENGTH = 32
+
+      def initialize(site_config)
+        @site_config = site_config
+        @secret_posts = site_config["secret_posts"] || {}
+      end
+
+      def source_dir
+        @secret_posts["source_dir"] || DEFAULT_SOURCE_DIR
+      end
+
+      def collection_name
+        @secret_posts["collection_name"] || DEFAULT_COLLECTION_NAME
+      end
+
+      def url_prefix
+        prefix = @secret_posts["url_prefix"] || DEFAULT_URL_PREFIX
+        prefix = DEFAULT_URL_PREFIX if prefix.to_s.strip.empty?
+        prefix.end_with?("/") ? prefix : "#{prefix}/"
+      end
+
+      def salt
+        ENV["JEKYLL_SECRET_SALT"].to_s
+      end
+
+      def secret_index_layout
+        return DEFAULT_INDEX_LAYOUT unless @secret_posts.key?("index_layout")
+
+        layout = @secret_posts["index_layout"]
+        return nil if layout.nil? || layout == false
+
+        layout.to_s.empty? ? DEFAULT_INDEX_LAYOUT : layout.to_s
+      end
+
+      def redirect_url
+        custom = @secret_posts["redirect_url"].to_s.strip
+        return custom.end_with?("/") ? custom : "#{custom}/" unless custom.empty?
+
+        base = @site_config["baseurl"].to_s.strip
+        if base.empty?
+          "/"
+        else
+          base.end_with?("/") ? base : "#{base}/"
+        end
+      end
+
+      def token_length
+        TOKEN_LENGTH
+      end
+
+      def list_urls?
+        value = @secret_posts["list_urls"]
+        !value.nil? && value != false && value.to_s.strip != ""
+      end
+    end
+  end
+end

data/lib/jekyll/secret_posts/generator.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+module Jekyll
+  module SecretPosts
+    class Generator < Jekyll::Generator
+      safe true
+      priority :high
+
+      def generate(site)
+        config = Config.new(site.config)
+        add_secret_index_page(site, config)
+        log_secret_urls(site, config) if config.list_urls?
+      end
+
+      private
+
+      def add_secret_index_page(site, config)
+        prefix_dir = config.url_prefix.gsub(%r{\A/|/\z}, "")
+        page = Jekyll::PageWithoutAFile.new(site, site.source, prefix_dir, "index.html")
+        page.data["permalink"] = config.url_prefix
+        page.data["sitemap"] = false
+        assign_redirect_content(page, config)
+        site.pages << page
+      end
+
+      def assign_redirect_content(page, config)
+        url = config.redirect_url
+        if config.secret_index_layout
+          page.data["layout"] = config.secret_index_layout
+          page.content = redirect_fragment(url)
+        else
+          page.data["layout"] = nil
+          page.content = redirect_standalone_html(url)
+        end
+      end
+
+      def redirect_fragment(url)
+        <<~FRAGMENT.strip
+          <meta http-equiv="refresh" content="0;url=#{url}">
+          <p>Redirecting...</p>
+          <p><a href="#{url}">Go to homepage</a></p>
+        FRAGMENT
+      end
+
+      def redirect_standalone_html(url)
+        <<~HTML.strip
+          <!DOCTYPE html>
+          <html>
+          <head><meta charset="utf-8"><meta http-equiv="refresh" content="0;url=#{url}"></head>
+          <body><p>Redirecting...</p><p><a href="#{url}">Go to homepage</a></p></body>
+          </html>
+        HTML
+      end
+
+      def log_secret_urls(site, config)
+        collection = site.collections[config.collection_name]
+        unless collection
+          Jekyll.logger.info "Secret posts: no collection '#{config.collection_name}'"
+          return
+        end
+        ensure_collection_read(collection)
+        docs = collection.docs
+        if docs.empty?
+          Jekyll.logger.info "Secret posts: no documents"
+          return
+        end
+        log_secret_doc_urls(docs, config, site)
+      end
+
+      def log_secret_doc_urls(docs, config, site)
+        tokenizer = UrlTokenizer.new(config)
+        baseurl = normalized_baseurl(site.config["baseurl"])
+        docs.each { |doc| log_one_secret_url(doc, config, tokenizer, baseurl) }
+      end
+
+      def normalized_baseurl(baseurl_value)
+        baseurl = baseurl_value.to_s.strip
+        baseurl.empty? ? nil : baseurl
+      end
+
+      def log_one_secret_url(doc, config, tokenizer, baseurl)
+        token = tokenizer.token_for(doc.collection.label, doc.relative_path)
+        path = "#{config.url_prefix}#{token}/"
+        full_url = baseurl ? "#{baseurl.sub(%r{/\z}, '')}#{path}" : path
+        Jekyll.logger.info "Secret post URL: #{full_url}"
+      end
+
+      def ensure_collection_read(collection)
+        return unless collection.docs.empty? && collection.respond_to?(:read)
+
+        coll_dir = collection.respond_to?(:directory) ? collection.directory.to_s : ""
+        collection.read if !coll_dir.empty? && File.directory?(coll_dir)
+      end
+    end
+  end
+end

data/lib/jekyll/secret_posts/hooks.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require "jekyll/secret_posts/config"
+require "jekyll/secret_posts/url_tokenizer"
+
+module Jekyll
+  module SecretPosts
+    module Hooks
+      NOINDEX_META = '<meta name="robots" content="noindex, nofollow">'
+
+      def self.register
+        Jekyll::Hooks.register(:site, :after_init) do |site|
+          register_secret_collection(site)
+        end
+        Jekyll::Hooks.register(:documents, :post_init) do |doc|
+          apply_secret_permalink(doc)
+        end
+        Jekyll::Hooks.register(:documents, :post_render) do |doc|
+          inject_noindex(doc)
+        end
+      end
+
+      def self.register_secret_collection(site)
+        config = Config.new(site.config)
+        collections = site.config["collections"] ||= {}
+        return if collections.key?(config.collection_name)
+
+        collections[config.collection_name] = {
+          "output" => true,
+          "source" => config.source_dir
+        }
+        exclude = site.config["exclude"]
+        exclude.reject! { |e| e.to_s == config.source_dir } if exclude.is_a?(Array)
+      end
+
+      def self.apply_secret_permalink(doc)
+        return unless secret_document?(doc)
+
+        config = Config.new(doc.site.config)
+        tokenizer = UrlTokenizer.new(config)
+        token = tokenizer.token_for(doc.collection.label, doc.relative_path)
+        doc.data["permalink"] = "#{config.url_prefix}#{token}/"
+        doc.data["sitemap"] = false
+      end
+
+      def self.secret_document?(doc)
+        doc.collection && doc.site &&
+          doc.collection.label == Config.new(doc.site.config).collection_name
+      end
+
+      def self.inject_noindex(doc)
+        return unless doc.collection && doc.site
+
+        config = Config.new(doc.site.config)
+        return unless doc.collection.label == config.collection_name
+        return unless doc.output
+
+        new_output = if doc.output.include?("<head>")
+                       doc.output.sub("<head>", "<head>\n  #{NOINDEX_META}")
+                     else
+                       "#{NOINDEX_META}\n#{doc.output}"
+                     end
+        doc.output = new_output
+      end
+    end
+  end
+end

data/lib/jekyll/secret_posts/url_tokenizer.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require "digest"
+
+module Jekyll
+  module SecretPosts
+    class UrlTokenizer
+      def initialize(config)
+        @config = config
+      end
+
+      def token_for(collection_label, relative_path)
+        identifier = "#{collection_label}#{relative_path}"
+        raw = Digest::SHA256.hexdigest(@config.salt + identifier)
+        raw[0, @config.token_length]
+      end
+    end
+  end
+end

data/lib/jekyll/secret_posts.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+require "jekyll"
+require "jekyll/secret_posts/config"
+require "jekyll/secret_posts/url_tokenizer"
+require "jekyll/secret_posts/generator"
+require "jekyll/secret_posts/hooks"
+
+module Jekyll
+  module SecretPosts
+  end
+end
+
+Jekyll::SecretPosts::Hooks.register

data/lib/jekyll-secret-posts.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require "jekyll/secret_posts"

metadata

@@ -0,0 +1,95 @@
+--- !ruby/object:Gem::Specification
+name: jekyll-secret-posts
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- devl79
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2026-02-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jekyll
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: 
+email:
+- dltjgus0709@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/jekyll-secret-posts.rb
+- lib/jekyll/secret_posts.rb
+- lib/jekyll/secret_posts/config.rb
+- lib/jekyll/secret_posts/generator.rb
+- lib/jekyll/secret_posts/hooks.rb
+- lib/jekyll/secret_posts/url_tokenizer.rb
+homepage: https://github.com/developerlee79/jekyll-secret-posts
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/developerlee79/jekyll-secret-posts
+  source_code_uri: https://github.com/developerlee79/jekyll-secret-posts
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.7.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.6
+signing_key: 
+specification_version: 4
+summary: Jekyll plugin for unlisted posts served at hashed, share-only URLs.
+test_files: []