yopass 1.1.5 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.gemspec +1 -1
  3. data/CHANGELOG.md +7 -0
  4. data/Dockerfile +16 -0
  5. data/Gemfile +5 -3
  6. data/Gemfile.lock +26 -15
  7. data/Procfile +1 -1
  8. data/README.md +19 -10
  9. data/conf/yopass.yaml +1 -1
  10. data/config.ru +2 -0
  11. data/lib/yopass.rb +11 -13
  12. data/yopass.god +11 -0
  13. metadata +6 -5
  14. data/.buildpacks +0 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4e9a6c2a4561259f563d42908ea873ee9973d7f3
4
- data.tar.gz: b62837a06bf2d3d7ecbcccd9a19ba18375054754
3
+ metadata.gz: 6f8d26d2cb03549b70d5acdc9ce6acd7b6db3c9a
4
+ data.tar.gz: b095963eb8be973a7829a65838739b34e266c68b
5
5
  SHA512:
6
- metadata.gz: cb5c72008630dd778ff72c14bfcf12ca03b8669312f4558744f19f5e91e61a1088a693a6c7c80d22cee1334a0bd16df25b7b27bbd9806dff6f6ae0e40f121bcc
7
- data.tar.gz: 5184c9de38f5b2aabe94dcfb319cb2ba424fa55cd74b8e993d72c0148f3ce7c69390082c831bc57d945a456e3ab9200960aaf1389e8424967c739b361cd7b647
6
+ metadata.gz: 2b6f02e6ddf3fab9fd67d5cf39f784f7d59e735bbf2224832fc991f1cf0e9aa2eb769676d48ce6420b0da2c75c23ab5110d75eff4838077c8b20e4f20a47454e
7
+ data.tar.gz: b87e77bf5afe05a3a189f85a0d133298849086fb8a03f8e730a568fcfc41a572b52226293a32be61450d63d431c85e61bb99325f722fd8aefc128669c15afab7
data/.gemspec CHANGED
@@ -2,7 +2,7 @@
2
2
  Gem::Specification.new do |s|
3
3
  # Metadata
4
4
  s.name = 'yopass'
5
- s.version = '1.1.5'
5
+ s.version = '2.0.0'
6
6
  s.author = 'Johan Haals'
7
7
  s.email = ['jhaals@spotify.com']
8
8
  s.homepage = 'https://github.com/jhaals/yopass'
data/CHANGELOG.md CHANGED
@@ -1,5 +1,12 @@
1
1
  # Yopass changelog
2
2
 
3
+ ### 2.0.0
4
+
5
+ * Rename `http_base_url` to base_url
6
+ * Move configuration settings to environment variables
7
+ * Use thin as webserver
8
+ * Bump rspec version
9
+
3
10
  ### 1.1.5
4
11
  * Ability to configure secret_max_length in yopass.yaml
5
12
 
data/Dockerfile ADDED
@@ -0,0 +1,16 @@
1
+ FROM ubuntu
2
+ MAINTAINER Johan Haals <johan.haals@gmail.com>
3
+
4
+ RUN apt-get update
5
+ RUN apt-get install -y git libsasl2-dev build-essential ruby ruby-dev memcached
6
+
7
+ RUN gem install foreman --no-rdoc --no-ri
8
+ RUN gem install bundler --no-rdoc --no-ri
9
+ RUN gem install god --no-rdoc --no-ri
10
+
11
+ RUN git clone https://github.com/jhaals/yopass /yopass
12
+ RUN cd /yopass && bundle install
13
+
14
+ EXPOSE 4567
15
+ # Ensure that both yopass and memcached is up and running
16
+ CMD ["god", "-c", "/yopass/yopass.god", "-D"]
data/Gemfile CHANGED
@@ -1,8 +1,10 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- gem 'sinatra', '~> 1.4.4'
4
- gem 'encryptor', '~> 1.3.0'
5
- gem 'memcached', '~> 1.7.2'
3
+ gem 'sinatra'
4
+ gem 'encryptor'
5
+ gem 'memcached'
6
+ gem 'thin'
7
+
6
8
  gem 'yopass', :path => '.'
7
9
 
8
10
  group :dev do
data/Gemfile.lock CHANGED
@@ -10,25 +10,31 @@ GEM
10
10
  remote: https://rubygems.org/
11
11
  specs:
12
12
  backports (3.6.0)
13
+ daemons (1.1.9)
13
14
  diff-lcs (1.2.5)
14
15
  encryptor (1.3.0)
16
+ eventmachine (1.0.3)
15
17
  memcached (1.7.2)
16
- multi_json (1.9.2)
18
+ multi_json (1.10.1)
17
19
  rack (1.5.2)
18
- rack-protection (1.5.2)
20
+ rack-protection (1.5.3)
19
21
  rack
20
22
  rack-test (0.6.2)
21
23
  rack (>= 1.0)
22
- rake (10.2.2)
23
- rspec (2.14.1)
24
- rspec-core (~> 2.14.0)
25
- rspec-expectations (~> 2.14.0)
26
- rspec-mocks (~> 2.14.0)
27
- rspec-core (2.14.8)
28
- rspec-expectations (2.14.5)
29
- diff-lcs (>= 1.1.3, < 2.0)
30
- rspec-mocks (2.14.6)
31
- sinatra (1.4.4)
24
+ rake (10.3.2)
25
+ rspec (3.0.0)
26
+ rspec-core (~> 3.0.0)
27
+ rspec-expectations (~> 3.0.0)
28
+ rspec-mocks (~> 3.0.0)
29
+ rspec-core (3.0.3)
30
+ rspec-support (~> 3.0.0)
31
+ rspec-expectations (3.0.3)
32
+ diff-lcs (>= 1.2.0, < 2.0)
33
+ rspec-support (~> 3.0.0)
34
+ rspec-mocks (3.0.3)
35
+ rspec-support (~> 3.0.0)
36
+ rspec-support (3.0.3)
37
+ sinatra (1.4.5)
32
38
  rack (~> 1.4)
33
39
  rack-protection (~> 1.4)
34
40
  tilt (~> 1.3, >= 1.3.4)
@@ -39,16 +45,21 @@ GEM
39
45
  rack-test
40
46
  sinatra (~> 1.4.0)
41
47
  tilt (~> 1.3)
48
+ thin (1.6.2)
49
+ daemons (>= 1.0.9)
50
+ eventmachine (>= 1.0.0)
51
+ rack (>= 1.0.0)
42
52
  tilt (1.4.1)
43
53
 
44
54
  PLATFORMS
45
55
  ruby
46
56
 
47
57
  DEPENDENCIES
48
- encryptor (~> 1.3.0)
49
- memcached (~> 1.7.2)
58
+ encryptor
59
+ memcached
50
60
  rake
51
61
  rspec
52
- sinatra (~> 1.4.4)
62
+ sinatra
53
63
  sinatra-contrib
64
+ thin
54
65
  yopass!
data/Procfile CHANGED
@@ -1 +1 @@
1
- web: bundle exec ruby lib/yopass.rb -p $PORT
1
+ web: bundle exec rackup config.ru -p 4567 -s thin -o 0.0.0.0
data/README.md CHANGED
@@ -1,31 +1,40 @@
1
1
  # YoPass - Share Secrets Securely
2
2
  [![Build Status](https://travis-ci.org/JHaals/yopass.png?branch=master)](https://travis-ci.org/JHaals/yopass)
3
3
 
4
- YoPass is a website that store secrets encrypted(AES 256) in memory(memcached) for a fixed period of time.
5
- Secrets can then be shared more securely over channels such as IRC and Email. The decryption password for the secret can be sent over SMS to improve security.
4
+ YoPass is a website for sharing secrets in a quick and secure manner.
5
+ This project is created to minimize the amount of passwords floating around in ticket management systems, IRC logs and emails. YoPass generates a one-time URL with an expiration date so you don't have to worry about passwords being visible forever
6
6
 
7
7
  * AES-256 encryption
8
8
  * Secrets can only be viewed once
9
9
  * No secrets are written to disk
10
- * No accounts and user management required
10
+ * No account or user management required
11
11
  * Secrets self destruct after X hours
12
+ * Decryption key can be sent over SMS
12
13
 
13
14
  #### Workflow
14
- * Generate secret
15
+ * Generate secret/password
15
16
  * Paste into the yopass website
16
- * Receive URL with or without decryption key(can be sent over sms)
17
- * Share with the intended person.
18
- * Secret is automatically removed when it's viewed by your friend
19
- * feel safe
17
+ * Receive URL with or without the decryption key(can be transfered over other channel such as SMS)
18
+ * Share with the intended person
19
+ * Secret is automatically removed once viewed
20
+ * Feel safe
20
21
 
21
- ### Installation
22
+ ### Installation / Configuration
23
+ YoPass Docker container available [here](https://hub.docker.com/u/jhaals/yopass)
24
+
25
+ Otherwise:
22
26
 
23
27
  gem install yopass
24
28
 
25
29
  * install and start memcached
26
- * edit yopass.yaml and move it to /etc
30
+ * edit `conf/yopass.yaml` and move it to desired location (don't forge to specify that path in the YOPASS_CONFIG environment variable)
27
31
  * done!
28
32
 
33
+ Most settings can be configured with environment variables.
34
+
35
+ YOPASS_CONFIG='/path/to/yopass.yaml'
36
+ YOPASS_BASE_URL='https://yopass.mydomain.com'
37
+ YOPASS_MEMCACHED_URL='memcached_address'
29
38
 
30
39
  ### SMS providers
31
40
 
data/conf/yopass.yaml CHANGED
@@ -1,5 +1,5 @@
1
1
  memcached_url: 'localhost:11211'
2
- http_base_url: 'http://127.0.0.1:4567'
2
+ base_url: 'http://127.0.0.1:4567'
3
3
  secret_max_length: 100000
4
4
  send_sms: false
5
5
 
data/config.ru ADDED
@@ -0,0 +1,2 @@
1
+ require 'yopass'
2
+ run Yopass
data/lib/yopass.rb CHANGED
@@ -10,17 +10,15 @@ class Yopass < Sinatra::Base
10
10
  configure :development do
11
11
  require 'sinatra/reloader'
12
12
  register Sinatra::Reloader
13
- set :config, YAML.load_file('conf/yopass.yaml')
14
- end
15
- configure :test do
16
- set :config, YAML.load_file('conf/yopass.yaml')
17
- end
18
- configure :production do
19
- set :config, YAML.load_file('/etc/yopass.yaml')
20
13
  end
14
+
21
15
  configure do
16
+ config = ENV['YOPASS_CONFIG'] || 'conf/yopass.yaml'
17
+ cfg = YAML.load_file(config)
18
+ set :config, cfg
19
+ set :base_url, ENV['YOPASS_BASE_URL'] || cfg['base_url']
22
20
  set :public_folder, File.dirname(__FILE__) + '/static'
23
- set :cache, Memcached.new(settings.config['memcached_url'])
21
+ set :mc, Memcached.new(ENV['YOPASS_MEMCACHED_URL'] || cfg['memcached_url'])
24
22
  end
25
23
 
26
24
  get '/' do
@@ -56,7 +54,7 @@ class Yopass < Sinatra::Base
56
54
 
57
55
  # store secret in memcached
58
56
  begin
59
- settings.cache.set key, data, lifetime_options[lifetime]
57
+ settings.mc.set key, data, lifetime_options[lifetime]
60
58
  rescue Memcached::ServerIsMarkedDead
61
59
  return "Can't contact memcached"
62
60
  end
@@ -72,13 +70,13 @@ class Yopass < Sinatra::Base
72
70
  # TODO verification
73
71
  sms.send(mobile_number, password)
74
72
  return erb :secret_url, :locals => {
75
- :url => URI.join(settings.config['http_base_url'], "get?k=#{key}"),
73
+ :url => URI.join(settings.base_url, "get?k=#{key}"),
76
74
  :key_sent_to_mobile => true }
77
75
  end
78
76
  end
79
77
 
80
78
  erb :secret_url, :locals => {
81
- :url => URI.join(settings.config['http_base_url'],"get?k=#{key}&p=#{password}"),
79
+ :url => URI.join(settings.base_url,"get?k=#{key}&p=#{password}"),
82
80
  :key_sent_to_mobile => false }
83
81
  end
84
82
 
@@ -93,7 +91,7 @@ class Yopass < Sinatra::Base
93
91
  headers 'Expires' => '0'
94
92
 
95
93
  begin
96
- result = settings.cache.get params[:k]
94
+ result = settings.mc.get params[:k]
97
95
  rescue Memcached::NotFound
98
96
  return erb :'404'
99
97
  end
@@ -104,7 +102,7 @@ class Yopass < Sinatra::Base
104
102
  rescue OpenSSL::Cipher::CipherError
105
103
  return 'Invalid decryption key'
106
104
  end
107
- settings.cache.delete params[:k]
105
+ settings.mc.delete params[:k]
108
106
  result
109
107
  end
110
108
 
data/yopass.god ADDED
@@ -0,0 +1,11 @@
1
+ God.watch do |w|
2
+ w.name = "yopass"
3
+ w.start = "foreman start -d /yopass"
4
+ w.keepalive
5
+ end
6
+
7
+ God.watch do |w|
8
+ w.name = "memcached"
9
+ w.start = "memcached -u root"
10
+ w.keepalive
11
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yopass
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Haals
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-04-10 00:00:00.000000000 Z
11
+ date: 2014-07-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: encryptor
@@ -59,11 +59,11 @@ executables: []
59
59
  extensions: []
60
60
  extra_rdoc_files: []
61
61
  files:
62
- - .buildpacks
63
62
  - .gemspec
64
63
  - .gitignore
65
64
  - .travis.yml
66
65
  - CHANGELOG.md
66
+ - Dockerfile
67
67
  - Gemfile
68
68
  - Gemfile.lock
69
69
  - LICENSE
@@ -72,6 +72,7 @@ files:
72
72
  - Rakefile
73
73
  - conf/config.ru
74
74
  - conf/yopass.yaml
75
+ - config.ru
75
76
  - lib/static/js/jquery.address.js
76
77
  - lib/static/js/jquery.js
77
78
  - lib/static/packaged/css/font.css
@@ -117,6 +118,7 @@ files:
117
118
  - spec/sms_provder_spec.rb
118
119
  - spec/spec_helper.rb
119
120
  - spec/yopass_spec.rb
121
+ - yopass.god
120
122
  homepage: https://github.com/jhaals/yopass
121
123
  licenses:
122
124
  - Apache 2.0
@@ -138,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
138
140
  version: '0'
139
141
  requirements: []
140
142
  rubyforge_project:
141
- rubygems_version: 2.0.3
143
+ rubygems_version: 2.0.14
142
144
  signing_key:
143
145
  specification_version: 4
144
146
  summary: Secure sharing for secrets and passwords
@@ -146,4 +148,3 @@ test_files:
146
148
  - spec/bulksms_spec.rb
147
149
  - spec/sms_provder_spec.rb
148
150
  - spec/yopass_spec.rb
149
- has_rdoc:
data/.buildpacks DELETED
@@ -1,2 +0,0 @@
1
- https://github.com/bjacobel/heroku-buildpack-libsasl.git
2
- https://github.com/heroku/heroku-buildpack-ruby.git