yopass 1.1.5 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.gemspec +1 -1
  3. data/CHANGELOG.md +7 -0
  4. data/Dockerfile +16 -0
  5. data/Gemfile +5 -3
  6. data/Gemfile.lock +26 -15
  7. data/Procfile +1 -1
  8. data/README.md +19 -10
  9. data/conf/yopass.yaml +1 -1
  10. data/config.ru +2 -0
  11. data/lib/yopass.rb +11 -13
  12. data/yopass.god +11 -0
  13. metadata +6 -5
  14. data/.buildpacks +0 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4e9a6c2a4561259f563d42908ea873ee9973d7f3
4
- data.tar.gz: b62837a06bf2d3d7ecbcccd9a19ba18375054754
3
+ metadata.gz: 6f8d26d2cb03549b70d5acdc9ce6acd7b6db3c9a
4
+ data.tar.gz: b095963eb8be973a7829a65838739b34e266c68b
5
5
  SHA512:
6
- metadata.gz: cb5c72008630dd778ff72c14bfcf12ca03b8669312f4558744f19f5e91e61a1088a693a6c7c80d22cee1334a0bd16df25b7b27bbd9806dff6f6ae0e40f121bcc
7
- data.tar.gz: 5184c9de38f5b2aabe94dcfb319cb2ba424fa55cd74b8e993d72c0148f3ce7c69390082c831bc57d945a456e3ab9200960aaf1389e8424967c739b361cd7b647
6
+ metadata.gz: 2b6f02e6ddf3fab9fd67d5cf39f784f7d59e735bbf2224832fc991f1cf0e9aa2eb769676d48ce6420b0da2c75c23ab5110d75eff4838077c8b20e4f20a47454e
7
+ data.tar.gz: b87e77bf5afe05a3a189f85a0d133298849086fb8a03f8e730a568fcfc41a572b52226293a32be61450d63d431c85e61bb99325f722fd8aefc128669c15afab7
data/.gemspec CHANGED
@@ -2,7 +2,7 @@
2
2
  Gem::Specification.new do |s|
3
3
  # Metadata
4
4
  s.name = 'yopass'
5
- s.version = '1.1.5'
5
+ s.version = '2.0.0'
6
6
  s.author = 'Johan Haals'
7
7
  s.email = ['jhaals@spotify.com']
8
8
  s.homepage = 'https://github.com/jhaals/yopass'
data/CHANGELOG.md CHANGED
@@ -1,5 +1,12 @@
1
1
  # Yopass changelog
2
2
 
3
+ ### 2.0.0
4
+
5
+ * Rename `http_base_url` to base_url
6
+ * Move configuration settings to environment variables
7
+ * Use thin as webserver
8
+ * Bump rspec version
9
+
3
10
  ### 1.1.5
4
11
  * Ability to configure secret_max_length in yopass.yaml
5
12
 
data/Dockerfile ADDED
@@ -0,0 +1,16 @@
1
+ FROM ubuntu
2
+ MAINTAINER Johan Haals <johan.haals@gmail.com>
3
+
4
+ RUN apt-get update
5
+ RUN apt-get install -y git libsasl2-dev build-essential ruby ruby-dev memcached
6
+
7
+ RUN gem install foreman --no-rdoc --no-ri
8
+ RUN gem install bundler --no-rdoc --no-ri
9
+ RUN gem install god --no-rdoc --no-ri
10
+
11
+ RUN git clone https://github.com/jhaals/yopass /yopass
12
+ RUN cd /yopass && bundle install
13
+
14
+ EXPOSE 4567
15
+ # Ensure that both yopass and memcached is up and running
16
+ CMD ["god", "-c", "/yopass/yopass.god", "-D"]
data/Gemfile CHANGED
@@ -1,8 +1,10 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- gem 'sinatra', '~> 1.4.4'
4
- gem 'encryptor', '~> 1.3.0'
5
- gem 'memcached', '~> 1.7.2'
3
+ gem 'sinatra'
4
+ gem 'encryptor'
5
+ gem 'memcached'
6
+ gem 'thin'
7
+
6
8
  gem 'yopass', :path => '.'
7
9
 
8
10
  group :dev do
data/Gemfile.lock CHANGED
@@ -10,25 +10,31 @@ GEM
10
10
  remote: https://rubygems.org/
11
11
  specs:
12
12
  backports (3.6.0)
13
+ daemons (1.1.9)
13
14
  diff-lcs (1.2.5)
14
15
  encryptor (1.3.0)
16
+ eventmachine (1.0.3)
15
17
  memcached (1.7.2)
16
- multi_json (1.9.2)
18
+ multi_json (1.10.1)
17
19
  rack (1.5.2)
18
- rack-protection (1.5.2)
20
+ rack-protection (1.5.3)
19
21
  rack
20
22
  rack-test (0.6.2)
21
23
  rack (>= 1.0)
22
- rake (10.2.2)
23
- rspec (2.14.1)
24
- rspec-core (~> 2.14.0)
25
- rspec-expectations (~> 2.14.0)
26
- rspec-mocks (~> 2.14.0)
27
- rspec-core (2.14.8)
28
- rspec-expectations (2.14.5)
29
- diff-lcs (>= 1.1.3, < 2.0)
30
- rspec-mocks (2.14.6)
31
- sinatra (1.4.4)
24
+ rake (10.3.2)
25
+ rspec (3.0.0)
26
+ rspec-core (~> 3.0.0)
27
+ rspec-expectations (~> 3.0.0)
28
+ rspec-mocks (~> 3.0.0)
29
+ rspec-core (3.0.3)
30
+ rspec-support (~> 3.0.0)
31
+ rspec-expectations (3.0.3)
32
+ diff-lcs (>= 1.2.0, < 2.0)
33
+ rspec-support (~> 3.0.0)
34
+ rspec-mocks (3.0.3)
35
+ rspec-support (~> 3.0.0)
36
+ rspec-support (3.0.3)
37
+ sinatra (1.4.5)
32
38
  rack (~> 1.4)
33
39
  rack-protection (~> 1.4)
34
40
  tilt (~> 1.3, >= 1.3.4)
@@ -39,16 +45,21 @@ GEM
39
45
  rack-test
40
46
  sinatra (~> 1.4.0)
41
47
  tilt (~> 1.3)
48
+ thin (1.6.2)
49
+ daemons (>= 1.0.9)
50
+ eventmachine (>= 1.0.0)
51
+ rack (>= 1.0.0)
42
52
  tilt (1.4.1)
43
53
 
44
54
  PLATFORMS
45
55
  ruby
46
56
 
47
57
  DEPENDENCIES
48
- encryptor (~> 1.3.0)
49
- memcached (~> 1.7.2)
58
+ encryptor
59
+ memcached
50
60
  rake
51
61
  rspec
52
- sinatra (~> 1.4.4)
62
+ sinatra
53
63
  sinatra-contrib
64
+ thin
54
65
  yopass!
data/Procfile CHANGED
@@ -1 +1 @@
1
- web: bundle exec ruby lib/yopass.rb -p $PORT
1
+ web: bundle exec rackup config.ru -p 4567 -s thin -o 0.0.0.0
data/README.md CHANGED
@@ -1,31 +1,40 @@
1
1
  # YoPass - Share Secrets Securely
2
2
  [![Build Status](https://travis-ci.org/JHaals/yopass.png?branch=master)](https://travis-ci.org/JHaals/yopass)
3
3
 
4
- YoPass is a website that store secrets encrypted(AES 256) in memory(memcached) for a fixed period of time.
5
- Secrets can then be shared more securely over channels such as IRC and Email. The decryption password for the secret can be sent over SMS to improve security.
4
+ YoPass is a website for sharing secrets in a quick and secure manner.
5
+ This project is created to minimize the amount of passwords floating around in ticket management systems, IRC logs and emails. YoPass generates a one-time URL with an expiration date so you don't have to worry about passwords being visible forever
6
6
 
7
7
  * AES-256 encryption
8
8
  * Secrets can only be viewed once
9
9
  * No secrets are written to disk
10
- * No accounts and user management required
10
+ * No account or user management required
11
11
  * Secrets self destruct after X hours
12
+ * Decryption key can be sent over SMS
12
13
 
13
14
  #### Workflow
14
- * Generate secret
15
+ * Generate secret/password
15
16
  * Paste into the yopass website
16
- * Receive URL with or without decryption key(can be sent over sms)
17
- * Share with the intended person.
18
- * Secret is automatically removed when it's viewed by your friend
19
- * feel safe
17
+ * Receive URL with or without the decryption key(can be transfered over other channel such as SMS)
18
+ * Share with the intended person
19
+ * Secret is automatically removed once viewed
20
+ * Feel safe
20
21
 
21
- ### Installation
22
+ ### Installation / Configuration
23
+ YoPass Docker container available [here](https://hub.docker.com/u/jhaals/yopass)
24
+
25
+ Otherwise:
22
26
 
23
27
  gem install yopass
24
28
 
25
29
  * install and start memcached
26
- * edit yopass.yaml and move it to /etc
30
+ * edit `conf/yopass.yaml` and move it to desired location (don't forge to specify that path in the YOPASS_CONFIG environment variable)
27
31
  * done!
28
32
 
33
+ Most settings can be configured with environment variables.
34
+
35
+ YOPASS_CONFIG='/path/to/yopass.yaml'
36
+ YOPASS_BASE_URL='https://yopass.mydomain.com'
37
+ YOPASS_MEMCACHED_URL='memcached_address'
29
38
 
30
39
  ### SMS providers
31
40
 
data/conf/yopass.yaml CHANGED
@@ -1,5 +1,5 @@
1
1
  memcached_url: 'localhost:11211'
2
- http_base_url: 'http://127.0.0.1:4567'
2
+ base_url: 'http://127.0.0.1:4567'
3
3
  secret_max_length: 100000
4
4
  send_sms: false
5
5
 
data/config.ru ADDED
@@ -0,0 +1,2 @@
1
+ require 'yopass'
2
+ run Yopass
data/lib/yopass.rb CHANGED
@@ -10,17 +10,15 @@ class Yopass < Sinatra::Base
10
10
  configure :development do
11
11
  require 'sinatra/reloader'
12
12
  register Sinatra::Reloader
13
- set :config, YAML.load_file('conf/yopass.yaml')
14
- end
15
- configure :test do
16
- set :config, YAML.load_file('conf/yopass.yaml')
17
- end
18
- configure :production do
19
- set :config, YAML.load_file('/etc/yopass.yaml')
20
13
  end
14
+
21
15
  configure do
16
+ config = ENV['YOPASS_CONFIG'] || 'conf/yopass.yaml'
17
+ cfg = YAML.load_file(config)
18
+ set :config, cfg
19
+ set :base_url, ENV['YOPASS_BASE_URL'] || cfg['base_url']
22
20
  set :public_folder, File.dirname(__FILE__) + '/static'
23
- set :cache, Memcached.new(settings.config['memcached_url'])
21
+ set :mc, Memcached.new(ENV['YOPASS_MEMCACHED_URL'] || cfg['memcached_url'])
24
22
  end
25
23
 
26
24
  get '/' do
@@ -56,7 +54,7 @@ class Yopass < Sinatra::Base
56
54
 
57
55
  # store secret in memcached
58
56
  begin
59
- settings.cache.set key, data, lifetime_options[lifetime]
57
+ settings.mc.set key, data, lifetime_options[lifetime]
60
58
  rescue Memcached::ServerIsMarkedDead
61
59
  return "Can't contact memcached"
62
60
  end
@@ -72,13 +70,13 @@ class Yopass < Sinatra::Base
72
70
  # TODO verification
73
71
  sms.send(mobile_number, password)
74
72
  return erb :secret_url, :locals => {
75
- :url => URI.join(settings.config['http_base_url'], "get?k=#{key}"),
73
+ :url => URI.join(settings.base_url, "get?k=#{key}"),
76
74
  :key_sent_to_mobile => true }
77
75
  end
78
76
  end
79
77
 
80
78
  erb :secret_url, :locals => {
81
- :url => URI.join(settings.config['http_base_url'],"get?k=#{key}&p=#{password}"),
79
+ :url => URI.join(settings.base_url,"get?k=#{key}&p=#{password}"),
82
80
  :key_sent_to_mobile => false }
83
81
  end
84
82
 
@@ -93,7 +91,7 @@ class Yopass < Sinatra::Base
93
91
  headers 'Expires' => '0'
94
92
 
95
93
  begin
96
- result = settings.cache.get params[:k]
94
+ result = settings.mc.get params[:k]
97
95
  rescue Memcached::NotFound
98
96
  return erb :'404'
99
97
  end
@@ -104,7 +102,7 @@ class Yopass < Sinatra::Base
104
102
  rescue OpenSSL::Cipher::CipherError
105
103
  return 'Invalid decryption key'
106
104
  end
107
- settings.cache.delete params[:k]
105
+ settings.mc.delete params[:k]
108
106
  result
109
107
  end
110
108
 
data/yopass.god ADDED
@@ -0,0 +1,11 @@
1
+ God.watch do |w|
2
+ w.name = "yopass"
3
+ w.start = "foreman start -d /yopass"
4
+ w.keepalive
5
+ end
6
+
7
+ God.watch do |w|
8
+ w.name = "memcached"
9
+ w.start = "memcached -u root"
10
+ w.keepalive
11
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yopass
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.5
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan Haals
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-04-10 00:00:00.000000000 Z
11
+ date: 2014-07-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: encryptor
@@ -59,11 +59,11 @@ executables: []
59
59
  extensions: []
60
60
  extra_rdoc_files: []
61
61
  files:
62
- - .buildpacks
63
62
  - .gemspec
64
63
  - .gitignore
65
64
  - .travis.yml
66
65
  - CHANGELOG.md
66
+ - Dockerfile
67
67
  - Gemfile
68
68
  - Gemfile.lock
69
69
  - LICENSE
@@ -72,6 +72,7 @@ files:
72
72
  - Rakefile
73
73
  - conf/config.ru
74
74
  - conf/yopass.yaml
75
+ - config.ru
75
76
  - lib/static/js/jquery.address.js
76
77
  - lib/static/js/jquery.js
77
78
  - lib/static/packaged/css/font.css
@@ -117,6 +118,7 @@ files:
117
118
  - spec/sms_provder_spec.rb
118
119
  - spec/spec_helper.rb
119
120
  - spec/yopass_spec.rb
121
+ - yopass.god
120
122
  homepage: https://github.com/jhaals/yopass
121
123
  licenses:
122
124
  - Apache 2.0
@@ -138,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
138
140
  version: '0'
139
141
  requirements: []
140
142
  rubyforge_project:
141
- rubygems_version: 2.0.3
143
+ rubygems_version: 2.0.14
142
144
  signing_key:
143
145
  specification_version: 4
144
146
  summary: Secure sharing for secrets and passwords
@@ -146,4 +148,3 @@ test_files:
146
148
  - spec/bulksms_spec.rb
147
149
  - spec/sms_provder_spec.rb
148
150
  - spec/yopass_spec.rb
149
- has_rdoc:
data/.buildpacks DELETED
@@ -1,2 +0,0 @@
1
- https://github.com/bjacobel/heroku-buildpack-libsasl.git
2
- https://github.com/heroku/heroku-buildpack-ruby.git