Implement wisp: async encrypted single-retrieval file drop
All checks were successful
Docker / build-and-push (push) Successful in 3m33s

Client-side libsodium encryption with the key in the URL fragment, an
Express/SQLite server holding ciphertext until a confirm-token round trip
proves successful decrypt (avoiding the delete-on-first-byte race), TTL
sweep for unclaimed drops, and a password-gated upload UI styled to match
flit. Dockerized to match the project family's conventions, with a named
volume so the DB/blobs survive redeploys, and a Gitea Actions workflow to
build and push the image.
This commit is contained in:
explewd
2026-07-09 19:14:54 +02:00
parent 8fd73155bd
commit 22619ebd11
30 changed files with 4412 additions and 0 deletions

10
.env.example Normal file
View File

@@ -0,0 +1,10 @@
# Image is built and pushed by .gitea/workflows/docker.yml
IMAGE=your-registry.example.com/your-org/wisp:latest
# Public URL is fronted by a reverse proxy — this container just needs to
# listen on HOST_PORT.
HOST_PORT=3040
TTL_SECONDS=259200
MAX_UPLOAD_BYTES=209715200
UPLOAD_PASSWORD=change-me