Implement wisp: async encrypted single-retrieval file drop
All checks were successful
Docker / build-and-push (push) Successful in 3m33s
All checks were successful
Docker / build-and-push (push) Successful in 3m33s
Client-side libsodium encryption with the key in the URL fragment, an Express/SQLite server holding ciphertext until a confirm-token round trip proves successful decrypt (avoiding the delete-on-first-byte race), TTL sweep for unclaimed drops, and a password-gated upload UI styled to match flit. Dockerized to match the project family's conventions, with a named volume so the DB/blobs survive redeploys, and a Gitea Actions workflow to build and push the image.
This commit is contained in:
19
docker-compose.yml
Normal file
19
docker-compose.yml
Normal file
@@ -0,0 +1,19 @@
|
||||
services:
|
||||
app:
|
||||
image: ${IMAGE}
|
||||
container_name: wisp
|
||||
restart: unless-stopped
|
||||
pull_policy: always
|
||||
ports:
|
||||
- "${HOST_PORT:-3040}:3000"
|
||||
environment:
|
||||
- TTL_SECONDS=${TTL_SECONDS:-259200}
|
||||
- MAX_UPLOAD_BYTES=${MAX_UPLOAD_BYTES:-209715200}
|
||||
- UPLOAD_PASSWORD=${UPLOAD_PASSWORD}
|
||||
volumes:
|
||||
# Named volume, not a bind mount into the build context — the SQLite
|
||||
# DB and ciphertext blobs live here and must survive image redeploys.
|
||||
- wisp-data:/app/data
|
||||
|
||||
volumes:
|
||||
wisp-data:
|
||||
Reference in New Issue
Block a user