diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 39 |
1 files changed, 33 insertions, 6 deletions
@@ -6,11 +6,15 @@ not a GPG user) so they can send you encrypted mail messages via a one-time web link. Feels of déjàvu ? I was inspired by [https://hawkpost.co](https://hawkpost.co) but wasn't really interested in the multi-user perspective and managing a database. +I've recently added minimal support for multiple users, but adding them +is done via the command line, and you'll have to import public +GPG keys into your keyring first. +I plan on adding invites in the future, generated by command line +then directly from web interface. Features ======== -- Single user: no database required. - One-time GPG form: after sending the encrypted message, the generated form self-destructs. - Cookie based login. If you block cookies, it will switch back to @@ -25,17 +29,21 @@ Dependencies You will need perl and the following modules and my perl version is **v5.34.0**, YMMV: -- HTML::Entities - CGI - CGI::Carp - CGI::Cookies - Crypt::Argon2 +- DBI +- DBD::SQLite +- Email::Valid +- File::Path (should be already here by default in recent perl installs) - GPG +- HTML::Entities - Net:SSLeay - Net::SMTP - Net::SMTPS -- Email::Valid - String::Random +- Term::ReadKey Having a webserver with CGI support or a separate CGI engine is needed. I'm using nginx and fcgiwrap. @@ -48,10 +56,9 @@ Installation ============ Don't forget to copy `config.def.mk` into `config.mk` and tune -the variable to your liking. Then, you can run the good old: +the variables to your liking. Then, you can run the good old: ``` -make -make install #you'll maybe need sudo though +make install ``` You should also look in the @@ -93,6 +100,26 @@ server { fastcgi_pass unix:/run/fcgiwrap.sock; include /etc/nginx/fastcgi_params; } + + add_header Strict-Transport-Security "max-age=63072000; preload"; + add_header Content-Security-Policy "default-src 'self'"; + add_header X-Frame-Options DENY; + add_header Access-Control-Allow-Origin https://$server_name; + add_header Vary Origin; # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin#cors_and_caching } ``` You can also tune the `WWWDOMAIN` and `NGINXCONFDIR` variable in your `config.mk` to have it generated for you when running `make`. + + +Managing the service +==================== + +Thanks to the `gpigeonctl` script, you can : +- Initialize the database with (`init`) +- Add an user (`adduser`) +- Delete an user (`deluser`) +- Clean cookies (`cleancookies`) +- Clean generated links (`cleanlinks`) + +The script is mostly interactive, so no automatic adding of user +at the moment. |