From 420155e750c4b95dd4327d7adb4310a64eafb364 Mon Sep 17 00:00:00 2001 From: Miquel Lionel Date: Fri, 18 Jun 2021 22:13:54 +0100 Subject: add some update from the master. - Added the README.md form master branch. - Added new script gpigeonctl: will allow to initialize the database and manage it (add or delete and user, purge cookies). - Added the Makefile and the config.dek.mk from master branch with some changes - Added nginx config from master branch - Rename gpigeon.css -> styles.css - gpigeon-template.cgi: the -w flag on the shebang is useless because we already have "use warnings". Also, the man page discourage its use. - Fixed link-tmpl-template.cgi: the self-deletion now occurs as intended, and not only when in HAS_MAILSERVER=0 mode. also fixed the indenting around these parts because it was a clusterfuck --- README.md | 98 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 98 insertions(+) create mode 100644 README.md (limited to 'README.md') diff --git a/README.md b/README.md new file mode 100644 index 0000000..70da491 --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +GPIGEON +======== + +Gpigeon generate links for a GPG user to be sent to a non technical person (or +not a GPG user) so they can send you encrypted mail messages via a one-time +web link. +Feels of déjàvu ? I was inspired by [https://hawkpost.co](https://hawkpost.co) but wasn't really +interested in the multi-user perspective and managing a database. + +Features +======== + +- Single user: no database required. +- One-time GPG form: after sending the encrypted message, the generated form + self-destructs. +- Cookie based login. If you block cookies, it will switch back to + hidden fields so you can still login. +- A table of the links generated is visible when you connect so you can + keep track of what has been created. You can also delete link + individually, or all at once. +- No javascript used for the moment. + +Dependencies +============ + +You will need perl and the following modules and my perl version is **v5.34.0**, YMMV: + +- HTML::Entities +- CGI +- CGI::Carp +- CGI::Cookies +- Crypt::Argon2 +- GPG +- Net:SSLeay +- Net::SMTP +- Net::SMTPS +- Email::Valid +- String::Random + +Having a webserver with CGI support or a separate CGI engine is needed. I'm using +nginx and fcgiwrap. +A note on **Net::SMTP** and **Net:SMTPS** dependencies: if you have a well +configured mailserver on the same server you plan to install gpigeon on, you should set the `HAS_MAILSERVER` +variable in `config.mk` to 1. + + +Installation +============ + +Don't forget to copy `config.def.mk` into `config.mk` and tune +the variable to your liking. Then, you can run the good old: +``` +make +make install #you'll maybe need sudo though +``` + +You should also look in the +[gpigeon-template.cgi](https://git.les-miquelots.net/gpigeon/plain/gpigeon-template.cgi) +and [link-tmpl-template.cgi](https://git.les-miquelots.net/gpigeon/plain/link-tmpl-template.cgi) source code, you should figure things out quickly. +**Hint**: look for variables values ending in _goes_here_. + +Your nginx configuration should look like this: +```nginx +server { + listen 80; + server_name ggon.example.com; + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl http2; + + root /var/www/gpigeon; + server_name ggon.example.com; + ssl_certificate /etc/letsencrypt/live/ggon.example.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/ggon.example.com/privkey.pem; + error_log /var/log/gpigeon.log; + index index.html index.htm; + + location = /cgi-bin/gpigeon.cgi { + ssi off; + gzip off; + fastcgi_pass unix:/run/fcgiwrap.sock; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/cgi-bin/l/(.*).cgi$ { + ssi off; + gzip off; + fastcgi_pass unix:/run/fcgiwrap.sock; + include /etc/nginx/fastcgi_params; + } +} +``` +You can also tune the `WWWDOMAIN` and `NGINXCONFDIR` variable in your `config.mk` to have it generated for you when running `make`. -- cgit v1.2.3-70-g09d2