Izumiko / hugo-encrypt

Port of hugo_encryptor in golang
MIT License
39 stars 11 forks source link
encryption-tool encryptor hugo

hugo-encrypt

hugo-encrypt is a golang port of Hugo Encryptor

hugo-encrypt is a tool that encrpyts content in your Hugo posts. It uses AES-256-GCM to encrypt the contents of your posts, and inserts the necessary javascript code into the encrypted posts that decrypts the content after the correct passphrase has been entered.

P.S. due to the usage of WebCrypto API, hugo-encrypt only support secure content (ie. HTTPS), so unsecure content cannot call crypto.subtle to decrypt post.

  1. Installation and Usage

  2. Configuration

  3. Using the {{% hugo-encrypt %}} tag in your blog posts

Installation and Usage

$ export HUGO_BLOG=/path/to/hugo/blog

Place shortcodes/hugo-encrypt.html in the shortcode directory of your blog:

$ mkdir -p $HUGO_BLOG/layouts/shortcodes
$ cp shortcodes/hugo-encrypt.html $HUGO_BLOG/layouts/shortcodes

Merge i18n translation files or add it to an existing language file. Remember to set language in your configuration.

$ cat i18n/en.toml >> $HUGO_BLOG/i18n/en-us.toml
$ cp -r i18n $HUGO_BLOG

Option A: Use prebuilt binary

Option B: Build it

Option C: Use docker

After generating the site with hugo and running hugo-encrypt all the private posts in your public directory are encrypted and the site can be published.

Configuration

Setting a global password

[params.HugoEncrypt]
    Password = "yourpassword"

Password storage

hugo-encrypt uses localStorage by default. This means the passphrase is permanently stored in the browser. By adding the hugoEncrypt.Storage param in your blog's config file you can set the storage method to sessionStorage.

[params.HugoEncrypt]
    Storage = "session" # or "local"

localStorage:

Once a visitor entered the correct passphrase the authorization status will not expire. The visitor can read the article until the passphrase has been changed or the browser cache is cleared.

sessionStorage:

Once a visitor entered the correct passphrase the authorization will expire after the browser is closed.

Using the {{% hugo-encrypt %}} tag in your blog posts

If no password is specified in the shortcode, the password set in your config file will be used. If no password is set at all, generation of html with hugo fails.

---
title: "This Is An Encrypted Post"
---

This content is visible to anyone.

{{% hugo-encrypt "postspecificpassword" %}}

This content will be encrypted!

{{% /hugo-encrypt %}}

Language

Use i18n to display content generated by hugo-Encrypt in the language of your choice by setting the following param in your config file. Make sure to set the Param DefaultContentLanguage and add the corresponding language file to the i18n folder.

[params]
    DefaultContentLanguage = "en-us"

Attention

#!/bin/bash

hugo --cleanDestinationDir
hugo-encrypt