An application that facilitates sharing secrets.
Sharing of passwords, keys, and files can be difficult to perform securely. This application allows a secret to be shared and viewed via a unique url. After the secret is viewed once, it is deleted.
secretlink.org is available for anyone to use at https://secretlink.org/, it is a Ruby on Rails application created and built by reinteractive and hosted through reinteractive's OpsCare service. It has been made open source to ensure transparency on the service and to encourage contribution to improve the security of the application.
All pull requests welcome.
If you do not want to (or can not) use our hosted version, you are welcome to run your own version for your own company or organisation, we only stipulate that you may not run it as a service for third parties in competition to https://secretlink.org/
To setup the system locally, do the following:
.env.example
file in Rails root to .env
config/database.example.yml
file to config/database.yml
and edit
appropriately./bin/setup
foreman start -f Procfile.dev
Once done, specs should pass by running the rake
command and you should get
the secretlink.org app in your browser at http://localhost:3000/
As one of the main interfaces to this application is emails, it is a good idea to run MailCatcher:
# First install Mailcatcher
# (it is not in the Gemfile -- and not supposed to be per http://mailcatcher.me/)
gem install mailcatcher
# Launch the Mailcatcher server and browse to `http://127.0.0.1:1080` to
# see the emails sent by the system:
mailcatcher
Configuration options are stored in config/initializers/topsekrit.rb, and can be used to:
Once running, with mailcatcher on your local box, you should be able to send a secret to yourself.
Tests will run, once setup with rspec spec
or simply rake
. All tests in
master and develop should pass at all times.
The staging environment is hosted on Heroku.
Access it at staging.secretlink.org
To deploy to staging, push the master branch to heroku git repository:
First get invite to repo from Ops Staff
git remote add staging https://git.heroku.com/rei-secretlink-staging.git
git push staging develop:master
To test sending emails, you must validate any recepient emails first, using the sandbox domain in the mailgun control panel on the Heroku Dasboard.
The production environment is hosted on Heroku.
Access it at secretlink.org
To deploy to production, push the master branch to heroku git repository:
First get invite to repo from Ops Staff
git remote add production https://git.heroku.com/rei-secretlink-production.git
git push production master:master
These should automatic run, but if they didnt and are needed then:
heroku run rake assets:precompile -a rei-secretlink-production
heroku run rake db:migrate -a rei-secretlink-production
Some helpful commands:
heroku restart -a rei-secretlink-production
heroku logs --tail -a rei-secretlink-production