Skip to content

Commit

Permalink
feat: self-hosting (#29)
Browse files Browse the repository at this point in the history
* feat: self-hosting

* chore: update readme

* chore: update readme

* chore: clean deps

* chore: update readme

Co-authored-by: Slavo Vojacek <slavovojacek@192.168.1.122>
  • Loading branch information
slavovojacek and Slavo Vojacek authored Mar 14, 2022
1 parent a433954 commit b1ed418
Show file tree
Hide file tree
Showing 8 changed files with 126 additions and 188 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.16
go-version: 1.17
-
name: Download dependencies
run: go mod download
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.16
go-version: 1.17
-
name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
Expand Down
54 changes: 39 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<p align="center">
Please upgrade the CLI to <a href="https://github.com/sniptt-official/ots/releases/tag/v0.1.0">version 0.1.0</a>
<b>Looking to self-host? Use <a href="https://github.com/sniptt-official/ots-aws">the official CDK construct</a></b>
</p>

<p align="center">
Expand Down Expand Up @@ -34,51 +34,75 @@

The recommended way to install `ots` on macOS is via Homebrew.

```sh
```
brew install ots
```

### Go

```sh
```
go get -u github.com/sniptt-official/ots
```

### Manual

Please refer to the [manual install](./docs/manual-install.md) doc.

## Usage

![render1628628123170](https://user-images.githubusercontent.com/778109/128932301-190388b3-171c-4e41-be5c-88ecf315beda.gif)

### Prompt

```sh
$ ots new -x 2h
```
> ots new -x 2h
Enter your secret:
```

### Pipeline

You can also use pipes, for example

```sh
$ pbpaste | ots new
```
pbpaste | ots new
```

or

```sh
$ cat .env | ots new
```
cat .env | ots new
```

### Data residency

Use `--region` to choose where the secrets reside.

```sh
$ ots new -x 24h --region eu-central-1
```
ots new -x 24h --region eu-central-1
```

### Self-hosting

Please refer to [the official CDK construct](https://github.com/sniptt-official/ots-aws) for detailed instructions.

Grab your API Gateway URL, API key and configure `~/.ots.yaml` (or whatever you provide to `--config`):

```yaml
apiUrl: https://YOUR_API_ID.execute-api.YOUR_REGION.amazonaws.com/prod/secrets
apiKey: YOUR_API_KEY
```
Use `ots` as before:

```
> ots new -x 2h
Using config file: /Users/xxx/.ots.yaml
Enter your secret: ***
Your secret is now available on the below URL.

https://my-ots-web-view.com/burn-secret?id=xxx&ref=ots-cli&region=us-east-1&v=debug#xxx

You should only share this URL with the intended recipient.

Please note that once retrieved, the secret will no longer
be available for viewing. If not viewed, the secret will
automatically expire at approximately xx xxx xxxx xx:xx:xx.
```
## FAQs
Expand Down
28 changes: 20 additions & 8 deletions api/client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,23 +42,26 @@ type CreateOtsRes struct {
}

func CreateOts(encryptedBytes []byte, expiresIn time.Duration, region string) (*CreateOtsRes, error) {
baseUrl := viper.GetString("base_url")
defaultApiUrl := fmt.Sprintf("https://ots.%s.api.sniptt.com/secrets", region)

reqUrl := url.URL{
Scheme: "https",
Host: fmt.Sprintf("ots.%s.%s", region, baseUrl),
Path: "secrets",
// Fetch user configuration (for self-hosted)
viper.SetDefault("apiUrl", defaultApiUrl)
apiUrl := viper.GetString("apiUrl")
apiKey := viper.GetString("apiKey")

// Build the request
reqUrl, err := url.Parse(apiUrl)
if err != nil {
return nil, err
}

reqBody := &CreateOtsReq{
EncryptedBytes: base64.StdEncoding.EncodeToString(encryptedBytes),
ExpiresIn: uint32(expiresIn.Seconds()),
}

resBody := &CreateOtsRes{}

payloadBuf := new(bytes.Buffer)
err := json.NewEncoder(payloadBuf).Encode(reqBody)
err = json.NewEncoder(payloadBuf).Encode(reqBody)
if err != nil {
return nil, err
}
Expand All @@ -74,12 +77,21 @@ func CreateOts(encryptedBytes []byte, expiresIn time.Duration, region string) (*
req.Header.Add("X-Client-Name", "ots-cli")
req.Header.Add("X-Client-Version", build.Version)

// Add optional authentication (for self-hosted)
if apiKey != "" {
req.Header.Add("X-Api-Key", apiKey)
}

res, err := client.Do(req)
if err != nil {
return nil, err
}

defer res.Body.Close()

// Build the response
resBody := &CreateOtsRes{}

err = decodeJSON(res, resBody)
if err != nil {
return nil, err
Expand Down
1 change: 0 additions & 1 deletion build/build.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,3 @@ package build

// Will be changed at build time via -ldflags
var Version = "debug"
var BaseUrl = "api.sniptt.com"
1 change: 0 additions & 1 deletion cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ func initConfig() {
viper.AddConfigPath(home)
viper.SetConfigType("yaml")
viper.SetConfigName(".ots")
viper.SetDefault("base_url", build.BaseUrl)
}

// Read in environment variables that match.
Expand Down
26 changes: 22 additions & 4 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,9 +1,27 @@
module github.com/sniptt-official/ots

go 1.16
go 1.17

require (
github.com/spf13/cobra v1.2.1
github.com/spf13/viper v1.8.1
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1
github.com/spf13/cobra v1.4.0
github.com/spf13/viper v1.10.1
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
)

require (
github.com/fsnotify/fsnotify v1.5.1 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/magiconair/properties v1.8.6 // indirect
github.com/mitchellh/mapstructure v1.4.3 // indirect
github.com/pelletier/go-toml v1.9.4 // indirect
github.com/spf13/afero v1.8.2 // indirect
github.com/spf13/cast v1.4.1 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.2.0 // indirect
golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5 // indirect
golang.org/x/text v0.3.7 // indirect
gopkg.in/ini.v1 v1.66.4 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
)
Loading

0 comments on commit b1ed418

Please sign in to comment.