Choose and upload almost any content you like, it will be automatically encrypted using the Fernet algorithm. Given that the encryption is server-side, the main usecase of blobvault
is hosting it yourself in a trusted environment.
The file will be stored on disk and the corresponding download URL will be shared via the provided email address, using the SendGrid service. Inform the person you're sharing the file with, otherwise they might get confused about the onsolicited email.
Make sure to copy the decryption key. It won't be stored on the servers. Once it's gone, it's gone.
One last thing: Each blob can be downloaded once and only once. After the content is decrypted, it will be purged from the database.
The project is based on Python and Django.
The following packages are used on top:
- cryptography for file encryption.
- django-crispy-forms for prettier forms.
- django-extension for a better debugging experience.
- django-sendgrid for SendGrid API integration.
- waitress as WSGI server.
- whitenoise for static file serving.
Because the app relies on SendGrid, you have to get an account. You have to set up an email address for SendGrid and request an API token.
The project has a docker-compose
friendly setup. Install the Docker desktop app, which includes the binaries for docker-compose
. Adjust the sample.env
and rename it to .env
, then all you have to do is
docker-compose build
docker-compose up
If you want to, you can run the application the old-fashioned way, using the requirements.txt
file:
python3 -m venv venv --prompt blobvault
source venv/bin/activate
python -m pip install --upgrade pip
python -m pip install -r requirements.txt
In addition, you have to export the following environment variables:
EMAIL_SENDER
(your SendGrid sender email address)SECRET_KEY
(your Django application secret key, just generate one that's sufficiently secret)SENDGRID_API_KEY
If you have set up everything properly, run the app via
python manage.py makemigrations
python manage.py migrate
python manage.py runserver
using Django's built-in development server. Don't use it in production though, use gunicorn or waitress instead.
The test suite is still quite patchy, but it uses hypothesis for property based testing and model-bakery for test fixtures.
You can run the test suite via
source venv/bin/activate
python -m pip install -r dev_requirements.txt
python manage.py test
I try to stick to black, Django check, flake8, and mypy where possible, with minimal configuration.
Code compliance is checked using GitHub Actions.
Copyright 2020 Nils Müller [email protected]
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.