paaster
- 0 ratings
Paaster is a secure by default end-to-end encrypted pastebin built with the objective of simplicity.
Deploy this app to Linode with a free $100 credit!
Paaster is a secure and user-friendly pastebin application that prioritizes privacy and simplicity. With end-to-end encryption and paste history, Paaster ensures that your pasted code remains confidential and accessible.
End-to-end encryption (E2EE) is a zero-trust encryption methodology. When you paste code into Paaster, it is encrypted locally in your browser using a secret that is never shared with the server. Only people you share the link with can view the paste.
No. Anyone could modify the functionality of paaster to expose your secret key to the server. We recommend using a instance you host or trust.
Client secrets are stored with IndexedDB when the paste is created, allowing for paste history. This method of storage makes Paaster vulnerable to malicious JavaScript, but it would require malicious code to be present when the Svelte application is built.
Paaster uses URI fragments to transport secrets, according to the Mozilla foundation URI fragments aren't meant to be sent to the server. Bitwarden also has a article covering this usage here.
Server secrets are stored with IndexedDB when the paste is created, allowing for modification or deletion of pastes later on. The server-sided secrets are generated using the Python secrets module and stored in the database using bcrypt hashing.
Paaster uses XChaCha20-Poly1305 encryption, which is implemented using the libsodium-wrappers library.
Ctrl+V - Paste code.Ctrl+S - Download code as file.Ctrl+A - Copy all code to clipboard.Ctrl+X - Copy URL to clipboard.paaster isn't a text editor, it's a pastebin.paaster isn't a text editor, when code is inputted it will always be automatically uploaded.paaster will never have opt-in / opt-out encryption, encryption will always be present.git clone https://github.com/WardPearce/paasterdocker-compose.yml (example here)paaster_proxy_urls.frontend should be the proxied address for "paaster_frontend". E.g. for paaster.io this is "https://paaster.io"VITE_API_URL should be the proxied address for "paaster_backend". E.g. for paaster.io this is "https://api.paaster.io"paaster_s3 should contain your S3 secrets.sudo docker compose build; sudo docker compose up -d.Paaster's frontend is also configured to work with Vercel, which offers enhanced security through server separation and improved performance.
Rclone is no longer supported for performance reasons & paaster is now only s3 compatible.
Luckily you can get cheap & easy to setup s3 compatible storage from idrive e2 or backblaze b2.
This setup is not recommended & requires more research / knowledge.
git clone https://github.com/WardPearce/paaster.cd frontend.envVITE_NAME - The name displayed on the website.VITE_API_URL - The URL of the API.npm installnpm run builddist with Nginx (or whatever reverse proxy you use.)cd backendcurl -sSL https://install.python-poetry.org | python3 -run.py following the guide for uvicorn.paaster_proxy_urls.paaster_s3.paaster_mongo.paaster_open_api.paaster_max_iv_size.paaster_max_paste_size.poetry run server, to start server.Please login to review this project.
No reviews for this project yet.
Long-term memory for coders. Share and store code snippets.
Simple and fast terminal based pastebin, with optional code…
A dead-simple application to securely communicate passwords…
Comments (0)
Please login to join the discussion on this project.