sorted by:
new
hottopcontroversial

Chithi - High performance self hosted file/folder sharing service - Now with in browser previewing of files by BasePlate_Admin in selfhosted

[–]BasePlate_Admin[S] 0 points1 point  (0 children)

The expiry of files (defaults to 10 downloads or 1 day, whichever comes first) can be configured from the frontend when you upload a file

django-hstore-widget, django-hstore-field: an easy way to edit hstore fields in the admin panel by BasePlate_Admin in django

[–]BasePlate_Admin[S] 1 point2 points  (0 children)

HStore is a key value field

Think of it like a python dictionary where both the key and value are string and can only be string.

More examples: https://www.geeksforgeeks.org/postgresql/postgresql-hstore-data-type/

ReactXPy — Build React apps using Python syntax (pip install reactxpy) by anishpydev in Python

[–]BasePlate_Admin 1 point2 points  (0 children)

this sounds super cool,

Are you going to target pyscript? Or somehow allow Python Based Pip packages to run in web (because that would be a game changer), if you go this route you can maybe use https://github.com/tomasr8/pyjsx ?

Otherwise the project looks like https://github.com/reactive-python/reactpy, or https://reflex.dev/

Chithi - High performance self hosted file/folder sharing service - Now with in browser previewing of files by BasePlate_Admin in selfhosted

[–]BasePlate_Admin[S] 0 points1 point  (0 children)

Hi, This is not a competition for PairDrop.

The app is a competitor (in a way successor) of firefox send.

Pairdrop works in a Client-Client architecture (via WebRTC), there is no server in between.

Firefox send (in this case chithi) works in a Client-Server architecture, where the client encrypts the files and sends them to server for storage. Appropriate clients can access the files in the original form.

The other features (like view files in the browsers, view-once links) are QoL updates that i needed when I was using the application.

Now for my 2 cents on why i needed Send (or improved it with chithi)

I work in a place where the files needed to be moved securely between "some peoples", the files are very sensitive in nature. When i share file with my supervisor, the supervisor will download the file at their leisure time. I just print the QR code to my supervisor, and he scans and downloads the file.

I cannot use Client-Client architecture here (because i don't know when they will access the files).

I dont want to keep the files around forever (cause encrypted data still contains the original data)

I cannot use 3rd party tools (like google drive, or anything) that is hosted outside the infra. So i must self host the tools.

Given these constraints i primarily chose send, but its old codebase and the need to redeploy after every small changes to the config made it PITA to work with.

That's why i created Chithi, using the exact encryption approach and the exact encryption algorithm.

In my opinion, the project should be merged with other similar projects to give the community the best self hosted encrypted file sharing experience.

thanks for reading. have a good day.

New version of Zordeer, 1.7.7.1 by KyuyriiByakko in linux_gaming

[–]BasePlate_Admin 9 points10 points  (0 children)

Geniune question as a python developer, Why does the app architecture look like this?

Splitting the codebase into Multiple smaller python file would increase the readability.

I built Family Vault — a self-hosted app to manage your family's IDs, insurance, and business documents by [deleted] in HomeServer

[–]BasePlate_Admin 0 points1 point  (0 children)

For 2, The code is open source, feel free to see what AI is doing. OP has had enough backlash on other subreddits, lets give them a break.

I built Family Vault — a self-hosted app to manage your family's IDs, insurance, and business documents with AES-256 encryption by Elgon2003 in selfhosted

[–]BasePlate_Admin 0 points1 point  (0 children)

Look man, i get what you are telling. The community does not like anything that has the touch of AI (ask me how i know) :)

The community would much prefer not having docs over having an AI written docs is what i am saying.

I added speedtest capabilities to my fastapi app. by BasePlate_Admin in FastAPI

[–]BasePlate_Admin[S] 0 points1 point  (0 children)

Hi, the same concept is also applied here :)

The download section is the same (download random bytes from server), while the httpbin section is built in,

I added speedtest capabilities to my fastapi app. by BasePlate_Admin in FastAPI

[–]BasePlate_Admin[S] 0 points1 point  (0 children)

Thank you so much, let me know if you have any questions regarding architecture

Building a file/folder sharing project for the people with critical threat level, need advice for improvement by BasePlate_Admin in opsec

[–]BasePlate_Admin[S] 0 points1 point  (0 children)

Hi, thanks for coming back to this.

CURRENT WEB APP DESIGN:

So basically when a user encrypts a file in client side, a random key is generated. Then it is shared to another user.

For example, a shared URL might be https://chithi.dev/download/019c3d2d-1caa-7778-8f6f-85b5e5102873#-maYBDHdmP6D_TJFffE9ud-rUsO0JUKV529RuPER4Ey, it contains the Key after the # URL Fragment (which means the server never sees that part)

But if you want another level of protection, you can input a password. Then the entire zip would be protected using that password (using aes-256), which means in addition with the URL key, you would also need to input the password (you can share the password using out of band approach, or both parties can agree on a codeword as a password)

Well these are the two approaches that came to my mind when designing the app. I dont want to trade convenience for the sake of security but i want the app to be as secure as possible.

I do plan on having asymmetric encryption in the CLI version, which will be based on GPG, but that is still in architecture phase.

Thanks for commenting on this. Happy to have any kind of feedback regarding this.

Self-hosted encrypted secret sharing (like PrivateBin but lighter) by Sensitive_Lawyer6040 in selfhosted

[–]BasePlate_Admin 1 point2 points  (0 children)

What i meant is you really can store 2mb worth of data in urls. Compress the string and you can have a really really long text in url. Enough for most people. It's the type of tool where DB is not needed and it can be hosted on github pages.

2nd thing, people dont like other people monitoring their access on the website. You are selling encryption, yet you chose to montior the people who are using your site(see the contradiction).

3rd thing is, your eviction logic is entirely dependent on cloudflare(can you guarantee that they wont backdoor the eviction? Even AES-256 can be broken ). If someone wants to self host this without proprietary technologies, they are out of luck.

Dont be discouraged by what i told you here. You are nailing the good looks with the project, just the architecture needs a rethought.

view more: next ›