A lightweight docker container for d-note, a web application for self destructing notes written by Aaron Toponce.
Self destructing one-time notes are great for quickly exchanging passphrases, credit card numbers or similar data between two trusted parties, but without the overhead of sending a message through a properly end-to-end encrypted communication channel and deleting it afterwards.
You can also use d-note to pass such data from any computer to your mobile device.
Note: This is not intend to replace proper encryption. You should still setup GPG to for your emails and use a secure chat client like Threema, Telegram or What's App.
The UI of d-note is pretty straightforward:
- Type your secret message in the form, set an optional password and submit.
- After a few seconds of intensive calculation, the note is securely stored in the server and you'll be shown a link.
- Forward the link you can forward to the recipient, along with the password if you set one. d-note optionally displays the link as QR code which you can pick up with your mobile.
- When the recipient clicks the link and enters the password, the message is displayed.
- At the same time, the message is removed from the server and can't be displayed again.
Note: If you send the d-note link through a messenger which displays a link preview, it will consume the message and make it unusable for you. A filter by
User-Agenton your webserver might help to block such requests.
Basically just run the container. It uses a volume mounted to /dnote for the stored notes and exposes the d-note app via HTTP on port 8080:
docker run --detach --volume /srv/dnote:/dnote --publish 8080:8080 --name dnote drmurx/docker-d-note
The volume contains the notes database and a configuration file with the encryption salts. The salt is part of the decryption key, so if you delete the dconfig.py, your stored notes are lost.
Note: This image does not provide any native encryption on the communication layer. You have to put it behind a reverse proxy with HTTPS termination. I highly recommend Jason Wilder's nginx-proxy with the Let's Encrypt companion.
You can pass in the environment variable APPLICATION_ROOT (defaults to /) to the docker run command if you prefer to host d-note in a subdirectory instead of the webroot.
Furthermore, you can tune d-note's server side concurrency using the environment variables PROCESSES and THREADS to control how the app scales. Please refer to the uwsgi documentation if you really need to increase your throughput.
Copyright (c) 2017 Jan Kunzmann jan-github@phobia.de, see LICENSE.