Skip to content
Knut Ahlers edited this page Aug 16, 2023 · 6 revisions

Getting OTS

  • The easiest option is to download the latest build from the Releases page.
  • You also can use the Docker image provided at luzifer/ots:latest or luzifer/ots:<version>

Building from Source

In order to do a local build you need to have NodeJS LTS and latest Golang installed.

Execute the build-local target using make:

$ make build-local                # Dynamically linked
$ CGO_ENABLED=0 make build-local  # Statically linked

Running OTS

To run the binary you for example could use a systemd service unit combined with an environment file:

# exa --tree /etc/ots
/etc/ots
├── assets
│  └── applogo.png
├── customize.yaml
└── env
# cat /etc/ots/env
CUSTOMIZE=/etc/ots/customize.yaml                              # Optional, see "Customization" in README
LISTEN=127.0.0.1:3000                                          # Port 3000 only on localhost
REDIS_URL=redis://default:mypasswordissecure@127.0.0.1:6379/0  # See README for details
SECRET_EXPIRY=604800                                           # 168h = 1w
STORAGE_TYPE=redis                                             # "mem" or "redis" (See README)
# cat /etc/ots/customize.yaml
---

appLogo: 'applogo.png'
overlayFSPath: /etc/ots/assets

# See "Customization" in README for all options

...
# cat /etc/systemd/system/ots.service
[Unit]
Description=One-Time-Secret Service
After=network-online.target
Requires=network-online.target

[Service]
EnvironmentFile=/etc/ots/env
ExecStart=/usr/local/bin/ots
Restart=Always
RestartSecs=5

[Install]
WantedBy=multi-user.target

For the Docker image use your favorite scheduler or adapt the service unit.

Serve with HTTPs

To add transport-layer encryption for example set up an nginx with Let's Encrypt and add a proxy host in front of your instance:

# cat /etc/nginx/sites-available/ots.conf
server {
  listen 80;
  listen [::]:80;

  server_name ots.example.com;

  location / {
    add_header X-Robots-Tag noindex;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_pass http://127.0.0.1:3000/;
  }
}

If you're not familiar with nginx see these:

Clone this wiki locally