mirror of
http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/selfhosting-blogposts.git
synced 2025-05-16 12:16:59 +00:00
100 lines
3.2 KiB
Markdown
100 lines
3.2 KiB
Markdown
---
|
|
search:
|
|
exclude: true
|
|
---
|
|
# hatsh Setup
|
|
|
|
|
|
|
|
In this tutorial we're going to setup a hat.sh instance, which is a web app that provides secure local file encryption in the browser.
|
|
|
|
## **Initial Setup**
|
|
|
|
|
|
root@lainsafe:~# cd /var/www
|
|
root@lainsafe:/var/www# git clone https://github.com/sh-dv/hat.sh.git hat.sh
|
|
Cloning into 'hat.sh'...
|
|
remote: Enumerating objects: 2392, done.
|
|
remote: Counting objects: 100% (337/337), done.
|
|
remote: Compressing objects: 100% (91/91), done.
|
|
remote: Total 2392 (delta 273), reused 251 (delta 246), pack-reused 2055
|
|
Receiving objects: 100% (2392/2392), 3.88 MiB | 3.95 MiB/s, done.
|
|
Resolving deltas: 100% (1324/1324), done.
|
|
|
|
root@lainsafe:/var/www# cd hat.sh
|
|
root@lainsafe:/var/www/hat.sh# apt install npm -y
|
|
|
|
root@lainsafe:/var/www/hat.sh# npm install
|
|
|
|
root@lainsafe:/var/www/hat.sh# npm run build
|
|
|
|
root@lainsafe:/var/www/hat.sh# ip a | grep inet
|
|
inet 127.0.0.1/8 scope host lo
|
|
inet6 ::1/128 scope host
|
|
inet 10.0.0.108/24 brd 10.0.0.255 scope global eth0
|
|
inet6 fe80::709a:74ff:fec2:47af/64 scope link1
|
|
|
|
root@lainsafe:/var/www/hat.sh# npm run start
|
|
|
|
> hat.sh@2.3.6 start
|
|
> next start -p 3991
|
|
|
|
ready - started server on 0.0.0.0:3991, url: http://localhost:3991
|
|
info - Loaded env from /var/www/hat.sh/.env
|
|
|
|
|
|
|
|
From there we can encrypt files:
|
|
|
|
   
|
|
|
|
And we decrypt it like so:
|
|
|
|
  
|
|
|
|
## **Automation Setup**
|
|
|
|
We want it to start automatically with a systemd service:
|
|
|
|
|
|
root@lainsafe:/var/www/hat.sh# cat /etc/systemd/system/hatsh.service
|
|
[Unit]
|
|
Description=hat.sh local file encryption
|
|
After=network.target
|
|
After=systemd-user-sessions.service
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
WorkingDirectory=/var/www/hat.sh/
|
|
ExecStart=/usr/bin/npm run start
|
|
Restart=always
|
|
RestartSec=10
|
|
KillMode=process
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
root@lainsafe:/var/www/hat.sh# systemctl daemon-reload
|
|
root@lainsafe:/var/www/hat.sh# systemctl enable --now hatsh
|
|
root@lainsafe:/var/www/hat.sh# systemctl status hatsh
|
|
* hatsh.service - hat.sh local file encryption
|
|
Loaded: loaded (/etc/systemd/system/hatsh.service; enabled; vendor preset: enabled)
|
|
Active: active (running) since Wed 2022-11-02 19:10:20 UTC; 6s ago
|
|
Main PID: 16508 (node)
|
|
Tasks: 23 (limit: 115830)
|
|
Memory: 106.5M
|
|
CPU: 3.601s
|
|
CGroup: /system.slice/hatsh.service
|
|
|-16508 npm run start
|
|
|-16520 sh -c next start -p 3991
|
|
`-16521 node /var/www/hat.sh/node_modules/.bin/next start -p 3991
|
|
|
|
Nov 02 19:10:20 lainsafe systemd[1]: Started hat.sh local file encryption.
|
|
Nov 02 19:10:21 lainsafe npm[16508]: > hat.sh@2.3.6 start
|
|
Nov 02 19:10:21 lainsafe npm[16508]: > next start -p 3991
|
|
Nov 02 19:10:22 lainsafe npm[16521]: ready - started server on 0.0.0.0:3991, url: http://localhost:3991
|
|
Nov 02 19:10:22 lainsafe npm[16521]: info - Loaded env from /var/www/hat.sh/.env
|
|
|
|
|
|
|