alihan/arc-evilsocket
1
0
Fork 0
mirror of https://github.com/evilsocket/arc.git synced 2024-05-26 22:37:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
224 Commits 2 Branches 34 Tags
5ae20915cda8cb68243066ab092107a8aadab25a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
evilsocket 5ae20915cd goreleaser fix
2017-12-11 19:03:20 +01:00
arc
balls
2017-12-11 16:00:20 +01:00
arcd
goreleaser fix
2017-12-11 18:40:43 +01:00
.gitignore
Working on goreleaser file
2017-12-11 16:10:50 +01:00
.goreleaser.yml
goreleaser fix
2017-12-11 19:03:20 +01:00
LICENSE
goreleaser fix
2017-12-11 19:03:20 +01:00
README.md
goreleaser fix
2017-12-11 18:50:47 +01:00

README.md

Arc

Arc is a manager for your secrets made of arcd, a RESTful API server written in Go which exposes read and write primitives for encrypted records on a sqlite database file.

arcd

And arc, the client application implemented in html5 and javascript, which runs in every html5 enabled browser and it is served by arcd itself.

multikey

Records are generated, encrypted and decrypted client side only (Arc relies on CryptoJS for its AES encryption and the PRNG) by arc, which offers an intuitive management system equipped with UI widgets including:

  • Simple text inputs.
  • Simple text areas.
  • Custom file attachments (files are encrypted client side before being uploaded as binary records).
  • A markdown editor area with preview and full screen mode.
  • A password field with password strength estimation and a random password generator.

Elements can be created (with optional expiration dates), arranged and edited using arc and are stored on arcd safely.
ui mix 1 ui mix 2
A client side encrypted record set to expire and self delete with a markdown area and a password widget. Markdown and various attached files.

TL;DR

The idea is to use the Arc as a single manager for your passwords, encrypted notes, files and -all the secret things here- while hosting arcd yourself on some spare hardware like a Raspberry Pi (a very portable setup with a Zero W model, or an USB Armory) or a real dedicated server and accessing arc from every device with a modern browser.

Encrypt all the things!

Usage

Download, install dependencies and compile the arcd server component:

git clone https://github.com/evilsocket/arc
cd arc/arcd
make vendor_get
make

If you want to build for arm from another architecture (ie: you're building for your Raspberry Pi from your laptop), you can refer to the .goreleaser.yml file for platform and arch specific flags:

# on your laptop
sudo apt-get install gcc-arm-linux-gnueabi
cd arc/arcd
env CC=arm-linux-gnueabi-gcc CGO_ENABLED=1 GOOS=linux GOARM=6 GOARCH=arm make

Now copy the sample_config.json file to a new config.json file, customize it and run the arc web application:

./arcd -config config.json -app ../arc

The password field is the SHA256 checksum of your password, you can generate a new one with:

echo -n "your-new-password" | sha256sum

Browse http://localhost:8080/ and login with the credentials you specified in the config.json file.

Note

The first time the arcd server executes the arc web application. it will automatically import some example stores from the arc/seeds.json seed file (encryption key is vault).

Configuration

You will find a sample_config.json file inside the arcd folder of the project, this is the example configuration you need to customize the first time.

{
    "address": "127.0.0.1",
    "port": 8080,
    "username": "arc",
    "password": "404fcfb394d23199f6d95f1f36bd2beb6df8564f993f44517f6015fcd16101a9",
    "database": "~/arc.db",
    "token_duration": 60,
    "compression": true,
    "scheduler": {
        "enabled": true,
        "period": 10
    },
    "backups": {
        "enabled": false,
        "period": 1800,
        "folder": "/some/backup/path/"
    },
    "tls": {
        "enabled": false,
        "certificate": "/some/certificate.pem",
        "key": "/some/key.pem"
    }
}

It is necessary to change only the username and password access parameters of Arc, while the others can be left to their default values.

Configuration Description
address IP address to bind the arcd server to.
port TCP to bind the arcd server to.
username API access username.
password API access password sha256 hash.
database SQLite database file path.
token_duration Validity in minutes of a JWT API token after it's being generated.
compression Enable or disable records compression.
backups.enabled Enable automatic backups.
backups.period Number of seconds between one backup and the next one.
backups.folder Destination folder for the backup file.
tls.enabled Run arcd on HTTPS.
tls.certificate HTTPS certificate.
tls.key HTTPS private key.

Export and import stores.

You can export stores and their encrypted records to a JSON file:

./arcd -config config.json -output ~/backup.json -export

Or export only one store by its numeric id:

./arcd -config config.json -output ~/arc_store_1.json -export -store 1

Such export files can be later imported with:

./arcd -config config.json -import ~/backup.json

Bugs

Before opening an issue, please make sure it is not already part of a known bug.

License

Arc was made with ♥ by Simone Margaritelli and it is released under the GPL 3 license.

Description
A manager for your secrets.
Readme GPL-3.0 25 MiB
Languages
Go 83.9%
JavaScript 15.9%
HTML 0.1%