- Description:
- Decentralized pastebin built on tesseras-dht
- Owner:
- murilo ijanc'
- Last Change:
- Clone URL:
ssh://anon@got.tesseras.net/tesseras-paste
Commit Briefs
Bump version to 0.1.1, update tesseras-dht to 0.1.2 (fix/rejoin-bootstrap)
Add automatic re-join and -v flag for verbose logging
When the routing table drops to zero peers, the daemon now re-joins bootstrap nodes every 60s, unbanning their addresses first so replies are not silently discarded. Both tp and tpd accept -v for debug-level output without needing RUST_LOG environment variable.
Add CHANGELOG.md for 0.1.0 (tags/v0.1.0)
Update README, bump tesseras-dht to 0.1.1, add project docs
- Rewrite README with features, usage, and links - Bump tesseras-dht dependency from 0.1.0 to 0.1.1 - Add CODE_OF_CONDUCT.md and SECURITY.md
Limit stdin read in tp, bound protocol drain, document Arc leak
- tp: limit stdin to 64 KiB + 1 byte to reject oversized pastes early without unbounded memory allocation - daemon: bound the oversized-line drain to MAX_LINE_SIZE so a client without newlines cannot block beyond the read timeout - tpd: document intentional Arc::into_raw leak in signal handler
Harden identity key permissions, atomic writes, and HTTP method
- Write identity.key with mode 0600 to prevent other users from reading the Ed25519 private seed - Use destination filename in atomic_write temp path to avoid collisions between concurrent writes to different files - Reject HTTP methods other than GET/HEAD with 405 - Return "Hello Tesseras World" on GET /
Add missing pledge promises (drm, prot_exec) and source reference
Add reference to pledgereq[] in /usr/src/sys/kern/kern_pledge.c and include drm and prot_exec that were missing from the list.
Log socket setup errors in Unix client handler
Warn when set_nonblocking or set_read_timeout fails instead of silently disconnecting the client.
Handle HTTP connections in separate threads with cap of 8
A slow connection or DHT lookup (up to 30s) no longer blocks the entire HTTP accept loop. Connections beyond the limit get a 503 response.
Branches
Tree
README.md
# Tesseras-Paste A decentralized pastebin built on [tesseras-dht](https://crates.io/crates/tesseras-dht). Pastes are encrypted client-side, distributed across the DHT, and served over HTTP. ## Features - End-to-end encrypted pastes (XChaCha20-Poly1305) - Decentralized storage via Kademlia DHT - NAT traversal (hole-punching and proxy relay) - HTTP serving with content-key URLs - TTL-based expiry and pinning - Public (unencrypted) paste mode - OpenBSD `pledge(2)` sandboxing ## Binaries **tpd** — daemon that runs a DHT node, stores pastes, and serves HTTP. ``` usage: tpd [-p port] [-d dir] [-s sock] [-w http_port] [-g] [-n] [-b host:port] -p port UDP port (0 = random) -d dir data directory -s sock Unix socket path -w port HTTP server port -g global NAT (public server) -n no auto-bootstrap (skip DNS SRV) -b host:port bootstrap peer (repeatable) ``` **tp** — CLI client that talks to the daemon over a Unix socket. ``` usage: tp [-s sock] <command> [args] put [-t ttl] [-p] read stdin, store paste (-p = public, no encryption) get <key> retrieve paste to stdout del <key> delete paste pin <key> pin (never expires) unpin <key> unpin status show daemon status ``` ## Quick start ```sh # Start the daemon tpd -p 4433 -w 9999 -d /var/tesseras-paste # Store a paste echo "hello" | tp put # => Ey2rNiNukhNpqUouaSnnZwTtCgeCgMx2FrCuMr3whBxx # Retrieve it tp get Ey2rNiNukhNpqUouaSnnZwTtCgeCgMx2FrCuMr3whBxx ``` ## Links - [Website](https://tesseras.net) - [Source code](https://got.tesseras.net/?action=summary&path=tesseras-paste.git) (primary) - [Source hut mirror](https://git.sr.ht/~ijanc/tesseras-paste) - [GitHub mirror](https://github.com/ijanc/tesseras-paste) ## License ISC — see [LICENSE](LICENSE).