mitchell
/
selfpass
mirror of https://github.com/mitchell/selfpass.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add README.md and LICENSE

This commit is contained in:
mitchell 2019-06-02 15:34:45 -07:00
parent 7e702620cd
commit 0795f88aa0
2 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
LICENSE Normal file
View File

@ -0,0 +1,23 @@
BSD 2-Clause License
Copyright (c) 2019, The Selfpass Author(s) All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted
provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions
and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of
conditions and the following disclaimer in the documentation and/or other materials provided
with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

52
README.md Normal file
View File

@ -0,0 +1,52 @@
# selfpass
This is the project home of *selfpass*, the self-hosted password manager. This project is intended
to be a single-user (or **trusted** multi-user) password manager capable of encrypting/decrypting
credentials and storing them remotely through encrypted transportation, all of which is deployable
locally or to popular cloud platforms such as GCP and AWS.
It is still currently in development. However, the service is already capable of serving a gRPC based
API using mutual TLS encryption, backed by Redis and Docker. It is also capable of being deployed in
a semi-automated fashion locally and to GCP thanks to Docker.
In addition to the service there is `spc` (**s**elf**p**ass **C**LI), which is a fully fledged *selfpass* client
capable of interacting with the whole selfpass API and creating AES-CBC encrypted credentials using
a *private key* and *master password*. All of which is done using mutual TLS and an AES-CBC
encrypted config.
#### Service Roadmap
| Goal | Progress | Comment |
| --- | :---: | --- |
| Support credentials CRUD on gRPC API. | 100% | |
| Enable server-side mutual TLS, using cfssl. | 100% | |
| Deployable on Docker. | 100% | |
| Automatically deployable to GCP using docker-machine and Terraform. | 50% | TODO: Terraform |
| Automatically deployable to AWS using docker-machine and Terraform. | 0% | |
#### SPC Roadmap
| Goal | Progress | Comment |
| --- | :---: | --- |
| Support credentials CRUD via gRPC. | 80% | TODO: Update |
| Support mutual TLS. | 100% | |
| Support storage of certs, PK, and host in AES-CBC encrypted config. | 100% | |
| Support AES-CBC encryption of passes and OTP secrets, using MP and PK. | 100% | |
| Support AES-CBC encryption of local files, using MP and PK. | 100% | |
#### Unplanned Goals
- Web client.
- Sensitive financial info support.
- Miscellaneous text/file encryption and storage support.
- Vault separation.
#### 3rd-party Technologies in Use (and where):
- Golang (all)
- Go-Kit (all)
- gRPC (all)
- Cobra Commander & Viper Config (spc)
- Redis (service)
- Docker (service)
- Debian (docker images and machines)