On this weblog submit, I’ll be utilizing Golang to develop a brilliant small internet service that folks or organizations can use to share secrets and techniques in a barely extra non-public manner. All of us have the occasional must share a secret with a co-worker or one other particular person. It might be an API key, a password and even some confidential information from a buyer. Once we share secrets and techniques by way of channels resembling Slack, Groups or E mail, we basically ship the key to the servers of an entire stranger. Now we have no oversight over how the info is being dealt with, how lengthy it can persist on third-party servers and who the individuals are who’ve entry to it. Sending secrets and techniques straight by way of Slack or Groups may pose different undesirable uncomfortable side effects. As an example, new staff who get added to an present channel might uncover beforehand shared confidential information by way of a channel’s chat historical past. That may very well be a safety breach in itself if these staff didn’t have the clearance beforehand. Total secrets and techniques and/or confidential information ought to by no means be shared straight by way of (untrusted) third-party channels.
I assumed writing a small data-sharing app may very well be a great way of studying Go. The purpose is to create a small internet service that may be run as a single binary or from a Docker container inside an organization’s personal infrastructure. Why depend on an (untrusted) third get together service (noterip, safenote, onetimesecret, circumvent or privnote) if one might run their very own?
The Golang Venture Basis
That is going to be an MVP so we’ll be making some quick good points by protecting the service very simple and making use of Redis as the principle persistence layer. Redis appears to be a superb match for an MVP as it may be simply hosted in a container and used as a distributed information retailer that may serve a number of cases of our app. We will additionally use the TTL (time to reside) characteristic, which supplies us a fast and soiled implementation of short-lived, self-destructing hyperlinks.
Our internet service shall be a easy Go executable which may additionally run in a container and which is able to implement fundamental performance to persist and retrieve a secret.
All the resolution shall be open supply with an OSS pleasant Apache 2.0 license so that folks can fork it and make their very own modifications to it.
I name this mission self-destruct-notes
:
For the aim of this weblog submit, I’ll hold the service very rudimental and use as few third-party dependencies as potential. I’m truly coding this mission as I’m scripting this weblog submit so one can comply with the evolution of this app via this text or the related commit historical past in Git.
Creating a brand new Golang mission
First let’s create a easy Golang mission to kick issues off.