Chiyogami

Chiyogami is a lightweight, self‑hosted pastebin designed with modern web standards and developer ergonomics in mind. At its core, the application exposes a RESTful API that allows programmatic creation, retrieval, and management of pastes while also serving a responsive UI for interactive use. The API supports configurable expiration, optional client‑side encryption via the WebCrypto API, and fine‑grained rate limiting—all of which can be tuned through environment variables. The server stores data in a SQLite database, making the deployment footprint minimal and ideal for containerized environments or edge nodes.

Key Features

• Client‑side encryption: Pastes can be encrypted in the browser before transmission, ensuring that no plaintext or password ever reaches the server.
• Configurable expiry: The PASTE_DEFAULT_EXPIRATION variable accepts Go‑style duration strings (e.g., 24h, 10m) or "Never".
• Rich text handling: Automatic syntax highlighting via HighlightJS and Markdown rendering with Marked provide a polished experience for code snippets.
• User accounts & authentication: JWT‑based session handling allows developers to associate pastes with a user profile and enforce access controls.
• Rate limiting & soft deletes: Built‑in request throttling protects against abuse, while deleted pastes are retained for a configurable retention period before hard removal.

Technical Stack

The choice of Go gives the application excellent concurrency handling and minimal binary size, while SQLite keeps operational overhead low. Docker images are lightweight (~30 MB) and can be run behind any reverse proxy (Traefik, Nginx, Caddy), with optional middleware to shield the /health endpoint.

Core Capabilities & APIs

• POST /api/paste: Create a paste; accepts JSON payload with content, optional expiration, and visibility.
• GET /api/paste/{id}: Retrieve a paste by its UUID; private pastes require the unguessable link.
• DELETE /api/paste/{id}: Soft delete a paste; hard deletion after retention period.
• GET /api/pastes: List public pastes with pagination and search query parameters.
• Authentication endpoints (/api/auth/register, /login, /logout) issue secure cookies or tokens.
• Webhooks are not yet exposed but can be added via middleware due to the modular Go architecture.

Deployment & Infrastructure

Chiyogami is designed for zero‑configuration self‑hosting. A single Docker container exposes the service on port 8000, with optional mounting of a persistent volume for /pastes. For scaling, the application can be replicated behind a load balancer; SQLite’s file locking requires careful coordination, so for multi‑instance deployments consider switching to Postgres or MySQL with minimal code changes. The environment variables provide all tunable parameters, and the /health endpoint offers a lightweight database liveness check that can be integrated into Kubernetes readiness probes.

Integration & Extensibility

The codebase follows standard Go conventions, making it straightforward to fork and extend. The API surface is small yet expressive, so adding features such as webhook notifications or custom rendering engines can be achieved by implementing new handlers and registering them with the router. The UI is built with vanilla JavaScript, enabling developers to replace or augment components without touching the backend. Moreover, because encryption is purely client‑side, integrating Chiyogami into CI/CD pipelines or IDE extensions becomes trivial: paste build logs or configuration snippets directly through the API.

Developer Experience

Documentation is concise and focused on the API contract, with clear example payloads and environment variable explanations. The repository includes a docker-compose.yml that demonstrates best practices for local development and production deployments. Community support is moderate; issues are triaged quickly, and the maintainers welcome pull requests that improve performance or add new authentication backends. The licensing is permissive (MIT), allowing commercial use without licensing fees.

Use Cases

• CI/CD log sharing: Automated scripts can POST build logs to Chiyogami and embed the resulting link in Slack or email notifications.
• Secure code snippets: Developers can encrypt sensitive configuration files before sharing them on public channels.
• Internal documentation hub: Teams can host markdown‑based docs with syntax highlighting, all under a single domain.
• Debugging in distributed systems: Runtime logs can be posted to a private paste that expires after a day, preventing stale data accumulation.

Advantages

• Performance: Go’s lightweight runtime and SQLite’s low overhead yield sub‑10 ms response times for typical paste operations.
• Flexibility: The entire stack is open source; swapping the database or adding OAuth providers requires minimal effort.
• Security: Client‑side encryption guarantees zero trust; rate limiting and soft deletes mitigate abuse.
• **Licensing & Cost