Password Pusher

Password Pusher is a self‑hosted pastebin designed for secure, time‑bound distribution of secrets. From a developer’s standpoint it is a lightweight Ruby on Rails application that exposes a JSON API, a command‑line client, and a web interface for managing pushes. The core idea is that every “push” – whether it’s plain text, a file, or a URL – is stored encrypted on disk or in a database and automatically purged once the configured expiration threshold (time, view count, or both) is reached. This guarantees that sensitive data never lingers on the server longer than necessary.

Key Features

• Encrypted Storage – Content is encrypted client‑side using AES‑256 before it reaches the server, ensuring that even database admins cannot read secrets in transit or at rest.
• Audit Logging – Every push and retrieval is logged with timestamps, IPs, and user agents. Logs are queryable via the admin dashboard or API for compliance audits.
• API & CLI – A fully documented REST API lets you push, list, and delete secrets programmatically. The accompanying CLI (pwpush-cli) wraps the API in shell scripts, making automation trivial.
• Self‑Deleting Files – When a push contains an uploaded file, the file is stored in the same encrypted blob and removed automatically on expiry. No temporary storage leaks.

Technical Stack

• Language & Framework – Ruby 3.x + Rails 7. The application follows conventional MVC patterns with minimal custom code, making it approachable for Ruby developers.
• Database – Supports PostgreSQL and SQLite out of the box. The schema is intentionally simple: a pushes table with columns for content, metadata (expiry, view limits), and encrypted payload.
• Background Processing – Uses Sidekiq with Redis for scheduled cleanup jobs that scan for expired pushes and purge them.
• TLS – Built‑in automatic HTTPS via Let’s Encrypt integration; no external reverse proxy needed unless custom routing is required.
• Containerization – A ready‑made Docker image (pglombardo/pwpush-ephemeral) ships with all dependencies, enabling instant deployment on Kubernetes, Docker Swarm, or local Docker Compose.

Deployment & Infrastructure

The application is designed to run in a minimal environment: one web process, one Sidekiq worker, and a Redis instance for job queuing. For high‑availability setups you can scale Sidekiq workers horizontally and use a shared PostgreSQL cluster. The Docker image is lightweight (~200 MB) and can be deployed behind any ingress controller that supports HTTP/2. Because all data is encrypted before leaving the client, even a compromised server cannot expose secrets.

Integration & Extensibility

• Plugins – The Rails engine architecture allows you to write custom controllers or models that hook into the push lifecycle. For example, a plugin could forward each new push to an external ticketing system.
• Webhooks – The API supports optional webhook callbacks on push creation and deletion, enabling real‑time integrations with CI/CD pipelines or chatops.
• Themes & Branding – With 26 bundled Bootswatch themes and environment‑driven configuration, you can white‑label the UI in minutes. Custom CSS or JavaScript is also supported via a public assets directory.

Developer Experience

The repository follows semantic versioning and includes comprehensive documentation in the docs/ folder. Tests are run on GitHub Actions using RSpec and Ruby’s built‑in test framework, ensuring that every pull request is automatically vetted. The community is active on GitHub and Twitter; issues are triaged quickly, and the codebase remains free of vendor lock‑in. The CLI’s --help output is self‑documenting, and the API endpoints are auto‑generated by Rails’ jsonapi-resources gem.

Use Cases

• DevOps Secrets – Distribute temporary API keys or tokens to team members without exposing them in chat or email.
• Incident Response – Share one‑time passwords or URLs with external responders while guaranteeing automatic deletion.
• Compliance Auditing – Use audit logs to prove that sensitive data was accessed only by authorized parties.
• Educational Labs – Provide students with temporary credentials for sandbox environments that expire after each session.

Advantages

Compared to cloud‑hosted pastebins, Password Pusher offers complete control over data residency and encryption keys. Its lightweight Ruby stack means it can run on a single VM or container, making it ideal for small teams or security‑focused organizations. Licensing is permissive (MIT), and the open‑source nature eliminates hidden costs or vendor lock‑in. Performance is adequate for thousands of concurrent pushes; the Sidekiq job queue ensures that cleanup does not interfere with request latency. Overall, developers choose Password Pusher for its blend of security, simplicity, and extensibility in a self‑hosted environment.