GitHub - HemmeligOrg/Hemmelig.app: Keep your sensitive information out of chat logs, emails, and more with encrypted secrets.

Hemmelig - Encrypted Secret Sharing

Share sensitive information securely with client-side encryption and self-destructing messages.

Try it online • Quick Start • Docker Guide • Configuration

How It Works

1. Enter your secret on hemmelig.app or your self-hosted instance
2. Set expiration time, view limits, and optional password
3. Share the generated link with your recipient
4. The secret is automatically deleted after being viewed or expired

Zero-knowledge architecture: All encryption happens in your browser. The server only stores encrypted data and never sees your secrets or encryption keys.

Features

• Client-side AES-256-GCM encryption - Your data is encrypted before leaving your browser
• Self-destructing secrets - Configurable expiration and view limits
• Password protection - Optional additional security layer
• IP restrictions - Limit access to specific IP ranges
• File uploads - Share encrypted files (authenticated users)
• Rich text editor - Format your secrets with styling
• QR codes - Easy mobile sharing
• Multi-language support - Available in multiple languages
• Webhook notifications - Get notified when secrets are viewed or burned (docs)

Quick Start

Docker (Recommended)

docker run -d \
  --name hemmelig \
  -p 3000:3000 \
  -v hemmelig-data:/app/database \
  -v hemmelig-uploads:/app/uploads \
  -e DATABASE_URL="file:/app/database/hemmelig.db" \
  -e BETTER_AUTH_SECRET="$(openssl rand -base64 32)" \
  -e BETTER_AUTH_URL="https://your-domain.com" \
  hemmelig/hemmelig:v7

Docker Compose

git clone https://github.com/HemmeligOrg/Hemmelig.app.git
cd Hemmelig.app

# Edit docker-compose.yml with your settings
docker compose up -d

See Docker Guide for detailed deployment instructions.

CLI

Create secrets directly from the command line:

# Download the binary (recommended for CI/CD)
curl -L https://github.com/HemmeligOrg/Hemmelig.app/releases/download/cli-v1.0.1/hemmelig-linux-amd64 -o hemmelig
chmod +x hemmelig

# Or install via npm
npm install -g hemmelig

# Create a secret
hemmelig "my secret message"

# With options
hemmelig "API key: sk-1234" -t "Production API Key" -e 7d -v 3

See CLI Documentation for all platforms and CI/CD integration examples.

Documentation

• Docker Deployment - Complete Docker setup guide
• Helm Chart - Kubernetes deployment with Helm
• Environment Variables - All configuration options
• Managed Mode - Configure instance settings via environment variables
• CLI - Command-line interface for automation and CI/CD
• Encryption - How client-side encryption works
• Social Login - OAuth provider setup (GitHub, Google, etc.)
• Secret Requests - Request secrets from others securely
• Webhooks - Webhook notifications for secret events
• Health Checks - Liveness and readiness probes for container orchestration
• Prometheus Metrics - Monitor your instance with Prometheus
• API Documentation - REST API reference and OpenAPI spec
• SDK Generation - Generate client SDKs from OpenAPI spec
• E2E Testing - End-to-end testing with Playwright
• Upgrading from v6 - Migration guide for v6 to v7

Development

npm install
npm run dev
npm run dev:api

Hetzner Cloud Referral

Hemmelig is proudly hosted on Hetzner Cloud. Hetzner provides reliable and scalable cloud solutions, making it an ideal choice for hosting secure applications like Hemmelig. By using our referral link, you can join Hetzner Cloud and receive €20/$20 in credits. Once you spend at least €10/$10 (excluding credits), Hemmelig will receive €10/$10 in Hetzner Cloud credits. This is a great opportunity to explore Hetzner's services while supporting Hemmelig.

License

O'Saasy License Agreement - Copyright © 2025, Bjarne Øverli.

This project is licensed under a modified MIT license that prohibits using the software to compete with the original licensor as a hosted SaaS product. See LICENSE for details.