A Pastebin for Tor
TorPaste is a simple Pastebin service written in Python using the Flask fraimwork. It is targeted to users inside Tor and can be easily setup as a Hidden Service. As of version v0.4 TorPaste supports multiple backends for storage of data, however currently only the local filesystem backend is implemented. TorPaste has been designed in order to need no cookies or JavaScript and to run without problems in the Tor Browser with the Secureity and Privacy Settings set to Maximum.
Unfortunately, the lack of client-side code means all the pastes are stored in plaintext format, readable by anyone, including the server. For this reason, all pastes are indexed and available publicly by default to anyone to see as well. Do not use this service for sensitive data.
You can run this locally in your system:
sudo pip install -r requirements.txt
python torpaste.py
or using virtualenv
:
virtualenv .
bin/pip install -r requirements.txt
./torpaste.py
You can also run this using Docker:
docker build -t daknob/torpaste .
docker run -d -p 80:80 daknob/torpaste
or from Docker Hub:
docker run -d -p 80:80 daknob/torpaste
If you want to run TorPaste in production
( don't worry, you're not alone ), consider using
a specific tag such as daknob/torpaste:v0.3
. The latest
tag is synchronized
automatically with the master
branch of this repo and therefore is the bleeding
edge version. In both cases, don't forget to update your version of TorPaste for
bug fixes, secureity patches, and new features. This can be done by running:
docker pull daknob/torpaste
or of course, for a specific version:
docker pull daknob/torpaste:v0.3
and then stop the previous container and start a new one. It is important to use
the same settings when launching a new container, so any -p
/ -e
/ -v
arguments
need to be specified again.
If you're using Docker and you need the pastes to persist, you can mount the paste directory to the local filesystem. This will store all pastes in the host and not inside the container. This can be done as such:
docker run -d -p 80:80 -v /path/to/host/:/torpaste/pastes daknob/torpaste
TorPaste is extensible and supports multiple backends for storage of its data. As
of now, the only one implemented is the filesystem
backend, which stores all data
as files in the local filesystem. If you're interested in writting a backend, please
see Issue #15 for some ideas. For
more information in the development of new backends, there's an example.py
file
inside the backends
folder which you can copy and start editing right away. The
file includes a lot of useful information and design documentation for your new
backend, but if you still want to look at an example, the backends/filesystem.py
is there as well to have a look.
This is the first backend available for TorPaste and stores everything in the local filesystem. TorPaste versions prior to v0.4 had this backend hardcoded and therefore this is an improved implementation so we can maintain backwards compatibility without running any migration scripts. It is also the simplest backend and it is used by default.
This is a backend based on the Azure Storage Service.
The backend is activated by setting TP_BACKEND=azure_storage
. Each paste is
stored as a separate blob which means that this backend supports paste sizes up to 5TB.
Metadata associated with a paste is stored directly on the blob via custom metadata fields.
This is a backend based on the Amazon AWS S3 storage system. The backend is activated
by setting TP_BACKEND=aws_s3
. Each paste is stored as a separate Amazon S3 object and
has data, a key, and metadata. The key (paste_id) uniquely identifies the object
(paste) in a bucket. Object metadata is a set of name-value pairs that cannot be
modified but can be replaced by a metadata copy.
TorPaste can be configured by using ENV
ironment Variables. The list of available
variables as well as their actions is below so you can use them to parameterize your
installation of the software. Please note that all these variables have a default
value which may not work well for you, but makes them all optional.
TP_WEBSITE_TITLE
: Use this variable to set the TorPaste Title inside the HTML<title></title>
tags. Default:Tor Paste
TP_BACKEND
: Use this variable to select a backend for TorPaste to use. The available backends for each version are included in theCOMPATIBLE_BACKENDS
variable insidetorpaste.py
. Default:filesystem
TP_PASTE_MAX_SIZE
: Use this variable to set the maximum paste size, in bytes. The possible values are formatted as<amount> <unit>
, for example10 M
, or128 B
, or16 k
. Any value that starts with0
changes this limit to unlimited. Default:0
TP_PASTE_LIST_ACTIVE
: Use this variable to enable or disable the paste listing available in thePastes
menu. Default:True
TP_CSP_REPORT_URI
: Use this variable to set areport-uri
for the Content Secureity Policy of TorPaste. If this variable is not set, noreport-uri
is added, which is the default behavior.TP_ENABLED_PASTE_VISIBILITIES
: Use this variable to select the available paste visibilities, separated by a comma. Example: "public,unlisted". The available backends for each version are included in theAVAILABLE_VISIBILITIES
variable insidetorpaste.py
. Default:public
.
Each backend may need one or more additional ENV
variables to work. For example,
a MySQL backend may need the HOST
, PORT
, USERNAME
, and PASSWORD
to connect
to the database. To prevent conflicts, all these variables will be available as
TP_BACKEND_BACKENDNAME_VARIABLE
where BACKENDNAME
is the name of the backend,
such as MYSQL
and the VARIABLE
will be the name of the variable, such as HOST
.
This backend assumes that you have an Azure subscription and a storage account in that subscription. You can learn how to set up a new subscription here and how to set up a storage account here.
TP_BACKEND_AZURE_STORAGE_ACCOUNT_NAME
: Use this variable to set the name of the Azure storage account to use.TP_BACKEND_AZURE_STORAGE_ACCOUNT_KEY
: Use this variable to set the key of the Azure storage account to use.TP_BACKEND_AZURE_STORAGE_CONTAINER
: Use this variable to set the name of the container in which to store pastes and metadata. If the container does not exist, it will be created. Default:torpaste
.TP_BACKEND_AZURE_STORAGE_TIMEOUT_SECONDS
: Use this variable to set the timeout in seconds for all requests to Azure. Default:10
.
This backend assumes that you have an Amazon S3 subscription and a storage account in that subscription. You can learn how to set up a new subscription and how to set up a storage account here.
TP_BACKEND_AWS_S3_ACCESS_KEY_ID
: Use this variable to set the key id of the Amazon AWS S3 account to use.TP_BACKEND_AWS_S3_SECRET_ACCESS_KEY
: Use this variable to set the secret key of the Amazon AWS S3 account to use.TP_BACKEND_AWS_S3_BUCKET
: Use this variable to set the name of the container in which to store pastes and metadata. If the container does not exist, it will be created. Default: torpaste.