# Password Pusher (pwpush)

A cool tool (both commercial and self-hosted versions) for securely transfering text and files and URLs.

# Install

The docs section is outstanding and offers several ways to host/install pwpush. Here's the route I went:

  • Follow the instructions to download the docker-compose-pwpush.yml and Caddyfile to a directory.

  • Edit the Caddyfile to include your domain/subdomain.

The Caddyfile has a default email of like user@domain.com or something like that. Change that or the LetsEncrypt setup will fail!

  • Follow these instructions to get signups to work properly - the docs specifically state "All of the following environments need to be set (except SMTP authentication if none) for application logins to function properly."

# Using the admin console

Once your instance is up, you can connect with the admin console to do back end tinkering:

docker exec -it <container_id> bash
cd /opt/PasswordPusher

The commands available are:

/bin/create_admin Create a new administrator account
./bin/promote_to_admin  Promote an existing user to administrator
./bin/demote_admin  Demote an existing administrator
./bin/list_admins List all administrators

# Config file for use with postgres

Here's a sanitized version of my file that got me going. Once I got pwpush stood up and established my admin account, I shutdown the docker, disabled signups with PWP__DISABLE_SIGNUPS: enable and then started pwpush again.

version: '2.1'

services:
  # --> By default, this file will launch a Password Pusher instance with an
  # ephemeral (temporary) database of SQLite3.  The database will be lost on
  # restart.  If you want a persistent database, enable one of databases below.
  #
  # Uncomment to add a PostgreSQL service
  #
  postgres:
    image: docker.io/postgres:15
    volumes:
      - ./data/postgresql:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: pwpush_user
      POSTGRES_PASSWORD: YOURPOSTGRESPASSHERE
      POSTGRES_DB: pwpush_db

  # Uncomment to add a MySQL service
  #
  # mysql:
  #   image: mysql:8.0.32
  #   ports:
  #     - "3306:3306"
  #   environment:
  #     MYSQL_USER: 'pwpush_user'
  #     MYSQL_PASSWORD: 'pass'
  #     MYSQL_DATABASE: 'pwpush_db'
  #     MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
  #   volumes:
  #     - ./data/mysql:/var/lib/mysql

  # Uncomment to add a MariaDB service
  #
  # mariadb:
  #   image: mariadb:10.6.5
  #   ports:
  #     - "3306:3306"
  #   environment:
  #     MARIADB_USER: 'pwpush_user'
  #     MARIADB_PASSWORD: 'pwpush_passwd'
  #     MARIADB_DATABASE: 'pwpush_db'
  #     MARIADB_RANDOM_ROOT_PASSWORD: 'yes'
  #   volumes:
  #     - /var/lib/pwpush-mariadb/data:/var/lib/mysql

  pwpush:
    image: docker.io/pglombardo/pwpush:latest
    ports:
      - "5100:5100"
    depends_on:
      - postgres
    links:
      - postgres:postgres
    environment:
      DATABASE_URL: 'postgres://pwpush_user:YOURPOSTGRESPASSHERE@postgres:5432/pwpush_db'
      PWP__DISABLE_SIGNUPS: false
      PWP__ENABLE_FILE_PUSHES: true
      PWP__ENABLE_LOGINS: true
      PWP__ENABLE_URL_PUSHES: false
      PWP__HOST_DOMAIN: 'passwordpusher.yourdomain.com'
      PWP__HOST_PROTOCOL: 'https'
      PWP__LOGIN_SESSION_TIMEOUT: '2 hours'
      PWP__MAIL__MAILER_SENDER: '"YOU" <you@you.com>'
      PWP__MAIL__OPEN_TIMEOUT: 10
      PWP__MAIL__RAISE_DELIVERY_ERRORS: true
      PWP__MAIL__READ_TIMEOUT: 10
      PWP__MAIL__SMTP_ADDRESS: 'smtp.gmail.com'
      PWP__MAIL__SMTP_AUTHENTICATION: 'login'
      PWP__MAIL__SMTP_PASSWORD: 'APP-PASSWORD-GOES-HERE'
      PWP__MAIL__SMTP_PORT: 587
      PWP__MAIL__SMTP_STARTTLS: true
      PWP__MAIL__SMTP_USER_NAME: 'YOU@GMAIL.COM'
      PWP__PW__EXPIRE_AFTER_DAYS_DEFAULT: "3"
      PWP__PW__EXPIRE_AFTER_VIEWS_DEFAULT: 3
      PWP__PW__EXPIRE_AFTER_VIEWS_MAX: 7
      PWP__PW__EXPIRE_AFTER_VIEWS_MIN: 2
      PWP__PW__RETRIEVAL_STEP_DEFAULT: "true"
      PWP__SHOW_GDPR_CONSENT_BANNER: true
      PWP__SHOW_VERSION: true
      PWP__TIMEZONE: 'America/Chicago'
      

  ssl_proxy:
    image: caddy:latest
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy_data:/data
      - caddy_config:/config
    depends_on:
      - pwpush

volumes:
  caddy_data:
  caddy_config:

###############################################################################
# Other Notes
###############################################################################
# See also the Password Pusher Configuration documentation
# https://github.com/pglombardo/PasswordPusher/blob/master/Configuration.md
#
# Current environment variables configuration:
#   PWP__DISABLE_SIGNUPS: 'false'
#   PWP__ENABLE_FILE_PUSHES: 'true'
#   PWP__ENABLE_LOGINS: 'true'
#   PWP__ENABLE_URL_PUSHES: 'false'
#   PWP__HOST_PROTOCOL: 'https'
#   PWP__LOGIN_SESSION_TIMEOUT: '2 hours'
#   PWP__PW__EXPIRE_AFTER_DAYS_DEFAULT: "3"
#   PWP__PW__EXPIRE_AFTER_VIEWS_DEFAULT: 3
#   PWP__PW__EXPIRE_AFTER_VIEWS_MAX: 7
#   PWP__PW__EXPIRE_AFTER_VIEWS_MIN: 2
#   PWP__PW__RETRIEVAL_STEP_DEFAULT: "true"
#   PWP__SHOW_GDPR_CONSENT_BANNER: true
#   PWP__SHOW_VERSION: true
#   PWP__TIMEZONE: 'America/Chicago'
#
# To customise the application via configuration file, see settings.yml:
# https://github.com/pglombardo/PasswordPusher/blob/master/config/settings.yml