I’m excited to share with you a humble tool I’ve developed called hugoArticleEncryptor. The motivation behind creating this tool was to provide a simple solution for those who wish to write personal diaries on their own websites while ensuring their privacy. With hugoArticleEncryptor, you can now protect your diary entries and keep them strictly for your eyes only.
The idea behind hugoArticleEncryptor draws inspiration from the renowned project called Hugo Encryptor. However, I took it upon myself to reimplement it in Go, creating a tool that generates a convenient binary file for direct usage. I wanted to make the process of encrypting your diary articles as effortless as possible, requiring minimal configuration and offering a straightforward user experience.
To learn more about hugoArticleEncryptor, I invite you to check out the project’s README. It provides detailed information on installation, usage, and configuration.
I would prefer not to use binaries to handle sensitive data, especially executed through curl | bash (I didn’t review the source code you published along with the binaries, but I guess such install method could refrain others too)
I’ve seen this mentioned a couple of times while reading Hugo stuff. I have my website in a public GitHub repo so beyond the obvious precaution of not putting sensitive stuff on a publicly accessible web page, I’m curious what the group wisdom is on this topic.
Thank you for your feedback and suggestions. I appreciate your insights and would like to address your points:
The binary files I provided are automatically generated by GitHub Actions based on my code. They are primarily meant for convenience, especially when deploying on platforms like Vercel and Netlify. In my README, I also provide instructions on using the tool from the source code directly. I understand your concern, and I will make sure to clarify this in the README to provide users with both options.
I want to express my gratitude for bringing up the importance of keeping the blog code in a private repository. It’s an essential consideration, and I will definitely include a reminder in the README to emphasize this aspect.
Thank you for mentioning Staticrypt. It seems like an interesting project, and I will take a closer look at it.
Once again, I appreciate your feedback and the time you took to provide these suggestions. If you have any further thoughts or questions, please feel free to share them.
This advice is only relevant in specific cases. Here, the password is put plaintext in the Markdown file, with the shortcode {{< secret "password" >}}.
That’s why – in this case – it’s important to use a private repo.
What I liked about hugo_encryptor was the ability to protect only sections of a post instead of the whole page/post. Is this feature also planned in your version?
