CloudOps and SysOps
Deploy One-Time Secret – Secure One-Time Password/Message Sharing App with Docker and Docker Compose

Deploy One-Time Secret – Secure One-Time Password/Message Sharing App with Docker and Docker Compose

Prakas Rana's photo
Prakas Rana
·

4 min read

🚀 One-Time Secret is a secure one-time message sharing application that allows you to generate self-destructing secret links. It ensures that sensitive information is shared securely.

🔗 Official GitHub Repository: One-Time Secret GitHub

In this blog, we will deploy One-Time Secret using Docker commands and a Docker Compose file.

Method 1: Deploy Using Docker Commands

We will deploy One-Time Secret and its dependency, Redis, step by step.

Step 1: Run Redis Container

We need Redis as the backend to store temporary secrets. Run the following command to start a Redis container:

docker run -d -p 6300:6379 --name redis redis:bookworm

Explanation:

  • -d: Runs the container in detached mode.

  • -p 6300:6379: Maps port 6379 of the Redis container to port 6300 on the host.

  • --name redis: Assigns a name to the container.

  • redis:bookworm: Uses the latest Redis image with the bookworm tag.

Check if Redis is running:

docker ps -a

Step 2: Test Redis Connection

Use the Redis CLI to ensure Redis is working:

redis-cli -h localhost -p 6300

Run the ping command and Exit Redis CLI:

prakas@server:~$ redis-cli -h localhost -p 6300
localhost:6300> ping
PONG
localhost:6300> quit

Step 3: Create a Docker Network

We create a separate Docker network to allow One-Time Secret to communicate with Redis securely.

docker network create secrets-net

Connect Redis to this network:

docker network connect secrets-net redis

Step 4: Set Environment Variables

Define environment variables for One-Time Secret:

export HOST=localhost:3000
export SSL=false
export COLONEL=admin@example.com
export REDIS_URL=redis://host.docker.internal:6300/0
export RACK_ENV=production

Step 5: Run One-Time Secret Container

Now, deploy One-Time Secret using the following command:

docker run --network secrets-net -p 3000:3000 -d --name onetimesecret \
  -e REDIS_URL=redis://redis:6379/0 \
  -e COLONEL=$COLONEL \
  -e HOST=$HOST \
  -e SSL=$SSL \
  -e RACK_ENV=$RACK_ENV \
  onetimesecret/onetimesecret:latest

Explanation:

  • --network secrets-net: Connects the container to the secrets-net network.

  • -p 3000:3000: Maps port 3000 on the container to port 3000 on the host.

  • -d: Runs the container in the background.

  • --name onetimesecret: Names the container onetimesecret.

  • -e: Passes the environment variables.

Step 6: Verify Running Containers

Check if both containers are running:

docker ps -a

You should see output similar to:

Step 7: Access One-Time Secret

Open your browser and visit: http://localhost:3000

You should now see the One-Time Secret UI.

Method 2: Deploy Using Docker Compose

Instead of running multiple commands, we can simplify the deployment using a Docker Compose file.

Step 1: Create a docker-compose.yml File

Create a new file docker-compose.yml with the following content:

version: '3.8'

services:
  redis:
    image: redis:bookworm
    container_name: redis
    ports:
      - "6300:6379"
    networks:
      - secrets-net

  onetimesecret:
    image: onetimesecret/onetimesecret:latest
    container_name: onetimesecret
    depends_on:
      - redis
    environment:
      REDIS_URL: redis://redis:6379/0
      COLONEL: admin@example.com
      HOST: localhost:3000
      SSL: "false"
      RACK_ENV: production
    ports:
      - "3000:3000"
    networks:
      - secrets-net

networks:
  secrets-net:
    driver: bridge

Step 2: Start the Services

Run the following command to start both containers:

docker-compose up -d

This will:

  1. Start a Redis container.

  2. Start the One-Time Secret container with the correct environment variables.

  3. Connect both containers through the secrets-net network.

Step 3: Verify Running Containers

Check if the services are running:

docker-compose ps

Step 4: Stop and Remove Containers

To stop the services, run:

docker-compose down

This stops and removes the containers.

Conclusion

We have successfully deployed One-Time Secret in two ways:

  1. Using Docker Commands.

  2. Using Docker Compose (recommended for easier management).

With this setup, you can securely share one-time secrets and ensure that sensitive information is automatically deleted after being viewed.

🔹 Try it now! Open http://localhost:3000 and start sharing secrets securely! 🚀

For more details and advanced configurations, check out the official One-Time Secret GitHub Repository:
🔗 One-Time Secret on GitHub

Got feedback? Let me know — and happy experimenting! 😊

(P.S. Check out the attached image of OnetimeSecret running on my laptop with localhost!)

Thank You! 😊

Follow me on YouTube below:

https://www.youtube.com/@LinuxCloudGuy
onetimesecrectsecretsSecuritysecurityawarenessSecOpsDocker composeDockerDevopsDevOps Journey#Devopscommunity