Onetime Secret, a self hosted service for sharing sensitive information through one time links that reveal a secret exactly once and then self destruct.
Onetime Secret is an open source, self hosted service for sharing passwords and other sensitive information safely. Instead of pasting a secret into email or chat where it lingers forever, you paste it once and get back a short lived one time link; the recipient opens the link a single time to reveal the secret, after which it is permanently burned and the link stops working. Secrets carry a time to live so anything unread also expires on its own, and an optional administrator dashboard lets an operator review activity. It suits any team that needs to hand over credentials, keys or private notes without leaving a lasting copy behind.
cloudimg delivers Onetime Secret hardened behind an nginx reverse proxy that binds the application and its Redis store to loopback, served over TLS with a self signed certificate regenerated on first boot so no key material is ever shared between instances. The image is secure by default with no known credential baked in: on each instance's first boot the application root secret, the Redis password and the administrator account password are all generated to unique random values and written to a root only file. Every deployment carries a paired deployment guide and 24/7 support.
Real screenshots taken while testing this image against its deployment guide.