End-to-end encrypted document sharing you self-host.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: all , all-db , all-storage , azure , dev , gcs , mysql , postgres , s3 , server , sqlite
Classifiers
Report project as malware

Project description

                    _ _            _
       __   _____| | | __ _ _ __(_)___
       \ \ / / _ \ | |/ _` | '__| / __|
        \ V /  __/ | | (_| | |  | \__ \
         \_/ \___|_|_|\__,_|_|  |_|___/

Files only the people you choose can read.

End-to-end encrypted document sharing you self-host.

pip install vellaris

Source · PyPI · Docs · License

Status

v0.2.0 — feature drop. Alpha; expect rough edges. The on-wire format is still locked, so blobs encrypted with any v0.x release keep decrypting on later versions.

What v0.2 adds on top of the v0.1 baseline:

  • Web Worker for crypto. RSA-4096 keygen and Argon2id-at-prod-params no longer block the main thread on signup or login. The EncryptAnim actually animates instead of stuttering.
  • IndexedDB-backed key store. The wrapped private key now lives in IDB, with one-shot migration from any pre-existing localStorage entry.
  • Streaming uploads. The upload route reads files via File.stream() instead of file.arrayBuffer(), so the SPA no longer trips ArrayBuffer size limits on multi-hundred-megabyte uploads.

Plus the v0.1.3 → v0.1.5 fixes already in: owner-visible "shared with" chips on /doc/:id, manual Cloudflare pageviews on the public auth routes only (no leak past login), and a strict-ish Content-Security- Policy on the SPA.

How it works

Vellaris encrypts files on your device with a fresh AES-256 key, then encrypts that key once for each recipient with their RSA-4096 public key. Your self-hosted server only ever holds ciphertext, encrypted-DEK rows, and a signed audit log — it cannot decrypt anything.

crypto: AES-256-GCM · RSA-4096 OAEP-SHA256 · Argon2id passphrase KDF

Three clients, one trust boundary

Client Install When to reach for it
CLI pip install vellaris Engineers, scripts, CI pipelines
Python SDK pip install vellaris Automations, ETLs, webhook handlers
Web Static SPA, deploy-anywhere Colleagues who don't live in a terminal

Every client speaks the same on-wire protocol; the server publishes its contract at /openapi.json.

Run a server

Docker

Pull the slim image (~120 MB, SQLite + local FS only):

docker pull ghcr.io/subhayu99/vellaris:0.5.0

Or the full image (~350 MB, every DB and cloud storage backend bundled):

docker pull ghcr.io/subhayu99/vellaris:0.5.0-full

For a tailored configuration (e.g. Postgres + S3 only) and a copy-paste docker run command, use the deployment configurator.

License

Apache 2.0. No CLA traps. Read every line on GitHub.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: all , all-db , all-storage , azure , dev , gcs , mysql , postgres , s3 , server , sqlite
Classifiers

Release history Release notifications | RSS feed

0.7.0

0.6.0

0.5.7

0.5.6

This version

0.5.5

0.5.4

0.5.2

0.5.1

0.4.1

0.4.0

0.3.2

0.3.1

0.3.0

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vellaris-0.5.5.tar.gz (83.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vellaris-0.5.5-py3-none-any.whl (66.6 kB view details)

Uploaded Python 3

File details

Details for the file vellaris-0.5.5.tar.gz.

File metadata

  • Download URL: vellaris-0.5.5.tar.gz
  • Upload date:
  • Size: 83.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.5.5.tar.gz
Algorithm Hash digest
SHA256 2ef8f02c96b9724aed4c92d55241afd01f660822b9c75ff154f6ecff31bf0812
MD5 8903ef1f6e109df0f8671b444e7836c7
BLAKE2b-256 46482e0c24371fdbf4197e0b8d3567b5faa8d850f76be0734f8a45e3d095cad5

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.5.5.tar.gz:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vellaris-0.5.5-py3-none-any.whl.

File metadata

  • Download URL: vellaris-0.5.5-py3-none-any.whl
  • Upload date:
  • Size: 66.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.5.5-py3-none-any.whl
Algorithm Hash digest
SHA256 86926f6225c98cc41f59406db7c89626a9742942563bca29ff7bfa7c4795027c
MD5 34095980fb0bf2b7f76cbec971767cdd
BLAKE2b-256 80735c83254aa55229fbf3b774707815dcff4119b669d76fabf2dd5c755b0d64

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.5.5-py3-none-any.whl:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page