End-to-end encrypted document sharing you self-host.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: all , all-db , all-storage , azure , dev , gcs , mysql , postgres , s3 , server , sqlite
Classifiers
Report project as malware

Project description

                    _ _            _
       __   _____| | | __ _ _ __(_)___
       \ \ / / _ \ | |/ _` | '__| / __|
        \ V /  __/ | | (_| | |  | \__ \
         \_/ \___|_|_|\__,_|_|  |_|___/

Files only the people you choose can read.

End-to-end encrypted document sharing you self-host.

pip install vellaris

Source · PyPI · Docs · License

Status

v0.2.0 — feature drop. Alpha; expect rough edges. The on-wire format is still locked, so blobs encrypted with any v0.x release keep decrypting on later versions.

What v0.2 adds on top of the v0.1 baseline:

  • Web Worker for crypto. RSA-4096 keygen and Argon2id-at-prod-params no longer block the main thread on signup or login. The EncryptAnim actually animates instead of stuttering.
  • IndexedDB-backed key store. The wrapped private key now lives in IDB, with one-shot migration from any pre-existing localStorage entry.
  • Streaming uploads. The upload route reads files via File.stream() instead of file.arrayBuffer(), so the SPA no longer trips ArrayBuffer size limits on multi-hundred-megabyte uploads.

Plus the v0.1.3 → v0.1.5 fixes already in: owner-visible "shared with" chips on /doc/:id, manual Cloudflare pageviews on the public auth routes only (no leak past login), and a strict-ish Content-Security- Policy on the SPA.

How it works

Vellaris encrypts files on your device with a fresh AES-256 key, then encrypts that key once for each recipient with their RSA-4096 public key. Your self-hosted server only ever holds ciphertext, encrypted-DEK rows, and a signed audit log — it cannot decrypt anything.

crypto: AES-256-GCM · RSA-4096 OAEP-SHA256 · Argon2id passphrase KDF

Three clients, one trust boundary

Client Install When to reach for it
CLI pip install vellaris Engineers, scripts, CI pipelines
Python SDK pip install vellaris Automations, ETLs, webhook handlers
Web Static SPA, deploy-anywhere Colleagues who don't live in a terminal

Every client speaks the same on-wire protocol; the server publishes its contract at /openapi.json.

Run a server

Docker

Pull the slim image (~120 MB, SQLite + local FS only):

docker pull ghcr.io/subhayu99/vellaris:0.5.0

Or the full image (~350 MB, every DB and cloud storage backend bundled):

docker pull ghcr.io/subhayu99/vellaris:0.5.0-full

For a tailored configuration (e.g. Postgres + S3 only) and a copy-paste docker run command, use the deployment configurator.

License

Apache 2.0. No CLA traps. Read every line on GitHub.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for subhayu99 from gravatar.com subhayu99
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: Apache Software License (Apache-2.0)
  • Tags cli , document-sharing , e2ee , encryption , self-hosted
  • Requires: Python >=3.11
  • Provides-Extra: all , all-db , all-storage , azure , dev , gcs , mysql , postgres , s3 , server , sqlite
Classifiers

Release history Release notifications | RSS feed

0.7.0

0.6.0

0.5.7

This version

0.5.6

0.5.5

0.5.4

0.5.2

0.5.1

0.4.1

0.4.0

0.3.2

0.3.1

0.3.0

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vellaris-0.5.6.tar.gz (83.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vellaris-0.5.6-py3-none-any.whl (66.6 kB view details)

Uploaded Python 3

File details

Details for the file vellaris-0.5.6.tar.gz.

File metadata

  • Download URL: vellaris-0.5.6.tar.gz
  • Upload date:
  • Size: 83.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.5.6.tar.gz
Algorithm Hash digest
SHA256 a0ef22f1a20440ad2d5745f21fa1716176686b5b259c6bda09f379f55d5f2294
MD5 e1f0f1728917955ebe55d55ecb8155f1
BLAKE2b-256 30701c157ed4d50a2e86b45e45a091210ab20dd48286b6112f5f1d80fb317694

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.5.6.tar.gz:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vellaris-0.5.6-py3-none-any.whl.

File metadata

  • Download URL: vellaris-0.5.6-py3-none-any.whl
  • Upload date:
  • Size: 66.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vellaris-0.5.6-py3-none-any.whl
Algorithm Hash digest
SHA256 8e316d208d7aff12b977194db54fb728cbdb757e2c1ab0eadc2706cacb92d19e
MD5 c3c1ac8139f9deec37e7377da7eab608
BLAKE2b-256 b6c8d0d7e21ab7a5cdf9c0611b2918cf3f122ee4583a376d5fd8c1ee0627086f

See more details on using hashes here.

Provenance

The following attestation bundles were made for vellaris-0.5.6-py3-none-any.whl:

Publisher: release.yml on subhayu99/vellaris

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page