forked from username/flaskpaste
8.5 KiB
8.5 KiB
FlaskPaste Roadmap
Current State
FlaskPaste v1.1.0 is deployed and feature-complete for its core mission: a secure, minimal pastebin API with zero-knowledge encryption support.
Implemented:
- Full REST API (CRUD operations)
- Binary content support with magic-byte MIME detection
- Client certificate authentication
- Content-hash deduplication (abuse prevention)
- Proof-of-work spam prevention
- Entropy enforcement (require encrypted uploads)
- E2E encryption in CLI (AES-256-GCM, key in URL fragment)
- URL prefix support for reverse proxy deployments
- /client endpoint for CLI distribution
- Automatic paste expiry
- Security headers and request tracing
- Container deployment support
- Comprehensive test suite (98 tests)
Phase 1: Hardening (Complete)
Focus: Production readiness and operational excellence.
┌───┬─────────────────────────────────────┬────────────────────────────────────┐
│ # │ Milestone │ Status
├───┼─────────────────────────────────────┼────────────────────────────────────┤
│ 1 │ Abuse prevention (dedup) │ Done
│ 2 │ Security headers complete │ Done
│ 3 │ Request tracing (X-Request-ID) │ Done
│ 4 │ Proxy trust validation │ Done
│ 5 │ Proof-of-work spam prevention │ Done
│ 6 │ Entropy enforcement │ Done
│ 7 │ Test coverage > 90% │ Done (98 tests)
│ 8 │ Documentation complete │ Done
└───┴─────────────────────────────────────┴────────────────────────────────────┘
Phase 2: Operations
Focus: Deployment, monitoring, and maintenance tooling.
┌───┬─────────────────────────────────────┬────────────────────────────────────┐
│ # │ Milestone │ Dependencies
├───┼─────────────────────────────────────┼────────────────────────────────────┤
│ 1 │ Prometheus metrics endpoint │ None
│ 2 │ Structured JSON logging │ None
│ 3 │ Admin API (stats, cleanup) │ Auth improvements
│ 4 │ Ansible deployment role │ None
│ 5 │ CI/CD pipeline │ Container registry access
└───┴─────────────────────────────────────┴────────────────────────────────────┘
Prometheus Metrics
Expose /metrics endpoint with:
flaskpaste_pastes_total(counter)flaskpaste_pastes_created(counter)flaskpaste_pastes_deleted(counter)flaskpaste_pastes_expired(counter)flaskpaste_storage_bytes(gauge)flaskpaste_request_duration_seconds(histogram)
Structured Logging
Replace text logs with JSON format:
- Timestamp, level, message, request_id
- Consistent field names across all log entries
- Compatible with log aggregation (Loki, ELK)
Phase 3: Features (Complete)
Focus: User-requested enhancements within scope.
┌───┬─────────────────────────────────────┬────────────────────────────────────┐
│ # │ Feature │ Status
├───┼─────────────────────────────────────┼────────────────────────────────────┤
│ 1 │ E2E encryption (client-side) │ Done (CLI -e flag, zero-knowledge)
│ 2 │ URL prefix support │ Done
│ 3 │ Custom expiry per paste │ Done (X-Expiry header)
│ 4 │ Burn-after-read option │ Done (X-Burn-After-Read header)
│ 5 │ Paste password protection │ Planned
└───┴─────────────────────────────────────┴────────────────────────────────────┘
Burn-After-Read
Single-access pastes that delete after first retrieval:
POST /withX-Burn-After-Read: trueheader- Paste deleted after first
GET /<id>/raw - Metadata
GET /<id>does not trigger burn
Custom Expiry
Allow per-paste expiry override:
POST /withX-Expiry: 3600header (seconds)- Capped at server maximum (e.g., 30 days)
- Default unchanged for pastes without header
Phase 4: Ecosystem
Focus: Integration with external systems.
┌───┬─────────────────────────────────────┬────────────────────────────────────┐
│ # │ Integration │ Status
├───┼─────────────────────────────────────┼────────────────────────────────────┤
│ 1 │ CLI client (fpaste) │ Done (with E2E encryption)
│ 2 │ /client endpoint │ Done (downloadable CLI)
│ 3 │ Neovim/Vim plugin │ Planned
│ 4 │ Shell aliases/functions │ Planned
│ 5 │ Webhook notifications │ Planned
└───┴─────────────────────────────────────┴────────────────────────────────────┘
CLI Client (Complete)
Standalone Python CLI with encryption support:
fpaste create file.txt- Create paste from filefpaste create -e file.txt- Create encrypted paste (E2E)fpaste get <id>- Get paste (auto-decrypts with URL fragment key)fpaste delete <id>- Delete pastefpaste info- Show server info- Config file for server URL and cert fingerprint
- Downloadable via
curl https://server/client > fpaste
Non-Goals (Explicit)
These features will not be implemented:
- Web UI - Out of scope; use API directly
- User accounts - PKI handles identity
- Syntax highlighting - Client responsibility
- Search/discovery - Pastes are private by design
- Clustering - Scale via container orchestration
- S3/PostgreSQL backend - SQLite is sufficient
Decision Log
| Date | Decision | Rationale |
|---|---|---|
| 2024-11 | SQLite only | Simplicity; no external dependencies |
| 2024-11 | No web UI | API-first; reduces attack surface |
| 2024-11 | Client cert auth | Integrates with existing PKI |
| 2024-12 | Content-hash dedup | Prevent spam without IP tracking |
| 2024-12 | Proof-of-work | Computational cost deters spam bots |
| 2024-12 | Client-side E2E encryption | Zero-knowledge; key in URL fragment |
| 2024-12 | Entropy enforcement | Heuristic to require encrypted uploads |
| 2024-12 | URL prefix support | Reverse proxy path-based routing |
| 2024-12 | Burn-after-read | Single-use pastes for sensitive data |
| 2024-12 | Custom expiry | Per-paste TTL override |
| 2024-12 | Multi-stage Containerfile | Smaller production images |
Review Schedule
- Monthly: Review TODO.md, refine TASKLIST.md
- Quarterly: Evaluate roadmap phases, adjust priorities
- Yearly: Major version planning, scope review