# hugo-encrypt `hugo-encrypt` is a golang port of [Hugo Encryptor](https://github.com/Li4n0/hugo_encryptor) `hugo-encrypt` is a tool that encrpyts content in your [Hugo](https://gohugo.io) posts. It uses AES-256-GCM to encrypt the contents of your posts, and inserts the necessary javascript code into the encrypted posts that decrypts the content after the correntc passphrase has been entered. ## Installation and Usage **Option A) Build** Requirements: go 1.11+ **Step 1: Install `hugo-encrypt`.** $ go get github.com/Izumiko/hugo-encrypt **Step 2: Place `shortcodes/hugo-encrypt.html` in the shortcode directory of your blog:** $ mkdir -p /path/to/your/blog/layouts/shortcodes $ cp shortcodes/hugo-encrypt.html /path/to/your/blog/layouts/shortcodes/hugo-encrypt.html **Step 3: Merge i18n translation files and/or add your own language.** $ cp -r i18n /path/to/your/blog/ **Step 4: Use hugo-encrypt to encrypt content $ export PATH=/path/to/hugo-encrypt/:$PATH $ hugo-encrypt -sitePath /path/to/hugo/public **Option B) Use docker Requirements: docker $ docker run -it --rm \ -v /path/to/hugo/public:/data/site \ chaosbunker/hugo-encrypt hugo-encrypt -sitePath /data/site` ## Using the `{{< hugo-encrypt >}}` tag in your blog posts **Option 1: Setting the password in your blogs config file** ``` [params] password = "yourpassword" ``` ```markdown --- title: "This Is An Encrypted Post" --- {{< hugo-encrypt >}} This content will be encrypted! {{< /hugo-encrypt >}} ``` **Option 2: Setting a spexcific password in the shortcode** ```markdown --- title: "This Is An Encrypted Post" --- {{< hugo-encrypt "anotherpassword" >}} This content will also be encrypted! {{< /hugo-encrypt >}} ``` **Step 2: Generate your site as usual** It may be something like: $ hugo **Step 3: Get the encryption done** $ ./hugo-encrypt or (if added to PATH) $ hugo-encrypt Now all the private posts in your `public` directory are encrypted. ## Configuration Although `hugo-encrypt` works right out of the box, there are a few things that can be customized to your liking. . ### Language Use i18n to display content generated by `hugo-Encrypt` in the language of your choice by setting the following param in your config file. Make sure to set the Param `DefaultContentLanguage` and add the corresponding language file to the i18n folder. ```toml [params] DefaultContentLanguage = "en-us" ``` ### Password storage `hugo-encrypt` uses _localStorage_ by default. This means the passphrase is permanently stored in the browser. By adding the `hugoEncryptStorage` param in your blog's config file you can set the storage method to _sessionStorage_. ```toml [params] hugoEncryptStorage = "session" # or "local" ``` * **localStorage**: Once a visitor entered the correct passphrase the authorization status will not expire. The visitor can read the article until the passphrase has been changed or the browser cache is cleared. * **sessionStorage**: Once a visitor entered the correct passphrase the authorization will expire after the browser is closed. ## Attention * Remember to keep the source files of your encrypted posts private. Never push your blog directory into a public repository as the encryption happens after generating the html files with `hugo`. * Remember to run `hugo-encrypt` after generating your site with `hugo` to encrypt the posts you want to be passphrase-protected. You might want to use a shell script instead of `hugo` to take care of both steps: ```bash #!/bin/bash hugo --cleanDestinationDir hugo-encrypt ```