## hugo-encrypt `hugo-encrypt` is a golang port of [Hugo Encryptor](https://github.com/Li4n0/hugo_encryptor) `hugo-encrypt` is a tool that encrpyts content in your [Hugo](https://gohugo.io) posts. It uses AES-256-GCM to encrypt the contents of your posts, and inserts the necessary javascript code into the encrypted posts that decrypts the content after the correntc passphrase has been entered. ### Installation and Usage **Option A:** Build it - Requirements: go 1.11+ - **Step 1:** Install `hugo-encrypt`. $ go get github.com/Izumiko/hugo-encrypt - **Step 2:** Place `shortcodes/hugo-encrypt.html` in the shortcode directory of your blog: $ mkdir -p /path/to/your/blog/layouts/shortcodes $ cp shortcodes/hugo-encrypt.html /path/to/your/blog/layouts/shortcodes/hugo-encrypt.html - **Step 3:** Merge i18n translation files and/or add your own language. $ cp -r i18n /path/to/your/blog/ - **Step 4:** Use hugo-encrypt to encrypt content** $ export PATH=/path/to/hugo-encrypt/:$PATH $ hugo $ hugo-encrypt -sitePath /path/to/hugo/public **Option B:** Use docker - Requirements: docker - $ hugo $ docker run -it --rm \ -v /path/to/hugo/public:/data/site \ chaosbunker/hugo-encrypt hugo-encrypt -sitePath /data/site` ### Setting a password and using the `{{< hugo-encrypt >}}` tag in your blog posts **Option 1:** Setting the password in your blogs config file ``` [params] password = "yourpassword" ``` ```markdown --- title: "This Is An Encrypted Post" --- {{< hugo-encrypt >}} This content will be encrypted! {{< /hugo-encrypt >}} ``` **Option 2:** Setting a spexcific password in the shortcode ```markdown --- title: "This Is An Encrypted Post" --- {{< hugo-encrypt "anotherpassword" >}} This content will also be encrypted! {{< /hugo-encrypt >}} ``` After generating the site with `hugo` and running `hugo-encrypt` all the private posts in your `public` directory are encrypted and the site can be published. ### Configuration Although `hugo-encrypt` works right out of the box, there are a few things that can be customized. . #### Language Use i18n to display content generated by `hugo-Encrypt` in the language of your choice by setting the following param in your config file. Make sure to set the Param `DefaultContentLanguage` and add the corresponding language file to the i18n folder. ```toml [params] DefaultContentLanguage = "en-us" ``` #### Password storage `hugo-encrypt` uses _localStorage_ by default. This means the passphrase is permanently stored in the browser. By adding the `hugoEncryptStorage` param in your blog's config file you can set the storage method to _sessionStorage_. ```toml [params] hugoEncryptStorage = "session" # or "local" ``` **localStorage**: Once a visitor entered the correct passphrase the authorization status will not expire. The visitor can read the article until the passphrase has been changed or the browser cache is cleared. **sessionStorage**: Once a visitor entered the correct passphrase the authorization will expire after the browser is closed. ### Attention Remember to keep the source files of your encrypted posts private. Never push your blog directory into a public repository as the encryption happens after generating the html files with `hugo`. Remember to run `hugo-encrypt` after generating your site with `hugo` to encrypt the posts you want to be passphrase-protected. You might want to use a shell script instead of `hugo` to take care of both steps: #!/bin/bash hugo --cleanDestinationDir hugo-encrypt