Deploying FlashPaper

Introduction

FlashPaper is a lightweight, open-source platform for securely sharing one-time messages and sensitive information. Built with PHP, FlashPaper allows you to share passwords, API keys, and confidential data through self-destructing links that expire after being viewed once or after a set time period. It’s the perfect solution for developers, security teams, and organizations that need to share secrets without leaving a permanent digital trail.

FlashPaper stands out for:

One-Time Access: Messages self-destruct after being read once
Time-Limited Links: Set expiration times for automatic deletion
No Database Required: Uses Redis for temporary storage, ensuring no permanent records
Encryption: Messages are encrypted before storage
Simple Interface: Clean, minimalist UI focused on security
Self-Hosted: Complete control over your sensitive data
Audit Trail: Optional logging of access attempts
Password Protection: Add extra security with password-protected links

Common use cases include sharing database credentials with team members, distributing API keys, sending temporary passwords, sharing sensitive documents, and secure communication between contractors and clients.

This comprehensive guide walks you through deploying FlashPaper on Klutch.sh using Docker, including Redis integration for secure message storage, persistent logging, environment configuration, and production-ready security practices.

Prerequisites

Before you begin, ensure you have:

A Klutch.sh account
A GitHub account with a repository for your FlashPaper project
A Redis instance for message storage (see our Redis deployment guide for setup instructions)
Docker installed locally for testing (optional but recommended)
Basic understanding of Docker, PHP, and Redis

Understanding FlashPaper Architecture

FlashPaper’s architecture is designed around security and ephemerality:

Web Interface: PHP-based frontend running on Apache/Nginx (port 80)
Message Storage: Redis backend for temporary, encrypted message storage
Encryption: Messages are encrypted using strong cryptographic algorithms before storage
Self-Destruction: Messages automatically delete after viewing or expiration
No Persistent Database: Ensures no permanent record of sensitive information

Port Configuration

Internal Port: 80 (HTTP server)
Redis Connection: Connects to Redis on port 6379 (or 8000 for Klutch.sh-hosted Redis)

Installation and Setup

Step 1: Create Your Project Directory

First, create a new directory for your FlashPaper deployment project:

mkdir flashpaper-klutch
cd flashpaper-klutch
git init

Step 2: Create the Dockerfile

Create a Dockerfile in your project root directory:

FROM php:8.2-apache

# Install system dependencies and PHP extensions
RUN apt-get update && apt-get install -y \
    git \
    unzip \
    libzip-dev \
    && docker-php-ext-install zip \
    && pecl install redis \
    && docker-php-ext-enable redis \
    && rm -rf /var/lib/apt/lists/*

# Enable Apache modules
RUN a2enmod rewrite headers

# Set working directory
WORKDIR /var/www/html

# Clone FlashPaper repository
RUN git clone https://github.com/AndrewPaglusch/FlashPaper.git . \
    && chown -R www-data:www-data /var/www/html

# Create settings directory with proper permissions
RUN mkdir -p /var/www/html/settings && \
    chown -R www-data:www-data /var/www/html/settings && \
    chmod 755 /var/www/html/settings

# Copy custom Apache configuration
COPY apache-config.conf /etc/apache2/sites-available/000-default.conf

# Expose HTTP port
EXPOSE 80

# Start Apache
CMD ["apache2-foreground"]

Note: This Dockerfile uses PHP 8.2 with Apache and includes the Redis PHP extension for message storage. FlashPaper is cloned directly from the official repository to ensure you always get the latest stable version.

Step 3: Create Apache Configuration

Create an apache-config.conf file for proper URL rewriting:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    <Directory /var/www/html>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted

        # Security headers
        Header always set X-Content-Type-Options "nosniff"
        Header always set X-Frame-Options "DENY"
        Header always set X-XSS-Protection "1; mode=block"
        Header always set Referrer-Policy "no-referrer"
        Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';"
    </Directory>

    # Logging
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

This configuration ensures proper routing and includes important security headers for production deployments.

Step 4: Create Configuration File

Create a config.php template file:

<?php
// FlashPaper Configuration

// Redis Configuration
define('REDIS_HOST', getenv('REDIS_HOST') ?: 'localhost');
define('REDIS_PORT', getenv('REDIS_PORT') ?: 6379);
define('REDIS_PASSWORD', getenv('REDIS_PASSWORD') ?: '');
define('REDIS_DATABASE', getenv('REDIS_DATABASE') ?: 0);

// Application Settings
define('SITE_URL', getenv('SITE_URL') ?: 'http://localhost');
define('MAX_MESSAGE_SIZE', getenv('MAX_MESSAGE_SIZE') ?: 10000); // characters
define('DEFAULT_EXPIRATION', getenv('DEFAULT_EXPIRATION') ?: 3600); // seconds (1 hour)
define('MAX_EXPIRATION', getenv('MAX_EXPIRATION') ?: 86400); // seconds (24 hours)

// Security Settings
define('ENCRYPTION_KEY', getenv('ENCRYPTION_KEY') ?: ''); // Generate a strong key
define('RATE_LIMIT_ENABLED', getenv('RATE_LIMIT_ENABLED') ?: true);
define('RATE_LIMIT_REQUESTS', getenv('RATE_LIMIT_REQUESTS') ?: 10); // requests per minute

// Logging
define('ENABLE_LOGGING', getenv('ENABLE_LOGGING') ?: true);
define('LOG_PATH', getenv('LOG_PATH') ?: '/var/www/html/settings/logs');

// Optional: Require password for all messages
define('FORCE_PASSWORD', getenv('FORCE_PASSWORD') ?: false);

Step 5: Create Startup Script

Create an entrypoint.sh file to handle initialization:

#!/bin/bash
set -e

# Wait for Redis to be ready
echo "Waiting for Redis to be ready..."
until redis-cli -h "$REDIS_HOST" -p "$REDIS_PORT" -a "$REDIS_PASSWORD" ping 2>/dev/null | grep -q PONG; do
    echo "Redis is unavailable - sleeping"
    sleep 2
done
echo "Redis is ready!"

# Create log directory if it doesn't exist
mkdir -p /var/www/html/settings/logs
chown -R www-data:www-data /var/www/html/settings

# Copy config if it doesn't exist
if [ ! -f /var/www/html/settings/config.php ]; then
    cp /var/www/html/config.php /var/www/html/settings/config.php
    echo "Configuration file created"
fi

# Set proper permissions
chown -R www-data:www-data /var/www/html
chmod -R 755 /var/www/html

# Start Apache
exec apache2-foreground

Make the script executable:

chmod +x entrypoint.sh

Step 6: Update Dockerfile to Use Entrypoint

Update your Dockerfile to include the startup script:

FROM php:8.2-apache

# Install system dependencies and PHP extensions
RUN apt-get update && apt-get install -y \
    git \
    unzip \
    libzip-dev \
    redis-tools \
    && docker-php-ext-install zip \
    && pecl install redis \
    && docker-php-ext-enable redis \
    && rm -rf /var/lib/apt/lists/*

# Enable Apache modules
RUN a2enmod rewrite headers

# Set working directory
WORKDIR /var/www/html

# Clone FlashPaper repository
RUN git clone https://github.com/AndrewPaglusch/FlashPaper.git . \
    && chown -R www-data:www-data /var/www/html

# Create settings directory with proper permissions
RUN mkdir -p /var/www/html/settings && \
    chown -R www-data:www-data /var/www/html/settings && \
    chmod 755 /var/www/html/settings

# Copy configuration files
COPY apache-config.conf /etc/apache2/sites-available/000-default.conf
COPY config.php /var/www/html/config.php
COPY entrypoint.sh /usr/local/bin/

# Make entrypoint executable
RUN chmod +x /usr/local/bin/entrypoint.sh

# Expose HTTP port
EXPOSE 80

# Use custom entrypoint
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

Step 7: Create Environment Variables Documentation

Create a .env.example file documenting all configuration options:

# Redis Configuration (Required)
REDIS_HOST=your-redis-app.klutch.sh
REDIS_PORT=8000
REDIS_PASSWORD=your-redis-password
REDIS_DATABASE=0

# Application Settings
SITE_URL=https://example-app.klutch.sh
MAX_MESSAGE_SIZE=10000
DEFAULT_EXPIRATION=3600
MAX_EXPIRATION=86400

# Security Settings (Required - Generate strong random keys)
ENCRYPTION_KEY=your-very-secure-encryption-key-here
RATE_LIMIT_ENABLED=true
RATE_LIMIT_REQUESTS=10

# Logging
ENABLE_LOGGING=true
LOG_PATH=/var/www/html/settings/logs

# Optional: Force password protection on all messages
FORCE_PASSWORD=false

Important Security Note: Never commit actual credentials or encryption keys to your repository. These should only be set as environment variables in the Klutch.sh dashboard.

Step 8: Create .gitignore File

Create a .gitignore file to exclude sensitive and generated files:

# Environment files
.env
.env.local

# Logs
logs/
*.log

# Settings
settings/config.php

# OS files
.DS_Store
Thumbs.db

# IDE files
.vscode/
.idea/

Step 9: Create README

Create a README.md file with deployment instructions:

# FlashPaper Deployment on Klutch.sh

## About FlashPaper

FlashPaper is a secure, one-time message sharing platform. Messages self-destruct after being viewed once or after expiration.

## Prerequisites

- Redis instance for message storage
- Strong encryption key for message encryption

## Deployment Instructions

1. Deploy a Redis instance on Klutch.sh (see Redis deployment guide)
2. Generate a strong encryption key:
   ```bash
   openssl rand -base64 32

Set all required environment variables in Klutch.sh
Deploy the application

Security Best Practices

Always use HTTPS (automatic on Klutch.sh)
Generate and use strong encryption keys
Enable rate limiting to prevent abuse
Use password protection for sensitive messages
Regularly rotate encryption keys
Monitor logs for suspicious activity

Usage

Visit your FlashPaper URL
Enter your secret message
Set expiration time (optional)
Add password protection (optional)
Share the generated link
Message self-destructs after viewing

### Step 10: Test Locally (Optional)

Before deploying to Klutch.sh, you can test your FlashPaper setup locally using Docker:

```bash
# Build the Docker image
docker build -t flashpaper-local .

# Run a local Redis container for testing
docker run -d \
  --name redis-test \
  -p 6379:6379 \
  redis:alpine redis-server --requirepass testpass

# Generate an encryption key
export ENCRYPTION_KEY=$(openssl rand -base64 32)

# Run the FlashPaper container
docker run -d \
  --name flashpaper-test \
  --link redis-test:redis \
  -p 8080:80 \
  -e REDIS_HOST=redis-test \
  -e REDIS_PORT=6379 \
  -e REDIS_PASSWORD=testpass \
  -e ENCRYPTION_KEY="$ENCRYPTION_KEY" \
  -e SITE_URL=http://localhost:8080 \
  flashpaper-local

# Check logs
docker logs -f flashpaper-test

# Once running, open http://localhost:8080 in your browser

# Cleanup when done testing
docker stop flashpaper-test redis-test
docker rm flashpaper-test redis-test

Step 11: Push to GitHub

Commit your files to your GitHub repository:

git add Dockerfile apache-config.conf config.php entrypoint.sh .env.example .gitignore README.md
git commit -m "Add FlashPaper Dockerfile and configuration"
git remote add origin https://github.com/yourusername/flashpaper-klutch.git
git push -u origin main

Setting Up Redis

FlashPaper requires Redis for temporary message storage. Redis provides the perfect backend for ephemeral, encrypted data that needs to self-destruct.

Redis Deployment Steps

Deploy Redis on Klutch.sh

Follow our comprehensive Redis deployment guide to deploy a Redis instance on Klutch.sh. Redis will be used to store encrypted messages temporarily.
Configure Redis Connection

After your Redis deployment is running, note these connection details:
- Redis Host: your-redis-app.klutch.sh
- Redis Port: 8000 (Klutch.sh’s TCP routing port)
- Redis Password: The password you set during Redis deployment
Test Redis Connection

Verify your Redis instance is accessible:
Terminal window
```
redis-cli -h your-redis-app.klutch.sh -p 8000 -a your-password PING
```
You should receive a PONG response.

Deploying to Klutch.sh

Now that your FlashPaper project is ready and your Redis instance is deployed, follow these steps to deploy FlashPaper on Klutch.sh.

Deployment Steps

Log in to Klutch.sh

Navigate to klutch.sh/app and sign in to your account.
Create a New Project

Go to Create Project and give your project a meaningful name (e.g., “FlashPaper Secure Sharing”).
Create a New App

Navigate to Create App and configure the following settings:
Select Your Repository
- Choose GitHub as your Git source
- Select the repository containing your Dockerfile and configuration files
- Choose the branch you want to deploy (usually main or master)
Configure Traffic Type
- Traffic Type: Select HTTP (FlashPaper is a web application)
- Internal Port: Set to 80 (the port Apache listens on inside the container)
Set Environment Variables

Add the following environment variables for your FlashPaper configuration:

Redis Configuration (Required):
- REDIS_HOST: Your Redis app URL (e.g., your-redis-app.klutch.sh)
- REDIS_PORT: 8000 (Klutch.sh’s TCP routing port)
- REDIS_PASSWORD: Your secure Redis password (mark as secret)
- REDIS_DATABASE: 0 (default Redis database)
Application Settings:
- SITE_URL: Your FlashPaper public URL (e.g., https://flashpaper.example.com or use the Klutch.sh provided URL)
- MAX_MESSAGE_SIZE: 10000 (maximum characters per message)
- DEFAULT_EXPIRATION: 3600 (default expiration in seconds - 1 hour)
- MAX_EXPIRATION: 86400 (maximum expiration in seconds - 24 hours)
Security Settings (Critical):
- ENCRYPTION_KEY: Generate a strong encryption key using openssl rand -base64 32 (mark as secret)
- RATE_LIMIT_ENABLED: true (enable rate limiting)
- RATE_LIMIT_REQUESTS: 10 (requests per minute per IP)
Logging:
- ENABLE_LOGGING: true (enable access logging)
- LOG_PATH: /var/www/html/settings/logs
Optional Security:
- FORCE_PASSWORD: false (set to true to require password protection on all messages)
Security Warning: Always use strong, randomly generated values for ENCRYPTION_KEY and REDIS_PASSWORD. Never use default or example values in production.
Attach Persistent Volume for Logs

FlashPaper can store access logs that should persist across deployments:
- Mount Path: /var/www/html/settings/logs
- Size: 1GB (adjust based on logging needs)
Note: While messages themselves are ephemeral and stored in Redis, access logs provide an audit trail for compliance and security monitoring.
Configure Additional Settings
- Region: Select the region closest to your target audience for optimal latency
- Compute Resources: Choose CPU and memory based on expected traffic:
  - Small team (< 100 shares/day): 256MB RAM, 0.25 CPU
  - Medium usage (100-1000 shares/day): 512MB RAM, 0.5 CPU
  - High traffic (> 1000 shares/day): 1GB RAM, 1 CPU
- Instances: Start with 1 instance and scale horizontally as needed
Deploy Your Application

Click “Create” to start the deployment. Klutch.sh will:
- Automatically detect your Dockerfile in the repository root
- Build the Docker image with PHP and Redis extensions
- Attach the persistent volume for logs
- Start your FlashPaper container
- Connect to your Redis instance
- Assign a URL for public access
Verify Deployment

Once deployment is complete, you’ll receive a URL like example-app.klutch.sh. Visit this URL in your browser to verify FlashPaper is running. You should see the FlashPaper interface ready to create secure messages.

Post-Deployment Configuration

After your FlashPaper instance is deployed, there are several important configuration and security steps to complete.

Initial Testing

Create a Test Message
- Visit your FlashPaper URL
- Enter a test message: “This is a test secure message”
- Set a short expiration (e.g., 5 minutes)
- Click “Create FlashPaper”
- Copy the generated link
Verify Self-Destruction
- Open the link in a private/incognito browser window
- Verify the message displays correctly
- Try to access the link again
- Confirm the message is no longer accessible (should show “This message has been destroyed”)
Test Password Protection
- Create another test message
- Enable password protection and set a password
- Share the link and password separately
- Verify the message requires the password to view

Setting Up a Custom Domain

Add Custom Domain in Klutch.sh
- In your Klutch.sh app settings, go to the Domains section
- Add your custom domain (e.g., secure.example.com or flashpaper.example.com)
- Follow the instructions to add DNS records
Update DNS Records

Point your domain to Klutch.sh:
- Add an A record or CNAME as instructed by Klutch.sh
- Wait for DNS propagation (can take up to 48 hours, usually much faster)
Update Site URL

After your custom domain is active:
- Update the SITE_URL environment variable in Klutch.sh to your new domain
- Example: SITE_URL=https://secure.example.com
- Redeploy your application for changes to take effect
Enable HTTPS

Klutch.sh automatically provides SSL/TLS certificates for custom domains. Ensure your SITE_URL uses https:// for secure message sharing.

Security Best Practices

Encryption and Key Management

Strong Encryption Keys: Use cryptographically secure random keys generated with openssl rand -base64 32 or similar
Key Rotation: Regularly rotate encryption keys (note: existing messages won’t be accessible after rotation)
Environment Variables: Store all keys as secrets in Klutch.sh, never in code
Unique Keys: Use different encryption keys for development, staging, and production

Access Control and Rate Limiting

Rate Limiting: Always enable rate limiting to prevent abuse (recommended: 10 requests/minute per IP)
Force Passwords: Consider enabling FORCE_PASSWORD=true for highly sensitive environments
IP Whitelisting: Use reverse proxy rules to restrict access to specific IP ranges if needed
Monitoring: Regularly review access logs for suspicious patterns

Redis Security

Strong Redis Password: Use a complex, randomly generated password for Redis
Network Isolation: Keep Redis on the same Klutch.sh project for network isolation
Regular Backups: While messages are ephemeral, backup Redis configuration
Connection Encryption: Use Redis SSL/TLS if handling extremely sensitive data

Application Security

HTTPS Only: Always use HTTPS for FlashPaper (automatic on Klutch.sh)
Security Headers: The provided Apache configuration includes essential security headers
Regular Updates: Keep FlashPaper and its dependencies updated
Audit Logging: Enable logging and regularly review for security incidents
Message Size Limits: Configure appropriate MAX_MESSAGE_SIZE to prevent abuse
Expiration Limits: Set reasonable MAX_EXPIRATION values (24 hours recommended)

Monitoring and Maintenance

Health Checks

Monitor your FlashPaper instance for:

Application Health: Verify the web interface is responsive
Redis Connectivity: Ensure Redis connection is stable
Message Creation: Test creating and retrieving messages regularly
Resource Usage: Monitor CPU and memory usage via Klutch.sh dashboard
Log Files: Check logs for errors or suspicious activity

Performance Optimization

Redis Connection Pooling: PHP-Redis handles connection pooling automatically
Message Cleanup: Redis automatically handles TTL (time-to-live) for messages
Log Rotation: Implement log rotation for the persistent log volume:

# Add to a cron job or scheduled task
find /var/www/html/settings/logs -name "*.log" -mtime +30 -delete

Resource Scaling: Scale CPU and memory based on usage patterns
Horizontal Scaling: For high traffic, scale to multiple instances with a shared Redis backend

Backup Strategy

While FlashPaper messages are ephemeral by design, back up important configuration:

# Backup Redis configuration (not messages)
redis-cli -h your-redis-app.klutch.sh -p 8000 -a your-password CONFIG GET '*' > redis-config-backup.txt

# Backup application logs
tar -czf flashpaper-logs-$(date +%Y%m%d).tar.gz /var/www/html/settings/logs/

Important: Do NOT back up message data as this defeats the purpose of ephemeral, self-destructing messages.

Troubleshooting

Cannot Access FlashPaper After Deployment

Symptoms: Browser shows “Cannot connect” or 502 error

Solutions:

Check that the internal port is set to 80 in Klutch.sh
Verify that HTTP traffic type is selected
Check container logs for errors
Ensure the Dockerfile exposes port 80
Verify Apache is starting correctly in the container

Redis Connection Errors

Symptoms: Messages fail to create, “Redis connection failed” errors

Solutions:

Verify Redis is running and accessible
Check that REDIS_HOST points to your Redis app (e.g., your-redis-app.klutch.sh)
Confirm REDIS_PORT is set to 8000
Verify Redis password is correct
Test connection manually: redis-cli -h your-redis-app.klutch.sh -p 8000 -a password PING
Check Redis is accepting remote connections
Ensure Redis password authentication is enabled

Messages Not Self-Destructing

Symptoms: Messages remain accessible after viewing

Solutions:

Verify Redis TTL (time-to-live) is working: redis-cli TTL key
Check FlashPaper code properly sets Redis expiration
Ensure Redis maxmemory-policy is set correctly
Verify message retrieval logic includes deletion
Check Redis memory isn’t full (preventing writes)

Encryption Errors

Symptoms: “Decryption failed” or “Invalid encryption key” errors

Solutions:

Verify ENCRYPTION_KEY is set correctly and hasn’t changed
Ensure encryption key is at least 32 characters
Check encryption key doesn’t contain invalid characters
Verify environment variable is properly set in Klutch.sh
Don’t change encryption key after messages are created (they become unreadable)

Rate Limiting Issues

Symptoms: Legitimate users getting blocked, or no rate limiting working

Solutions:

Adjust RATE_LIMIT_REQUESTS value based on actual usage patterns
Check IP address detection is working correctly (behind reverse proxy)
Verify rate limiting is enabled: RATE_LIMIT_ENABLED=true
Review logs to identify problematic IPs
Consider implementing Redis-based rate limiting for distributed deployments

Log Files Not Persisting

Symptoms: Logs disappear after redeployment

Solutions:

Verify persistent volume is correctly mounted at /var/www/html/settings/logs
Check volume has sufficient space allocated
Ensure write permissions: chown -R www-data:www-data /var/www/html/settings
Verify LOG_PATH environment variable matches mount path
Check logs aren’t being written to a non-persistent location

Advanced Configuration

Custom Message Expiration Presets

Modify the FlashPaper interface to offer custom expiration presets by editing the configuration:

// Add to config.php
define('EXPIRATION_PRESETS', [
    300 => '5 minutes',
    900 => '15 minutes',
    1800 => '30 minutes',
    3600 => '1 hour',
    7200 => '2 hours',
    43200 => '12 hours',
    86400 => '24 hours'
]);

Integration with External Systems

FlashPaper can be integrated with other systems via its API. Example using cURL:

# Create a message programmatically
curl -X POST https://example-app.klutch.sh/api/create \
  -H "Content-Type: application/json" \
  -d '{
    "message": "Your secret API key: abc123xyz",
    "expiration": 3600,
    "password": "optional-password"
  }'

Custom Branding

To customize FlashPaper’s appearance:

Fork the FlashPaper repository
Modify CSS and HTML templates in the cloned repository
Build and push your custom version
Update your Dockerfile to use your forked repository

Redis Persistence Configuration

For additional durability (while maintaining ephemeral messages), configure Redis persistence:

# In your Redis instance, set these configurations:
redis-cli CONFIG SET save "900 1 300 10 60 10000"
redis-cli CONFIG SET appendonly yes
redis-cli CONFIG SET appendfsync everysec

Note: This provides durability for Redis restarts but doesn’t change message ephemeral behavior.

API Integration Examples

Python Example

import requests
import json

def create_flashpaper(message, expiration=3600, password=None):
    """Create a FlashPaper message programmatically"""
    url = "https://example-app.klutch.sh/api/create"

    payload = {
        "message": message,
        "expiration": expiration
    }

    if password:
        payload["password"] = password

    response = requests.post(url, json=payload)

    if response.status_code == 200:
        data = response.json()
        return data.get("url")
    else:
        raise Exception(f"Failed to create message: {response.text}")

# Usage
try:
    link = create_flashpaper(
        "Database password: secretpassword123",
        expiration=1800,  # 30 minutes
        password="extra-security"
    )
    print(f"Secure link: {link}")
except Exception as e:
    print(f"Error: {e}")

Node.js Example

const axios = require('axios');

async function createFlashPaper(message, expiration = 3600, password = null) {
    try {
        const payload = {
            message: message,
            expiration: expiration
        };

        if (password) {
            payload.password = password;
        }

        const response = await axios.post(
            'https://example-app.klutch.sh/api/create',
            payload,
            {
                headers: { 'Content-Type': 'application/json' }
            }
        );

        return response.data.url;
    } catch (error) {
        throw new Error(`Failed to create message: ${error.message}`);
    }
}

// Usage
createFlashPaper(
    'API Key: abc123xyz789',
    1800,  // 30 minutes
    'optional-password'
)
.then(link => console.log(`Secure link: ${link}`))
.catch(err => console.error(`Error: ${err.message}`));

cURL Example

#!/bin/bash

# Create a FlashPaper message using cURL
MESSAGE="Temporary password: temp123!"
EXPIRATION=3600  # 1 hour
PASSWORD="extra-security"  # Optional

curl -X POST https://example-app.klutch.sh/api/create \
  -H "Content-Type: application/json" \
  -d "{
    \"message\": \"$MESSAGE\",
    \"expiration\": $EXPIRATION,
    \"password\": \"$PASSWORD\"
  }" \
  | jq -r '.url'

Production Checklist

Before going live with FlashPaper in production:

Additional Resources

Conclusion

Deploying FlashPaper on Klutch.sh provides a secure, self-hosted solution for sharing sensitive information through self-destructing messages. With Redis-backed ephemeral storage, strong encryption, and production-ready security features, FlashPaper offers a privacy-focused alternative to storing secrets in email, chat, or other permanent communication channels.

By following this guide, you’ve set up a FlashPaper instance with persistent logging, Redis integration, custom configuration, and all the security best practices needed for production use. Remember to regularly rotate encryption keys, monitor access logs, maintain your Redis instance, and keep FlashPaper updated to ensure continued security and reliability.

For teams and organizations handling sensitive credentials, API keys, or confidential information, FlashPaper on Klutch.sh delivers the perfect balance of security, convenience, and self-hosted control. Share secrets with confidence knowing they’ll self-destruct exactly when intended.