< back

getpost

End-to-end encrypted file sharing on Cloudflare Workers. No accounts, no tracking, globally distributed.

All uploads are encrypted in your browser before leaving your device. The server never sees your plaintext or your passphrase.

web upload

Drop a file on the main page. A passphrase is generated automatically. Share the resulting link — the passphrase is embedded in the URL fragment (never sent to the server).

command line

# basic upload
curl --data-binary @myfile.txt https://infra.moe/post

# upload from clipboard (macOS)
pbpaste | curl --data-binary @- https://infra.moe/post

# custom expiration (1 hour)
curl -H "X-TTL: 3600" --data-binary @file.txt https://infra.moe/post

CLI uploads are stored unencrypted unless you encrypt first — see below.

encrypted command line

This instance serves its own E2E encrypted CLI client (needs python3 and PyNaCl):

# fetch the client from this instance
curl -sO https://infra.moe/pastebin-crypted.py

# encrypted upload (prints a share link with the passphrase in the fragment)
echo "secret" | PASTEBIN=https://infra.moe python3 pastebin-crypted.py

# encrypt a file
PASTEBIN=https://infra.moe python3 pastebin-crypted.py myfile.txt

one-liner script

Save as /usr/local/bin/pastebin and make executable:

#!/bin/bash
curl --data-binary @${1:--} https://infra.moe/post

Usage: pastebin myfile.txt or echo "hello" | pastebin

features

headers & parameters

# custom expiration
X-TTL: 3600          # seconds until expiry

# URL parameters
?raw                 # return original file
?cors=1              # enable CORS headers

# delete a post (deletion requires POST; GET shows a confirmation page)
curl -X POST "https://your.domain/post?key=KEY&del=DELETE_KEY"

named pastes

Operator-published content at stable paths like /x/welcome. Anyone can read; publishing requires the instance operator's secret (set at deploy time — instances without it return 403).

# publish (operator only)
curl -X POST -H "Authorization: SECRET" --data-binary @page.md https://infra.moe/x/welcome

# read (public)
curl https://infra.moe/x/welcome?raw

Named pastes are permanent by default. Encrypted pages that link to other /x/ pages carry the passphrase fragment forward — one link can unlock a whole set of E2E-encrypted pages.

deploy your own

GetPost runs on Cloudflare Workers — zero servers, global distribution, generous free tier (100k reads, 1k uploads daily).

api reference

Full machine-readable API docs (for scripts and agents) live at /api — every endpoint, header, and status code. Also served at /llms.txt.

technical details