End-to-end encrypted file sharing on Cloudflare Workers. No accounts, no tracking, globally distributed.
All uploads are encrypted in your browser before leaving your device. The server never sees your plaintext or your passphrase.
Drop a file on the main page. A passphrase is generated automatically. Share the resulting link — the passphrase is embedded in the URL fragment (never sent to the server).
# basic upload
curl --data-binary @myfile.txt https://staging.getpost.workers.dev/about
# upload from clipboard (macOS)
pbpaste | curl --data-binary @- https://staging.getpost.workers.dev/about
# custom expiration (1 hour)
curl -H "X-TTL: 3600" --data-binary @file.txt https://staging.getpost.workers.dev/aboutCLI uploads are stored unencrypted unless you encrypt first — see below.
This instance serves its own E2E encrypted CLI client (needs python3 and PyNaCl):
# fetch the client from this instance
curl -sO https://staging.getpost.workers.dev/pastebin-crypted.py
# encrypted upload (prints a share link with the passphrase in the fragment)
echo "secret" | PASTEBIN=https://staging.getpost.workers.dev python3 pastebin-crypted.py
# encrypt a file
PASTEBIN=https://staging.getpost.workers.dev python3 pastebin-crypted.py myfile.txtSave as /usr/local/bin/pastebin and make executable:
#!/bin/bash
curl --data-binary @${1:--} https://staging.getpost.workers.dev/aboutUsage: pastebin myfile.txt or echo "hello" | pastebin
&raw to any link for the original fileX-TTL header (seconds)# custom expiration
X-TTL: 3600 # seconds until expiry
# URL parameters
?raw # return original file
?cors=1 # enable CORS headers
# delete a post (deletion requires POST; GET shows a confirmation page)
curl -X POST "https://your.domain/post?key=KEY&del=DELETE_KEY"GetPost runs on Cloudflare Workers — zero servers, global distribution, generous free tier (100k reads, 1k uploads daily).
git clone https://github.com/getpost-loves-you/getpostSETUP.md./deploy.sh mydomain