StealthSafe web interface for managing encrypted SSBC2 briefcases through the backend API.
171
ilterra/stealth_safe_frontend is the official browser interface for
StealthSafe Docker Edition.
It provides the StealthSafe workspace for encrypted briefcases, profile settings, local and SFTP storage configuration, attachments, sharing, and read-only access to synchronized SFTP cache data when remote storage is unavailable.
This image is not a standalone secret store. It must be connected to the official backend image,
ilterra/stealth_safe.
The recommended installer package starts both official containers and guides the user through host-folder configuration.
After extracting the package, start the published production images.
chmod +x start-stealthsafe-production.sh
./start-stealthsafe-production.sh
Run:
start-stealthsafe-production-windows.bat
Open the application at:
http://localhost:33330
Save the following as compose.yaml. Replace the host path with a directory
that should be available to StealthSafe:
services:
backend:
image: ilterra/stealth_safe:latest
environment:
STEALTHSAFE_DATA_DIR: /data
STEALTHSAFE_LISTEN_ADDR: :8080
STEALTHSAFE_SCAN_MAX_DEPTH: "12"
STEALTHSAFE_MOUNT_POINTS: Host=/host
volumes:
- stealthsafe-data:/data
- type: bind
source: /absolute/path/to/stealthsafe-files
target: /host
restart: unless-stopped
frontend:
image: ilterra/stealth_safe_frontend:latest
depends_on:
- backend
ports:
- "33330:8080"
restart: unless-stopped
volumes:
stealthsafe-data:
Start the application:
docker compose up -d
The backend service must be reachable from the frontend container as
backend:8080. The Compose service name in the example provides that DNS name.
On Windows, use a Docker-compatible absolute source path such as:
C:/Users/Alex/Documents/StealthSafe
After unlocking StealthSafe, open Settings -> Storage folders and select the exact mounted folder that should be scanned or used for new briefcases. SFTP storage can be configured directly in Settings and does not require a Docker bind mount.
The image serves static frontend assets through Nginx on container port 8080.
It proxies these routes to http://backend:8080:
/api//docs/openapi.yamlNo profiles, briefcases, passwords, or SFTP credentials are stored in the frontend container. Persistent application data belongs to the backend.
For local use, publish the frontend only on a trusted machine or network. For remote access, place it behind an HTTPS reverse proxy and an appropriate external authentication or network-access layer.
Do not publish the backend separately unless an integration specifically needs direct API access.
latest: most recently published release.2.2.1-alpha: pin a specific application release.Published images support:
linux/386linux/amd64linux/arm/v7linux/arm64Backend and frontend versions should match:
services:
backend:
image: ilterra/stealth_safe:2.2.1-alpha
frontend:
image: ilterra/stealth_safe_frontend:2.2.1-alpha
Content type
Image
Digest
sha256:40e4891cc…
Size
19.2 MB
Last updated
26 days ago
docker pull ilterra/stealth_safe_frontend