Was encrypted storage of the secrets intentionally foregone?
Then pass-otp might be better… at least the secrets are stored gpg-encrypted then :)
The secrets will be saved as a hidden file named .mina.json in the home directory of the current user.
This doesn’t offer any protection against other users on the same machine. Encrypting the secrets is the way to go, but in the meantime you should do
os.chmod(JSON_URL, stat.S_IRUSR | stat.S_IWUSR)
to prevent other users from being able to view the file.
That’s susceptible to race conditions. You have to do a little umask dance before creating the file.
For the almost 5,- a month to just use it for 2 days a month… I’d just use a vultr, hetzner or digitalocean VM… you can keep that running the entire month and still only pay 2.50, 3,- or 5,- per month. With no extra charges for storage, bandwidth and no issues stopping and starting it all the time.
I’d also go for wireguard as vpn system… just because it’s so much faster then OpenVPN.
And then… just use it 24/7…. since you have it anyway. I tunnel basically all my traffic through my VPN all the time, gives a nice consistent view of the world, and no one knows where I might be at the time.
Self-hosted using Postfix and Courier-IMAP, with spamasassin, graylisting and various blacklists.
Everything in my own control, easy to backup. I’d never use a public mail service, especially one from a huge corporation.
Are you using your own “home” internet connection for the SMTP server? Or a dedicated host/VPS?
It’s been running on VM’s in a dedicated box at a VPS/Colo provider where I have a subnet of ipv4 space. This allows me to move the subnet to different hardware when needed, configure forward and reverse dns, and have my own whois data. Though just using a VM at a VPS provider would be more then sufficient.
Also self-hosting on FreeBSD with Postfix and Courier-IMAP since, like, 2000.