Encrypted, GPG-signed static websites. No frameworks, no build tools, no JavaScript dependencies.
Drop files in a directory, run one command, get an encrypted site with client-side decryption, GPG signatures, and archiver-friendly manifests.
What it does
AES-256-GCM encryption with PBKDF2-SHA256 key derivation (260k iterations)
Client-side decryption via Web Crypto API — works in any modern browser, no server-side processing
GPG signing — every document is signed; signatures shown as footer in decrypted pages
Plaintext manifests — manifest.txt and manifest.html list all documents with titles, SHA-256 hashes, and GPG signatures for web archiver authorship proof
Passphrase persistence — optional sessionStorage/localStorage so you don't re-enter passphrase every page
Single-command management — add, remove, rename files; everything rebuilds automatically
unveil-static-site
Encrypted, GPG-signed static websites. No frameworks, no build tools, no JavaScript dependencies.
Drop files in a directory, run one command, get an encrypted site with client-side decryption, GPG signatures, and archiver-friendly manifests. What it does