Simple paste sharing platform, with client side encryption, featuring the monaco browser-based code editor.
License: AGPL-3.0. Built with: Shell. Website: https://not-th.re. Source: https://github.com/not-three/main.
```log $ not3 --help Usage: not3 [options] [command] Options: -V, --version output the version number -h, --help display help for command Commands: license Show information about the license of the software decrypt [options] <seed> Decrypt something encrypt [options] [input...] Encrypt something, if no input is provided, will read from stdin download|d [options] <id> <seed> <output> Download a file and decrypt it upload|u [options] <input> Upload a file and encrypt it query|q [options] <id> <seed> Decrypt and show a note from the server save|s [options] [content...] Encrypt and save a note on the server seed Generate a new encryption seed info [options] Show meta information about the api stats [options] Show usage statistics of the server help [command] display help for command ``` Or use it with docker: ```bash docker run --rm -it -v "$(pwd):/data" ghcr.io/not-three/cli --help ``` ## Deployment The simplest way to use !3 is to visit our hosted instance at [https://not-th.re](https://not-th.re). ### ⚠️ Security & SSL Requirement Because this project relies on the Web Crypto API (`crypto.subtle`) for client-side encryption, the **UI MUST be deployed using SSL/HTTPS**. Browsers do not provide access to the `crypto.subtle` interface if the site is not served in a secure context. * **UI:** HTTPS is mandatory; the application will not function without it. * **API:** While the API can theoretically be deployed without SSL, it is **strongly disadvised**. * **Configuration:** The deployment examples provided in this documentation do not include SSL configuration. Users are expected to configure this on their own. For those using Traefik as a reverse proxy, we recommend referring to the [Traefik Let's Encrypt documentation](https://doc.traefik.io/traefik/https/acme/) for automated certificate management. ### Micro The micro deployment does not bring its own UI, but you can use the public UI. ```yml services: api: image: ghcr.io/not-three/api:latest restart: unless-stopped environment: CORS_ENABLED: true LIMITS_DISABLED: true INSTANCE_PASSWORD: MySecretPassword ports: - 4000:4000 volumes: - db:/data/db volumes: db:
Self-hosting gives you three things SaaS can’t: data ownership (the files live on disks you control), cost predictability (a one-time setup vs. recurring per-seat fees that grow with your household or team), and longevity (open-source means the app keeps working even if the maintainers move on, since you can pin a working version). The trade-off is that you take on the operational work of running a server, applying updates, and handling backups.
Most self-hosted apps run comfortably on modest hardware — a Raspberry Pi 4, a mini PC, a NAS with Docker support, or a small VPS is usually enough for personal or family use. CPU and RAM requirements scale with how many simultaneous users or how much data you push through not-th.re. Storage requirements depend on the kind of data you keep; check the README for guidance on data retention.
Last verified: 2026-04-28