Keeprs

Keeprs

A self-hosted, privacy-focused note-taking app that combines markdown editing and sketching.

Source-available. Self-hosted. Yours forever.

Get Keeprs Try Demo ↗

Login with demo / demo1234

0:00 0:00

Everything you need, nothing you don't

A focused set of features designed for personal knowledge management. No collaboration bloat, no subscription fatigue.

Markdown editor

Full-featured CodeMirror 6 editor with syntax highlighting, vim mode, and live preview.

Excalidraw sketching

Built-in whiteboard for diagrams, wireframes, and visual thinking alongside your notes.

Full-text search

Instant search across all your notes powered by SQLite FTS5. Find anything in milliseconds.

Smart tags

Auto-extracted tags from your content. Organize without the overhead of manual categorization.

File uploads

Drag-and-drop images and files directly into your notes. Everything stored locally.

Pin, archive & trash

Soft deletes and organization primitives. Pin important notes, archive the rest, never lose anything.

11 themes

Developer focused themes. Pick the palette that fits your workflow.

Public sharing

Share notes and sketches via unique public URLs. Optional password protection and link expiration. No account needed to view.

What's inside

Built with boring, reliable technology. No microservices, no cloud dependencies, no vendor lock-in.

Rust + Axum

Fast, safe, memory-efficient backend. No garbage collector, no runtime overhead.

SQLite

Zero external services. Your data lives in a single file. Back it up, move it, own it.

HTMX + Stimulus

Lightweight frontend. No heavy SPA framework. Server-rendered HTML with progressive enhancement.

Docker

Single container deployment. Works anywhere Docker runs. Minimal resource footprint.

Up and running in minutes

1

Download

Get the source from Polar.sh. Unpack it on your server.

2

Configure

Copy .env.example to .env. Set your JWT_SECRET. That's it.

3

Deploy

One command. Your notes app is live.

terminal 
$ docker compose up -d --build
Creating keeprs ... done
Keeprs is running at http://localhost:3000

Security & Architecture

How Keeprs protects your data at every layer. No hand-waving — specific algorithms, concrete limits, real defenses.

Authentication & Sessions

  • Argon2id password hashing
  • SHA-256 hashed session tokens
  • Constant-time comparison (timing-attack mitigation)
  • Session fixation protection on login
  • 7-day expiry with secure cookie flags (HttpOnly, SameSite=Lax)

CSRF Protection

  • SameSite=Lax cookies block cross-origin requests
  • All state changes via POST/DELETE only
  • No CSRF tokens needed — browser enforcement is sufficient

Content Security

  • Content-Security-Policy header (no unsafe-inline scripts)
  • HTML sanitization via ammonia (whitelist-based)
  • X-Frame-Options: DENY (clickjacking prevention)
  • HSTS enabled, X-Content-Type-Options: nosniff

Rate Limiting

  • Login: 10 req/min
  • Registration: 5 req/min
  • Memo operations: 30 req/min
  • Search: 60 req/min
  • Export: 5 req/hr
  • Public memo view: 120 req/min

Import/Export Safety

  • Zip bomb detection (size ratio checks)
  • Path traversal prevention
  • Symlink rejection
  • Checksum verification on import
  • No secrets included in exports

Data Model & Privacy

  • Single SQLite file — your data, your disk
  • No external service dependencies
  • No telemetry or analytics
  • No cloud sync — fully offline-capable

Simple pricing

Pay once, own forever. No subscriptions. No usage limits.

Source-available license

$29.99

one-time — not a subscription

  • Full source code access
  • Self-host on your own infrastructure
  • All future updates included
  • Docker deployment ready
Get Keeprs

or try the demo first — login: demo / demo1234

Feedback & issues

Found a bug? Have a feature request? We track everything in the open.

Open an issue on GitHub