since 2025 - disposable quick chat

drop a
chat.
gone.

No accounts. No history. No noise.
Spin up a room in 60 seconds, share the link, talk, close the tab. Done.

install → see versions
available versions
ditch / public
open
Anyone with the URL can join. No gate, no friction.
ditch / private
password
Locked behind one shared key. Token-based sessions, 7-day TTL.
1
command
0
databases
any
port
01 / versions

two
flavors.

Same core. Same one-command install. Both ask which ports to bind at setup time - default 80 and 443, change to anything.

publicditch-public
open access
  • Anyone with the URL joins instantly - no gate
  • Pick any nickname, no signup of any kind
  • Last 200 messages kept, then gone
  • Per-IP rate limiting to dampen spam
  • Custom HTTP + HTTPS ports at install time
  • Flat JSON file storage, nothing to maintain
  • Dark mode toggle, preference saved locally
curl -fsSL https://mirror.ditch.lyntric.de/ditch-public.sh | bash
privateditch-private
password
  • One shared password - set at install time
  • Issues a 48-byte random token on correct password
  • Tokens stored server-side in sessions.json, 7-day TTL
  • Wrong password: 500ms delay + silent block
  • POST /logout revokes the token server-side
  • Custom HTTP + HTTPS ports at install time
  • Revoke all sessions instantly with one script
curl -fsSL https://mirror.ditch.lyntric.de/ditch-private.sh | bash
02 / open source

read the
code.

No black box. The entire server is a single server.js - readable in the install script itself. Download it, open it, verify it does exactly what it says.

{ }
single file server
The entire backend is one server.js. No dependencies, no build step, no minified bundle. Plain Node.js you can read top to bottom in five minutes.
sh
transparent install
The install script is readable bash - download it first, cat it, then run it. No compiled binaries, no obfuscation, no surprise.
MIT
MIT licensed
Do whatever you want with it. Fork it, white-label it, modify it, ship it. No strings, no CLAs, no telemetry phoning home anywhere.
view the source directly
ditch-public.sh open chat + server ditch-private.sh private chat + token auth
03 / install & docs

read
this.

Root on Linux, ports free. That's it. Installer asks for ports interactively - just hit enter to accept defaults.

quickstart ports private setup config api custom ssl manage uninstall
Quickstart - public

One command. Installs Node.js if missing, generates TLS cert, asks for ports, creates a systemd service.

# run as root
curl -fsSL https://mirror.ditch.lyntric.de/ditch-public.sh | bash

# installer asks:
#   HTTP port  [default: 80]:  _
#   HTTPS port [default: 443]: _
# just press enter to use defaults

Open http://YOUR-IP (or :PORT if you changed it) in a browser. Share it.

Needs root - binding ports below 1024 requires elevated privileges on Linux.
Custom ports

Both installers prompt for HTTP and HTTPS ports during setup. Enter any valid port (1–65535) or hit enter to accept the default.

# example: run on 8080 / 8443
  HTTP port  [default: 80]:  8080
  HTTPS port [default: 443]: 8443

The chosen ports are written to /opt/ditch/config.json and read by the server on startup. To change ports after install:

nano /opt/ditch/config.json
# edit port_http and port_https
systemctl restart ditch
If you use ports above 1024 you can run ditch as a non-root user. Edit the systemd service file (/etc/systemd/system/ditch.service) and change User=root accordingly.
Private install

Same flow as public but also asks for a password. A 48-byte random token is issued on each successful login and stored in sessions.json.

curl -fsSL https://mirror.ditch.lyntric.de/ditch-private.sh | bash

#   HTTP port  [default: 80]:  _
#   HTTPS port [default: 443]: _
#   set chat password: ••••••••
#   confirm password:  ••••••••

To change the password later without touching config manually:

bash /opt/ditch/change-password.sh

To immediately kick everyone out:

bash /opt/ditch/revoke-sessions.sh
Configuration

All config lives in /opt/ditch/config.json. Ports are set by the installer; other limits are constants at the top of server.js.

key / constantdefaultdescription
port_http80HTTP port (config.json)
port_https443HTTPS port (config.json)
MAX_MESSAGES200Messages kept in JSON file (server.js)
MAX_MSG_LEN500Max characters per message (server.js)
RATE_LIMIT_MS1000Min ms between sends per IP (server.js)
TOKEN_TTL_MS7 daysSession token lifetime - private only (server.js)
 
nano /opt/ditch/server.js
systemctl restart ditch
API

All endpoints unauthenticated on public. Private requires the ditch_token cookie (set automatically after login).

methodendpointdescription
GET/api/messagesLast N messages as JSON array
POST/api/sendSend: {"n":"nick","m":"text"}
GET/api/streamSSE real-time event stream
GET/api/onlineOnline count: {"count":N}
POST/authPrivate only - submit password, receive token cookie
POST/logoutPrivate only - revoke token server-side
 
curl -X POST http://your-server/api/send \
  -H 'Content-Type: application/json' \
  -d '{"n":"bot","m":"hi"}'
Custom SSL

Ditch auto-generates a self-signed cert at install. Swap it for Let's Encrypt:

# stop ditch so the port is free for certbot
systemctl stop ditch
certbot certonly --standalone -d yourdomain.com
cp /etc/letsencrypt/live/yourdomain.com/fullchain.pem /opt/ditch/cert.pem
cp /etc/letsencrypt/live/yourdomain.com/privkey.pem /opt/ditch/key.pem
systemctl start ditch
Keep filenames as cert.pem and key.pem - ditch looks for them in /opt/ditch/
Managing ditch
systemctl status ditch
journalctl -u ditch -f
systemctl restart ditch
systemctl stop ditch

# clear chat history
echo '[]' > /opt/ditch/messages.json

# private: revoke all sessions
bash /opt/ditch/revoke-sessions.sh

# private: change password
bash /opt/ditch/change-password.sh
Uninstall

Removes everything. Node.js is left in place.

systemctl stop ditch
systemctl disable ditch
rm -rf /opt/ditch
rm /etc/systemd/system/ditch.service
systemctl daemon-reload