Generate TAK client configuration QR codes instantly
A Progressive Web App (PWA) for rapid TAK (Tactical Assault Kit) client deployment through QR code generation. Perfect for tactical environments where speed and simplicity matter.
- ATAK Enrollment - Generate QR codes for ATAK client enrollment
- iTAK Configuration - Generate QR codes for iTAK client setup
- URL Import - Create QR codes for data package imports
- Real-time Preview - See QR codes update as you type
- Download & Share - Save QR codes as PNG or copy tak:// URIs
- Profile Management - Save and load configuration profiles
- PWA Support - Works offline after first visit
- Responsive Design - Works on desktop, tablet, and mobile
No installation required - use the live version:
π https://joshuafuller.github.io/qrtak/
Features:
- β‘ Instant access - no setup needed
- π± PWA ready - install on mobile devices
- π Auto-updates - always the latest version
- π Global CDN - fast loading worldwide
- π Secure - HTTPS only
Deploy your own instance in seconds:
# Run latest version
docker run -d -p 8080:80 ghcr.io/joshuafuller/qrtak:latest
# Or use docker-compose
curl -O https://raw.githubusercontent.com/joshuafuller/qrtak/main/docker-compose.yml
docker-compose up -dAccess at: http://localhost:8080
Why self-host?
- π’ Keep data on-premises
- π‘οΈ Control your own security
- π¨ Customize for your organization
- π No external dependencies
For developers and customization:
Prerequisites:
- Node.js 16+
- npm or yarn
Setup:
# Clone and setup
git clone https://github.com/joshuafuller/qrtak.git
cd qrtak
npm install
# Start development server
npm run devProduction Build:
npm run build
npm run previewShare your local server with anyone:
# Install ngrok
npm install -g ngrok
# Start your server
npm run dev
# In another terminal, create public tunnel
ngrok http 3000Result: Get a public URL like https://abc123.ngrok.io that anyone can access!
Deploy to your own hosting:
- Netlify - Drag & drop the
distfolder - Vercel - Run
vercelcommand - GitHub Pages - Enable in repository settings
For detailed deployment options, see DEPLOYMENT.md
Use our deployment script for instant deployment:
# Make script executable (first time only)
chmod +x deploy.sh
# Deploy to different platforms
./deploy.sh github-pages # Prepare for GitHub Pages
./deploy.sh netlify # Prepare for Netlify
./deploy.sh vercel # Deploy to Vercel
./deploy.sh serve # Start local server
./deploy.sh ngrok # Start ngrok tunnel# Pull and run the latest version
docker run -d -p 8080:80 --name qrtak ghcr.io/joshuafuller/qrtak:latest# docker-compose.yml
version: '3.8'
services:
qrtak:
image: ghcr.io/joshuafuller/qrtak:latest
ports:
- "8080:80"
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/"]
interval: 30s
timeout: 3s
retries: 3latest- Latest stable releasev1.2.3- Specific version1.2- Latest patch of minor version1- Latest minor/patch of major versionmain- Latest commit from main branchmain-abc123f- Specific commit
# Run with custom settings
docker run -d -p 8080:80 \
-e APP_VERSION=custom \
ghcr.io/joshuafuller/qrtak:latestImages are available for:
linux/amd64- Intel/AMD processorslinux/arm64- Apple Silicon, AWS Gravitonlinux/arm/v7- Raspberry Pi and other ARM devices
Docker automatically selects the correct architecture.
- Runs as non-root user (nginx)
- Security-hardened Alpine Linux base
- Regular vulnerability scanning
- Signed container images
- Navigate to "ATAK Enroll" tab
- Enter server hostname/IP, username, and token
- QR code generates automatically
- Download or copy the tak:// URI
- Navigate to "iTAK Config" tab
- Enter server details (description, URL, port, protocol)
- QR code generates automatically
- Download or copy the tak:// URI
- Navigate to "URL Import" tab
- Enter data package or configuration file URL
- QR code generates automatically
- Download or copy the tak:// URI
- Frontend: Vanilla JavaScript with ES6 modules
- Build Tool: Vite for fast development and optimized builds
- PWA: Service Worker for offline functionality
- QR Generation: qrcode library
- Storage: LocalStorage for profile persistence
QR TAK implements comprehensive security scanning and best practices:
- π‘οΈ SAST Analysis: Semgrep, CodeQL, and ESLint Security scan every commit
- π¦ Dependency Security: npm audit, Snyk, OWASP, and OSV Scanner check for vulnerabilities
- π³ Container Security: Trivy and Hadolint scan Docker images
- π Secret Detection: TruffleHog prevents exposed credentials
- π Supply Chain: SBOM generation for container images
- Client-Side Only: All processing happens in your browser - no data transmitted
- Content Security Policy: Strict CSP headers prevent XSS attacks
- Input Validation: All inputs sanitized to prevent injection
- Secure Dependencies: Automated updates via Dependabot & Renovate
- HTTPS Enforced: Service worker requires secure contexts
- π Security Dashboard: Comprehensive security overview and metrics
- π‘οΈ GitHub Security: GitHub Security tab shows all scan results
- β Workflow Status: Live security scan status
- π Dependency Graph: View all dependencies
- π Security Policy: Report vulnerabilities responsibly
When using QR TAK, consider:
- QR Code Visibility: QR codes on screens may be visible to others
- Token Security: Use short-lived tokens when possible
- Profile Storage: Profiles are stored locally in browser storage
- Network Security: Always use HTTPS in production
- Chrome 60+
- Firefox 55+
- Safari 11.1+
- Edge 79+
MIT License - see LICENSE file for details
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
For issues and questions:
- Check existing issues
- Create a new issue with detailed information
- Include browser version and steps to reproduce
Note: Designed for tactical environments where rapid TAK client deployment is critical. Always test configurations in a safe environment before deployment.