Shorty
Shorty is an optional add-on that shortens the long URLs generated for CodeFetch shared links. Each instance runs on your own domain (e.g. links.yourcompany.com) and is provisioned in around five minutes with no infrastructure to manage. Shortened links can optionally be locked to specific IP addresses so they only execute from machines you trust.
You need an active CodeFetch account to deploy a Shorty instance. One instance per account.
Setup
Go to codefet.ch/deploy and follow the five-step flow.
Verify your email
Enter your CodeFetch account email and click Send verification code. A 6-digit code is sent to that address. The code expires in 15 minutes. Check your junk folder if it doesn't arrive.
Enter the code
Enter the 6-digit code from the email and click Verify.
Configure your instance
Enter the domain you want to use — a subdomain works best, for example links.yourcompany.com. Apex domains are not supported.
Your API key is generated directly in your browser. Copy it before proceeding — only a hash is stored on the server and the plaintext cannot be recovered if lost. Tick the confirmation checkbox to enable the Deploy button.
Add DNS records
The deploy page shows the exact records to add to your DNS provider. Click any value to copy it. See DNS records below for the full breakdown.
The page polls every 15 seconds and updates automatically once DNS resolves. This typically takes 1–30 minutes. You can close the tab — you'll receive an email when your instance is live.
You're live
Your admin panel is available at https://links.yourcompany.com/admin. Log in with the API key you copied in step 3.
DNS records
Add all of the following records at your DNS provider. The exact values are shown on the deploy page — click any cell to copy.
| Type | Name | Value |
|---|---|---|
CNAME | links.yourcompany.com | {id}.codefet.ch |
TXT | _acme-challenge.links.yourcompany.com | Shown on deploy page |
TXT | _acme-challenge.links.yourcompany.com | Shown on deploy page (may be a second record) |
TXT | _cf-custom-hostname.links.yourcompany.com | Shown on deploy page |
_acme-challenge TXT records with the same name but different values — add both. Missing either one will prevent SSL from activating.
Connect to the CLI
Once your instance is live, connect the CodeFetch CLI to it:
codefetch shorty
Enter your Shorty domain and API key when prompted. These are stored in your local CLI config alongside your CodeFetch credentials.
After connecting, the CLI can shorten any shared link directly from the library browser — press Ctrl+Y on any script with a shared link to push it to Shorty.
Admin panel
The admin panel at https://links.yourcompany.com/admin is your full dashboard for managing short links. Log in with your API key.
From the admin panel you can:
- Create a new short link with a custom slug or auto-generated one
- View, copy, edit, or delete any link
- Toggle IP restriction per link (🔒 restricted / 🔓 open)
- Manage the IP allowlist
- Search and paginate through all links
Creating a link with a custom slug
When creating a link, leave the slug field blank to auto-generate a 6-character slug, or enter your own path — for example deploy-prod would create links.yourcompany.com/deploy-prod.
IP allowlist
Shortened links can be locked to specific IPv4 addresses or CIDR ranges. When a link is marked as restricted (🔒), any request from an IP not on the allowlist receives a 403 Forbidden response — the script is not served.
Manage the allowlist from the admin panel under IP Whitelist.
Accepted formats:
- Single IP:
203.0.113.42 - CIDR range:
203.0.113.0/24
Using Shorty
From the CLI library browser
With Shorty configured, open the library browser (codefetch list), select a script that has a shared link, and press Ctrl+Y to push the link to Shorty. The shortened URL is displayed in the detail panel.
Revoking a shortened link
Delete the link from the admin panel or from the CLI browser (Ctrl+D on the shared link). Deleting the underlying shared link from the web app also makes the shortened URL dead — Shorty redirects to the long URL, which then returns an error if the token is revoked.
Updating a link target
If you rotate a shared link, the long URL changes. Update the Shorty entry by creating a new link with the same slug — posting to an existing slug overwrites its destination.
Security
- Short link slugs are stored as SHA-256 hashes — raw access to the datastore reveals no readable slugs
- Link destinations are encrypted with AES-256-GCM at rest
- Your API key is generated in your browser and only its hash is stored — if you lose it, re-provisioning is the only option (this creates a new instance with an empty link list)
- CodeFetch shared links embed the file decryption key in the URL — shortened links therefore carry the same sensitivity as the long URL. Treat shortened shared links with the same care as the originals
- One instance per CodeFetch account email address