4 |
5 | 41 | 42 | contents here 43 | 44 |
2 |
3 |
4 |
5 |
10 |
11 | 
12 |
13 |
14 | 
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 | 
24 |
25 |
26 | 
27 |
28 |
36 |
37 | * send messages via REST-API
38 | * receive messages via WebSocket
39 | * manage users, clients and applications
40 | * [Plugins](https://gotify.net/docs/plugin)
41 | * Web-UI -> [./ui](ui)
42 | * CLI for sending messages -> [gotify/cli](https://github.com/gotify/cli)
43 | * Android-App -> [gotify/android](https://github.com/gotify/android)
44 |
45 | [
][playstore]
46 | [
][fdroid]
47 |
48 | (Google Play and the Google Play logo are trademarks of Google LLC.)
49 |
50 | ---
51 |
52 | **[Documentation](https://gotify.net/docs)**
53 |
54 | [Install](https://gotify.net/docs/install) ᛫
55 | [Configuration](https://gotify.net/docs/config) ᛫
56 | [REST-API](https://gotify.net/api-docs) ᛫
57 | [Setup Dev Environment](https://gotify.net/docs/dev-setup)
58 |
59 | ## Contributing
60 |
61 | We welcome all kinds of contribution, including bug reports, feature requests, documentation improvements, UI refinements, etc. Check out [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
62 |
63 | ## Versioning
64 | We use [SemVer](http://semver.org/) for versioning. For the versions available, see the
65 | [tags on this repository](https://github.com/gotify/server/tags).
66 |
67 | ## License
68 | This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details
69 |
70 | [playstore]: https://play.google.com/store/apps/details?id=com.github.gotify
71 | [fdroid]: https://f-droid.org/de/packages/com.github.gotify/
72 |
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 | # Security Policy
2 |
3 | ## Supported Versions
4 |
5 | Only the latest version.
6 |
7 | ## Reporting a Vulnerability
8 |
9 | Please report (suspected) security vulnerabilities to
10 | **[gotify@protonmail.com](mailto:gotify@protonmail.com)**. You will receive a
11 | response from us within a few days. If the issue is confirmed, we will release a
12 | patch as soon as possible.
13 |
--------------------------------------------------------------------------------
/api/errorHandling.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import "github.com/gin-gonic/gin"
4 |
5 | func successOrAbort(ctx *gin.Context, code int, err error) (success bool) {
6 | if err != nil {
7 | ctx.AbortWithError(code, err)
8 | }
9 | return err == nil
10 | }
11 |
--------------------------------------------------------------------------------
/api/errorHandling_test.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "errors"
5 | "net/http/httptest"
6 | "testing"
7 |
8 | "github.com/gin-gonic/gin"
9 | )
10 |
11 | func TestErrorHandling(t *testing.T) {
12 | rec := httptest.NewRecorder()
13 |
14 | ctx, _ := gin.CreateTestContext(rec)
15 | successOrAbort(ctx, 500, errors.New("err"))
16 |
17 | if rec.Code != 500 {
18 | t.Fail()
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/api/health.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "github.com/gin-gonic/gin"
5 | "github.com/gotify/server/v2/model"
6 | )
7 |
8 | // The HealthDatabase interface for encapsulating database access.
9 | type HealthDatabase interface {
10 | Ping() error
11 | }
12 |
13 | // The HealthAPI provides handlers for the health information.
14 | type HealthAPI struct {
15 | DB HealthDatabase
16 | }
17 |
18 | // Health returns health information.
19 | // swagger:operation GET /health health getHealth
20 | //
21 | // Get health information.
22 | //
23 | // ---
24 | // produces: [application/json]
25 | // responses:
26 | // 200:
27 | // description: Ok
28 | // schema:
29 | // $ref: "#/definitions/Health"
30 | // 500:
31 | // description: Ok
32 | // schema:
33 | // $ref: "#/definitions/Health"
34 | func (a *HealthAPI) Health(ctx *gin.Context) {
35 | if err := a.DB.Ping(); err != nil {
36 | ctx.JSON(500, model.Health{
37 | Health: model.StatusOrange,
38 | Database: model.StatusRed,
39 | })
40 | return
41 | }
42 | ctx.JSON(200, model.Health{
43 | Health: model.StatusGreen,
44 | Database: model.StatusGreen,
45 | })
46 | }
47 |
--------------------------------------------------------------------------------
/api/health_test.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "net/http/httptest"
5 | "testing"
6 |
7 | "github.com/gin-gonic/gin"
8 | "github.com/gotify/server/v2/mode"
9 | "github.com/gotify/server/v2/model"
10 | "github.com/gotify/server/v2/test"
11 | "github.com/gotify/server/v2/test/testdb"
12 | "github.com/stretchr/testify/suite"
13 | )
14 |
15 | func TestHealthSuite(t *testing.T) {
16 | suite.Run(t, new(HealthSuite))
17 | }
18 |
19 | type HealthSuite struct {
20 | suite.Suite
21 | db *testdb.Database
22 | a *HealthAPI
23 | ctx *gin.Context
24 | recorder *httptest.ResponseRecorder
25 | }
26 |
27 | func (s *HealthSuite) BeforeTest(suiteName, testName string) {
28 | mode.Set(mode.TestDev)
29 | s.recorder = httptest.NewRecorder()
30 | s.db = testdb.NewDB(s.T())
31 | s.ctx, _ = gin.CreateTestContext(s.recorder)
32 | withURL(s.ctx, "http", "example.com")
33 | s.a = &HealthAPI{DB: s.db}
34 | }
35 |
36 | func (s *HealthSuite) AfterTest(suiteName, testName string) {
37 | s.db.Close()
38 | }
39 |
40 | func (s *HealthSuite) TestHealthSuccess() {
41 | s.a.Health(s.ctx)
42 | test.BodyEquals(s.T(), model.Health{Health: model.StatusGreen, Database: model.StatusGreen}, s.recorder)
43 | }
44 |
45 | func (s *HealthSuite) TestDatabaseFailure() {
46 | s.db.Close()
47 | s.a.Health(s.ctx)
48 | test.BodyEquals(s.T(), model.Health{Health: model.StatusOrange, Database: model.StatusRed}, s.recorder)
49 | }
50 |
--------------------------------------------------------------------------------
/api/internalutil.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "errors"
5 | "math/bits"
6 | "strconv"
7 |
8 | "github.com/gin-gonic/gin"
9 | )
10 |
11 | func withID(ctx *gin.Context, name string, f func(id uint)) {
12 | if id, err := strconv.ParseUint(ctx.Param(name), 10, bits.UintSize); err == nil {
13 | f(uint(id))
14 | } else {
15 | ctx.AbortWithError(400, errors.New("invalid id"))
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/api/stream/client.go:
--------------------------------------------------------------------------------
1 | package stream
2 |
3 | import (
4 | "fmt"
5 | "time"
6 |
7 | "github.com/gorilla/websocket"
8 | "github.com/gotify/server/v2/model"
9 | )
10 |
11 | const (
12 | writeWait = 2 * time.Second
13 | )
14 |
15 | var ping = func(conn *websocket.Conn) error {
16 | return conn.WriteMessage(websocket.PingMessage, nil)
17 | }
18 |
19 | var writeJSON = func(conn *websocket.Conn, v interface{}) error {
20 | return conn.WriteJSON(v)
21 | }
22 |
23 | type client struct {
24 | conn *websocket.Conn
25 | onClose func(*client)
26 | write chan *model.MessageExternal
27 | userID uint
28 | token string
29 | once once
30 | }
31 |
32 | func newClient(conn *websocket.Conn, userID uint, token string, onClose func(*client)) *client {
33 | return &client{
34 | conn: conn,
35 | write: make(chan *model.MessageExternal, 1),
36 | userID: userID,
37 | token: token,
38 | onClose: onClose,
39 | }
40 | }
41 |
42 | // Close closes the connection.
43 | func (c *client) Close() {
44 | c.once.Do(func() {
45 | c.conn.Close()
46 | close(c.write)
47 | })
48 | }
49 |
50 | // NotifyClose closes the connection and notifies that the connection was closed.
51 | func (c *client) NotifyClose() {
52 | c.once.Do(func() {
53 | c.conn.Close()
54 | close(c.write)
55 | c.onClose(c)
56 | })
57 | }
58 |
59 | // startWriteHandler starts listening on the client connection. As we do not need anything from the client,
60 | // we ignore incoming messages. Leaves the loop on errors.
61 | func (c *client) startReading(pongWait time.Duration) {
62 | defer c.NotifyClose()
63 | c.conn.SetReadLimit(64)
64 | c.conn.SetReadDeadline(time.Now().Add(pongWait))
65 | c.conn.SetPongHandler(func(appData string) error {
66 | c.conn.SetReadDeadline(time.Now().Add(pongWait))
67 | return nil
68 | })
69 | for {
70 | if _, _, err := c.conn.NextReader(); err != nil {
71 | printWebSocketError("ReadError", err)
72 | return
73 | }
74 | }
75 | }
76 |
77 | // startWriteHandler starts the write loop. The method has the following tasks:
78 | // * ping the client in the interval provided as parameter
79 | // * write messages send by the channel to the client
80 | // * on errors exit the loop.
81 | func (c *client) startWriteHandler(pingPeriod time.Duration) {
82 | pingTicker := time.NewTicker(pingPeriod)
83 | defer func() {
84 | c.NotifyClose()
85 | pingTicker.Stop()
86 | }()
87 |
88 | for {
89 | select {
90 | case message, ok := <-c.write:
91 | if !ok {
92 | return
93 | }
94 |
95 | c.conn.SetWriteDeadline(time.Now().Add(writeWait))
96 | if err := writeJSON(c.conn, message); err != nil {
97 | printWebSocketError("WriteError", err)
98 | return
99 | }
100 | case <-pingTicker.C:
101 | c.conn.SetWriteDeadline(time.Now().Add(writeWait))
102 | if err := ping(c.conn); err != nil {
103 | printWebSocketError("PingError", err)
104 | return
105 | }
106 | }
107 | }
108 | }
109 |
110 | func printWebSocketError(prefix string, err error) {
111 | closeError, ok := err.(*websocket.CloseError)
112 |
113 | if ok && closeError != nil && (closeError.Code == 1000 || closeError.Code == 1001) {
114 | // normal closure
115 | return
116 | }
117 |
118 | fmt.Println("WebSocket:", prefix, err)
119 | }
120 |
--------------------------------------------------------------------------------
/api/stream/once.go:
--------------------------------------------------------------------------------
1 | // Copyright 2009 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package stream
6 |
7 | import (
8 | "sync"
9 | "sync/atomic"
10 | )
11 |
12 | // Modified version of sync.Once (https://github.com/golang/go/blob/master/src/sync/once.go)
13 | // This version unlocks the mutex early and therefore doesn't hold the lock while executing func f().
14 | type once struct {
15 | m sync.Mutex
16 | done uint32
17 | }
18 |
19 | func (o *once) Do(f func()) {
20 | if atomic.LoadUint32(&o.done) == 1 {
21 | return
22 | }
23 | if o.mayExecute() {
24 | f()
25 | }
26 | }
27 |
28 | func (o *once) mayExecute() bool {
29 | o.m.Lock()
30 | defer o.m.Unlock()
31 | if o.done == 0 {
32 | atomic.StoreUint32(&o.done, 1)
33 | return true
34 | }
35 | return false
36 | }
37 |
--------------------------------------------------------------------------------
/api/stream/once_test.go:
--------------------------------------------------------------------------------
1 | package stream
2 |
3 | import (
4 | "testing"
5 | "time"
6 |
7 | "github.com/stretchr/testify/assert"
8 | )
9 |
10 | func Test_Execute(t *testing.T) {
11 | executeOnce := once{}
12 | execution := make(chan struct{})
13 | fExecute := func() {
14 | execution <- struct{}{}
15 | }
16 | go executeOnce.Do(fExecute)
17 | go executeOnce.Do(fExecute)
18 |
19 | select {
20 | case <-execution:
21 | // expected
22 | case <-time.After(100 * time.Millisecond):
23 | t.Fatal("fExecute should be executed once")
24 | }
25 |
26 | select {
27 | case <-execution:
28 | t.Fatal("should only execute once")
29 | case <-time.After(100 * time.Millisecond):
30 | // expected
31 | }
32 |
33 | assert.False(t, executeOnce.mayExecute())
34 |
35 | go executeOnce.Do(fExecute)
36 |
37 | select {
38 | case <-execution:
39 | t.Fatal("should only execute once")
40 | case <-time.After(100 * time.Millisecond):
41 | // expected
42 | }
43 | }
44 |
--------------------------------------------------------------------------------
/api/tokens.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "github.com/gotify/server/v2/auth"
5 | )
6 |
7 | var generateApplicationToken = auth.GenerateApplicationToken
8 |
9 | var generateClientToken = auth.GenerateClientToken
10 |
11 | var generateImageName = auth.GenerateImageName
12 |
--------------------------------------------------------------------------------
/api/tokens_test.go:
--------------------------------------------------------------------------------
1 | package api
2 |
3 | import (
4 | "regexp"
5 | "testing"
6 |
7 | "github.com/stretchr/testify/assert"
8 | )
9 |
10 | func TestTokenGeneration(t *testing.T) {
11 | assert.Regexp(t, regexp.MustCompile("^C(.+)$"), generateClientToken())
12 | assert.Regexp(t, regexp.MustCompile("^A(.+)$"), generateApplicationToken())
13 | assert.Regexp(t, regexp.MustCompile("^(.+)$"), generateImageName())
14 | }
15 |
--------------------------------------------------------------------------------
/app.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "fmt"
5 | "os"
6 |
7 | "github.com/gotify/server/v2/config"
8 | "github.com/gotify/server/v2/database"
9 | "github.com/gotify/server/v2/mode"
10 | "github.com/gotify/server/v2/model"
11 | "github.com/gotify/server/v2/router"
12 | "github.com/gotify/server/v2/runner"
13 | )
14 |
15 | var (
16 | // Version the version of Gotify.
17 | Version = "unknown"
18 | // Commit the git commit hash of this version.
19 | Commit = "unknown"
20 | // BuildDate the date on which this binary was build.
21 | BuildDate = "unknown"
22 | // Mode the build mode.
23 | Mode = mode.Dev
24 | )
25 |
26 | func main() {
27 | vInfo := &model.VersionInfo{Version: Version, Commit: Commit, BuildDate: BuildDate}
28 | mode.Set(Mode)
29 |
30 | fmt.Println("Starting Gotify version", vInfo.Version+"@"+BuildDate)
31 | conf := config.Get()
32 |
33 | if conf.PluginsDir != "" {
34 | if err := os.MkdirAll(conf.PluginsDir, 0o755); err != nil {
35 | panic(err)
36 | }
37 | }
38 | if err := os.MkdirAll(conf.UploadedImagesDir, 0o755); err != nil {
39 | panic(err)
40 | }
41 |
42 | db, err := database.New(conf.Database.Dialect, conf.Database.Connection, conf.DefaultUser.Name, conf.DefaultUser.Pass, conf.PassStrength, true)
43 | if err != nil {
44 | panic(err)
45 | }
46 | defer db.Close()
47 |
48 | engine, closeable := router.Create(db, vInfo, conf)
49 | defer closeable()
50 |
51 | if err := runner.Run(engine, conf); err != nil {
52 | fmt.Println("Server error: ", err)
53 | os.Exit(1)
54 | }
55 | }
56 |
--------------------------------------------------------------------------------
/auth/cors.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "regexp"
5 | "strings"
6 | "time"
7 |
8 | "github.com/gin-contrib/cors"
9 | "github.com/gotify/server/v2/config"
10 | "github.com/gotify/server/v2/mode"
11 | )
12 |
13 | // CorsConfig generates a config to use in gin cors middleware based on server configuration.
14 | func CorsConfig(conf *config.Configuration) cors.Config {
15 | corsConf := cors.Config{
16 | MaxAge: 12 * time.Hour,
17 | AllowBrowserExtensions: true,
18 | }
19 | if mode.IsDev() {
20 | corsConf.AllowAllOrigins = true
21 | corsConf.AllowMethods = []string{"GET", "POST", "DELETE", "OPTIONS", "PUT"}
22 | corsConf.AllowHeaders = []string{
23 | "X-Gotify-Key", "Authorization", "Content-Type", "Upgrade", "Origin",
24 | "Connection", "Accept-Encoding", "Accept-Language", "Host",
25 | }
26 | } else {
27 | compiledOrigins := compileAllowedCORSOrigins(conf.Server.Cors.AllowOrigins)
28 | corsConf.AllowMethods = conf.Server.Cors.AllowMethods
29 | corsConf.AllowHeaders = conf.Server.Cors.AllowHeaders
30 | corsConf.AllowOriginFunc = func(origin string) bool {
31 | for _, compiledOrigin := range compiledOrigins {
32 | if compiledOrigin.MatchString(strings.ToLower(origin)) {
33 | return true
34 | }
35 | }
36 | return false
37 | }
38 | if allowedOrigin := headerIgnoreCase(conf, "access-control-allow-origin"); allowedOrigin != "" && len(compiledOrigins) == 0 {
39 | corsConf.AllowOrigins = append(corsConf.AllowOrigins, allowedOrigin)
40 | }
41 | }
42 |
43 | return corsConf
44 | }
45 |
46 | func headerIgnoreCase(conf *config.Configuration, search string) (value string) {
47 | for key, value := range conf.Server.ResponseHeaders {
48 | if strings.ToLower(key) == search {
49 | return value
50 | }
51 | }
52 | return ""
53 | }
54 |
55 | func compileAllowedCORSOrigins(allowedOrigins []string) []*regexp.Regexp {
56 | var compiledAllowedOrigins []*regexp.Regexp
57 | for _, origin := range allowedOrigins {
58 | compiledAllowedOrigins = append(compiledAllowedOrigins, regexp.MustCompile(origin))
59 | }
60 |
61 | return compiledAllowedOrigins
62 | }
63 |
--------------------------------------------------------------------------------
/auth/cors_test.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "testing"
5 | "time"
6 |
7 | "github.com/gin-contrib/cors"
8 | "github.com/gotify/server/v2/config"
9 | "github.com/gotify/server/v2/mode"
10 | "github.com/stretchr/testify/assert"
11 | )
12 |
13 | func TestCorsConfig(t *testing.T) {
14 | mode.Set(mode.Prod)
15 | serverConf := config.Configuration{}
16 | serverConf.Server.Cors.AllowOrigins = []string{"http://test.com"}
17 | serverConf.Server.Cors.AllowHeaders = []string{"content-type"}
18 | serverConf.Server.Cors.AllowMethods = []string{"GET"}
19 |
20 | actual := CorsConfig(&serverConf)
21 | allowF := actual.AllowOriginFunc
22 | actual.AllowOriginFunc = nil // func cannot be checked with equal
23 |
24 | assert.Equal(t, cors.Config{
25 | AllowAllOrigins: false,
26 | AllowHeaders: []string{"content-type"},
27 | AllowMethods: []string{"GET"},
28 | MaxAge: 12 * time.Hour,
29 | AllowBrowserExtensions: true,
30 | }, actual)
31 | assert.NotNil(t, allowF)
32 | assert.True(t, allowF("http://test.com"))
33 | assert.False(t, allowF("https://test.com"))
34 | assert.False(t, allowF("https://other.com"))
35 | }
36 |
37 | func TestEmptyCorsConfigWithResponseHeaders(t *testing.T) {
38 | mode.Set(mode.Prod)
39 | serverConf := config.Configuration{}
40 | serverConf.Server.ResponseHeaders = map[string]string{"Access-control-allow-origin": "https://example.com"}
41 |
42 | actual := CorsConfig(&serverConf)
43 | assert.NotNil(t, actual.AllowOriginFunc)
44 | actual.AllowOriginFunc = nil // func cannot be checked with equal
45 |
46 | assert.Equal(t, cors.Config{
47 | AllowAllOrigins: false,
48 | AllowOrigins: []string{"https://example.com"},
49 | MaxAge: 12 * time.Hour,
50 | AllowBrowserExtensions: true,
51 | }, actual)
52 | }
53 |
54 | func TestDevCorsConfig(t *testing.T) {
55 | mode.Set(mode.Dev)
56 | serverConf := config.Configuration{}
57 | serverConf.Server.Cors.AllowOrigins = []string{"http://test.com"}
58 | serverConf.Server.Cors.AllowHeaders = []string{"content-type"}
59 | serverConf.Server.Cors.AllowMethods = []string{"GET"}
60 |
61 | actual := CorsConfig(&serverConf)
62 |
63 | assert.Equal(t, cors.Config{
64 | AllowHeaders: []string{
65 | "X-Gotify-Key", "Authorization", "Content-Type", "Upgrade", "Origin",
66 | "Connection", "Accept-Encoding", "Accept-Language", "Host",
67 | },
68 | AllowMethods: []string{"GET", "POST", "DELETE", "OPTIONS", "PUT"},
69 | MaxAge: 12 * time.Hour,
70 | AllowAllOrigins: true,
71 | AllowBrowserExtensions: true,
72 | }, actual)
73 | }
74 |
--------------------------------------------------------------------------------
/auth/password/password.go:
--------------------------------------------------------------------------------
1 | package password
2 |
3 | import "golang.org/x/crypto/bcrypt"
4 |
5 | // CreatePassword returns a hashed version of the given password.
6 | func CreatePassword(pw string, strength int) []byte {
7 | hashedPassword, err := bcrypt.GenerateFromPassword([]byte(pw), strength)
8 | if err != nil {
9 | panic(err)
10 | }
11 | return hashedPassword
12 | }
13 |
14 | // ComparePassword compares a hashed password with its possible plaintext equivalent.
15 | func ComparePassword(hashedPassword, password []byte) bool {
16 | return bcrypt.CompareHashAndPassword(hashedPassword, password) == nil
17 | }
18 |
--------------------------------------------------------------------------------
/auth/password/password_test.go:
--------------------------------------------------------------------------------
1 | package password
2 |
3 | import (
4 | "testing"
5 |
6 | "github.com/stretchr/testify/assert"
7 | )
8 |
9 | func TestPasswordSuccess(t *testing.T) {
10 | password := CreatePassword("secret", 5)
11 | assert.Equal(t, true, ComparePassword(password, []byte("secret")))
12 | }
13 |
14 | func TestPasswordFailure(t *testing.T) {
15 | password := CreatePassword("secret", 5)
16 | assert.Equal(t, false, ComparePassword(password, []byte("secretx")))
17 | }
18 |
19 | func TestBCryptFailure(t *testing.T) {
20 | assert.Panics(t, func() { CreatePassword("secret", 12312) })
21 | }
22 |
--------------------------------------------------------------------------------
/auth/token.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "crypto/rand"
5 | "math/big"
6 | )
7 |
8 | var (
9 | tokenCharacters = []byte("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_")
10 | randomTokenLength = 14
11 | applicationPrefix = "A"
12 | clientPrefix = "C"
13 | pluginPrefix = "P"
14 |
15 | randReader = rand.Reader
16 | )
17 |
18 | func randIntn(n int) int {
19 | max := big.NewInt(int64(n))
20 | res, err := rand.Int(randReader, max)
21 | if err != nil {
22 | panic("random source is not available")
23 | }
24 | return int(res.Int64())
25 | }
26 |
27 | // GenerateNotExistingToken receives a token generation func and a func to check whether the token exists, returns a unique token.
28 | func GenerateNotExistingToken(generateToken func() string, tokenExists func(token string) bool) string {
29 | for {
30 | token := generateToken()
31 | if !tokenExists(token) {
32 | return token
33 | }
34 | }
35 | }
36 |
37 | // GenerateApplicationToken generates an application token.
38 | func GenerateApplicationToken() string {
39 | return generateRandomToken(applicationPrefix)
40 | }
41 |
42 | // GenerateClientToken generates a client token.
43 | func GenerateClientToken() string {
44 | return generateRandomToken(clientPrefix)
45 | }
46 |
47 | // GeneratePluginToken generates a plugin token.
48 | func GeneratePluginToken() string {
49 | return generateRandomToken(pluginPrefix)
50 | }
51 |
52 | // GenerateImageName generates an image name.
53 | func GenerateImageName() string {
54 | return generateRandomString(25)
55 | }
56 |
57 | func generateRandomToken(prefix string) string {
58 | return prefix + generateRandomString(randomTokenLength)
59 | }
60 |
61 | func generateRandomString(length int) string {
62 | res := make([]byte, length)
63 | for i := range res {
64 | index := randIntn(len(tokenCharacters))
65 | res[i] = tokenCharacters[index]
66 | }
67 | return string(res)
68 | }
69 |
70 | func init() {
71 | randIntn(2)
72 | }
73 |
--------------------------------------------------------------------------------
/auth/token_test.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "crypto/rand"
5 | "fmt"
6 | "strings"
7 | "testing"
8 |
9 | "github.com/gotify/server/v2/test"
10 | "github.com/stretchr/testify/assert"
11 | )
12 |
13 | func TestTokenHavePrefix(t *testing.T) {
14 | for i := 0; i < 50; i++ {
15 | assert.True(t, strings.HasPrefix(GenerateApplicationToken(), "A"))
16 | assert.True(t, strings.HasPrefix(GenerateClientToken(), "C"))
17 | assert.True(t, strings.HasPrefix(GeneratePluginToken(), "P"))
18 | assert.NotEmpty(t, GenerateImageName())
19 | }
20 | }
21 |
22 | func TestGenerateNotExistingToken(t *testing.T) {
23 | count := 5
24 | token := GenerateNotExistingToken(func() string {
25 | return fmt.Sprint(count)
26 | }, func(token string) bool {
27 | count--
28 | return token != "0"
29 | })
30 | assert.Equal(t, "0", token)
31 | }
32 |
33 | func TestBadCryptoReaderPanics(t *testing.T) {
34 | assert.Panics(t, func() {
35 | randReader = test.UnreadableReader()
36 | defer func() {
37 | randReader = rand.Reader
38 | }()
39 | randIntn(2)
40 | })
41 | }
42 |
--------------------------------------------------------------------------------
/auth/util.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "github.com/gin-gonic/gin"
5 | "github.com/gotify/server/v2/model"
6 | )
7 |
8 | // RegisterAuthentication registers the user id, user and or token.
9 | func RegisterAuthentication(ctx *gin.Context, user *model.User, userID uint, tokenID string) {
10 | ctx.Set("user", user)
11 | ctx.Set("userid", userID)
12 | ctx.Set("tokenid", tokenID)
13 | }
14 |
15 | // GetUserID returns the user id which was previously registered by RegisterAuthentication.
16 | func GetUserID(ctx *gin.Context) uint {
17 | id := TryGetUserID(ctx)
18 | if id == nil {
19 | panic("token and user may not be null")
20 | }
21 | return *id
22 | }
23 |
24 | // TryGetUserID returns the user id or nil if one is not set.
25 | func TryGetUserID(ctx *gin.Context) *uint {
26 | user := ctx.MustGet("user").(*model.User)
27 | if user == nil {
28 | userID := ctx.MustGet("userid").(uint)
29 | if userID == 0 {
30 | return nil
31 | }
32 | return &userID
33 | }
34 |
35 | return &user.ID
36 | }
37 |
38 | // GetTokenID returns the tokenID.
39 | func GetTokenID(ctx *gin.Context) string {
40 | return ctx.MustGet("tokenid").(string)
41 | }
42 |
--------------------------------------------------------------------------------
/auth/util_test.go:
--------------------------------------------------------------------------------
1 | package auth
2 |
3 | import (
4 | "net/http/httptest"
5 | "testing"
6 |
7 | "github.com/gin-gonic/gin"
8 | "github.com/gotify/server/v2/mode"
9 | "github.com/gotify/server/v2/model"
10 | "github.com/stretchr/testify/assert"
11 | "github.com/stretchr/testify/suite"
12 | )
13 |
14 | func TestUtilSuite(t *testing.T) {
15 | suite.Run(t, new(UtilSuite))
16 | }
17 |
18 | type UtilSuite struct {
19 | suite.Suite
20 | }
21 |
22 | func (s *UtilSuite) BeforeTest(suiteName, testName string) {
23 | mode.Set(mode.TestDev)
24 | }
25 |
26 | func (s *UtilSuite) Test_getID() {
27 | s.expectUserIDWith(&model.User{ID: 2}, 0, 2)
28 | s.expectUserIDWith(nil, 5, 5)
29 | assert.Panics(s.T(), func() {
30 | s.expectUserIDWith(nil, 0, 0)
31 | })
32 | s.expectTryUserIDWith(nil, 0, nil)
33 | }
34 |
35 | func (s *UtilSuite) Test_getToken() {
36 | ctx, _ := gin.CreateTestContext(httptest.NewRecorder())
37 | RegisterAuthentication(ctx, nil, 1, "asdasda")
38 | actualID := GetTokenID(ctx)
39 | assert.Equal(s.T(), "asdasda", actualID)
40 | }
41 |
42 | func (s *UtilSuite) expectUserIDWith(user *model.User, tokenUserID, expectedID uint) {
43 | ctx, _ := gin.CreateTestContext(httptest.NewRecorder())
44 | RegisterAuthentication(ctx, user, tokenUserID, "")
45 | actualID := GetUserID(ctx)
46 | assert.Equal(s.T(), expectedID, actualID)
47 | }
48 |
49 | func (s *UtilSuite) expectTryUserIDWith(user *model.User, tokenUserID uint, expectedID *uint) {
50 | ctx, _ := gin.CreateTestContext(httptest.NewRecorder())
51 | RegisterAuthentication(ctx, user, tokenUserID, "")
52 | actualID := TryGetUserID(ctx)
53 | assert.Equal(s.T(), expectedID, actualID)
54 | }
55 |
--------------------------------------------------------------------------------
/config.example.yml:
--------------------------------------------------------------------------------
1 | # Example configuration file for the server.
2 | # Save it to `config.yml` when edited
3 |
4 | server:
5 | keepaliveperiodseconds: 0 # 0 = use Go default (15s); -1 = disable keepalive; set the interval in which keepalive packets will be sent. Only change this value if you know what you are doing.
6 | listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
7 | port: 80 # the port the HTTP server will listen on
8 |
9 | ssl:
10 | enabled: false # if https should be enabled
11 | redirecttohttps: true # redirect to https if site is accessed by http
12 | listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
13 | port: 443 # the https port
14 | certfile: # the cert file (leave empty when using letsencrypt)
15 | certkey: # the cert key (leave empty when using letsencrypt)
16 | letsencrypt:
17 | enabled: false # if the certificate should be requested from letsencrypt
18 | accepttos: false # if you accept the tos from letsencrypt
19 | cache: data/certs # the directory of the cache from letsencrypt
20 | hosts: # the hosts for which letsencrypt should request certificates
21 | # - mydomain.tld
22 | # - myotherdomain.tld
23 |
24 | responseheaders: # response headers are added to every response (default: none)
25 | # X-Custom-Header: "custom value"
26 | #
27 | trustedproxies: # IPs or IP ranges of trusted proxies. Used to obtain the remote ip via the X-Forwarded-For header. (configure 127.0.0.1 to trust sockets)
28 | # - 127.0.0.1/32
29 | # - ::1
30 |
31 | cors: # Sets cors headers only when needed and provides support for multiple allowed origins. Overrides Access-Control-* Headers in response headers.
32 | alloworigins:
33 | # - ".+.example.com"
34 | # - "otherdomain.com"
35 | allowmethods:
36 | # - "GET"
37 | # - "POST"
38 | allowheaders:
39 | # - "Authorization"
40 | # - "content-type"
41 | stream:
42 | pingperiodseconds: 45 # the interval in which websocket pings will be sent. Only change this value if you know what you are doing.
43 | allowedorigins: # allowed origins for websocket connections (same origin is always allowed)
44 | # - ".+.example.com"
45 | # - "otherdomain.com"
46 |
47 | database: # for database see (configure database section)
48 | dialect: sqlite3
49 | connection: data/gotify.db
50 |
51 | defaultuser: # on database creation, gotify creates an admin user
52 | name: admin # the username of the default user
53 | pass: admin # the password of the default user
54 | passstrength: 10 # the bcrypt password strength (higher = better but also slower)
55 | uploadedimagesdir: data/images # the directory for storing uploaded images
56 | pluginsdir: data/plugins # the directory where plugin resides
57 | registration: false # enable registrations
58 |
--------------------------------------------------------------------------------
/config/config.go:
--------------------------------------------------------------------------------
1 | package config
2 |
3 | import (
4 | "path/filepath"
5 | "strings"
6 |
7 | "github.com/gotify/server/v2/mode"
8 | "github.com/jinzhu/configor"
9 | )
10 |
11 | // Configuration is stuff that can be configured externally per env variables or config file (config.yml).
12 | type Configuration struct {
13 | Server struct {
14 | KeepAlivePeriodSeconds int
15 | ListenAddr string `default:""`
16 | Port int `default:"80"`
17 |
18 | SSL struct {
19 | Enabled bool `default:"false"`
20 | RedirectToHTTPS bool `default:"true"`
21 | ListenAddr string `default:""`
22 | Port int `default:"443"`
23 | CertFile string `default:""`
24 | CertKey string `default:""`
25 | LetsEncrypt struct {
26 | Enabled bool `default:"false"`
27 | AcceptTOS bool `default:"false"`
28 | Cache string `default:"data/certs"`
29 | Hosts []string
30 | }
31 | }
32 | ResponseHeaders map[string]string
33 | Stream struct {
34 | PingPeriodSeconds int `default:"45"`
35 | AllowedOrigins []string
36 | }
37 | Cors struct {
38 | AllowOrigins []string
39 | AllowMethods []string
40 | AllowHeaders []string
41 | }
42 |
43 | TrustedProxies []string
44 | }
45 | Database struct {
46 | Dialect string `default:"sqlite3"`
47 | Connection string `default:"data/gotify.db"`
48 | }
49 | DefaultUser struct {
50 | Name string `default:"admin"`
51 | Pass string `default:"admin"`
52 | }
53 | PassStrength int `default:"10"`
54 | UploadedImagesDir string `default:"data/images"`
55 | PluginsDir string `default:"data/plugins"`
56 | Registration bool `default:"false"`
57 | }
58 |
59 | func configFiles() []string {
60 | if mode.Get() == mode.TestDev {
61 | return []string{"config.yml"}
62 | }
63 | return []string{"config.yml", "/etc/gotify/config.yml"}
64 | }
65 |
66 | // Get returns the configuration extracted from env variables or config file.
67 | func Get() *Configuration {
68 | conf := new(Configuration)
69 | err := configor.New(&configor.Config{ENVPrefix: "GOTIFY", Silent: true}).Load(conf, configFiles()...)
70 | if err != nil {
71 | panic(err)
72 | }
73 | addTrailingSlashToPaths(conf)
74 | return conf
75 | }
76 |
77 | func addTrailingSlashToPaths(conf *Configuration) {
78 | if !strings.HasSuffix(conf.UploadedImagesDir, "/") && !strings.HasSuffix(conf.UploadedImagesDir, "\\") {
79 | conf.UploadedImagesDir += string(filepath.Separator)
80 | }
81 | }
82 |
--------------------------------------------------------------------------------
/database/application.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "time"
5 |
6 | "github.com/gotify/server/v2/model"
7 | "github.com/jinzhu/gorm"
8 | )
9 |
10 | // GetApplicationByToken returns the application for the given token or nil.
11 | func (d *GormDatabase) GetApplicationByToken(token string) (*model.Application, error) {
12 | app := new(model.Application)
13 | err := d.DB.Where("token = ?", token).Find(app).Error
14 | if err == gorm.ErrRecordNotFound {
15 | err = nil
16 | }
17 | if app.Token == token {
18 | return app, err
19 | }
20 | return nil, err
21 | }
22 |
23 | // GetApplicationByID returns the application for the given id or nil.
24 | func (d *GormDatabase) GetApplicationByID(id uint) (*model.Application, error) {
25 | app := new(model.Application)
26 | err := d.DB.Where("id = ?", id).Find(app).Error
27 | if err == gorm.ErrRecordNotFound {
28 | err = nil
29 | }
30 | if app.ID == id {
31 | return app, err
32 | }
33 | return nil, err
34 | }
35 |
36 | // CreateApplication creates an application.
37 | func (d *GormDatabase) CreateApplication(application *model.Application) error {
38 | return d.DB.Create(application).Error
39 | }
40 |
41 | // DeleteApplicationByID deletes an application by its id.
42 | func (d *GormDatabase) DeleteApplicationByID(id uint) error {
43 | d.DeleteMessagesByApplication(id)
44 | return d.DB.Where("id = ?", id).Delete(&model.Application{}).Error
45 | }
46 |
47 | // GetApplicationsByUser returns all applications from a user.
48 | func (d *GormDatabase) GetApplicationsByUser(userID uint) ([]*model.Application, error) {
49 | var apps []*model.Application
50 | err := d.DB.Where("user_id = ?", userID).Order("id ASC").Find(&apps).Error
51 | if err == gorm.ErrRecordNotFound {
52 | err = nil
53 | }
54 | return apps, err
55 | }
56 |
57 | // UpdateApplication updates an application.
58 | func (d *GormDatabase) UpdateApplication(app *model.Application) error {
59 | return d.DB.Save(app).Error
60 | }
61 |
62 | // UpdateApplicationTokenLastUsed updates the last used time of the application token.
63 | func (d *GormDatabase) UpdateApplicationTokenLastUsed(token string, t *time.Time) error {
64 | return d.DB.Model(&model.Application{}).Where("token = ?", token).Update("last_used", t).Error
65 | }
66 |
--------------------------------------------------------------------------------
/database/application_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "time"
5 |
6 | "github.com/gotify/server/v2/model"
7 | "github.com/stretchr/testify/assert"
8 | )
9 |
10 | func (s *DatabaseSuite) TestApplication() {
11 | if app, err := s.db.GetApplicationByToken("asdasdf"); assert.NoError(s.T(), err) {
12 | assert.Nil(s.T(), app, "not existing app")
13 | }
14 |
15 | if app, err := s.db.GetApplicationByID(uint(1)); assert.NoError(s.T(), err) {
16 | assert.Nil(s.T(), app, "not existing app")
17 | }
18 |
19 | user := &model.User{Name: "test", Pass: []byte{1}}
20 | s.db.CreateUser(user)
21 | assert.NotEqual(s.T(), 0, user.ID)
22 |
23 | if apps, err := s.db.GetApplicationsByUser(user.ID); assert.NoError(s.T(), err) {
24 | assert.Empty(s.T(), apps)
25 | }
26 |
27 | app := &model.Application{UserID: user.ID, Token: "C0000000000", Name: "backupserver"}
28 | s.db.CreateApplication(app)
29 |
30 | if apps, err := s.db.GetApplicationsByUser(user.ID); assert.NoError(s.T(), err) {
31 | assert.Len(s.T(), apps, 1)
32 | assert.Contains(s.T(), apps, app)
33 | }
34 |
35 | newApp, err := s.db.GetApplicationByToken(app.Token)
36 | if assert.NoError(s.T(), err) {
37 | assert.Equal(s.T(), app, newApp)
38 | }
39 |
40 | newApp, err = s.db.GetApplicationByID(app.ID)
41 | if assert.NoError(s.T(), err) {
42 | assert.Equal(s.T(), app, newApp)
43 | }
44 |
45 | lastUsed := time.Now().Add(-time.Hour)
46 | s.db.UpdateApplicationTokenLastUsed(app.Token, &lastUsed)
47 | newApp, err = s.db.GetApplicationByID(app.ID)
48 | if assert.NoError(s.T(), err) {
49 | assert.Equal(s.T(), lastUsed.Unix(), newApp.LastUsed.Unix())
50 | }
51 | app.LastUsed = &lastUsed
52 |
53 | newApp.Image = "asdasd"
54 | assert.NoError(s.T(), s.db.UpdateApplication(newApp))
55 |
56 | newApp, err = s.db.GetApplicationByID(app.ID)
57 | if assert.NoError(s.T(), err) {
58 | assert.Equal(s.T(), "asdasd", newApp.Image)
59 | }
60 |
61 | assert.NoError(s.T(), s.db.DeleteApplicationByID(app.ID))
62 |
63 | if apps, err := s.db.GetApplicationsByUser(user.ID); assert.NoError(s.T(), err) {
64 | assert.Empty(s.T(), apps)
65 | }
66 |
67 | if app, err := s.db.GetApplicationByID(app.ID); assert.NoError(s.T(), err) {
68 | assert.Nil(s.T(), app)
69 | }
70 | }
71 |
72 | func (s *DatabaseSuite) TestDeleteAppDeletesMessages() {
73 | assert.NoError(s.T(), s.db.CreateApplication(&model.Application{ID: 55, Token: "token"}))
74 | assert.NoError(s.T(), s.db.CreateApplication(&model.Application{ID: 66, Token: "token2"}))
75 | assert.NoError(s.T(), s.db.CreateMessage(&model.Message{ID: 12, ApplicationID: 55}))
76 | assert.NoError(s.T(), s.db.CreateMessage(&model.Message{ID: 13, ApplicationID: 66}))
77 | assert.NoError(s.T(), s.db.CreateMessage(&model.Message{ID: 14, ApplicationID: 55}))
78 | assert.NoError(s.T(), s.db.CreateMessage(&model.Message{ID: 15, ApplicationID: 55}))
79 |
80 | assert.NoError(s.T(), s.db.DeleteApplicationByID(55))
81 |
82 | if msg, err := s.db.GetMessageByID(12); assert.NoError(s.T(), err) {
83 | assert.Nil(s.T(), msg)
84 | }
85 | if msg, err := s.db.GetMessageByID(13); assert.NoError(s.T(), err) {
86 | assert.NotNil(s.T(), msg)
87 | }
88 | if msg, err := s.db.GetMessageByID(14); assert.NoError(s.T(), err) {
89 | assert.Nil(s.T(), msg)
90 | }
91 | if msg, err := s.db.GetMessageByID(15); assert.NoError(s.T(), err) {
92 | assert.Nil(s.T(), msg)
93 | }
94 |
95 | if msgs, err := s.db.GetMessagesByApplication(55); assert.NoError(s.T(), err) {
96 | assert.Empty(s.T(), msgs)
97 | }
98 | if msgs, err := s.db.GetMessagesByApplication(66); assert.NoError(s.T(), err) {
99 | assert.NotEmpty(s.T(), msgs)
100 | }
101 | }
102 |
--------------------------------------------------------------------------------
/database/client.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "time"
5 |
6 | "github.com/gotify/server/v2/model"
7 | "github.com/jinzhu/gorm"
8 | )
9 |
10 | // GetClientByID returns the client for the given id or nil.
11 | func (d *GormDatabase) GetClientByID(id uint) (*model.Client, error) {
12 | client := new(model.Client)
13 | err := d.DB.Where("id = ?", id).Find(client).Error
14 | if err == gorm.ErrRecordNotFound {
15 | err = nil
16 | }
17 | if client.ID == id {
18 | return client, err
19 | }
20 | return nil, err
21 | }
22 |
23 | // GetClientByToken returns the client for the given token or nil.
24 | func (d *GormDatabase) GetClientByToken(token string) (*model.Client, error) {
25 | client := new(model.Client)
26 | err := d.DB.Where("token = ?", token).Find(client).Error
27 | if err == gorm.ErrRecordNotFound {
28 | err = nil
29 | }
30 | if client.Token == token {
31 | return client, err
32 | }
33 | return nil, err
34 | }
35 |
36 | // CreateClient creates a client.
37 | func (d *GormDatabase) CreateClient(client *model.Client) error {
38 | return d.DB.Create(client).Error
39 | }
40 |
41 | // GetClientsByUser returns all clients from a user.
42 | func (d *GormDatabase) GetClientsByUser(userID uint) ([]*model.Client, error) {
43 | var clients []*model.Client
44 | err := d.DB.Where("user_id = ?", userID).Find(&clients).Error
45 | if err == gorm.ErrRecordNotFound {
46 | err = nil
47 | }
48 | return clients, err
49 | }
50 |
51 | // DeleteClientByID deletes a client by its id.
52 | func (d *GormDatabase) DeleteClientByID(id uint) error {
53 | return d.DB.Where("id = ?", id).Delete(&model.Client{}).Error
54 | }
55 |
56 | // UpdateClient updates a client.
57 | func (d *GormDatabase) UpdateClient(client *model.Client) error {
58 | return d.DB.Save(client).Error
59 | }
60 |
61 | // UpdateClientTokensLastUsed updates the last used timestamp of clients.
62 | func (d *GormDatabase) UpdateClientTokensLastUsed(tokens []string, t *time.Time) error {
63 | return d.DB.Model(&model.Client{}).Where("token IN (?)", tokens).Update("last_used", t).Error
64 | }
65 |
--------------------------------------------------------------------------------
/database/client_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "time"
5 |
6 | "github.com/gotify/server/v2/model"
7 | "github.com/stretchr/testify/assert"
8 | )
9 |
10 | func (s *DatabaseSuite) TestClient() {
11 | if client, err := s.db.GetClientByID(1); assert.NoError(s.T(), err) {
12 | assert.Nil(s.T(), client, "not existing client")
13 | }
14 | if client, err := s.db.GetClientByToken("asdasd"); assert.NoError(s.T(), err) {
15 | assert.Nil(s.T(), client, "not existing client")
16 | }
17 |
18 | user := &model.User{Name: "test", Pass: []byte{1}}
19 | s.db.CreateUser(user)
20 | assert.NotEqual(s.T(), 0, user.ID)
21 |
22 | if clients, err := s.db.GetClientsByUser(user.ID); assert.NoError(s.T(), err) {
23 | assert.Empty(s.T(), clients)
24 | }
25 |
26 | client := &model.Client{UserID: user.ID, Token: "C0000000000", Name: "android"}
27 | assert.NoError(s.T(), s.db.CreateClient(client))
28 |
29 | if clients, err := s.db.GetClientsByUser(user.ID); assert.NoError(s.T(), err) {
30 | assert.Len(s.T(), clients, 1)
31 | assert.Contains(s.T(), clients, client)
32 | }
33 |
34 | newClient, err := s.db.GetClientByID(client.ID)
35 | if assert.NoError(s.T(), err) {
36 | assert.Equal(s.T(), client, newClient)
37 | }
38 |
39 | if newClient, err := s.db.GetClientByToken(client.Token); assert.NoError(s.T(), err) {
40 | assert.Equal(s.T(), client, newClient)
41 | }
42 |
43 | updateClient := &model.Client{ID: client.ID, UserID: user.ID, Token: "C0000000000", Name: "new_name"}
44 | s.db.UpdateClient(updateClient)
45 | if updatedClient, err := s.db.GetClientByID(client.ID); assert.NoError(s.T(), err) {
46 | assert.Equal(s.T(), updateClient, updatedClient)
47 | }
48 |
49 | lastUsed := time.Now().Add(-time.Hour)
50 | s.db.UpdateClientTokensLastUsed([]string{client.Token}, &lastUsed)
51 | newClient, err = s.db.GetClientByID(client.ID)
52 | if assert.NoError(s.T(), err) {
53 | assert.Equal(s.T(), lastUsed.Unix(), newClient.LastUsed.Unix())
54 | }
55 |
56 | s.db.DeleteClientByID(client.ID)
57 |
58 | if clients, err := s.db.GetClientsByUser(user.ID); assert.NoError(s.T(), err) {
59 | assert.Empty(s.T(), clients)
60 | }
61 |
62 | if client, err := s.db.GetClientByID(client.ID); assert.NoError(s.T(), err) {
63 | assert.Nil(s.T(), client)
64 | }
65 | }
66 |
--------------------------------------------------------------------------------
/database/database.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "os"
5 | "path/filepath"
6 | "time"
7 |
8 | "github.com/gotify/server/v2/auth/password"
9 | "github.com/gotify/server/v2/model"
10 | "github.com/jinzhu/gorm"
11 | _ "github.com/jinzhu/gorm/dialects/mysql" // enable the mysql dialect.
12 | _ "github.com/jinzhu/gorm/dialects/postgres" // enable the postgres dialect.
13 | _ "github.com/jinzhu/gorm/dialects/sqlite" // enable the sqlite3 dialect.
14 | )
15 |
16 | var mkdirAll = os.MkdirAll
17 |
18 | // New creates a new wrapper for the gorm database framework.
19 | func New(dialect, connection, defaultUser, defaultPass string, strength int, createDefaultUserIfNotExist bool) (*GormDatabase, error) {
20 | createDirectoryIfSqlite(dialect, connection)
21 |
22 | db, err := gorm.Open(dialect, connection)
23 | if err != nil {
24 | return nil, err
25 | }
26 |
27 | // We normally don't need that much connections, so we limit them. F.ex. mysql complains about
28 | // "too many connections", while load testing Gotify.
29 | db.DB().SetMaxOpenConns(10)
30 |
31 | if dialect == "sqlite3" {
32 | // We use the database connection inside the handlers from the http
33 | // framework, therefore concurrent access occurs. Sqlite cannot handle
34 | // concurrent writes, so we limit sqlite to one connection.
35 | // see https://github.com/mattn/go-sqlite3/issues/274
36 | db.DB().SetMaxOpenConns(1)
37 | }
38 |
39 | if dialect == "mysql" {
40 | // Mysql has a setting called wait_timeout, which defines the duration
41 | // after which a connection may not be used anymore.
42 | // The default for this setting on mariadb is 10 minutes.
43 | // See https://github.com/docker-library/mariadb/issues/113
44 | db.DB().SetConnMaxLifetime(9 * time.Minute)
45 | }
46 |
47 | if err := db.AutoMigrate(new(model.User), new(model.Application), new(model.Message), new(model.Client), new(model.PluginConf)).Error; err != nil {
48 | return nil, err
49 | }
50 |
51 | if err := prepareBlobColumn(dialect, db); err != nil {
52 | return nil, err
53 | }
54 |
55 | userCount := 0
56 | db.Find(new(model.User)).Count(&userCount)
57 | if createDefaultUserIfNotExist && userCount == 0 {
58 | db.Create(&model.User{Name: defaultUser, Pass: password.CreatePassword(defaultPass, strength), Admin: true})
59 | }
60 |
61 | return &GormDatabase{DB: db}, nil
62 | }
63 |
64 | func prepareBlobColumn(dialect string, db *gorm.DB) error {
65 | blobType := ""
66 | switch dialect {
67 | case "mysql":
68 | blobType = "longblob"
69 | case "postgres":
70 | blobType = "bytea"
71 | }
72 | if blobType != "" {
73 | for _, target := range []struct {
74 | Table interface{}
75 | Column string
76 | }{
77 | {model.Message{}, "extras"},
78 | {model.PluginConf{}, "config"},
79 | {model.PluginConf{}, "storage"},
80 | } {
81 | if err := db.Model(target.Table).ModifyColumn(target.Column, blobType).Error; err != nil {
82 | return err
83 | }
84 | }
85 | }
86 | return nil
87 | }
88 |
89 | func createDirectoryIfSqlite(dialect, connection string) {
90 | if dialect == "sqlite3" {
91 | if _, err := os.Stat(filepath.Dir(connection)); os.IsNotExist(err) {
92 | if err := mkdirAll(filepath.Dir(connection), 0o777); err != nil {
93 | panic(err)
94 | }
95 | }
96 | }
97 | }
98 |
99 | // GormDatabase is a wrapper for the gorm framework.
100 | type GormDatabase struct {
101 | DB *gorm.DB
102 | }
103 |
104 | // Close closes the gorm database connection.
105 | func (d *GormDatabase) Close() {
106 | d.DB.Close()
107 | }
108 |
--------------------------------------------------------------------------------
/database/database_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "errors"
5 | "os"
6 | "testing"
7 |
8 | "github.com/gotify/server/v2/test"
9 | "github.com/stretchr/testify/assert"
10 | "github.com/stretchr/testify/suite"
11 | )
12 |
13 | func TestDatabaseSuite(t *testing.T) {
14 | suite.Run(t, new(DatabaseSuite))
15 | }
16 |
17 | type DatabaseSuite struct {
18 | suite.Suite
19 | db *GormDatabase
20 | tmpDir test.TmpDir
21 | }
22 |
23 | func (s *DatabaseSuite) BeforeTest(suiteName, testName string) {
24 | s.tmpDir = test.NewTmpDir("gotify_databasesuite")
25 | db, err := New("sqlite3", s.tmpDir.Path("testdb.db"), "defaultUser", "defaultPass", 5, true)
26 | assert.Nil(s.T(), err)
27 | s.db = db
28 | }
29 |
30 | func (s *DatabaseSuite) AfterTest(suiteName, testName string) {
31 | s.db.Close()
32 | assert.Nil(s.T(), s.tmpDir.Clean())
33 | }
34 |
35 | func TestInvalidDialect(t *testing.T) {
36 | tmpDir := test.NewTmpDir("gotify_testinvaliddialect")
37 | defer tmpDir.Clean()
38 | _, err := New("asdf", tmpDir.Path("testdb.db"), "defaultUser", "defaultPass", 5, true)
39 | assert.Error(t, err)
40 | }
41 |
42 | func TestCreateSqliteFolder(t *testing.T) {
43 | tmpDir := test.NewTmpDir("gotify_testcreatesqlitefolder")
44 | defer tmpDir.Clean()
45 |
46 | db, err := New("sqlite3", tmpDir.Path("somepath/testdb.db"), "defaultUser", "defaultPass", 5, true)
47 | assert.Nil(t, err)
48 | assert.DirExists(t, tmpDir.Path("somepath"))
49 | db.Close()
50 | }
51 |
52 | func TestWithAlreadyExistingSqliteFolder(t *testing.T) {
53 | tmpDir := test.NewTmpDir("gotify_testwithexistingfolder")
54 | defer tmpDir.Clean()
55 |
56 | db, err := New("sqlite3", tmpDir.Path("somepath/testdb.db"), "defaultUser", "defaultPass", 5, true)
57 | assert.Nil(t, err)
58 | assert.DirExists(t, tmpDir.Path("somepath"))
59 | db.Close()
60 | }
61 |
62 | func TestPanicsOnMkdirError(t *testing.T) {
63 | tmpDir := test.NewTmpDir("gotify_testpanicsonmkdirerror")
64 | defer tmpDir.Clean()
65 | mkdirAll = func(path string, perm os.FileMode) error {
66 | return errors.New("ERROR")
67 | }
68 | assert.Panics(t, func() {
69 | New("sqlite3", tmpDir.Path("somepath/test.db"), "defaultUser", "defaultPass", 5, true)
70 | })
71 | }
72 |
--------------------------------------------------------------------------------
/database/message.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "github.com/gotify/server/v2/model"
5 | "github.com/jinzhu/gorm"
6 | )
7 |
8 | // GetMessageByID returns the messages for the given id or nil.
9 | func (d *GormDatabase) GetMessageByID(id uint) (*model.Message, error) {
10 | msg := new(model.Message)
11 | err := d.DB.Find(msg, id).Error
12 | if err == gorm.ErrRecordNotFound {
13 | err = nil
14 | }
15 | if msg.ID == id {
16 | return msg, err
17 | }
18 | return nil, err
19 | }
20 |
21 | // CreateMessage creates a message.
22 | func (d *GormDatabase) CreateMessage(message *model.Message) error {
23 | return d.DB.Create(message).Error
24 | }
25 |
26 | // GetMessagesByUser returns all messages from a user.
27 | func (d *GormDatabase) GetMessagesByUser(userID uint) ([]*model.Message, error) {
28 | var messages []*model.Message
29 | err := d.DB.Joins("JOIN applications ON applications.user_id = ?", userID).
30 | Where("messages.application_id = applications.id").Order("id desc").Find(&messages).Error
31 | if err == gorm.ErrRecordNotFound {
32 | err = nil
33 | }
34 | return messages, err
35 | }
36 |
37 | // GetMessagesByUserSince returns limited messages from a user.
38 | // If since is 0 it will be ignored.
39 | func (d *GormDatabase) GetMessagesByUserSince(userID uint, limit int, since uint) ([]*model.Message, error) {
40 | var messages []*model.Message
41 | db := d.DB.Joins("JOIN applications ON applications.user_id = ?", userID).
42 | Where("messages.application_id = applications.id").Order("id desc").Limit(limit)
43 | if since != 0 {
44 | db = db.Where("messages.id < ?", since)
45 | }
46 | err := db.Find(&messages).Error
47 | if err == gorm.ErrRecordNotFound {
48 | err = nil
49 | }
50 | return messages, err
51 | }
52 |
53 | // GetMessagesByApplication returns all messages from an application.
54 | func (d *GormDatabase) GetMessagesByApplication(tokenID uint) ([]*model.Message, error) {
55 | var messages []*model.Message
56 | err := d.DB.Where("application_id = ?", tokenID).Order("id desc").Find(&messages).Error
57 | if err == gorm.ErrRecordNotFound {
58 | err = nil
59 | }
60 | return messages, err
61 | }
62 |
63 | // GetMessagesByApplicationSince returns limited messages from an application.
64 | // If since is 0 it will be ignored.
65 | func (d *GormDatabase) GetMessagesByApplicationSince(appID uint, limit int, since uint) ([]*model.Message, error) {
66 | var messages []*model.Message
67 | db := d.DB.Where("application_id = ?", appID).Order("id desc").Limit(limit)
68 | if since != 0 {
69 | db = db.Where("messages.id < ?", since)
70 | }
71 | err := db.Find(&messages).Error
72 | if err == gorm.ErrRecordNotFound {
73 | err = nil
74 | }
75 | return messages, err
76 | }
77 |
78 | // DeleteMessageByID deletes a message by its id.
79 | func (d *GormDatabase) DeleteMessageByID(id uint) error {
80 | return d.DB.Where("id = ?", id).Delete(&model.Message{}).Error
81 | }
82 |
83 | // DeleteMessagesByApplication deletes all messages from an application.
84 | func (d *GormDatabase) DeleteMessagesByApplication(applicationID uint) error {
85 | return d.DB.Where("application_id = ?", applicationID).Delete(&model.Message{}).Error
86 | }
87 |
88 | // DeleteMessagesByUser deletes all messages from a user.
89 | func (d *GormDatabase) DeleteMessagesByUser(userID uint) error {
90 | app, _ := d.GetApplicationsByUser(userID)
91 | for _, app := range app {
92 | d.DeleteMessagesByApplication(app.ID)
93 | }
94 | return nil
95 | }
96 |
--------------------------------------------------------------------------------
/database/migration_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "testing"
5 |
6 | "github.com/gotify/server/v2/model"
7 | "github.com/gotify/server/v2/test"
8 | "github.com/jinzhu/gorm"
9 | "github.com/stretchr/testify/assert"
10 | "github.com/stretchr/testify/suite"
11 | )
12 |
13 | func TestMigration(t *testing.T) {
14 | suite.Run(t, &MigrationSuite{})
15 | }
16 |
17 | type MigrationSuite struct {
18 | suite.Suite
19 | tmpDir test.TmpDir
20 | }
21 |
22 | func (s *MigrationSuite) BeforeTest(suiteName, testName string) {
23 | s.tmpDir = test.NewTmpDir("gotify_migrationsuite")
24 | db, err := gorm.Open("sqlite3", s.tmpDir.Path("test_obsolete.db"))
25 | assert.Nil(s.T(), err)
26 | defer db.Close()
27 |
28 | assert.Nil(s.T(), db.CreateTable(new(model.User)).Error)
29 | assert.Nil(s.T(), db.Create(&model.User{
30 | Name: "test_user",
31 | Admin: true,
32 | }).Error)
33 |
34 | // we should not be able to create applications by now
35 | assert.False(s.T(), db.HasTable(new(model.Application)))
36 | }
37 |
38 | func (s *MigrationSuite) AfterTest(suiteName, testName string) {
39 | assert.Nil(s.T(), s.tmpDir.Clean())
40 | }
41 |
42 | func (s *MigrationSuite) TestMigration() {
43 | db, err := New("sqlite3", s.tmpDir.Path("test_obsolete.db"), "admin", "admin", 6, true)
44 | assert.Nil(s.T(), err)
45 | defer db.Close()
46 |
47 | assert.True(s.T(), db.DB.HasTable(new(model.Application)))
48 |
49 | // a user already exist, not adding a new user
50 | if user, err := db.GetUserByName("admin"); assert.NoError(s.T(), err) {
51 | assert.Nil(s.T(), user)
52 | }
53 |
54 | // the old user should persist
55 | if user, err := db.GetUserByName("test_user"); assert.NoError(s.T(), err) {
56 | assert.Equal(s.T(), true, user.Admin)
57 | }
58 |
59 | // we should be able to create applications
60 | if user, err := db.GetUserByName("test_user"); assert.NoError(s.T(), err) {
61 | assert.Nil(s.T(), db.CreateApplication(&model.Application{
62 | Token: "A1234",
63 | UserID: user.ID,
64 | Description: "this is a test application",
65 | Name: "test application",
66 | }))
67 | }
68 | if app, err := db.GetApplicationByToken("A1234"); assert.NoError(s.T(), err) {
69 | assert.Equal(s.T(), "test application", app.Name)
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/database/ping.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | // Ping pings the database to verify the connection.
4 | func (d *GormDatabase) Ping() error {
5 | return d.DB.DB().Ping()
6 | }
7 |
--------------------------------------------------------------------------------
/database/ping_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "github.com/stretchr/testify/assert"
5 | )
6 |
7 | func (s *DatabaseSuite) TestPing_onValidDB() {
8 | err := s.db.Ping()
9 | assert.NoError(s.T(), err)
10 | }
11 |
12 | func (s *DatabaseSuite) TestPing_onClosedDB() {
13 | s.db.Close()
14 | err := s.db.Ping()
15 | assert.Error(s.T(), err)
16 | }
17 |
--------------------------------------------------------------------------------
/database/plugin.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "github.com/gotify/server/v2/model"
5 | "github.com/jinzhu/gorm"
6 | )
7 |
8 | // GetPluginConfByUser gets plugin configurations from a user.
9 | func (d *GormDatabase) GetPluginConfByUser(userid uint) ([]*model.PluginConf, error) {
10 | var plugins []*model.PluginConf
11 | err := d.DB.Where("user_id = ?", userid).Find(&plugins).Error
12 | if err == gorm.ErrRecordNotFound {
13 | err = nil
14 | }
15 | return plugins, err
16 | }
17 |
18 | // GetPluginConfByUserAndPath gets plugin configuration by user and file name.
19 | func (d *GormDatabase) GetPluginConfByUserAndPath(userid uint, path string) (*model.PluginConf, error) {
20 | plugin := new(model.PluginConf)
21 | err := d.DB.Where("user_id = ? AND module_path = ?", userid, path).First(plugin).Error
22 | if err == gorm.ErrRecordNotFound {
23 | err = nil
24 | }
25 | if plugin.ModulePath == path {
26 | return plugin, err
27 | }
28 | return nil, err
29 | }
30 |
31 | // GetPluginConfByApplicationID gets plugin configuration by its internal appid.
32 | func (d *GormDatabase) GetPluginConfByApplicationID(appid uint) (*model.PluginConf, error) {
33 | plugin := new(model.PluginConf)
34 | err := d.DB.Where("application_id = ?", appid).First(plugin).Error
35 | if err == gorm.ErrRecordNotFound {
36 | err = nil
37 | }
38 | if plugin.ApplicationID == appid {
39 | return plugin, err
40 | }
41 | return nil, err
42 | }
43 |
44 | // CreatePluginConf creates a new plugin configuration.
45 | func (d *GormDatabase) CreatePluginConf(p *model.PluginConf) error {
46 | return d.DB.Create(p).Error
47 | }
48 |
49 | // GetPluginConfByToken gets plugin configuration by plugin token.
50 | func (d *GormDatabase) GetPluginConfByToken(token string) (*model.PluginConf, error) {
51 | plugin := new(model.PluginConf)
52 | err := d.DB.Where("token = ?", token).First(plugin).Error
53 | if err == gorm.ErrRecordNotFound {
54 | err = nil
55 | }
56 | if plugin.Token == token {
57 | return plugin, err
58 | }
59 | return nil, err
60 | }
61 |
62 | // GetPluginConfByID gets plugin configuration by plugin ID.
63 | func (d *GormDatabase) GetPluginConfByID(id uint) (*model.PluginConf, error) {
64 | plugin := new(model.PluginConf)
65 | err := d.DB.Where("id = ?", id).First(plugin).Error
66 | if err == gorm.ErrRecordNotFound {
67 | err = nil
68 | }
69 | if plugin.ID == id {
70 | return plugin, err
71 | }
72 | return nil, err
73 | }
74 |
75 | // UpdatePluginConf updates plugin configuration.
76 | func (d *GormDatabase) UpdatePluginConf(p *model.PluginConf) error {
77 | return d.DB.Save(p).Error
78 | }
79 |
80 | // DeletePluginConfByID deletes a plugin configuration by its id.
81 | func (d *GormDatabase) DeletePluginConfByID(id uint) error {
82 | return d.DB.Where("id = ?", id).Delete(&model.PluginConf{}).Error
83 | }
84 |
--------------------------------------------------------------------------------
/database/plugin_test.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "github.com/gotify/server/v2/model"
5 | "github.com/stretchr/testify/assert"
6 | "github.com/stretchr/testify/require"
7 | )
8 |
9 | func (s *DatabaseSuite) TestPluginConf() {
10 | plugin := model.PluginConf{
11 | ModulePath: "github.com/gotify/example-plugin",
12 | Token: "Pabc",
13 | UserID: 1,
14 | Enabled: true,
15 | Config: nil,
16 | ApplicationID: 2,
17 | }
18 |
19 | assert.Nil(s.T(), s.db.CreatePluginConf(&plugin))
20 |
21 | assert.Equal(s.T(), uint(1), plugin.ID)
22 | pluginConf, err := s.db.GetPluginConfByUserAndPath(1, "github.com/gotify/example-plugin")
23 | require.NoError(s.T(), err)
24 | assert.Equal(s.T(), "Pabc", pluginConf.Token)
25 |
26 | pluginConf, err = s.db.GetPluginConfByToken("Pabc")
27 | require.NoError(s.T(), err)
28 | assert.Equal(s.T(), true, pluginConf.Enabled)
29 |
30 | pluginConf, err = s.db.GetPluginConfByApplicationID(2)
31 | require.NoError(s.T(), err)
32 | assert.Equal(s.T(), "Pabc", pluginConf.Token)
33 |
34 | pluginConf, err = s.db.GetPluginConfByID(1)
35 | require.NoError(s.T(), err)
36 | assert.Equal(s.T(), "github.com/gotify/example-plugin", pluginConf.ModulePath)
37 |
38 | pluginConf, err = s.db.GetPluginConfByToken("Pnotexist")
39 | require.NoError(s.T(), err)
40 | assert.Nil(s.T(), pluginConf)
41 |
42 | pluginConf, err = s.db.GetPluginConfByID(12)
43 | require.NoError(s.T(), err)
44 | assert.Nil(s.T(), pluginConf)
45 |
46 | pluginConf, err = s.db.GetPluginConfByUserAndPath(1, "not/exist")
47 | require.NoError(s.T(), err)
48 | assert.Nil(s.T(), pluginConf)
49 |
50 | pluginConf, err = s.db.GetPluginConfByApplicationID(99)
51 | require.NoError(s.T(), err)
52 | assert.Nil(s.T(), pluginConf)
53 |
54 | pluginConfs, err := s.db.GetPluginConfByUser(1)
55 | require.NoError(s.T(), err)
56 | assert.Len(s.T(), pluginConfs, 1)
57 |
58 | pluginConfs, err = s.db.GetPluginConfByUser(0)
59 | require.NoError(s.T(), err)
60 | assert.Len(s.T(), pluginConfs, 0)
61 |
62 | testConf := `{"test_config_key":"hello"}`
63 | plugin.Enabled = false
64 | plugin.Config = []byte(testConf)
65 | assert.Nil(s.T(), s.db.UpdatePluginConf(&plugin))
66 | pluginConf, err = s.db.GetPluginConfByToken("Pabc")
67 | require.NoError(s.T(), err)
68 | assert.Equal(s.T(), false, pluginConf.Enabled)
69 | assert.Equal(s.T(), testConf, string(pluginConf.Config))
70 | }
71 |
--------------------------------------------------------------------------------
/database/user.go:
--------------------------------------------------------------------------------
1 | package database
2 |
3 | import (
4 | "github.com/gotify/server/v2/model"
5 | "github.com/jinzhu/gorm"
6 | )
7 |
8 | // GetUserByName returns the user by the given name or nil.
9 | func (d *GormDatabase) GetUserByName(name string) (*model.User, error) {
10 | user := new(model.User)
11 | err := d.DB.Where("name = ?", name).Find(user).Error
12 | if err == gorm.ErrRecordNotFound {
13 | err = nil
14 | }
15 | if user.Name == name {
16 | return user, err
17 | }
18 | return nil, err
19 | }
20 |
21 | // GetUserByID returns the user by the given id or nil.
22 | func (d *GormDatabase) GetUserByID(id uint) (*model.User, error) {
23 | user := new(model.User)
24 | err := d.DB.Find(user, id).Error
25 | if err == gorm.ErrRecordNotFound {
26 | err = nil
27 | }
28 | if user.ID == id {
29 | return user, err
30 | }
31 | return nil, err
32 | }
33 |
34 | // CountUser returns the user count which satisfies the given condition.
35 | func (d *GormDatabase) CountUser(condition ...interface{}) (int, error) {
36 | c := -1
37 | handle := d.DB.Model(new(model.User))
38 | if len(condition) == 1 {
39 | handle = handle.Where(condition[0])
40 | } else if len(condition) > 1 {
41 | handle = handle.Where(condition[0], condition[1:]...)
42 | }
43 | err := handle.Count(&c).Error
44 | return c, err
45 | }
46 |
47 | // GetUsers returns all users.
48 | func (d *GormDatabase) GetUsers() ([]*model.User, error) {
49 | var users []*model.User
50 | err := d.DB.Find(&users).Error
51 | return users, err
52 | }
53 |
54 | // DeleteUserByID deletes a user by its id.
55 | func (d *GormDatabase) DeleteUserByID(id uint) error {
56 | apps, _ := d.GetApplicationsByUser(id)
57 | for _, app := range apps {
58 | d.DeleteApplicationByID(app.ID)
59 | }
60 | clients, _ := d.GetClientsByUser(id)
61 | for _, client := range clients {
62 | d.DeleteClientByID(client.ID)
63 | }
64 | pluginConfs, _ := d.GetPluginConfByUser(id)
65 | for _, conf := range pluginConfs {
66 | d.DeletePluginConfByID(conf.ID)
67 | }
68 | return d.DB.Where("id = ?", id).Delete(&model.User{}).Error
69 | }
70 |
71 | // UpdateUser updates a user.
72 | func (d *GormDatabase) UpdateUser(user *model.User) error {
73 | return d.DB.Save(user).Error
74 | }
75 |
76 | // CreateUser creates a user.
77 | func (d *GormDatabase) CreateUser(user *model.User) error {
78 | return d.DB.Create(user).Error
79 | }
80 |
--------------------------------------------------------------------------------
/docker/Dockerfile:
--------------------------------------------------------------------------------
1 | ARG BUILDKIT_SBOM_SCAN_CONTEXT=true
2 | # Suppress warning about invalid variable expansion
3 | ARG GO_VERSION=PLEASE_PROVIDE_GO_VERSION
4 | ARG DEBIAN=sid-slim
5 |
6 | # Hack to normalize platform to match the chosed build image
7 | # Get the gotify/build image tag
8 | ARG __TARGETPLATFORM_DASHES=${TARGETPLATFORM/\//-}
9 | ARG __TARGETPLATFORM_GO_NOTATION=${__TARGETPLATFORM_DASHES/arm\/v7/arm-7}
10 |
11 | # --- JS Builder ---
12 |
13 | FROM --platform=${BUILDPLATFORM} node:23 AS js-builder
14 |
15 | ARG BUILD_JS=0
16 |
17 | COPY ./Makefile /src/gotify/Makefile
18 | COPY ./ui /src/gotify/ui
19 |
20 | RUN if [ "$BUILD_JS" = "1" ]; then \
21 | (cd /src/gotify/ui && yarn install) && \
22 | (cd /src/gotify && make build-js) \
23 | else \
24 | mkdir -p /src/gotify/ui/build; \
25 | fi
26 |
27 | # --- Go Builder ---
28 |
29 | FROM --platform=${BUILDPLATFORM} gotify/build:${GO_VERSION}-${__TARGETPLATFORM_GO_NOTATION} AS builder
30 |
31 | ARG BUILDPLATFORM
32 | ARG TARGETPLATFORM
33 | ARG BUILD_JS=0
34 | ARG RUN_TESTS=0 # 0=never, 1=native only
35 | ARG LD_FLAGS=""
36 | ENV DEBIAN_FRONTEND=noninteractive
37 |
38 | RUN apt-get update && apt-get install -yq --no-install-recommends \
39 | ca-certificates \
40 | git
41 |
42 | COPY . /src/gotify
43 | COPY --from=js-builder /src/gotify/ui/build /ui-build
44 |
45 | RUN if [ "$BUILD_JS" = "1" ]; then \
46 | cp -r --update /ui-build /src/gotify/ui/build; \
47 | fi
48 |
49 | RUN cd /src/gotify && \
50 | if [ "$RUN_TESTS" = "1" ] && [ "$BUILDPLATFORM" = "$TARGETPLATFORM" ]; then \
51 | go test -v ./...; \
52 | fi && \
53 | LD_FLAGS=${LD_FLAGS} make OUTPUT=/target/app/gotify-app _build_within_docker
54 |
55 | FROM debian:${DEBIAN}
56 |
57 | # Build-time configurables
58 | ARG GOTIFY_SERVER_EXPOSE=80
59 | ENV GOTIFY_SERVER_PORT=$GOTIFY_SERVER_EXPOSE
60 |
61 | WORKDIR /app
62 |
63 | RUN export DEBIAN_FRONTEND=noninteractive && apt-get update && apt-get install -yq --no-install-recommends \
64 | tzdata \
65 | curl \
66 | ca-certificates && \
67 | rm -rf /var/lib/apt/lists/*
68 |
69 | HEALTHCHECK --interval=30s --timeout=5s --start-period=5s CMD curl --fail http://localhost:$GOTIFY_SERVER_PORT/health || exit 1
70 | EXPOSE $GOTIFY_SERVER_EXPOSE
71 |
72 | COPY --from=builder /target /
73 |
74 | ENTRYPOINT ["./gotify-app"]
75 |
--------------------------------------------------------------------------------
/docs/package.go:
--------------------------------------------------------------------------------
1 | // Package docs Gotify REST-API.
2 | //
3 | // This is the documentation of the Gotify REST-API.
4 | //
5 | // # Authentication
6 | // In Gotify there are two token types:
7 | // __clientToken__: a client is something that receives message and manages stuff like creating new tokens or delete messages. (f.ex this token should be used for an android app)
8 | // __appToken__: an application is something that sends messages (f.ex. this token should be used for a shell script)
9 | //
10 | // The token can be transmitted in a header named `X-Gotify-Key`, in a query parameter named `token` or
11 | // through a header named `Authorization` with the value prefixed with `Bearer` (Ex. `Bearer randomtoken`).
12 | // There is also the possibility to authenticate through basic auth, this should only be used for creating a clientToken.
13 | //
14 | // \---
15 | //
16 | // Found a bug or have some questions? [Create an issue on GitHub](https://github.com/gotify/server/issues)
17 | //
18 | // Schemes: http, https
19 | // Host: localhost
20 | // Version: 2.0.2
21 | // License: MIT https://github.com/gotify/server/blob/master/LICENSE
22 | //
23 | // Consumes:
24 | // - application/json
25 | //
26 | // Produces:
27 | // - application/json
28 | //
29 | // SecurityDefinitions:
30 | // appTokenQuery:
31 | // type: apiKey
32 | // name: token
33 | // in: query
34 | // clientTokenQuery:
35 | // type: apiKey
36 | // name: token
37 | // in: query
38 | // appTokenHeader:
39 | // type: apiKey
40 | // name: X-Gotify-Key
41 | // in: header
42 | // clientTokenHeader:
43 | // type: apiKey
44 | // name: X-Gotify-Key
45 | // in: header
46 | // appTokenAuthorizationHeader:
47 | // type: apiKey
48 | // name: Authorization
49 | // in: header
50 | // description: >-
51 | // Enter an application token with the `Bearer` prefix, e.g. `Bearer Axxxxxxxxxx`.
52 | // clientTokenAuthorizationHeader:
53 | // type: apiKey
54 | // name: Authorization
55 | // in: header
56 | // description: >-
57 | // Enter a client token with the `Bearer` prefix, e.g. `Bearer Cxxxxxxxxxx`.
58 | // basicAuth:
59 | // type: basic
60 | //
61 | // swagger:meta
62 | package docs
63 |
--------------------------------------------------------------------------------
/docs/swagger.go:
--------------------------------------------------------------------------------
1 | package docs
2 |
3 | import (
4 | _ "embed"
5 | "strings"
6 |
7 | "github.com/gin-gonic/gin"
8 | "github.com/gotify/location"
9 | )
10 |
11 | //go:embed spec.json
12 | var spec string
13 |
14 | // Serve serves the documentation.
15 | func Serve(ctx *gin.Context) {
16 | base := location.Get(ctx).Host
17 | if basePathFromQuery := ctx.Query("base"); basePathFromQuery != "" {
18 | base = basePathFromQuery
19 | }
20 | ctx.Writer.WriteString(getSwaggerJSON(base))
21 | }
22 |
23 | func getSwaggerJSON(base string) string {
24 | return strings.Replace(spec, "localhost", base, 1)
25 | }
26 |
--------------------------------------------------------------------------------
/docs/swagger_test.go:
--------------------------------------------------------------------------------
1 | package docs
2 |
3 | import (
4 | "net/http/httptest"
5 | "net/url"
6 | "testing"
7 |
8 | "github.com/gin-gonic/gin"
9 | "github.com/gotify/server/v2/mode"
10 | "github.com/stretchr/testify/assert"
11 | )
12 |
13 | func TestServe(t *testing.T) {
14 | mode.Set(mode.TestDev)
15 | recorder := httptest.NewRecorder()
16 | ctx, _ := gin.CreateTestContext(recorder)
17 | withURL(ctx, "http", "example.com")
18 |
19 | ctx.Request = httptest.NewRequest("GET", "/swagger?base="+url.QueryEscape("127.0.0.1/proxy/"), nil)
20 |
21 | Serve(ctx)
22 |
23 | content := recorder.Body.String()
24 | assert.NotEmpty(t, content)
25 | assert.Contains(t, content, "127.0.0.1/proxy/")
26 | }
27 |
28 | func withURL(ctx *gin.Context, scheme, host string) {
29 | ctx.Set("location", &url.URL{Scheme: scheme, Host: host})
30 | }
31 |
--------------------------------------------------------------------------------
/docs/ui.go:
--------------------------------------------------------------------------------
1 | package docs
2 |
3 | import "github.com/gin-gonic/gin"
4 |
5 | var ui = `
6 |
7 |
8 |
9 |
10 |
11 | ( 30 | node: React.ComponentType
31 | ): React.ComponentType