lone-cloud/prism
0
0
Fork 0
mirror of https://github.com/lone-cloud/prism synced 2026-06-03 08:43:10 -07:00
Code Issues Projects Releases Packages Wiki Activity

the docker battle continues + more clean up

Browse source
This commit is contained in:
Egor 2026-01-18 15:06:43 -08:00
parent 1b4f1e9d0c
commit 00b8e35570
5 changed files with 15 additions and 180 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -110,7 +110,7 @@ bun install
Then build and run with docker-compose.dev.yml:
```bash
docker compose -f docker-compose.dev.yml --profile protonmail up -d
docker compose --profile protonmail -f docker-compose.dev.yml up -d
```
Or run services directly with Bun:

52
android/README.md
View file

@ -1,52 +0,0 @@
# SUP Android App
UnifiedPush distributor that routes notifications through Signal.
## Setup for Development in VS Code
### Prerequisites
1. **Install Android SDK** (via Android Studio or command line tools)
2. **Install Java 17+**: `sudo pacman -S jdk17-openjdk`
3. **Set environment variables** in `~/.zshrc`:
```bash
export ANDROID_HOME=$HOME/Android/Sdk
export PATH=$PATH:$ANDROID_HOME/platform-tools:$ANDROID_HOME/cmdline-tools/latest/bin
```
### Generate Gradle Wrapper (First Time)
```bash
cd android
# Download gradle temporarily
wget https://services.gradle.org/distributions/gradle-8.2-bin.zip
unzip gradle-8.2-bin.zip
./gradle-8.2/bin/gradle wrapper --gradle-version 8.2
rm -rf gradle-8.2 gradle-8.2-bin.zip
# Make wrapper executable
chmod +x gradlew
```
### Build in VS Code
Use **Ctrl+Shift+B** or run tasks from Command Palette:
- `Android: Build Debug APK`
- `Android: Install Debug APK`
- `Android: View Logs (Logcat)`
### Manual Commands
```bash
cd android
./gradlew assembleDebug # Build
./gradlew installDebug # Install
adb logcat -s SUP:* # View logs
```
```bash
cd android
# Use Android Studio or command line to create new Android project
```

96
android/RELEASE.md
View file

@ -1,96 +0,0 @@
# Android Release Signing
## GitHub Actions Setup (Recommended)
Push a tag to auto-build and release:
```bash
git tag v0.1.0
git push origin v0.1.0
```
**Required GitHub secrets:**
- `KEYSTORE_BASE64`: Run `base64 -w 0 android/release.keystore` and paste output
- `KEYSTORE_PASSWORD`: Your keystore password from `.env`
## Manual Release (Local)
### Generate Signing Key (First Time Only)
```bash
# Generate random passwords
STORE_PASS=$(openssl rand -base64 32)
KEY_PASS=$(openssl rand -base64 32)
# Create keystore (use fake info for CN, OU, O, L, ST, C - it's publicly visible in APKs)
keytool -genkey -v \
-keystore android/release.keystore \
-alias sup-release \
-keyalg RSA \
-keysize 4096 \
-validity 10000 \
-storepass "$STORE_PASS" \
-keypass "$KEY_PASS"
# Output passwords to save to .env
echo ""
echo "Add to .env (gitignored):"
echo "KEYSTORE_FILE=./android/release.keystore"
echo "KEYSTORE_PASSWORD=$STORE_PASS"
echo "KEY_ALIAS=sup-release"
echo "KEY_PASSWORD=$KEY_PASS"
```
## Get Certificate Fingerprint
For Obtainium/F-Droid verification:
```bash
keytool -list -v \
-keystore android/release.keystore \
-alias sup-release \
| grep "SHA256:"
```
Save this fingerprint - users will verify it in Obtainium to ensure APK authenticity.
## Build Signed Release
```bash
# Load env vars
source .env
# Build
bun run build:android
```
Output will be at: `android/app/build/outputs/apk/release/app-release.apk`
## GitHub Release Process
1. Build signed APK: `bun run build:android`
2. Create GitHub release with tag (e.g., `v0.1.0`)
3. Upload `app-release.apk`
4. Include SHA256 hash and certificate fingerprint in release notes
5. Users can install via:
- **Obtainium**: Add repo URL, verify certificate fingerprint
- **Direct**: Download APK, verify SHA256, install
## Obtainium Setup for Users
1. Install Obtainium from F-Droid
2. Add app: `https://github.com/yourusername/sup`
3. Verify certificate fingerprint matches published value
4. Auto-updates on new GitHub releases
## Reproducible Builds
Dependency lockfile committed: `android/gradle.lockfile`
To update dependencies:
```bash
cd android
./gradlew dependencies --write-locks
git add gradle.lockfile
git commit -m "Update Android dependencies"
```

5
server/Dockerfile
View file

@ -13,10 +13,11 @@ FROM alpine:3.23
ARG SIGNAL_CLI_VERSION=0.13.22
RUN apk add --no-cache openjdk21-jre curl libstdc++ libgcc
RUN apk add --no-cache openjdk21-jre curl libstdc++ libgcc gcompat
RUN curl -L https://github.com/AsamK/signal-cli/releases/download/v${SIGNAL_CLI_VERSION}/signal-cli-${SIGNAL_CLI_VERSION}.tar.gz | tar xz -C /tmp \
&& mv /tmp/signal-cli-${SIGNAL_CLI_VERSION} /usr/local/signal-cli
&& mv /tmp/signal-cli-${SIGNAL_CLI_VERSION} /usr/local/signal-cli \
&& chmod +x /usr/local/signal-cli/bin/signal-cli
COPY --from=builder /app/sup-server /usr/local/bin/sup-server

40
server/modules/protonmail.ts
View file

@ -23,22 +23,15 @@ export async function startProtonMonitor() {
logInfo(`🔗 Connecting to Proton Bridge at ${PROTON_BRIDGE_HOST}:${PROTON_BRIDGE_PORT}`);
logInfo(`📨 Monitoring mailbox: ${BRIDGE_IMAP_USERNAME}`);
let imap: Imap;
try {
imap = new Imap({
user: BRIDGE_IMAP_USERNAME,
password: BRIDGE_IMAP_PASSWORD,
host: PROTON_BRIDGE_HOST,
port: PROTON_BRIDGE_PORT,
tls: true,
tlsOptions: { rejectUnauthorized: false },
keepalive: true,
});
} catch (err) {
logError('❌ Failed to initialize IMAP client:', err);
logWarn('⚠️ ProtonMail integration disabled (bridge not reachable)');
return;
}
const imap = new Imap({
user: BRIDGE_IMAP_USERNAME,
password: BRIDGE_IMAP_PASSWORD,
host: PROTON_BRIDGE_HOST,
port: PROTON_BRIDGE_PORT,
tls: true,
tlsOptions: { rejectUnauthorized: false },
keepalive: true,
});
async function sendNotification(title: string, message: string) {
try {
@ -112,21 +105,10 @@ export async function startProtonMonitor() {
imap.once('end', () => {
logVerbose('⚠️ IMAP connection ended, reconnecting...');
setTimeout(() => {
try {
imap.connect();
} catch (err) {
logError('❌ Failed to reconnect:', err);
}
}, 5000);
setTimeout(() => imap.connect(), 5000);
});
try {
imap.connect();
} catch (err) {
logError('❌ Failed to connect to Proton Bridge:', err);
logWarn('⚠️ ProtonMail integration disabled');
}
imap.connect();
process.on('SIGTERM', () => {
imap.end();