From 00b8e355705dee869f1ed9b5504b5b184da3c7ac Mon Sep 17 00:00:00 2001 From: Egor Date: Sun, 18 Jan 2026 15:06:43 -0800 Subject: [PATCH] the docker battle continues + more clean up --- README.md | 2 +- android/README.md | 52 ------------------- android/RELEASE.md | 96 ------------------------------------ server/Dockerfile | 5 +- server/modules/protonmail.ts | 40 +++++---------- 5 files changed, 15 insertions(+), 180 deletions(-) delete mode 100644 android/README.md delete mode 100644 android/RELEASE.md diff --git a/README.md b/README.md index 6985172..3966f89 100644 --- a/README.md +++ b/README.md @@ -110,7 +110,7 @@ bun install Then build and run with docker-compose.dev.yml: ```bash -docker compose -f docker-compose.dev.yml --profile protonmail up -d +docker compose --profile protonmail -f docker-compose.dev.yml up -d ``` Or run services directly with Bun: diff --git a/android/README.md b/android/README.md deleted file mode 100644 index 0b73e54..0000000 --- a/android/README.md +++ /dev/null @@ -1,52 +0,0 @@ -# SUP Android App - -UnifiedPush distributor that routes notifications through Signal. - -## Setup for Development in VS Code - -### Prerequisites - -1. **Install Android SDK** (via Android Studio or command line tools) -2. **Install Java 17+**: `sudo pacman -S jdk17-openjdk` -3. **Set environment variables** in `~/.zshrc`: - ```bash - export ANDROID_HOME=$HOME/Android/Sdk - export PATH=$PATH:$ANDROID_HOME/platform-tools:$ANDROID_HOME/cmdline-tools/latest/bin - ``` - -### Generate Gradle Wrapper (First Time) - -```bash -cd android - -# Download gradle temporarily -wget https://services.gradle.org/distributions/gradle-8.2-bin.zip -unzip gradle-8.2-bin.zip -./gradle-8.2/bin/gradle wrapper --gradle-version 8.2 -rm -rf gradle-8.2 gradle-8.2-bin.zip - -# Make wrapper executable -chmod +x gradlew -``` - -### Build in VS Code - -Use **Ctrl+Shift+B** or run tasks from Command Palette: -- `Android: Build Debug APK` -- `Android: Install Debug APK` -- `Android: View Logs (Logcat)` - -### Manual Commands - -```bash -cd android -./gradlew assembleDebug # Build -./gradlew installDebug # Install -adb logcat -s SUP:* # View logs -``` - - -```bash -cd android -# Use Android Studio or command line to create new Android project -``` diff --git a/android/RELEASE.md b/android/RELEASE.md deleted file mode 100644 index 6a65849..0000000 --- a/android/RELEASE.md +++ /dev/null @@ -1,96 +0,0 @@ -# Android Release Signing - -## GitHub Actions Setup (Recommended) - -Push a tag to auto-build and release: - -```bash -git tag v0.1.0 -git push origin v0.1.0 -``` - -**Required GitHub secrets:** -- `KEYSTORE_BASE64`: Run `base64 -w 0 android/release.keystore` and paste output -- `KEYSTORE_PASSWORD`: Your keystore password from `.env` - -## Manual Release (Local) - -### Generate Signing Key (First Time Only) - -```bash -# Generate random passwords -STORE_PASS=$(openssl rand -base64 32) -KEY_PASS=$(openssl rand -base64 32) - -# Create keystore (use fake info for CN, OU, O, L, ST, C - it's publicly visible in APKs) -keytool -genkey -v \ - -keystore android/release.keystore \ - -alias sup-release \ - -keyalg RSA \ - -keysize 4096 \ - -validity 10000 \ - -storepass "$STORE_PASS" \ - -keypass "$KEY_PASS" - -# Output passwords to save to .env -echo "" -echo "Add to .env (gitignored):" -echo "KEYSTORE_FILE=./android/release.keystore" -echo "KEYSTORE_PASSWORD=$STORE_PASS" -echo "KEY_ALIAS=sup-release" -echo "KEY_PASSWORD=$KEY_PASS" -``` - -## Get Certificate Fingerprint - -For Obtainium/F-Droid verification: - -```bash -keytool -list -v \ - -keystore android/release.keystore \ - -alias sup-release \ - | grep "SHA256:" -``` - -Save this fingerprint - users will verify it in Obtainium to ensure APK authenticity. - -## Build Signed Release - -```bash -# Load env vars -source .env - -# Build -bun run build:android -``` - -Output will be at: `android/app/build/outputs/apk/release/app-release.apk` - -## GitHub Release Process - -1. Build signed APK: `bun run build:android` -2. Create GitHub release with tag (e.g., `v0.1.0`) -3. Upload `app-release.apk` -4. Include SHA256 hash and certificate fingerprint in release notes -5. Users can install via: - - **Obtainium**: Add repo URL, verify certificate fingerprint - - **Direct**: Download APK, verify SHA256, install - -## Obtainium Setup for Users - -1. Install Obtainium from F-Droid -2. Add app: `https://github.com/yourusername/sup` -3. Verify certificate fingerprint matches published value -4. Auto-updates on new GitHub releases - -## Reproducible Builds - -Dependency lockfile committed: `android/gradle.lockfile` - -To update dependencies: -```bash -cd android -./gradlew dependencies --write-locks -git add gradle.lockfile -git commit -m "Update Android dependencies" -``` diff --git a/server/Dockerfile b/server/Dockerfile index 238dffa..e32e94f 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -13,10 +13,11 @@ FROM alpine:3.23 ARG SIGNAL_CLI_VERSION=0.13.22 -RUN apk add --no-cache openjdk21-jre curl libstdc++ libgcc +RUN apk add --no-cache openjdk21-jre curl libstdc++ libgcc gcompat RUN curl -L https://github.com/AsamK/signal-cli/releases/download/v${SIGNAL_CLI_VERSION}/signal-cli-${SIGNAL_CLI_VERSION}.tar.gz | tar xz -C /tmp \ - && mv /tmp/signal-cli-${SIGNAL_CLI_VERSION} /usr/local/signal-cli + && mv /tmp/signal-cli-${SIGNAL_CLI_VERSION} /usr/local/signal-cli \ + && chmod +x /usr/local/signal-cli/bin/signal-cli COPY --from=builder /app/sup-server /usr/local/bin/sup-server diff --git a/server/modules/protonmail.ts b/server/modules/protonmail.ts index 6c25bde..3c9b93f 100644 --- a/server/modules/protonmail.ts +++ b/server/modules/protonmail.ts @@ -23,22 +23,15 @@ export async function startProtonMonitor() { logInfo(`🔗 Connecting to Proton Bridge at ${PROTON_BRIDGE_HOST}:${PROTON_BRIDGE_PORT}`); logInfo(`📨 Monitoring mailbox: ${BRIDGE_IMAP_USERNAME}`); - let imap: Imap; - try { - imap = new Imap({ - user: BRIDGE_IMAP_USERNAME, - password: BRIDGE_IMAP_PASSWORD, - host: PROTON_BRIDGE_HOST, - port: PROTON_BRIDGE_PORT, - tls: true, - tlsOptions: { rejectUnauthorized: false }, - keepalive: true, - }); - } catch (err) { - logError('❌ Failed to initialize IMAP client:', err); - logWarn('⚠️ ProtonMail integration disabled (bridge not reachable)'); - return; - } + const imap = new Imap({ + user: BRIDGE_IMAP_USERNAME, + password: BRIDGE_IMAP_PASSWORD, + host: PROTON_BRIDGE_HOST, + port: PROTON_BRIDGE_PORT, + tls: true, + tlsOptions: { rejectUnauthorized: false }, + keepalive: true, + }); async function sendNotification(title: string, message: string) { try { @@ -112,21 +105,10 @@ export async function startProtonMonitor() { imap.once('end', () => { logVerbose('⚠️ IMAP connection ended, reconnecting...'); - setTimeout(() => { - try { - imap.connect(); - } catch (err) { - logError('❌ Failed to reconnect:', err); - } - }, 5000); + setTimeout(() => imap.connect(), 5000); }); - try { - imap.connect(); - } catch (err) { - logError('❌ Failed to connect to Proton Bridge:', err); - logWarn('⚠️ ProtonMail integration disabled'); - } + imap.connect(); process.on('SIGTERM', () => { imap.end();