balzack / databag Goto Github PK
View Code? Open in Web Editor NEWfast & lightweight self-hosted messenger
License: Apache License 2.0
fast & lightweight self-hosted messenger
License: Apache License 2.0
As a user I want to be able to search for contacts on federated nodes that other users may have entered so I don't have to find the node name / server URL myself.
Right now the users are recognized as "[email protected]"
If wide spread adoption is the goal, this will be confused with Email addresses very easily.
I suggest the use of another qualifier. Discord is getting rid of it's #, maybe that would be an idea?
Hey, I am trying to host this using docker and i followed the same instructions on that is given but when i enter the admin password it shows an error.I also tried re-deploying the container two times
I see the option from a private browser window, but it shows a disabled cursor on hover. Can't find a setting to enable it in the UI as an admin. Is there a way to enable this?
I've noticed my instance is forcing "https://" in front of the server address. I'm not able to login with "https://" in the address, but I can with subdoman.domain.com - But then I can't add any contacts because I can't change the default server in the contact list which has "https://" in the server address.
Can this be fixed please, and maybe add a function for address overrides. It would be nice to enter [email protected] and the server pulls up the profile directly that way, even if it's on another instance.
Thanks so much. Really liking what you've done so far.
When messaging within a conversation with a non-local peer, sometimes images or text messages will no longer be within the senders view. The messages will sometimes show within preview on the main topics page, but will not be present within the conversation body. My non-local peer also had the same issue with a conversation hosted on my server, but I had the full conversation. I haven't checked to see if this occurs within users on the same server, but i'd wager it doesn't.
As a new user / administrator in Databag, I'd like a first run Walk Through to help highlight the various portions of interaction in the user interface, so I can quickly learn how to use Databag to it's fullest.
First of all, great project. I love how fast everything is.
Are there alternative clients, of means to post messages to a given topic?
I would find useful to be able to post and attach files from CLI for example.
Shouldn't it be otherwise
instead of othersize
?
If I send a picture inside the app it works,
If I send a picture from gallery share button, it opens databag but doesn't open the chat selection to be able to send the message
Thanks !
I would love to try the Android app but do not have Google Play/Store/whatever on my phone, only f-droid. I don't particularly feel like working out how to build it either. (Well, I have had traumatic experiences in the past...)
Would you consider submitting a request for packaging to f-droid? Having it there might expose databag to some new users, too. Anyone can submit these, but I suspect you'll do the most complete job.
Cheers
I am see this error when I try to create accounts using a Create Account Link and use a complex password (it seems):
When I installed my test installation, I used much simpler passwords and did not have this problem.
When I set up my production install accounts, I was able to work around this and successfully create accounts by removing most of the special characters from the password.
I guess there's no harm (and good diagnostic info) in revealing that one of the passwords that would not work was: s9m/4Tu:sL@_nFf-
. It was generated with a password manager. There was another that failed but unfortunately I don't have that any more.
A couple of weird things I noticed:
I think you should be able to reproduce this easily. Just ask if you want more info :)
As a user I would like to easily begin a direct message with another user instead of creating a special topic just for that user.
Suggested workflow:
Would it be possible for the admin and also for the users to show an indicator for the used space?
I think you can now bump the 1.0 version on future releases of databag and probably delete the older ones leaving the last one since a lot of things got fixed since 1 f-droid release.
I've just cross throw the f-droid repo build comments, if it isn't possible yet to add it to f-droid store repo (they're rigorous) make your own until then
https://f-droid.org/docs/Setup_an_F-Droid_App_Repo/ (Updated)
you can omit the sudo add-apt-repository ppa:guardianproject/ppa
Cheers !
I would love to see this project get an API for bot usage so a NodeRED or HomeAssistant (or whatever else) bots could use the messaging and notification systems of Databag. That way people wouldn't have to use Telegram or Discord and can stay on the self-hosted side of things.
I'm pretty tech savvy and it was not clear at all how to login to my server from the iOS app.
For any looking for the answer to this you login with your [email protected], with no http/https in front.
I don't know why the way to login would be [email protected] and the placeholder text says username / server, think this needs to be fixed for people to be able to use the app.
Hi there,
This glitch seems to be a bit annoying for most people using Databag on a web browser (desktop).
When you are typing, after you use "enter" to send the message, you need to click on the text field again to type. Here is a video showing the issue:
https://github.com/balzack/databag/assets/49214136/19c71913-164c-425c-8930-6e40cf5fc106
Hello, thanks for this awesame script
i have two iphone one iPhone 14 pro with iOS 17 all notifications enabled and i have notifications
but in the second iphone XS with iOS 17 all notifcations enabled and i dont have any notifications.
thanks for the work
I'm able to send and receive if the size is lower than 1MB otherwise it isn't send
Any idea ?
You're having a great tool here, but there's no link to the github page inside the application.
Imho there should be a link to the github page and the main screan somewhere at the bottom, so it's not just in a vacuum.
I guess, if it is possible to get a token for using this skope from put another script or the commandline.
I see, admin token is security hazzard. But in some way, it had to been created once.
The usecase is to create a first login link without activity by the admin him/her self.
First and foremost thank you for this awesome open source project, its really nice to see other people also trying to break out from the bigtech services!
In the README you mention the requirement for DNS and SSL. Do you know about UDP Hole Punching and have you considered, adding it as an alternative node2node communication method? E.g. via udp hole punching a databag node could be run on a normal consumer pc, without a static port :).
I'm unable to copy links or open them
can you check it out ?
Thanks !
Hi, thanks for that cool app. I want to self-host it in my casaos, but I can't figure out how to login in the Android app with the account I created on the browser. I just want it to work in my home network (+vpn) so I haven't made any proxy configurations and stuff like that. Soory if that question is bothersome I'm a complete beginner in selfhosting.
Hello @balzack , thank you very much for this awesome project!
I would like to submit the request to have the URLs clickable/tappable within the conversation messages. At the moment users neither can select text to copy-paste links nor click them as hyperlink. Thanks again!
UPDATED: As a server admin, I want the ability to review, and remove server nodes that my users may have entered when searching for contacts so as to keep the list clean and minimal.
Say user A and user B are in a chat room(topic), A send a message 'Hello'. Does this message go through network directly to B or it goes first to some server(owned by databag or anyone, but not me), then to B?
Hello All,
I ma trying to login via android app available in google play and still getting "login failed". I am providing login with convention [email protected] and password created previously which working when login via web browser. Anyone help with this issue ?
Thank you!
Since privacy configured browsers will block the auto dark mode, I'm asking for a setting to enable it
Thanks ! All the best !
Hi
Project sounds interesting. I love that it's lightweight (somewhat) and that it can run on a RPI. i've been searching for something like this built in GO for a while.
Some security considerations, i didn't do a full audit or exploration (seems to avoid basic XSS at the moment)
Wouldn't it be better to somehow obfuscate the admin page/button? And instead use an admin user which is generated and chosen BY the user upon init. This will avoid brute force attacks.
As for the docker, you could use a multistage build. This will make the docker size smaller and will only copy the resulted binary and website instead of the whole sourcecode and nodejs libs which are probably not usefull.
https://docs.docker.com/build/building/multi-stage/
Nice job!
363c591d3fb863b9f88b720521987a9a4d2b1ae3
When receiving messages on an Android device (Tested on a Google Pixel 7 Pro) no notification sounds play regardless of "Enable Notification Sounds" being toggled to the "ON" position within the app and app permissions being granted.
[ip] - - [12/Oct/2023:14:32:51 +0300] "GET /admin/accounts?token=... HTTP/1.1" 200 2 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:34:00 +0300] "POST /admin/accounts?token=... HTTP/1.1" 200 14 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:01 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:03 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:06 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:06 +0300] "GET /account/username?token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2" [ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/username?token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/username?name=doesnm&token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2"
[ip] - - [12/Oct/2023:14:37:11 +0300] "POST /account/profile?token=... HTTP/1.1" 504 167 "-" "okhttp/4.9.2"
Upd: found another log
2023/10/12 14:41:25 [error] 5368#100085: *98 upstream timed out (60: Operation timed out) while reading response header from upstream, client: [ip], server: databag.doesnm.cc, request: "POST /account/profile?token=1050a3b8e1f7 HTTP/1.1", upstream: "http://10.0.0.2:7000/account/profile?token=...", host: "databag.doesnm.cc"
Databag hosted on my onboard with reverse proxy on nginx
On second attempt i can login to account
But it show me as disconnected
In logs i see spam of /status?mode=ring
that responses 400 Bad Request
And Just question: where i should place web client file for showing it in databag (im creating user and manage admin from smartphone)
Hi,
Sorry about opening a issue that is not really a issue. It looks like you're using SQLite correct? I've just deployed a new server and I'm loving databag. The only issue that I'm thinking about is: Is Databag scalable if I make my server public? Or it is intended to be used more for small communities/family?
Also, do you accept donations by any means? I would love do donate to this project!
I've notice this in the logs
2023/12/03 02:59:44 GET /signal Signal 25.301837604s
2023/12/03 03:01:10 POST /talk/calls?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 AddCall 15.218869ms
2023/12/03 03:01:10 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:14 /internal/api_setPushEvent.go:82 failed to push notification
2023/12/03 03:01:14 POST /talk/rings?contact=e90f5f147ad1bbef5a02988548833335109bda8c340faa6e77bd68e93a87decf.b5d8009179f61097fbee5b5c12c32322 AddRing 4.314497738s
2023/12/03 03:01:16 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:19 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:20 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:22 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:24 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:31 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 13.625111ms
2023/12/03 03:01:31 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 20.024643ms
2023/12/03 03:01:31 /internal/api_signal.go:48 websocket: close 1005 (no status)
2023/12/03 03:01:31 GET /signal?mode=ring Signal 15.882425585s
2023/12/03 03:01:31 PUT /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 KeepCall 2.811827ms
2023/12/03 03:01:31 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""
2023/12/03 03:01:35 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 1.168192ms
All is working, but the Post "null": unsupported protocol scheme "" didn't appear before
......to fix CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx
Wait on upstream: react-native-webrtc/react-native-webrtc#1480
I checked the robots.txt
file that this web app serves out of the box. It shows a blank value for Disallow:
which I must admit I've never seen. From limited research, that seems to advise crawlers to index anything they can find (which is going to only be a login page...).
I wonder if that's the best default. It's not the one I want for my public installation anyway and I'm glad I checked.
Ideally, there would be a documented and simple way to change this. The Dockerfile
could support an environment variable to toggle it between a restrictive default and a sensible permissive one. I'm happy to provide a PR when I have time if you agree.
I was able to change mine in the docker-compose to easily override the build's default:
volumes:
- <my/host/directory>/robots.txt:/app/databag/net/web/build/robots.txt:ro
Perhaps at a minimum, this could be documented.
Edit: The docker-compose host robots.txt
file referenced above should be created before you try this, else docker will create an empty host directory called robots.txt/
and then fail!
I've send a gif on sealed topic and it doesn't play can you check it out ?
Also I can't navigate throw the images of the sealed topic always reload the same image
We find it a very good project.
Would it be possible to add the language German?
Very nice the project
I do not know if this is correct.
But for me on the IOS device the notifications do not work.
IOS 16.1.1
Databag Vers 1.16
Permission was vgergeben
Notification activated
App reinstalled
nothing works
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.