balzack / databag Goto Github PK

363c591d3fb863b9f88b720521987a9a4d2b1ae3

Would it be possible for the admin and also for the users to show an indicator for the used space?

I've noticed my instance is forcing "https://" in front of the server address. I'm not able to login with "https://" in the address, but I can with subdoman.domain.com - But then I can't add any contacts because I can't change the default server in the contact list which has "https://" in the server address.

Can this be fixed please, and maybe add a function for address overrides. It would be nice to enter [email protected] and the server pulls up the profile directly that way, even if it's on another instance.

Thanks so much. Really liking what you've done so far.

You're having a great tool here, but there's no link to the github page inside the application.
Imho there should be a link to the github page and the main screan somewhere at the bottom, so it's not just in a vacuum.

I am see this error when I try to create accounts using a Create Account Link and use a complex password (it seems):

When I installed my test installation, I used much simpler passwords and did not have this problem.

When I set up my production install accounts, I was able to work around this and successfully create accounts by removing most of the special characters from the password.

I guess there's no harm (and good diagnostic info) in revealing that one of the passwords that would not work was: s9m/4Tu:sL@_nFf-. It was generated with a password manager. There was another that failed but unfortunately I don't have that any more.

A couple of weird things I noticed:

• the admin account I set up initially has a few of what I assume are similar problem characters
• as Admin, I can see the "failed" accounts in the list of users, even though they can't log in (I tried that too)

I think you should be able to reproduce this easily. Just ask if you want more info :)

I would love to see this project get an API for bot usage so a NodeRED or HomeAssistant (or whatever else) bots could use the messaging and notification systems of Databag. That way people wouldn't have to use Telegram or Discord and can stay on the self-hosted side of things.

As a user I want to be able to search for contacts on federated nodes that other users may have entered so I don't have to find the node name / server URL myself.

Would this help with the theming of the app ?

https://m3.material.io/

Cheers !

I checked the robots.txt file that this web app serves out of the box. It shows a blank value for Disallow: which I must admit I've never seen. From limited research, that seems to advise crawlers to index anything they can find (which is going to only be a login page...).

I wonder if that's the best default. It's not the one I want for my public installation anyway and I'm glad I checked.

Ideally, there would be a documented and simple way to change this. The Dockerfile could support an environment variable to toggle it between a restrictive default and a sensible permissive one. I'm happy to provide a PR when I have time if you agree.

I was able to change mine in the docker-compose to easily override the build's default:

volumes:
     - <my/host/directory>/robots.txt:/app/databag/net/web/build/robots.txt:ro

Perhaps at a minimum, this could be documented.

Edit: The docker-compose host robots.txt file referenced above should be created before you try this, else docker will create an empty host directory called robots.txt/ and then fail!

Very nice the project

I do not know if this is correct.
But for me on the IOS device the notifications do not work.
IOS 16.1.1
Databag Vers 1.16

Permission was vgergeben
Notification activated
App reinstalled

nothing works

When receiving messages on an Android device (Tested on a Google Pixel 7 Pro) no notification sounds play regardless of "Enable Notification Sounds" being toggled to the "ON" position within the app and app permissions being granted.

First of all, great project. I love how fast everything is.

Are there alternative clients, of means to post messages to a given topic?

I would find useful to be able to post and attach files from CLI for example.

Hello @balzack , thank you very much for this awesome project!
I would like to submit the request to have the URLs clickable/tappable within the conversation messages. At the moment users neither can select text to copy-paste links nor click them as hyperlink. Thanks again!

I see the option from a private browser window, but it shows a disabled cursor on hover. Can't find a setting to enable it in the UI as an admin. Is there a way to enable this?

Hello, thanks for this awesame script
i have two iphone one iPhone 14 pro with iOS 17 all notifications enabled and i have notifications
but in the second iphone XS with iOS 17 all notifcations enabled and i dont have any notifications.

thanks for the work

I'm unable to copy links or open them

can you check it out ?
Thanks !

Hey, I am trying to host this using docker and i followed the same instructions on that is given but when i enter the admin password it shows an error.I also tried re-deploying the container two times

I'm able to send and receive if the size is lower than 1MB otherwise it isn't send

• Docker version 0.1.2

Any idea ?

If I call from Computer to Mobile the answer button is hide (pic1)

If I call from mobile to computer and activate mobile camera I get this (pic2)

Thanks !!

Hi,

Sorry about opening a issue that is not really a issue. It looks like you're using SQLite correct? I've just deployed a new server and I'm loving databag. The only issue that I'm thinking about is: Is Databag scalable if I make my server public? Or it is intended to be used more for small communities/family?

Also, do you accept donations by any means? I would love do donate to this project!

Hello All,

I ma trying to login via android app available in google play and still getting "login failed". I am providing login with convention [email protected] and password created previously which working when login via web browser. Anyone help with this issue ?
Thank you!

I've send a gif on sealed topic and it doesn't play can you check it out ?

Also I can't navigate throw the images of the sealed topic always reload the same image

I think you can now bump the 1.0 version on future releases of databag and probably delete the older ones leaving the last one since a lot of things got fixed since 1 f-droid release.

https://developer.android.com/develop/ui/views/launch/icon_design_adaptive

UPDATED: As a server admin, I want the ability to review, and remove server nodes that my users may have entered when searching for contacts so as to keep the list clean and minimal.

Right now the users are recognized as "[email protected]"
If wide spread adoption is the goal, this will be confused with Email addresses very easily.

I suggest the use of another qualifier. Discord is getting rid of it's #, maybe that would be an idea?

Since privacy configured browsers will block the auto dark mode, I'm asking for a setting to enable it

Thanks ! All the best !

Shouldn't it be otherwise instead of othersize?

As a new user / administrator in Databag, I'd like a first run Walk Through to help highlight the various portions of interaction in the user interface, so I can quickly learn how to use Databag to it's fullest.

......to fix CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx

Wait on upstream: react-native-webrtc/react-native-webrtc#1480

I would love to try the Android app but do not have Google Play/Store/whatever on my phone, only f-droid. I don't particularly feel like working out how to build it either. (Well, I have had traumatic experiences in the past...)

Would you consider submitting a request for packaging to f-droid? Having it there might expose databag to some new users, too. Anyone can submit these, but I suspect you'll do the most complete job.

Cheers

Whilst there is a button to upload an image when sending a message, a useful feature i use many times is copy/paste an image into the chat window text field.

This feature can be found on many apps such as whatsapp, facebook messenger and telegram.

This would enhance the overall user experience.

The only way to see if Im getting a call is if I'm in this menu otherwise it won't show up the caller pop-pop

Thanks !

We find it a very good project.

Would it be possible to add the language German?

Say user A and user B are in a chat room(topic), A send a message 'Hello'. Does this message go through network directly to B or it goes first to some server(owned by databag or anyone, but not me), then to B?

First and foremost thank you for this awesome open source project, its really nice to see other people also trying to break out from the bigtech services!

In the README you mention the requirement for DNS and SSL. Do you know about UDP Hole Punching and have you considered, adding it as an alternative node2node communication method? E.g. via udp hole punching a databag node could be run on a normal consumer pc, without a static port :).

If I send a picture inside the app it works,
If I send a picture from gallery share button, it opens databag but doesn't open the chat selection to be able to send the message

logcat.txt

Thanks !

When creating a new user account from the admin panel, occasionally the "copy" button for the Browser Link and App Token won't actually copy the text displayed.

Hi

Project sounds interesting. I love that it's lightweight (somewhat) and that it can run on a RPI. i've been searching for something like this built in GO for a while.

Some security considerations, i didn't do a full audit or exploration (seems to avoid basic XSS at the moment)
Wouldn't it be better to somehow obfuscate the admin page/button? And instead use an admin user which is generated and chosen BY the user upon init. This will avoid brute force attacks.

As for the docker, you could use a multistage build. This will make the docker size smaller and will only copy the resulted binary and website instead of the whole sourcecode and nodejs libs which are probably not usefull.
https://docs.docker.com/build/building/multi-stage/

Nice job!

F-droid app seems to still have a dependency from google store can you confirm that?

Thanks !

Hi there,

This glitch seems to be a bit annoying for most people using Databag on a web browser (desktop).

When you are typing, after you use "enter" to send the message, you need to click on the text field again to type. Here is a video showing the issue:
https://github.com/balzack/databag/assets/49214136/19c71913-164c-425c-8930-6e40cf5fc106

As a user I would like to easily begin a direct message with another user instead of creating a special topic just for that user.

Suggested workflow:

1. Show a persistent button (icon) on the right end of the users list (left of the other icons) that would start a DM. This works best for both mobile and desktop.

I've just cross throw the f-droid repo build comments, if it isn't possible yet to add it to f-droid store repo (they're rigorous) make your own until then

https://f-droid.org/docs/Setup_an_F-Droid_App_Repo/ (Updated)

you can omit the sudo add-apt-repository ppa:guardianproject/ppa

Cheers !

Hi, thanks for that cool app. I want to self-host it in my casaos, but I can't figure out how to login in the Android app with the account I created on the browser. I just want it to work in my home network (+vpn) so I haven't made any proxy configurations and stuff like that. Soory if that question is bothersome I'm a complete beginner in selfhosting.

I'm pretty tech savvy and it was not clear at all how to login to my server from the iOS app.

For any looking for the answer to this you login with your [email protected], with no http/https in front.

I don't know why the way to login would be [email protected] and the placeholder text says username / server, think this needs to be fixed for people to be able to use the app.

1. After creating account it freezes and after several times loading button stopes (but account seems created
   Logs:

[ip] - - [12/Oct/2023:14:32:51 +0300] "GET /admin/accounts?token=... HTTP/1.1" 200 2 "-" "okhttp/4.9.2"
                                                                                             [ip] - - [12/Oct/2023:14:34:00 +0300] "POST /admin/accounts?token=... HTTP/1.1" 200 14 "-" "okhttp/4.9.2"
                                                                                           [ip] - - [12/Oct/2023:14:35:01 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
                                                                                                 [ip] - - [12/Oct/2023:14:35:03 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
                                                                                                 [ip] - - [12/Oct/2023:14:35:06 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
                                                                                                 [ip] - - [12/Oct/2023:14:35:06 +0300] "GET /account/username?token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2"                                                                               [ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/available HTTP/1.1" 200 1 "-" "okhttp/4.9.2"
                                                                                                 [ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/username?token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2"               
                                                                [ip] - - [12/Oct/2023:14:35:16 +0300] "GET /account/username?name=doesnm&token=... HTTP/1.1" 200 4 "-" "okhttp/4.9.2"        
                                                           [ip] - - [12/Oct/2023:14:37:11 +0300] "POST /account/profile?token=... HTTP/1.1" 504 167 "-" "okhttp/4.9.2"

Upd: found another log

2023/10/12 14:41:25 [error] 5368#100085: *98 upstream timed out (60: Operation timed out) while reading response header from upstream, client: [ip], server: databag.doesnm.cc, request: "POST /account/profile?token=1050a3b8e1f7 HTTP/1.1", upstream: "http://10.0.0.2:7000/account/profile?token=...", host: "databag.doesnm.cc"

Databag hosted on my onboard with reverse proxy on nginx
On second attempt i can login to account
But it show me as disconnected
In logs i see spam of /status?mode=ring that responses 400 Bad Request
And Just question: where i should place web client file for showing it in databag (im creating user and manage admin from smartphone)

Is there any way to add E2E encryption for photos/videos? I did a test and once i added a photo in a topic I'm able to look on the server side and rename the file to filename.JPG and im able to see the photo.

I've notice this in the logs

2023/12/03 02:59:44 GET /signal Signal 25.301837604s

2023/12/03 03:01:10 POST /talk/calls?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 AddCall 15.218869ms

2023/12/03 03:01:10 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:14 /internal/api_setPushEvent.go:82 failed to push notification

2023/12/03 03:01:14 POST /talk/rings?contact=e90f5f147ad1bbef5a02988548833335109bda8c340faa6e77bd68e93a87decf.b5d8009179f61097fbee5b5c12c32322 AddRing 4.314497738s

2023/12/03 03:01:16 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:19 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:20 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:22 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:24 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:31 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 13.625111ms

2023/12/03 03:01:31 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 20.024643ms

2023/12/03 03:01:31 /internal/api_signal.go:48 websocket: close 1005 (no status)

2023/12/03 03:01:31 GET /signal?mode=ring Signal 15.882425585s

2023/12/03 03:01:31 PUT /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 KeepCall 2.811827ms

2023/12/03 03:01:31 /internal/api_setPushEvent.go:78 Post "null": unsupported protocol scheme ""

2023/12/03 03:01:35 DELETE /talk/calls/3136ccb3-cc0a-4377-9dd2-063cbbb40ebf?agent=76a2052d7e61f1c9cdd3e71dcd408a0d032483a04dc5095c49efecde6cc2ae57.9c9eb0fab98bdff69f7f71fec699bbe8 EndCall 1.168192ms

All is working, but the Post "null": unsupported protocol scheme "" didn't appear before

I guess, if it is possible to get a token for using this skope from put another script or the commandline.

I see, admin token is security hazzard. But in some way, it had to been created once.

The usecase is to create a first login link without activity by the admin him/her self.

When messaging within a conversation with a non-local peer, sometimes images or text messages will no longer be within the senders view. The messages will sometimes show within preview on the main topics page, but will not be present within the conversation body. My non-local peer also had the same issue with a conversation hosted on my server, but I had the full conversation. I haven't checked to see if this occurs within users on the same server, but i'd wager it doesn't.