Nice product - needs some fixes

[systemcrash]

I ran from docker compose

Problem 1: I could not get it to recognize my config, or its path. So I had to resort to using HAPPYDOMAIN_* ....

version: '3.5'
services:
    happydomain:
        ports:
            - '8081:8081'
        volumes:
            - ./config/happydomain.conf:/etc/happydomain.conf
            - ./var:/var/lib/happydomain:rw
        restart: always
        environment:
            - HAPPYDOMAIN_NO_AUTH=1
            - HAPPYDOMAIN_mail-smtp-host=redacted
            - HAPPYDOMAIN_mail-smtp-port=25
            - HAPPYDOMAIN_mail-from=noreply@redacted
            - HAPPYDOMAIN_LEVELDB_PATH=/var/lib/happydomain/db/
        image: happydomain/happydomain

Problem 2: even though I use noauth, I am forced to log in. WAT?

provide a bad JWT claims: signature is invalid

Some cookie problem? I want to permanently disable auth if I have to live with the below challenges.

I eventually got around this with firefox and destroyed local cookies for this site.

Problem 3: I also encountered this traceback, before mail server was configured:

sendmail: can't connect to remote host (127.0.0.1): Connection refused

 2023/02/22 23:43:50 [Recovery] 2023/02/22 - 23:43:50 panic recovered:
 runtime error: invalid memory address or nil pointer dereference
 /usr/local/go/src/text/template/exec.go:170 (0x85b4c4)
 /usr/local/go/src/runtime/panic.go:884 (0x435212)
 /usr/local/go/src/runtime/panic.go:260 (0x44ba7c)
 /usr/local/go/src/runtime/signal_unix.go:837 (0x44ba4c)
 /usr/local/go/src/mime/quotedprintable/writer.go:162 (0x74d6ab)
 /usr/local/go/src/mime/quotedprintable/writer.go:158 (0x74d644)
 /usr/local/go/src/mime/quotedprintable/writer.go:92 (0x74d344)
 /usr/local/go/src/mime/quotedprintable/writer.go:42 (0x74d136)
 /usr/local/go/src/fmt/print.go:263 (0x4f2994)
 /usr/local/go/src/text/template/exec.go:1032 (0x862fe4)
 /usr/local/go/src/text/template/exec.go:269 (0x85c00f)
 /usr/local/go/src/text/template/exec.go:280 (0x85c214)
 /usr/local/go/src/text/template/exec.go:224 (0x85b984)
 /usr/local/go/src/text/template/exec.go:207 (0xae78da)
 /drone/src/utils/mail.go:119 (0xae78db)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/writeto.go:277 (0x9dc9f1)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/writeto.go:115 (0x9db5d4)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/writeto.go:42 (0x9dae2f)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/writeto.go:17 (0x9dabd3)
 /drone/src/utils/mail_systemsendmail.go:63 (0xae823a)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/send.go:57 (0x9d92fb)
 /go/pkg/mod/github.com/go-mail/mail@v2.3.1+incompatible/send.go:38 (0x9d91c4)
 /drone/src/utils/mail_systemsendmail.go:80 (0xae8350)
 /drone/src/utils/mail.go:153 (0xae74ce)
 /drone/src/actions/users.go:72 (0xae8bcf)
 /drone/src/api/users.go:171 (0x12a7af4)
 /drone/src/api/users.go:55 (0x12a6284)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/context.go:174 (0x9c6de1)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/recovery.go:102 (0x9c6dcc)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/context.go:174 (0x9c5f06)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/logger.go:240 (0x9c5ee9)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/context.go:174 (0x9c4f8a)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/gin.go:620 (0x9c4c11)
 /go/pkg/mod/github.com/gin-gonic/gin@v1.9.0/gin.go:576 (0x9c473c)
 /usr/local/go/src/net/http/server.go:2936 (0x7bf9d5)
 /usr/local/go/src/net/http/server.go:1995 (0x7baef1)
 /usr/local/go/src/runtime/asm_amd64.s:1598 (0x4685e0)

Problem 4: your docs mention $XDG_CONFIG_HOME but what is its default? WARN[0000] The "XDG_CONFIG_HOME" variable is not set. Defaulting to a blank string.

I could not get any of the tried paths for config to work.

Problem 5: smtp TLS needs an option to DISABLE TLS - our email server has an old cert (certbot was broken by some DNS change...): unable to SendValidationLink in specialUserOperations: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2023-02-23T00:04:53Z is after 2021-11-23T12:12:21Z

Problem 6: I use fish, not sh - so this does not work: (cd ui; npm install)

Problem 7:

It is entirely unclear from the documentation, or the displayed information WHAT HAPPENS when someone registers. Do they register on your domain? On our private domain? Where is the information stored? internally? Unclear...

I have some weird midas touch. Whatever I touch or use, I trigger all bugs known and unknown...

Problem 8:

Other auth providers? how? which?

=======

Anyway, I like the product, and would like to use it more... Good work to get this far!

[systemcrash]

Fix for 6 in #5

[nemunaire]

Hi @systemcrash!

Thanks a lot for your deep review of our software, we still need to improve on some points but it's nice to hear about the difficulties you have encountered!

Problem 1

Environment variables need to be written in capital letters, with dashes replaced by underscores (to follow common env vars rules):

HAPPYDOMAIN_MAIL_SMTP_HOST=redacted

It needs clarification in the documentation.

Problem 4

$XDG_CONFIG_HOME is the standard way to look for configuration files in a desktop environment, it is generally ~/.config.

It is unclear to me where you can have encounter this WARN[0000] ... has this is not a log format we use.

In a typical Docker container this variable is not set anyway.

I need to investigate.

Problem 7

The service we host at https://happydomain.org/join is identical to program you have.

Each account have its own domains. An ACL system is currently being developed to allow a domain to be shared between several accounts.

Each happyDomain instances have its own database containing NS providers information and domains history.

Problem 8

We support external authentication providers that delivers JWT.

It's something we made long time ago so I don't remember all the details but it was designed in order to be compatible with Auth0 and the Ory suite.

Others problems

I'll investigate each point you mention. I think that our application has not yet been deployed in enough different configurations. We'll make sure to fix that together.

[nemunaire]

Problem 3

I was able to reproduce the panic with a Docker image built on the Docker infrastructure, but not with my build, nor with our CI build.

Could you please update the Docker image and test again? I disabled Docker autobuilds.

With the latest build, I have now:

sendmail: can't connect to remote host (127.0.0.1): Connection refused
[GIN] 2023/02/24 - 23:29:26 | 200 |  295.811257ms |      172.17.0.1 | POST     "/api/users"
2023/02/24 23:29:26 172.17.0.1: registers new user: test@pomail.fr

[nemunaire]

Problem 5

Should be fixed in e2e79346956e56953473fda6d7153900aa3d6f3a.

A new option is now available: -mail-smtp-tls-no-verify or HAPPYDOMAIN_MAIL_SMTP_TLS_NO_VERIFY

[systemcrash]

I think Prob 4 was docker trying to use global (host system) instead of the container var.

[systemcrash]

Problem 3

I was able to reproduce the panic with a Docker image built on the Docker infrastructure, but not with my build, nor with our CI build.

Could you please update the Docker image and test again? I disabled Docker autobuilds.

With the latest build, I have now:

sendmail: can't connect to remote host (127.0.0.1): Connection refused
[GIN] 2023/02/24 - 23:29:26 | 200 |  295.811257ms |      172.17.0.1 | POST     "/api/users"
2023/02/24 23:29:26 172.17.0.1: registers new user: test@pomail.fr

I will let you know if I encounter this again. So far so good.

[nemunaire]

Hi @systemcrash!

We are almost done here, the main point is to document how to use an external identity/authentication provider.

Could you test the new NO_AUTH behavior?

[systemcrash]

Could you test the new NO_AUTH behavior?

I just did a docker pull ... kill.... up -d without using your new tag there - seems improved!

I urge you to use Loopias svg logo available. https://www.loopia.com/assets/images/logos/logo-loopia.svg