templates | ||
go.mod | ||
main.go | ||
README.md |
Emojiquest
Are your users often asking you to add a new emoji on your instance, and you keep forgetting to add them? Then Emojiquest might be the answer for you!
It's a simple web service on which users can submit an emoji request with the shortcode the emoji should have (helping you to name emoji) and the URL for the image that should be used as emoji. No registration required!
Installation
I will likely not provide binary because I can't be bothered to support all architecture, sorry.
However, it's made purely in Go, it's a breeze to install and compile.
You can get Go from the Go download page.
Clone this repository and run go build
to generate the binary.
The following systemd unit (/lib/systemd/system/emojiquest.service
) is enough to have it run as a service:
[Unit]
Description=emojiquest
[Service]
Type=simple
Restart=always
RestartSec=5s
# change path to your relevant binary location
ExecStart=/opt/emojiquest -listen [::1]:8090 -requests /srv/emojiquest/requests.txt
WorkingDirectory=/srv/emojiquest/
ReadWritePaths=/srv/emojiquest/
DynamicUser=yes
[Install]
WantedBy=multi-user.target
Create the file that will hold all the request, and its parent directory:
mkdir /srv/emojiquest/
chown root:root /srv/emojiquest/
touch /srv/emojiquest/requests.txt
chmod 777 /srv/emojiquest/requests.txt
And start the service with systemctl enable --now emojiquest.service
Configuring reverse proxy or leaving the service open on the internet is left at the reader discretion.
Security And Safety Concerns
The software is given without any warranty, run it at your own risk and liability.
No special measures are made to protect the service and its runtime.
Tho its side effects are very little and easy to audit (read the file main.go
).
Actions are appened-only, no deletion is ever done.
With systemd sandboxing the service has barely no surface to mess with the system but its own data.
If you wish to prevent the whole internet to request you emoji or doing DoS with the service, you can use OAuth2-Proxy. Here is a start-up snippet for it, using Keycloak provider:
~/go/bin/oauth2-proxy --provider keycloak-oidc \
--provider-display-name 'login with SSO' \
--client-id 'emojiquest' \
--client-secret '<insert here the client secret>' \
--redirect-url 'https://emojiquest.example.com/oauth2/callback' \
--cookie-secure=true \
--cookie-secret='<insert here the cookie secret>' \
--email-domain=* \
--oidc-issuer-url=https://accounts.example.com/realms/<your realm> \
--code-challenge-method=S256 \
--upstream http://localhost:8090
If you wish to use your instance as an OAuth2 provider it's currently no possible due to how it's made, see the feature request issue.