0.10.0

With X-Forwarded-Host set on the proxied request, Rails uses that host
for URLs. But we need it to be the accounts domain.

.drone.yml

@@ -17,7 +17,7 @@ steps:
       branch:
         - master
   - name: rspec
-    image: guildeducation/rails:2.7.2-14.20.0
+    image: gitea.kosmos.org/kosmos/akkounts-ci:0.9.1
     environment:
       RAILS_ENV: test
       REDIS_URL: redis://redis:6379/0
@@ -28,6 +28,8 @@ steps:
       - bundle config set cache_path 'vendor/cache'
       - bundle config set with 'development test'
       - bundle install --jobs=3 --retry=3
+      - bundle exec rails db:create
+      - bundle exec rails db:migrate
       - yarn install
       - rake css:build
       - bundle exec rspec

.env.example

@@ -1,46 +1,71 @@
-PRIMARY_DOMAIN=kosmos.org
-AKKOUNTS_DOMAIN=accounts.example.com
+# PRIMARY_DOMAIN=kosmos.org
+# AKKOUNTS_DOMAIN=accounts.example.com
 
-SMTP_SERVER=smtp.example.com
-SMTP_PORT=587
-SMTP_LOGIN=accounts
-SMTP_PASSWORD=123abc
-SMTP_FROM_ADDRESS=accounts@example.com
-SMTP_DOMAIN=example.com
-SMTP_AUTH_METHOD=plain
-SMTP_ENABLE_STARTTLS=auto
+# SMTP_SERVER=smtp.example.com
+# SMTP_PORT=587
+# SMTP_LOGIN=accounts
+# SMTP_PASSWORD=123abc
+# SMTP_FROM_ADDRESS=accounts@example.com
+# SMTP_DOMAIN=example.com
+# SMTP_AUTH_METHOD=plain
+# SMTP_ENABLE_STARTTLS=auto
 
-LDAP_HOST=localhost
-LDAP_PORT=389
-LDAP_ADMIN_PASSWORD=passthebutter
-LDAP_SUFFIX='dc=kosmos,dc=org'
+# S3_ENABLED=true
+# S3_ENDPOINT=https://s3.kosmos.org
+# S3_REGION=garage
+# S3_BUCKET=akkounts-production
+# S3_ALIAS_HOST=https://accounts.web.s3.kosmos.org
+# S3_ACCESS_KEY=123456abcdefg
+# S3_SECRET_KEY=123456789123456789123456789
 
-REDIS_URL='redis://localhost:6379/1'
+# LDAP_HOST=localhost
+# LDAP_PORT=389
+# LDAP_ADMIN_PASSWORD=passthebutter
+# LDAP_SUFFIX='dc=kosmos,dc=org'
 
-WEBHOOKS_ALLOWED_IPS='10.1.1.163'
+# REDIS_URL='redis://localhost:6379/1'
 
-DISCOURSE_PUBLIC_URL='https://community.kosmos.org'
-DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
+# WEBHOOKS_ALLOWED_IPS='10.1.1.163'
 
-DRONECI_PUBLIC_URL='https://drone.kosmos.org'
+#
+# Service Integrations
+# (sorted alphabetically by service name)
+#
 
-GITEA_PUBLIC_URL='https://gitea.kosmos.org'
-MASTODON_PUBLIC_URL='https://kosmos.social'
-MEDIAWIKI_PUBLIC_URL='https://wiki.kosmos.org'
-RS_STORAGE_URL='https://storage.kosmos.org'
-RS_REDIS_URL='redis://localhost:6379/2'
+# BTCPAY_PUBLIC_URL='https://btcpay.example.com'
+# BTCPAY_API_URL='http://localhost:23001/api/v1'
+# BTCPAY_STORE_ID=''
+# BTCPAY_AUTH_TOKEN=''
 
-EJABBERD_ADMIN_URL='https://xmpp.kosmos.org/admin'
-EJABBERD_API_URL='https://xmpp.kosmos.org/api'
+# DISCOURSE_PUBLIC_URL='https://community.kosmos.org'
+# DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 
-BTCPAY_API_URL='http://localhost:23001/api/v1'
+# DRONECI_PUBLIC_URL='https://drone.kosmos.org'
 
-LNDHUB_API_URL='http://localhost:3023'
-LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
-LNDHUB_PUBLIC_KEY='0123d3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'
-LNDHUB_ADMIN_UI=true
-LNDHUB_PG_HOST=localhost
-LNDHUB_PG_PORT=5432
-LNDHUB_PG_DATABASE=lndhub
-LNDHUB_PG_USERNAME=lndhub
-LNDHUB_PG_PASSWORD=''
+# EJABBERD_ADMIN_URL='https://xmpp.kosmos.org/admin'
+# EJABBERD_API_URL='https://xmpp.kosmos.org/api'
+
+# GITEA_PUBLIC_URL='https://gitea.kosmos.org'
+
+# LNDHUB_API_URL='http://localhost:3023'
+# LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
+# LNDHUB_PUBLIC_KEY='0123d3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'
+# LNDHUB_ADMIN_UI=true
+# LNDHUB_ADMIN_TOKEN=123456789
+# LNDHUB_PG_HOST=localhost
+# LNDHUB_PG_PORT=5432
+# LNDHUB_PG_DATABASE=lndhub
+# LNDHUB_PG_USERNAME=lndhub
+# LNDHUB_PG_PASSWORD=''
+
+# MASTODON_PUBLIC_URL='https://kosmos.social'
+# MASTODON_ADDRESS_DOMAIN='https://kosmos.org'
+
+# MEDIAWIKI_PUBLIC_URL='https://wiki.kosmos.org'
+
+# NOSTR_PRIVATE_KEY='123456abcdef...'
+# NOSTR_PUBLIC_KEY='123456abcdef...'
+# NOSTR_RELAY_URL='wss://nostr.kosmos.org'
+
+# RS_STORAGE_URL='https://storage.kosmos.org'
+# RS_REDIS_URL='redis://localhost:6379/2'

.env.test

@@ -1,18 +1,26 @@
 PRIMARY_DOMAIN=kosmos.org
+AKKOUNTS_DOMAIN=accounts.kosmos.org
 
 REDIS_URL='redis://localhost:6379/0'
 
+BTCPAY_PUBLIC_URL='https://btcpay.example.com'
+BTCPAY_API_URL='http://btcpay.example.com/api/v1'
+BTCPAY_STORE_ID='123456'
+
 DISCOURSE_PUBLIC_URL='http://discourse.example.com'
 DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 
 EJABBERD_API_URL='http://xmpp.example.com/api'
 
-BTCPAY_API_URL='http://btcpay.example.com/api/v1'
+MASTODON_PUBLIC_URL='http://example.social'
 
 LNDHUB_API_URL='http://localhost:3026'
 LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
 LNDHUB_PUBLIC_KEY='024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'
 
+NOSTR_PRIVATE_KEY='7c3ef7e448505f0615137af38569d01807d3b05b5005d5ecf8aaafcd40323cea'
+NOSTR_PUBLIC_KEY='bdd76ce2934b2f591f9fad2ebe9da18f20d2921de527494ba00eeaa0a0efadcf'
+
 RS_STORAGE_URL='https://storage.kosmos.org'
 RS_REDIS_URL='redis://localhost:6379/1'
 

.gitignore

@@ -23,6 +23,7 @@
 !/tmp/pids/
 !/tmp/pids/.keep
 
+/storage
 
 /public/assets
 .byebug_history

.ruby-version

@@ -1 +1 @@
-2.7.2
+3.3.0

Dockerfile

@@ -1,10 +1,11 @@
 # syntax=docker/dockerfile:1
-FROM ruby:2.7.6
+FROM ruby:3.3.4
 
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 
 RUN apt-get update -qq && apt-get install -y --no-install-recommends curl \
-      ldap-utils tini
+      ldap-utils tini libvips
+
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
 

Gemfile

@@ -2,7 +2,7 @@ source 'https://rubygems.org'
 git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 7.0.2'
+gem 'rails', '~> 7.1'
 # Use Puma as the app server
 gem 'puma', '~> 4.1'
 # View components
@@ -22,7 +22,7 @@ gem 'jbuilder', '~> 2.7'
 # Use Redis adapter to run Action Cable in production
 # gem 'redis', '~> 4.0'
 # Use Active Model has_secure_password
-# gem 'bcrypt', '~> 3.1.7'
+gem 'bcrypt', '~> 3.1'
 
 # Configuration
 gem 'dotenv-rails'
@@ -37,6 +37,7 @@ gem 'devise_ldap_authenticatable'
 gem 'net-ldap'
 
 # Utilities
+gem "image_processing", "~> 1.12.2"
 gem "rqrcode", "~> 2.0"
 gem 'rails-settings-cached', '~> 2.8.3'
 gem 'pagy', '~> 6.0', '>= 6.0.2'
@@ -46,6 +47,8 @@ gem 'flipper-ui'
 
 # HTTP requests
 gem 'faraday'
+gem 'down'
+gem 'aws-sdk-s3', require: false
 
 # Background/scheduled jobs
 gem 'sidekiq', '< 7'
@@ -58,19 +61,19 @@ gem "sentry-rails"
 # Services
 gem 'discourse_api'
 gem "lnurl"
-gem 'nostr', git: 'https://gitea.kosmos.org/kosmos/nostr-gem.git', branch: 'feature/ruby_2.7_compat'
+gem 'manifique', '~> 1.1.0'
+gem 'nostr', '~> 0.6.0'
 
 group :development, :test do
   # Use sqlite3 as the database for Active Record
-  gem 'sqlite3', '~> 1.4'
+  gem 'sqlite3', '~> 1.7.2'
   gem 'rspec-rails'
   gem 'rails-controller-testing'
-  gem "byebug", "~> 11.1"
 end
 
 group :development do
   # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
-  gem 'web-console', '>= 3.3.0'
+  gem 'web-console', '~> 4.2'
   gem 'listen', '~> 3.2'
   gem 'letter_opener'
   gem 'letter_opener_web'
@@ -86,8 +89,8 @@ group :test do
 end
 
 group :production do
-  # Use postgresql as the database for Active Record
-  gem 'pg', '~> 1.2.3'
+  gem 'pg', '~> 1.5'
 end
+
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]

Gemfile.lock

@@ -1,113 +1,127 @@
-GIT
-  remote: https://gitea.kosmos.org/kosmos/nostr-gem.git
-  revision: 596529d9eb50d13b3f385245636698fccf37b442
-  branch: feature/ruby_2.7_compat
-  specs:
-    nostr (0.4.0)
-      bech32 (~> 1.3)
-      bip-schnorr (~> 0.4)
-      ecdsa (~> 1.2)
-      event_emitter (~> 0.2)
-      faye-websocket (~> 0.11)
-      json (~> 2.6)
-
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.5)
-      actionpack (= 7.0.5)
-      activesupport (= 7.0.5)
+    actioncable (7.1.3)
+      actionpack (= 7.1.3)
+      activesupport (= 7.1.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.5)
-      actionpack (= 7.0.5)
-      activejob (= 7.0.5)
-      activerecord (= 7.0.5)
-      activestorage (= 7.0.5)
-      activesupport (= 7.0.5)
+      zeitwerk (~> 2.6)
+    actionmailbox (7.1.3)
+      actionpack (= 7.1.3)
+      activejob (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.5)
-      actionpack (= 7.0.5)
-      actionview (= 7.0.5)
-      activejob (= 7.0.5)
-      activesupport (= 7.0.5)
+    actionmailer (7.1.3)
+      actionpack (= 7.1.3)
+      actionview (= 7.1.3)
+      activejob (= 7.1.3)
+      activesupport (= 7.1.3)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
-      rails-dom-testing (~> 2.0)
-    actionpack (7.0.5)
-      actionview (= 7.0.5)
-      activesupport (= 7.0.5)
-      rack (~> 2.0, >= 2.2.4)
+      rails-dom-testing (~> 2.2)
+    actionpack (7.1.3)
+      actionview (= 7.1.3)
+      activesupport (= 7.1.3)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.5)
-      actionpack (= 7.0.5)
-      activerecord (= 7.0.5)
-      activestorage (= 7.0.5)
-      activesupport (= 7.0.5)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    actiontext (7.1.3)
+      actionpack (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.5)
-      activesupport (= 7.0.5)
+    actionview (7.1.3)
+      activesupport (= 7.1.3)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.5)
-      activesupport (= 7.0.5)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (7.1.3)
+      activesupport (= 7.1.3)
       globalid (>= 0.3.6)
-    activemodel (7.0.5)
-      activesupport (= 7.0.5)
-    activerecord (7.0.5)
-      activemodel (= 7.0.5)
-      activesupport (= 7.0.5)
-    activestorage (7.0.5)
-      actionpack (= 7.0.5)
-      activejob (= 7.0.5)
-      activerecord (= 7.0.5)
-      activesupport (= 7.0.5)
+    activemodel (7.1.3)
+      activesupport (= 7.1.3)
+    activerecord (7.1.3)
+      activemodel (= 7.1.3)
+      activesupport (= 7.1.3)
+      timeout (>= 0.4.0)
+    activestorage (7.1.3)
+      actionpack (= 7.1.3)
+      activejob (= 7.1.3)
+      activerecord (= 7.1.3)
+      activesupport (= 7.1.3)
       marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
-    activesupport (7.0.5)
+    activesupport (7.1.3)
+      base64
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
+      mutex_m
       tzinfo (~> 2.0)
-    addressable (2.8.4)
+    addressable (2.8.6)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
+    aws-eventstream (1.3.0)
+    aws-partitions (1.886.0)
+    aws-sdk-core (3.191.0)
+      aws-eventstream (~> 1, >= 1.3.0)
+      aws-partitions (~> 1, >= 1.651.0)
+      aws-sigv4 (~> 1.8)
+      jmespath (~> 1, >= 1.6.1)
+    aws-sdk-kms (1.77.0)
+      aws-sdk-core (~> 3, >= 3.191.0)
+      aws-sigv4 (~> 1.1)
+    aws-sdk-s3 (1.143.0)
+      aws-sdk-core (~> 3, >= 3.191.0)
+      aws-sdk-kms (~> 1)
+      aws-sigv4 (~> 1.8)
+    aws-sigv4 (1.8.0)
+      aws-eventstream (~> 1, >= 1.0.2)
     backport (1.2.0)
-    bcrypt (3.1.18)
-    bech32 (1.3.0)
+    base64 (0.2.0)
+    bcrypt (3.1.20)
+    bech32 (1.4.2)
       thor (>= 1.1.0)
-    benchmark (0.2.1)
+    benchmark (0.3.0)
+    bigdecimal (3.1.6)
     bindex (0.8.1)
-    bip-schnorr (0.6.0)
+    bip-schnorr (0.7.0)
       ecdsa_ext (~> 0.5.0)
     builder (3.2.4)
-    byebug (11.1.3)
-    capybara (3.39.2)
+    capybara (3.40.0)
       addressable
       matrix
       mini_mime (>= 0.1.3)
-      nokogiri (~> 1.8)
+      nokogiri (~> 1.11)
       rack (>= 1.6.0)
       rack-test (>= 0.6.3)
       regexp_parser (>= 1.5, < 3.0)
       xpath (~> 3.2)
     chunky_png (1.4.0)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.2.3)
     connection_pool (2.4.1)
-    crack (0.4.5)
+    crack (0.4.6)
+      bigdecimal
       rexml
     crass (1.0.6)
-    cssbundling-rails (1.1.2)
+    cssbundling-rails (1.4.0)
       railties (>= 6.0.0)
     database_cleaner (2.0.2)
       database_cleaner-active_record (>= 2, < 3)
@@ -115,8 +129,8 @@ GEM
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    date (3.3.3)
-    devise (4.9.2)
+    date (3.3.4)
+    devise (4.9.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -125,7 +139,7 @@ GEM
     devise_ldap_authenticatable (0.8.7)
       devise (>= 3.4.1)
       net-ldap (>= 0.16.0)
-    diff-lcs (1.5.0)
+    diff-lcs (1.5.1)
     discourse_api (2.0.1)
       faraday (~> 2.7)
       faraday-follow_redirects
@@ -135,65 +149,79 @@ GEM
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
+    down (5.4.1)
+      addressable (~> 2.8)
+    drb (2.2.0)
+      ruby2_keywords
     e2mmap (0.1.0)
     ecdsa (1.2.0)
-    ecdsa_ext (0.5.0)
+    ecdsa_ext (0.5.1)
       ecdsa (~> 1.2.0)
     erubi (1.12.0)
     et-orbi (1.2.7)
       tzinfo
     event_emitter (0.2.6)
     eventmachine (1.2.7)
-    factory_bot (6.2.1)
+    factory_bot (6.4.6)
       activesupport (>= 5.0.0)
-    factory_bot_rails (6.2.0)
-      factory_bot (~> 6.2.0)
+    factory_bot_rails (6.4.3)
+      factory_bot (~> 6.4)
       railties (>= 5.0.0)
-    faker (3.2.0)
+    faker (3.2.3)
       i18n (>= 1.8.11, < 2)
-    faraday (2.7.6)
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
+    faraday (2.9.0)
+      faraday-net_http (>= 2.0, < 3.2)
     faraday-follow_redirects (0.3.0)
       faraday (>= 1, < 3)
     faraday-multipart (1.0.4)
       multipart-post (~> 2)
-    faraday-net_http (3.0.2)
-    faye-websocket (0.11.2)
+    faraday-net_http (3.1.0)
+      net-http
+    faye-websocket (0.11.3)
       eventmachine (>= 0.12.0)
       websocket-driver (>= 0.5.1)
-    ffi (1.15.5)
-    flipper (0.28.0)
+    ffi (1.16.3)
+    flipper (1.2.2)
       concurrent-ruby (< 2)
-    flipper-active_record (0.28.0)
+    flipper-active_record (1.2.2)
       activerecord (>= 4.2, < 8)
-      flipper (~> 0.28.0)
-    flipper-ui (0.28.0)
+      flipper (~> 1.2.2)
+    flipper-ui (1.2.2)
       erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 0.28.0)
-      rack (>= 1.4, < 3)
+      flipper (~> 1.2.2)
+      rack (>= 1.4, < 4)
       rack-protection (>= 1.5.3, <= 4.0.0)
       sanitize (< 7)
-    fugit (1.8.1)
+    fugit (1.9.0)
       et-orbi (~> 1, >= 1.2.7)
       raabro (~> 1.4)
-    globalid (1.1.0)
-      activesupport (>= 5.0)
-    hashdiff (1.0.1)
+    globalid (1.2.1)
+      activesupport (>= 6.1)
+    hashdiff (1.1.0)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
-    importmap-rails (1.1.6)
+    image_processing (1.12.2)
+      mini_magick (>= 4.9.5, < 5)
+      ruby-vips (>= 2.0.17, < 3)
+    importmap-rails (2.0.1)
       actionpack (>= 6.0.0)
+      activesupport (>= 6.0.0)
       railties (>= 6.0.0)
+    io-console (0.7.2)
+    irb (1.11.1)
+      rdoc
+      reline (>= 0.4.2)
     jaro_winkler (1.5.6)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
-    json (2.6.3)
+    jmespath (1.6.2)
+    json (2.7.1)
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
+    language_server-protocol (3.17.0.3)
     launchy (2.5.2)
       addressable (~> 2.8)
     letter_opener (1.8.1)
@@ -206,10 +234,10 @@ GEM
     listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    lnurl (1.0.1)
+    lnurl (1.1.0)
       bech32 (~> 1.1)
-    lockbox (1.2.0)
-    loofah (2.21.3)
+    lockbox (1.3.2)
+    loofah (2.22.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.8.1)
@@ -217,64 +245,92 @@ GEM
       net-imap
       net-pop
       net-smtp
+    manifique (1.1.0)
+      faraday (~> 2.9.0)
+      faraday-follow_redirects (= 0.3.0)
+      nokogiri (~> 1.16.0)
     marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
-    mini_mime (1.1.2)
-    minitest (5.18.0)
+    mini_magick (4.12.0)
+    mini_mime (1.1.5)
+    mini_portile2 (2.8.5)
+    minitest (5.21.2)
     multipart-post (2.3.0)
-    net-imap (0.3.6)
+    mutex_m (0.2.0)
+    net-http (0.4.1)
+      uri
+    net-imap (0.4.9.1)
       date
       net-protocol
-    net-ldap (0.18.0)
+    net-ldap (0.19.0)
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.4.0.1)
       net-protocol
-    nio4r (2.5.9)
-    nokogiri (1.15.2-arm64-darwin)
+    nio4r (2.7.0)
+    nokogiri (1.16.0)
+      mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.15.2-x86_64-linux)
+    nokogiri (1.16.0-arm64-darwin)
       racc (~> 1.4)
+    nokogiri (1.16.0-x86_64-linux)
+      racc (~> 1.4)
+    nostr (0.6.0)
+      bech32 (~> 1.4)
+      bip-schnorr (~> 0.7)
+      ecdsa (~> 1.2)
+      event_emitter (~> 0.2)
+      faye-websocket (~> 0.11)
+      json (~> 2.6)
     orm_adapter (0.5.0)
-    pagy (6.0.4)
-    parallel (1.23.0)
-    parser (3.2.2.3)
+    pagy (6.4.3)
+    parallel (1.24.0)
+    parser (3.3.0.5)
       ast (~> 2.4.1)
       racc
-    pg (1.2.3)
-    public_suffix (5.0.1)
+    pg (1.5.4)
+    psych (5.1.2)
+      stringio
+    public_suffix (5.0.4)
     puma (4.3.12)
       nio4r (~> 2.0)
     raabro (1.4.0)
-    racc (1.7.1)
-    rack (2.2.7)
-    rack-protection (3.0.6)
-      rack
+    racc (1.7.3)
+    rack (2.2.8)
+    rack-protection (3.2.0)
+      base64 (>= 0.1.0)
+      rack (~> 2.2, >= 2.2.4)
+    rack-session (1.0.2)
+      rack (< 3)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.5)
-      actioncable (= 7.0.5)
-      actionmailbox (= 7.0.5)
-      actionmailer (= 7.0.5)
-      actionpack (= 7.0.5)
-      actiontext (= 7.0.5)
-      actionview (= 7.0.5)
-      activejob (= 7.0.5)
-      activemodel (= 7.0.5)
-      activerecord (= 7.0.5)
-      activestorage (= 7.0.5)
-      activesupport (= 7.0.5)
+    rackup (1.0.0)
+      rack (< 3)
+      webrick
+    rails (7.1.3)
+      actioncable (= 7.1.3)
+      actionmailbox (= 7.1.3)
+      actionmailer (= 7.1.3)
+      actionpack (= 7.1.3)
+      actiontext (= 7.1.3)
+      actionview (= 7.1.3)
+      activejob (= 7.1.3)
+      activemodel (= 7.1.3)
+      activerecord (= 7.1.3)
+      activestorage (= 7.1.3)
+      activesupport (= 7.1.3)
       bundler (>= 1.15.0)
-      railties (= 7.0.5)
+      railties (= 7.1.3)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
       activesupport (>= 5.0.1.rc1)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
@@ -282,27 +338,32 @@ GEM
     rails-settings-cached (2.8.3)
       activerecord (>= 5.0.0)
       railties (>= 5.0.0)
-    railties (7.0.5)
-      actionpack (= 7.0.5)
-      activesupport (= 7.0.5)
-      method_source
+    railties (7.1.3)
+      actionpack (= 7.1.3)
+      activesupport (= 7.1.3)
+      irb
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
     rainbow (3.1.1)
-    rake (13.0.6)
+    rake (13.1.0)
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
     rbs (2.8.4)
+    rdoc (6.6.2)
+      psych (>= 4.0.0)
     redis (4.8.1)
-    regexp_parser (2.8.1)
-    responders (3.1.0)
+    regexp_parser (2.9.0)
+    reline (0.4.2)
+      io-console (~> 0.5)
+    responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
     reverse_markdown (2.1.1)
       nokogiri
-    rexml (3.2.5)
+    rexml (3.2.6)
     rqrcode (2.2.0)
       chunky_png (~> 1.0)
       rqrcode_core (~> 1.0)
@@ -312,10 +373,10 @@ GEM
     rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+    rspec-mocks (3.12.6)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-rails (6.0.3)
+    rspec-rails (6.1.1)
       actionpack (>= 6.1)
       activesupport (>= 6.1)
       railties (>= 6.1)
@@ -323,32 +384,35 @@ GEM
       rspec-expectations (~> 3.12)
       rspec-mocks (~> 3.12)
       rspec-support (~> 3.12)
-    rspec-support (3.12.0)
-    rubocop (1.52.1)
+    rspec-support (3.12.1)
+    rubocop (1.60.2)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.3)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.30.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
+    rubocop-ast (1.30.0)
       parser (>= 3.2.1.0)
     ruby-progressbar (1.13.0)
+    ruby-vips (2.2.0)
+      ffi (~> 1.12)
     ruby2_keywords (0.0.5)
     rufus-scheduler (3.9.1)
       fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.0.1)
+    sanitize (6.1.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
-    sentry-rails (5.9.0)
+    sentry-rails (5.16.1)
       railties (>= 5.0)
-      sentry-ruby (~> 5.9.0)
-    sentry-ruby (5.9.0)
+      sentry-ruby (~> 5.16.1)
+    sentry-ruby (5.16.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-    sidekiq (6.5.9)
+    sidekiq (6.5.12)
       connection_pool (>= 2.2.5, < 3)
       rack (~> 2.0)
       redis (>= 4.5.0, < 5)
@@ -356,7 +420,7 @@ GEM
       rufus-scheduler (~> 3.2)
       sidekiq (>= 6, < 8)
       tilt (>= 1.4.0)
-    solargraph (0.49.0)
+    solargraph (0.50.0)
       backport (~> 1.2)
       benchmark
       bundler (~> 2.0)
@@ -372,56 +436,63 @@ GEM
       thor (~> 1.0)
       tilt (~> 2.0)
       yard (~> 0.9, >= 0.9.24)
-    sprockets (4.2.0)
+    sprockets (4.2.1)
       concurrent-ruby (~> 1.0)
       rack (>= 2.2.4, < 4)
     sprockets-rails (3.4.2)
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    sqlite3 (1.6.3-arm64-darwin)
-    sqlite3 (1.6.3-x86_64-linux)
-    stimulus-rails (1.2.1)
+    sqlite3 (1.7.2)
+      mini_portile2 (~> 2.8.0)
+    sqlite3 (1.7.2-arm64-darwin)
+    sqlite3 (1.7.2-x86_64-linux)
+    stimulus-rails (1.3.3)
       railties (>= 6.0.0)
-    thor (1.2.2)
-    tilt (2.2.0)
-    timeout (0.3.2)
-    turbo-rails (1.4.0)
+    stringio (3.1.0)
+    thor (1.3.0)
+    tilt (2.3.0)
+    timeout (0.4.1)
+    turbo-rails (1.5.0)
       actionpack (>= 6.0.0)
       activejob (>= 6.0.0)
       railties (>= 6.0.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
-    view_component (3.2.0)
+    unicode-display_width (2.5.0)
+    uri (0.13.0)
+    view_component (3.10.0)
       activesupport (>= 5.2.0, < 8.0)
       concurrent-ruby (~> 1.0)
       method_source (~> 1.0)
     warden (1.2.9)
       rack (>= 2.0.9)
-    web-console (4.2.0)
+    web-console (4.2.1)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
       bindex (>= 0.4.0)
       railties (>= 6.0.0)
-    webmock (3.18.1)
+    webmock (3.19.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    websocket-driver (0.7.5)
+    webrick (1.8.1)
+    websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
     yard (0.9.34)
-    zeitwerk (2.6.8)
+    zeitwerk (2.6.12)
 
 PLATFORMS
   arm64-darwin-22
+  ruby
   x86_64-linux
 
 DEPENDENCIES
-  byebug (~> 11.1)
+  aws-sdk-s3
+  bcrypt (~> 3.1)
   capybara
   cssbundling-rails
   database_cleaner
@@ -429,12 +500,14 @@ DEPENDENCIES
   devise_ldap_authenticatable
   discourse_api
   dotenv-rails
+  down
   factory_bot_rails
   faker
   faraday
   flipper
   flipper-active_record
   flipper-ui
+  image_processing (~> 1.12.2)
   importmap-rails
   jbuilder (~> 2.7)
   letter_opener
@@ -442,12 +515,13 @@ DEPENDENCIES
   listen (~> 3.2)
   lnurl
   lockbox
+  manifique (~> 1.1.0)
   net-ldap
-  nostr!
+  nostr (~> 0.6.0)
   pagy (~> 6.0, >= 6.0.2)
-  pg (~> 1.2.3)
+  pg (~> 1.5)
   puma (~> 4.1)
-  rails (~> 7.0.2)
+  rails (~> 7.1)
   rails-controller-testing
   rails-settings-cached (~> 2.8.3)
   rqrcode (~> 2.0)
@@ -458,14 +532,14 @@ DEPENDENCIES
   sidekiq-scheduler
   solargraph
   sprockets-rails
-  sqlite3 (~> 1.4)
+  sqlite3 (~> 1.7.2)
   stimulus-rails
   turbo-rails
   tzinfo-data
   view_component
   warden
-  web-console (>= 3.3.0)
+  web-console (~> 4.2)
   webmock
 
 BUNDLED WITH
-   2.3.7
+   2.5.5

README.md

@@ -14,8 +14,10 @@ so:
 
 1. Make sure [Docker Compose is installed][1] and Docker is running (included in
    Docker Desktop)
-3. Run `docker compose up` and wait until 389ds announces its successful start
-   in the log output
+3. Run `docker compose up --build` and wait until all services have started
+   (389ds might take an extra minute to be ready). This will take a while when
+   running for the first time, so you might want to do something else in the
+   meantime.
 4. `docker-compose exec ldap dsconf localhost backend create --suffix="dc=kosmos,dc=org" --be-name="dev"`
 5. `docker compose run web rails ldap:setup`
 6. `docker compose run web rails db:setup`
@@ -28,38 +30,44 @@ have the password "user is user".
 
 ### Rails app
 
+_Note: when using Docker Compose, prefix the following commands with `docker-compose
+run web`._
+
 Installing dependencies:
 
     bundle install
     yarn install
 
-Setting up local database (SQLite):
+Migrating the local database (after schema changes):
 
-    bundle exec rails db:create
     bundle exec rails db:migrate
 
-Running the dev server and auto-building CSS files on change:
+Running the dev server, and auto-building CSS files on change _(automatic with Docker Compose)_:
 
     bin/dev
 
-Running the background workers (requires Redis):
+Running the background workers (requires Redis) _(automatic with Docker Compose)_:
 
     bundle exec sidekiq -C config/sidekiq.yml
 
-Running all specs:
+Running the test suite:
 
     bundle exec rspec
 
-### Docker (Compose)
+Running the test suite with Docker Compose requires overriding the Rails
+environment:
 
-There is a working Docker Compose config file, which define a number of services including
-an app server for Rails as well as a local 389ds (LDAP) server.
+    docker-compose run -e "RAILS_ENV=test" web rspec
 
-For Rails developers, you probably just want to start the LDAP server: `docker-compose up ldap`, 
-listening on port 389 on your machine. 
+### Docker Compose
 
-You can pick and choose your services adding them by name (listed in `docker-compose.yml`) at 
-the end of the docker compose command. eg. `docker compose up ldap redis`
+Services/containers are configured in `docker-compose.yml`.
+
+You can run services selectively, for example if you want to run the Rails app
+and test suite on the host machine. Just add the service names of the
+containers you want to run to the `up` command, like so:
+
+    docker-compose up ldap redis
 
 #### LDAP server
 
@@ -76,8 +84,24 @@ Now you can seed the back-end with data using this Rails task:
 The setup task will first delete any existing entries in the directory tree
 ("dc=kosmos,dc=org"), and then create our development entries.
 
-Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
-with a fresh installation, delete both that directory as well as the container.
+Note that all 389ds data is stored in the `389ds-data` volume. So if you want
+to start over with a fresh installation, delete both that volume as well as the
+container.
+
+#### Minio / remoteStorage
+
+If you want to run remoteStorage accounts locally, you will have to create the
+respective bucket first. With the `minio` container running (run by default
+when using Docker Compose), follow these steps:
+
+* `docker compose up web redis minio liquor-cabinet`
+* Head to http://localhost:9001 and log in with user `minioadmin`, password
+  `minioadmin`
+* Create a new bucket called `remotestorage` (or whatever you
+  change the `S3_BUCKET` config to)
+* Create a new key with ID "dev-key" and secret "123456789" (or whatever you
+  change `S3_ACCESS_KEY` and `S3_SECRET_KEY` to). Leave the policy field empty,
+  as it will automatically allow access to the bucket you created.
 
 ### Adding npm modules to use with Stimulus controllers
 

app/assets/stylesheets/components/buttons.css

@@ -32,11 +32,21 @@
            focus:ring-blue-400 focus:ring-opacity-75;
   }
 
+  .btn-emerald {
+    @apply bg-emerald-500 hover:bg-emerald-600 text-white
+           focus:ring-emerald-400 focus:ring-opacity-75;
+  }
+
   .btn-red {
     @apply bg-red-600 hover:bg-red-700 text-white
            focus:ring-red-500 focus:ring-opacity-75;
   }
 
+  .btn-outline-purple {
+    @apply border-2 border-purple-500 hover:bg-purple-100
+           focus:ring-purple-400 focus:ring-opacity-75;
+  }
+
   .btn:disabled {
     @apply bg-gray-100 hover:bg-gray-200 text-gray-400
            focus:ring-gray-300 focus:ring-opacity-75;

app/assets/stylesheets/components/dashboard_services.css

@@ -1,5 +1,5 @@
 @layer components {
   .services > div > a {
-    background-image: linear-gradient(110deg, rgba(255,255,255,0.99) 0, rgba(255,255,255,0.88) 100%);
+    background-image: linear-gradient(110deg, rgba(255,255,255,0.99) 20%, rgba(255,255,255,0.88) 100%);
   }
 }

app/components/app_catalog/web_app_icon_component.html.erb

@@ -0,0 +1,5 @@
+<% if @image_url %>
+  <%= image_tag @image_url, class: "h-full w-full" %>
+<% else %>
+  <%= render partial: "icons/remotestorage", locals: { custom_class: "h-full w-full p-0.5 text-gray-200" } %>
+<% end %>

app/components/app_catalog/web_app_icon_component.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module AppCatalog
+  class WebAppIconComponent < ViewComponent::Base
+    def initialize(web_app:)
+      if web_app&.icon&.attached?
+        @image_url = image_url_for(web_app.icon)
+      elsif web_app&.apple_touch_icon&.attached?
+        @image_url = image_url_for(web_app.apple_touch_icon)
+      end
+    end
+
+    def image_url_for(attachment)
+      if Setting.s3_enabled?
+        s3_image_url(attachment)
+      else
+        Rails.application.routes.url_helpers.rails_blob_path(attachment, only_path: true)
+      end
+    end
+  end
+end

app/components/dropdown_component.html.erb

@@ -0,0 +1,34 @@
+<div data-controller="dropdown" data-action="click->dropdown#toggle click@window->dropdown#hide">
+  <div class="relative inline-block">
+    <div role="button" tabindex="0" data-dropdown-target="button"
+         class="inline-block select-none">
+      <% if @size == :large %>
+      <span class="appearance-none flex items-center inline-block">
+        <span class="p-2 bg-gray-50 hover:bg-gray-100 rounded-full">
+          <%= render partial: "icons/#{@icon_name}",
+                     locals: { custom_class: "inline text-gray-500 h-6 w-6" } %>
+        </span>
+      </span>
+      <% elsif @size == :small %>
+      <span class="appearance-none flex items-center inline-block">
+        <span class="text-gray-500 hover:text-blue-600">
+          <%= render partial: "icons/#{@icon_name}",
+                     locals: { custom_class: "inline h-4 w-4" } %>
+        </span>
+      </span>
+      <% end %>
+    </div>
+    <div data-dropdown-target="menu"
+         data-transition-enter="transition ease-out duration-200"
+         data-transition-enter-from="opacity-0 translate-y-1"
+         data-transition-enter-to="opacity-100 translate-y-0"
+         data-transition-leave="transition ease-in duration-150"
+         data-transition-leave-from="opacity-100 translate-y-0"
+         data-transition-leave-to="opacity-0 translate-y-1"
+         class="hidden absolute top-4 right-0 z-10 mt-5 flex w-screen max-w-max">
+      <div class="bg-white shadow-lg rounded border overflow-hidden w-auto">
+        <%= content %>
+      </div>
+    </div>
+  </div>
+</div>

app/components/dropdown_component.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class DropdownComponent < ViewComponent::Base
+  def initialize(size: :large, icon_name: "kebap-menu")
+    @size = size.to_sym
+    @icon_name = icon_name
+  end
+end

app/components/dropdown_link_component.html.erb

@@ -0,0 +1,6 @@
+<%= link_to @href, class: @class, data: {
+      'dropdown-target': "menuItem",
+      'action': "keydown.up->dropdown#previousItem:prevent keydown.down->dropdown#nextItem:prevent"
+    } do %>
+  <%= content %>
+<% end %>

app/components/dropdown_link_component.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class DropdownLinkComponent < ViewComponent::Base
+  def initialize(href:, separator: false, add_class: nil)
+    @href = href
+    @class = class_str(separator, add_class)
+  end
+
+  private
+
+  def class_str(separator, add_class)
+    str = "no-underline block px-5 py-3 text-sm text-gray-900 bg-white
+           hover:bg-gray-100 focus:bg-gray-100 whitespace-no-wrap"
+    str = "#{str} border-t" if separator
+    str = "#{str} #{add_class}" if add_class
+    str
+  end
+end

app/components/form_elements/fieldset_resettable_setting_component.html.erb

@@ -6,6 +6,7 @@
     ) do %>
   <%= method("#{@type}_field").call :setting, @key,
     value: Setting.public_send(@key),
+    placeholder: @placeholder,
     data: {
       :'default-value' => Setting.get_field(@key)[:default]
     },

app/components/form_elements/fieldset_resettable_setting_component.rb

@@ -2,14 +2,15 @@
 
 module FormElements
   class FieldsetResettableSettingComponent < ViewComponent::Base
-    def initialize(tag: "li", key:, type: :text, title:, description: nil)
+    def initialize(tag: "li", key:, type: :text, title:, description: nil, placeholder: nil)
       @tag         = tag
       @positioning = :vertical
       @title       = title
-      @descripton  = description
+      @description  = description
       @key         = key.to_sym
       @type        = type
       @resettable  = is_resettable?(@key)
+      @placeholder = placeholder
     end
 
     def is_resettable?(key)

app/components/form_elements/fieldset_toggle_component.html.erb

@@ -5,7 +5,9 @@
       } : nil do %>
   <div class="flex flex-col">
     <label class="font-bold mb-1"><%= @title %></label>
-    <p class="text-gray-500"><%= @descripton %></p>
+    <% if @description.present? %>
+    <p class="text-gray-500"><%= @description %></p>
+    <% end %>
   </div>
   <div class="relative ml-4 inline-flex flex-shrink-0">
     <%= render FormElements::ToggleComponent.new(

app/components/form_elements/fieldset_toggle_component.rb

@@ -3,7 +3,7 @@
 module FormElements
   class FieldsetToggleComponent < ViewComponent::Base
     def initialize(tag: "li", form: nil, attribute: nil, field_name: nil,
-                   enabled: false, input_enabled: true, title:, description:)
+                   enabled: false, input_enabled: true, title:, description: nil)
       @tag = tag
       @form = form
       @attribute = attribute
@@ -12,7 +12,7 @@ module FormElements
       @enabled = enabled
       @input_enabled = input_enabled
       @title = title
-      @descripton = description
+      @description = description
       @button_text = @enabled ? "Switch off" : "Switch on"
     end
   end

app/components/main_with_tabnav_component.html.erb

@@ -1,5 +1,5 @@
 <main class="w-full max-w-6xl mx-auto pb-12 px-4 md:px-6 lg:px-8">
-  <div class="bg-white rounded-lg shadow">
+  <div class="md:min-h-[50vh] bg-white rounded-lg shadow">
     <div class="px-6 sm:px-12 pt-2 sm:pt-4">
       <%= render partial: @tabnav_partial %>
     </div>

app/components/modal_component.html.erb

@@ -12,15 +12,17 @@
 
     <!-- Modal Container -->
     <div data-modal-target="container"
-         class="max-h-screen w-auto max-w-lg relative
+         class="relative m-4 max-h-screen w-auto max-w-full
                 hidden animate-scale-in fixed inset-0 overflow-y-auto flex items-center justify-center">
       <!-- Modal Card -->
       <div class="m-1 bg-white rounded shadow">
         <div class="p-8">
           <%= content %>
+          <% if @show_close_button %>
           <div class="flex justify-end items-center flex-wrap mt-6">
             <button class="btn-md btn-blue" data-action="click->modal#close:prevent">Close</button>
           </div>
+          <% end %>
         </div>
       </div>
     </div>

app/components/modal_component.rb

@@ -1,2 +1,5 @@
 class ModalComponent < ViewComponent::Base
+  def initialize(show_close_button: true)
+    @show_close_button = show_close_button
+  end
 end

app/components/notification_component.rb

@@ -34,6 +34,8 @@ class NotificationComponent < ViewComponent::Base
       'alert-octagon'
     when 'alert'
       'alert-octagon'
+    when 'warning'
+      'alert-octagon'
     else
       'info'
     end

app/components/rs_auth_component.html.erb

@@ -0,0 +1,26 @@
+<div class="flex items-center gap-4">
+  <div class="h-16 w-16 flex-none">
+    <%= render AppCatalog::WebAppIconComponent.new(web_app: @web_app) %>
+  </div>
+  <div class="flex-grow">
+    <h4 class="mb-1 text-lg font-bold">
+      <%= @web_app&.name || @auth.app_name %>
+    </h4>
+    <p class="text-sm text-gray-500">
+      <%= @auth.client_id %>
+    </p>
+  </div>
+  <%= render DropdownComponent.new do %>
+    <%= render DropdownLinkComponent.new(
+          href: launch_app_services_storage_rs_auth_url(@auth)
+        ) do %>
+      Launch app
+    <% end %>
+    <%= render DropdownLinkComponent.new(
+          href: revoke_services_storage_rs_auth_url(@auth),
+          separator: true, add_class: "text-red-700"
+        ) do %>
+      Revoke access
+    <% end %>
+  <% end %>
+</div>

app/components/rs_auth_component.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class RsAuthComponent < ViewComponent::Base
+  def initialize(auth:)
+    @auth = auth
+    @web_app = auth.web_app
+  end
+end

app/components/sidenav_link_component.html.erb

@@ -1,4 +1,8 @@
 <%= link_to @path, class: @link_class, title: (@disabled ? "Coming soon" : nil) do %>
+  <% if @icon.present? %>
   <%= render partial: "icons/#{@icon}", locals: { custom_class: @icon_class } %>
+  <% elsif @text_icon.present? %>
+  <span class="mr-3"><%= @text_icon %></span>
+  <% end %>
   <span class="truncate"><%= @name %></span>
 <% end %>

app/components/sidenav_link_component.rb

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 
 class SidenavLinkComponent < ViewComponent::Base
-  def initialize(name:, level: 1, path:, icon:, active: false, disabled: false)
+  def initialize(name:, level: 1, path:, icon: nil, text_icon: nil,
+                 active: false, disabled: false)
     @name = name
     @level = level
     @path = path
     @icon = icon
+    @text_icon = text_icon
     @active = active
     @disabled = disabled
     @link_class = class_names_link(path)

app/controllers/admin/app_catalog/web_apps_controller.rb

@@ -0,0 +1,9 @@
+class Admin::AppCatalog::WebAppsController < Admin::AppCatalogController
+  def index
+    @pagy, @web_apps = pagy(AppCatalog::WebApp.order('created_at desc'))
+
+    @stats = {
+      known_apps: AppCatalog::WebApp.count
+    }
+  end
+end

app/controllers/admin/app_catalog_controller.rb

@@ -0,0 +1,9 @@
+class Admin::AppCatalogController < Admin::BaseController
+  before_action :set_current_section
+
+  private
+
+    def set_current_section
+      @current_section = :app_catalog
+    end
+end

app/controllers/admin/donations_controller.rb

@@ -3,18 +3,16 @@ class Admin::DonationsController < Admin::BaseController
   before_action :set_current_section, only: [:index, :show, :new, :edit]
 
   # GET /donations
-  # GET /donations.json
   def index
-    @pagy, @donations = pagy(Donation.all.order('created_at desc'))
+    @pagy, @donations = pagy(Donation.completed.order('paid_at desc'))
 
     @stats = {
-      overall_sats: @donations.all.sum("amount_sats"),
-      donor_count: Donation.distinct.count(:user_id)
+      overall_sats: @donations.sum("amount_sats"),
+      donor_count: Donation.completed.count(:user_id)
     }
   end
 
   # GET /donations/1
-  # GET /donations/1.json
   def show
   end
 
@@ -28,54 +26,41 @@ class Admin::DonationsController < Admin::BaseController
   end
 
   # POST /donations
-  # POST /donations.json
   def create
     @donation = Donation.new(donation_params)
 
-    respond_to do |format|
-      if @donation.save
-        format.html do
-          redirect_to admin_donation_url(@donation), flash: {
-            success: 'Donation was successfully created.'
-          }
-        end
-        format.json { render :show, status: :created, location: @donation }
-      else
-        format.html { render :new, status: :unprocessable_entity }
-        format.json { render json: @donation.errors, status: :unprocessable_entity }
-      end
+    if @donation.paid_at == nil
+      @donation.errors.add(:paid_at, message: "is required")
+      render :new, status: :unprocessable_entity and return
+    end
+
+    if @donation.save
+      redirect_to admin_donation_url(@donation), flash: {
+        success: 'Donation was successfully created.'
+      }
+    else
+      render :new, status: :unprocessable_entity
     end
   end
 
-  # PATCH/PUT /donations/1
-  # PATCH/PUT /donations/1.json
+  # PUT /donations/1
   def update
-    respond_to do |format|
-      if @donation.update(donation_params)
-        format.html do
-          redirect_to admin_donation_url(@donation), flash: {
-            success: 'Donation was successfully updated.'
-          }
-        end
-        format.json { render :show, status: :ok, location: @donation }
-      else
-        format.html { render :edit, status: :unprocessable_entity }
-        format.json { render json: @donation.errors, status: :unprocessable_entity }
-      end
+    if @donation.update(donation_params)
+      redirect_to admin_donation_url(@donation), flash: {
+        success: 'Donation was successfully updated.'
+      }
+    else
+      render :edit, status: :unprocessable_entity
     end
   end
 
   # DELETE /donations/1
-  # DELETE /donations/1.json
   def destroy
     @donation.destroy
-    respond_to do |format|
-      format.html do redirect_to admin_donations_url, flash: {
-        success: 'Donation was successfully destroyed.'
-      }
-      end
-      format.json { head :no_content }
-    end
+
+    redirect_to admin_donations_url, flash: {
+      success: 'Donation was successfully destroyed.'
+    }
   end
 
   private
@@ -86,7 +71,10 @@ class Admin::DonationsController < Admin::BaseController
 
     # Only allow a list of trusted parameters through.
     def donation_params
-      params.require(:donation).permit(:user_id, :amount_sats, :amount_eur, :amount_usd, :public_name, :paid_at)
+      params.require(:donation).permit(
+        :user_id, :donation_method,
+        :amount_sats, :fiat_amount, :fiat_currency,
+        :public_name, :paid_at)
     end
 
     def set_current_section

app/controllers/admin/settings/registrations_controller.rb

@@ -1,12 +1,20 @@
 class Admin::Settings::RegistrationsController < Admin::SettingsController
-  def index
+  def show
   end
 
-  def create
+  def update
     update_settings
 
     redirect_to admin_settings_registrations_path, flash: {
       success: "Settings saved"
     }
   end
+
+  private
+
+    def setting_params
+      params.require(:setting).permit([
+        :reserved_usernames, default_services: []
+      ])
+    end
 end

app/controllers/admin/settings/services_controller.rb

@@ -1,19 +1,32 @@
 class Admin::Settings::ServicesController < Admin::SettingsController
-  def index
-    @service = params[:s]
+  before_action :set_service, only: [:show, :update]
 
-    if @service.blank?
-      redirect_to admin_settings_services_path(params: { s: "discourse" })
-    end
+  def index
+    redirect_to admin_settings_service_path("btcpay")
   end
 
-  def create
-    service = params.require(:service)
+  def show
+  end
 
+  def update
     update_settings
 
-    redirect_to admin_settings_services_path(params: { s: service }), flash: {
+    redirect_to admin_settings_service_path(@service), flash: {
       success: "Settings saved"
     }
   end
+
+  private
+
+    def set_subsection
+      @subsection = "services"
+    end
+
+    def set_service
+      @service = params[:service]
+
+      if @service.blank?
+        redirect_to admin_settings_services_path and return
+      end
+    end
 end

app/controllers/admin/settings_controller.rb

@@ -9,22 +9,23 @@ class Admin::SettingsController < Admin::BaseController
     changed_keys = []
 
     setting_params.keys.each do |key|
-      next if setting_params[key].nil? ||
-              (Setting.send(key).to_s == setting_params[key].strip)
+      next if clean_param(key).nil? ||
+        (Setting.send(key).to_s == clean_param(key))
+
       changed_keys.push(key)
       setting = Setting.new(var: key)
-      setting.value = setting_params[key].strip
+      setting.value = clean_param(key)
       unless setting.valid?
         @errors.merge!(setting.errors)
       end
     end
 
     if @errors.any?
-      render :index and return
+      render :show and return
     end
 
     changed_keys.each do |key|
-      Setting.send("#{key}=", setting_params[key].strip)
+      Setting.send("#{key}=", clean_param(key))
     end
   end
 
@@ -37,4 +38,12 @@ class Admin::SettingsController < Admin::BaseController
     def setting_params
       params.require(:setting).permit(Setting.editable_keys.map(&:to_sym))
     end
+
+    def clean_param(key)
+      if Setting.get_field(key)[:type] == :string
+        setting_params[key].strip
+      else
+        setting_params[key]
+      end
+    end
 end

app/controllers/admin/users_controller.rb

@@ -1,11 +1,11 @@
 class Admin::UsersController < Admin::BaseController
-  before_action :set_user, only: [:show]
+  before_action :set_user, except: [:index]
   before_action :set_current_section
 
+  # GET /admin/users
   def index
     ldap   = LdapService.new
-    @ou    = params[:ou] || Setting.primary_domain
-    @orgs  = ldap.fetch_organizations
+    @ou    = Setting.primary_domain
     @pagy, @users = pagy(User.where(ou: @ou).order(cn: :asc))
 
     @stats = {
@@ -14,19 +14,46 @@ class Admin::UsersController < Admin::BaseController
     }
   end
 
+  # GET /admin/users/:username
   def show
     if Setting.lndhub_admin_enabled?
       @lndhub_user = @user.lndhub_user
     end
 
     @services_enabled = @user.services_enabled
+
+    @avatar = LdapManager::FetchAvatar.call(cn: @user.cn)
+  end
+
+  # POST /admin/users/:username/invitations
+  def create_invitations
+    amount = params[:amount].to_i
+    notify_user = ActiveRecord::Type::Boolean.new.cast(params[:notify_user])
+
+    CreateInvitations.call(user: @user, amount: amount, notify: notify_user)
+
+    redirect_to admin_user_path(@user.cn), flash: {
+      success: "Added #{amount} invitations to #{@user.cn}'s account"
+    }
+  end
+
+  # DELETE /admin/users/:username/invitations
+  def delete_invitations
+    invitations = @user.invitations.unused
+    amount = invitations.count
+
+    invitations.destroy_all
+
+    redirect_to admin_user_path(@user.cn), flash: {
+      success: "Removed #{amount} invitations from #{@user.cn}'s account"
+    }
   end
 
   private
 
   def set_user
-    address = params[:address].split("@")
-    @user = User.where(cn: address.first, ou: address.last).first
+    @user = User.find_by(cn: params[:username], ou: Setting.primary_domain)
+    http_status :not_found unless @user
   end
 
   def set_current_section

app/controllers/api/btcpay_controller.rb

@@ -0,0 +1,37 @@
+class Api::BtcpayController < Api::BaseController
+  before_action :require_feature_enabled
+  before_action :set_cors_access_control_headers
+
+  def onchain_btc_balance
+    balance = BtcpayManager::FetchOnchainWalletBalance.call
+    render json: balance
+  rescue => error
+    Rails.logger.warn "Failed to fetch BTC wallet balance: #{error.message}"
+    render json: { error: 'Failed to fetch wallet balance' },
+           status: 500
+  end
+
+  def lightning_btc_balance
+    balance = BtcpayManager::FetchLightningWalletBalance.call
+    render json: balance
+  rescue => error
+    Rails.logger.warn "Failed to fetch BTC lightning balance: #{error.message}"
+    render json: { error: 'Failed to fetch wallet balance' },
+           status: 500
+  end
+
+  private
+
+    def require_feature_enabled
+      unless Setting.btcpay_publish_wallet_balances
+        http_status :not_found and return
+      end
+    end
+
+    def set_cors_access_control_headers
+      return unless Rails.env.development?
+      headers['Access-Control-Allow-Origin'] = "*"
+      headers['Access-Control-Allow-Headers'] = "*"
+      headers['Access-Control-Allow-Methods'] = "GET"
+    end
+end

app/controllers/api/kredits_controller.rb

@@ -1,13 +0,0 @@
-class Api::KreditsController < Api::BaseController
-
-  def onchain_btc_balance
-    btcpay = BtcPay.new
-    balance = btcpay.onchain_wallet_balance
-    render json: balance
-  rescue => error
-    Rails.logger.warn "Failed to fetch kredits BTC wallet balance: #{error.message}"
-    render json: { error: 'Failed to fetch wallet balance' },
-           status: 500
-  end
-
-end

app/controllers/application_controller.rb

@@ -37,4 +37,35 @@ class ApplicationController < ActionController::Base
       format.any  { head status }
     end
   end
+
+  def after_sign_in_path_for(user)
+    session[:user_return_to] || root_path
+  end
+
+  def lndhub_authenticate(options={})
+    if session[:ln_auth_token].present? && !options[:force_reauth]
+      @ln_auth_token = session[:ln_auth_token]
+    else
+      lndhub = Lndhub.new
+      auth_token = lndhub.authenticate(current_user)
+      session[:ln_auth_token] = auth_token
+      @ln_auth_token = auth_token
+    end
+  rescue => e
+    Sentry.capture_exception(e) if Setting.sentry_enabled?
+  end
+
+  def lndhub_fetch_balance
+    @balance = LndhubManager::FetchUserBalance.call(auth_token: @ln_auth_token)
+  rescue AuthError
+    lndhub_authenticate(force_reauth: true)
+    raise if @fetch_balance_retried
+    @fetch_balance_retried = true
+    lndhub_fetch_balance
+  end
+
+  def nostr_event_from_params
+    params.permit!
+    params[:signed_event].to_h.symbolize_keys
+  end
 end

app/controllers/contributions/donations_controller.rb

@@ -1,10 +1,129 @@
 class Contributions::DonationsController < ApplicationController
-  before_action :authenticate_user!
+  include BtcpayHelper
 
-  # GET /donations
-  # GET /donations.json
+  before_action :authenticate_user!
+  before_action :set_donation_methods, only: [:index, :create]
+  before_action :require_donation_method_enabled, only: [:create]
+  before_action :validate_donation_params, only: [:create]
+  before_action :set_donation, only: [:confirm_btcpay]
+
+  # GET /contributions/donations
   def index
-    @donations = current_user.donations.completed
     @current_section = :contributions
+    @donations_completed = current_user.donations.completed.order('paid_at desc')
+    @donations_pending = current_user.donations.processing.order('created_at desc')
+
+    if Setting.lndhub_enabled?
+      begin
+        lndhub_authenticate
+        lndhub_fetch_balance
+      rescue
+        @balance = 0
+      end
+    end
   end
+
+  # POST /contributions/donations
+  def create
+    if params[:currency] == "sats"
+      fiat_amount = nil
+      fiat_currency = nil
+      amount_sats = params[:amount]
+    else
+      fiat_amount = params[:amount].to_i
+      fiat_currency = params[:currency]
+      amount_sats = nil
+    end
+
+    @donation = current_user.donations.create!(
+      donation_method: params[:donation_method],
+      payment_method: nil,
+      paid_at: nil,
+      amount_sats: amount_sats,
+      fiat_amount: (fiat_amount.nil? ? nil : fiat_amount * 100), # store in cents
+      fiat_currency: fiat_currency,
+      public_name: params[:public_name]
+    )
+
+    case params[:donation_method]
+    when "btcpay"
+      res = BtcpayManager::CreateInvoice.call(
+        amount: fiat_amount || (amount_sats.to_f / 100000000),
+        currency: fiat_currency || "BTC",
+        redirect_url: confirm_btcpay_contributions_donation_url(@donation)
+      )
+
+      @donation.update! btcpay_invoice_id: res["id"]
+
+      redirect_to btcpay_checkout_url(res["id"]), allow_other_host: true
+    else
+      redirect_to contributions_donations_url, flash: {
+        error: "Donation method currently not available"
+      }
+    end
+  end
+
+  def confirm_btcpay
+    redirect_to contributions_donations_url and return if @donation.completed?
+
+    invoice = BtcpayManager::FetchInvoice.call(invoice_id: @donation.btcpay_invoice_id)
+
+    if @donation.amount_sats.present?
+      # TODO make default fiat currency configurable and/or determine from user's
+      # i18n browser settings
+      @donation.fiat_currency = "EUR"
+      exchange_rate = BtcpayManager::FetchExchangeRate.call(fiat_currency: @donation.fiat_currency)
+      @donation.fiat_amount = (((@donation.amount_sats.to_f / 100000000) * exchange_rate) * 100).to_i
+    else
+      amt_str = invoice["paymentMethods"].first["amount"]
+      @donation.amount_sats = amt_str.tr(".","").sub(/0*$/, "").to_i
+    end
+
+    case invoice["status"]
+    when "Settled"
+      @donation.paid_at = DateTime.now
+      @donation.payment_status = "settled"
+      @donation.save!
+      flash_message = { success: "Thank you!" }
+    when "Processing"
+      unless @donation.processing?
+        @donation.payment_status = "processing"
+        @donation.save!
+        flash_message = { success: "Thank you! We will send you an email when the payment is confirmed." }
+        BtcpayCheckDonationJob.set(wait: 20.seconds).perform_later(@donation)
+      end
+    when "Expired"
+      flash_message = { warning: "The payment request for this donation has expired" }
+    else
+      flash_message = { warning: "Could not determine status of payment" }
+    end
+
+    redirect_to contributions_donations_url, flash: flash_message
+  end
+
+  private
+
+    def set_donation
+      @donation = current_user.donations.find_by(id: params[:id])
+      http_status :not_found unless @donation.present?
+    end
+
+    def set_donation_methods
+      @donation_methods = []
+      @donation_methods.push :btcpay if Setting.btcpay_enabled?
+      @donation_methods.push :lndhub if Setting.lndhub_enabled?
+      @donation_methods.push :opencollective if Setting.opencollective_enabled?
+    end
+
+    def require_donation_method_enabled
+      http_status :forbidden unless @donation_methods.include?(
+        params[:donation_method].to_sym
+      )
+    end
+
+    def validate_donation_params
+      if !%w[EUR USD sats].include?(params[:currency]) || (params[:amount].to_i <= 0)
+        http_status :unprocessable_entity
+      end
+    end
 end

app/controllers/lnurlpay_controller.rb

@@ -1,23 +1,33 @@
 class LnurlpayController < ApplicationController
-  before_action :check_feature_enabled
-  before_action :find_user_by_address
+  before_action :check_service_available
+  before_action :find_user
+  before_action :set_cors_access_control_headers
 
   MIN_SATS = 10
   MAX_SATS = 1_000_000
   MAX_COMMENT_CHARS = 100
 
+  # GET /.well-known/lnurlp/:username
   def index
-    render json: {
+    res = {
       status: "OK",
-      callback: "https://accounts.kosmos.org/lnurlpay/#{@user.address}/invoice",
+      callback: "https://#{Setting.accounts_domain}/lnurlpay/#{@user.cn}/invoice",
       tag: "payRequest",
       maxSendable: MAX_SATS * 1000, # msat
       minSendable: MIN_SATS * 1000, # msat
       metadata: metadata(@user.address),
       commentAllowed: MAX_COMMENT_CHARS
     }
+
+    if Setting.nostr_enabled?
+      res[:allowsNostr] = true
+      res[:nostrPubkey] = Setting.nostr_public_key
+    end
+
+    render json: res
   end
 
+  # GET /.well-known/keysend/:username
   def keysend
     http_status :not_found and return unless Setting.lndhub_keysend_enabled?
 
@@ -32,64 +42,120 @@ class LnurlpayController < ApplicationController
     }
   end
 
+  # GET /lnurlpay/:username/invoice
   def invoice
-    amount = params[:amount].to_i / 1000 # msats
-    address = params[:address]
+    amount = params[:amount].to_i / 1000 # msats to sats
     comment = params[:comment] || ""
+    address = @user.address
 
     if !valid_amount?(amount)
       render json: { status: "ERROR", reason: "Invalid amount" }
       return
     end
 
-    if !valid_comment?(comment)
-      render json: { status: "ERROR", reason: "Comment too long" }
-      return
+    if params[:nostr].present? && Setting.nostr_enabled?
+      handle_zap_request amount, params[:nostr], params[:lnurl]
+    else
+      handle_pay_request address, amount, comment
+    end
+  end
+
+  private
+
+    def set_cors_access_control_headers
+      headers['Access-Control-Allow-Origin'] = "*"
+      headers['Access-Control-Allow-Headers'] = "*"
+      headers['Access-Control-Allow-Methods'] = "GET"
     end
 
-    memo = "To #{address}"
-    memo = "#{memo}: \"#{comment}\"" if comment.present?
+    def check_service_available
+      http_status :not_found unless Setting.lndhub_enabled?
+    end
 
-    payment_request = @user.ln_create_invoice({
-      amount: amount, # we create invoices in sats
-      memo: memo,
-      description_hash: Digest::SHA2.hexdigest(metadata(address)),
-    })
+    def find_user
+      @user = User.where(cn: params[:username], ou: Setting.primary_domain).first
+      http_status :not_found if @user.nil?
+    end
 
-    render json: {
-      status: "OK",
-      successAction: {
-        tag: "message",
-        message: "Sats received. Thank you!"
-      },
-      routes: [],
-      pr: payment_request
-    }
-  end
+    def metadata(address)
+      "[[\"text/identifier\",\"#{address}\"],[\"text/plain\",\"Sats for #{address}\"]]"
+    end
 
-  private
+    def valid_amount?(amount_in_sats)
+      amount_in_sats <= MAX_SATS && amount_in_sats >= MIN_SATS
+    end
 
-  def find_user_by_address
-    address = params[:address].split("@")
-    @user = User.where(cn: address.first, ou: address.last).first
-    http_status :not_found if @user.nil?
-  end
+    def valid_comment?(comment)
+      comment.length <= MAX_COMMENT_CHARS
+    end
 
-  def metadata(address)
-    "[[\"text/identifier\", \"#{address}\"], [\"text/plain\", \"Send sats, receive thanks.\"]]"
-  end
+    def handle_pay_request(address, amount, comment)
+      if !valid_comment?(comment)
+        render json: { status: "ERROR", reason: "Comment too long" }
+        return
+      end
 
-  def valid_amount?(amount_in_sats)
-    amount_in_sats <= MAX_SATS && amount_in_sats >= MIN_SATS
-  end
+      desc = "To #{address}"
+      desc = "#{desc}: \"#{comment}\"" if comment.present?
 
-  def valid_comment?(comment)
-    comment.length <= MAX_COMMENT_CHARS
-  end
+      invoice = LndhubManager::CreateUserInvoice.call(
+        user: @user, payload: {
+          amount: amount, # sats
+          description: desc,
+          description_hash: Digest::SHA256.hexdigest(metadata(address)),
+        }
+      )
 
-  private
+      render json: {
+        status: "OK",
+        successAction: {
+          tag: "message",
+          message: "Sats received. Thank you!"
+        },
+        routes: [],
+        pr: invoice["payment_request"]
+      }
+    end
 
-  def check_feature_enabled
-    http_status :not_found unless Setting.lndhub_enabled?
-  end
+    def nostr_event_from_payload(nostr_param)
+      event_obj = JSON.parse(nostr_param).transform_keys(&:to_sym)
+      Nostr::Event.new(**event_obj)
+    rescue => e
+      return nil
+    end
+
+    def valid_zap_request?(amount, event, lnurl)
+      NostrManager::VerifyZapRequest.call(
+        amount: amount, event: event, lnurl: lnurl
+      )
+    end
+
+    def handle_zap_request(amount, nostr_param, lnurl_param)
+      event = nostr_event_from_payload(nostr_param)
+
+      unless event.present? && valid_zap_request?(amount*1000, event, lnurl_param)
+        render json: { status: "ERROR", reason: "Invalid zap request" }
+        return
+      end
+
+      # TODO might want to use the existing invoice and zap record if there are
+      # multiple calls with the same zap request
+
+      desc = "Zap for #{@user.address}"
+      desc = "#{desc}: \"#{event.content}\"" if event.content.present?
+
+      invoice = LndhubManager::CreateUserInvoice.call(
+        user: @user, payload: {
+          amount: amount, # sats
+          description: desc,
+          description_hash: Digest::SHA256.hexdigest(event.to_json),
+        }
+      )
+
+      @user.zaps.create! request: event,
+                         payment_request: invoice["payment_request"],
+                         amount: amount
+
+      render json: { status: "OK", pr: invoice["payment_request"] }
+    end
 end

app/controllers/rs/oauth_controller.rb

@@ -3,8 +3,7 @@ class Rs::OauthController < ApplicationController
   before_action :authenticate_user!, only: :create
 
   def new
-    username, org  = params[:useraddress].split("@")
-    @user          = User.where(cn: username.downcase, ou: org).first
+    @user          = User.where(cn: params[:username].downcase, ou: Setting.primary_domain).first
     @scopes        = parse_scopes params[:scope]
     @redirect_uri  = params[:redirect_uri]
     @client_id     = params[:client_id]
@@ -22,7 +21,7 @@ class Rs::OauthController < ApplicationController
     unless current_user == @user
       sign_out :user
 
-      redirect_to new_rs_oauth_url(@user.address,
+      redirect_to new_rs_oauth_url(@user.cn,
                                    scope: params[:scope],
                                    redirect_uri: params[:redirect_uri],
                                    client_id: params[:client_id],
@@ -88,7 +87,7 @@ class Rs::OauthController < ApplicationController
       permissions: permissions,
       client_id: client_id,
       redirect_uri: redirect_uri,
-      app_name: client_id, #TODO use user-defined name
+      app_name: client_id,
       expire_at: expire_at
     )
 
@@ -96,28 +95,15 @@ class Rs::OauthController < ApplicationController
                 allow_other_host: true
   end
 
-  # GET /rs/oauth/token/:id/launch_app
-  def launch_app
-    auth = current_user.remote_storage_authorizations.find(params[:id])
-
-    redirect_to app_auth_url(auth), allow_other_host: true
-  end
-
   private
 
   def require_signed_in_with_username
     unless user_signed_in?
-      username, org = params[:useraddress].split("@")
-      redirect_to new_user_session_path(cn: username, ou: org)
+      session[:user_return_to] = request.url
+      redirect_to new_user_session_path(cn: params[:username], ou: Setting.primary_domain)
     end
   end
 
-  def app_auth_url(auth)
-    url = "#{auth.url}#remotestorage=#{current_user.address}"
-    url += "&access_token=#{auth.token}"
-    url
-  end
-
   def hostname_of(uri)
     uri.gsub(/http(s)?:\/\//, "").split(":")[0].split("/")[0]
   end

app/controllers/services/chat_controller.rb

@@ -3,7 +3,7 @@ class Services::ChatController < Services::BaseController
   before_action :require_service_available
 
   def show
-    @service_enabled = current_user.services_enabled.include?(:xmpp)
+    @service_enabled = current_user.service_enabled?(:ejabberd)
   end
 
   private

app/controllers/services/email_controller.rb

@@ -0,0 +1,34 @@
+class Services::EmailController < Services::BaseController
+  before_action :authenticate_user!
+  before_action :require_service_available
+  before_action :require_feature_enabled
+
+  def show
+    ldap_entry = current_user.ldap_entry
+
+    @service_enabled = ldap_entry[:email_password].present?
+    @maildrop = ldap_entry[:email_maildrop]
+    @email_forwarding_active = @maildrop.present? &&
+                               @maildrop.split("@").first != current_user.cn
+  end
+
+  def new_password
+    if session[:new_email_password].present?
+      @new_password = session.delete(:new_email_password)
+    else
+      redirect_to setting_path(:email)
+    end
+  end
+
+  private
+
+    def require_service_available
+      http_status :not_found unless Setting.email_enabled?
+    end
+
+    def require_feature_enabled
+      unless Flipper.enabled?(:email, current_user)
+        http_status :forbidden
+      end
+    end
+end

app/controllers/services/lightning_controller.rb

@@ -2,10 +2,11 @@ require "rqrcode"
 require "lnurl"
 
 class Services::LightningController < ApplicationController
-  before_action :authenticate_user!
-  before_action :authenticate_with_lndhub
   before_action :set_current_section
-  before_action :fetch_balance
+  before_action :require_service_available
+  before_action :authenticate_user!
+  before_action :lndhub_authenticate
+  before_action :lndhub_fetch_balance
 
   def index
     @wallet_setup_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
@@ -55,32 +56,12 @@ class Services::LightningController < ApplicationController
 
   private
 
-  def authenticate_with_lndhub(options={})
-    if session[:ln_auth_token].present? && !options[:force_reauth]
-      @ln_auth_token = session[:ln_auth_token]
-    else
-      lndhub = Lndhub.new
-      auth_token = lndhub.authenticate(current_user)
-      session[:ln_auth_token] = auth_token
-      @ln_auth_token = auth_token
-    end
-  rescue => e
-    Sentry.capture_exception(e) if Setting.sentry_enabled?
-  end
-
   def set_current_section
     @current_section = :services
   end
 
-  def fetch_balance
-    lndhub = Lndhub.new
-    data = lndhub.balance @ln_auth_token
-    @balance = data["BTC"]["AvailableBalance"] rescue nil
-  rescue AuthError
-    authenticate_with_lndhub(force_reauth: true)
-    raise if @fetch_balance_retried
-    @fetch_balance_retried = true
-    fetch_balance
+  def require_service_available
+    http_status :not_found unless Setting.lndhub_enabled?
   end
 
   def fetch_transactions

app/controllers/services/mastodon_controller.rb

@@ -3,7 +3,7 @@ class Services::MastodonController < Services::BaseController
   before_action :require_service_available
 
   def show
-    @service_enabled = current_user.services_enabled.include?(:mastodon)
+    @service_enabled = current_user.service_enabled?(:mastodon)
   end
 
   private

app/controllers/services/remotestorage_controller.rb

@@ -1,23 +1,25 @@
 class Services::RemotestorageController < Services::BaseController
   before_action :authenticate_user!
-  before_action :require_feature_enabled
   before_action :require_service_available
+  before_action :require_feature_enabled
 
-  def dashboard
-    # unless current_user.services_enabled.include?(:remotestorage)
+  # Dashboard
+  def show
+    # unless current_user.service_enabled?(:remotestorage)
     #   redirect_to service_remotestorage_info_path
     # end
+    # @rs_apps_connected = current_user.remote_storage_authorizations.any?
   end
 
   private
 
+    def require_service_available
+      http_status :not_found unless Setting.remotestorage_enabled?
+    end
+
     def require_feature_enabled
       unless Flipper.enabled?(:remotestorage, current_user)
         http_status :forbidden
       end
     end
-
-    def require_service_available
-      http_status :not_found unless Setting.remotestorage_enabled?
-    end
 end

app/controllers/services/rs_auths_controller.rb

@@ -0,0 +1,47 @@
+class Services::RsAuthsController < Services::BaseController
+  before_action :authenticate_user!
+  before_action :require_feature_enabled
+  before_action :require_service_available
+  # before_action :require_service_enabled
+  before_action :find_rs_auth, only: [:destroy, :launch_app]
+
+  def index
+    @rs_auths = current_user.remote_storage_authorizations
+    # TODO sort by app name?
+  end
+
+  def destroy
+    @auth.destroy!
+
+    respond_to do |format|
+      format.html do redirect_to apps_services_storage_url, flash: {
+        success: 'App authorization revoked'
+      }
+      end
+      format.json { head :no_content }
+    end
+  end
+
+  def launch_app
+    launch_url = "#{@auth.launch_url}#remotestorage=#{current_user.address}&access_token=#{@auth.token}"
+
+    redirect_to launch_url, allow_other_host: true
+  end
+
+  private
+
+    def require_feature_enabled
+      unless Flipper.enabled?(:remotestorage, current_user)
+        http_status :forbidden
+      end
+    end
+
+    def require_service_available
+      http_status :not_found unless Setting.remotestorage_enabled?
+    end
+
+    def find_rs_auth
+      @auth = current_user.remote_storage_authorizations.find(params[:id])
+      http_status :not_found unless @auth.present?
+    end
+end

app/controllers/settings_controller.rb

@@ -1,17 +1,22 @@
-require 'securerandom'
+require "securerandom"
+require "bcrypt"
 
 class SettingsController < ApplicationController
   before_action :authenticate_user!
   before_action :set_main_nav_section
-  before_action :set_settings_section, only: [:show, :update, :update_email]
-  before_action :set_user, only: [:show, :update, :update_email]
+  before_action :set_settings_section, only: [:show, :update, :update_email, :reset_email_password]
+  before_action :set_user, only: [:show, :update, :update_email, :reset_email_password]
 
   def index
     redirect_to setting_path(:profile)
   end
 
   def show
-    if @settings_section == "experiments"
+    case @settings_section
+    when "lightning"
+      @notifications_enabled = @user.preferences[:lightning_notify_sats_received] != "disabled" ||
+                               @user.preferences[:lightning_notify_zap_received] != "disabled"
+    when "nostr"
       session[:shared_secret] ||= SecureRandom.base64(12)
     end
   end
@@ -19,10 +24,15 @@ class SettingsController < ApplicationController
   def update
     @user.preferences.merge!(user_params[:preferences] || {})
     @user.display_name = user_params[:display_name]
+    @user.avatar_new = user_params[:avatar]
 
     if @user.save
       if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name])
-        LdapManager::UpdateDisplayName.call(@user.dn, user_params[:display_name])
+        LdapManager::UpdateDisplayName.call(dn: @user.dn, display_name: @user.display_name)
+      end
+
+      if @user.avatar_new.present?
+        LdapManager::UpdateAvatar.call(dn: @user.dn, file: @user.avatar_new)
       end
 
       redirect_to setting_path(@settings_section), flash: {
@@ -35,7 +45,7 @@ class SettingsController < ApplicationController
   end
 
   def update_email
-    if @user.valid_ldap_authentication?(email_params[:current_password])
+    if @user.valid_ldap_authentication?(security_params[:current_password])
       if @user.update email: email_params[:email]
         redirect_to setting_path(:account), flash: {
           notice: 'Please confirm your new address using the confirmation link we just sent you.'
@@ -51,6 +61,28 @@ class SettingsController < ApplicationController
     end
   end
 
+  def reset_email_password
+    @user.current_password = security_params[:current_password]
+
+    if @user.valid_ldap_authentication?(@user.current_password)
+      @user.current_password = nil
+      session[:new_email_password] = generate_email_password
+      hashed_password = hash_email_password(session[:new_email_password])
+      LdapManager::UpdateEmailPassword.call(dn: @user.dn, password_hash: hashed_password)
+
+      if @user.ldap_entry[:email_maildrop] != @user.address
+        LdapManager::UpdateEmailMaildrop.call(dn: @user.dn, address: @user.address)
+      end
+
+      redirect_to new_password_services_email_path
+    else
+      @validation_errors = {
+        current_password: [ "Wrong password. Try again!" ]
+      }
+      render :show, status: :forbidden
+    end
+  end
+
   def reset_password
     current_user.send_reset_password_instructions
     sign_out current_user
@@ -59,40 +91,39 @@ class SettingsController < ApplicationController
   end
 
   def set_nostr_pubkey
-    signed_event = nostr_event_params[:signed_event].to_h.symbolize_keys
-    is_valid_id  = NostrManager::ValidateId.call(signed_event)
-    is_valid_sig = NostrManager::VerifySignature.call(signed_event)
-    is_correct_content = signed_event[:content] == "Connect my public key to #{current_user.address} (confirmation #{session[:shared_secret]})"
+    signed_event = Nostr::Event.new(**nostr_event_from_params)
 
-    unless is_valid_id && is_valid_sig && is_correct_content
+    is_valid_sig  = signed_event.verify_signature
+    is_valid_auth = NostrManager::VerifyAuth.call(
+      event: signed_event,
+      challenge: session[:shared_secret]
+    )
+
+    unless is_valid_sig && is_valid_auth
       flash[:alert] = "Public key could not be verified"
       http_status :unprocessable_entity and return
     end
 
-    pubkey_taken = User.all_except(current_user).where(
-      ou: current_user.ou, nostr_pubkey: signed_event[:pubkey]
-    ).any?
+    user_with_pubkey = LdapManager::FetchUserByNostrKey.call(pubkey: signed_event.pubkey)
 
-    if pubkey_taken
+    if user_with_pubkey.present? && (user_with_pubkey != current_user)
       flash[:alert] = "Public key already in use for a different account"
       http_status :unprocessable_entity and return
     end
 
-    current_user.update! nostr_pubkey: signed_event[:pubkey]
+    LdapManager::UpdateNostrKey.call(dn: current_user.dn, pubkey: signed_event.pubkey)
     session[:shared_secret] = nil
 
     flash[:success] = "Public key verification successful"
     http_status :ok
-  rescue
-    flash[:alert] = "Public key could not be verified"
-    http_status :unprocessable_entity and return
   end
 
   # DELETE /settings/nostr_pubkey
   def remove_nostr_pubkey
-    current_user.update! nostr_pubkey: nil
+    # TODO require current pubkey or password to delete
+    LdapManager::UpdateNostrKey.call(dn: current_user.dn, pubkey: nil)
 
-    redirect_to setting_path(:experiments), flash: {
+    redirect_to setting_path(:nostr), flash: {
       success: 'Public key removed from account'
     }
   end
@@ -105,7 +136,10 @@ class SettingsController < ApplicationController
 
     def set_settings_section
       @settings_section = params[:section]
-      allowed_sections = [:profile, :account, :lightning, :xmpp, :experiments]
+      allowed_sections = [
+        :profile, :account, :xmpp, :email,
+        :lightning, :remotestorage, :nostr
+      ]
 
       unless allowed_sections.include?(@settings_section.to_sym)
         redirect_to setting_path(:profile)
@@ -117,19 +151,26 @@ class SettingsController < ApplicationController
     end
 
     def user_params
-      params.require(:user).permit(:display_name, preferences: [
-        :lightning_notify_sats_received,
-        :xmpp_exchange_contacts_with_invitees
-      ])
+      params.require(:user).permit(
+        :display_name, :avatar, preferences: UserPreferences.pref_keys
+      )
     end
 
     def email_params
-      params.require(:user).permit(:email, :current_password)
+      params.require(:user).permit(:email)
     end
 
-    def nostr_event_params
-      params.permit(signed_event: [
-        :id, :pubkey, :created_at, :kind, :tags, :content, :sig
-      ])
+    def security_params
+      params.require(:user).permit(:current_password)
+    end
+
+    def generate_email_password
+      characters = [('a'..'z'), ('A'..'Z'), (0..9)].map(&:to_a).flatten
+      SecureRandom.random_bytes(16).each_byte.map { |b| characters[b % characters.length] }.join
+    end
+
+    def hash_email_password(password)
+      salt = BCrypt::Engine.generate_salt
+      BCrypt::Engine.hash_secret(password, salt)
     end
 end

app/controllers/signup_controller.rb

@@ -96,13 +96,13 @@ class SignupController < ApplicationController
     session[:new_user] = nil
     session[:validation_error] = nil
 
-    CreateAccount.call(
+    CreateAccount.call(account: {
       username: @user.cn,
       domain: Setting.primary_domain,
       email: @user.email,
       password: @user.password,
       invitation: @invitation
-    )
+    })
   end
 
   def set_context

app/controllers/users/sessions_controller.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+class Users::SessionsController < Devise::SessionsController
+  # before_action :configure_sign_in_params, only: [:create]
+
+  # GET /resource/sign_in
+  def new
+    session[:shared_secret] = SecureRandom.base64(12)
+    super
+  end
+
+  # POST /resource/sign_in
+  # def create
+  #   super
+  # end
+
+  # DELETE /resource/sign_out
+  # def destroy
+  #   super
+  # end
+
+  # POST /users/nostr_login
+  def nostr_login
+    signed_event = Nostr::Event.new(**nostr_event_from_params)
+
+    is_valid_sig  = signed_event.verify_signature
+    is_valid_auth = NostrManager::VerifyAuth.call(
+      event: signed_event,
+      challenge: session[:shared_secret]
+    )
+
+    session[:shared_secret] = nil
+
+    unless is_valid_sig && is_valid_auth
+      flash[:alert] = "Login verification failed"
+      http_status :unauthorized and return
+    end
+
+    user = LdapManager::FetchUserByNostrKey.call(pubkey: signed_event.pubkey)
+
+    if user.present?
+      set_flash_message!(:notice, :signed_in)
+      sign_in("user", user)
+      render json: { redirect_url: after_sign_in_path_for(user) }, status: :ok
+    else
+      flash[:alert] = "Failed to find your account. Nostr login may be disabled."
+      http_status :unauthorized
+    end
+  end
+
+  protected
+
+    def set_flash_message(key, kind, options = {})
+      # Hide flash message after redirecting from a signin route while logged in
+      super unless key == :alert && kind == "already_authenticated"
+    end
+
+  # If you have extra params to permit, append them to the sanitizer.
+  # def configure_sign_in_params
+  #   devise_parameter_sanitizer.permit(:sign_in, keys: [:attribute])
+  # end
+end

app/controllers/webfinger_controller.rb

@@ -1,20 +1,23 @@
-class WebfingerController < ApplicationController
+class WebfingerController < WellKnownController
   before_action :allow_cross_origin_requests, only: [:show]
 
-  layout false
-
   def show
     resource = params[:resource]
 
-    if resource && resource.match(/acct:\w+/)
-      useraddress = resource.split(":").last
-      username, org = useraddress.split("@")
-      username.downcase!
-      unless User.where(cn: username, ou: org).any?
+    if resource && @useraddress = resource.match(/acct:(.+)/)&.[](1)
+      @username, @domain = @useraddress.split("@")
+
+      unless Rails.env.development?
+        # Allow different domains (e.g. localhost:3000) in development only
+        head 404 and return unless @domain == Setting.primary_domain
+      end
+
+      unless @user = User.where(ou: Setting.primary_domain)
+                         .find_by(cn: @username.downcase)
         head 404 and return
       end
 
-      render json: webfinger(useraddress).to_json,
+      render json: webfinger.to_json,
              content_type: "application/jrd+json"
     else
       head 422 and return
@@ -23,24 +26,61 @@ class WebfingerController < ApplicationController
 
   private
 
-  def webfinger(useraddress)
-    links = [];
+  def webfinger
+    jrd = {
+      subject: "acct:#{@user.address}",
+      aliases: [],
+      links: []
+    }
 
-    links << remotestorage_link(useraddress) if Setting.remotestorage_enabled
+    if Setting.mastodon_enabled && @user.service_enabled?(:mastodon)
+      # https://docs.joinmastodon.org/spec/webfinger/
+      jrd[:aliases] += mastodon_aliases
+      jrd[:links] += mastodon_links
+    end
 
-    { "links" => links }
+    if Setting.remotestorage_enabled && @user.service_enabled?(:remotestorage)
+      # https://datatracker.ietf.org/doc/draft-dejong-remotestorage/
+      jrd[:links] << remotestorage_link
+    end
+
+    jrd
   end
 
-  def remotestorage_link(useraddress)
-    # TODO use when OAuth routes are available
-    # auth_url = new_rs_oauth_url(useraddress)
-    auth_url = "https://example.com/rs/oauth"
-    storage_url = "#{Setting.rs_storage_url}/#{useraddress}"
+  def mastodon_aliases
+    [
+      "#{Setting.mastodon_public_url}/@#{@user.cn}",
+      "#{Setting.mastodon_public_url}/users/#{@user.cn}"
+    ]
+  end
+
+  def mastodon_links
+    [
+      {
+        rel: "http://webfinger.net/rel/profile-page",
+        type: "text/html",
+        href: "#{Setting.mastodon_public_url}/@#{@user.cn}"
+      },
+      {
+        rel: "self",
+        type: "application/activity+json",
+        href: "#{Setting.mastodon_public_url}/users/#{@user.cn}"
+      },
+      {
+        rel: "http://ostatus.org/schema/1.0/subscribe",
+        template: "#{Setting.mastodon_public_url}/authorize_interaction?uri={uri}"
+      }
+    ]
+  end
+
+  def remotestorage_link
+    auth_url = new_rs_oauth_url(@username, host: Setting.accounts_domain)
+    storage_url = "#{Setting.rs_storage_url}/#{@username}"
 
     {
-      "rel" => "http://tools.ietf.org/id/draft-dejong-remotestorage",
-      "href" => storage_url,
-      "properties" => {
+      rel: "http://tools.ietf.org/id/draft-dejong-remotestorage",
+      href: storage_url,
+      properties: {
         "http://remotestorage.io/spec/version" => "draft-dejong-remotestorage-13",
         "http://tools.ietf.org/html/rfc6749#section-4.2" => auth_url,
         "http://tools.ietf.org/html/rfc6750#section-2.3" => nil, # access token via a HTTP query parameter
@@ -49,9 +89,4 @@ class WebfingerController < ApplicationController
       }
     }
   end
-
-  def allow_cross_origin_requests
-    headers['Access-Control-Allow-Origin'] = '*'
-    headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
-  end
 end

app/controllers/webhooks_controller.rb

@@ -2,45 +2,76 @@ class WebhooksController < ApplicationController
   skip_forgery_protection
 
   before_action :authorize_request
+  before_action :process_payload
 
   def lndhub
-    begin
-      payload = JSON.parse(request.body.read, symbolize_names: true)
-      head :no_content and return unless payload[:type] == "incoming"
-    rescue
-      head :unprocessable_entity and return
+    @user = User.find_by!(ln_account: @payload[:user_login])
+
+    if @zap = @user.zaps.find_by(payment_request: @payload[:payment_request])
+      settled_at = Time.parse(@payload[:settled_at])
+      zap_receipt = NostrManager::CreateZapReceipt.call(
+        zap: @zap,
+        paid_at: settled_at.to_i,
+        preimage: @payload[:preimage]
+      )
+      @zap.update! settled_at: settled_at, receipt: zap_receipt.to_h
+      NostrManager::PublishZapReceipt.call(zap: @zap)
     end
 
-    user = User.find_by!(ln_account: payload[:user_login])
-    notify = user.preferences[:lightning_notify_sats_received]
-    case notify
-    when "xmpp"
-      notify_xmpp(user.address, payload[:amount], payload[:memo])
-    when "email"
-      NotificationMailer.with(user: user, amount_sats: payload[:amount])
-                        .lightning_sats_received.deliver_later
-    end
+    send_notifications
 
     head :ok
   end
 
   private
 
-  # TODO refactor into mailer-like generic class/service
-  def notify_xmpp(address, amt_sats, memo)
-    payload = {
-      type: "normal",
-      from: Setting.primary_domain,
-      to: address,
-      subject: "Sats received!",
-      body: "#{helpers.number_with_delimiter amt_sats} sats received in your Lightning wallet:\n> #{memo}"
-    }
-    XmppSendMessageJob.perform_later(payload)
-  end
-
   def authorize_request
     if !ENV['WEBHOOKS_ALLOWED_IPS'].split(',').include?(request.remote_ip)
       head :forbidden and return
     end
   end
+
+  def process_payload
+    @payload = JSON.parse(request.body.read, symbolize_names: true)
+    unless @payload[:type] == "incoming" &&
+           @payload[:state] == "settled"
+      head :no_content and return
+    end
+  rescue
+    head :unprocessable_entity and return
+  end
+
+  def send_notifications
+    return if @payload[:amount] < @user.preferences[:lightning_notify_min_sats]
+
+    if @user.preferences[:lightning_notify_only_with_message]
+      return if @payload[:memo].blank?
+    end
+
+    target = @zap.present? ? @user.preferences[:lightning_notify_zap_received] :
+                             @user.preferences[:lightning_notify_sats_received]
+
+    case target
+    when "xmpp"
+      notify_xmpp
+    when "email"
+      notify_email
+    end
+  end
+
+  # TODO refactor into mailer-like generic class/service
+  def notify_xmpp
+    XmppSendMessageJob.perform_later({
+      type: "normal",
+      from: Setting.xmpp_notifications_from_address,
+      to: @user.address,
+      subject: "Sats received!",
+      body: "#{helpers.number_with_delimiter @payload[:amount]} sats received in your Lightning wallet:\n> #{@payload[:memo]}"
+    })
+  end
+
+  def notify_email
+    NotificationMailer.with(user: @user, amount_sats: @payload[:amount])
+                      .lightning_sats_received.deliver_later
+  end
 end

app/controllers/well_known_controller.rb

@@ -1,16 +1,47 @@
 class WellKnownController < ApplicationController
+  before_action :require_nostr_enabled, only: [ :nostr ]
+  before_action :allow_cross_origin_requests, only: [ :nostr ]
+
+  layout false
+
   def nostr
     http_status :unprocessable_entity and return if params[:name].blank?
     domain = request.headers["X-Forwarded-Host"].presence || Setting.primary_domain
-    @user = User.where(cn: params[:name], ou: domain).first
-    http_status :not_found and return if @user.nil? || @user.nostr_pubkey.blank?
+    relay_url = Setting.nostr_relay_url.presence
+
+    if params[:name] == "_"
+      if domain == Setting.primary_domain
+        # pubkey for the primary domain without a username (e.g. kosmos.org)
+        res = { names: { "_": Setting.nostr_public_key_primary_domain.presence || Setting.nostr_public_key } }
+      else
+        # pubkey for the akkounts domain without a username (e.g. accounts.kosmos.org)
+        res = { names: { "_": Setting.nostr_public_key } }
+      end
+
+      res[:relays] = { "_" => [ relay_url ] } if relay_url
+    else
+      @user = User.where(cn: params[:name], ou: domain).first
+      http_status :not_found and return if @user.nil? || @user.nostr_pubkey.blank?
+
+      res = { names: { @user.cn => @user.nostr_pubkey } }
+      res[:relays] = { @user.nostr_pubkey => [ relay_url ] } if relay_url
+    end
 
     respond_to do |format|
       format.json do
-        render json: {
-          names: { "#{@user.cn}": @user.nostr_pubkey }
-        }.to_json
+        render json: res.to_json
       end
     end
   end
+
+  private
+
+    def require_nostr_enabled
+      http_status :not_found unless Setting.nostr_enabled?
+    end
+
+    def allow_cross_origin_requests
+      headers['Access-Control-Allow-Origin'] = "*"
+      headers['Access-Control-Allow-Methods'] = "GET"
+    end
 end

app/helpers/application_helper.rb

@@ -1,10 +1,6 @@
 module ApplicationHelper
   include Pagy::Frontend
 
-  def sats_to_btc(sats)
-    sats.to_f / 100000000
-  end
-
   def main_nav_class(current_section, link_to_section)
     if current_section == link_to_section
       "bg-gray-900/50 text-white px-3 py-2 rounded-md font-medium text-base md:text-sm block md:inline-block"

app/helpers/btcpay_helper.rb

@@ -0,0 +1,7 @@
+module BtcpayHelper
+
+  def btcpay_checkout_url(invoice_id)
+    "#{Setting.btcpay_public_url}/i/#{invoice_id}"
+  end
+
+end

app/helpers/dashboard_helper.rb

@@ -1,2 +0,0 @@
-module DashboardHelper
-end

app/helpers/donations_helper.rb

@@ -1,2 +0,0 @@
-module DonationsHelper
-end

app/helpers/invitations_helper.rb

@@ -1,2 +0,0 @@
-module InvitationsHelper
-end

app/helpers/lnurlpay_helper.rb

@@ -1,2 +0,0 @@
-module LnurlpayHelper
-end

app/helpers/services_helper.rb

@@ -0,0 +1,12 @@
+module ServicesHelper
+
+  def service_human_name(key, category = :external)
+    SERVICES[category][key][:name] || key.to_s
+  end
+
+  def service_display_name(key, category = :external)
+    SERVICES[category][key][:display_name] ||
+    service_human_name(key, category)
+  end
+
+end

app/helpers/settings_helper.rb

@@ -1,2 +0,0 @@
-module SettingsHelper
-end

app/helpers/signup_helper.rb

@@ -1,2 +0,0 @@
-module SignupHelper
-end

app/helpers/users_helper.rb

@@ -1,2 +0,0 @@
-module UsersHelper
-end

app/helpers/wallet_helper.rb

@@ -1,2 +0,0 @@
-module WalletHelper
-end

app/helpers/welcome_helper.rb

@@ -1,2 +0,0 @@
-module WelcomeHelper
-end

app/javascript/controllers/application.js

@@ -1,8 +1,9 @@
 import { Application } from "@hotwired/stimulus"
-import { Modal, Tabs } from "tailwindcss-stimulus-components"
+import { Dropdown, Modal, Tabs } from "tailwindcss-stimulus-components"
 
 const application = Application.start()
 
+application.register('dropdown', Dropdown)
 application.register('modal', Modal)
 application.register('tabs', Tabs)
 

app/javascript/controllers/nostr_login_controller.js

@@ -0,0 +1,53 @@
+import { Controller } from "@hotwired/stimulus"
+
+// Connects to data-controller="nostr-login"
+export default class extends Controller {
+  static targets = [ "loginForm", "loginButton" ]
+  static values  = { site: String, sharedSecret: String }
+
+  connect() {
+    if (window.nostr) {
+      this.loginButtonTarget.disabled = false
+      this.loginFormTarget.classList.remove("hidden")
+    }
+  }
+
+  async login () {
+    this.loginButtonTarget.disabled = true
+
+    try {
+      // Auth based on NIP-42
+      const signedEvent = await window.nostr.signEvent({
+        created_at: Math.floor(Date.now() / 1000),
+        kind: 22242,
+        tags: [
+          ["site", this.siteValue],
+          ["challenge", this.sharedSecretValue]
+        ],
+        content: ""
+      })
+
+      const res = await fetch("/users/nostr_login", {
+        method: "POST", credentials: "include", headers: {
+          "Accept": "application/json", 'Content-Type': 'application/json',
+          "X-CSRF-Token": this.csrfToken
+        }, body: JSON.stringify({ signed_event: signedEvent })
+      })
+
+      if (res.status === 200) {
+        res.json().then(r => { window.location.href = r.redirect_url })
+      } else {
+        window.location.reload()
+      }
+    } catch (error) {
+      console.warn('Unable to authenticate:', error.message)
+    } finally {
+      this.loginButtonTarget.disabled = false
+    }
+  }
+
+  get csrfToken () {
+    const element = document.head.querySelector('meta[name="csrf-token"]')
+    return element.getAttribute("content")
+  }
+}

app/javascript/controllers/settings/email/password_controller.js

@@ -0,0 +1,27 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  static targets = [ "resetPasswordButton", "currentPasswordField" ]
+  static values = { validationFailed: Boolean }
+
+  connect () {
+    if (this.validationFailedValue) return;
+
+    this.element.querySelectorAll(".initial-hidden").forEach(el => {
+      el.classList.add("hidden");
+    })
+    this.element.querySelectorAll(".initial-visible").forEach(el => {
+      el.classList.remove("hidden");
+    })
+  }
+
+  showPasswordReset () {
+    this.element.querySelectorAll(".initial-visible").forEach(el => {
+      el.classList.add("hidden");
+    })
+    this.element.querySelectorAll(".initial-hidden").forEach(el => {
+      el.classList.remove("hidden");
+    })
+    this.currentPasswordFieldTarget.select();
+  }
+}

app/javascript/controllers/settings/nostr_pubkey_controller.js

@@ -1,24 +1,16 @@
 import { Controller } from "@hotwired/stimulus"
-import { bech32 } from "bech32"
-
-function hexToBytes (hex) {
-  let bytes = []
-  for (let c = 0; c < hex.length; c += 2) {
-    bytes.push(parseInt(hex.substr(c, 2), 16))
-  }
-  return bytes
-}
 
 // Connects to data-controller="settings--nostr-pubkey"
 export default class extends Controller {
   static targets = [ "noExtension", "setPubkey", "pubkeyBech32Input" ]
-  static values  = { userAddress: String, pubkeyHex: String, sharedSecret: String }
+  static values  = {
+    userAddress: String,
+    pubkeyHex: String,
+    site: String,
+    sharedSecret: String
+  }
 
   connect () {
-    if (this.hasPubkeyHexValue && this.pubkeyHexValue.length > 0) {
-      this.pubkeyBech32InputTarget.value = this.pubkeyBech32
-    }
-
     if (window.nostr) {
       if (this.hasSetPubkeyTarget) {
         this.setPubkeyTarget.disabled = false
@@ -32,11 +24,15 @@ export default class extends Controller {
     this.setPubkeyTarget.disabled = true
 
     try {
+      // Auth based on NIP-42
       const signedEvent = await window.nostr.signEvent({
         created_at: Math.floor(Date.now() / 1000),
-        kind: 1,
-        tags: [],
-        content: `Connect my public key to ${this.userAddressValue} (confirmation ${this.sharedSecretValue})`
+        kind: 22242,
+        tags: [
+          ["site", this.siteValue],
+          ["challenge", this.sharedSecretValue]
+        ],
+        content: ""
       })
 
       const res = await fetch("/settings/set_nostr_pubkey", {
@@ -53,11 +49,6 @@ export default class extends Controller {
     }
   }
 
-  get pubkeyBech32 () {
-    const words = bech32.toWords(hexToBytes(this.pubkeyHexValue))
-    return bech32.encode('npub', words)
-  }
-
   get csrfToken () {
     const element = document.head.querySelector('meta[name="csrf-token"]')
     return element.getAttribute("content")

app/jobs/btcpay_check_donation_job.rb

@@ -0,0 +1,28 @@
+class BtcpayCheckDonationJob < ApplicationJob
+  queue_as :default
+
+  def perform(donation)
+    return if donation.completed?
+
+    invoice = BtcpayManager::FetchInvoice.call(
+      invoice_id: donation.btcpay_invoice_id
+    )
+
+    case invoice["status"]
+    when "Settled"
+      donation.paid_at = DateTime.now
+      donation.payment_status = "settled"
+      donation.save!
+
+      NotificationMailer.with(user: donation.user)
+                        .bitcoin_donation_confirmed
+                        .deliver_later
+    when "Processing"
+      re_enqueue_job(donation)
+    end
+  end
+
+  def re_enqueue_job(donation)
+    self.class.set(wait: 20.seconds).perform_later(donation)
+  end
+end

app/jobs/create_ldap_user_job.rb

@@ -1,7 +1,7 @@
 class CreateLdapUserJob < ApplicationJob
   queue_as :default
 
-  def perform(username, domain, email, hashed_pw)
+  def perform(username:, domain:, email:, hashed_pw:, confirmed: false)
     dn = "cn=#{username},ou=#{domain},cn=users,dc=kosmos,dc=org"
     attr = {
       objectclass: ["top", "account", "person", "extensibleObject"],
@@ -12,6 +12,10 @@ class CreateLdapUserJob < ApplicationJob
       userPassword: hashed_pw
     }
 
+    if confirmed
+      attr[:serviceEnabled] = Setting.default_services
+    end
+
     ldap_client.add(dn: dn, attributes: attr)
   end
 

app/jobs/nostr_publish_event_job.rb

@@ -0,0 +1,7 @@
+class NostrPublishEventJob < ApplicationJob
+  queue_as :nostr
+
+  def perform(event:, relay_url:)
+    NostrManager::PublishEvent.call(event: event, relay_url: relay_url)
+  end
+end

app/jobs/xmpp_exchange_contacts_job.rb

@@ -2,8 +2,8 @@ class XmppExchangeContactsJob < ApplicationJob
   queue_as :default
 
   def perform(inviter, invitee)
-    return unless inviter.services_enabled.include?("xmpp") &&
-                  invitee.services_enabled.include?("xmpp") &&
+    return unless inviter.service_enabled?(:ejabberd) &&
+                  invitee.service_enabled?(:ejabberd) &&
                   inviter.preferences[:xmpp_exchange_contacts_with_invitees]
 
     ejabberd = EjabberdApiClient.new

app/mailers/notification_mailer.rb

@@ -5,4 +5,29 @@ class NotificationMailer < ApplicationMailer
     @subject = "Sats received"
     mail to: @user.email, subject: @subject
   end
+
+  def remotestorage_auth_created
+    @user = params[:user]
+    @auth = params[:auth]
+    @permissions = @auth.permissions.map do |p|
+      access = p.split(":")[1] == 'r' ? 'read' : 'read/write'
+      directory = p.split(':')[0] == '' ? 'all folders and files' : p.split(':')[0]
+      "#{access} #{directory}"
+    end
+    @subject = "New app connected to your storage"
+    mail to: @user.email, subject: @subject
+  end
+
+  def new_invitations_available
+    @user = params[:user]
+    @subject = "New invitations added to your account"
+    mail to: @user.email, subject: @subject
+  end
+
+  def bitcoin_donation_confirmed
+    @user = params[:user]
+    @donation = params[:donation]
+    @subject = "Donation confirmed"
+    mail to: @user.email, subject: @subject
+  end
 end

app/models/app_catalog.rb

@@ -0,0 +1,5 @@
+module AppCatalog
+  def self.table_name_prefix
+    "app_catalog_"
+  end
+end

app/models/app_catalog/web_app.rb

@@ -0,0 +1,16 @@
+class AppCatalog::WebApp < ApplicationRecord
+  store :metadata, coder: JSON
+
+  has_many :remote_storage_authorizations, dependent: :destroy
+
+  has_one_attached :icon
+  has_one_attached :apple_touch_icon
+
+  validates :url, presence: true, uniqueness: true
+  validates :url, format: { with: URI.regexp },
+                  if: Proc.new { |a| a.url.present? }
+
+  def update_metadata
+    AppCatalogManager::UpdateMetadata.call(app: self)
+  end
+end

app/models/concerns/settings/btcpay_settings.rb

@@ -0,0 +1,24 @@
+module Settings
+  module BtcpaySettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :btcpay_api_url, type: :string,
+        default: ENV["BTCPAY_API_URL"].presence
+
+      field :btcpay_enabled, type: :boolean,
+        default: ENV["BTCPAY_API_URL"].present?
+
+      field :btcpay_public_url, type: :string,
+        default: ENV["BTCPAY_PUBLIC_URL"].presence
+
+      field :btcpay_store_id, type: :string,
+        default: ENV["BTCPAY_STORE_ID"].presence
+
+      field :btcpay_auth_token, type: :string,
+        default: ENV["BTCPAY_AUTH_TOKEN"].presence
+
+      field :btcpay_publish_wallet_balances, type: :boolean, default: true
+    end
+  end
+end

app/models/concerns/settings/discourse_settings.rb

@@ -0,0 +1,16 @@
+module Settings
+  module DiscourseSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :discourse_public_url, type: :string,
+        default: ENV["DISCOURSE_PUBLIC_URL"].presence
+
+      field :discourse_enabled, type: :boolean,
+        default: ENV["DISCOURSE_PUBLIC_URL"].present?
+
+      field :discourse_connect_secret, type: :string,
+        default: ENV["DISCOURSE_CONNECT_SECRET"].presence
+    end
+  end
+end

app/models/concerns/settings/drone_ci_settings.rb

@@ -0,0 +1,13 @@
+module Settings
+  module DroneCiSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :droneci_public_url, type: :string,
+        default: ENV["DRONECI_PUBLIC_URL"].presence
+
+      field :droneci_enabled, type: :boolean,
+        default: ENV["DRONECI_PUBLIC_URL"].present?
+    end
+  end
+end

app/models/concerns/settings/ejabberd_settings.rb

@@ -0,0 +1,19 @@
+module Settings
+  module EjabberdSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :ejabberd_enabled, type: :boolean,
+        default: ENV["EJABBERD_API_URL"].present?
+
+      field :ejabberd_api_url, type: :string,
+        default: ENV["EJABBERD_API_URL"].presence
+
+      field :ejabberd_admin_url, type: :string,
+        default: ENV["EJABBERD_ADMIN_URL"].presence
+
+      field :ejabberd_buddy_roster, type: :string,
+        default: "Buddies"
+    end
+  end
+end

app/models/concerns/settings/email_settings.rb

@@ -0,0 +1,28 @@
+module Settings
+  module EmailSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :email_enabled, type: :boolean,
+        default: ENV["EMAIL_SMTP_HOST"].present?
+
+      # field :email_smtp_host, type: :string,
+      #   default: ENV["EMAIL_SMTP_HOST"].presence
+      #
+      # field :email_smtp_port, type: :string,
+      #   default: ENV["EMAIL_SMTP_PORT"].presence || 587
+      #
+      # field :email_smtp_enable_starttls, type: :string,
+      #   default: ENV["EMAIL_SMTP_PORT"].presence || true
+      #
+      # field :email_auth_method, type: :string,
+      #   default: ENV["EMAIL_AUTH_METHOD"].presence || "plain"
+      #
+      # field :email_imap_host, type: :string,
+      #   default: ENV["EMAIL_IMAP_HOST"].presence
+      #
+      # field :email_imap_port, type: :string,
+      #   default: ENV["EMAIL_IMAP_PORT"].presence || 993
+    end
+  end
+end

app/models/concerns/settings/general_settings.rb

@@ -0,0 +1,34 @@
+module Settings
+  module GeneralSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :primary_domain, type: :string,
+        default: ENV["PRIMARY_DOMAIN"].presence
+
+      field :accounts_domain, type: :string,
+        default: ENV["AKKOUNTS_DOMAIN"].presence
+
+      #
+      # Internal services
+      #
+
+      field :redis_url, type: :string,
+        default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
+
+      field :s3_enabled, type: :boolean,
+        default: ENV["S3_ENABLED"] && ENV["S3_ENABLED"].to_s != "false"
+
+      field :sentry_enabled, type: :boolean, readonly: true,
+        default: ENV["SENTRY_DSN"].present?
+
+      #
+      # Registrations
+      #
+
+      field :reserved_usernames, type: :array, default: %w[
+        account accounts donations mail webmaster support
+      ]
+    end
+  end
+end

app/models/concerns/settings/gitea_settings.rb

@@ -0,0 +1,13 @@
+module Settings
+  module GiteaSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :gitea_public_url, type: :string,
+        default: ENV["GITEA_PUBLIC_URL"].presence
+
+      field :gitea_enabled, type: :boolean,
+        default: ENV["GITEA_PUBLIC_URL"].present?
+    end
+  end
+end

app/models/concerns/settings/lightning_network_settings.rb

@@ -0,0 +1,25 @@
+module Settings
+  module LightningNetworkSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :lndhub_api_url, type: :string,
+        default: ENV["LNDHUB_API_URL"].presence
+
+      field :lndhub_enabled, type: :boolean,
+        default: ENV["LNDHUB_API_URL"].present?
+
+      field :lndhub_admin_token, type: :string,
+        default: ENV["LNDHUB_ADMIN_TOKEN"].presence
+
+      field :lndhub_admin_enabled, type: :boolean,
+        default: ENV["LNDHUB_ADMIN_UI"] || false
+
+      field :lndhub_public_key, type: :string,
+        default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
+
+      field :lndhub_keysend_enabled, type: :boolean,
+        default: -> { self.lndhub_public_key.present? }
+    end
+  end
+end

app/models/concerns/settings/mastodon_settings.rb

@@ -0,0 +1,16 @@
+module Settings
+  module MastodonSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :mastodon_public_url, type: :string,
+        default: ENV["MASTODON_PUBLIC_URL"].presence
+
+      field :mastodon_enabled, type: :boolean,
+        default: ENV["MASTODON_PUBLIC_URL"].present?
+
+      field :mastodon_address_domain, type: :string,
+        default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
+    end
+  end
+end

app/models/concerns/settings/media_wiki_settings.rb

@@ -0,0 +1,13 @@
+module Settings
+  module MediaWikiSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :mediawiki_public_url, type: :string,
+        default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
+
+      field :mediawiki_enabled, type: :boolean,
+        default: ENV["MEDIAWIKI_PUBLIC_URL"].present?
+    end
+  end
+end

app/models/concerns/settings/nostr_settings.rb

@@ -0,0 +1,25 @@
+module Settings
+  module NostrSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :nostr_enabled, type: :boolean,
+        default: ENV["NOSTR_PRIVATE_KEY"].present?
+
+      field :nostr_private_key, type: :string,
+        default: ENV["NOSTR_PRIVATE_KEY"].presence
+
+      field :nostr_public_key, type: :string,
+        default: ENV["NOSTR_PUBLIC_KEY"].presence
+
+      field :nostr_public_key_primary_domain, type: :string,
+        default: ENV["NOSTR_PUBLIC_KEY_PRIMARY_DOMAIN"].presence
+
+      field :nostr_relay_url, type: :string,
+        default: ENV["NOSTR_RELAY_URL"].presence
+
+      field :nostr_zaps_relay_limit, type: :integer,
+        default: 12
+    end
+  end
+end

app/models/concerns/settings/open_collective_settings.rb

@@ -0,0 +1,9 @@
+module Settings
+  module OpenCollectiveSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :opencollective_enabled, type: :boolean, default: true
+    end
+  end
+end

app/models/concerns/settings/remote_storage_settings.rb

@@ -0,0 +1,16 @@
+module Settings
+  module RemoteStorageSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :remotestorage_enabled, type: :boolean,
+        default: ENV["RS_STORAGE_URL"].present?
+
+      field :rs_storage_url, type: :string,
+        default: ENV["RS_STORAGE_URL"].presence
+
+      field :rs_redis_url, type: :string,
+        default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
+    end
+  end
+end

app/models/concerns/settings/xmpp_settings.rb

@@ -0,0 +1,11 @@
+module Settings
+  module XmppSettings
+    extend ActiveSupport::Concern
+
+    included do
+      field :xmpp_default_rooms, type: :array, default: []
+      field :xmpp_autojoin_default_rooms, type: :boolean, default: false
+      field :xmpp_notifications_from_address, type: :string, default: primary_domain
+    end
+  end
+end

app/models/donation.rb

@@ -4,12 +4,25 @@ class Donation < ApplicationRecord
 
   # Validations
   validates_presence_of :user
-  validates_presence_of :amount_sats
-  validates_presence_of :paid_at
-
-  # Hooks
-  # TODO before_create :store_fiat_value
+  validates_presence_of :donation_method,
+    inclusion: { in: %w[ custom btcpay lndhub ] }
+  validates_presence_of :payment_status, allow_nil: true,
+    inclusion: { in: %w[ processing settled ] }
+  validates_presence_of :paid_at, allow_nil: true
+  validates_presence_of :amount_sats, allow_nil: true
+  validates_presence_of :fiat_amount, allow_nil: true
+  validates_presence_of :fiat_currency, allow_nil: true,
+    inclusion: { in: %w[ EUR USD ] }
 
   #Scopes
-  scope :completed, -> { where.not(paid_at: nil) }
+  scope :processing, -> { where(payment_status: "processing") }
+  scope :completed, -> { where(payment_status: "settled") }
+
+  def processing?
+    payment_status == "processing"
+  end
+
+  def completed?
+    payment_status == "settled"
+  end
 end

app/models/remote_storage_authorization.rb

@@ -1,7 +1,8 @@
 class RemoteStorageAuthorization < ApplicationRecord
   belongs_to :user
+  belongs_to :web_app, class_name: "AppCatalog::WebApp", optional: true
 
-  serialize :permissions
+  serialize :permissions unless Rails.env.production?
 
   validates_presence_of :permissions
   validates_presence_of :client_id
@@ -15,22 +16,36 @@ class RemoteStorageAuthorization < ApplicationRecord
 
   before_create  :generate_token
   before_create  :store_token_in_redis
+  before_create  :find_or_create_web_app
   after_create   :schedule_token_expiry
+  after_create   :notify_user
   before_destroy :delete_token_from_redis
   after_destroy  :remove_token_expiry_job
 
   def url
-    if self.redirect_uri
-      uri = URI.parse self.redirect_uri
-      "#{uri.scheme}://#{client_id}"
+    uri = URI.parse self.redirect_uri
+    "#{uri.scheme}://#{client_id}"
+  end
+
+  def launch_url
+    return url unless web_app && web_app.metadata[:start_url].present?
+
+    start_url = web_app.metadata[:start_url]
+
+    if start_url.match("^https?:\/\/")
+      return start_url.start_with?(url) ? start_url : url
     else
-      "http://#{client_id}"
+      path = start_url.gsub(/^\.\.\//, "").gsub(/^\.\//, "").gsub(/^\//, "")
+      "#{url}/#{path}"
     end
   end
 
   def delete_token_from_redis
-    key = "rs:authorizations:#{user.address}:#{token}"
+    key = "authorizations:#{user.cn}:#{token}"
     redis.srem? key, redis.smembers(key)
+  rescue => e
+    Rails.logger.error e
+    Sentry.capture_exception(e) if Setting.sentry_enabled?
   end
 
   private
@@ -44,7 +59,7 @@ class RemoteStorageAuthorization < ApplicationRecord
     end
 
     def store_token_in_redis
-      redis.sadd "rs:authorizations:#{user.address}:#{token}", permissions
+      redis.sadd "authorizations:#{user.cn}:#{token}", permissions
     end
 
     def schedule_token_expiry
@@ -60,4 +75,40 @@ class RemoteStorageAuthorization < ApplicationRecord
         job.delete if job.display_args == [id]
       end
     end
+
+    def find_or_create_web_app
+      if looks_like_hosted_origin?
+        web_app = AppCatalog::WebApp.find_or_create_by!(url: self.url)
+        web_app.update_metadata unless web_app.name.present?
+        self.web_app = web_app
+        self.app_name = web_app.name.presence || client_id
+      else
+        self.app_name = client_id
+      end
+    end
+
+    def looks_like_hosted_origin?
+      uri = URI.parse self.redirect_uri
+      !!(uri.host =~ /(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)/)
+    rescue URI::InvalidURIError
+      false
+    end
+
+    def notify_user
+      notify = user.preferences[:remotestorage_notify_auth_created]
+
+      case notify
+      when "xmpp"
+        router = Router.new
+        payload = {
+          type: "normal", to: user.address,
+          from: Setting.xmpp_notifications_from_address,
+          body: "You have just granted '#{self.client_id}' access to your Kosmos Storage. Visit your Storage dashboard to check on your connected apps and revoke permissions anytime: #{router.services_storage_url}"
+        }
+        XmppSendMessageJob.perform_later(payload)
+      when "email"
+        NotificationMailer.with(user: user, auth: self)
+                          .remotestorage_auth_created.deliver_later
+      end
+    end
 end

app/models/setting.rb

@@ -2,149 +2,30 @@
 class Setting < RailsSettings::Base
   cache_prefix { "v1" }
 
-  field :primary_domain, type: :string,
-    default: ENV["PRIMARY_DOMAIN"].presence
+  Dir[Rails.root.join('app', 'models', 'concerns', 'settings', '*.rb')].each do |file|
+    require file
+  end
 
-  field :accounts_domain, type: :string,
-    default: ENV["AKKOUNTS_DOMAIN"].presence
+  include Settings::GeneralSettings
+  include Settings::BtcpaySettings
+  include Settings::DiscourseSettings
+  include Settings::DroneCiSettings
+  include Settings::EjabberdSettings
+  include Settings::EmailSettings
+  include Settings::GiteaSettings
+  include Settings::LightningNetworkSettings
+  include Settings::MastodonSettings
+  include Settings::MediaWikiSettings
+  include Settings::NostrSettings
+  include Settings::OpenCollectiveSettings
+  include Settings::RemoteStorageSettings
+  include Settings::XmppSettings
 
-  #
-  # Internal services
-  #
+  def self.available_services
+    known_services = SERVICES[:external].keys
+    known_services.select {|s| Setting.send "#{s}_enabled?" }
+  end
 
-  field :redis_url, type: :string,
-    default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
-
-  #
-  # Registrations
-  #
-
-  field :reserved_usernames, type: :array, default: %w[
-    account accounts donations mail webmaster support
-  ]
-
-  #
-  # XMPP
-  #
-
-  field :xmpp_default_rooms, type: :array, default: []
-  field :xmpp_autojoin_default_rooms, type: :boolean, default: false
-  field :xmpp_notifications_from_address, type: :string, default: primary_domain
-
-  #
-  # Sentry
-  #
-
-  field :sentry_enabled, type: :boolean, readonly: true,
-    default: (ENV["SENTRY_DSN"].present?.to_s || false)
-
-  #
-  # Discourse
-  #
-
-  field :discourse_public_url, type: :string,
-    default: ENV["DISCOURSE_PUBLIC_URL"].presence
-
-  field :discourse_enabled, type: :boolean,
-    default: (ENV["DISCOURSE_PUBLIC_URL"].present?.to_s || false)
-
-  field :discourse_connect_secret, type: :string,
-    default: ENV["DISCOURSE_CONNECT_SECRET"].presence
-
-  #
-  # Drone CI
-  #
-
-  field :droneci_public_url, type: :string,
-    default: ENV["DRONECI_PUBLIC_URL"].presence
-
-  field :droneci_enabled, type: :boolean,
-    default: (ENV["DRONECI_PUBLIC_URL"].present?.to_s || false)
-
-  #
-  # ejabberd
-  #
-
-  field :ejabberd_enabled, type: :boolean,
-    default: (ENV["EJABBERD_API_URL"].present?.to_s || false)
-
-  field :ejabberd_api_url, type: :string,
-    default: ENV["EJABBERD_API_URL"].presence
-
-  field :ejabberd_admin_url, type: :string,
-    default: ENV["EJABBERD_ADMIN_URL"].presence
-
-  field :ejabberd_buddy_roster, type: :string,
-    default: "Buddies"
-
-  #
-  # Gitea
-  #
-
-  field :gitea_public_url, type: :string,
-    default: ENV["GITEA_PUBLIC_URL"].presence
-
-  field :gitea_enabled, type: :boolean,
-    default: (ENV["GITEA_PUBLIC_URL"].present?.to_s || false)
-
-  #
-  # Lightning Network
-  #
-
-  field :lndhub_api_url, type: :string,
-    default: ENV["LNDHUB_API_URL"].presence
-
-  field :lndhub_enabled, type: :boolean,
-    default: (ENV["LNDHUB_API_URL"].present?.to_s || false)
-
-  field :lndhub_admin_enabled, type: :boolean,
-    default: (ENV["LNDHUB_ADMIN_UI"] || false)
-
-  field :lndhub_public_key, type: :string,
-    default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
-
-  field :lndhub_keysend_enabled, type: :boolean,
-    default: -> { self.lndhub_public_key.present?.to_s || false }
-
-  #
-  # Mastodon
-  #
-
-  field :mastodon_public_url, type: :string,
-    default: ENV["MASTODON_PUBLIC_URL"].presence
-
-  field :mastodon_enabled, type: :boolean,
-    default: (ENV["MASTODON_PUBLIC_URL"].present?.to_s || false)
-
-  field :mastodon_address_domain, type: :string,
-    default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
-
-  #
-  # MediaWiki
-  #
-
-  field :mediawiki_public_url, type: :string,
-    default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
-
-  field :mediawiki_enabled, type: :boolean,
-    default: (ENV["MEDIAWIKI_PUBLIC_URL"].present?.to_s || false)
-
-  #
-  # Nostr
-  #
-
-  field :nostr_enabled, type: :boolean, default: true
-
-  #
-  # RemoteStorage
-  #
-
-  field :remotestorage_enabled, type: :boolean,
-    default: (ENV["RS_STORAGE_URL"].present?.to_s || false)
-
-  field :rs_storage_url, type: :string,
-    default: ENV["RS_STORAGE_URL"].presence
-
-  field :rs_redis_url, type: :string,
-    default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
+  field :default_services, type: :array,
+    default: self.available_services
 end

app/models/user.rb

@@ -1,24 +1,34 @@
+require 'nostr'
+
 class User < ApplicationRecord
   include EmailValidatable
 
   attr_accessor :display_name
+  attr_accessor :avatar_new
+  attr_accessor :current_password
 
-  serialize :preferences, UserPreferences
+  serialize :preferences, coder: UserPreferences
 
+  #
   # Relations
+  #
+
   has_many :invitations, dependent: :destroy
   has_one  :invitation, inverse_of: :invitee, foreign_key: 'invited_user_id'
   has_one  :inviter, through: :invitation, source: :user
   has_many :invitees, through: :invitations
-
   has_many :donations, dependent: :nullify
+  has_many :remote_storage_authorizations
+  has_many :zaps
 
   has_one  :lndhub_user, class_name: "LndhubUser", inverse_of: "user",
                          primary_key: "ln_account", foreign_key: "login"
 
   has_many :accounts, through: :lndhub_user
 
-  has_many :remote_storage_authorizations
+  #
+  # Validations
+  #
 
   validates_uniqueness_of :cn, scope: :ou
   validates_length_of :cn, minimum: 3
@@ -30,7 +40,8 @@ class User < ApplicationRecord
                            message: "is invalid. Usernames need to start with a letter."
   # FIXME This needs a server restart to apply values
   validates_format_of :cn, without: /\A(#{Setting.reserved_usernames.join('|')})\z/i,
-                           message: "has already been taken"
+                           message: "has already been taken",
+                           unless: Proc.new{ |u| u.persisted? }
 
   validates_uniqueness_of :email
   validates :email, email: true
@@ -38,12 +49,20 @@ class User < ApplicationRecord
   validates_length_of :display_name, minimum: 3, maximum: 35, allow_blank: true,
                                      if: -> { defined?(@display_name) }
 
-  validates_uniqueness_of :nostr_pubkey, allow_blank: true
+  validate :acceptable_avatar
+
+  #
+  # Scopes
+  #
 
   scope :confirmed,  -> { where.not(confirmed_at: nil) }
   scope :pending,    -> { where(confirmed_at: nil) }
   scope :all_except, -> (user) { where.not(id: user) }
 
+  #
+  # Encrypted database columns
+  #
+
   has_encrypted :ln_login, :ln_password
 
   # Include default devise modules. Others available are:
@@ -70,13 +89,12 @@ class User < ApplicationRecord
   def devise_after_confirmation
     if ldap_entry[:mail] != self.email
       # E-Mail update confirmed
-      LdapManager::UpdateEmail.call(self.dn, self.email)
+      LdapManager::UpdateEmail.call(dn: self.dn, address: self.email)
     else
-      # TODO Make configurable
       # E-Mail from signup confirmed (i.e. account activation)
-      enable_service %w[ discourse gitea mediawiki xmpp ]
+      enable_default_services
 
-      #TODO enable in development when we have easy setup of ejabberd etc.
+      # TODO enable in development when we have easy setup of ejabberd etc.
       return if Rails.env.development? || !Setting.ejabberd_enabled?
 
       XmppExchangeContactsJob.perform_later(inviter, self) if inviter.present?
@@ -112,7 +130,7 @@ class User < ApplicationRecord
 
   def mastodon_address
     return nil unless Setting.mastodon_enabled?
-    "#{self.cn}@#{Setting.mastodon_address_domain}"
+    "#{self.cn.gsub("-", "_")}@#{Setting.mastodon_address_domain}"
   end
 
   def valid_attribute?(attribute_name)
@@ -120,10 +138,8 @@ class User < ApplicationRecord
     self.errors[attribute_name].blank?
   end
 
-  def ln_create_invoice(payload)
-    lndhub = Lndhub.new
-    lndhub.authenticate self
-    lndhub.addinvoice payload
+  def enable_default_services
+    enable_service Setting.default_services
   end
 
   def dn
@@ -140,22 +156,39 @@ class User < ApplicationRecord
     @display_name ||= ldap_entry[:display_name]
   end
 
+  def nostr_pubkey
+    @nostr_pubkey ||= ldap_entry[:nostr_key]
+  end
+
+  def nostr_pubkey_bech32
+    return nil unless nostr_pubkey.present?
+    Nostr::PublicKey.new(nostr_pubkey).to_bech32
+  end
+
+  def avatar
+    @avatar_base64 ||= LdapManager::FetchAvatar.call(cn: cn)
+  end
+
   def services_enabled
-    ldap_entry[:service] || []
+    ldap_entry[:services_enabled] || []
+  end
+
+  def service_enabled?(name)
+    services_enabled.map(&:to_sym).include?(name.to_sym)
   end
 
   def enable_service(service)
     current_services = services_enabled
     new_services = Array(service).map(&:to_s)
-    services = (current_services + new_services).uniq
-    ldap.replace_attribute(dn, :service, services)
+    services = (current_services + new_services).uniq.sort
+    ldap.replace_attribute(dn, :serviceEnabled, services)
   end
 
   def disable_service(service)
     current_services = services_enabled
     disabled_services = Array(service).map(&:to_s)
-    services = (current_services - disabled_services).uniq
-    ldap.replace_attribute(dn, :service, services)
+    services = (current_services - disabled_services).uniq.sort
+    ldap.replace_attribute(dn, :serviceEnabled, services)
   end
 
   def disable_all_services
@@ -168,4 +201,17 @@ class User < ApplicationRecord
       return @ldap_service if defined?(@ldap_service)
       @ldap_service = LdapService.new
     end
+
+    def acceptable_avatar
+      return unless avatar_new.present?
+
+      if avatar_new.size > 1.megabyte
+        errors.add(:avatar, "file size is too large")
+      end
+
+      acceptable_types = ["image/jpeg", "image/png"]
+      unless acceptable_types.include?(avatar_new.content_type)
+        errors.add(:avatar, "must be a JPEG or PNG file")
+      end
+    end
 end

app/models/user_preferences.rb

@@ -26,4 +26,8 @@ class UserPreferences
     end
     hash.stringify_keys!.to_h
   end
+
+  def self.pref_keys
+    DEFAULT_PREFS.keys.map(&:to_sym)
+  end
 end

app/models/zap.rb

@@ -0,0 +1,20 @@
+class Zap < ApplicationRecord
+  belongs_to :user
+
+  scope :settled, -> { where.not(settled_at: nil) }
+  scope :unpaid, -> { where(settled_at: nil) }
+
+  def request_event
+    nostr_event_from_hash(request)
+  end
+
+  def receipt_event
+    nostr_event_from_hash(receipt)
+  end
+
+  private
+
+    def nostr_event_from_hash(hash)
+      Nostr::Event.new(**hash.symbolize_keys)
+    end
+end

app/services/app_catalog_manager/update_metadata.rb

@@ -0,0 +1,63 @@
+require "manifique"
+require "down"
+
+module AppCatalogManager
+  class UpdateMetadata < AppCatalogManagerService
+    def initialize(app:)
+      @app = app
+    end
+
+    def call
+      agent = Manifique::Agent.new(url: @app.url)
+      metadata = agent.fetch_metadata
+
+      @app.name = metadata.name
+
+      [:name, :short_name, :description, :theme_color, :background_color,
+       :display, :start_url, :scope, :share_target, :icons].each do |prop|
+        @app.metadata[prop] = metadata.send(prop) if prop
+      end
+
+      @app.save!
+
+      # TODO move icon downloads to separate, async job
+
+      if icon = metadata.select_icon(sizes: "256x256") ||
+         icon = metadata.select_icon(sizes: "192x192")
+        attach_remote_image(:icon, icon)
+        # TODO elsif get whatever is available
+      end
+
+      if apple_touch_icon = metadata.select_icon(purpose: "apple-touch-icon")
+        attach_remote_image(:apple_touch_icon, apple_touch_icon)
+      end
+    rescue Manifique::Error => e
+      msg = "Fetching web app manifest failed for #{e.url}: #{e.type}"
+      Rails.logger.warn(msg)
+      Sentry.capture_message(msg) if Setting.sentry_enabled?
+      false
+    end
+
+    def attach_remote_image(attachment_name, icon)
+      if icon['src'].start_with?("http")
+        download_url = icon['src']
+      else
+        download_url = "#{@app.url}/#{icon["src"].gsub(/^\//,'')}"
+      end
+      filename = "#{attachment_name}-#{Time.now.to_i}.png"
+      key = "web_apps/#{@app.id}/icons/#{filename}"
+
+      begin
+        tempfile = Down.download(download_url)
+        @app.send(attachment_name).attach(key: key, io: tempfile, filename: filename)
+      rescue Down::NotFound
+        msg = "Download of \"#{attachment_name}\" failed: NotFound error for #{download_url}"
+        Rails.logger.warn(msg)
+        Sentry.capture_message(msg)
+      rescue => e
+        Rails.logger.warn "Saving attachment \"#{attachment_name}\" failed: \"#{e.message}\""
+        Sentry.capture_exception(e) if Setting.sentry_enabled?
+      end
+    end
+  end
+end

app/services/app_catalog_manager_service.rb

@@ -0,0 +1,2 @@
+class AppCatalogManagerService < ApplicationService
+end

app/services/application_service.rb

@@ -1,7 +1,7 @@
 class ApplicationService
   # This enables executing a service's `#call` method directly via
   # `MyService.call(args)`, without creating a class instance it first.
-  def self.call(*args, &block)
-    new(*args, &block).call
+  def self.call(**args, &block)
+    new(**args, &block).call
   end
 end