Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add ability to manage plugins through the web UI #715

Open
david-kalmakoff opened this issue Nov 1, 2024 · 4 comments
Open

add ability to manage plugins through the web UI #715

david-kalmakoff opened this issue Nov 1, 2024 · 4 comments

Comments

@david-kalmakoff
Copy link
Contributor

Is your feature request related to a problem? Please describe.
It is frustrating to have to upload plugin files on the sever to install or update them. This becomes even more of a problem when developing plugins, were you have to do this often.

Describe the solution you'd like
It would be great to have an upload button on the plugins page to upload the plugin file to the server.
A delete and update button on the individual plugin page to make changes to existing plugins.
We would also need a way to restart the Gotify service through the UI to apply the changes.

Additional context
I can foresee an issue with breaking the Gotify service from a broken or incompatible plugin. This is already an issue when manually uploading a plugin file. Currently it is not that bad since you will already be changing files at the server level. I think there may be problems that occur when opening up the plugins feature to more users who may not readily access the service's files.

This is something I would be glad to implement if others would find value in it.

@david-kalmakoff david-kalmakoff added the a:feature New feature or request label Nov 1, 2024
@eternal-flame-AD
Copy link
Member

I would think it is a security concern as the privilege of "admin" in gotify is way less than the privilege of arbitrary code execution. It is just a middle ground between a highly constrained execution environment (JS, etc) and requiring you to completely rebuild the container often.

It has been on my table to update some "in hindsight" things to the plugin template. https://github.com/eternal-flame-AD/gotify-webhook-misskey/blob/main/Makefile https://github.com/eternal-flame-AD/gotify-broadcast/blob/master/Makefile

The latter one has CI supporting 2 years of gotify releases (the first one uses recent golang features so only 2 releases).

@david-kalmakoff
Copy link
Contributor Author

I agree that the security concerns would out weigh the value gained from the feature.

@eternal-flame-AD
Copy link
Member

For plugin implementations in golang we are theoretically there are two ways to safely do what you want I know:

One is Hashicorp Vault's approach (Custom code signing), you can either preauthorize the hash or a code signer on the platform and admins can update on the fly, probably too complex for gotify.

Another one is use a WASM runtime and physically enforce user boundary as we do now.

I think let's wait until more people need this feature to decide whether to actually do it.

@najtin
Copy link

najtin commented Nov 5, 2024

I don't think everything needs a GUI. There is always the option to mount the remote drive and do ctrl+c and ctrl+v. Please feel free to disagree and share your opinion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

3 participants