Skip to content
STARTTLS Everywhere web backend and checker
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
checker
db
models
policy
validator
views
.dockerignore
.env.example
.env.test.example
.gitignore
.travis.yml
Dockerfile
LICENSE.txt
README.md
api.go
api_test.go
docker-compose.yml
email.go
email_test.go
entrypoint.sh
main.go
main_test.go
middleware.go
middleware_test.go
queue_test.go
scan_test.go
stats.go
stats_test.go
util.go
util_test.go

README.md

STARTTLS Everywhere Backend API

Build Status Coverage Status

starttls-backend is the JSON backend for starttls-everywhere.org. It provides endpoints to run security checks against email domains and manage the status of those domain's on EFF's STARTTLS Everywhere policy list.

Setup

  1. Install go and postgres.
  2. Download the project and copy the configuration file:
go get github.com/EFForg/starttls-backend
cd $GOPATH/github.com/EFForg/starttls-backend
cp .env.example .env
cp .env.test.example .env.test
  1. Edit .env and .env.test with your postgres credentials and any other changes.
  2. Ensure postgres is running, then run db/scripts/init_tables.sql in the appropriate postgres DBs in order to initialize your development and test databases.
  3. Build the scanner and start serving requests:
go build
./starttls-backend

Via Docker

cp .env.example .env
cp .env.test.example .env.test
docker-compose build
docker-compose up

To automatically on container start, set DB_MIGRATE=true in the .env file.

Testing

Test all packages in this repo with

go test -v ./...

The main and db packages contain integration tests that require a successful connection to the Postgres database. The remaining packages do not require the database to pass tests.

Configuration

No-scan domains

In case of complaints or abuse, we may not want to continually scan some domains. You can set the environment variable DOMAIN_BLACKLIST to point to a file with a list of newline-separated domains. Attempting to scan those domains from the public-facing website will result in error codes.

API

To request a scan:

POST /api/scan
{
  "domain": "example.com"
}
You can’t perform that action at this time.