cacert-boardvoting/pipeline/head This commit looks good Details
- remove nextPotentialRun.Add that had no effect
|5 months ago|
|cmd/boardvoting||11 months ago|
|debian||11 months ago|
|internal||5 months ago|
|ui||5 months ago|
|.gitignore||11 months ago|
|.golangci.yml||1 year ago|
|.goreleaser.yml||11 months ago|
|Jenkinsfile||5 months ago|
|LICENSE||4 years ago|
|Makefile||11 months ago|
|README.md||5 months ago|
|cacert-boardvoting.service||2 years ago|
|config.yaml.example||1 year ago|
|go.mod||5 months ago|
|go.sum||5 months ago|
|package-lock.json||1 year ago|
|package.json||1 year ago|
|semantic.json||1 year ago|
CAcert board voting service
This project contains the source code for the CAcert board voting software running on https://motion.cacert.org/.
The board voting system is meant to be used by the elected committee members of CAcert Inc. to allow them to do votes on decisions in a distributed way. The system keeps track of the individual decisions and votes. It takes care of authenticating board members using client certificates and performs timekeeping for decisions. The system sends voting requests to all board members and takes care of sending reminders as well es decision results.
There is a concept of proxy votes that mean that one member of the board is allowed to vote in representation of another member of a board.
The CAcert board voting software is licensed under the terms of the Apache License, Version 2.0.
Copyright 2017-2022 Jan Dittberner
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this program except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an " AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
The CAcert board voting software is a Go reimplementation of the ancient PHP implementation that had been serving the
CAcert board. The Subversion repository at https://svn.cacert.cl/Software does not exist anymore, so the last available
version from http://community.cacert.org/board/ has been taken from the system. The latest file changed was
with a change date of 2011-05-15 23:13 UTC. The latest svn revision was:
Path: . URL: https://svn.cacert.cl/Software/Voting/vote Repository Root: https://svn.cacert.cl/Software Repository UUID: d4452222-2f33-11de-9270-010000000000 Revision: 66 Node Kind: directory Schedule: normal Last Changed Author: community.cacert.org Last Changed Rev: 66 Last Changed Date: 2009-07-12 04:02:38 +0000 (Sun, 12 Jul 2009)
Local development requires
- golang >= 1.19
- sqlite3 and development headers
- GNU make
On a Debian 12 (Bookworm) system you can run the following command to get all required dependencies:
sudo apt install libsqlite3-dev golang-go make gulp
Clone the code via git:
git clone ssh://git.cacert.org/var/cache/git/cacert-boardvoting.git
To get started copy
config.yaml and customize the parameters. You will also need a set of
X.509 certificates and a private key because the application performs TLS Client certificate authentication. You might
openssl to create a self-signed server certificate and retrieve the CAcert class 3 root from the CAcert website:
openssl req -new -newkey rsa:2048 -keyout server.key -x509 -out server.crt -subj '/CN=localhost' curl -o cacert_class3.pem http://www.cacert.org/certs/class3_X0E.crt
It is advisable to have a local mail setup that intercepts outgoing email or to use email addresses that you control.
You can use the following table to find useful values for the parameters in
|Parameter||Description||How to get a valid value|
||a SQLite database file (production value is
||keep the default or use something like
||File containing allowed client certificate CA certificates (production value is
||use the shell code above|
||X.509 certificate that is used to identify your server (i.e.
||use the filename used as
||PEM encoded private key file (i.e.
||use the filename used as
||Mail server host (production value is
||Mail server TCP port (production value is
||see how to setup a debugging SMTP server below and choose the port of that (default
||The base URL of your application instance (production value is https://motions.cacert.org)||use https://localhost:8443|
||email address where notifications about votes are sent (production value is firstname.lastname@example.org)||be creative but do not spam others (i.e. use email@example.com)|
||email address where notifications about individual votes are sent (production value is firstname.lastname@example.org)||be creative but do not spam others (i.e. use email@example.com)|
||sender address for all mails sent by the system (production value is firstname.lastname@example.org)||be creative but do not spam others (i.e. use email@example.com)|
||idle timeout setting for HTTP and HTTPS (default: 1 minute)||specify a nano second value|
||read timeout setting for HTTP and HTTPS (default: 5 seconds)|
||header read timeout setting for HTTP and HTTPS (default: 5 seconds)|
||write timeout setting for HTTP and HTTPS (default: 10 seconds)|
Generating random byte values
dd if=/dev/urandom bs=32 count=1 2>/dev/null | base64
Debugging SMTP server
You can use aiosmtpd to set up a small testing SMTP server that logs to stdout:
sudo apt install python3-aiosmtpd python3 -m aiosmtpd -n
Another good local SMTP debugging tool is MailHog which provides a web based user interface and a REST API to inspect received mails.
Build and run
Build UI resources
Fomantic-UI is used as a CSS framework. Configuration is stored in
semantic.json in the
project root directory.
Building the UI resource requires
- NodeJS >= v8
- NPM >= v5
To install fomantic-ui and build the UI resources do:
npm install cd node_modules/fomantic-ui npx gulp build
├── cmd │ └── boardvoting ├── config.yaml.example ├── debian ├── go.mod ├── go.sum ├── internal │ ├── app │ ├── forms │ ├── handlers │ ├── jobs │ ├── mailtemplates │ ├── mailtemplates.go │ ├── middleware │ ├── migrations │ ├── migrations.go │ ├── models │ ├── notifications │ └── validator ├── Jenkinsfile ├── LICENSE ├── Makefile ├── package.json ├── package-lock.json ├── README.md ├── semantic.json └── ui ├── efs.go ├── html ├── semantic └── static
cmd/boardvoting directory contains the application code.
internal/migrations directory contains database migration scripts.
Static assets and Go templates for HTML pages are stored in
Email templates are stored in
All Go code besides the main application is stored in subdirectories of
ui/semantic directory contains a download of Fomantic-UI.
The entry point into the application is
Makefile controls the build
Jenkinsfile contains the pipeline definition for the Continuous Integration Job.
npm install to download them into a local
semantic.json is the
configuration file for the Fomantic-UI CSS framework.