Mosis Portal
Developer portal and app store backend for Mosis.
Overview
mosis-portal is a self-hosted Go server that provides:
- Developer Portal - Account management, app submission, signing key registration
- App Store API - App discovery, download, and updates for devices
- Review System - Automated and manual app review pipeline
- Telemetry - Usage analytics and crash reporting
Architecture
Single Go binary + SQLite + Litestream
├── Go 1.22+ with Chi router
├── SQLite (WAL mode) via modernc.org/sqlite (pure Go)
├── Litestream for continuous backup
└── Ed25519 for package signing
Quick Start
Local Development
# Run with Go
go run ./cmd/server
# Or build and run
go build -o mosis-portal ./cmd/server
./mosis-portal
Docker
# Build and run
docker-compose up --build
# Or build image directly
docker build -t mosis-portal .
docker run -p 8080:8080 -v ./data:/data mosis-portal
Synology NAS Deployment
-
Copy files to NAS:
scp -r . nas:/volume1/docker/mosis-portal/ -
Create data directories:
ssh nas "mkdir -p /volume1/mosis/{data,packages,backups}" -
Update docker-compose.yml volumes:
volumes: - /volume1/mosis/data:/data - /volume1/mosis/packages:/packages - /volume1/mosis/backups:/backups -
Deploy:
docker-compose up -d
Configuration
Environment variables:
| Variable | Default | Description |
|---|---|---|
LISTEN_ADDR |
:8080 |
Server listen address |
BASE_URL |
http://localhost:8080 |
Public URL for OAuth callbacks |
DATABASE_PATH |
./data/portal.db |
SQLite database path |
PACKAGES_DIR |
./packages |
App package storage |
BACKUPS_DIR |
./backups |
Litestream backup location |
JWT_SECRET |
(required) | Secret for JWT signing |
GITHUB_CLIENT_ID |
(optional) | GitHub OAuth client ID |
GITHUB_CLIENT_SECRET |
(optional) | GitHub OAuth client secret |
GOOGLE_CLIENT_ID |
(optional) | Google OAuth client ID |
GOOGLE_CLIENT_SECRET |
(optional) | Google OAuth client secret |
API Endpoints
Authentication
POST /v1/auth/oauth/github Start GitHub OAuth
GET /v1/auth/oauth/github/callback GitHub callback
POST /v1/auth/oauth/google Start Google OAuth
GET /v1/auth/oauth/google/callback Google callback
POST /v1/auth/refresh Refresh tokens
POST /v1/auth/logout Logout
GET /v1/auth/me Get current user
Apps
GET /v1/apps List developer's apps
POST /v1/apps Create new app
GET /v1/apps/:id Get app details
PATCH /v1/apps/:id Update app
DELETE /v1/apps/:id Delete app
GET /v1/apps/:id/versions List versions
POST /v1/apps/:id/versions Upload new version
POST /v1/apps/:id/versions/:vid/submit Submit for review
POST /v1/apps/:id/versions/:vid/publish Publish
Store (Public)
GET /v1/store/apps Browse/search apps
GET /v1/store/apps/:id App details
GET /v1/store/apps/:id/download Download latest version
GET /v1/store/apps/updates Check for updates
Telemetry
POST /v1/telemetry/events Batch event upload
POST /v1/telemetry/crash Crash report
Package Format
Mosis apps use the .mosis format (signed ZIP archive):
com.developer.app-1.0.0.mosis
├── manifest.json # App metadata
├── META-INF/
│ ├── MANIFEST.MF # SHA-256 hashes
│ └── CERT.SIG # Ed25519 signature
├── icons/
│ ├── icon-32.png
│ ├── icon-64.png
│ └── icon-128.png
└── assets/
├── main.rml
└── scripts/app.lua
Development
Project Structure
portal/
├── cmd/server/ # Main entry point
├── internal/
│ ├── api/ # HTTP handlers
│ │ └── handlers/
│ ├── config/ # Configuration
│ └── database/ # SQLite operations
├── pkg/mospkg/ # Package format library
│ ├── manifest.go # Manifest parsing
│ ├── validator.go # Package validation
│ └── signer.go # Ed25519 signing
├── Dockerfile
├── docker-compose.yml
├── litestream.yml
└── go.mod
Testing
go test ./...
Building
# Local
go build -o mosis-portal ./cmd/server
# Cross-compile for Linux/ARM64 (Synology)
GOOS=linux GOARCH=arm64 go build -o mosis-portal-arm64 ./cmd/server
License
Proprietary - OmixLab LTD