No description
  • Rust 63.5%
  • TypeScript 33.5%
  • Astro 1.9%
  • CSS 0.4%
  • Makefile 0.3%
  • Other 0.2%
Find a file
Joshua Marsh (icub3d) c693d7beb3
Some checks failed
Security Audit / Gitleaks (Secrets) (push) Successful in 10s
Security Audit / Trivy (SCA & IaC) (push) Failing after 19s
Security Audit / PNPM Audit (JS SCA) (push) Failing after 21s
Security Audit / Semgrep (SAST) (push) Failing after 1m24s
Release / Server binary (linux/amd64) (push) Successful in 1m43s
Security Audit / Cargo Audit (Rust SCA) (push) Failing after 3m33s
Release / Tauri client (linux/amd64) (push) Successful in 9m42s
Release / Docker image (push) Successful in 53m0s
fix(dev): client2 port handling — env-driven vite port, pnpm exec for --config
pnpm run forwards a literal `--` to the tauri CLI, which made it treat
--config as app arguments, so the client2 merge config never applied and
vite started on 1420. Use `pnpm exec tauri dev --config …` instead, and
drive the vite port with DECENTCOM_DEV_PORT read by vite.config.ts rather
than relying on a beforeDevCommand override.
2026-07-11 12:34:16 -06:00
.cargo refactor(infra): workspace deps, slim tokio, audit.toml, robust Dockerfile, CI fmt (#92) 2026-07-09 20:07:40 -06:00
.claude/skills open source security 2026-05-04 11:27:10 -06:00
.forgejo/workflows refactor(infra): workspace deps, slim tokio, audit.toml, robust Dockerfile, CI fmt (#92) 2026-07-09 20:07:40 -06:00
.gemini unify skills 2026-04-15 12:00:02 -06:00
.vscode chore: make implement gh usage non-interactive 2026-04-15 08:48:05 -06:00
client fix(dev): client2 port handling — env-driven vite port, pnpm exec for --config 2026-07-11 12:34:16 -06:00
docs chore(dev): two-client dev environment and punchlist status (#114) 2026-07-11 12:27:05 -06:00
sdk/rust refactor(server): standardize handler check order; unify pagination (#89) 2026-07-10 21:45:06 -06:00
server feat(gateway): ACL-gate private channel subscriptions (#114) 2026-07-11 11:50:41 -06:00
shared feat(api): DM & group DM endpoints with ACL-gated channel access (#114) 2026-07-11 11:50:41 -06:00
site cleanup 2026-07-08 20:56:28 -06:00
test-configs feat(bots): add LLM chatbot with Ollama provider (#74) 2026-07-10 22:14:23 -06:00
tools chore(dev): two-client dev environment and punchlist status (#114) 2026-07-11 12:27:05 -06:00
.dockerignore fix: add register-bot stub to Dockerfile and remove sdk/tools from .dockerignore (#64) 2026-04-23 11:44:43 -06:00
.gitignore ignore worktrees 2026-04-24 17:25:25 -06:00
AGENTS.md cleanup 2026-07-08 20:56:28 -06:00
Cargo.lock feat(bots): add LLM chatbot with Ollama provider (#74) 2026-07-10 22:14:23 -06:00
Cargo.toml feat(bots): add LLM chatbot with Ollama provider (#74) 2026-07-10 22:14:23 -06:00
Dockerfile refactor(infra): workspace deps, slim tokio, audit.toml, robust Dockerfile, CI fmt (#92) 2026-07-09 20:07:40 -06:00
LICENSE initial documentation 2026-04-13 07:25:28 -06:00
Makefile fix(dev): client2 port handling — env-driven vite port, pnpm exec for --config 2026-07-11 12:34:16 -06:00
Procfile fix(dev): client2 port handling — env-driven vite port, pnpm exec for --config 2026-07-11 12:34:16 -06:00
Procfile.servers feat: replace test-setup with SDK-based seeding (#101) (#103) 2026-04-19 12:46:49 -06:00
README.md docs: add Docker deployment section to README (#64) 2026-04-23 11:30:07 -06:00

decentcom

Decentralized Communication — open-source, self-hostable community software where your identity is a cryptographic key pair you own and no central authority controls your server.

"Decent" in the name is intentional: a decent (good) way to communicate, built on decentralized infrastructure.

Philosophy

  • No central authority. Servers are fully self-managed. There is no decentcom.io account required to run or join a server.
  • Users own their identity. Authentication is built on public key cryptography. Servers store only your public key — never a password or credential.
  • Server operators are in control. Each server chooses its own policies: open or invite-only, which features are enabled, how data is stored, and what content is allowed.
  • Open source first. The software is MIT-licensed. A managed hosting service will eventually be offered as a revenue model, but the core will always be free and open.

Tech Stack

Layer Technology
Backend Rust (axum, tokio, sqlx)
Desktop client Tauri v2 + React + TypeScript
Styling Tailwind CSS + Catppuccin themes (Mocha default)
Auth Ed25519 public key cryptography (no passwords)
Realtime WebSockets
Voice / Video WebRTC

Design Documents

Architecture and feature decisions are documented in docs/design/:

Prerequisites

To develop decentcom you will need:

Project Structure

decentcom/
├── server/          # Rust backend (axum HTTP + WebSocket server)
├── client/          # Tauri + React frontend
│   ├── src/         # React app (TypeScript)
│   ├── src-tauri/   # Tauri host (Rust)
│   └── public/
├── docs/
│   └── design/      # Architecture and design documents
└── README.md

Development

Local development runs three test servers, a one-shot seeder, and the Tauri client together under Overmind. Orchestration is wrapped in a Makefile.

  • Open Server (port 8081): Open membership mode.
  • Private Server (port 8082): Invite-only mode.
  • Strict Server (port 8083): Allowlist mode, restricted features.
  • Seed: tools/sdk-seed — runs once after the servers come up and populates each one with channels, members, messages, etc., via the public REST API (using decentcom-sdk).
  • Client: The Tauri dev server with hot reload.

First run

make clean   # remove test DBs, WebView storage, and OS keychain entries
make setup   # install client deps, stage keychain entries + WebView localStorage
make dev     # start the 3 servers, run the seeder, then start the client

make dev keeps everything in one attached overmind session. The seeder is one-shot — it exits cleanly once seeding finishes (OVERMIND_CAN_DIE=seed keeps the rest of the session alive).

Other targets

  • make servers — start only the 3 test servers (no seeder, no client).
  • make seed — re-run the SDK seeder against already-running servers.
  • make client — start only the Tauri client.
  • make test / make lint / make build — run the workspace tests, clippy + ESLint, or cargo build.
  • make help — list every target.

Tips

  • Inspect one server: overmind connect private
  • Restart one node: overmind restart open
  • Stop everything: Press Ctrl+C in the overmind session.

Running the server with Docker

Pre-built multi-arch images (linux/amd64, linux/arm64) are published to GHCR on every push to main and on version tags.

# Pull the latest image
docker pull ghcr.io/icub3d/decentcom-server:latest

# Run with a bind-mounted config and a named volume for persistent data
docker run -d \
  --name decentcom \
  -p 8080:8080 \
  -v /path/to/decentcom.toml:/config/decentcom.toml:ro \
  -v decentcom-data:/data \
  ghcr.io/icub3d/decentcom-server:latest

The container expects:

Path Purpose
/config/decentcom.toml Server configuration (bind-mount, read-only)
/data/decentcom.db SQLite database (via the /data volume)
/data/media Uploaded media files (via the /data volume)

A minimal decentcom.toml for Docker:

[server]
name = "My Community"

[network]
bind_address = "0.0.0.0:8080"

[storage]
backend = "sqlite"
database_path = "/data/decentcom.db"
media_path = "/data/media"

Building locally

docker build -t decentcom-server .
docker run -d \
  -p 8080:8080 \
  -v $(pwd)/test-configs/open.toml:/config/decentcom.toml:ro \
  -v /tmp/decentcom-data:/data \
  decentcom-server

License

MIT — see LICENSE.