Add Libravatar Avatars plugin#3
Open
shukiv wants to merge 1 commit into
Open
Conversation
A hook-type plugin that resolves Libravatar profile pictures via the onAvatarResolve transform hook — a federated, privacy-friendly Gravatar alternative. Modelled on the bundled Gravatar plugin: SHA-256 email hash, seccdn.libravatar.org endpoint, HEAD existence check with d=404 fallthrough, persistent hit/miss cache with in-flight coalescing, configurable size + fallback style, defers to higher-priority avatar plugins. Differs from Gravatar: no content-rating param (Libravatar has none), and no DNS-SRV delegation (client sandbox) so it targets the central CDN.
shukiv
added a commit
to shukiv/jabali-panel
that referenced
this pull request
Jun 19, 2026
The plugin's real home is Bulwark's plugins marketplace repo, submitted as bulwarkmail/plugins#3 (modelled on the official gravatar plugin). Replace the earlier thin scaffold (which had a defer bug + empty permissions) with a pointer to the PR + fork source.
Member
|
You can also publish it yourself it you want to submit it yourself |
shukiv
added a commit
to shukiv/jabali-panel
that referenced
this pull request
Jun 19, 2026
Ships the first-party Libravatar avatar plugin into jabali's Bulwark webmail so sender/recipient avatars resolve from Libravatar out of the box (the plugin form of the parked #214 mailbox-avatar work; built version of bulwarkmail/plugins#3). Bulwark 1.7.x gates dev-folder plugin bundles behind host Ed25519 signing + an admin approval before they load, and relocating the admin config dir is required because ProtectSystem=strict makes /opt/jabali-webmail/data read-only. install_bulwark now sets PLUGIN_DEV_DIR + ADMIN_CONFIG_DIR (writable state volume) in bulwark.env, ships the vendored built plugin to PLUGIN_DEV_DIR/libravatar, and pre-seeds plugin-approvals.json with an approved entry keyed by the bundle sha256 (re-stamped every run; other plugins' approvals preserved). Signing key auto-generates once the config dir is writable. Validated end-to-end on a live host: function recreates plugin dir + approval from scratch, webmail restarts clean (0 EROFS), /api/plugins lists libravatar, signing pubkey returns an ed25519 key. Visual avatar render needs a logged-in mailbox to confirm.
Author
|
Thanks! Found the self-publish route — |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a Libravatar Avatars plugin — Libravatar is a federated, privacy-friendly Gravatar alternative.
Modelled directly on the bundled
gravatarplugin (sameonAvatarResolvetransform hook, same esbuild build, same cache/coalescing pattern), with the Libravatar-specific differences:seccdn.libravatar.org(the public delegation CDN).settingsSchemaissize+defaultStyleonly.d=404so it defers to the host's initials/favicon when an address has no avatar.Caveat: a browser-sandboxed plugin can't do Libravatar's DNS-SRV delegation lookup, so this targets the central CDN (which still serves avatars for domains that delegate to it). Self-hosted Libravatar servers that don't delegate to the CDN aren't reached client-side.
Built with the documented flow (
npm run build→dist/index.js→ zipped withmanifest.jsonaslibravatar.zip). Authored against the current plugin types; I don't have a live instance to load-test it on — a sanity check from a maintainer with one would be appreciated.Context: this replaces a core PR I'd opened on the webmail repo (bulwarkmail/webmail#447) before the
onAvatarResolvehook existed; that's now closed in favour of this plugin form.