A rather simple Spring Boot application to manage subscriptions (e.g. to a newsletter).
On /subscribe a new subscription can be added. Before a subscription becomes active,
the double opt-in process has to be completed by clicking on the link in the confirmation email.
On /unsubscribe an existing subscription can be removed.
On /manage all subscriptions can be managed. It is possible to activate subscriptions
(skipping the double opt-in process) and delete subscriptions. A list of all active
subscriptions can be copied to the clipboard to be used in an email.
To run the application, Java 25 or higher, a PostgreSQL database and an SMTP server are required.
A PostgreSQL database is required to run the application. To set up a local database, you can use Docker:
docker run --name dev-subscriptiontool -e POSTGRES_PASSWORD=PASSWORD -p 5000:5432 -d postgres
docker exec -it dev-subscriptiontool psql -U postgres
CREATE DATABASE subscriptiontool;
Change the configuration values in application.properties to match your environment.
Basic authentication protects private endpoints (e.g., /actuator). The username and password can
be configured by using the following properties:
subscriptiontool.web.username=USERNAMEsubscriptiontool.web.password=PASSWORDThe password is hashed using Bcrypt. To create a password hash, use the following command:
mkpasswd -m bcrypt (on Debian GNU/Linux mkpasswd is part of the whois package).
Translation to other languages can be done by editing the messages.properties file.
To run the application as a systemd service, create a dedicated user (e.g. spring) first.
Then place the executable JAR file in /opt/spring and create a service unit:
[Unit]
Description=subscription-tool
After=syslog.target
[Service]
User=spring
ExecStart=java -Dserver.port=8090 -jar /opt/spring/subscription-tool.jar
SuccessExitStatus=143
[Install]
WantedBy=multi-user.target
(/etc/systemd/system/subscription-tool.service)
Use systemctl enable subscription-tool.service to enable the service. When running, the
application will be available at http://localhost:8090/.
When the application is exposed to the internet, it should be used behind a reverse proxy. For example, use nginx to handle secure TLS connections to the application. Also, set up a reasonable rate limit to avoid DOS and brute force attacks.