Vadym/postiz-app
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Compare commits

base: Vadym:main
Branches Tags
Vadym:main
Vadym:fix/mcp-attachment-validation
Vadym:fix/tiktok-pending-share-error-message
Vadym:dependabot/npm_and_yarn/npm_and_yarn-0b6ad11b3f
Vadym:feat/sentry-post-logs
Vadym:feat/sentry-logging-tags
Vadym:dependabot/npm_and_yarn/npm_and_yarn-61a64ced10
Vadym:fix/tiktok-fetch-method
Vadym:snyk-fix-67f96066cc823a44f9193a54d92cb16e
Vadym:snyk-fix-539ac653428a8087489f9476d5cf102c
Vadym:sentry-user
Vadym:flyio-new-files
Vadym:feat/mintlify-auto-updates
Vadym:sentry-masking
Vadym:v2.21.7
Vadym:v2.21.6
Vadym:v2.21.5
Vadym:v2.21.4
Vadym:v2.21.3
Vadym:v2.21.2
Vadym:v2.21.1
Vadym:v2.21.0
Vadym:v2.20.2
Vadym:v2.20.1
Vadym:v2.20.0
Vadym:v2.19.0
Vadym:v2.18.0
Vadym:v2.17.0
Vadym:v2.16.0
Vadym:v2.15.1
Vadym:v2.15.0
Vadym:v2.14.0
Vadym:v2.13.0
Vadym:v2.12.1
Vadym:v2.12.0
Vadym:v2.11.3
Vadym:v2.11.2
Vadym:v2.11.1
Vadym:v2.11.0
Vadym:v2.10.1
Vadym:v2.10.0
Vadym:v2.9.0
Vadym:v2.8.3
Vadym:v2.8.2
Vadym:v2.8.1
Vadym:v2.8.0
Vadym:v2.7.0
Vadym:v2.6.4
Vadym:v2.6.3
Vadym:v2.6.2
Vadym:v2.6.1
Vadym:v2.6.0
Vadym:v2.5.4
Vadym:v2.5.3
Vadym:v2.4.3
Vadym:v2.5.2
Vadym:v2.5.1
Vadym:v2.5.0
Vadym:v2.4.2
Vadym:v2.4.1
Vadym:v2.4.0
Vadym:v2.3.1
Vadym:v2.3.0
Vadym:v2.2.5
Vadym:v2.2.4
Vadym:v2.2.3
Vadym:v2.2.1
Vadym:v2.2.0
Vadym:v2.1.2
Vadym:v2.1.1
Vadym:v2.1.0
Vadym:v2.0.8
Vadym:v2.0.7
Vadym:v2.0.6
Vadym:v2.0.5
Vadym:v2.0.4
Vadym:v2.0.3
Vadym:v2.0.2
Vadym:ALPHA-0.1.0
Vadym:v2.0.1
Vadym:v2.0.0
Vadym:v1.65.7
Vadym:v1.65.6
Vadym:v1.65.5
Vadym:v1.65.4
Vadym:v1.65.3
Vadym:v1.65.2
Vadym:v1.65.1
Vadym:v1.65.0
Vadym:v1.64.1
Vadym:v1.64.0
Vadym:v1.63.0
Vadym:v1.62.3
Vadym:v1.62.2
Vadym:v1.62.1
Vadym:v1.62.0
Vadym:v1.61.3
Vadym:v1.61.2
Vadym:v1.61.0
Vadym:v1.60.1
Vadym:v1.60.0
Vadym:v1.59.0
Vadym:v1.58.0
Vadym:v1.57.0
Vadym:v1.56.0
Vadym:v1.55.5
Vadym:v1.55.4
Vadym:v1.55.3
Vadym:v1.55.2
Vadym:v1.55.1
Vadym:v1.55.0
Vadym:v1.54.1
Vadym:v1.54.0
Vadym:v1.53.0
Vadym:v1.52.2
Vadym:v1.52.1
Vadym:v1.52.0
Vadym:v1.51.0
Vadym:v1.50.0
Vadym:v1.49.1
Vadym:v1.49.0
Vadym:v1.48.4
Vadym:v1.48.3
Vadym:v1.48.2
Vadym:v1.48.1
Vadym:v1.48.0
Vadym:v1.47.0
Vadym:v1.46.0
Vadym:v1.45.1
Vadym:v1.44.2
Vadym:v1.44.1
Vadym:v1.43.5
Vadym:v1.43.4
Vadym:v1.43.3
Vadym:v1.43.2
Vadym:v1.43.1
Vadym:v1.43.0
Vadym:v1.42.1
Vadym:v1.41.1
Vadym:v1.41.0
Vadym:v1.40.1
Vadym:v1.40.0
Vadym:v1.39.3
Vadym:v1.39.2
Vadym:v1.39.1
Vadym:v1.39.0
Vadym:v1.38.2
Vadym:v1.38.1
Vadym:v1.37.4
Vadym:v1.37.3
Vadym:v1.37.2
Vadym:v1.37.1
Vadym:v1.36.1
Vadym:v1.35.1
Vadym:v1.34.1
Vadym:v1.33.2
Vadym:v1.33.1
Vadym:v1.32.1
Vadym:v1.31.1
Vadym:v1.30.1
Vadym:v1.29.1
Vadym:v1.28.1
Vadym:v1.27.2
Vadym:v1.27.1
Vadym:v1.26.1
Vadym:v1.25.1
Vadym:v1.24.1
Vadym:v1.23.2
Vadym:v1.23.1
Vadym:v1.22.1
Vadym:v1.21.1
Vadym:v1.20.1
Vadym:v1.19.1
Vadym:v1.17.1
Vadym:v1.16.1
Vadym:v1.15.2
Vadym:v1.15.1
Vadym:v1.14.1
Vadym:v1.13.1
Vadym:v1.12.1
Vadym:v1.12.0
Vadym:v1.11.4
Vadym:v1.11.3
Vadym:v1.11.2
Vadym:v1.11.1
Vadym:v1.10.1
Vadym:v1.10.0
Vadym:v1.9.0
Vadym:v1.8.1
Vadym:v1.7.12
Vadym:v1.6.12
Vadym:v1.6.11
Vadym:v1.6.10
Vadym:v1.6.9
Vadym:v1.6.8
Vadym:v1.6.7
Vadym:v1.6.6
Vadym:v1.6.5
Vadym:v1.6.4
Vadym:v1.6.3
Vadym:v1.6.2
Vadym:v1.6.1
Vadym:1.6.0
Vadym:v1.5.0
Vadym:v1.4.0
Vadym:v1.3.0
Vadym:v1.2.0
Vadym:v1.1.0
Vadym:v1.0.0
Vadym:v0.0.1
..
compare: Vadym:flyio-new-files
Branches Tags
Vadym:fix/mcp-attachment-validation
Vadym:main
Vadym:fix/tiktok-pending-share-error-message
Vadym:dependabot/npm_and_yarn/npm_and_yarn-0b6ad11b3f
Vadym:feat/sentry-post-logs
Vadym:feat/sentry-logging-tags
Vadym:dependabot/npm_and_yarn/npm_and_yarn-61a64ced10
Vadym:fix/tiktok-fetch-method
Vadym:snyk-fix-67f96066cc823a44f9193a54d92cb16e
Vadym:snyk-fix-539ac653428a8087489f9476d5cf102c
Vadym:sentry-user
Vadym:flyio-new-files
Vadym:feat/mintlify-auto-updates
Vadym:sentry-masking
Vadym:v2.21.7
Vadym:v2.21.6
Vadym:v2.21.5
Vadym:v2.21.4
Vadym:v2.21.3
Vadym:v2.21.2
Vadym:v2.21.1
Vadym:v2.21.0
Vadym:v2.20.2
Vadym:v2.20.1
Vadym:v2.20.0
Vadym:v2.19.0
Vadym:v2.18.0
Vadym:v2.17.0
Vadym:v2.16.0
Vadym:v2.15.1
Vadym:v2.15.0
Vadym:v2.14.0
Vadym:v2.13.0
Vadym:v2.12.1
Vadym:v2.12.0
Vadym:v2.11.3
Vadym:v2.11.2
Vadym:v2.11.1
Vadym:v2.11.0
Vadym:v2.10.1
Vadym:v2.10.0
Vadym:v2.9.0
Vadym:v2.8.3
Vadym:v2.8.2
Vadym:v2.8.1
Vadym:v2.8.0
Vadym:v2.7.0
Vadym:v2.6.4
Vadym:v2.6.3
Vadym:v2.6.2
Vadym:v2.6.1
Vadym:v2.6.0
Vadym:v2.5.4
Vadym:v2.5.3
Vadym:v2.4.3
Vadym:v2.5.2
Vadym:v2.5.1
Vadym:v2.5.0
Vadym:v2.4.2
Vadym:v2.4.1
Vadym:v2.4.0
Vadym:v2.3.1
Vadym:v2.3.0
Vadym:v2.2.5
Vadym:v2.2.4
Vadym:v2.2.3
Vadym:v2.2.1
Vadym:v2.2.0
Vadym:v2.1.2
Vadym:v2.1.1
Vadym:v2.1.0
Vadym:v2.0.8
Vadym:v2.0.7
Vadym:v2.0.6
Vadym:v2.0.5
Vadym:v2.0.4
Vadym:v2.0.3
Vadym:v2.0.2
Vadym:ALPHA-0.1.0
Vadym:v2.0.1
Vadym:v2.0.0
Vadym:v1.65.7
Vadym:v1.65.6
Vadym:v1.65.5
Vadym:v1.65.4
Vadym:v1.65.3
Vadym:v1.65.2
Vadym:v1.65.1
Vadym:v1.65.0
Vadym:v1.64.1
Vadym:v1.64.0
Vadym:v1.63.0
Vadym:v1.62.3
Vadym:v1.62.2
Vadym:v1.62.1
Vadym:v1.62.0
Vadym:v1.61.3
Vadym:v1.61.2
Vadym:v1.61.0
Vadym:v1.60.1
Vadym:v1.60.0
Vadym:v1.59.0
Vadym:v1.58.0
Vadym:v1.57.0
Vadym:v1.56.0
Vadym:v1.55.5
Vadym:v1.55.4
Vadym:v1.55.3
Vadym:v1.55.2
Vadym:v1.55.1
Vadym:v1.55.0
Vadym:v1.54.1
Vadym:v1.54.0
Vadym:v1.53.0
Vadym:v1.52.2
Vadym:v1.52.1
Vadym:v1.52.0
Vadym:v1.51.0
Vadym:v1.50.0
Vadym:v1.49.1
Vadym:v1.49.0
Vadym:v1.48.4
Vadym:v1.48.3
Vadym:v1.48.2
Vadym:v1.48.1
Vadym:v1.48.0
Vadym:v1.47.0
Vadym:v1.46.0
Vadym:v1.45.1
Vadym:v1.44.2
Vadym:v1.44.1
Vadym:v1.43.5
Vadym:v1.43.4
Vadym:v1.43.3
Vadym:v1.43.2
Vadym:v1.43.1
Vadym:v1.43.0
Vadym:v1.42.1
Vadym:v1.41.1
Vadym:v1.41.0
Vadym:v1.40.1
Vadym:v1.40.0
Vadym:v1.39.3
Vadym:v1.39.2
Vadym:v1.39.1
Vadym:v1.39.0
Vadym:v1.38.2
Vadym:v1.38.1
Vadym:v1.37.4
Vadym:v1.37.3
Vadym:v1.37.2
Vadym:v1.37.1
Vadym:v1.36.1
Vadym:v1.35.1
Vadym:v1.34.1
Vadym:v1.33.2
Vadym:v1.33.1
Vadym:v1.32.1
Vadym:v1.31.1
Vadym:v1.30.1
Vadym:v1.29.1
Vadym:v1.28.1
Vadym:v1.27.2
Vadym:v1.27.1
Vadym:v1.26.1
Vadym:v1.25.1
Vadym:v1.24.1
Vadym:v1.23.2
Vadym:v1.23.1
Vadym:v1.22.1
Vadym:v1.21.1
Vadym:v1.20.1
Vadym:v1.19.1
Vadym:v1.17.1
Vadym:v1.16.1
Vadym:v1.15.2
Vadym:v1.15.1
Vadym:v1.14.1
Vadym:v1.13.1
Vadym:v1.12.1
Vadym:v1.12.0
Vadym:v1.11.4
Vadym:v1.11.3
Vadym:v1.11.2
Vadym:v1.11.1
Vadym:v1.10.1
Vadym:v1.10.0
Vadym:v1.9.0
Vadym:v1.8.1
Vadym:v1.7.12
Vadym:v1.6.12
Vadym:v1.6.11
Vadym:v1.6.10
Vadym:v1.6.9
Vadym:v1.6.8
Vadym:v1.6.7
Vadym:v1.6.6
Vadym:v1.6.5
Vadym:v1.6.4
Vadym:v1.6.3
Vadym:v1.6.2
Vadym:v1.6.1
Vadym:1.6.0
Vadym:v1.5.0
Vadym:v1.4.0
Vadym:v1.3.0
Vadym:v1.2.0
Vadym:v1.1.0
Vadym:v1.0.0
Vadym:v0.0.1

1 commit
main ... flyio-new-

Author SHA1 Message Date
Fly.io
384cf55738 New files from Fly.io Launch
Some checks failed
Build / build (22.12.0) (push) Has been cancelled
Details
2026-02-19 16:16:00 +00:00
307 changed files with 16876 additions and 21490 deletions
Show stats Expand all files Collapse all files

1
.env.example
View file

@ -40,7 +40,6 @@ STORAGE_PROVIDER="local"
#NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY=""
# Social Media API Settings
X_URL=""
X_API_KEY=""
X_API_SECRET=""
LINKEDIN_CLIENT_ID=""

7
.github/PULL_REQUEST_TEMPLATE.md vendored
View file

@ -1,5 +1,3 @@
<!-- Remember to first apply via [the contribution form](https://contribute.postiz.com/p/postiz) before submitting a PR. -->
# What kind of change does this PR introduce?
eg: Bug fix, feature, docs update, ...
@ -17,6 +15,5 @@ eg: Did you discuss this change with anybody before working on it (not required,
Put a "X" in the boxes below to indicate you have followed the checklist;
- [ ] I have read the [CONTRIBUTING](https://github.com/gitroomhq/postiz-app/blob/main/CONTRIBUTING.md) guide.
- [ ] I confirm I have not used AI to submit this PR or generate code for it.
- [ ] I checked that there were no similar issues or PRs already open for this.
- [ ] This PR fixes just ONE issue
- [ ] I checked that there were not similar issues or PRs already open for this.
- [ ] This PR fixes just ONE issue (do not include multiple issues or types of change in the same PR) For example, don't try and fix a UI issue and include new dependencies in the same PR.

11
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,11 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"

22
.github/workflows/build.yml vendored
View file

@ -3,8 +3,6 @@ name: Build
on:
push:
merge_group:
pull_request:
jobs:
build:
@ -29,7 +27,7 @@ jobs:
- name: Install pnpm
uses: pnpm/action-setup@v2
with:
version: 10
version: 8
run_install: false
- name: Get pnpm store directory
@ -37,15 +35,15 @@ jobs:
run: |
echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
# - name: Setup pnpm cache
# uses: actions/cache@v4
# with:
# path: |
# ${{ env.STORE_PATH }}
# ${{ github.workspace }}/.next/cache
# key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
# restore-keys: |
# ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-
- name: Setup pnpm cache
uses: actions/cache@v4
with:
path: |
${{ env.STORE_PATH }}
${{ github.workspace }}/.next/cache
key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
restore-keys: |
${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-
- name: Install dependencies
run: pnpm install

4
.github/workflows/codeql.yml vendored
View file

@ -1,5 +1,5 @@
---
name: "Code Quality Analysis"
name: "Code Quality Analysis"
on:
push:
@ -9,8 +9,6 @@ on:
- apps/**
- '!apps/docs/**'
- libraries/**
merge_group:
jobs:
analyze:

38
.github/workflows/pr-docker-build.yml vendored Normal file
View file

@ -0,0 +1,38 @@
name: Build and Publish PR Docker Image
on:
pull_request_target:
types: [opened, synchronize]
permissions: write-all
jobs:
build-and-publish:
runs-on: ubuntu-latest
environment:
name: build-pr
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Set image tag
id: vars
run: echo "IMAGE_TAG=ghcr.io/gitroomhq/postiz-app-pr:${{ github.event.pull_request.number }}" >> $GITHUB_ENV
- name: Build Docker image from Dockerfile.dev
run: docker build -f Dockerfile.dev -t $IMAGE_TAG .
- name: Push Docker image to GHCR
run: docker push $IMAGE_TAG

5
.gitignore vendored
View file

@ -19,7 +19,7 @@ node_modules
.vscode/*
# IDE - VSCode
.vscode/
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
@ -58,6 +58,3 @@ Thumbs.db
.secrets/
libraries/plugins/src/plugins.ts
i18n.cache
# Generated by apps/frontend/scripts/fetch-gtm.mjs on install
apps/frontend/public/g.js

9
CONTRIBUTING.md
View file

@ -6,10 +6,6 @@ Contributions are welcome - code, docs, whatever it might be! If this is your fi
The main documentation site has a [developer guide](https://docs.postiz.com/developer-guide) . That guide provides you a good understanding of the project structure, and how to setup your development environment. Read this document after you have read that guide. This document is intended to provide you a good understanding of how to submit your first contribution.
## Apply via the contribution form
To submit your contribution, please fill out the [contribution form](https://contribute.postiz.com/p/postiz). This helps us evaluate whether your contribution is a good fit for the project. We will review your submission and get back to you as soon as possible.
## Write code with others
This is an open source project, with an open and welcoming community that is always keen to welcome new contributors. We recommend the two best ways to interact with the community are:
@ -31,11 +27,6 @@ Contributions can include:
- **Feature requests:** Suggesting new capabilities or integrations.
- **Bug reports:** Identifying and reporting issues.
## AI
To ensure the quality and maintainability of the codebase, **we do not accept Pull Requests generated primarily by AI tools** (e.g., ChatGPT, GitHub Copilot, Claude Code, etc.).
All contributions must be the original work of the author. We reserve the right to close any PR that appears to be AI-generated without further review.
## How to contribute
This project follows a Fork/Feature Branch/Pull Request model. If you're not familiar with this, here's how it works:

41
Dockerfile Normal file
View file

@ -0,0 +1,41 @@
# Install dependencies only when needed
FROM node:16-alpine AS builder
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
RUN apk add --no-cache libc6-compat
WORKDIR /app
COPY . .
RUN yarn install --frozen-lockfile
# If using npm with a `package-lock.json` comment out above and use below instead
# RUN npm ci
ENV NEXT_TELEMETRY_DISABLED 1
# Add `ARG` instructions below if you need `NEXT_PUBLIC_` variables
# then put the value on your fly.toml
# Example:
# ARG NEXT_PUBLIC_EXAMPLE="value here"
RUN yarn build
# If using npm comment out above and use below instead
# RUN npm run build
# Production image, copy all the files and run next
FROM node:16-alpine AS runner
WORKDIR /app
ENV NODE_ENV production
ENV NEXT_TELEMETRY_DISABLED 1
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
COPY --from=builder /app ./
USER nextjs
CMD ["yarn", "start"]
# If using npm comment out above and use below instead
# CMD ["npm", "run", "start"]

19
README.md
View file

@ -65,6 +65,20 @@
<a href="https://apps.make.com/postiz">Make.com integration</a>
</p>
<br />
## New - Postiz-as-a-service - Enterprise (Cloud)
Integrate powerful social media scheduling capabilities into your SaaS. <br />Multi-tenant architecture designed for SaaS companies who want to offer social media management to their users.
- **Skip App Approvals** - Use Postiz apps directly without going through lengthy social platform approval processes. Get the full power of Postiz instantly.
- **Multi-Tenant Architecture** - each of your customers gets their own isolated environment with separate accounts, channels, and team management.
- **Headless API** - Full REST API access to build your own frontend experience. Complete control over the user interface and branding.
- **Full OAuth Support** - Connect all major social platforms including Facebook, Instagram, Twitter, LinkedIn, TikTok, and more.
[Check it here](https://postiz.com/enterprise)
<br /><br />
## 🔌 See the leading Postiz features
@ -85,10 +99,7 @@
| Sponsor | Logo | Description |
|---------|:-----------------------------------------------------------------------:|-----------------|
| [Hostinger](https://www.hostinger.com/vps/docker/postiz?ref=postiz) | <img src=".github/sponsors/hostinger.png" alt="Hostinger" width="500"/> | Hostinger is on a mission to make online success possible for anyone from developers to aspiring bloggers and business owners |
| [Virlo](https://dev.virlo.ai/?ref=postiz) | <img src="https://github.com/user-attachments/assets/25182598-5344-45fc-b9cd-e4cfa16aabfd" alt="Virlo" width="500"/> | Virlo is the #1 social media trend spotting and all-in-one GTM tool for teams leveraging short-form video |
| [Hostinger](https://www.hostinger.com/?ref=postiz) | <img src=".github/sponsors/hostinger.png" alt="Hostinger" width="500"/> | Hostinger is on a mission to make online success possible for anyone from developers to aspiring bloggers and business owners |
# Intro

46
SECURITY.md
View file

@ -4,48 +4,26 @@
The Postiz app is committed to ensuring the security and integrity of our users' data. This security policy outlines our procedures for handling security vulnerabilities and our disclosure policy.
## Scope
We, at Postiz (gitroomhq), cover the following scopes for vulnerability disclosures:
- The core repository for `postiz-app` (github.com/gitroomhq/postiz-app)
- All `gitroomhq` repositories that are official components, tooling, or integrations of Postiz
- Official Postiz container images published under `gitroomhq` on GHCR
- Official Postiz CLI tools and NPM packages (NPM org: @postiz)
- Postiz-Cloud related infrastructure & services. (API, Frontend, Configurations etc.)
- Plugins for Postiz maintained within the `gitroomhq` organization
Vulnerabilities in third-party dependencies or user-hosted infrastructure are outside of this scope.
## Supported Versions
This project currently only supports the latest release. We recommend that users always use the latest version of the Postiz app to ensure they have the latest security patches.
*CVE IDs will only be assigned to vulnerabilities affecting currently supported versions.*
## Reporting Security Vulnerabilities
If you discover a security vulnerability in the Postiz app, please report it through the [GitHub Security Advisory system](https://github.com/gitroomhq/postiz-app/security/advisories/new).
If you discover a security vulnerability in the Postiz app, please report it to us privately via email to one of the maintainers:
- @nevo-david
- @ennogelhaus ([email](mailto:gelhausenno@outlook.de))
When reporting a security vulnerability, please provide as much detail as possible, including:
- A clear description of the vulnerability
- Proof of concept (PoC), where possible
- Steps to reproduce the vulnerability
- Any relevant code or configuration files
If the report has immediate urgency, please contact one (or more) of the maintainers via email:
## Supported Versions
- @egelhaus ([E-Mail](mailto:egelhaus@ennogelhaus.de))
### AI Reports
Reports that appear to be LLM-generated without meaningful human analysis — typically lacking a working proof of concept, reproducible steps, or accurate impact assessment — will be closed without detailed response.
Reports that include AI-assisted analysis are welcome provided they have been validated by the reporter and include a proof of concept, reproduction steps, and impact assessment.
This project currently only supports the latest release. We recommend that users always use the latest version of the Postiz app to ensure they have the latest security patches.
## Disclosure Guidelines
We follow a private disclosure policy. If you discover a security vulnerability, please report it to us privately via GitHub Security Advisories, and if immediate urgency, via email as listed above. We will respond promptly to reports of vulnerabilities and work to resolve them as quickly as possible.
We follow a private disclosure policy. If you discover a security vulnerability, please report it to us privately via email to one of the maintainers listed above. We will respond promptly to reports of vulnerabilities and work to resolve them as quickly as possible.
We will not publicly disclose security vulnerabilities until a patch or fix is available to prevent malicious actors from exploiting the vulnerability before a fix is released.
@ -58,12 +36,8 @@ We take security vulnerabilities seriously and will respond promptly to reports
- Releasing the patch or fix as soon as possible.
- Notifying users of the vulnerability and the patch or fix.
## Response Timelines
## Template Attribution
We aim to follow these timelines:
This SECURITY.md file is based on the [GitHub Security Policy Template](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository).
- **Initial Acknowledgment:** Within 72 hours of initial report.
- **Completed Triage / Verification:** Within 7 days of initial acknowledgment.
- **Critical Issue Remediation:** Within 90 days of completed triage.
- **Non-Critical Issue Remediation:** Within 180 days of completed triage.
- **CVE Publication:** Within 24 hours of remediation release.
Thank you for helping to keep the `postiz-app` secure!

23
apps/backend/src/api/api.module.ts
View file

@ -33,17 +33,6 @@ import { ThirdPartyController } from '@gitroom/backend/api/routes/third-party.co
import { MonitorController } from '@gitroom/backend/api/routes/monitor.controller';
import { NoAuthIntegrationsController } from '@gitroom/backend/api/routes/no.auth.integrations.controller';
import { EnterpriseController } from '@gitroom/backend/api/routes/enterprise.controller';
import { OAuthAppController } from '@gitroom/backend/api/routes/oauth-app.controller';
import { ApprovedAppsController } from '@gitroom/backend/api/routes/approved-apps.controller';
import { OAuthController, OAuthAuthorizedController } from '@gitroom/backend/api/routes/oauth.controller';
import { AnnouncementsController } from '@gitroom/backend/api/routes/announcements.controller';
import { AdminController } from '@gitroom/backend/api/routes/admin.controller';
import { AuthProviderManager } from '@gitroom/backend/services/auth/providers/providers.manager';
import { GithubProvider } from '@gitroom/backend/services/auth/providers/github.provider';
import { GoogleProvider } from '@gitroom/backend/services/auth/providers/google.provider';
import { FarcasterProvider } from '@gitroom/backend/services/auth/providers/farcaster.provider';
import { WalletProvider } from '@gitroom/backend/services/auth/providers/wallet.provider';
import { OauthProvider } from '@gitroom/backend/services/auth/providers/oauth.provider';
const authenticatedController = [
UsersController,
@ -60,11 +49,6 @@ const authenticatedController = [
AutopostController,
SetsController,
ThirdPartyController,
OAuthAppController,
ApprovedAppsController,
OAuthAuthorizedController,
AnnouncementsController,
AdminController,
];
@Module({
imports: [UploadModule],
@ -76,7 +60,6 @@ const authenticatedController = [
MonitorController,
EnterpriseController,
NoAuthIntegrationsController,
OAuthController,
...authenticatedController,
],
providers: [
@ -92,12 +75,6 @@ const authenticatedController = [
TrackService,
ShortLinkService,
Nowpayments,
AuthProviderManager,
GithubProvider,
GoogleProvider,
FarcasterProvider,
WalletProvider,
OauthProvider,
],
get exports() {
return [...this.imports, ...this.providers];

47
apps/backend/src/api/routes/admin.controller.ts
View file

@ -1,47 +0,0 @@
import {
Controller,
Get,
HttpException,
Query,
} from '@nestjs/common';
import { GetUserFromRequest } from '@gitroom/nestjs-libraries/user/user.from.request';
import { User } from '@prisma/client';
import { ApiTags } from '@nestjs/swagger';
import { ErrorsService } from '@gitroom/nestjs-libraries/database/prisma/errors/errors.service';
@ApiTags('Admin')
@Controller('/admin')
export class AdminController {
constructor(private _errorsService: ErrorsService) {}
private assertSuperAdmin(user: User) {
if (!user?.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
}
@Get('/errors')
async listErrors(
@GetUserFromRequest() user: User,
@Query('page') page?: string,
@Query('limit') limit?: string,
@Query('platform') platform?: string,
@Query('email') email?: string,
@Query('unknownFirst') unknownFirst?: string
) {
this.assertSuperAdmin(user);
return this._errorsService.listErrors({
page: page ? parseInt(page, 10) : 0,
limit: limit ? parseInt(limit, 10) : 20,
platform: platform || undefined,
email: email || undefined,
unknownFirst: unknownFirst === 'true' || unknownFirst === '1',
});
}
@Get('/errors/platforms')
async listPlatforms(@GetUserFromRequest() user: User) {
this.assertSuperAdmin(user);
return this._errorsService.listPlatforms();
}
}

47
apps/backend/src/api/routes/announcements.controller.ts
View file

@ -1,47 +0,0 @@
import {
Body,
Controller,
Delete,
Get,
HttpException,
Param,
Post,
} from '@nestjs/common';
import { GetUserFromRequest } from '@gitroom/nestjs-libraries/user/user.from.request';
import { User } from '@prisma/client';
import { ApiTags } from '@nestjs/swagger';
import { AnnouncementsService } from '@gitroom/nestjs-libraries/database/prisma/announcements/announcements.service';
import { AnnouncementDto } from '@gitroom/nestjs-libraries/dtos/announcements/announcements.dto';
@ApiTags('Announcements')
@Controller('/announcements')
export class AnnouncementsController {
constructor(private _announcementsService: AnnouncementsService) {}
@Get('/')
async getAnnouncements() {
return this._announcementsService.getAnnouncements();
}
@Post('/')
async createAnnouncement(
@GetUserFromRequest() user: User,
@Body() body: AnnouncementDto
) {
if (!user.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
return this._announcementsService.createAnnouncement(body);
}
@Delete('/:id')
async deleteAnnouncement(
@GetUserFromRequest() user: User,
@Param('id') id: string
) {
if (!user.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
return this._announcementsService.deleteAnnouncement(id);
}
}

24
apps/backend/src/api/routes/approved-apps.controller.ts
View file

@ -1,24 +0,0 @@
import { Controller, Delete, Get, Param } from '@nestjs/common';
import { GetUserFromRequest } from '@gitroom/nestjs-libraries/user/user.from.request';
import { User } from '@prisma/client';
import { ApiTags } from '@nestjs/swagger';
import { OAuthService } from '@gitroom/nestjs-libraries/database/prisma/oauth/oauth.service';
@ApiTags('Approved Apps')
@Controller('/user/approved-apps')
export class ApprovedAppsController {
constructor(private _oauthService: OAuthService) {}
@Get('/')
async list(@GetUserFromRequest() user: User) {
return this._oauthService.getApprovedApps(user.id);
}
@Delete('/:id')
async revoke(
@GetUserFromRequest() user: User,
@Param('id') id: string
) {
return this._oauthService.revokeApp(user.id, id);
}
}

25
apps/backend/src/api/routes/auth.controller.ts
View file

@ -199,19 +199,6 @@ export class AuthController {
};
}
@Get('/oauth-mobile-callback')
mobileCallback(
@Query('code') code: string,
@Query('state') state: string,
@Res({ passthrough: false }) response: Response
) {
const scheme = process.env.MOBILE_APP_SCHEME || 'postiz://auth/callback';
const params = new URLSearchParams();
if (code) params.set('code', code);
if (state) params.set('state', state);
return response.redirect(302, `${scheme}?${params.toString()}`);
}
@Get('/oauth/:provider')
async oauthLink(@Param('provider') provider: string, @Query() query: any) {
return this._authService.oauthLink(provider, query);
@ -223,10 +210,7 @@ export class AuthController {
@Body('datafast_visitor_id') datafast_visitor_id: string,
@Res({ passthrough: false }) response: Response
) {
const activate = await this._authService.activate(
code,
datafast_visitor_id
);
const activate = await this._authService.activate(code, datafast_visitor_id);
if (!activate) {
return response.status(200).json({ can: false });
}
@ -270,15 +254,10 @@ export class AuthController {
@Post('/oauth/:provider/exists')
async oauthExists(
@Body('code') code: string,
@Body('redirect_uri') redirect_uri: string,
@Param('provider') provider: string,
@Res({ passthrough: false }) response: Response
) {
const { jwt, token } = await this._authService.checkExists(
provider,
code,
redirect_uri
);
const { jwt, token } = await this._authService.checkExists(provider, code);
if (token) {
return response.json({ token });

5
apps/backend/src/api/routes/autopost.controller.ts
View file

@ -15,7 +15,6 @@ import { CheckPolicies } from '@gitroom/backend/services/auth/permissions/permis
import { AutopostService } from '@gitroom/nestjs-libraries/database/prisma/autopost/autopost.service';
import { AutopostDto } from '@gitroom/nestjs-libraries/dtos/autopost/autopost.dto';
import { AuthorizationActions, Sections } from '@gitroom/backend/services/auth/permissions/permission.exception.class';
import { OnlyURL } from '@gitroom/nestjs-libraries/dtos/webhooks/webhooks.dto';
@ApiTags('Autopost')
@Controller('/autopost')
@ -63,7 +62,7 @@ export class AutopostController {
}
@Post('/send')
async sendWebhook(@Query() query: OnlyURL) {
return this._autopostsService.loadXML(query.url);
async sendWebhook(@Query('url') url: string) {
return this._autopostsService.loadXML(url);
}
}

39
apps/backend/src/api/routes/billing.controller.ts
View file

@ -1,4 +1,4 @@
import { Body, Controller, Get, HttpException, Param, Post, Req } from '@nestjs/common';
import { Body, Controller, Get, Param, Post, Req } from '@nestjs/common';
import { SubscriptionService } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/subscription.service';
import { StripeService } from '@gitroom/nestjs-libraries/services/stripe.service';
import { GetOrgFromRequest } from '@gitroom/nestjs-libraries/user/org.from.request';
@ -144,43 +144,6 @@ export class BillingController {
return this._stripeService.lifetimeDeal(org.id, body.code);
}
@Get('/charges')
async getCharges(
@GetUserFromRequest() user: User,
@GetOrgFromRequest() org: Organization
) {
if (!user.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
return this._stripeService.getCharges(org.id);
}
@Post('/refund-charges')
async refundCharges(
@GetUserFromRequest() user: User,
@GetOrgFromRequest() org: Organization,
@Body() body: { chargeIds: string[] }
) {
if (!user.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
return this._stripeService.refundCharges(org.id, body.chargeIds);
}
@Post('/cancel-subscription')
async cancelSubscription(
@GetUserFromRequest() user: User,
@GetOrgFromRequest() org: Organization
) {
if (!user.isSuperAdmin) {
throw new HttpException('Unauthorized', 400);
}
return this._stripeService.cancelSubscription(org.id);
}
@Post('/add-subscription')
async addSubscription(
@Body() body: { subscription: string },

23
apps/backend/src/api/routes/copilot.controller.ts
View file

@ -20,7 +20,7 @@ import { SubscriptionService } from '@gitroom/nestjs-libraries/database/prisma/s
import { MastraAgent } from '@ag-ui/mastra';
import { MastraService } from '@gitroom/nestjs-libraries/chat/mastra.service';
import { Request, Response } from 'express';
import { RequestContext } from '@mastra/core/di';
import { RuntimeContext } from '@mastra/core/di';
import { CheckPolicies } from '@gitroom/backend/services/auth/permissions/permissions.ability';
import { AuthorizationActions, Sections } from '@gitroom/backend/services/auth/permissions/permission.exception.class';
@ -72,19 +72,20 @@ export class CopilotController {
return;
}
const mastra = await this._mastraService.mastra();
const requestContext = new RequestContext<ChannelsContext>();
requestContext.set(
const runtimeContext = new RuntimeContext<ChannelsContext>();
runtimeContext.set(
'integrations',
req?.body?.variables?.properties?.integrations || []
);
requestContext.set('organization', JSON.stringify(organization));
requestContext.set('ui', 'true');
runtimeContext.set('organization', JSON.stringify(organization));
runtimeContext.set('ui', 'true');
const agents = MastraAgent.getLocalAgents({
resourceId: organization.id,
mastra,
requestContext: requestContext as any,
// @ts-ignore
runtimeContext,
});
const runtime = new CopilotRuntime({
@ -123,7 +124,7 @@ export class CopilotController {
const mastra = await this._mastraService.mastra();
const memory = await mastra.getAgent('postiz').getMemory();
try {
return await memory.recall({
return await memory.query({
resourceId: organization.id,
threadId,
});
@ -136,12 +137,14 @@ export class CopilotController {
@CheckPolicies([AuthorizationActions.Create, Sections.AI])
async getList(@GetOrgFromRequest() organization: Organization) {
const mastra = await this._mastraService.mastra();
// @ts-ignore
const memory = await mastra.getAgent('postiz').getMemory();
const list = await memory.listThreads({
filter: { resourceId: organization.id },
const list = await memory.getThreadsByResourceIdPaginated({
resourceId: organization.id,
perPage: 100000,
page: 0,
orderBy: { field: 'createdAt', direction: 'DESC' },
orderBy: 'createdAt',
sortDirection: 'DESC',
});
return {

41
apps/backend/src/api/routes/enterprise.controller.ts
View file

@ -4,17 +4,13 @@ import { AuthService } from '@gitroom/helpers/auth/auth.service';
import { ioRedis } from '@gitroom/nestjs-libraries/redis/redis.service';
import { IntegrationManager } from '@gitroom/nestjs-libraries/integrations/integration.manager';
import { OrganizationService } from '@gitroom/nestjs-libraries/database/prisma/organizations/organization.service';
import { IntegrationService } from '@gitroom/nestjs-libraries/database/prisma/integrations/integration.service';
import { PostsService } from '@gitroom/nestjs-libraries/database/prisma/posts/posts.service';
@ApiTags('Enterprise')
@Controller('/enterprise')
export class EnterpriseController {
constructor(
private _integrationManager: IntegrationManager,
private _organizationService: OrganizationService,
private _integrationService: IntegrationService,
private _postsService: PostsService
private _organizationService: OrganizationService
) {}
@Post('/create-user')
@ -90,39 +86,4 @@ export class EnterpriseController {
return url;
} catch (err) {}
}
@Post('/delete-channel')
async deleteChannel(@Body('params') params: string) {
try {
const load = AuthService.verifyJWT(params) as {
apiKey: string;
id: string;
};
if (!load || !load.apiKey || !load.id) {
return { success: false };
}
const org = await this._organizationService.getOrgByApiKey(load.apiKey);
if (!org) {
return { success: false };
}
const isTherePosts = await this._integrationService.getPostsForChannel(
org.id,
load.id
);
if (isTherePosts.length) {
for (const post of isTherePosts) {
this._postsService.deletePost(org.id, post.group).catch(() => {});
}
}
await this._integrationService.deleteChannel(org.id, load.id);
return { success: true };
} catch (err) {
return { success: false };
}
}
}

20
apps/backend/src/api/routes/integrations.controller.ts
View file

@ -43,16 +43,6 @@ export class IntegrationsController {
private _refreshIntegrationService: RefreshIntegrationService
) {}
@Post('/provider/:id/connect')
@CheckPolicies([AuthorizationActions.Create, Sections.CHANNEL])
async saveProviderPage(
@GetOrgFromRequest() org: Organization,
@Param('id') id: string,
@Body() body: any
) {
return this._integrationService.saveProviderPage(org.id, id, body);
}
@Get('/:identifier/internal-plugs')
getInternalPlugs(@Param('identifier') identifier: string) {
return this._integrationManager.getInternalPlugs(identifier);
@ -101,7 +91,6 @@ export class IntegrationsController {
internalId: p.internalId,
disabled: p.disabled,
editor: findIntegration.editor,
stripLinks: !!findIntegration?.stripLinks?.(),
picture: p.picture || '/no-picture.jpg',
identifier: p.providerIdentifier,
inBetweenSteps: p.inBetweenSteps,
@ -196,7 +185,6 @@ export class IntegrationsController {
@Param('integration') integration: string,
@Query('refresh') refresh: string,
@Query('externalUrl') externalUrl: string,
@Query('redirectUrl') redirectUrl: string,
@Query('onboarding') onboarding: string,
@GetOrgFromRequest() org: Organization
) {
@ -234,10 +222,6 @@ export class IntegrationsController {
await ioRedis.set(`onboarding:${state}`, 'true', 'EX', 3600);
}
if (redirectUrl) {
await ioRedis.set(`redirect:${state}`, redirectUrl, 'EX', 3600);
}
await ioRedis.set(`organization:${state}`, org.id, 'EX', 3600);
await ioRedis.set(`login:${state}`, codeVerifier, 'EX', 3600);
await ioRedis.set(
@ -454,7 +438,9 @@ export class IntegrationsController {
}
@Post('/moltbook/register')
async moltbookRegister(@Body() body: { name: string; description: string }) {
async moltbookRegister(
@Body() body: { name: string; description: string }
) {
try {
const provider = new MoltbookProvider();
const result = await provider.registerAgent(body.name, body.description);

6
apps/backend/src/api/routes/media.controller.ts
View file

@ -129,7 +129,6 @@ export class MediaController {
@Post('/upload-simple')
@UseInterceptors(FileInterceptor('file'))
@UsePipes(new CustomFileValidationPipe())
async uploadSimple(
@GetOrgFromRequest() org: Organization,
@UploadedFile('file') file: Express.Multer.File,
@ -181,10 +180,9 @@ export class MediaController {
@Get('/')
getMedia(
@GetOrgFromRequest() org: Organization,
@Query('page') page: number,
@Query('search') search?: string
@Query('page') page: number
) {
return this._mediaService.getMedia(org.id, page, search);
return this._mediaService.getMedia(org.id, page);
}
@Get('/video-options')

2
apps/backend/src/api/routes/no.auth.integrations.controller.ts
View file

@ -306,7 +306,7 @@ export class NoAuthIntegrationsController {
};
}
@Post('/public/provider/:id/connect')
@Post('/provider/:id/connect')
async saveProviderPage(@Param('id') id: string, @Body() body: any) {
if (!body.state) {
throw new Error('Invalid state');

54
apps/backend/src/api/routes/oauth-app.controller.ts
View file

@ -1,54 +0,0 @@
import { Body, Controller, Delete, Get, Post, Put } from '@nestjs/common';
import { GetOrgFromRequest } from '@gitroom/nestjs-libraries/user/org.from.request';
import { Organization } from '@prisma/client';
import { ApiTags } from '@nestjs/swagger';
import { OAuthService } from '@gitroom/nestjs-libraries/database/prisma/oauth/oauth.service';
import { CheckPolicies } from '@gitroom/backend/services/auth/permissions/permissions.ability';
import {
AuthorizationActions,
Sections,
} from '@gitroom/backend/services/auth/permissions/permission.exception.class';
import { CreateOAuthAppDto } from '@gitroom/nestjs-libraries/dtos/oauth/create-oauth-app.dto';
import { UpdateOAuthAppDto } from '@gitroom/nestjs-libraries/dtos/oauth/update-oauth-app.dto';
@ApiTags('OAuth App')
@Controller('/user/oauth-app')
export class OAuthAppController {
constructor(private _oauthService: OAuthService) {}
@Get('/')
@CheckPolicies([AuthorizationActions.Create, Sections.ADMIN])
async getApp(@GetOrgFromRequest() org: Organization) {
return this._oauthService.getApp(org.id);
}
@Post('/')
@CheckPolicies([AuthorizationActions.Create, Sections.ADMIN])
async createApp(
@GetOrgFromRequest() org: Organization,
@Body() body: CreateOAuthAppDto
) {
return this._oauthService.createApp(org.id, body);
}
@Put('/')
@CheckPolicies([AuthorizationActions.Create, Sections.ADMIN])
async updateApp(
@GetOrgFromRequest() org: Organization,
@Body() body: UpdateOAuthAppDto
) {
return this._oauthService.updateApp(org.id, body);
}
@Delete('/')
@CheckPolicies([AuthorizationActions.Create, Sections.ADMIN])
async deleteApp(@GetOrgFromRequest() org: Organization) {
return this._oauthService.deleteApp(org.id);
}
@Post('/rotate-secret')
@CheckPolicies([AuthorizationActions.Create, Sections.ADMIN])
async rotateSecret(@GetOrgFromRequest() org: Organization) {
return this._oauthService.rotateSecret(org.id);
}
}

95
apps/backend/src/api/routes/oauth.controller.ts
View file

@ -1,95 +0,0 @@
import {
Body,
Controller,
Get,
HttpException,
HttpStatus,
Post,
Query,
} from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { OAuthService } from '@gitroom/nestjs-libraries/database/prisma/oauth/oauth.service';
import { GetUserFromRequest } from '@gitroom/nestjs-libraries/user/user.from.request';
import { GetOrgFromRequest } from '@gitroom/nestjs-libraries/user/org.from.request';
import { User, Organization } from '@prisma/client';
import { AuthorizeOAuthQueryDto, ApproveOAuthDto } from '@gitroom/nestjs-libraries/dtos/oauth/authorize-oauth.dto';
import { TokenExchangeDto } from '@gitroom/nestjs-libraries/dtos/oauth/token-exchange.dto';
@ApiTags('OAuth')
@Controller('/oauth')
export class OAuthController {
constructor(private _oauthService: OAuthService) {}
@Get('/authorize')
async authorize(@Query() query: AuthorizeOAuthQueryDto) {
const app = await this._oauthService.validateAuthorizationRequest(
query.client_id
);
return {
app: {
name: app.name,
description: app.description,
picture: app.picture,
clientId: app.clientId,
redirectUrl: app.redirectUrl,
},
state: query.state,
};
}
@Post('/token')
async token(@Body() body: TokenExchangeDto) {
if (body.grant_type !== 'authorization_code') {
throw new HttpException(
{ error: 'unsupported_grant_type' },
HttpStatus.BAD_REQUEST
);
}
return this._oauthService.exchangeCodeForToken(
body.code,
body.client_id,
body.client_secret
);
}
}
@ApiTags('OAuth')
@Controller('/oauth')
export class OAuthAuthorizedController {
constructor(private _oauthService: OAuthService) {}
@Post('/authorize')
async approveOrDeny(
@Body() body: ApproveOAuthDto,
@GetUserFromRequest() user: User,
@GetOrgFromRequest() org: Organization
) {
const app = await this._oauthService.validateAuthorizationRequest(
body.client_id
);
if (body.action === 'deny') {
const redirectUrl = new URL(app.redirectUrl);
redirectUrl.searchParams.set('error', 'access_denied');
if (body.state) {
redirectUrl.searchParams.set('state', body.state);
}
return { redirect: redirectUrl.toString() };
}
const code = await this._oauthService.createAuthorizationCode(
app.id,
user.id,
org.id
);
const redirectUrl = new URL(app.redirectUrl);
redirectUrl.searchParams.set('code', code);
if (body.state) {
redirectUrl.searchParams.set('state', body.state);
}
return { redirect: redirectUrl.toString() };
}
}

21
apps/backend/src/api/routes/posts.controller.ts
View file

@ -3,7 +3,6 @@ import {
Controller,
Delete,
Get,
HttpException,
Param,
Post,
Put,
@ -113,7 +112,11 @@ export class PostsController {
@GetOrgFromRequest() org: Organization,
@Query() query: GetPostsDto
) {
return this._postsService.getPostsMinified(org.id, query);
const posts = await this._postsService.getPosts(org.id, query);
return {
posts,
};
}
@Get('/find-slot')
@ -145,18 +148,6 @@ export class PostsController {
return this._postsService.getOldPosts(org.id, date);
}
@Get('/group/:group/debug-export')
async getPostGroupDebugExport(
@GetOrgFromRequest() org: Organization,
@GetUserFromRequest() user: User,
@Param('group') group: string
) {
if (!user.isSuperAdmin) {
throw new HttpException('Forbidden', 403);
}
return this._postsService.getPostGroupDebugExport(org.id, group);
}
@Get('/group/:group')
getPostsByGroup(@GetOrgFromRequest() org: Organization, @Param('group') group: string) {
return this._postsService.getPostsByGroup(org.id, group);
@ -175,7 +166,7 @@ export class PostsController {
) {
console.log(JSON.stringify(rawBody, null, 2));
const body = await this._postsService.mapTypeToPost(rawBody, org.id);
return this._postsService.createPost(org.id, body, 'WEB');
return this._postsService.createPost(org.id, body);
}
@Post('/generator/draft')

105
apps/backend/src/api/routes/public.controller.ts
View file

@ -10,6 +10,7 @@ import {
StreamableFile,
} from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AgenciesService } from '@gitroom/nestjs-libraries/database/prisma/agencies/agencies.service';
import { PostsService } from '@gitroom/nestjs-libraries/database/prisma/posts/posts.service';
import { TrackService } from '@gitroom/nestjs-libraries/track/track.service';
import { RealIP } from 'nestjs-real-ip';
@ -20,14 +21,8 @@ import { makeId } from '@gitroom/nestjs-libraries/services/make.is';
import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';
import { AgentGraphInsertService } from '@gitroom/nestjs-libraries/agent/agent.graph.insert.service';
import { Nowpayments } from '@gitroom/nestjs-libraries/crypto/nowpayments';
import { SubscriptionService } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/subscription.service';
import { AuthService } from '@gitroom/helpers/auth/auth.service';
import { pricing } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/pricing';
import { Readable, pipeline } from 'stream';
import { promisify } from 'util';
import { OnlyURL } from '@gitroom/nestjs-libraries/dtos/webhooks/webhooks.dto';
import { isSafePublicHttpsUrl } from '@gitroom/nestjs-libraries/dtos/webhooks/webhook.url.validator';
import { ssrfSafeDispatcher } from '@gitroom/nestjs-libraries/dtos/webhooks/ssrf.safe.dispatcher';
const pump = promisify(pipeline);
@ -35,11 +30,11 @@ const pump = promisify(pipeline);
@Controller('/public')
export class PublicController {
constructor(
private _agenciesService: AgenciesService,
private _trackService: TrackService,
private _agentGraphInsertService: AgentGraphInsertService,
private _postsService: PostsService,
private _nowpayments: Nowpayments,
private _subscriptionService: SubscriptionService
private _nowpayments: Nowpayments
) {}
@Post('/agent')
async createAgent(@Body() body: { text: string; apiKey: string }) {
@ -53,6 +48,26 @@ export class PublicController {
return this._agentGraphInsertService.newPost(body.text);
}
@Get('/agencies-list')
async getAgencyByUser() {
return this._agenciesService.getAllAgencies();
}
@Get('/agencies-list-slug')
async getAgencySlug() {
return this._agenciesService.getAllAgenciesSlug();
}
@Get('/agencies-information/:agency')
async getAgencyInformation(@Param('agency') agency: string) {
return this._agenciesService.getAgencyInformation(agency);
}
@Get('/agencies-list-count')
async getAgenciesCount() {
return this._agenciesService.getCount();
}
@Get(`/posts/:id`)
async getPreview(@Param('id') id: string) {
return (await this._postsService.getPostsRecursively(id, true)).map(
@ -130,32 +145,6 @@ export class PublicController {
});
}
@Post('/modify-subscription')
async modifySubscription(@Body('params') params: string) {
try {
const load = AuthService.verifyJWT(params) as {
orgId: string;
billing: 'FREE' | 'STANDARD' | 'TEAM' | 'PRO' | 'ULTIMATE';
};
if (!load || !load.orgId || !load.billing || !pricing[load.billing]) {
return { success: false };
}
const totalChannels = pricing[load.billing].channel || 0;
await this._subscriptionService.modifySubscriptionByOrg(
load.orgId,
totalChannels,
load.billing
);
return { success: true };
} catch (err) {
return { success: false };
}
}
@Post('/crypto/:path')
async cryptoPost(@Body() body: any, @Param('path') path: string) {
console.log('cryptoPost', body, path);
@ -164,11 +153,10 @@ export class PublicController {
@Get('/stream')
async streamFile(
@Query() query: OnlyURL,
@Query('url') url: string,
@Res() res: Response,
@Req() req: Request
) {
const { url } = query;
if (!url.endsWith('mp4')) {
return res.status(400).send('Invalid video URL');
}
@ -178,47 +166,7 @@ export class PublicController {
req.on('aborted', onClose);
res.on('close', onClose);
// Manually follow redirects so every hop is re-validated against
// the SSRF blocklist (see GHSA-34w8-5j2v-h6ww). `fetch` defaults to
// `redirect: 'follow'`, which bypasses the DTO-level URL check.
const MAX_REDIRECTS = 5;
let currentUrl = url;
let r: globalThis.Response | undefined;
for (let hop = 0; hop <= MAX_REDIRECTS; hop++) {
if (!(await isSafePublicHttpsUrl(currentUrl))) {
return res.status(400).send('Blocked URL');
}
r = await fetch(currentUrl, {
signal: ac.signal,
redirect: 'manual',
// @ts-ignore — undici option, not in lib.dom fetch types
dispatcher: ssrfSafeDispatcher,
});
if (r.status >= 300 && r.status < 400) {
const location = r.headers.get('location');
if (!location) {
return res.status(502).send('Redirect without Location');
}
try {
currentUrl = new URL(location, currentUrl).toString();
} catch {
return res.status(400).send('Invalid redirect target');
}
continue;
}
break;
}
if (!r) {
return res.status(502).send('No upstream response');
}
if (r.status >= 300 && r.status < 400) {
return res.status(508).send('Too many redirects');
}
const r = await fetch(url, { signal: ac.signal });
if (!r.ok && r.status !== 206) {
res.status(r.status);
@ -241,6 +189,7 @@ export class PublicController {
try {
await pump(Readable.fromWeb(r.body as any), res);
} catch (err) {}
} catch (err) {
}
}
}

47
apps/backend/src/api/routes/third-party.controller.ts
View file

@ -14,7 +14,6 @@ import { Organization } from '@prisma/client';
import { AuthService } from '@gitroom/helpers/auth/auth.service';
import { UploadFactory } from '@gitroom/nestjs-libraries/upload/upload.factory';
import { MediaService } from '@gitroom/nestjs-libraries/database/prisma/media/media.service';
import { ImportMediaDto } from '@gitroom/nestjs-libraries/dtos/third-party/import-media.dto';
@ApiTags('Third Party')
@Controller('/third-party')
@ -122,52 +121,6 @@ export class ThirdPartyController {
);
}
@Post('/:id/import')
async importMedia(
@GetOrgFromRequest() organization: Organization,
@Param('id') id: string,
@Body() body: ImportMediaDto
) {
const thirdParty = await this._thirdPartyManager.getIntegrationById(
organization.id,
id
);
if (!thirdParty) {
throw new HttpException('Integration not found', 404);
}
const thirdPartyInstance = this._thirdPartyManager.getThirdPartyByName(
thirdParty.identifier
);
if (!thirdPartyInstance) {
throw new HttpException('Invalid identifier', 400);
}
const downloadUrls = await thirdPartyInstance?.instance?.['importMedia']?.(
AuthService.fixedDecryption(thirdParty.apiKey),
body.items
);
if (!downloadUrls || !Array.isArray(downloadUrls)) {
throw new HttpException('Import not supported', 400);
}
const results = [];
for (const item of downloadUrls) {
const file = await this.storage.uploadSimple(item.url);
const saved = await this._mediaService.saveFile(
organization.id,
item.name || file.split('/').pop(),
file
);
results.push(saved);
}
return results;
}
@Post('/:identifier')
async addApiKey(
@GetOrgFromRequest() organization: Organization,

18
apps/backend/src/api/routes/users.controller.ts
View file

@ -9,7 +9,6 @@ import {
Res,
} from '@nestjs/common';
import { GetUserFromRequest } from '@gitroom/nestjs-libraries/user/user.from.request';
import { sign } from 'jsonwebtoken';
import { Organization, User } from '@prisma/client';
import { SubscriptionService } from '@gitroom/nestjs-libraries/database/prisma/subscriptions/subscription.service';
import { GetOrgFromRequest } from '@gitroom/nestjs-libraries/user/org.from.request';
@ -43,23 +42,6 @@ export class UsersController {
private _userService: UsersService,
private _trackService: TrackService
) {}
@Get('/agent-media-sso')
async getAgentMediaSsoUrl(
@GetUserFromRequest() user: User,
@GetOrgFromRequest() organization: Organization
) {
if (!process.env.AGENT_MEDIA_SSO_KEY) {
throw new HttpException('Agent Media SSO is not configured', 400);
}
const token = sign(
{ id: organization.id, displayName: organization.name },
process.env.AGENT_MEDIA_SSO_KEY
);
return { url: `https://agent-media.ai/sso/${token}` };
}
@Get('/self')
async getSelf(
@GetUserFromRequest() user: User,

7
apps/backend/src/api/routes/webhooks.controller.ts
View file

@ -14,7 +14,8 @@ import { ApiTags } from '@nestjs/swagger';
import { WebhooksService } from '@gitroom/nestjs-libraries/database/prisma/webhooks/webhooks.service';
import { CheckPolicies } from '@gitroom/backend/services/auth/permissions/permissions.ability';
import {
OnlyURL, UpdateDto, WebhooksDto
UpdateDto,
WebhooksDto,
} from '@gitroom/nestjs-libraries/dtos/webhooks/webhooks.dto';
import { AuthorizationActions, Sections } from '@gitroom/backend/services/auth/permissions/permission.exception.class';
@ -54,9 +55,9 @@ export class WebhookController {
}
@Post('/send')
async sendWebhook(@Body() body: any, @Query() query: OnlyURL) {
async sendWebhook(@Body() body: any, @Query('url') url: string) {
try {
await fetch(query.url, {
await fetch(url, {
method: 'POST',
body: JSON.stringify(body),
headers: { 'Content-Type': 'application/json' },

17
apps/backend/src/app.module.ts
View file

@ -15,8 +15,6 @@ import { ChatModule } from '@gitroom/nestjs-libraries/chat/chat.module';
import { getTemporalModule } from '@gitroom/nestjs-libraries/temporal/temporal.module';
import { TemporalRegisterMissingSearchAttributesModule } from '@gitroom/nestjs-libraries/temporal/temporal.register';
import { InfiniteWorkflowRegisterModule } from '@gitroom/nestjs-libraries/temporal/infinite.workflow.register';
import { ThrottlerStorageRedisService } from '@nest-lab/throttler-storage-redis';
import { ioRedis } from '@gitroom/nestjs-libraries/redis/redis.service';
@Global()
@Module({
@ -32,15 +30,12 @@ import { ioRedis } from '@gitroom/nestjs-libraries/redis/redis.service';
getTemporalModule(false),
TemporalRegisterMissingSearchAttributesModule,
InfiniteWorkflowRegisterModule,
ThrottlerModule.forRoot({
throttlers: [
{
ttl: 3600000,
limit: process.env.API_LIMIT ? Number(process.env.API_LIMIT) : 90,
},
],
storage: new ThrottlerStorageRedisService(ioRedis),
}),
ThrottlerModule.forRoot([
{
ttl: 3600000,
limit: process.env.API_LIMIT ? Number(process.env.API_LIMIT) : 30,
},
]),
],
controllers: [],
providers: [

8
apps/backend/src/main.ts
View file

@ -1,6 +1,5 @@
import { initializeSentry } from '@gitroom/nestjs-libraries/sentry/initialize.sentry';
initializeSentry('backend', true);
import compression from 'compression';
import { loadSwagger } from '@gitroom/helpers/swagger/load.swagger';
import { json } from 'express';
@ -27,9 +26,6 @@ async function start() {
allowedHeaders: [
'Content-Type',
'Authorization',
'auth',
'showorg',
'impersonate',
'x-copilotkit-runtime-client-gql-version',
],
exposedHeaders: [
@ -55,12 +51,11 @@ async function start() {
})
);
app.use(['/copilot/{*splat}', '/posts'], (req: any, res: any, next: any) => {
app.use(['/copilot/*', '/posts'], (req: any, res: any, next: any) => {
json({ limit: '50mb' })(req, res, next);
});
app.use(cookieParser());
app.use(compression());
app.useGlobalFilters(new SubscriptionExceptionFilter());
app.useGlobalFilters(new HttpExceptionFilter());
@ -70,7 +65,6 @@ async function start() {
try {
await app.listen(port);
console.log('Backend started successfully on port ' + port);
checkConfiguration(); // Do this last, so that users will see obvious issues at the end of the startup log without having to scroll up.

148
apps/backend/src/public-api/routes/v1/public.integrations.controller.ts
View file

@ -10,9 +10,7 @@ import {
Query,
UploadedFile,
UseInterceptors,
UsePipes,
} from '@nestjs/common';
import { CustomFileValidationPipe } from '@gitroom/nestjs-libraries/upload/custom.upload.validation';
import { ApiTags } from '@nestjs/swagger';
import { GetOrgFromRequest } from '@gitroom/nestjs-libraries/user/org.from.request';
import { Organization } from '@prisma/client';
@ -23,7 +21,6 @@ import { FileInterceptor } from '@nestjs/platform-express';
import { UploadFactory } from '@gitroom/nestjs-libraries/upload/upload.factory';
import { MediaService } from '@gitroom/nestjs-libraries/database/prisma/media/media.service';
import { GetPostsDto } from '@gitroom/nestjs-libraries/dtos/posts/get.posts.dto';
import { ChangePostStatusDto } from '@gitroom/nestjs-libraries/dtos/posts/change.post.status.dto';
import {
AuthorizationActions,
Sections,
@ -33,31 +30,15 @@ import { VideoFunctionDto } from '@gitroom/nestjs-libraries/dtos/videos/video.fu
import { UploadDto } from '@gitroom/nestjs-libraries/dtos/media/upload.dto';
import { NotificationService } from '@gitroom/nestjs-libraries/database/prisma/notifications/notification.service';
import { GetNotificationsDto } from '@gitroom/nestjs-libraries/dtos/notifications/get.notifications.dto';
import axios from 'axios';
import { Readable } from 'stream';
import { ssrfSafeDispatcher } from '@gitroom/nestjs-libraries/dtos/webhooks/ssrf.safe.dispatcher';
// eslint-disable-next-line @typescript-eslint/no-var-requires
const { fromBuffer } = require('file-type');
const PUBLIC_API_ALLOWED_MIME = new Set<string>([
'image/jpeg',
'image/png',
'image/gif',
'image/webp',
'image/avif',
'image/bmp',
'image/tiff',
'video/mp4',
]);
import { lookup, extension } from 'mime-types';
import * as Sentry from '@sentry/nestjs';
import {
socialIntegrationList,
IntegrationManager,
} from '@gitroom/nestjs-libraries/integrations/integration.manager';
import { socialIntegrationList, IntegrationManager } from '@gitroom/nestjs-libraries/integrations/integration.manager';
import { getValidationSchemas } from '@gitroom/nestjs-libraries/chat/validation.schemas.helper';
import { RefreshIntegrationService } from '@gitroom/nestjs-libraries/integrations/refresh.integration.service';
import { RefreshToken } from '@gitroom/nestjs-libraries/integrations/social.abstract';
import { timer } from '@gitroom/helpers/utils/timer';
import { ioRedis } from '@gitroom/nestjs-libraries/redis/redis.service';
@ApiTags('Public API')
@Controller('/public/v1')
@ -75,7 +56,6 @@ export class PublicIntegrationsController {
@Post('/upload')
@UseInterceptors(FileInterceptor('file'))
@UsePipes(new CustomFileValidationPipe())
async uploadSimple(
@GetOrgFromRequest() org: Organization,
@UploadedFile('file') file: Express.Multer.File
@ -99,20 +79,15 @@ export class PublicIntegrationsController {
@Body() body: UploadDto
) {
Sentry.metrics.count('public_api-request', 1);
const response = await fetch(body.url, {
// @ts-ignore — undici option, not in lib.dom fetch types
dispatcher: ssrfSafeDispatcher,
const response = await axios.get(body.url, {
responseType: 'arraybuffer',
});
if (!response.ok) {
throw new HttpException({ msg: 'Failed to fetch URL' }, 400);
}
const buffer = Buffer.from(await response.arrayBuffer());
const detected = await fromBuffer(buffer);
if (!detected || !PUBLIC_API_ALLOWED_MIME.has(detected.mime)) {
throw new HttpException({ msg: 'Unsupported file type.' }, 400);
}
const mimetype = detected.mime;
const ext = detected.ext;
const buffer = Buffer.from(response.data);
const responseMime = response.headers?.['content-type']?.split(';')[0]?.trim();
const urlMime = lookup(body?.url?.split?.('?')?.[0]);
const mimetype = (urlMime || responseMime || 'image/jpeg') as string;
const ext = extension(mimetype) || 'jpg';
const getFile = await this.storage.uploadFile({
buffer,
@ -170,33 +145,8 @@ export class PublicIntegrationsController {
);
body.type = rawBody.type;
if (
process.env.RESTRICT_UPLOAD_DOMAINS &&
body.posts.some((p) =>
p.value.some((a) =>
a.image.some(
(i) => i.path.indexOf(process.env.RESTRICT_UPLOAD_DOMAINS) === -1
)
)
)
) {
throw new HttpException(
{
msg: `All media must be uploaded through our upload API route and contain the domain: ${process.env.RESTRICT_UPLOAD_DOMAINS}`,
},
400
);
}
const allowedCreationMethods = ['CLI', 'API'] as const;
const creationMethod = allowedCreationMethods.includes(
rawBody.creationMethod
)
? (rawBody.creationMethod as 'CLI' | 'API')
: 'API';
console.log(JSON.stringify(body, null, 2));
return this._postsService.createPost(org.id, body, creationMethod);
return this._postsService.createPost(org.id, body);
}
@Delete('/posts/:id')
@ -245,51 +195,6 @@ export class PublicIntegrationsController {
);
}
@Get('/social/:integration')
@CheckPolicies([AuthorizationActions.Create, Sections.CHANNEL])
async getIntegrationUrl(
@Param('integration') integration: string,
@Query('refresh') refresh: string,
@GetOrgFromRequest() org: Organization
) {
Sentry.metrics.count('public_api-request', 1);
if (
!this._integrationManager
.getAllowedSocialsIntegrations()
.includes(integration)
) {
throw new HttpException({ msg: 'Integration not allowed' }, 400);
}
const integrationProvider =
this._integrationManager.getSocialIntegration(integration);
if (integrationProvider.externalUrl) {
throw new HttpException(
{
msg: 'This integration requires an external URL and is not supported via the public API',
},
400
);
}
try {
const { codeVerifier, state, url } =
await integrationProvider.generateAuthUrl();
if (refresh) {
await ioRedis.set(`refresh:${state}`, refresh, 'EX', 3600);
}
await ioRedis.set(`organization:${state}`, org.id, 'EX', 3600);
await ioRedis.set(`login:${state}`, codeVerifier, 'EX', 3600);
return { url };
} catch (err) {
throw new HttpException({ msg: 'Failed to generate auth URL' }, 500);
}
}
@Get('/notifications')
async getNotifications(
@GetOrgFromRequest() org: Organization,
@ -321,25 +226,6 @@ export class PublicIntegrationsController {
);
}
@Delete('/integrations/:id')
async deleteChannel(
@GetOrgFromRequest() org: Organization,
@Param('id') id: string
) {
Sentry.metrics.count('public_api-request', 1);
const isTherePosts = await this._integrationService.getPostsForChannel(
org.id,
id
);
if (isTherePosts.length) {
for (const post of isTherePosts) {
this._postsService.deletePost(org.id, post.group).catch(() => {});
}
}
return this._integrationService.deleteChannel(org.id, id);
}
@Get('/integration-settings/:id')
async getIntegrationSettings(
@GetOrgFromRequest() org: Organization,
@ -392,16 +278,6 @@ export class PublicIntegrationsController {
return this._postsService.getMissingContent(org.id, id);
}
@Put('/posts/:id/status')
async changePostStatus(
@GetOrgFromRequest() org: Organization,
@Param('id') id: string,
@Body() body: ChangePostStatusDto
) {
Sentry.metrics.count('public_api-request', 1);
return this._postsService.changePostStatus(org.id, id, body.status);
}
@Put('/posts/:id/release-id')
async updateReleaseId(
@GetOrgFromRequest() org: Organization,

33
apps/backend/src/services/auth/auth.service.ts
View file

@ -5,7 +5,7 @@ import { LoginUserDto } from '@gitroom/nestjs-libraries/dtos/auth/login.user.dto
import { UsersService } from '@gitroom/nestjs-libraries/database/prisma/users/users.service';
import { OrganizationService } from '@gitroom/nestjs-libraries/database/prisma/organizations/organization.service';
import { AuthService as AuthChecker } from '@gitroom/helpers/auth/auth.service';
import { AuthProviderManager } from '@gitroom/backend/services/auth/providers/providers.manager';
import { ProvidersFactory } from '@gitroom/backend/services/auth/providers/providers.factory';
import dayjs from 'dayjs';
import { NotificationService } from '@gitroom/nestjs-libraries/database/prisma/notifications/notification.service';
import { ForgotReturnPasswordDto } from '@gitroom/nestjs-libraries/dtos/auth/forgot-return.password.dto';
@ -18,8 +18,7 @@ export class AuthService {
private _userService: UsersService,
private _organizationService: OrganizationService,
private _notificationService: NotificationService,
private _emailService: EmailService,
private _providerManager: AuthProviderManager
private _emailService: EmailService
) {}
async canRegister(provider: string) {
if (
@ -43,9 +42,6 @@ export class AuthService {
if (process.env.DISALLOW_PLUS && body.email.includes('+')) {
throw new Error('Email with plus sign is not allowed');
}
if (body instanceof CreateOrgUserDto) {
body.email = body.email.toLowerCase();
}
const user = await this._userService.getUserByEmail(body.email);
if (body instanceof CreateOrgUserDto) {
if (user) {
@ -140,7 +136,7 @@ export class AuthService {
ip: string,
userAgent: string
) {
const providerInstance = this._providerManager.getProvider(provider);
const providerInstance = ProvidersFactory.loadProvider(provider);
const providerUser = await providerInstance.getUser(body.providerToken);
if (!providerUser) {
@ -178,14 +174,6 @@ export class AuthService {
await NewsletterService.register(providerUser.email);
try {
if (providerInstance?.postRegistration) {
await providerInstance.postRegistration(body.providerToken, create.id);
}
} catch (err) {
// Don't fail registration if postRegistration fails
}
return create.users[0].user;
}
@ -289,13 +277,17 @@ export class AuthService {
}
oauthLink(provider: string, query?: any) {
const providerInstance = this._providerManager.getProvider(provider);
const providerInstance = ProvidersFactory.loadProvider(
provider as Provider
);
return providerInstance.generateLink(query);
}
async checkExists(provider: string, code: string, redirectUri?: string) {
const providerInstance = this._providerManager.getProvider(provider);
const token = await providerInstance.getToken(code, redirectUri);
async checkExists(provider: string, code: string) {
const providerInstance = ProvidersFactory.loadProvider(
provider as Provider
);
const token = await providerInstance.getToken(code);
const user = await providerInstance.getUser(token);
if (!user) {
throw new Error('Invalid user');
@ -312,9 +304,6 @@ export class AuthService {
}
private async jwt(user: User) {
if (user.password) {
delete user.password;
}
return AuthChecker.signJWT(user);
}
}

4
apps/backend/src/services/auth/permissions/permissions.guard.ts
View file

@ -44,10 +44,8 @@ export class PoliciesGuard implements CanActivate {
// @ts-expect-error
const { org }: { org: Organization } = request;
const refreshChannelId = typeof request.query?.refresh === 'string' ? request.query.refresh : undefined;
// @ts-ignore
const ability = await this._authorizationService.check(org.id, org.createdAt, org.users[0].role, policyHandlers, refreshChannelId);
const ability = await this._authorizationService.check(org.id, org.createdAt, org.users[0].role, policyHandlers);
const item = policyHandlers.find(
(handler) => !this.execPolicyHandler(handler, ability)

17
apps/backend/src/services/auth/permissions/permissions.service.ts
View file

@ -40,8 +40,7 @@ export class PermissionsService {
orgId: string,
created_at: Date,
permission: 'USER' | 'ADMIN' | 'SUPERADMIN',
requestedPermission: Array<[AuthorizationActions, Sections]>,
refreshChannelId?: string
requestedPermission: Array<[AuthorizationActions, Sections]>
) {
const { can, build } = new AbilityBuilder<
Ability<[AuthorizationActions, Sections]>
@ -66,20 +65,6 @@ export class PermissionsService {
for (const [action, section] of requestedPermission) {
// check for the amount of channels
if (section === Sections.CHANNEL) {
// Refreshing an existing channel doesn't add a new one, so skip the limit check
// but only if the channel actually belongs to this org
if (refreshChannelId) {
const existingIntegration =
await this._integrationService.getIntegrationById(
orgId,
refreshChannelId
);
if (existingIntegration) {
can(action, section);
continue;
}
}
const totalChannels = (
await this._integrationService.getIntegrationsList(orgId)
).filter((f) => !f.refreshNeeded).length;

35
apps/backend/src/services/auth/providers.interface.ts
View file

@ -1,34 +1,7 @@
import { Injectable } from '@nestjs/common';
export abstract class AuthProviderAbstract {
abstract generateLink(query?: any): Promise<string> | string;
abstract getToken(code: string, redirectUri?: string): Promise<string>;
abstract getUser(
export interface ProvidersInterface {
generateLink(query?: any): Promise<string> | string;
getToken(code: string): Promise<string>;
getUser(
providerToken: string
): Promise<{ email: string; id: string }> | false;
async postRegistration(
providerToken: string,
orgId: string
): Promise<void> {}
}
export interface AuthProviderParams {
provider: string;
}
export function AuthProvider(params: AuthProviderParams) {
return function (target: any) {
Injectable()(target);
const existingMetadata =
Reflect.getMetadata('auth-provider', AuthProviderAbstract) || [];
existingMetadata.push({ target, provider: params.provider });
Reflect.defineMetadata(
'auth-provider',
existingMetadata,
AuthProviderAbstract
);
};
}

15
apps/backend/src/services/auth/providers/farcaster.provider.ts
View file

@ -1,20 +1,16 @@
import {
AuthProvider,
AuthProviderAbstract,
} from '@gitroom/backend/services/auth/providers.interface';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
import { NeynarAPIClient } from '@neynar/nodejs-sdk';
const client = new NeynarAPIClient({
apiKey: process.env.NEYNAR_SECRET_KEY || '00000000-000-0000-000-000000000000',
});
@AuthProvider({ provider: 'FARCASTER' })
export class FarcasterProvider extends AuthProviderAbstract {
export class FarcasterProvider implements ProvidersInterface {
generateLink() {
return '';
}
async getToken(code: string, _redirectUri?: string) {
async getToken(code: string) {
const data = JSON.parse(Buffer.from(code, 'base64').toString());
const status = await client.lookupSigner({ signerUuid: data.signer_uuid });
if (status.status === 'approved') {
@ -33,6 +29,11 @@ export class FarcasterProvider extends AuthProviderAbstract {
};
}
// const { client, oauth2 } = clientAndYoutube();
// client.setCredentials({ access_token: providerToken });
// const user = oauth2(client);
// const { data } = await user.userinfo.get();
return {
id: String('farcaster_' + status.fid),
email: String('farcaster_' + status.fid),

10
apps/backend/src/services/auth/providers/github.provider.ts
View file

@ -1,10 +1,6 @@
import {
AuthProvider,
AuthProviderAbstract,
} from '@gitroom/backend/services/auth/providers.interface';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
@AuthProvider({ provider: 'GITHUB' })
export class GithubProvider extends AuthProviderAbstract {
export class GithubProvider implements ProvidersInterface {
generateLink(): string {
return `https://github.com/login/oauth/authorize?client_id=${
process.env.GITHUB_CLIENT_ID
@ -13,7 +9,7 @@ export class GithubProvider extends AuthProviderAbstract {
)}`;
}
async getToken(code: string, _redirectUri?: string): Promise<string> {
async getToken(code: string): Promise<string> {
const { access_token } = await (
await fetch('https://github.com/login/oauth/access_token', {
method: 'POST',

66
apps/backend/src/services/auth/providers/google.provider.ts
View file

@ -1,28 +1,45 @@
import { makeId } from '@gitroom/nestjs-libraries/services/make.is';
import { google } from 'googleapis';
import {
AuthProvider,
AuthProviderAbstract,
} from '@gitroom/backend/services/auth/providers.interface';
import { OAuth2Client } from 'google-auth-library/build/src/auth/oauth2client';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
const defaultRedirect = () =>
`${process.env.FRONTEND_URL}/integrations/social/youtube`;
const makeClient = (redirectUri: string) =>
new google.auth.OAuth2({
const clientAndYoutube = () => {
const client = new google.auth.OAuth2({
clientId: process.env.YOUTUBE_CLIENT_ID,
clientSecret: process.env.YOUTUBE_CLIENT_SECRET,
redirectUri,
redirectUri: `${process.env.FRONTEND_URL}/integrations/social/youtube`,
});
@AuthProvider({ provider: 'GOOGLE' })
export class GoogleProvider extends AuthProviderAbstract {
generateLink(query?: { redirect_uri?: string }) {
const redirectUri = query?.redirect_uri || defaultRedirect();
return makeClient(redirectUri).generateAuthUrl({
const youtube = (newClient: OAuth2Client) =>
google.youtube({
version: 'v3',
auth: newClient,
});
const youtubeAnalytics = (newClient: OAuth2Client) =>
google.youtubeAnalytics({
version: 'v2',
auth: newClient,
});
const oauth2 = (newClient: OAuth2Client) =>
google.oauth2({
version: 'v2',
auth: newClient,
});
return { client, youtube, oauth2, youtubeAnalytics };
};
export class GoogleProvider implements ProvidersInterface {
generateLink() {
const state = 'login';
const { client } = clientAndYoutube();
return client.generateAuthUrl({
access_type: 'online',
prompt: 'consent',
state: 'login',
redirect_uri: redirectUri,
state,
redirect_uri: `${process.env.FRONTEND_URL}/integrations/social/youtube`,
scope: [
'https://www.googleapis.com/auth/userinfo.profile',
'https://www.googleapis.com/auth/userinfo.email',
@ -30,22 +47,21 @@ export class GoogleProvider extends AuthProviderAbstract {
});
}
async getToken(code: string, redirectUri?: string) {
const client = makeClient(redirectUri || defaultRedirect());
async getToken(code: string) {
const { client, oauth2 } = clientAndYoutube();
const { tokens } = await client.getToken(code);
return tokens.access_token!;
return tokens.access_token;
}
async getUser(providerToken: string) {
const client = makeClient(defaultRedirect());
const { client, oauth2 } = clientAndYoutube();
client.setCredentials({ access_token: providerToken });
const { data } = await google
.oauth2({ version: 'v2', auth: client })
.userinfo.get();
const user = oauth2(client);
const { data } = await user.userinfo.get();
return {
id: data.id!,
email: data.email!,
email: data.email,
};
}
}

83
apps/backend/src/services/auth/providers/oauth.provider.ts
View file

@ -1,56 +1,66 @@
import {
AuthProvider,
AuthProviderAbstract,
} from '@gitroom/backend/services/auth/providers.interface';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
@AuthProvider({ provider: 'GENERIC' })
export class OauthProvider extends AuthProviderAbstract {
private getConfig() {
export class OauthProvider implements ProvidersInterface {
private readonly authUrl: string;
private readonly baseUrl: string;
private readonly clientId: string;
private readonly clientSecret: string;
private readonly frontendUrl: string;
private readonly tokenUrl: string;
private readonly userInfoUrl: string;
constructor() {
const {
POSTIZ_OAUTH_AUTH_URL,
POSTIZ_OAUTH_CLIENT_ID,
POSTIZ_OAUTH_CLIENT_SECRET,
POSTIZ_OAUTH_TOKEN_URL,
POSTIZ_OAUTH_URL,
POSTIZ_OAUTH_USERINFO_URL,
FRONTEND_URL,
} = process.env;
if (
!POSTIZ_OAUTH_USERINFO_URL ||
!POSTIZ_OAUTH_TOKEN_URL ||
!POSTIZ_OAUTH_CLIENT_ID ||
!POSTIZ_OAUTH_CLIENT_SECRET ||
!POSTIZ_OAUTH_AUTH_URL ||
!FRONTEND_URL
) {
throw new Error('POSTIZ_OAUTH environment variables are not set');
}
if (!POSTIZ_OAUTH_USERINFO_URL)
throw new Error(
'POSTIZ_OAUTH_USERINFO_URL environment variable is not set'
);
if (!POSTIZ_OAUTH_URL)
throw new Error('POSTIZ_OAUTH_URL environment variable is not set');
if (!POSTIZ_OAUTH_TOKEN_URL)
throw new Error('POSTIZ_OAUTH_TOKEN_URL environment variable is not set');
if (!POSTIZ_OAUTH_CLIENT_ID)
throw new Error('POSTIZ_OAUTH_CLIENT_ID environment variable is not set');
if (!POSTIZ_OAUTH_CLIENT_SECRET)
throw new Error(
'POSTIZ_OAUTH_CLIENT_SECRET environment variable is not set'
);
if (!POSTIZ_OAUTH_AUTH_URL)
throw new Error('POSTIZ_OAUTH_AUTH_URL environment variable is not set');
if (!FRONTEND_URL)
throw new Error('FRONTEND_URL environment variable is not set');
return {
authUrl: POSTIZ_OAUTH_AUTH_URL,
clientId: POSTIZ_OAUTH_CLIENT_ID,
clientSecret: POSTIZ_OAUTH_CLIENT_SECRET,
tokenUrl: POSTIZ_OAUTH_TOKEN_URL,
userInfoUrl: POSTIZ_OAUTH_USERINFO_URL,
frontendUrl: FRONTEND_URL,
};
this.authUrl = POSTIZ_OAUTH_AUTH_URL;
this.baseUrl = POSTIZ_OAUTH_URL;
this.clientId = POSTIZ_OAUTH_CLIENT_ID;
this.clientSecret = POSTIZ_OAUTH_CLIENT_SECRET;
this.frontendUrl = FRONTEND_URL;
this.tokenUrl = POSTIZ_OAUTH_TOKEN_URL;
this.userInfoUrl = POSTIZ_OAUTH_USERINFO_URL;
}
generateLink(): string {
const { authUrl, clientId, frontendUrl } = this.getConfig();
const params = new URLSearchParams({
client_id: clientId,
client_id: this.clientId,
scope: 'openid profile email',
response_type: 'code',
redirect_uri: `${frontendUrl}/settings`,
redirect_uri: `${this.frontendUrl}/settings`,
});
return `${authUrl}?${params.toString()}`;
return `${this.authUrl}?${params.toString()}`;
}
async getToken(code: string, _redirectUri?: string): Promise<string> {
const { tokenUrl, clientId, clientSecret, frontendUrl } = this.getConfig();
const response = await fetch(`${tokenUrl}`, {
async getToken(code: string): Promise<string> {
const response = await fetch(`${this.tokenUrl}`, {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
@ -58,10 +68,10 @@ export class OauthProvider extends AuthProviderAbstract {
},
body: new URLSearchParams({
grant_type: 'authorization_code',
client_id: clientId,
client_secret: clientSecret,
client_id: this.clientId,
client_secret: this.clientSecret,
code,
redirect_uri: `${frontendUrl}/settings`,
redirect_uri: `${this.frontendUrl}/settings`,
}),
});
@ -75,8 +85,7 @@ export class OauthProvider extends AuthProviderAbstract {
}
async getUser(access_token: string): Promise<{ email: string; id: string }> {
const { userInfoUrl } = this.getConfig();
const response = await fetch(`${userInfoUrl}`, {
const response = await fetch(`${this.userInfoUrl}`, {
headers: {
Authorization: `Bearer ${access_token}`,
Accept: 'application/json',

24
apps/backend/src/services/auth/providers/providers.factory.ts Normal file
View file

@ -0,0 +1,24 @@
import { Provider } from '@prisma/client';
import { GithubProvider } from '@gitroom/backend/services/auth/providers/github.provider';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
import { GoogleProvider } from '@gitroom/backend/services/auth/providers/google.provider';
import { FarcasterProvider } from '@gitroom/backend/services/auth/providers/farcaster.provider';
import { WalletProvider } from '@gitroom/backend/services/auth/providers/wallet.provider';
import { OauthProvider } from '@gitroom/backend/services/auth/providers/oauth.provider';
export class ProvidersFactory {
static loadProvider(provider: Provider): ProvidersInterface {
switch (provider) {
case Provider.GITHUB:
return new GithubProvider();
case Provider.GOOGLE:
return new GoogleProvider();
case Provider.FARCASTER:
return new FarcasterProvider();
case Provider.WALLET:
return new WalletProvider();
case Provider.GENERIC:
return new OauthProvider();
}
}
}

23
apps/backend/src/services/auth/providers/providers.manager.ts
View file

@ -1,23 +0,0 @@
import { Injectable } from '@nestjs/common';
import { ModuleRef } from '@nestjs/core';
import { AuthProviderAbstract } from '@gitroom/backend/services/auth/providers.interface';
@Injectable()
export class AuthProviderManager {
constructor(private _moduleRef: ModuleRef) {}
getProvider(provider: string): AuthProviderAbstract {
const metadata =
Reflect.getMetadata('auth-provider', AuthProviderAbstract) || [];
const found = metadata.find(
(m: any) => m.provider === provider
);
if (!found) {
throw new Error(`Auth provider ${provider} not found`);
}
return this._moduleRef.get(found.target, { strict: false });
}
}

14
apps/backend/src/services/auth/providers/wallet.provider.ts
View file

@ -1,17 +1,16 @@
import {
AuthProvider,
AuthProviderAbstract,
} from '@gitroom/backend/services/auth/providers.interface';
import { ProvidersInterface } from '@gitroom/backend/services/auth/providers.interface';
import { randomBytes } from 'crypto';
import { ioRedis } from '@gitroom/nestjs-libraries/redis/redis.service';
import bs58 from 'bs58';
import nacl from 'tweetnacl';
function hexToUint8Array(hex) {
// Remove any potential "0x" prefix
if (hex.startsWith('0x')) {
hex = hex.slice(2);
}
// Ensure the hex string has an even length
if (hex.length % 2 !== 0) {
throw new Error('Invalid hex string. It must have an even length.');
}
@ -20,15 +19,16 @@ function hexToUint8Array(hex) {
const uint8Array = new Uint8Array(byteLength);
for (let i = 0; i < byteLength; i++) {
// Get two characters from the hex string
const byteHex = hex.substr(i * 2, 2);
// Parse the two characters as a hexadecimal number
uint8Array[i] = parseInt(byteHex, 16);
}
return uint8Array;
}
@AuthProvider({ provider: 'WALLET' })
export class WalletProvider extends AuthProviderAbstract {
export class WalletProvider implements ProvidersInterface {
async generateLink(params: { publicKey: string }) {
if (!params.publicKey) {
return;
@ -40,7 +40,7 @@ export class WalletProvider extends AuthProviderAbstract {
return challenge;
}
async getToken(code: string, _redirectUri?: string) {
async getToken(code: string) {
const { publicKey, challenge, signature } = JSON.parse(
Buffer.from(code, 'base64').toString()
);

57
apps/backend/src/services/auth/public.auth.middleware.ts
View file

@ -1,15 +1,11 @@
import { HttpStatus, Injectable, NestMiddleware } from '@nestjs/common';
import { Request, Response, NextFunction } from 'express';
import { OrganizationService } from '@gitroom/nestjs-libraries/database/prisma/organizations/organization.service';
import { OAuthService } from '@gitroom/nestjs-libraries/database/prisma/oauth/oauth.service';
import { HttpForbiddenException } from '@gitroom/nestjs-libraries/services/exception.filter';
@Injectable()
export class PublicAuthMiddleware implements NestMiddleware {
constructor(
private _organizationService: OrganizationService,
private _oauthService: OAuthService
) {}
constructor(private _organizationService: OrganizationService) {}
async use(req: Request, res: Response, next: NextFunction) {
const auth = (req.headers.authorization ||
req.headers.Authorization) as string;
@ -18,44 +14,21 @@ export class PublicAuthMiddleware implements NestMiddleware {
return;
}
try {
if (auth.startsWith('pos_')) {
const authorization = await this._oauthService.getOrgByOAuthToken(auth);
if (!authorization) {
res
.status(HttpStatus.UNAUTHORIZED)
.json({ msg: 'Invalid OAuth token' });
return;
}
const org = authorization.organization;
if (!!process.env.STRIPE_SECRET_KEY && !org.subscription) {
res
.status(HttpStatus.UNAUTHORIZED)
.json({ msg: 'No subscription found' });
return;
}
// @ts-ignore
req.org = { ...org, users: [{ users: { role: 'SUPERADMIN' } }] };
} else {
const org = await this._organizationService.getOrgByApiKey(auth);
if (!org) {
res
.status(HttpStatus.UNAUTHORIZED)
.json({ msg: 'Invalid API key' });
return;
}
if (!!process.env.STRIPE_SECRET_KEY && !org.subscription) {
res
.status(HttpStatus.UNAUTHORIZED)
.json({ msg: 'No subscription found' });
return;
}
// @ts-ignore
req.org = { ...org, users: [{ users: { role: 'SUPERADMIN' } }] };
const org = await this._organizationService.getOrgByApiKey(auth);
if (!org) {
res.status(HttpStatus.UNAUTHORIZED).json({ msg: 'Invalid API key' });
return;
}
if (!!process.env.STRIPE_SECRET_KEY && !org.subscription) {
res
.status(HttpStatus.UNAUTHORIZED)
.json({ msg: 'No subscription found' });
return;
}
// @ts-ignore
req.org = { ...org, users: [{ users: { role: 'SUPERADMIN' } }] };
} catch (err) {
throw new HttpForbiddenException();
}

4
apps/cli/.gitignore vendored Normal file
View file

@ -0,0 +1,4 @@
node_modules
dist
*.log
.DS_Store

9
apps/cli/.npmignore Normal file
View file

@ -0,0 +1,9 @@
src
examples
tsconfig.json
tsup.config.ts
*.md
!README.md
node_modules
.git
.gitignore

29
apps/cli/CHANGELOG.md Normal file
View file

@ -0,0 +1,29 @@
# Changelog
All notable changes to the Postiz CLI will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [1.0.0] - 2026-02-13
### Added
- Initial release of Postiz CLI
- `posts:create` - Create new social media posts
- `posts:list` - List all posts with pagination and search
- `posts:delete` - Delete posts by ID
- `integrations:list` - List connected social media integrations
- `upload` - Upload media files (images)
- Environment variable configuration (POSTIZ_API_KEY, POSTIZ_API_URL)
- Comprehensive help documentation
- Example scripts for basic usage and AI agent integration
- SKILL.md for AI agent usage patterns
### Features
- Command-line interface for Postiz API
- Support for scheduled posts
- Multi-platform posting via integrations
- Media upload functionality
- User-friendly error messages with emojis
- JSON output for programmatic parsing
- Comprehensive examples for AI agents

287
apps/cli/FEATURES.md Normal file
View file

@ -0,0 +1,287 @@
# Postiz CLI - Feature Summary
## ✅ Complete Feature Set
### Posts with Comments and Media - FULLY SUPPORTED
The Postiz CLI **fully supports** the complete API structure including:
#### ✅ Posts with Comments
- Main post content
- Multiple comments/replies
- Each comment can have different content
- Configurable delays between comments
#### ✅ Multiple Media per Post/Comment
- Each post can have **multiple images** (array of MediaDto)
- Each comment can have **its own images** (separate MediaDto arrays)
- Support for various image formats (PNG, JPG, JPEG, GIF)
- Media can be URLs or uploaded files
#### ✅ Multi-Platform Posting
- Post to multiple platforms in one request
- Platform-specific content for each integration
- Different media for different platforms
#### ✅ Advanced Features
- Scheduled posting with precise timestamps
- URL shortening support
- Tags and metadata
- Delays between comments (in milliseconds)
- Draft mode for review before posting
## Usage Modes
### 1. Simple Mode (Command Line)
For quick, simple posts:
```bash
# Single post
postiz posts:create -c "Hello!" -i "twitter-123"
# With multiple images
postiz posts:create -c "Post" --image "img1.jpg,img2.jpg,img3.jpg" -i "twitter-123"
# With comments (no custom media per comment)
postiz posts:create -c "Main" --comments "Comment 1;Comment 2" -i "twitter-123"
```
**Limitations of Simple Mode:**
- Comments share the same media as the main post
- Cannot specify different images for each comment
- Cannot set custom delays between comments
### 2. Advanced Mode (JSON Files)
For complex posts with comments that have their own media:
```bash
postiz posts:create --json complex-post.json
```
**Capabilities:**
- ✅ Each comment can have different media
- ✅ Custom delays between comments
- ✅ Multiple posts to different platforms
- ✅ Platform-specific content and media
- ✅ Full control over all API features
## Real-World Examples
### Example 1: Product Launch with Follow-up Comments
**Main Post:** Product announcement with 3 product images
**Comment 1:** Feature highlight with 1 feature screenshot (posted 1 hour later)
**Comment 2:** Special offer with 1 promotional image (posted 2 hours later)
```json
{
"type": "schedule",
"date": "2024-03-15T09:00:00Z",
"posts": [{
"integration": { "id": "twitter-123" },
"value": [
{
"content": "🚀 Launching our new product!",
"image": [
{ "id": "p1", "path": "product-1.jpg" },
{ "id": "p2", "path": "product-2.jpg" },
{ "id": "p3", "path": "product-3.jpg" }
]
},
{
"content": "⭐ Key features you'll love:",
"image": [
{ "id": "f1", "path": "features-screenshot.jpg" }
],
"delay": 3600000
},
{
"content": "🎁 Limited time: 50% off!",
"image": [
{ "id": "o1", "path": "special-offer.jpg" }
],
"delay": 7200000
}
]
}]
}
```
### Example 2: Tutorial Thread
**Main Post:** Introduction with overview image
**Tweets 2-5:** Step-by-step with different screenshots for each step
```json
{
"type": "now",
"posts": [{
"integration": { "id": "twitter-123" },
"value": [
{
"content": "🧵 How to use our CLI (1/5)",
"image": [{ "id": "1", "path": "overview.jpg" }]
},
{
"content": "Step 1: Installation (2/5)",
"image": [{ "id": "2", "path": "step1.jpg" }],
"delay": 2000
},
{
"content": "Step 2: Configuration (3/5)",
"image": [{ "id": "3", "path": "step2.jpg" }],
"delay": 2000
},
{
"content": "Step 3: First post (4/5)",
"image": [{ "id": "4", "path": "step3.jpg" }],
"delay": 2000
},
{
"content": "You're all set! 🎉 (5/5)",
"image": [{ "id": "5", "path": "done.jpg" }],
"delay": 2000
}
]
}]
}
```
### Example 3: Multi-Platform Campaign
**Same event, different content per platform:**
```json
{
"type": "schedule",
"date": "2024-12-25T12:00:00Z",
"posts": [
{
"integration": { "id": "twitter-123" },
"value": [
{
"content": "Short, catchy Twitter post 🐦",
"image": [{ "id": "t1", "path": "twitter-square.jpg" }]
},
{
"content": "Thread continuation with details",
"image": [{ "id": "t2", "path": "twitter-details.jpg" }],
"delay": 5000
}
]
},
{
"integration": { "id": "linkedin-456" },
"value": [{
"content": "Professional, detailed LinkedIn post with business context...",
"image": [
{ "id": "l1", "path": "linkedin-wide.jpg" },
{ "id": "l2", "path": "linkedin-graph.jpg" }
]
}]
},
{
"integration": { "id": "facebook-789" },
"value": [
{
"content": "Engaging Facebook post for family/friends audience",
"image": [
{ "id": "f1", "path": "facebook-photo1.jpg" },
{ "id": "f2", "path": "facebook-photo2.jpg" },
{ "id": "f3", "path": "facebook-photo3.jpg" }
]
},
{
"content": "More info in the comments!",
"image": [{ "id": "f4", "path": "facebook-cta.jpg" }],
"delay": 300000
}
]
}
]
}
```
## API Structure Reference
### Complete CreatePostDto
```typescript
{
type: 'now' | 'schedule' | 'draft' | 'update',
date: string, // ISO 8601 date
shortLink: boolean,
tags: Array<{
value: string,
label: string
}>,
posts: Array<{
integration: {
id: string // From integrations:list
},
value: Array<{ // Main post + comments
content: string,
image: Array<{ // Multiple images per post/comment
id: string,
path: string,
alt?: string,
thumbnail?: string
}>,
delay?: number, // Milliseconds
id?: string
}>,
settings: {
__type: 'EmptySettings'
}
}>
}
```
## For AI Agents
### When to Use Simple Mode
- Quick single posts
- No need for comment-specific media
- Posting to 1-2 platforms
- Same content across platforms
### When to Use Advanced Mode (JSON)
- ✅ **Comments need their own media** ← YOUR USE CASE
- ✅ Multi-platform with different content
- ✅ Threads with step-by-step images
- ✅ Timed follow-up comments
- ✅ Complex campaigns
### AI Agent Tips
1. **Generate JSON programmatically** - Don't write JSON manually
2. **Validate structure** - Use TypeScript types or JSON schema
3. **Test with "draft" type** - Review before posting
4. **Use unique image IDs** - Generate with UUID or random strings
5. **Set appropriate delays** - Twitter: 2-5s, others: 30s-1min+
## Files and Documentation
- **examples/post-with-comments.json** - Post with comments, each having media
- **examples/multi-platform-post.json** - Multi-platform campaign
- **examples/thread-post.json** - Twitter thread example
- **examples/EXAMPLES.md** - Comprehensive guide with all patterns
- **SKILL.md** - Full AI agent usage guide
- **README.md** - Installation and basic usage
## Summary
### Question: Does it support posts with comments, each with media?
**Answer: YES! ✅**
- ✅ Posts can have multiple comments
- ✅ Each comment can have its own media (multiple images)
- ✅ Each post can have multiple images
- ✅ Use JSON files for full control
- ✅ See examples/ directory for working templates
- ✅ Fully compatible with the Postiz API structure
The CLI supports the **complete Postiz API** including all advanced features!

300
apps/cli/HOW_TO_RUN.md Normal file
View file

@ -0,0 +1,300 @@
# How to Run the Postiz CLI
There are several ways to run the CLI, depending on your needs.
## Option 1: Direct Execution (Quick Test) ⚡
The built file at `apps/cli/dist/index.js` is already executable!
```bash
# From the monorepo root
node apps/cli/dist/index.js --help
# Or run it directly (it has a shebang)
./apps/cli/dist/index.js --help
# Example command
export POSTIZ_API_KEY=your_key
node apps/cli/dist/index.js posts:list
```
## Option 2: Link Globally (Recommended for Development) 🔗
This creates a global `postiz` command you can use anywhere:
```bash
# From the monorepo root
cd apps/cli
pnpm link --global
# Now you can use it anywhere!
postiz --help
postiz posts:list
postiz posts:create -c "Hello!" -i "twitter-123"
# To unlink later
pnpm unlink --global
```
**After linking, you can use `postiz` from any directory!**
## Option 3: Use pnpm Filter (From Root) 📦
```bash
# From the monorepo root
pnpm --filter postiz start -- --help
pnpm --filter postiz start -- posts:list
pnpm --filter postiz start -- posts:create -c "Hello" -i "twitter-123"
```
## Option 4: Use npm/npx (After Publishing) 🌐
Once published to npm:
```bash
# Install globally
npm install -g postiz
# Or use with npx (no install)
npx postiz --help
npx postiz posts:list
```
## Quick Setup Guide
### Step 1: Build the CLI
```bash
# From monorepo root
pnpm run build:cli
```
### Step 2: Set Your API Key
```bash
export POSTIZ_API_KEY=your_api_key_here
# To make it permanent, add to your shell profile:
echo 'export POSTIZ_API_KEY=your_api_key' >> ~/.bashrc
# or ~/.zshrc if you use zsh
```
### Step 3: Choose Your Method
**For quick testing:**
```bash
node apps/cli/dist/index.js --help
```
**For regular use (recommended):**
```bash
cd apps/cli
pnpm link --global
postiz --help
```
## Troubleshooting
### "Command not found: postiz"
If you linked globally but still get this error:
```bash
# Check if it's linked
which postiz
# If not found, try linking again
cd apps/cli
pnpm link --global
# Or check your PATH
echo $PATH
```
### "POSTIZ_API_KEY is not set"
```bash
export POSTIZ_API_KEY=your_key
# Verify it's set
echo $POSTIZ_API_KEY
```
### Permission Denied
If you get permission errors:
```bash
# Make the file executable
chmod +x apps/cli/dist/index.js
# Then try again
./apps/cli/dist/index.js --help
```
### Rebuild After Changes
After making code changes, rebuild:
```bash
pnpm run build:cli
```
If you linked globally, the changes will be reflected immediately (no need to re-link).
## Testing the CLI
### Test Help Command
```bash
postiz --help
postiz posts:create --help
```
### Test with Sample Command (requires API key)
```bash
export POSTIZ_API_KEY=your_key
# List integrations
postiz integrations:list
# Create a test post
postiz posts:create \
-c "Test post from CLI" \
-i "your-integration-id"
```
## Development Workflow
### 1. Make Changes
Edit files in `apps/cli/src/`
### 2. Rebuild
```bash
pnpm run build:cli
```
### 3. Test
```bash
# If linked globally
postiz --help
# Or direct execution
node apps/cli/dist/index.js --help
```
### 4. Watch Mode (Auto-rebuild)
```bash
# From apps/cli directory
pnpm run dev
# In another terminal, test your changes
postiz --help
```
## Environment Variables
### Required
- `POSTIZ_API_KEY` - Your Postiz API key (required for all operations)
### Optional
- `POSTIZ_API_URL` - Custom API endpoint (default: `https://api.postiz.com`)
### Setting Environment Variables
**Temporary (current session):**
```bash
export POSTIZ_API_KEY=your_key
export POSTIZ_API_URL=https://custom-api.com
```
**Permanent (add to shell profile):**
```bash
# For bash
echo 'export POSTIZ_API_KEY=your_key' >> ~/.bashrc
source ~/.bashrc
# For zsh
echo 'export POSTIZ_API_KEY=your_key' >> ~/.zshrc
source ~/.zshrc
```
## Using Aliases
Create a convenient alias:
```bash
# Add to ~/.bashrc or ~/.zshrc
alias pz='postiz'
# Now you can use
pz posts:list
pz posts:create -c "Quick post" -i "twitter-123"
```
## Production Deployment
### Publish to npm
```bash
# From monorepo root
pnpm run publish-cli
# Or from apps/cli
cd apps/cli
pnpm run publish
```
### Install from npm
```bash
# Global install
npm install -g postiz
# Project-specific
npm install postiz
npx postiz --help
```
## Summary of Methods
| Method | Command | Use Case |
|--------|---------|----------|
| **Direct Node** | `node apps/cli/dist/index.js` | Quick testing, no installation |
| **Direct Execution** | `./apps/cli/dist/index.js` | Same as above, slightly shorter |
| **Global Link** | `postiz` (after `pnpm link --global`) | **Recommended** for development |
| **pnpm Filter** | `pnpm --filter postiz start --` | From monorepo root |
| **npm Global** | `postiz` (after `npm i -g postiz`) | After publishing to npm |
| **npx** | `npx postiz` | One-off usage without installing |
## Recommended Setup
For the best development experience:
```bash
# 1. Build
pnpm run build:cli
# 2. Link globally
cd apps/cli
pnpm link --global
# 3. Set API key
export POSTIZ_API_KEY=your_key
# 4. Test
postiz --help
postiz integrations:list
# 5. Start using!
postiz posts:create -c "My first post" -i "twitter-123"
```
Now you can use `postiz` from anywhere! 🚀

418
apps/cli/INTEGRATION_SETTINGS_DISCOVERY.md Normal file
View file

@ -0,0 +1,418 @@
# Integration Settings Discovery
The CLI now has a powerful feature to discover what settings are available for each integration!
## New Command: `integrations:settings`
Get the settings schema, validation rules, and maximum character limits for any integration.
## Usage
```bash
postiz integrations:settings <integration-id>
```
## What It Returns
```json
{
"output": {
"maxLength": 280,
"settings": {
"properties": {
"who_can_reply_post": {
"enum": ["everyone", "following", "mentionedUsers", "subscribers", "verified"],
"description": "Who can reply to this post"
},
"community": {
"pattern": "^(https://x.com/i/communities/\\d+)?$",
"description": "X community URL"
}
},
"required": ["who_can_reply_post"]
}
}
}
```
## Workflow
### 1. List Your Integrations
```bash
postiz integrations:list
```
Output:
```json
[
{
"id": "reddit-abc123",
"name": "My Reddit Account",
"identifier": "reddit",
"provider": "reddit"
},
{
"id": "youtube-def456",
"name": "My YouTube Channel",
"identifier": "youtube",
"provider": "youtube"
},
{
"id": "twitter-ghi789",
"name": "@myhandle",
"identifier": "x",
"provider": "x"
}
]
```
### 2. Get Settings for Specific Integration
```bash
postiz integrations:settings reddit-abc123
```
Output:
```json
{
"output": {
"maxLength": 40000,
"settings": {
"properties": {
"subreddit": {
"type": "array",
"items": {
"properties": {
"value": {
"properties": {
"subreddit": {
"type": "string",
"minLength": 2,
"description": "Subreddit name"
},
"title": {
"type": "string",
"minLength": 2,
"description": "Post title"
},
"type": {
"type": "string",
"description": "Post type (text or link)"
},
"url": {
"type": "string",
"description": "URL for link posts"
},
"is_flair_required": {
"type": "boolean",
"description": "Whether flair is required"
},
"flair": {
"properties": {
"id": "string",
"name": "string"
}
}
},
"required": ["subreddit", "title", "type", "is_flair_required"]
}
}
}
}
},
"required": ["subreddit"]
}
}
}
```
### 3. Use the Settings in Your Post
Now you know what settings are available and required!
```bash
postiz posts:create \
-c "My post content" \
-p reddit \
--settings '{
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Check this out!",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}' \
-i "reddit-abc123"
```
## Examples by Platform
### Reddit
```bash
postiz integrations:settings reddit-abc123
```
Returns:
- Max length: 40,000 characters
- Required settings: subreddit, title, type
- Optional: flair
### YouTube
```bash
postiz integrations:settings youtube-def456
```
Returns:
- Max length: 5,000 characters (description)
- Required settings: title, type (public/private/unlisted)
- Optional: tags, thumbnail, selfDeclaredMadeForKids
### X (Twitter)
```bash
postiz integrations:settings twitter-ghi789
```
Returns:
- Max length: 280 characters (or 4,000 for verified)
- Required settings: who_can_reply_post
- Optional: community
### LinkedIn
```bash
postiz integrations:settings linkedin-jkl012
```
Returns:
- Max length: 3,000 characters
- Optional settings: post_as_images_carousel, carousel_name
### TikTok
```bash
postiz integrations:settings tiktok-mno345
```
Returns:
- Max length: 150 characters (caption)
- Required settings: privacy_level, duet, stitch, comment, autoAddMusic, brand_content_toggle, brand_organic_toggle, content_posting_method
- Optional: title, video_made_with_ai
### Instagram
```bash
postiz integrations:settings instagram-pqr678
```
Returns:
- Max length: 2,200 characters
- Required settings: post_type (post or story)
- Optional: is_trial_reel, graduation_strategy, collaborators
## No Additional Settings Required
Some platforms don't require specific settings:
```bash
postiz integrations:settings threads-stu901
```
Returns:
```json
{
"output": {
"maxLength": 500,
"settings": "No additional settings required"
}
}
```
Platforms with no additional settings:
- Threads
- Mastodon
- Bluesky
- Telegram
- Nostr
- VK
## Use Cases
### 1. Discovery
Find out what settings are available before posting:
```bash
# What settings does YouTube support?
postiz integrations:settings youtube-123
# What settings does Reddit support?
postiz integrations:settings reddit-456
```
### 2. Validation
Check maximum character limits:
```bash
postiz integrations:settings twitter-789 | jq '.output.maxLength'
# Output: 280
```
### 3. AI Agent Integration
AI agents can call this endpoint to:
- Discover available settings dynamically
- Validate settings before posting
- Adapt to platform-specific requirements
```javascript
// Get settings schema
const settings = await execSync(
`postiz integrations:settings ${integrationId}`,
{ encoding: 'utf-8' }
);
const schema = JSON.parse(settings);
// Check max length
if (content.length > schema.output.maxLength) {
content = content.substring(0, schema.output.maxLength);
}
// Use required settings
const requiredSettings = schema.output.settings.required || [];
```
### 4. Form Generation
Use the schema to generate UI forms:
```javascript
const settings = await getIntegrationSettings('reddit-123');
const schema = settings.output.settings;
// Generate form fields from schema
schema.properties.subreddit.items.properties.value.properties
// → subreddit (text, minLength: 2)
// → title (text, minLength: 2)
// → type (select: text/link)
// → etc.
```
## Combined Workflow
Complete workflow for posting with correct settings:
```bash
#!/bin/bash
export POSTIZ_API_KEY=your_key
# 1. List integrations
echo "📋 Available integrations:"
postiz integrations:list
# 2. Get settings for Reddit
echo ""
echo "⚙️ Reddit settings:"
SETTINGS=$(postiz integrations:settings reddit-123)
echo $SETTINGS | jq '.output.maxLength'
echo $SETTINGS | jq '.output.settings'
# 3. Create post with correct settings
echo ""
echo "📝 Creating post..."
postiz posts:create \
-c "My post content" \
-p reddit \
--settings '{
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Interesting post",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}' \
-i "reddit-123"
```
## API Endpoint
The command calls:
```
GET /public/v1/integration-settings/:id
```
Returns:
```typescript
{
output: {
maxLength: number;
settings: ValidationSchema | "No additional settings required";
}
}
```
## Error Handling
### Integration Not Found
```bash
postiz integrations:settings invalid-id
# ❌ Failed to get integration settings: Integration not found
```
### API Key Not Set
```bash
postiz integrations:settings reddit-123
# ❌ Error: POSTIZ_API_KEY environment variable is required
```
## Tips
1. **Always check settings first** before creating posts with custom settings
2. **Use the schema** to validate your settings object
3. **Check maxLength** to avoid exceeding character limits
4. **For AI agents**: Cache the settings to avoid repeated API calls
5. **Required fields** must be included in your settings object
## Comparison: Before vs After
### Before ❌
```bash
# Had to guess what settings are available
# Had to read documentation or source code
# Didn't know character limits
```
### After ✅
```bash
# Discover settings programmatically
postiz integrations:settings reddit-123
# See exactly what's required and optional
# Know the exact character limits
# Get validation schemas
```
## Summary
✅ **Discover settings for any integration**
✅ **Get character limits**
✅ **See validation schemas**
✅ **Know required vs optional fields**
✅ **Perfect for AI agents**
✅ **No more guesswork!**
**Now you can discover what settings each platform supports!** 🎉

435
apps/cli/INTEGRATION_TOOLS_WORKFLOW.md Normal file
View file

@ -0,0 +1,435 @@
# Integration Tools Workflow
Some integrations require additional data (like IDs, tags, playlists, etc.) before you can post. The CLI supports a complete workflow to discover and use these tools.
## The Complete Workflow
### Step 1: List Integrations
```bash
postiz integrations:list
```
Get your integration IDs.
### Step 2: Get Integration Settings
```bash
postiz integrations:settings <integration-id>
```
This returns:
- `maxLength` - Character limit
- `settings` - Required/optional fields
- **`tools`** - Callable methods to fetch additional data
### Step 3: Trigger Tools (If Needed)
If settings require IDs/data you don't have, use the tools:
```bash
postiz integrations:trigger <integration-id> <method-name> -d '{"key":"value"}'
```
### Step 4: Create Post with Complete Settings
Use the data from Step 3 in your post settings.
## Real-World Example: Reddit
### 1. Get Reddit Integration Settings
```bash
postiz integrations:settings reddit-abc123
```
**Output:**
```json
{
"output": {
"maxLength": 40000,
"settings": {
"properties": {
"subreddit": {
"type": "array",
"items": {
"properties": {
"subreddit": { "type": "string" },
"title": { "type": "string" },
"flair": {
"properties": {
"id": { "type": "string" } // ← Need flair ID!
}
}
}
}
}
}
},
"tools": [
{
"methodName": "getFlairs",
"description": "Get available flairs for a subreddit",
"dataSchema": [
{
"key": "subreddit",
"description": "The subreddit name",
"type": "string"
}
]
},
{
"methodName": "searchSubreddits",
"description": "Search for subreddits",
"dataSchema": [
{
"key": "query",
"description": "Search query",
"type": "string"
}
]
}
]
}
}
```
### 2. Get Flairs for the Subreddit
```bash
postiz integrations:trigger reddit-abc123 getFlairs -d '{"subreddit":"programming"}'
```
**Output:**
```json
{
"output": [
{
"id": "flair-12345",
"name": "Discussion"
},
{
"id": "flair-67890",
"name": "Tutorial"
}
]
}
```
### 3. Create Post with Flair ID
```bash
postiz posts:create \
-c "Check out my project!" \
-p reddit \
--settings '{
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "My Cool Project",
"type": "text",
"url": "",
"is_flair_required": true,
"flair": {
"id": "flair-12345",
"name": "Discussion"
}
}
}]
}' \
-i "reddit-abc123"
```
## Example: YouTube Playlists
### 1. Get YouTube Settings
```bash
postiz integrations:settings youtube-123
```
**Output includes tools:**
```json
{
"tools": [
{
"methodName": "getPlaylists",
"description": "Get your YouTube playlists",
"dataSchema": []
},
{
"methodName": "getCategories",
"description": "Get available video categories",
"dataSchema": []
}
]
}
```
### 2. Get Playlists
```bash
postiz integrations:trigger youtube-123 getPlaylists
```
**Output:**
```json
{
"output": [
{
"id": "PLxxxxxx",
"title": "My Tutorials"
},
{
"id": "PLyyyyyy",
"title": "Product Demos"
}
]
}
```
### 3. Post to Specific Playlist
```bash
postiz posts:create \
-c "Video description" \
-p youtube \
--settings '{
"title": "My Video",
"type": "public",
"playlistId": "PLxxxxxx"
}' \
-i "youtube-123"
```
## Example: LinkedIn Companies
### 1. Get LinkedIn Settings
```bash
postiz integrations:settings linkedin-123
```
**Output includes tools:**
```json
{
"tools": [
{
"methodName": "getCompanies",
"description": "Get companies you can post to",
"dataSchema": []
}
]
}
```
### 2. Get Companies
```bash
postiz integrations:trigger linkedin-123 getCompanies
```
**Output:**
```json
{
"output": [
{
"id": "company-123",
"name": "My Company"
},
{
"id": "company-456",
"name": "Other Company"
}
]
}
```
### 3. Post as Company
```bash
postiz posts:create \
-c "Company announcement" \
-p linkedin \
--settings '{
"companyId": "company-123"
}' \
-i "linkedin-123"
```
## Understanding Tools
### Tool Structure
```json
{
"methodName": "getFlairs",
"description": "Get available flairs for a subreddit",
"dataSchema": [
{
"key": "subreddit",
"description": "The subreddit name",
"type": "string"
}
]
}
```
- **methodName** - Use this in `integrations:trigger`
- **description** - What the tool does
- **dataSchema** - Required input parameters
### Calling Tools
```bash
# No parameters
postiz integrations:trigger <integration-id> <methodName>
# With parameters
postiz integrations:trigger <integration-id> <methodName> -d '{"key":"value"}'
```
## Common Tool Methods
### Reddit
- `getFlairs` - Get flairs for a subreddit
- `searchSubreddits` - Search for subreddits
- `getSubreddits` - Get subscribed subreddits
### YouTube
- `getPlaylists` - Get your playlists
- `getCategories` - Get video categories
- `getChannels` - Get your channels
### LinkedIn
- `getCompanies` - Get companies you manage
- `getOrganizations` - Get organizations
### Twitter/X
- `getListsowned` - Get your Twitter lists
- `getCommunities` - Get communities you're in
### Pinterest
- `getBoards` - Get your Pinterest boards
- `getBoardSections` - Get sections in a board
## AI Agent Workflow
For AI agents, this enables dynamic discovery and usage:
```javascript
// 1. Get settings and tools
const settings = JSON.parse(
execSync(`postiz integrations:settings ${integrationId}`)
);
// 2. Check if tools are needed
const tools = settings.output.tools || [];
// 3. Call tools to get required data
for (const tool of tools) {
if (needsThisTool(tool)) {
const data = buildDataForTool(tool.dataSchema);
const result = JSON.parse(
execSync(
`postiz integrations:trigger ${integrationId} ${tool.methodName} -d '${JSON.stringify(data)}'`
)
);
// Use result.output in your settings
updateSettings(result.output);
}
}
// 4. Create post with complete settings
execSync(`postiz posts:create -c "${content}" --settings '${JSON.stringify(settings)}' -i "${integrationId}"`);
```
## Error Handling
### Tool Not Found
```bash
postiz integrations:trigger reddit-123 invalidMethod
# ❌ Failed to trigger tool: Tool not found
```
### Missing Required Data
```bash
postiz integrations:trigger reddit-123 getFlairs
# ❌ Missing required parameter: subreddit
```
### Integration Not Found
```bash
postiz integrations:trigger invalid-id getFlairs
# ❌ Failed to trigger tool: Integration not found
```
## Tips
1. **Always check tools first** - Run `integrations:settings` to see available tools
2. **Read dataSchema** - Know what parameters each tool needs
3. **Parse JSON output** - Use `jq` or similar to extract data
4. **Cache results** - Tool results don't change often
5. **For AI agents** - Automate the entire workflow
## Complete Example Script
```bash
#!/bin/bash
export POSTIZ_API_KEY=your_key
INTEGRATION_ID="reddit-abc123"
# 1. Get settings
echo "📋 Getting settings..."
SETTINGS=$(postiz integrations:settings $INTEGRATION_ID)
echo $SETTINGS | jq '.output.tools'
# 2. Get flairs
echo ""
echo "🏷️ Getting flairs..."
FLAIRS=$(postiz integrations:trigger $INTEGRATION_ID getFlairs -d '{"subreddit":"programming"}')
FLAIR_ID=$(echo $FLAIRS | jq -r '.output[0].id')
FLAIR_NAME=$(echo $FLAIRS | jq -r '.output[0].name')
echo "Selected flair: $FLAIR_NAME ($FLAIR_ID)"
# 3. Create post
echo ""
echo "📝 Creating post..."
postiz posts:create \
-c "My post content" \
-p reddit \
--settings "{
\"subreddit\": [{
\"value\": {
\"subreddit\": \"programming\",
\"title\": \"My Post Title\",
\"type\": \"text\",
\"url\": \"\",
\"is_flair_required\": true,
\"flair\": {
\"id\": \"$FLAIR_ID\",
\"name\": \"$FLAIR_NAME\"
}
}
}]
}" \
-i "$INTEGRATION_ID"
echo "✅ Done!"
```
## Summary
**Discover available tools** with `integrations:settings`
**Call tools** to fetch required data with `integrations:trigger`
**Use tool results** in post settings
**Complete workflow** from discovery to posting
**Perfect for AI agents** - fully automated
**No guesswork** - know exactly what data you need
**The CLI now supports the complete integration tools workflow!** 🎉

338
apps/cli/PROJECT_STRUCTURE.md Normal file
View file

@ -0,0 +1,338 @@
# Postiz CLI - Project Structure
## Overview
The Postiz CLI is a complete command-line interface package for interacting with the Postiz social media scheduling API. It's designed for developers and AI agents to automate social media posting.
## Directory Structure
```
apps/cli/
├── src/ # Source code
│ ├── index.ts # Main CLI entry point
│ ├── api.ts # API client for Postiz API
│ ├── config.ts # Configuration and environment handling
│ └── commands/ # Command implementations
│ ├── posts.ts # Posts management commands
│ ├── integrations.ts # Integrations listing
│ └── upload.ts # Media upload command
├── examples/ # Usage examples
│ ├── basic-usage.sh # Shell script example
│ └── ai-agent-example.js # Node.js AI agent example
├── dist/ # Build output (generated)
│ ├── index.js # Compiled CLI executable
│ └── index.js.map # Source map
├── package.json # Package configuration
├── tsconfig.json # TypeScript configuration
├── tsup.config.ts # Build configuration
├── README.md # Main documentation
├── SKILL.md # AI agent usage guide
├── QUICK_START.md # Quick start guide
├── CHANGELOG.md # Version history
├── PROJECT_STRUCTURE.md # This file
├── .gitignore # Git ignore rules
└── .npmignore # npm publish ignore rules
```
## File Descriptions
### Source Files
#### `src/index.ts`
- Main entry point for the CLI
- Uses `yargs` for command parsing
- Defines all available commands and their options
- Contains help text and usage examples
#### `src/api.ts`
- API client class `PostizAPI`
- Handles all HTTP requests to the Postiz API
- Methods for:
- Creating posts
- Listing posts
- Deleting posts
- Uploading files
- Listing integrations
- Error handling and response parsing
#### `src/config.ts`
- Configuration management
- Environment variable handling
- Validates required settings (API key)
- Provides default values
#### `src/commands/posts.ts`
- Post management commands implementation
- `createPost()` - Create new social media posts
- `listPosts()` - List posts with filters
- `deletePost()` - Delete posts by ID
#### `src/commands/integrations.ts`
- Integration management
- `listIntegrations()` - Show connected accounts
#### `src/commands/upload.ts`
- Media upload functionality
- `uploadFile()` - Upload images to Postiz
### Configuration Files
#### `package.json`
- Package name: `postiz`
- Version: `1.0.0`
- Executable bin: `postiz``dist/index.js`
- Scripts: `dev`, `build`, `start`, `publish`
- Repository and metadata information
#### `tsconfig.json`
- Extends base config from monorepo
- Target: ES2017
- Module: CommonJS
- Enables decorators and source maps
#### `tsup.config.ts`
- Build tool configuration
- Entry point: `src/index.ts`
- Output format: CommonJS
- Adds shebang for Node.js execution
- Generates source maps
### Documentation Files
#### `README.md`
- Main package documentation
- Installation instructions
- Usage examples
- API reference
- Development guide
#### `SKILL.md`
- Comprehensive guide for AI agents
- Usage patterns and workflows
- Command examples
- Best practices
- Error handling
#### `QUICK_START.md`
- Fast onboarding guide
- Installation steps
- Basic commands
- Common workflows
- Troubleshooting
#### `CHANGELOG.md`
- Version history
- Release notes
- Feature additions
- Bug fixes
### Example Files
#### `examples/basic-usage.sh`
- Bash script example
- Demonstrates basic CLI workflow
- Shows integration listing, post creation, and deletion
#### `examples/ai-agent-example.js`
- Node.js script for AI agents
- Programmatic CLI usage
- Batch post creation
- JSON parsing examples
## Build Process
### Development Build
```bash
pnpm run dev
```
- Watches for file changes
- Rebuilds automatically
- Useful during development
### Production Build
```bash
pnpm run build
```
1. Cleans `dist/` directory
2. Compiles TypeScript → JavaScript
3. Bundles dependencies
4. Adds shebang for executable
5. Generates source maps
6. Makes output executable
### Output
- `dist/index.js` - Main executable (~490KB)
- `dist/index.js.map` - Source map (~920KB)
## Commands Architecture
### Command Flow
```
User Input
index.ts (yargs parser)
Command Handler (posts.ts, integrations.ts, upload.ts)
config.ts (get API key)
api.ts (make API request)
Response / Error
Output to console
```
### Available Commands
1. **posts:create**
- Options: `--content`, `--integrations`, `--schedule`, `--image`
- Handler: `commands/posts.ts::createPost()`
2. **posts:list**
- Options: `--page`, `--limit`, `--search`
- Handler: `commands/posts.ts::listPosts()`
3. **posts:delete**
- Positional: `<id>`
- Handler: `commands/posts.ts::deletePost()`
4. **integrations:list**
- No options
- Handler: `commands/integrations.ts::listIntegrations()`
5. **upload**
- Positional: `<file>`
- Handler: `commands/upload.ts::uploadFile()`
## Environment Variables
| Variable | Required | Default | Usage |
|----------|----------|---------|-------|
| `POSTIZ_API_KEY` | ✅ Yes | - | Authentication token |
| `POSTIZ_API_URL` | ❌ No | `https://api.postiz.com` | Custom API endpoint |
## Dependencies
### Runtime Dependencies (from root)
- `yargs` - CLI argument parsing
- `node-fetch` - HTTP requests
- Standard Node.js modules (`fs`, `path`)
### Dev Dependencies
- `tsup` - TypeScript bundler
- `typescript` - Type checking
- `@types/yargs` - TypeScript types
## Integration Points
### With Monorepo
1. **Build Scripts**
- Added to root `package.json`
- `pnpm run build:cli` - Build the CLI
- `pnpm run publish-cli` - Publish to npm
2. **TypeScript Config**
- Extends `tsconfig.base.json`
- Shares common compiler options
3. **Dependencies**
- Uses shared dependencies from root
- No duplicate packages
### With Postiz API
1. **Endpoints Used**
- `POST /public/v1/posts` - Create post
- `GET /public/v1/posts` - List posts
- `DELETE /public/v1/posts/:id` - Delete post
- `GET /public/v1/integrations` - List integrations
- `POST /public/v1/upload` - Upload media
2. **Authentication**
- API key via `Authorization` header
- Configured through environment variable
## Publishing
### To npm
```bash
pnpm run publish-cli
```
This will:
1. Build the package
2. Publish to npm with public access
3. Include only `dist/`, `README.md`, and `SKILL.md`
### Package Contents (via .npmignore)
**Included:**
- `dist/` - Compiled code
- `README.md` - Documentation
**Excluded:**
- `src/` - Source code
- `examples/` - Examples
- Config files
- Other markdown files
## Testing
### Manual Testing
```bash
# Test help
node dist/index.js --help
# Test without API key (should error)
node dist/index.js posts:list
# Test with API key (requires valid key)
POSTIZ_API_KEY=test node dist/index.js integrations:list
```
### Automated Testing (Future)
- Unit tests for API client
- Integration tests for commands
- E2E tests with mock API
## Future Enhancements
1. **More Commands**
- Analytics retrieval
- Team management
- Settings configuration
2. **Features**
- Interactive mode
- Config file support (~/.postizrc)
- Output formatting (JSON, table, CSV)
- Verbose/debug mode
- Batch operations from file
3. **Developer Experience**
- TypeScript types export
- Programmatic API
- Plugin system
- Custom integrations
## Support
- **Issues:** https://github.com/gitroomhq/postiz-app/issues
- **Docs:** See README.md, SKILL.md, QUICK_START.md
- **Website:** https://postiz.com

472
apps/cli/PROVIDER_SETTINGS.md Normal file
View file

@ -0,0 +1,472 @@
# Provider-Specific Settings
The Postiz CLI supports platform-specific settings for each integration. Different platforms have different options and requirements.
## How to Use Provider Settings
### Method 1: Command Line Flags
```bash
postiz posts:create \
-c "Your content" \
-p <provider-type> \
--settings '<json-settings>' \
-i "integration-id"
```
### Method 2: JSON File
```bash
postiz posts:create --json post-with-settings.json
```
In the JSON file, specify settings per integration:
```json
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [{
"integration": { "id": "reddit-123" },
"value": [{ "content": "Post content", "image": [] }],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "My Post Title",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}
}]
}
```
## Supported Platforms & Settings
### Reddit (`reddit`)
**Settings:**
- `subreddit` (required): Subreddit name
- `title` (required): Post title
- `type` (required): `"text"` or `"link"`
- `url` (required for links): URL if type is "link"
- `is_flair_required` (boolean): Whether flair is required
- `flair` (optional): Flair object with `id` and `name`
**Example:**
```bash
postiz posts:create \
-c "Post content here" \
-p reddit \
--settings '{
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Check out this cool project",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}' \
-i "reddit-123"
```
### YouTube (`youtube`)
**Settings:**
- `title` (required): Video title (2-100 characters)
- `type` (required): `"public"`, `"private"`, or `"unlisted"`
- `selfDeclaredMadeForKids` (optional): `"yes"` or `"no"`
- `thumbnail` (optional): Thumbnail MediaDto object
- `tags` (optional): Array of tag objects with `value` and `label`
**Example:**
```bash
postiz posts:create \
-c "Video description here" \
-p youtube \
--settings '{
"title": "My Awesome Video",
"type": "public",
"selfDeclaredMadeForKids": "no",
"tags": [
{"value": "tech", "label": "Tech"},
{"value": "tutorial", "label": "Tutorial"}
]
}' \
-i "youtube-123"
```
### X / Twitter (`x`)
**Settings:**
- `community` (optional): X community URL (format: `https://x.com/i/communities/1234567890`)
- `who_can_reply_post` (required): Who can reply
- `"everyone"` - Anyone can reply
- `"following"` - Only people you follow
- `"mentionedUsers"` - Only mentioned users
- `"subscribers"` - Only subscribers
- `"verified"` - Only verified users
**Example:**
```bash
postiz posts:create \
-c "Tweet content" \
-p x \
--settings '{
"who_can_reply_post": "everyone"
}' \
-i "twitter-123"
```
**With Community:**
```bash
postiz posts:create \
-c "Community tweet" \
-p x \
--settings '{
"community": "https://x.com/i/communities/1493446837214187523",
"who_can_reply_post": "everyone"
}' \
-i "twitter-123"
```
### LinkedIn (`linkedin`)
**Settings:**
- `post_as_images_carousel` (boolean): Post as image carousel
- `carousel_name` (optional): Carousel name if posting as carousel
**Example:**
```bash
postiz posts:create \
-c "LinkedIn post" \
-m "img1.jpg,img2.jpg,img3.jpg" \
-p linkedin \
--settings '{
"post_as_images_carousel": true,
"carousel_name": "Product Showcase"
}' \
-i "linkedin-123"
```
### Instagram (`instagram`)
**Settings:**
- `post_type` (required): `"post"` or `"story"`
- `is_trial_reel` (optional): Boolean
- `graduation_strategy` (optional): `"MANUAL"` or `"SS_PERFORMANCE"`
- `collaborators` (optional): Array of collaborator objects with `label`
**Example:**
```bash
postiz posts:create \
-c "Instagram post" \
-m "photo.jpg" \
-p instagram \
--settings '{
"post_type": "post",
"is_trial_reel": false
}' \
-i "instagram-123"
```
**Story Example:**
```bash
postiz posts:create \
-c "Story content" \
-m "story-image.jpg" \
-p instagram \
--settings '{
"post_type": "story"
}' \
-i "instagram-123"
```
### TikTok (`tiktok`)
**Settings:**
- `title` (optional): Video title (max 90 characters)
- `privacy_level` (required): Privacy level
- `"PUBLIC_TO_EVERYONE"`
- `"MUTUAL_FOLLOW_FRIENDS"`
- `"FOLLOWER_OF_CREATOR"`
- `"SELF_ONLY"`
- `duet` (boolean): Allow duets
- `stitch` (boolean): Allow stitch
- `comment` (boolean): Allow comments
- `autoAddMusic` (required): `"yes"` or `"no"`
- `brand_content_toggle` (boolean): Brand content toggle
- `brand_organic_toggle` (boolean): Brand organic toggle
- `video_made_with_ai` (optional): Boolean
- `content_posting_method` (required): `"DIRECT_POST"` or `"UPLOAD"`
**Example:**
```bash
postiz posts:create \
-c "TikTok video description" \
-m "video.mp4" \
-p tiktok \
--settings '{
"title": "Check this out!",
"privacy_level": "PUBLIC_TO_EVERYONE",
"duet": true,
"stitch": true,
"comment": true,
"autoAddMusic": "no",
"brand_content_toggle": false,
"brand_organic_toggle": false,
"content_posting_method": "DIRECT_POST"
}' \
-i "tiktok-123"
```
### Facebook (`facebook`)
Settings available - check the DTO for specifics.
### Pinterest (`pinterest`)
Settings available - check the DTO for specifics.
### Discord (`discord`)
Settings available - check the DTO for specifics.
### Slack (`slack`)
Settings available - check the DTO for specifics.
### Medium (`medium`)
Settings available - check the DTO for specifics.
### Dev.to (`devto`)
Settings available - check the DTO for specifics.
### Hashnode (`hashnode`)
Settings available - check the DTO for specifics.
### WordPress (`wordpress`)
Settings available - check the DTO for specifics.
## Platforms Without Specific Settings
These platforms use the default `EmptySettings`:
- `threads`
- `mastodon`
- `bluesky`
- `telegram`
- `nostr`
- `vk`
For these, you don't need to specify settings or can use:
```bash
-p threads # or any of the above
```
## Using JSON Files for Complex Settings
For complex settings, it's easier to use JSON files:
### Reddit Example
**reddit-post.json:**
```json
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [{
"integration": { "id": "reddit-123" },
"value": [{
"content": "Check out this cool project!",
"image": []
}],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "My Cool Project - Built with TypeScript",
"type": "text",
"url": "",
"is_flair_required": true,
"flair": {
"id": "flair-123",
"name": "Project"
}
}
}]
}
}]
}
```
```bash
postiz posts:create --json reddit-post.json
```
### YouTube Example
**youtube-video.json:**
```json
{
"type": "schedule",
"date": "2024-12-25T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [{
"integration": { "id": "youtube-123" },
"value": [{
"content": "Full video description with timestamps...",
"image": [{
"id": "thumb1",
"path": "https://cdn.example.com/thumbnail.jpg"
}]
}],
"settings": {
"__type": "youtube",
"title": "How to Build a CLI Tool",
"type": "public",
"selfDeclaredMadeForKids": "no",
"tags": [
{ "value": "programming", "label": "Programming" },
{ "value": "typescript", "label": "TypeScript" },
{ "value": "tutorial", "label": "Tutorial" }
]
}
}]
}
```
```bash
postiz posts:create --json youtube-video.json
```
### Multi-Platform with Different Settings
**multi-platform-campaign.json:**
```json
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [
{
"integration": { "id": "reddit-123" },
"value": [{ "content": "Reddit-specific content", "image": [] }],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Post Title",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}
},
{
"integration": { "id": "twitter-123" },
"value": [{ "content": "Twitter-specific content", "image": [] }],
"settings": {
"__type": "x",
"who_can_reply_post": "everyone"
}
},
{
"integration": { "id": "linkedin-123" },
"value": [
{
"content": "LinkedIn post",
"image": [
{ "id": "1", "path": "img1.jpg" },
{ "id": "2", "path": "img2.jpg" }
]
}
],
"settings": {
"__type": "linkedin",
"post_as_images_carousel": true,
"carousel_name": "Product Launch"
}
}
]
}
```
## Tips
1. **Use JSON files for complex settings** - Command-line JSON strings get messy fast
2. **Validate your settings** - The API will return errors if settings are invalid
3. **Check required fields** - Each platform has different required fields
4. **Platform-specific content** - Different platforms may need different content/media
5. **Test with drafts first** - Use `"type": "draft"` to test without posting
## Finding Your Provider Type
To find the correct provider type for your integration:
```bash
postiz integrations:list
```
This will show the `provider` field for each integration, which corresponds to the `__type` in settings.
## Common Errors
### Missing __type
```json
{
"settings": {
"title": "My Video" // ❌ Missing __type
}
}
```
**Fix:**
```json
{
"settings": {
"__type": "youtube", // ✅ Add __type
"title": "My Video"
}
}
```
### Wrong Provider Type
```bash
# ❌ Wrong
-p twitter # Should be "x"
# ✅ Correct
-p x
```
### Invalid Settings for Platform
Each platform validates its own settings. Check the error message and refer to the platform's required fields above.
## See Also
- **EXAMPLES.md** - General usage examples
- **COMMAND_LINE_GUIDE.md** - Command-line syntax
- **SKILL.md** - AI agent patterns
- Source DTOs in `libraries/nestjs-libraries/src/dtos/posts/providers-settings/`

220
apps/cli/PROVIDER_SETTINGS_SUMMARY.md Normal file
View file

@ -0,0 +1,220 @@
# Provider-Specific Settings - Quick Reference
## ✅ What's Supported
The CLI now supports **platform-specific settings** for all 28+ integrations!
## Supported Platforms
### Platforms with Specific Settings
| Platform | Type | Key Settings |
|----------|------|--------------|
| **Reddit** | `reddit` | subreddit, title, type, url, flair |
| **YouTube** | `youtube` | title, type (public/private/unlisted), tags, thumbnail |
| **X (Twitter)** | `x` | who_can_reply_post, community |
| **LinkedIn** | `linkedin` | post_as_images_carousel, carousel_name |
| **Instagram** | `instagram` | post_type (post/story), collaborators |
| **TikTok** | `tiktok` | title, privacy_level, duet, stitch, comment, autoAddMusic |
| **Facebook** | `facebook` | Platform-specific settings |
| **Pinterest** | `pinterest` | Platform-specific settings |
| **Discord** | `discord` | Platform-specific settings |
| **Slack** | `slack` | Platform-specific settings |
| **Medium** | `medium` | Platform-specific settings |
| **Dev.to** | `devto` | Platform-specific settings |
| **Hashnode** | `hashnode` | Platform-specific settings |
| **WordPress** | `wordpress` | Platform-specific settings |
| And 15+ more... | | See PROVIDER_SETTINGS.md |
### Platforms with Default Settings
These use `EmptySettings` (no special configuration needed):
- Threads, Mastodon, Bluesky, Telegram, Nostr, VK
## Usage
### Method 1: Command Line
```bash
postiz posts:create \
-c "Content" \
-p <provider-type> \
--settings '<json-settings>' \
-i "integration-id"
```
### Method 2: JSON File
```json
{
"posts": [{
"integration": { "id": "integration-id" },
"value": [...],
"settings": {
"__type": "provider-type",
...
}
}]
}
```
## Quick Examples
### Reddit Post
```bash
postiz posts:create \
-c "Check out this project!" \
-p reddit \
--settings '{
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "My Cool Project",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}' \
-i "reddit-123"
```
### YouTube Video
```bash
postiz posts:create \
-c "Full video description..." \
-p youtube \
--settings '{
"title": "How to Build a CLI",
"type": "public",
"tags": [
{"value": "tech", "label": "Tech"},
{"value": "tutorial", "label": "Tutorial"}
]
}' \
-i "youtube-123"
```
### Twitter/X with Reply Controls
```bash
postiz posts:create \
-c "Important announcement!" \
-p x \
--settings '{
"who_can_reply_post": "verified"
}' \
-i "twitter-123"
```
### LinkedIn Carousel
```bash
postiz posts:create \
-c "Product showcase" \
-m "img1.jpg,img2.jpg,img3.jpg" \
-p linkedin \
--settings '{
"post_as_images_carousel": true,
"carousel_name": "Product Launch"
}' \
-i "linkedin-123"
```
### Instagram Story
```bash
postiz posts:create \
-c "Story content" \
-m "story-image.jpg" \
-p instagram \
--settings '{
"post_type": "story"
}' \
-i "instagram-123"
```
### TikTok Video
```bash
postiz posts:create \
-c "TikTok description #fyp" \
-m "video.mp4" \
-p tiktok \
--settings '{
"privacy_level": "PUBLIC_TO_EVERYONE",
"duet": true,
"stitch": true,
"comment": true,
"autoAddMusic": "no",
"brand_content_toggle": false,
"brand_organic_toggle": false,
"content_posting_method": "DIRECT_POST"
}' \
-i "tiktok-123"
```
## JSON File Examples
We've created example JSON files for you:
- **`reddit-post.json`** - Reddit post with subreddit settings
- **`youtube-video.json`** - YouTube video with title, tags, thumbnail
- **`tiktok-video.json`** - TikTok video with full settings
- **`multi-platform-with-settings.json`** - Multi-platform campaign with different settings per platform
## Finding Provider Types
```bash
postiz integrations:list
```
Look at the `provider` field - this is your provider type!
## Common Provider Types
- `reddit` - Reddit
- `youtube` - YouTube
- `x` - X (Twitter)
- `linkedin` or `linkedin-page` - LinkedIn
- `instagram` or `instagram-standalone` - Instagram
- `tiktok` - TikTok
- `facebook` - Facebook
- `pinterest` - Pinterest
- `discord` - Discord
- `slack` - Slack
- `threads` - Threads (no specific settings)
- `bluesky` - Bluesky (no specific settings)
- `mastodon` - Mastodon (no specific settings)
## Documentation
📖 **[PROVIDER_SETTINGS.md](./PROVIDER_SETTINGS.md)** - Complete documentation with all platform settings
Includes:
- All available settings for each platform
- Required vs optional fields
- Validation rules
- More examples
- Common errors and solutions
## Tips
1. **Use JSON files for complex settings** - Easier to manage than command-line strings
2. **Different settings per platform** - Each platform in a multi-platform post can have different settings
3. **Validate before posting** - Use `"type": "draft"` to test
4. **Check examples** - See `examples/` directory for working templates
5. **Provider type matters** - Make sure `__type` matches your integration's provider
## Summary
✅ **28+ platforms supported**
✅ **Platform-specific settings for Reddit, YouTube, TikTok, X, LinkedIn, Instagram, and more**
✅ **Easy command-line interface**
✅ **JSON file support for complex configs**
✅ **Full type validation**
✅ **Comprehensive examples included**
**The CLI now supports the full power of each platform!** 🚀

377
apps/cli/PUBLISHING.md Normal file
View file

@ -0,0 +1,377 @@
# Publishing the Postiz CLI to npm
## Quick Publish (Current Name: "postiz")
```bash
# From apps/cli directory
pnpm run build
pnpm publish --access public
```
Then users can install:
```bash
npm install -g postiz
# or
pnpm install -g postiz
# And use:
postiz --help
```
## Publishing with a Different Package Name
If you want to publish as a different npm package name (e.g., "agent-postiz"):
### 1. Change Package Name
Edit `apps/cli/package.json`:
```json
{
"name": "agent-postiz", // ← Changed package name
"version": "1.0.0",
"bin": {
"postiz": "./dist/index.js" // ← Keep command name!
}
}
```
**Important:** The `bin` field determines the command name, NOT the package name!
### 2. Publish
```bash
cd apps/cli
pnpm run build
pnpm publish --access public
```
### 3. Users Install
```bash
npm install -g agent-postiz
# or
pnpm install -g agent-postiz
```
### 4. Users Use
Even though the package is called "agent-postiz", the command is still:
```bash
postiz --help # ← Command name from "bin" field
postiz posts:create -c "Hello!" -i "twitter-123"
```
## Package Name vs Command Name
| Field | Purpose | Example |
|-------|---------|---------|
| `"name"` | npm package name (what you install) | `"agent-postiz"` |
| `"bin"` | Command name (what you type) | `"postiz"` |
**Examples:**
1. **Same name:**
```json
"name": "postiz",
"bin": { "postiz": "./dist/index.js" }
```
Install: `npm i -g postiz`
Use: `postiz`
2. **Different names:**
```json
"name": "agent-postiz",
"bin": { "postiz": "./dist/index.js" }
```
Install: `npm i -g agent-postiz`
Use: `postiz`
3. **Multiple commands:**
```json
"name": "agent-postiz",
"bin": {
"postiz": "./dist/index.js",
"pz": "./dist/index.js"
}
```
Install: `npm i -g agent-postiz`
Use: `postiz` or `pz`
## Publishing Checklist
### Before First Publish
- [ ] Verify package name is available on npm
```bash
npm view postiz
# If error "404 Not Found" - name is available!
```
- [ ] Update version if needed
```json
"version": "1.0.0"
```
- [ ] Review files to include
```json
"files": [
"dist",
"README.md",
"SKILL.md"
]
```
- [ ] Build the package
```bash
pnpm run build
```
- [ ] Test locally
```bash
pnpm link --global
postiz --help
```
### Publish to npm
```bash
# Login to npm (first time only)
npm login
# From apps/cli
pnpm run build
pnpm publish --access public
# Or use the root script
cd /path/to/monorepo/root
pnpm run publish-cli
```
### After Publishing
Verify it's published:
```bash
npm view postiz
# Should show your package info
```
Test installation:
```bash
npm install -g postiz
postiz --version
```
## Using from Monorepo Root
The root `package.json` already has:
```json
{
"scripts": {
"publish-cli": "pnpm run --filter ./apps/cli publish"
}
}
```
So you can publish from the root:
```bash
# From monorepo root
pnpm run publish-cli
```
## Version Updates
### Patch Release (1.0.0 → 1.0.1)
```bash
cd apps/cli
npm version patch
pnpm publish --access public
```
### Minor Release (1.0.0 → 1.1.0)
```bash
cd apps/cli
npm version minor
pnpm publish --access public
```
### Major Release (1.0.0 → 2.0.0)
```bash
cd apps/cli
npm version major
pnpm publish --access public
```
## Scoped Packages
If you want to publish under an organization scope:
```json
{
"name": "@yourorg/postiz",
"bin": {
"postiz": "./dist/index.js"
}
}
```
Install:
```bash
npm install -g @yourorg/postiz
```
Use:
```bash
postiz --help
```
## Testing Before Publishing
### Test the Build
```bash
pnpm run build
node dist/index.js --help
```
### Test Linking
```bash
pnpm link --global
postiz --help
pnpm unlink --global
```
### Test Publishing (Dry Run)
```bash
npm publish --dry-run
# Shows what would be published
```
### Test with `npm pack`
```bash
npm pack
# Creates a .tgz file
# Test installing the tarball
npm install -g ./postiz-1.0.0.tgz
postiz --help
npm uninstall -g postiz
```
## Continuous Publishing
### Using GitHub Actions
Create `.github/workflows/publish-cli.yml`:
```yaml
name: Publish CLI to npm
on:
push:
tags:
- 'cli-v*'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: pnpm/action-setup@v2
- uses: actions/setup-node@v3
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
- run: pnpm install
- run: pnpm run build:cli
- name: Publish to npm
run: pnpm --filter ./apps/cli publish --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
```
Then publish with:
```bash
git tag cli-v1.0.0
git push origin cli-v1.0.0
```
## Common Issues
### "You do not have permission to publish"
- Make sure you're logged in: `npm login`
- Check package name isn't taken: `npm view postiz`
- If scoped, ensure org access: `npm org ls yourorg`
### "Package name too similar to existing package"
- Choose a more unique name
- Or use a scoped package: `@yourorg/postiz`
### "Missing required files"
- Check `"files"` field in package.json
- Run `npm pack` to see what would be included
- Make sure `dist/` exists and is built
### Command not found after install
- Check `"bin"` field is correct
- Ensure `dist/index.js` has shebang: `#!/usr/bin/env node`
- Try reinstalling: `npm uninstall -g postiz && npm install -g postiz`
## Recommended Names
If "postiz" is taken, consider:
- `@postiz/cli`
- `postiz-cli`
- `postiz-agent`
- `agent-postiz`
- `@yourorg/postiz`
Remember: The package name is just for installation. The command can still be `postiz`!
## Summary
✅ Current setup works perfectly!
`bin` field defines the command name
`name` field defines the npm package name
✅ They can be different!
**To publish now:**
```bash
cd apps/cli
pnpm run build
pnpm publish --access public
```
**Users install:**
```bash
npm install -g postiz
# or
pnpm install -g postiz
```
**Users use:**
```bash
postiz --help
postiz posts:create -c "Hello!" -i "twitter-123"
```
🚀 **Ready to publish!**

284
apps/cli/QUICK_START.md Normal file
View file

@ -0,0 +1,284 @@
# Postiz CLI - Quick Start Guide
## Installation
### From Source (Development)
```bash
# Navigate to the monorepo root
cd /path/to/gitroom
# Install dependencies
pnpm install
# Build the CLI
pnpm run build:cli
# Test locally
node apps/cli/dist/index.js --help
```
### Global Installation (Development)
```bash
# From the CLI directory
cd apps/cli
# Link globally
pnpm link --global
# Now you can use 'postiz' anywhere
postiz --help
```
### From npm (Coming Soon)
```bash
# Once published
npm install -g postiz
# Or with pnpm
pnpm add -g postiz
```
## Setup
### 1. Get Your API Key
1. Log in to your Postiz account at https://postiz.com
2. Navigate to Settings → API Keys
3. Generate a new API key
### 2. Set Environment Variable
```bash
# Bash/Zsh
export POSTIZ_API_KEY=your_api_key_here
# Fish
set -x POSTIZ_API_KEY your_api_key_here
# PowerShell
$env:POSTIZ_API_KEY="your_api_key_here"
```
To make it permanent, add it to your shell profile:
```bash
# ~/.bashrc or ~/.zshrc
echo 'export POSTIZ_API_KEY=your_api_key_here' >> ~/.bashrc
source ~/.bashrc
```
### 3. Verify Installation
```bash
postiz --help
```
## Basic Commands
### Create a Post
```bash
# Simple post
postiz posts:create -c "Hello World!" -i "twitter-123"
# Post with multiple images
postiz posts:create \
-c "Check these out!" \
-m "img1.jpg,img2.jpg" \
-i "twitter-123"
# Post with comments (each can have different media!)
postiz posts:create \
-c "Main post" -m "main.jpg" \
-c "First comment" -m "comment1.jpg" \
-c "Second comment" -m "comment2.jpg" \
-i "twitter-123"
# Scheduled post
postiz posts:create \
-c "Future post" \
-s "2024-12-31T12:00:00Z" \
-i "twitter-123"
```
### List Posts
```bash
# List all posts
postiz posts:list
# With pagination
postiz posts:list -p 2 -l 20
# Search
postiz posts:list -s "keyword"
```
### Delete a Post
```bash
postiz posts:delete abc123xyz
```
### List Integrations
```bash
postiz integrations:list
```
### Upload Media
```bash
postiz upload ./path/to/image.png
```
## Common Workflows
### 1. Check What's Connected
```bash
# See all your connected social media accounts
postiz integrations:list
```
The output will show integration IDs like:
```json
[
{ "id": "twitter-123", "provider": "twitter" },
{ "id": "linkedin-456", "provider": "linkedin" }
]
```
### 2. Create Multi-Platform Post
```bash
# Use the integration IDs from step 1
postiz posts:create \
-c "Posting to multiple platforms!" \
-i "twitter-123,linkedin-456,facebook-789"
```
### 3. Schedule Multiple Posts
```bash
# Morning post
postiz posts:create -c "Good morning!" -s "2024-01-15T09:00:00Z"
# Afternoon post
postiz posts:create -c "Lunch time update!" -s "2024-01-15T12:00:00Z"
# Evening post
postiz posts:create -c "Good night!" -s "2024-01-15T20:00:00Z"
```
### 4. Upload and Post Image
```bash
# First upload the image
postiz upload ./my-image.png
# Copy the URL from the response, then create post
postiz posts:create -c "Check out this image!" --image "url-from-upload"
```
## Tips & Tricks
### Using with jq for JSON Parsing
```bash
# Get just the post IDs
postiz posts:list | jq '.[] | .id'
# Get integration names
postiz integrations:list | jq '.[] | .provider'
```
### Script Automation
```bash
#!/bin/bash
# Create a batch of posts
for hour in 09 12 15 18; do
postiz posts:create \
-c "Automated post at ${hour}:00" \
-s "2024-01-15T${hour}:00:00Z"
echo "Created post for ${hour}:00"
done
```
### Environment Variables
```bash
# Custom API endpoint (for self-hosted)
export POSTIZ_API_URL=https://your-instance.com
# Use the CLI with custom endpoint
postiz posts:list
```
## Troubleshooting
### API Key Not Set
```
❌ Error: POSTIZ_API_KEY environment variable is required
```
**Solution:** Set the environment variable:
```bash
export POSTIZ_API_KEY=your_key
```
### Command Not Found
```
postiz: command not found
```
**Solution:** Either:
1. Use the full path: `node apps/cli/dist/index.js`
2. Link globally: `cd apps/cli && pnpm link --global`
3. Add to PATH: `export PATH=$PATH:/path/to/apps/cli/dist`
### API Errors
```
❌ API Error (401): Unauthorized
```
**Solution:** Check your API key is valid and has proper permissions.
```
❌ API Error (404): Not Found
```
**Solution:** Verify the post ID exists when deleting.
## Getting Help
```bash
# General help
postiz --help
# Command-specific help
postiz posts:create --help
postiz posts:list --help
postiz posts:delete --help
```
## Next Steps
- Read the full [README.md](./README.md) for detailed documentation
- Check [SKILL.md](./SKILL.md) for AI agent integration patterns
- See [examples/](./examples/) for more usage examples
## Links
- [Postiz Website](https://postiz.com)
- [API Documentation](https://postiz.com/api-docs)
- [GitHub Repository](https://github.com/gitroomhq/postiz-app)
- [Report Issues](https://github.com/gitroomhq/postiz-app/issues)

643
apps/cli/README.md Normal file
View file

@ -0,0 +1,643 @@
# Postiz CLI
**Social media automation CLI for AI agents** - Schedule posts across 28+ platforms programmatically.
The Postiz CLI provides a command-line interface to the Postiz API, enabling developers and AI agents to automate social media posting, manage content, and handle media uploads across platforms like Twitter/X, LinkedIn, Reddit, YouTube, TikTok, Instagram, Facebook, and more.
---
## Installation
### From npm (Recommended)
```bash
npm install -g postiz
# or
pnpm install -g postiz
```
### From Source
```bash
git clone https://github.com/gitroomhq/postiz-app.git
cd postiz-app/apps/cli
pnpm install
pnpm run build
pnpm link --global
```
### For Development
```bash
cd apps/cli
pnpm install
pnpm run build
pnpm link --global
# Or run directly without linking
pnpm run start -- posts:list
```
---
## Setup
**Required:** Set your Postiz API key
```bash
export POSTIZ_API_KEY=your_api_key_here
```
**Optional:** Custom API endpoint
```bash
export POSTIZ_API_URL=https://your-custom-api.com
```
---
## Commands
### Discovery & Settings
**List all connected integrations**
```bash
postiz integrations:list
```
Returns integration IDs, provider names, and metadata.
**Get integration settings schema**
```bash
postiz integrations:settings <integration-id>
```
Returns character limits, required settings, and available tools for fetching dynamic data.
**Trigger integration tools**
```bash
postiz integrations:trigger <integration-id> <method-name>
postiz integrations:trigger <integration-id> <method-name> -d '{"key":"value"}'
```
Fetch dynamic data like Reddit flairs, YouTube playlists, LinkedIn companies, etc.
**Examples:**
```bash
# Get Reddit flairs
postiz integrations:trigger reddit-123 getFlairs -d '{"subreddit":"programming"}'
# Get YouTube playlists
postiz integrations:trigger youtube-456 getPlaylists
# Get LinkedIn companies
postiz integrations:trigger linkedin-789 getCompanies
```
---
### Creating Posts
**Simple scheduled post**
```bash
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "integration-id"
```
**Draft post**
```bash
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -t draft -i "integration-id"
```
**Post with media**
```bash
postiz posts:create -c "Content" -m "img1.jpg,img2.jpg" -s "2024-12-31T12:00:00Z" -i "integration-id"
```
**Post with comments** (each comment can have its own media)
```bash
postiz posts:create \
-c "Main post" -m "main.jpg" \
-c "First comment" -m "comment1.jpg" \
-c "Second comment" -m "comment2.jpg,comment3.jpg" \
-s "2024-12-31T12:00:00Z" \
-i "integration-id"
```
**Multi-platform post**
```bash
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "twitter-id,linkedin-id,facebook-id"
```
**Platform-specific settings**
```bash
postiz posts:create \
-c "Content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"subreddit":[{"value":{"subreddit":"programming","title":"Post Title","type":"text"}}]}' \
-i "reddit-id"
```
**Complex post from JSON file**
```bash
postiz posts:create --json post.json
```
**Options:**
- `-c, --content` - Post/comment content (use multiple times for posts with comments)
- `-s, --date` - Schedule date in ISO 8601 format (REQUIRED)
- `-t, --type` - Post type: "schedule" or "draft" (default: "schedule")
- `-m, --media` - Comma-separated media URLs for corresponding `-c`
- `-i, --integrations` - Comma-separated integration IDs (required)
- `-d, --delay` - Delay between comments in milliseconds (default: 5000)
- `--settings` - Platform-specific settings as JSON string
- `-j, --json` - Path to JSON file with full post structure
- `--shortLink` - Use short links (default: true)
---
### Managing Posts
**List posts**
```bash
postiz posts:list
postiz posts:list --startDate "2024-01-01T00:00:00Z" --endDate "2024-12-31T23:59:59Z"
postiz posts:list --customer "customer-id"
```
Defaults to last 30 days to next 30 days if dates not specified.
**Delete post**
```bash
postiz posts:delete <post-id>
```
---
### Media Upload
**Upload file and get URL**
```bash
postiz upload <file-path>
```
**⚠️ IMPORTANT: Upload Files Before Posting**
You **must** upload media files to Postiz before using them in posts. Many platforms (especially TikTok, Instagram, and YouTube) require verified/trusted URLs and will reject external links.
**Workflow:**
1. Upload your file using `postiz upload`
2. Extract the returned URL
3. Use that URL in your post's `-m` parameter
**Supported formats:**
- **Images:** PNG, JPG, JPEG, GIF, WEBP, SVG, BMP, ICO
- **Videos:** MP4, MOV, AVI, MKV, WEBM, FLV, WMV, M4V, MPEG, MPG, 3GP
- **Audio:** MP3, WAV, OGG, AAC, FLAC, M4A
- **Documents:** PDF, DOC, DOCX
**Example:**
```bash
# 1. Upload the file first
RESULT=$(postiz upload video.mp4)
PATH=$(echo "$RESULT" | jq -r '.path')
# 2. Use the Postiz URL in your post
postiz posts:create -c "Check out my video!" -s "2024-12-31T12:00:00Z" -m "$PATH" -i "tiktok-id"
```
**Why this is required:**
- **TikTok, Instagram, YouTube** only accept URLs from trusted domains
- **Security:** Platforms verify media sources to prevent abuse
- **Reliability:** Postiz ensures your media is always accessible
---
## Platform-Specific Features
### Reddit
```bash
# Get available flairs
postiz integrations:trigger reddit-id getFlairs -d '{"subreddit":"programming"}'
# Post with subreddit and flair
postiz posts:create \
-c "Content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"subreddit":[{"value":{"subreddit":"programming","title":"My Post","type":"text","is_flair_required":true,"flair":{"id":"flair-123","name":"Discussion"}}}]}' \
-i "reddit-id"
```
### YouTube
```bash
# Get playlists
postiz integrations:trigger youtube-id getPlaylists
# Upload video FIRST (required!)
VIDEO=$(postiz upload video.mp4)
VIDEO_URL=$(echo "$VIDEO" | jq -r '.path')
# Post with uploaded video URL
postiz posts:create \
-c "Video description" \
-s "2024-12-31T12:00:00Z" \
--settings '{"title":"Video Title","type":"public","tags":[{"value":"tech","label":"Tech"}],"playlistId":"playlist-id"}' \
-m "$VIDEO_URL" \
-i "youtube-id"
```
### TikTok
```bash
# Upload video FIRST (TikTok only accepts verified URLs!)
VIDEO=$(postiz upload video.mp4)
VIDEO_URL=$(echo "$VIDEO" | jq -r '.path')
# Post with uploaded video URL
postiz posts:create \
-c "Video caption #fyp" \
-s "2024-12-31T12:00:00Z" \
--settings '{"privacy":"PUBLIC_TO_EVERYONE","duet":true,"stitch":true}' \
-m "$VIDEO_URL" \
-i "tiktok-id"
```
### LinkedIn
```bash
# Get companies you can post to
postiz integrations:trigger linkedin-id getCompanies
# Post as company
postiz posts:create \
-c "Company announcement" \
-s "2024-12-31T12:00:00Z" \
--settings '{"companyId":"company-123"}' \
-i "linkedin-id"
```
### X (Twitter)
```bash
# Create thread
postiz posts:create \
-c "Thread 1/3 🧵" \
-c "Thread 2/3" \
-c "Thread 3/3" \
-s "2024-12-31T12:00:00Z" \
-d 2000 \
-i "twitter-id"
# With reply settings
postiz posts:create \
-c "Tweet content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"who_can_reply_post":"everyone"}' \
-i "twitter-id"
```
### Instagram
```bash
# Upload image FIRST (Instagram requires verified URLs!)
IMAGE=$(postiz upload image.jpg)
IMAGE_URL=$(echo "$IMAGE" | jq -r '.path')
# Regular post
postiz posts:create \
-c "Caption #hashtag" \
-s "2024-12-31T12:00:00Z" \
--settings '{"post_type":"post"}' \
-m "$IMAGE_URL" \
-i "instagram-id"
# Story (upload first)
STORY=$(postiz upload story.jpg)
STORY_URL=$(echo "$STORY" | jq -r '.path')
postiz posts:create \
-c "" \
-s "2024-12-31T12:00:00Z" \
--settings '{"post_type":"story"}' \
-m "$STORY_URL" \
-i "instagram-id"
```
**See [PROVIDER_SETTINGS.md](./PROVIDER_SETTINGS.md) for all 28+ platforms.**
---
## Features for AI Agents
### Discovery Workflow
The CLI enables dynamic discovery of integration capabilities:
1. **List integrations** - Get available social media accounts
2. **Get settings** - Retrieve character limits, required fields, and available tools
3. **Trigger tools** - Fetch dynamic data (flairs, playlists, boards, etc.)
4. **Create posts** - Use discovered data in posts
This allows AI agents to adapt to different platforms without hardcoded knowledge.
### JSON Mode
For complex posts with multiple platforms and settings:
```bash
postiz posts:create --json complex-post.json
```
JSON structure:
```json
{
"integrations": ["twitter-123", "linkedin-456"],
"posts": [
{
"provider": "twitter",
"post": [
{
"content": "Tweet version",
"image": ["twitter-image.jpg"]
}
]
},
{
"provider": "linkedin",
"post": [
{
"content": "LinkedIn version with more context...",
"image": ["linkedin-image.jpg"]
}
],
"settings": {
"__type": "linkedin",
"companyId": "company-123"
}
}
]
}
```
### All Output is JSON
Every command outputs JSON for easy parsing:
```bash
INTEGRATIONS=$(postiz integrations:list | jq -r '.')
REDDIT_ID=$(echo "$INTEGRATIONS" | jq -r '.[] | select(.identifier=="reddit") | .id')
```
### Threading Support
Comments are automatically converted to threads/replies based on platform:
- **Twitter/X**: Thread of tweets
- **Reddit**: Comment replies
- **LinkedIn**: Comment on post
- **Instagram**: First comment
```bash
postiz posts:create \
-c "Main post" \
-c "Comment 1" \
-c "Comment 2" \
-i "integration-id"
```
---
## Common Workflows
### Reddit Post with Flair
```bash
#!/bin/bash
REDDIT_ID=$(postiz integrations:list | jq -r '.[] | select(.identifier=="reddit") | .id')
FLAIRS=$(postiz integrations:trigger "$REDDIT_ID" getFlairs -d '{"subreddit":"programming"}')
FLAIR_ID=$(echo "$FLAIRS" | jq -r '.output[0].id')
postiz posts:create \
-c "My post content" \
-s "2024-12-31T12:00:00Z" \
--settings "{\"subreddit\":[{\"value\":{\"subreddit\":\"programming\",\"title\":\"Post Title\",\"type\":\"text\",\"is_flair_required\":true,\"flair\":{\"id\":\"$FLAIR_ID\",\"name\":\"Discussion\"}}}]}" \
-i "$REDDIT_ID"
```
### YouTube Video Upload
```bash
#!/bin/bash
VIDEO=$(postiz upload video.mp4)
VIDEO_PATH=$(echo "$VIDEO" | jq -r '.path')
postiz posts:create \
-c "Video description..." \
-s "2024-12-31T12:00:00Z" \
--settings '{"title":"My Video","type":"public","tags":[{"value":"tech","label":"Tech"}]}' \
-m "$VIDEO_PATH" \
-i "youtube-id"
```
### Multi-Platform Campaign
```bash
#!/bin/bash
postiz posts:create \
-c "Same content everywhere" \
-s "2024-12-31T12:00:00Z" \
-m "image.jpg" \
-i "twitter-id,linkedin-id,facebook-id"
```
### Batch Scheduling
```bash
#!/bin/bash
DATES=("2024-02-14T09:00:00Z" "2024-02-15T09:00:00Z" "2024-02-16T09:00:00Z")
CONTENT=("Monday motivation 💪" "Tuesday tips 💡" "Wednesday wisdom 🧠")
for i in "${!DATES[@]}"; do
postiz posts:create \
-c "${CONTENT[$i]}" \
-s "${DATES[$i]}" \
-i "twitter-id"
done
```
---
## Documentation
**For AI Agents:**
- **[SKILL.md](./SKILL.md)** - Complete skill reference with patterns and examples
**Deep-Dive Guides:**
- **[HOW_TO_RUN.md](./HOW_TO_RUN.md)** - Installation and setup methods
- **[COMMAND_LINE_GUIDE.md](./COMMAND_LINE_GUIDE.md)** - Complete command syntax reference
- **[PROVIDER_SETTINGS.md](./PROVIDER_SETTINGS.md)** - All platform settings schemas
- **[INTEGRATION_TOOLS_WORKFLOW.md](./INTEGRATION_TOOLS_WORKFLOW.md)** - Tools workflow guide
- **[INTEGRATION_SETTINGS_DISCOVERY.md](./INTEGRATION_SETTINGS_DISCOVERY.md)** - Settings discovery
- **[SUPPORTED_FILE_TYPES.md](./SUPPORTED_FILE_TYPES.md)** - Media format reference
- **[PROJECT_STRUCTURE.md](./PROJECT_STRUCTURE.md)** - Code architecture
- **[PUBLISHING.md](./PUBLISHING.md)** - npm publishing guide
**Examples:**
- **[examples/EXAMPLES.md](./examples/EXAMPLES.md)** - Comprehensive examples
- **[examples/](./examples/)** - Ready-to-use scripts and JSON files
---
## API Endpoints
The CLI interacts with these Postiz API endpoints:
| Endpoint | Method | Purpose |
|----------|--------|---------|
| `/public/v1/posts` | POST | Create a post |
| `/public/v1/posts` | GET | List posts |
| `/public/v1/posts/:id` | DELETE | Delete a post |
| `/public/v1/integrations` | GET | List integrations |
| `/public/v1/integration-settings/:id` | GET | Get integration settings |
| `/public/v1/integration-trigger/:id` | POST | Trigger integration tool |
| `/public/v1/upload` | POST | Upload media |
---
## Environment Variables
| Variable | Required | Default | Description |
|----------|----------|---------|-------------|
| `POSTIZ_API_KEY` | ✅ Yes | - | Your Postiz API key |
| `POSTIZ_API_URL` | No | `https://api.postiz.com` | Custom API endpoint |
---
## Error Handling
The CLI provides clear error messages with exit codes:
- **Exit code 0**: Success
- **Exit code 1**: Error occurred
**Common errors:**
| Error | Solution |
|-------|----------|
| `POSTIZ_API_KEY is not set` | Set environment variable: `export POSTIZ_API_KEY=key` |
| `Integration not found` | Run `integrations:list` to get valid IDs |
| `startDate/endDate required` | Use ISO 8601 format: `"2024-12-31T12:00:00Z"` |
| `Invalid settings` | Check `integrations:settings` for required fields |
| `Tool not found` | Check available tools in `integrations:settings` output |
| `Upload failed` | Verify file exists and format is supported |
---
## Development
### Project Structure
```
apps/cli/
├── src/
│ ├── index.ts # CLI entry point with yargs
│ ├── api.ts # PostizAPI client class
│ ├── config.ts # Environment configuration
│ └── commands/
│ ├── posts.ts # Post management commands
│ ├── integrations.ts # Integration commands
│ └── upload.ts # Media upload command
├── examples/ # Example scripts and JSON files
├── package.json
├── tsconfig.json
├── tsup.config.ts # Build configuration
├── README.md # This file
└── SKILL.md # AI agent reference
```
### Scripts
```bash
pnpm run dev # Watch mode for development
pnpm run build # Build the CLI
pnpm run start # Run the built CLI
```
### Building
The CLI uses `tsup` for bundling:
```bash
pnpm run build
```
Output in `dist/`:
- `index.js` - Bundled executable with shebang
- `index.js.map` - Source map
---
## Quick Reference
```bash
# Environment setup
export POSTIZ_API_KEY=your_key
# Discovery
postiz integrations:list # List integrations
postiz integrations:settings <id> # Get settings
postiz integrations:trigger <id> <method> -d '{}' # Fetch data
# Posting (date is required)
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" -i "id" # Simple
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" -t draft -i "id" # Draft
postiz posts:create -c "text" -m "img.jpg" -s "2024-12-31T12:00:00Z" -i "id" # With media
postiz posts:create -c "main" -c "comment" -s "2024-12-31T12:00:00Z" -i "id" # With comment
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" --settings '{}' -i "id" # Platform-specific
postiz posts:create --json file.json # Complex
# Management
postiz posts:list # List posts
postiz posts:delete <id> # Delete post
postiz upload <file> # Upload media
# Help
postiz --help # Show help
postiz posts:create --help # Command help
```
---
## Contributing
This CLI is part of the [Postiz monorepo](https://github.com/gitroomhq/postiz-app).
To contribute:
1. Fork the repository
2. Create a feature branch
3. Make your changes in `apps/cli/`
4. Run tests: `pnpm run build`
5. Submit a pull request
---
## License
AGPL-3.0
---
## Links
- **Website:** [postiz.com](https://postiz.com)
- **API Docs:** [postiz.com/api-docs](https://postiz.com/api-docs)
- **GitHub:** [gitroomhq/postiz-app](https://github.com/gitroomhq/postiz-app)
- **Issues:** [Report bugs](https://github.com/gitroomhq/postiz-app/issues)
---
## Supported Platforms
28+ platforms including:
| Platform | Integration Tools | Settings |
|----------|------------------|----------|
| Twitter/X | getLists, getCommunities | who_can_reply_post |
| LinkedIn | getCompanies | companyId, carousel |
| Reddit | getFlairs, searchSubreddits | subreddit, title, flair |
| YouTube | getPlaylists, getCategories | title, type, tags, playlistId |
| TikTok | - | privacy, duet, stitch |
| Instagram | - | post_type (post/story) |
| Facebook | getPages | - |
| Pinterest | getBoards, getBoardSections | - |
| Discord | getChannels | - |
| Slack | getChannels | - |
| And 18+ more... | | |
**See [PROVIDER_SETTINGS.md](./PROVIDER_SETTINGS.md) for complete documentation.**

607
apps/cli/SKILL.md Normal file
View file

@ -0,0 +1,607 @@
| Property | Value |
|----------|-------|
| **name** | postiz |
| **description** | Social media automation CLI for scheduling posts across 28+ platforms |
| **allowed-tools** | Bash(postiz:*) |
---
## Core Workflow
The fundamental pattern for using Postiz CLI:
1. **Discover** - List integrations and get their settings
2. **Fetch** - Use integration tools to retrieve dynamic data (flairs, playlists, companies)
3. **Prepare** - Upload media files if needed
4. **Post** - Create posts with content, media, and platform-specific settings
```bash
# 1. Discover
postiz integrations:list
postiz integrations:settings <integration-id>
# 2. Fetch (if needed)
postiz integrations:trigger <integration-id> <method> -d '{"key":"value"}'
# 3. Prepare
postiz upload image.jpg
# 4. Post
postiz posts:create -c "Content" -m "image.jpg" -i "<integration-id>"
```
---
## Essential Commands
### Setup
```bash
# Required environment variable
export POSTIZ_API_KEY=your_api_key_here
# Optional custom API URL
export POSTIZ_API_URL=https://custom-api-url.com
```
### Integration Discovery
```bash
# List all connected integrations
postiz integrations:list
# Get settings schema for specific integration
postiz integrations:settings <integration-id>
# Trigger integration tool to fetch dynamic data
postiz integrations:trigger <integration-id> <method-name>
postiz integrations:trigger <integration-id> <method-name> -d '{"param":"value"}'
```
### Creating Posts
```bash
# Simple post (date is REQUIRED)
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "integration-id"
# Draft post
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -t draft -i "integration-id"
# Post with media
postiz posts:create -c "Content" -m "img1.jpg,img2.jpg" -s "2024-12-31T12:00:00Z" -i "integration-id"
# Post with comments (each with own media)
postiz posts:create \
-c "Main post" -m "main.jpg" \
-c "First comment" -m "comment1.jpg" \
-c "Second comment" -m "comment2.jpg,comment3.jpg" \
-s "2024-12-31T12:00:00Z" \
-i "integration-id"
# Multi-platform post
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "twitter-id,linkedin-id,facebook-id"
# Platform-specific settings
postiz posts:create \
-c "Content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"subreddit":[{"value":{"subreddit":"programming","title":"My Post","type":"text"}}]}' \
-i "reddit-id"
# Complex post from JSON file
postiz posts:create --json post.json
```
### Managing Posts
```bash
# List posts (defaults to last 30 days to next 30 days)
postiz posts:list
# List posts in date range
postiz posts:list --startDate "2024-01-01T00:00:00Z" --endDate "2024-12-31T23:59:59Z"
# Delete post
postiz posts:delete <post-id>
```
### Media Upload
**⚠️ IMPORTANT:** Always upload files to Postiz before using them in posts. Many platforms (TikTok, Instagram, YouTube) **require verified URLs** and will reject external links.
```bash
# Upload file and get URL
postiz upload image.jpg
# Supports: images (PNG, JPG, GIF, WEBP, SVG), videos (MP4, MOV, AVI, MKV, WEBM),
# audio (MP3, WAV, OGG, AAC), documents (PDF, DOC, DOCX)
# Workflow: Upload → Extract URL → Use in post
VIDEO=$(postiz upload video.mp4)
VIDEO_PATH=$(echo "$VIDEO" | jq -r '.path')
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -m "$VIDEO_PATH" -i "tiktok-id"
```
---
## Common Patterns
### Pattern 1: Discover & Use Integration Tools
**Reddit - Get flairs for a subreddit:**
```bash
# Get Reddit integration ID
REDDIT_ID=$(postiz integrations:list | jq -r '.[] | select(.identifier=="reddit") | .id')
# Fetch available flairs
FLAIRS=$(postiz integrations:trigger "$REDDIT_ID" getFlairs -d '{"subreddit":"programming"}')
FLAIR_ID=$(echo "$FLAIRS" | jq -r '.output[0].id')
# Use in post
postiz posts:create \
-c "My post content" \
-s "2024-12-31T12:00:00Z" \
--settings "{\"subreddit\":[{\"value\":{\"subreddit\":\"programming\",\"title\":\"Post Title\",\"type\":\"text\",\"is_flair_required\":true,\"flair\":{\"id\":\"$FLAIR_ID\",\"name\":\"Discussion\"}}}]}" \
-i "$REDDIT_ID"
```
**YouTube - Get playlists:**
```bash
YOUTUBE_ID=$(postiz integrations:list | jq -r '.[] | select(.identifier=="youtube") | .id')
PLAYLISTS=$(postiz integrations:trigger "$YOUTUBE_ID" getPlaylists)
PLAYLIST_ID=$(echo "$PLAYLISTS" | jq -r '.output[0].id')
postiz posts:create \
-c "Video description" \
-s "2024-12-31T12:00:00Z" \
--settings "{\"title\":\"My Video\",\"type\":\"public\",\"playlistId\":\"$PLAYLIST_ID\"}" \
-m "video.mp4" \
-i "$YOUTUBE_ID"
```
**LinkedIn - Post as company:**
```bash
LINKEDIN_ID=$(postiz integrations:list | jq -r '.[] | select(.identifier=="linkedin") | .id')
COMPANIES=$(postiz integrations:trigger "$LINKEDIN_ID" getCompanies)
COMPANY_ID=$(echo "$COMPANIES" | jq -r '.output[0].id')
postiz posts:create \
-c "Company announcement" \
-s "2024-12-31T12:00:00Z" \
--settings "{\"companyId\":\"$COMPANY_ID\"}" \
-i "$LINKEDIN_ID"
```
### Pattern 2: Upload Media Before Posting
```bash
# Upload multiple files
VIDEO_RESULT=$(postiz upload video.mp4)
VIDEO_PATH=$(echo "$VIDEO_RESULT" | jq -r '.path')
THUMB_RESULT=$(postiz upload thumbnail.jpg)
THUMB_PATH=$(echo "$THUMB_RESULT" | jq -r '.path')
# Use in post
postiz posts:create \
-c "Check out my video!" \
-s "2024-12-31T12:00:00Z" \
-m "$VIDEO_PATH" \
-i "tiktok-id"
```
### Pattern 3: Twitter Thread
```bash
postiz posts:create \
-c "🧵 Thread starter (1/4)" -m "intro.jpg" \
-c "Point one (2/4)" -m "point1.jpg" \
-c "Point two (3/4)" -m "point2.jpg" \
-c "Conclusion (4/4)" -m "outro.jpg" \
-s "2024-12-31T12:00:00Z" \
-d 2000 \
-i "twitter-id"
```
### Pattern 4: Multi-Platform Campaign
```bash
# Create JSON file with platform-specific content
cat > campaign.json << 'EOF'
{
"integrations": ["twitter-123", "linkedin-456", "facebook-789"],
"posts": [
{
"provider": "twitter",
"post": [
{
"content": "Short tweet version #tech",
"image": ["twitter-image.jpg"]
}
]
},
{
"provider": "linkedin",
"post": [
{
"content": "Professional LinkedIn version with more context...",
"image": ["linkedin-image.jpg"]
}
]
}
]
}
EOF
postiz posts:create --json campaign.json
```
### Pattern 5: Validate Settings Before Posting
```javascript
const { execSync } = require('child_process');
function validateAndPost(content, integrationId, settings) {
// Get integration settings
const settingsResult = execSync(
`postiz integrations:settings ${integrationId}`,
{ encoding: 'utf-8' }
);
const schema = JSON.parse(settingsResult);
// Check character limit
if (content.length > schema.output.maxLength) {
console.warn(`Content exceeds ${schema.output.maxLength} chars, truncating...`);
content = content.substring(0, schema.output.maxLength - 3) + '...';
}
// Create post
const result = execSync(
`postiz posts:create -c "${content}" -s "2024-12-31T12:00:00Z" --settings '${JSON.stringify(settings)}' -i "${integrationId}"`,
{ encoding: 'utf-8' }
);
return JSON.parse(result);
}
```
### Pattern 6: Batch Scheduling
```bash
#!/bin/bash
# Schedule posts for the week
DATES=(
"2024-02-14T09:00:00Z"
"2024-02-15T09:00:00Z"
"2024-02-16T09:00:00Z"
)
CONTENT=(
"Monday motivation 💪"
"Tuesday tips 💡"
"Wednesday wisdom 🧠"
)
for i in "${!DATES[@]}"; do
postiz posts:create \
-c "${CONTENT[$i]}" \
-s "${DATES[$i]}" \
-i "twitter-id" \
-m "post-${i}.jpg"
echo "Scheduled: ${CONTENT[$i]} for ${DATES[$i]}"
done
```
### Pattern 7: Error Handling & Retry
```javascript
const { execSync } = require('child_process');
async function postWithRetry(content, integrationId, date, maxRetries = 3) {
for (let attempt = 1; attempt <= maxRetries; attempt++) {
try {
const result = execSync(
`postiz posts:create -c "${content}" -s "${date}" -i "${integrationId}"`,
{ encoding: 'utf-8', stdio: 'pipe' }
);
console.log('✅ Post created successfully');
return JSON.parse(result);
} catch (error) {
console.error(`❌ Attempt ${attempt} failed: ${error.message}`);
if (attempt < maxRetries) {
const delay = Math.pow(2, attempt) * 1000; // Exponential backoff
console.log(`⏳ Retrying in ${delay}ms...`);
await new Promise(resolve => setTimeout(resolve, delay));
} else {
throw new Error(`Failed after ${maxRetries} attempts`);
}
}
}
}
```
---
## Technical Concepts
### Integration Tools Workflow
Many integrations require dynamic data (IDs, tags, playlists) that can't be hardcoded. The tools workflow enables discovery and usage:
1. **Check available tools** - `integrations:settings` returns a `tools` array
2. **Review tool schema** - Each tool has `methodName`, `description`, and `dataSchema`
3. **Trigger tool** - Call `integrations:trigger` with required parameters
4. **Use output** - Tool returns data to use in post settings
**Example tools by platform:**
- **Reddit**: `getFlairs`, `searchSubreddits`, `getSubreddits`
- **YouTube**: `getPlaylists`, `getCategories`, `getChannels`
- **LinkedIn**: `getCompanies`, `getOrganizations`
- **Twitter/X**: `getListsowned`, `getCommunities`
- **Pinterest**: `getBoards`, `getBoardSections`
### Provider Settings Structure
Platform-specific settings use a discriminator pattern with `__type` field:
```json
{
"posts": [
{
"provider": "reddit",
"post": [{ "content": "...", "image": [...] }],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Post Title",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}
}
]
}
```
Pass settings directly:
```bash
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" --settings '{"subreddit":[...]}' -i "reddit-id"
# Backend automatically adds "__type" based on integration ID
```
### Comments and Threading
Posts can have comments (threads on Twitter/X, replies elsewhere). Each comment can have its own media:
```bash
# Using multiple -c and -m flags
postiz posts:create \
-c "Main post" -m "image1.jpg,image2.jpg" \
-c "Comment 1" -m "comment-img.jpg" \
-c "Comment 2" -m "another.jpg,more.jpg" \
-s "2024-12-31T12:00:00Z" \
-d 5000 \ # Delay between comments in ms
-i "integration-id"
```
Internally creates:
```json
{
"posts": [{
"value": [
{ "content": "Main post", "image": ["image1.jpg", "image2.jpg"] },
{ "content": "Comment 1", "image": ["comment-img.jpg"], "delay": 5000 },
{ "content": "Comment 2", "image": ["another.jpg", "more.jpg"], "delay": 5000 }
]
}]
}
```
### Date Handling
All dates use ISO 8601 format:
- Schedule posts: `-s "2024-12-31T12:00:00Z"`
- List posts: `--startDate "2024-01-01T00:00:00Z" --endDate "2024-12-31T23:59:59Z"`
- Defaults: `posts:list` uses 30 days ago to 30 days from now
### Media Upload Response
Upload returns JSON with path and metadata:
```json
{
"path": "https://cdn.postiz.com/uploads/abc123.jpg",
"size": 123456,
"type": "image/jpeg"
}
```
Extract path for use in posts:
```bash
RESULT=$(postiz upload image.jpg)
PATH=$(echo "$RESULT" | jq -r '.path')
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -m "$PATH" -i "integration-id"
```
### JSON Mode vs CLI Flags
**CLI flags** - Quick posts:
```bash
postiz posts:create -c "Content" -m "img.jpg" -i "twitter-id"
```
**JSON mode** - Complex posts with multiple platforms and settings:
```bash
postiz posts:create --json post.json
```
JSON mode supports:
- Multiple platforms with different content per platform
- Complex provider-specific settings
- Scheduled posts
- Posts with many comments
- Custom delay between comments
---
## Platform-Specific Examples
### Reddit
```bash
postiz posts:create \
-c "Post content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"subreddit":[{"value":{"subreddit":"programming","title":"My Title","type":"text","url":"","is_flair_required":false}}]}' \
-i "reddit-id"
```
### YouTube
```bash
# Upload video first (required!)
VIDEO=$(postiz upload video.mp4)
VIDEO_URL=$(echo "$VIDEO" | jq -r '.path')
postiz posts:create \
-c "Video description" \
-s "2024-12-31T12:00:00Z" \
--settings '{"title":"Video Title","type":"public","tags":[{"value":"tech","label":"Tech"}]}' \
-m "$VIDEO_URL" \
-i "youtube-id"
```
### TikTok
```bash
# Upload video first (TikTok only accepts verified URLs!)
VIDEO=$(postiz upload video.mp4)
VIDEO_URL=$(echo "$VIDEO" | jq -r '.path')
postiz posts:create \
-c "Video caption #fyp" \
-s "2024-12-31T12:00:00Z" \
--settings '{"privacy":"PUBLIC_TO_EVERYONE","duet":true,"stitch":true}' \
-m "$VIDEO_URL" \
-i "tiktok-id"
```
### X (Twitter)
```bash
postiz posts:create \
-c "Tweet content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"who_can_reply_post":"everyone"}' \
-i "twitter-id"
```
### LinkedIn
```bash
# Personal post
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "linkedin-id"
# Company post
postiz posts:create \
-c "Content" \
-s "2024-12-31T12:00:00Z" \
--settings '{"companyId":"company-123"}' \
-i "linkedin-id"
```
### Instagram
```bash
# Upload image first (Instagram requires verified URLs!)
IMAGE=$(postiz upload image.jpg)
IMAGE_URL=$(echo "$IMAGE" | jq -r '.path')
# Regular post
postiz posts:create \
-c "Caption #hashtag" \
-s "2024-12-31T12:00:00Z" \
--settings '{"post_type":"post"}' \
-m "$IMAGE_URL" \
-i "instagram-id"
# Story
STORY=$(postiz upload story.jpg)
STORY_URL=$(echo "$STORY" | jq -r '.path')
postiz posts:create \
-c "" \
-s "2024-12-31T12:00:00Z" \
--settings '{"post_type":"story"}' \
-m "$STORY_URL" \
-i "instagram-id"
```
---
## Supporting Resources
**Deep-dive documentation:**
- [HOW_TO_RUN.md](./HOW_TO_RUN.md) - Installation and setup methods
- [COMMAND_LINE_GUIDE.md](./COMMAND_LINE_GUIDE.md) - Complete command syntax reference
- [PROVIDER_SETTINGS.md](./PROVIDER_SETTINGS.md) - All 28+ platform settings schemas
- [INTEGRATION_TOOLS_WORKFLOW.md](./INTEGRATION_TOOLS_WORKFLOW.md) - Complete tools workflow guide
- [INTEGRATION_SETTINGS_DISCOVERY.md](./INTEGRATION_SETTINGS_DISCOVERY.md) - Settings discovery workflow
- [SUPPORTED_FILE_TYPES.md](./SUPPORTED_FILE_TYPES.md) - All supported media formats
- [PROJECT_STRUCTURE.md](./PROJECT_STRUCTURE.md) - Code architecture
- [PUBLISHING.md](./PUBLISHING.md) - npm publishing guide
**Ready-to-use examples:**
- [examples/EXAMPLES.md](./examples/EXAMPLES.md) - Comprehensive examples
- [examples/basic-usage.sh](./examples/basic-usage.sh) - Shell script basics
- [examples/ai-agent-example.js](./examples/ai-agent-example.js) - Node.js agent
- [examples/post-with-comments.json](./examples/post-with-comments.json) - Threading example
- [examples/multi-platform-with-settings.json](./examples/multi-platform-with-settings.json) - Campaign example
- [examples/youtube-video.json](./examples/youtube-video.json) - YouTube with tags
- [examples/reddit-post.json](./examples/reddit-post.json) - Reddit with subreddit
- [examples/tiktok-video.json](./examples/tiktok-video.json) - TikTok with privacy
---
## Common Gotchas
1. **API Key not set** - Always `export POSTIZ_API_KEY=key` before using CLI
2. **Invalid integration ID** - Run `integrations:list` to get current IDs
3. **Settings schema mismatch** - Check `integrations:settings` for required fields
4. **Media MUST be uploaded to Postiz first** - ⚠️ **CRITICAL:** TikTok, Instagram, YouTube, and many platforms only accept verified URLs. Upload files via `postiz upload` first, then use the returned URL in `-m`. External URLs will be rejected!
5. **JSON escaping in shell** - Use single quotes for JSON: `--settings '{...}'`
6. **Date format** - Must be ISO 8601: `"2024-12-31T12:00:00Z"` and is REQUIRED
7. **Tool not found** - Check available tools in `integrations:settings` output
8. **Character limits** - Each platform has different limits, check `maxLength` in settings
9. **Required settings** - Some platforms require specific settings (Reddit needs title, YouTube needs title)
10. **Media MIME types** - CLI auto-detects from file extension, ensure correct extension
---
## Quick Reference
```bash
# Environment
export POSTIZ_API_KEY=key
# Discovery
postiz integrations:list # Get integration IDs
postiz integrations:settings <id> # Get settings schema
postiz integrations:trigger <id> <method> -d '{}' # Fetch dynamic data
# Posting (date is REQUIRED)
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" -i "id" # Simple
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" -t draft -i "id" # Draft
postiz posts:create -c "text" -m "img.jpg" -s "2024-12-31T12:00:00Z" -i "id" # With media
postiz posts:create -c "main" -c "comment" -s "2024-12-31T12:00:00Z" -i "id" # With comment
postiz posts:create -c "text" -s "2024-12-31T12:00:00Z" --settings '{}' -i "id" # Platform-specific
postiz posts:create --json file.json # Complex
# Management
postiz posts:list # List posts
postiz posts:delete <id> # Delete post
postiz upload <file> # Upload media
# Help
postiz --help # Show help
postiz posts:create --help # Command help
```

281
apps/cli/SUMMARY.md Normal file
View file

@ -0,0 +1,281 @@
# Postiz CLI - Creation Summary
## ✅ What Was Created
A complete, production-ready CLI package for the Postiz API has been successfully created at `apps/cli/`.
### Package Details
- **Package Name:** `postiz`
- **Version:** 1.0.0
- **Executable:** `postiz` command
- **Lines of Code:** 359 lines
- **Build Size:** ~491KB (compressed)
- **License:** AGPL-3.0
## 📦 Package Structure
```
apps/cli/
├── src/ # Source code (359 lines)
│ ├── index.ts # CLI entry point with yargs
│ ├── api.ts # Postiz API client
│ ├── config.ts # Environment configuration
│ └── commands/
│ ├── posts.ts # Post management
│ ├── integrations.ts # Integration listing
│ └── upload.ts # Media upload
├── examples/ # Usage examples
│ ├── basic-usage.sh # Bash example
│ └── ai-agent-example.js # AI agent example
├── Documentation (5 files)
│ ├── README.md # Main documentation
│ ├── SKILL.md # AI agent guide
│ ├── QUICK_START.md # Quick start guide
│ ├── CHANGELOG.md # Version history
│ └── PROJECT_STRUCTURE.md # Architecture docs
└── Configuration
├── package.json # Package config
├── tsconfig.json # TypeScript config
├── tsup.config.ts # Build config
├── .gitignore # Git ignore
└── .npmignore # npm ignore
```
## 🚀 Features Implemented
### Commands
1. **posts:create** - Create social media posts
- ✅ Content input
- ✅ Integration selection
- ✅ Scheduled posting
- ✅ Image attachment
2. **posts:list** - List all posts
- ✅ Pagination support
- ✅ Search functionality
- ✅ Filtering options
3. **posts:delete** - Delete posts by ID
- ✅ ID-based deletion
- ✅ Confirmation messages
4. **integrations:list** - Show connected accounts
- ✅ List all integrations
- ✅ Show provider info
5. **upload** - Upload media files
- ✅ Image upload support
- ✅ Multiple formats (PNG, JPG, GIF)
### Technical Features
- ✅ Environment variable configuration (POSTIZ_API_KEY)
- ✅ Custom API URL support (POSTIZ_API_URL)
- ✅ Comprehensive error handling
- ✅ User-friendly error messages with emojis
- ✅ JSON output for programmatic parsing
- ✅ Executable shebang for direct execution
- ✅ TypeScript with proper types
- ✅ Source maps for debugging
- ✅ Build optimization with tsup
## 📚 Documentation Created
1. **README.md** (Primary documentation)
- Installation instructions
- Usage examples
- API reference
- Development guide
2. **SKILL.md** (AI Agent Guide)
- Comprehensive patterns for AI agents
- Usage examples
- Workflow suggestions
- Best practices
- Error handling
3. **QUICK_START.md**
- Fast onboarding
- Common workflows
- Troubleshooting
- Tips & tricks
4. **CHANGELOG.md**
- Version 1.0.0 release notes
- Feature list
5. **PROJECT_STRUCTURE.md**
- Architecture overview
- File descriptions
- Build process
- Integration points
## 🔧 Build System Integration
### Root package.json Scripts Added
```json
{
"build:cli": "rm -rf apps/cli/dist && pnpm --filter ./apps/cli run build",
"publish-cli": "pnpm run --filter ./apps/cli publish"
}
```
### CLI Package Scripts
```json
{
"dev": "tsup --watch",
"build": "tsup",
"start": "node ./dist/index.js",
"publish": "tsup && pnpm publish --access public"
}
```
## 🎯 Usage Examples
### Basic Usage
```bash
# Set API key
export POSTIZ_API_KEY=your_api_key
# Create a post
postiz posts:create -c "Hello World!" -i "twitter-123"
# List posts
postiz posts:list
# Upload media
postiz upload ./image.png
```
### AI Agent Usage
```javascript
const { execSync } = require('child_process');
function postToSocial(content) {
return execSync(`postiz posts:create -c "${content}"`, {
env: { ...process.env, POSTIZ_API_KEY: 'your_key' }
});
}
```
## ✨ Example Files
1. **basic-usage.sh**
- Shell script demonstration
- Complete workflow example
- Error handling
2. **ai-agent-example.js**
- Node.js agent implementation
- Batch post creation
- JSON parsing
## 🧪 Testing
### Manual Testing Completed
```bash
✅ Build successful (173ms)
✅ Help command works
✅ Version command works (1.0.0)
✅ Error handling works (API key validation)
✅ All commands have help text
✅ Examples are valid
```
### Test Results
```
✅ pnpm run build:cli - SUCCESS
✅ postiz --help - SUCCESS
✅ postiz --version - SUCCESS
✅ postiz posts:create --help - SUCCESS
✅ Error without API key - WORKS AS EXPECTED
```
## 📋 Checklist
- ✅ CLI package created in apps/cli
- ✅ Package name is "postiz"
- ✅ Uses POSTIZ_API_KEY environment variable
- ✅ Integrates with Postiz public API
- ✅ Built for AI agent usage
- ✅ SKILL.md created with comprehensive guide
- ✅ README.md with full documentation
- ✅ Build system configured
- ✅ TypeScript compilation working
- ✅ Executable binary generated
- ✅ Examples provided
- ✅ Error handling implemented
- ✅ Help documentation complete
## 🚦 Next Steps
### To Use Locally
```bash
# Build the CLI
pnpm run build:cli
# Test it
node apps/cli/dist/index.js --help
# Link globally (optional)
cd apps/cli
pnpm link --global
# Use anywhere
postiz --help
```
### To Publish to npm
```bash
# From monorepo root
pnpm run publish-cli
# Or from apps/cli
cd apps/cli
pnpm run publish
```
### To Use in AI Agents
1. Install: `npm install -g postiz`
2. Set API key: `export POSTIZ_API_KEY=your_key`
3. Use commands programmatically
4. Parse JSON output
5. See SKILL.md for patterns
## 📊 Statistics
- **Total Files Created:** 18
- **Source Code Files:** 6
- **Documentation Files:** 5
- **Example Files:** 2
- **Config Files:** 5
- **Total Lines of Code:** 359
- **Build Time:** ~170ms
- **Output Size:** 491KB
## 🎉 Summary
A complete, production-ready CLI tool for Postiz has been created with:
- ✅ All requested features implemented
- ✅ Comprehensive documentation for users and AI agents
- ✅ Working examples
- ✅ Proper build system
- ✅ Ready for npm publishing
- ✅ Integrated into monorepo
The CLI is ready to use and can be published to npm whenever you're ready!

305
apps/cli/SUPPORTED_FILE_TYPES.md Normal file
View file

@ -0,0 +1,305 @@
# Supported File Types for Upload
The Postiz CLI now correctly detects and uploads various media types.
## How It Works
The CLI automatically detects the MIME type based on the file extension:
```bash
postiz upload video.mp4
# ✅ Detected as: video/mp4
postiz upload image.png
# ✅ Detected as: image/png
postiz upload audio.mp3
# ✅ Detected as: audio/mpeg
```
## Supported File Types
### Images
| Extension | MIME Type | Supported |
|-----------|-----------|-----------|
| `.png` | `image/png` | ✅ Yes |
| `.jpg`, `.jpeg` | `image/jpeg` | ✅ Yes |
| `.gif` | `image/gif` | ✅ Yes |
| `.webp` | `image/webp` | ✅ Yes |
| `.svg` | `image/svg+xml` | ✅ Yes |
| `.bmp` | `image/bmp` | ✅ Yes |
| `.ico` | `image/x-icon` | ✅ Yes |
**Examples:**
```bash
postiz upload photo.jpg
postiz upload logo.png
postiz upload animation.gif
postiz upload icon.svg
```
### Videos
| Extension | MIME Type | Supported |
|-----------|-----------|-----------|
| `.mp4` | `video/mp4` | ✅ Yes |
| `.mov` | `video/quicktime` | ✅ Yes |
| `.avi` | `video/x-msvideo` | ✅ Yes |
| `.mkv` | `video/x-matroska` | ✅ Yes |
| `.webm` | `video/webm` | ✅ Yes |
| `.flv` | `video/x-flv` | ✅ Yes |
| `.wmv` | `video/x-ms-wmv` | ✅ Yes |
| `.m4v` | `video/x-m4v` | ✅ Yes |
| `.mpeg`, `.mpg` | `video/mpeg` | ✅ Yes |
| `.3gp` | `video/3gpp` | ✅ Yes |
**Examples:**
```bash
postiz upload video.mp4
postiz upload clip.mov
postiz upload recording.webm
postiz upload movie.mkv
```
### Audio
| Extension | MIME Type | Supported |
|-----------|-----------|-----------|
| `.mp3` | `audio/mpeg` | ✅ Yes |
| `.wav` | `audio/wav` | ✅ Yes |
| `.ogg` | `audio/ogg` | ✅ Yes |
| `.aac` | `audio/aac` | ✅ Yes |
| `.flac` | `audio/flac` | ✅ Yes |
| `.m4a` | `audio/mp4` | ✅ Yes |
**Examples:**
```bash
postiz upload podcast.mp3
postiz upload song.wav
postiz upload audio.ogg
```
### Documents
| Extension | MIME Type | Supported |
|-----------|-----------|-----------|
| `.pdf` | `application/pdf` | ✅ Yes |
| `.doc` | `application/msword` | ✅ Yes |
| `.docx` | `application/vnd.openxmlformats-officedocument.wordprocessingml.document` | ✅ Yes |
**Examples:**
```bash
postiz upload document.pdf
postiz upload report.docx
```
### Other Files
For file types not listed above, the CLI uses:
- MIME type: `application/octet-stream`
- This is a generic binary file type
## Usage Examples
### Upload an Image
```bash
postiz upload ./images/photo.jpg
```
Response:
```json
{
"id": "upload-123",
"path": "https://cdn.postiz.com/uploads/photo.jpg",
"url": "https://cdn.postiz.com/uploads/photo.jpg"
}
```
### Upload a Video (MP4)
```bash
postiz upload ./videos/promo.mp4
```
Response:
```json
{
"id": "upload-456",
"path": "https://cdn.postiz.com/uploads/promo.mp4",
"url": "https://cdn.postiz.com/uploads/promo.mp4"
}
```
### Upload and Use in Post
```bash
# 1. Upload the file
RESULT=$(postiz upload video.mp4)
echo $RESULT
# 2. Extract the path (you'll need jq or similar)
PATH=$(echo $RESULT | jq -r '.path')
# 3. Use in a post
postiz posts:create \
-c "Check out my video!" \
-m "$PATH" \
-i "tiktok-123"
```
### Upload Multiple Files
```bash
# Upload images
postiz upload image1.jpg
postiz upload image2.png
postiz upload image3.gif
# Upload videos
postiz upload video1.mp4
postiz upload video2.mov
```
## What Changed (Fix)
### Before (❌ Bug)
```bash
postiz upload video.mp4
# ❌ Was detected as: image/jpeg (WRONG!)
```
The problem: The CLI defaulted to `image/jpeg` for any unknown file type.
### After (✅ Fixed)
```bash
postiz upload video.mp4
# ✅ Correctly detected as: video/mp4
postiz upload audio.mp3
# ✅ Correctly detected as: audio/mpeg
postiz upload document.pdf
# ✅ Correctly detected as: application/pdf
```
## Platform-Specific Notes
### TikTok
- Supports: MP4, MOV, WEBM
- Recommended: MP4
### YouTube
- Supports: MP4, MOV, AVI, WMV, FLV, 3GP, WEBM
- Recommended: MP4
### Instagram
- Images: JPG, PNG
- Videos: MP4, MOV
- Recommended: MP4 for videos, JPG for images
### Twitter/X
- Images: PNG, JPG, GIF, WEBP
- Videos: MP4, MOV
- Max video size: 512MB
### LinkedIn
- Images: PNG, JPG, GIF
- Videos: MP4, MOV, AVI
- Documents: PDF, DOC, DOCX, PPT
## Troubleshooting
### "Upload failed: Unsupported file type"
Some platforms may not accept certain file types. Check the platform's documentation.
**Solution:** Convert the file to a supported format:
```bash
# Convert video to MP4
ffmpeg -i video.avi video.mp4
# Then upload
postiz upload video.mp4
```
### File Size Limits
Different platforms have different file size limits:
- **Twitter/X**: Max 512MB for videos
- **Instagram**: Max 100MB for videos
- **TikTok**: Max 287.6MB for videos
- **YouTube**: Max 128GB (but 256GB for verified)
### "MIME type mismatch"
If you renamed a file with the wrong extension:
```bash
# ❌ Wrong: PNG file renamed to .jpg
mv image.png image.jpg
postiz upload image.jpg # Might fail
# ✅ Correct: Keep original extension
postiz upload image.png
```
## Testing File Upload
```bash
# Set API key
export POSTIZ_API_KEY=your_key
# Test image upload
postiz upload test-image.jpg
# Test video upload
postiz upload test-video.mp4
# Test audio upload
postiz upload test-audio.mp3
```
## Error Messages
### File Not Found
```
❌ ENOENT: no such file or directory
```
**Solution:** Check the file path is correct.
### No Permission
```
❌ EACCES: permission denied
```
**Solution:** Check file permissions:
```bash
chmod 644 your-file.mp4
```
### Invalid API Key
```
❌ Upload failed (401): Unauthorized
```
**Solution:** Set your API key:
```bash
export POSTIZ_API_KEY=your_key
```
## Summary
✅ **30+ file types supported**
✅ **Automatic MIME type detection**
✅ **Images, videos, audio, documents**
✅ **Correct handling of MP4, MOV, MP3, etc.**
✅ **No more defaulting to JPEG!**
**The upload bug is fixed!** 🎉

291
apps/cli/SYNTAX_UPGRADE.md Normal file
View file

@ -0,0 +1,291 @@
# Postiz CLI - Improved Syntax! 🎉
## What Changed
The CLI now supports a **much better** command-line syntax for creating posts with comments that have their own media.
## New Syntax: Multiple `-c` and `-m` Flags
Instead of using semicolon-separated strings (which break when you need semicolons in your content), you can now use multiple `-c` and `-m` flags:
```bash
postiz posts:create \
-c "main post content" -m "media1.png,media2.png" \
-c "first comment" -m "media3.png" \
-c "second comment; with semicolon!" -m "media4.png,media5.png" \
-i "twitter-123"
```
## The Problem We Solved
### ❌ Old Approach (Problematic)
```bash
postiz posts:create \
-c "Main post" \
--comments "Comment 1;Comment 2;Comment 3" \
-i "twitter-123"
```
**Issues:**
1. ❌ Can't use semicolons in comment text
2. ❌ Comments can't have their own media
3. ❌ Less intuitive syntax
4. ❌ Limited flexibility
### ✅ New Approach (Better!)
```bash
postiz posts:create \
-c "Main post" -m "main.jpg" \
-c "Comment 1; with semicolon!" -m "comment1.jpg" \
-c "Comment 2" -m "comment2.jpg" \
-c "Comment 3" \
-i "twitter-123"
```
**Benefits:**
1. ✅ Semicolons work fine in content
2. ✅ Each comment can have different media
3. ✅ More readable and intuitive
4. ✅ Fully flexible
## How It Works
### Pairing Logic
The CLI pairs `-c` and `-m` flags in order:
```bash
postiz posts:create \
-c "Content 1" -m "media-for-content-1.jpg" \ # Pair 1
-c "Content 2" -m "media-for-content-2.jpg" \ # Pair 2
-c "Content 3" -m "media-for-content-3.jpg" \ # Pair 3
-i "twitter-123"
```
- **1st `-c`** = Main post
- **2nd `-c`** = First comment (posted after delay)
- **3rd `-c`** = Second comment (posted after delay)
- Each `-m` is paired with the corresponding `-c` (in order)
### Media is Optional
```bash
postiz posts:create \
-c "Post with media" -m "image.jpg" \
-c "Comment without media" \
-c "Another comment" \
-i "twitter-123"
```
Result:
- Post with image
- Text-only comment
- Another text-only comment
### Multiple Media per Post/Comment
```bash
postiz posts:create \
-c "Main post" -m "img1.jpg,img2.jpg,img3.jpg" \
-c "Comment" -m "img4.jpg,img5.jpg" \
-i "twitter-123"
```
Result:
- Main post with 3 images
- Comment with 2 images
## Real Examples
### Example 1: Product Launch
```bash
postiz posts:create \
-c "🚀 Launching ProductX today!" \
-m "hero.jpg,features.jpg" \
-c "⭐ Key features you'll love..." \
-m "features-detail.jpg" \
-c "💰 Special offer: 50% off!" \
-m "discount.jpg" \
-i "twitter-123,linkedin-456"
```
### Example 2: Twitter Thread
```bash
postiz posts:create \
-c "🧵 Thread: How to X (1/5)" -m "intro.jpg" \
-c "Step 1: ... (2/5)" -m "step1.jpg" \
-c "Step 2: ... (3/5)" -m "step2.jpg" \
-c "Step 3: ... (4/5)" -m "step3.jpg" \
-c "Conclusion (5/5)" -m "done.jpg" \
-d 2000 \
-i "twitter-123"
```
### Example 3: Tutorial with Screenshots
```bash
postiz posts:create \
-c "Tutorial: Feature X 📖" \
-m "tutorial-cover.jpg" \
-c "1. Open settings" \
-m "settings-screenshot.jpg" \
-c "2. Enable feature X" \
-m "enable-screenshot.jpg" \
-c "3. You're done! 🎉" \
-m "success-screenshot.jpg" \
-i "twitter-123"
```
### Example 4: Content with Special Characters
```bash
postiz posts:create \
-c "Main post about programming" \
-c "First tip: Use const; avoid var" \
-c "Second tip: Functions should do one thing; keep it simple" \
-c "Third tip: Comments should explain 'why'; not 'what'" \
-i "twitter-123"
```
**No escaping needed!** Semicolons work perfectly.
## Options Reference
| Option | Alias | Multiple? | Description |
|--------|-------|-----------|-------------|
| `--content` | `-c` | ✅ Yes | Post/comment content |
| `--media` | `-m` | ✅ Yes | Comma-separated media URLs |
| `--integrations` | `-i` | ❌ No | Integration IDs |
| `--schedule` | `-s` | ❌ No | ISO 8601 date |
| `--delay` | `-d` | ❌ No | Delay between comments (ms, default: 5000) |
| `--shortLink` | - | ❌ No | Use URL shortener (default: true) |
| `--json` | `-j` | ❌ No | Load from JSON file |
## Delay Between Comments
Use `-d` to control the delay between comments:
```bash
postiz posts:create \
-c "Main" \
-c "Comment 1" \
-c "Comment 2" \
-d 10000 \ # 10 seconds between each
-i "twitter-123"
```
**Default:** 5000ms (5 seconds)
## Command Line vs JSON
### Use Command Line When:
- ✅ Quick posts
- ✅ Same content for all platforms
- ✅ Simple structure
- ✅ Dynamic/scripted content
### Use JSON When:
- ✅ Different content per platform
- ✅ Very complex structures
- ✅ Reusable templates
- ✅ Integration with other tools
## For AI Agents
### Generating Commands
```javascript
function buildPostCommand(posts, integrationId) {
const parts = ['postiz posts:create'];
posts.forEach(post => {
parts.push(`-c "${post.content.replace(/"/g, '\\"')}"`);
if (post.media && post.media.length > 0) {
parts.push(`-m "${post.media.join(',')}"`);
}
});
parts.push(`-i "${integrationId}"`);
return parts.join(' \\\n ');
}
// Usage
const posts = [
{ content: "Main post", media: ["img1.jpg", "img2.jpg"] },
{ content: "Comment; with semicolon!", media: ["img3.jpg"] },
{ content: "Another comment", media: [] }
];
const command = buildPostCommand(posts, "twitter-123");
console.log(command);
```
Output:
```bash
postiz posts:create \
-c "Main post" \
-m "img1.jpg,img2.jpg" \
-c "Comment; with semicolon!" \
-m "img3.jpg" \
-c "Another comment" \
-i "twitter-123"
```
## Migration Guide
If you have existing scripts using the old syntax:
### Before:
```bash
postiz posts:create \
-c "Main post" \
--comments "Comment 1;Comment 2" \
--image "main-image.jpg" \
-i "twitter-123"
```
### After:
```bash
postiz posts:create \
-c "Main post" -m "main-image.jpg" \
-c "Comment 1" \
-c "Comment 2" \
-i "twitter-123"
```
## Documentation
See these files for more details:
- **COMMAND_LINE_GUIDE.md** - Comprehensive command-line guide
- **command-line-examples.sh** - Executable examples
- **EXAMPLES.md** - Full usage patterns
- **SKILL.md** - AI agent integration
- **README.md** - General documentation
## Summary
### ✅ You Can Now:
1. **Use multiple `-c` flags** for main post + comments
2. **Use multiple `-m` flags** to pair media with each `-c`
3. **Use semicolons freely** in your content
4. **Create complex threads** easily from command line
5. **Each comment has its own media** array
6. **More intuitive syntax** overall
### 🎯 Perfect For:
- Twitter threads
- Product launches with follow-ups
- Tutorials with screenshots
- Event coverage
- Multi-step announcements
- Any post with comments that need their own media!
**The CLI is now much more powerful and user-friendly!** 🚀

358
apps/cli/examples/COMMAND_LINE_GUIDE.md Normal file
View file

@ -0,0 +1,358 @@
# Postiz CLI - Command Line Guide
## New Syntax: Multiple `-c` and `-m` Flags
The CLI now supports a much more intuitive syntax for creating posts with comments that have their own media.
## Basic Syntax
```bash
postiz posts:create \
-c "content" -m "media" \ # Can be repeated multiple times
-c "content" -m "media" \ # Each pair = one post/comment
-i "integration-id"
```
### How It Works
- **First `-c`**: Main post content
- **Subsequent `-c`**: Comments/replies
- **Each `-m`**: Media for the corresponding `-c`
- `-m` is optional (text-only posts/comments)
- Order matters: `-c` and `-m` are paired in order
## Examples
### 1. Simple Post
```bash
postiz posts:create \
-c "Hello World!" \
-i "twitter-123"
```
### 2. Post with Multiple Images
```bash
postiz posts:create \
-c "Check out these photos!" \
-m "photo1.jpg,photo2.jpg,photo3.jpg" \
-i "twitter-123"
```
**Result:**
- Main post with 3 images
### 3. Post with Comments, Each Having Their Own Media
```bash
postiz posts:create \
-c "Main post 🚀" \
-m "main-image1.jpg,main-image2.jpg" \
-c "First comment 📸" \
-m "comment1-image.jpg" \
-c "Second comment 🎨" \
-m "comment2-img1.jpg,comment2-img2.jpg" \
-i "twitter-123"
```
**Result:**
- Main post with 2 images
- First comment (posted 5s later) with 1 image
- Second comment (posted 10s later) with 2 images
### 4. Comments Can Contain Semicolons! 🎉
```bash
postiz posts:create \
-c "Main post" \
-c "First comment; with a semicolon!" \
-c "Second comment; with multiple; semicolons; works fine!" \
-i "twitter-123"
```
**No escaping needed!** Each `-c` is a separate argument, so special characters work perfectly.
### 5. Twitter Thread
```bash
postiz posts:create \
-c "🧵 Thread about X (1/5)" \
-m "thread1.jpg" \
-c "Key point 1 (2/5)" \
-m "thread2.jpg" \
-c "Key point 2 (3/5)" \
-m "thread3.jpg" \
-c "Key point 3 (4/5)" \
-m "thread4.jpg" \
-c "Conclusion 🎉 (5/5)" \
-m "thread5.jpg" \
-d 2000 \
-i "twitter-123"
```
**Result:** 5-part thread with 2-second delays between tweets
### 6. Mix: Some with Media, Some Without
```bash
postiz posts:create \
-c "Amazing sunset! 🌅" \
-m "sunset.jpg" \
-c "Taken at 6:30 PM" \
-c "Location: Santa Monica Beach" \
-c "Camera: iPhone 15 Pro" \
-i "twitter-123"
```
**Result:**
- Main post with 1 image
- 3 text-only comments
### 7. Multi-Platform with Same Content
```bash
postiz posts:create \
-c "Big announcement! 🎉" \
-m "announcement.jpg" \
-c "More details coming soon..." \
-i "twitter-123,linkedin-456,facebook-789"
```
**Result:** Same post + comment posted to all 3 platforms
### 8. Scheduled Post with Follow-ups
```bash
postiz posts:create \
-c "Product launching today! 🚀" \
-m "product-hero.jpg,product-features.jpg" \
-c "Special launch offer: 50% off!" \
-m "discount-banner.jpg" \
-c "Limited to first 100 customers!" \
-s "2024-12-25T09:00:00Z" \
-i "twitter-123"
```
**Result:** Scheduled main post with 2 follow-up comments
### 9. Product Tutorial
```bash
postiz posts:create \
-c "Tutorial: How to Use Feature X 📖" \
-m "tutorial-intro.jpg" \
-c "Step 1: Open the settings menu" \
-m "step1-screenshot.jpg" \
-c "Step 2: Toggle the feature on" \
-m "step2-screenshot.jpg" \
-c "Step 3: Customize your preferences" \
-m "step3-screenshot.jpg" \
-c "That's it! You're all set 🎉" \
-d 3000 \
-i "twitter-123"
```
## Options Reference
| Flag | Alias | Description | Multiple? |
|------|-------|-------------|-----------|
| `--content` | `-c` | Post/comment content | ✅ Yes |
| `--media` | `-m` | Comma-separated media URLs | ✅ Yes |
| `--integrations` | `-i` | Comma-separated integration IDs | ❌ No |
| `--schedule` | `-s` | ISO 8601 date (schedule post) | ❌ No |
| `--delay` | `-d` | Delay between comments (ms) | ❌ No |
| `--shortLink` | - | Use URL shortener | ❌ No |
| `--json` | `-j` | Load from JSON file | ❌ No |
## How `-c` and `-m` Pair Together
```bash
postiz posts:create \
-c "First content" -m "first-media.jpg" \ # Pair 1 → Main post
-c "Second content" -m "second-media.jpg" \ # Pair 2 → Comment 1
-c "Third content" -m "third-media.jpg" \ # Pair 3 → Comment 2
-i "twitter-123"
```
**Pairing logic:**
- 1st `-c` pairs with 1st `-m` (if provided)
- 2nd `-c` pairs with 2nd `-m` (if provided)
- 3rd `-c` pairs with 3rd `-m` (if provided)
- If no `-m` for a `-c`, it's text-only
## Delay Between Comments
Use `-d` or `--delay` to set the delay (in milliseconds) between comments:
```bash
postiz posts:create \
-c "Main post" \
-c "Comment 1" \
-c "Comment 2" \
-d 10000 \ # 10 seconds between each
-i "twitter-123"
```
**Default:** 5000ms (5 seconds)
## Comparison: Old vs New Syntax
### ❌ Old Way (Limited)
```bash
# Could only do simple comments without custom media
postiz posts:create \
-c "Main post" \
--comments "Comment 1;Comment 2;Comment 3" \
--image "main-image.jpg" \
-i "twitter-123"
```
**Problems:**
- Comments couldn't have their own media
- Semicolons in content would break it
- Less intuitive
### ✅ New Way (Flexible)
```bash
postiz posts:create \
-c "Main post" -m "main.jpg" \
-c "Comment 1; with semicolon!" -m "comment1.jpg" \
-c "Comment 2" -m "comment2.jpg" \
-i "twitter-123"
```
**Benefits:**
- ✅ Each comment can have its own media
- ✅ Semicolons work fine
- ✅ More readable
- ✅ More flexible
## When to Use JSON vs Command Line
### Use Command Line (`-c` and `-m`) When:
- ✅ Same content for all integrations
- ✅ Simple, straightforward posts
- ✅ Quick one-off posts
- ✅ Scripting with dynamic content
### Use JSON (`--json`) When:
- ✅ Different content per platform
- ✅ Complex settings or metadata
- ✅ Reusable post templates
- ✅ Very long or formatted content
## Tips for AI Agents
### Generate Commands Programmatically
```javascript
function createThreadCommand(tweets, integrationId) {
const parts = [
'postiz posts:create'
];
tweets.forEach(tweet => {
parts.push(`-c "${tweet.content}"`);
if (tweet.media && tweet.media.length > 0) {
parts.push(`-m "${tweet.media.join(',')}"`);
}
});
parts.push(`-i "${integrationId}"`);
return parts.join(' \\\n ');
}
const thread = [
{ content: "Tweet 1/3", media: ["img1.jpg"] },
{ content: "Tweet 2/3", media: ["img2.jpg"] },
{ content: "Tweet 3/3", media: ["img3.jpg"] }
];
const command = createThreadCommand(thread, "twitter-123");
console.log(command);
```
### Escape Special Characters
In bash, you may need to escape some characters:
```bash
# Single quotes prevent interpolation
postiz posts:create \
-c 'Message with $variables and "quotes"' \
-i "twitter-123"
# Or use backslashes
postiz posts:create \
-c "Message with \$variables and \"quotes\"" \
-i "twitter-123"
```
## Error Handling
### Missing Integration
```bash
postiz posts:create -c "Post" -m "img.jpg"
# ❌ Error: --integrations is required when not using --json
```
**Fix:** Add `-i` flag
### No Content
```bash
postiz posts:create -i "twitter-123"
# ❌ Error: Either --content or --json is required
```
**Fix:** Add at least one `-c` flag
### Mismatched Count (OK!)
```bash
# This is fine! Extra -m flags are ignored
postiz posts:create \
-c "Post 1" -m "img1.jpg" \
-c "Post 2" \
-c "Post 3" -m "img3.jpg" \
-i "twitter-123"
# Result:
# - Post 1 with img1.jpg
# - Post 2 with no media
# - Post 3 with img3.jpg
```
## Full Example: Product Launch
```bash
#!/bin/bash
export POSTIZ_API_KEY=your_key
postiz posts:create \
-c "🚀 Launching ProductX today!" \
-m "https://cdn.example.com/hero.jpg,https://cdn.example.com/features.jpg" \
-c "🎯 Key Features:\n• AI-powered\n• Cloud-native\n• Open source" \
-m "https://cdn.example.com/features-detail.jpg" \
-c "💰 Special launch pricing: 50% off for early adopters!" \
-m "https://cdn.example.com/pricing.jpg" \
-c "🔗 Get started: https://example.com/productx" \
-s "2024-12-25T09:00:00Z" \
-d 3600000 \
-i "twitter-123,linkedin-456,facebook-789"
echo "✅ Product launch scheduled!"
```
## See Also
- **EXAMPLES.md** - JSON file examples
- **SKILL.md** - AI agent patterns
- **README.md** - Full documentation
- **examples/*.json** - Template files

316
apps/cli/examples/EXAMPLES.md Normal file
View file

@ -0,0 +1,316 @@
# Postiz CLI - Advanced Examples
This directory contains examples demonstrating the full capabilities of the Postiz CLI, including posts with comments and multiple media.
## Understanding the Post Structure
The Postiz API supports a rich post structure:
```typescript
{
type: 'now' | 'schedule' | 'draft' | 'update',
date: string, // ISO 8601 date
shortLink: boolean, // Use URL shortener
tags: Tag[], // Post tags
posts: [ // Can post to multiple platforms at once
{
integration: { id: string }, // Platform integration ID
value: [ // Main post + comments/thread
{
content: string, // Post/comment text
image: MediaDto[], // Multiple media attachments
delay?: number // Delay in ms before posting (for comments)
},
// ... more comments
],
settings: { __type: 'EmptySettings' }
}
]
}
```
## Simple Usage Examples
### Basic Post
```bash
postiz posts:create \
-c "Hello World!" \
-i "twitter-123"
```
### Post with Multiple Images
```bash
postiz posts:create \
-c "Check out these images!" \
--image "https://example.com/img1.jpg,https://example.com/img2.jpg,https://example.com/img3.jpg" \
-i "twitter-123"
```
### Post with Comments (Simple)
```bash
postiz posts:create \
-c "Main post content" \
--comments "First comment;Second comment;Third comment" \
-i "twitter-123"
```
### Scheduled Post
```bash
postiz posts:create \
-c "Future post" \
-s "2024-12-31T12:00:00Z" \
-i "twitter-123,linkedin-456"
```
## Advanced JSON Examples
For complex posts with comments that have their own media, use JSON files:
### 1. Post with Comments and Media
**File:** `post-with-comments.json`
```bash
postiz posts:create --json examples/post-with-comments.json
```
This creates:
- Main post with 2 images
- First comment with 1 image (posted 5s after main)
- Second comment with 2 images (posted 10s after main)
### 2. Multi-Platform Campaign
**File:** `multi-platform-post.json`
```bash
postiz posts:create --json examples/multi-platform-post.json
```
This creates:
- Twitter post with main + comment
- LinkedIn post with single content
- Facebook post with main + comment
All scheduled for the same time with platform-specific content and media!
### 3. Twitter Thread
**File:** `thread-post.json`
```bash
postiz posts:create --json examples/thread-post.json
```
This creates a 5-part Twitter thread, with each tweet having its own image and a 2-second delay between tweets.
## JSON File Structure Explained
### Basic Structure
```json
{
"type": "now", // "now", "schedule", "draft", "update"
"date": "2024-01-15T12:00:00Z", // When to post (ISO 8601)
"shortLink": true, // Enable URL shortening
"tags": [], // Array of tags
"posts": [...] // Array of posts
}
```
### Post Structure
```json
{
"integration": {
"id": "twitter-123" // Get this from integrations:list
},
"value": [ // Array of content (main + comments)
{
"content": "Post text", // The actual content
"image": [ // Array of media
{
"id": "unique-id", // Unique identifier
"path": "https://..." // URL to the image
}
],
"delay": 5000 // Optional delay in milliseconds
}
],
"settings": {
"__type": "EmptySettings" // Platform-specific settings
}
}
```
## Use Cases
### 1. Product Launch Campaign
Create a coordinated multi-platform launch:
```json
{
"type": "schedule",
"date": "2024-03-15T09:00:00Z",
"posts": [
{
"integration": { "id": "twitter-id" },
"value": [
{ "content": "🚀 Launching today!", "image": [...] },
{ "content": "Special features:", "image": [...], "delay": 3600000 },
{ "content": "Get it now:", "image": [...], "delay": 7200000 }
]
},
{
"integration": { "id": "linkedin-id" },
"value": [
{ "content": "Professional announcement...", "image": [...] }
]
}
]
}
```
### 2. Tutorial Series
Create an educational thread:
```json
{
"type": "now",
"posts": [
{
"integration": { "id": "twitter-id" },
"value": [
{ "content": "🧵 How to X (1/5)", "image": [...] },
{ "content": "Step 1: ... (2/5)", "image": [...], "delay": 2000 },
{ "content": "Step 2: ... (3/5)", "image": [...], "delay": 2000 },
{ "content": "Step 3: ... (4/5)", "image": [...], "delay": 2000 },
{ "content": "Conclusion (5/5)", "image": [...], "delay": 2000 }
]
}
]
}
```
### 3. Event Coverage
Live event updates with media:
```json
{
"type": "now",
"posts": [
{
"integration": { "id": "twitter-id" },
"value": [
{
"content": "📍 Event starting now!",
"image": [
{ "id": "1", "path": "venue-photo.jpg" }
]
},
{
"content": "First speaker taking stage",
"image": [
{ "id": "2", "path": "speaker-photo.jpg" }
],
"delay": 1800000
}
]
}
]
}
```
## Getting Integration IDs
Before creating posts, get your integration IDs:
```bash
postiz integrations:list
```
Output:
```json
[
{ "id": "abc-123-twitter", "provider": "twitter", "name": "@myaccount" },
{ "id": "def-456-linkedin", "provider": "linkedin", "name": "My Company" }
]
```
Use these IDs in your `integration.id` fields.
## Tips for AI Agents
1. **Use JSON for complex posts** - If you need comments with media, always use JSON files
2. **Delays matter** - Use appropriate delays between comments (Twitter: 2-5s, others: 30s-1min)
3. **Image IDs** - Generate unique IDs for each image (can use UUIDs or random strings)
4. **Validate before sending** - Check that all integration IDs exist
5. **Test with "draft" type** - Use `"type": "draft"` to create without posting
## Automation Scripts
### Batch Create from Directory
```bash
#!/bin/bash
# Create posts from all JSON files in a directory
for file in posts/*.json; do
echo "Creating post from $file..."
postiz posts:create --json "$file"
sleep 2
done
```
### Generate JSON Programmatically
```javascript
const fs = require('fs');
function createThreadPost(tweets, integrationId) {
return {
type: 'now',
date: new Date().toISOString(),
shortLink: true,
tags: [],
posts: [{
integration: { id: integrationId },
value: tweets.map((tweet, i) => ({
content: tweet.content,
image: tweet.images || [],
delay: i === 0 ? undefined : 2000
})),
settings: { __type: 'EmptySettings' }
}]
};
}
const thread = createThreadPost([
{ content: 'Tweet 1', images: [...] },
{ content: 'Tweet 2', images: [...] },
{ content: 'Tweet 3', images: [...] }
], 'twitter-123');
fs.writeFileSync('thread.json', JSON.stringify(thread, null, 2));
```
## Error Handling
Common errors and solutions:
1. **Invalid integration ID** - Run `integrations:list` to get valid IDs
2. **Invalid image path** - Ensure images are accessible URLs or uploaded to Postiz first
3. **Missing required fields** - Check that `type`, `date`, `shortLink`, `tags`, and `posts` are all present
4. **Invalid date format** - Use ISO 8601 format: `YYYY-MM-DDTHH:mm:ssZ`
## Further Reading
- See `SKILL.md` for AI agent patterns
- See `README.md` for installation and setup
- See `QUICK_START.md` for basic usage

103
apps/cli/examples/ai-agent-example.js Normal file
View file

@ -0,0 +1,103 @@
#!/usr/bin/env node
/**
* Example: Using Postiz CLI from an AI Agent (Node.js)
*
* This demonstrates how AI agents can programmatically use the Postiz CLI
* to schedule social media posts.
*/
const { execSync } = require('child_process');
// Configuration
const POSTIZ_API_KEY = process.env.POSTIZ_API_KEY;
if (!POSTIZ_API_KEY) {
console.error('❌ POSTIZ_API_KEY environment variable is required');
process.exit(1);
}
/**
* Execute a Postiz CLI command
*/
function runPostizCommand(command) {
try {
const output = execSync(`postiz ${command}`, {
env: { ...process.env, POSTIZ_API_KEY },
encoding: 'utf-8',
});
return JSON.parse(output);
} catch (error) {
console.error(`Command failed: ${command}`);
console.error(error.message);
throw error;
}
}
/**
* Main AI Agent workflow
*/
async function main() {
console.log('🤖 AI Agent: Starting social media scheduling workflow...\n');
try {
// Step 1: Get available integrations
console.log('📋 Fetching connected integrations...');
const integrations = runPostizCommand('integrations:list');
console.log(`Found ${integrations.length || 0} integrations\n`);
// Step 2: Create multiple scheduled posts
const posts = [
{
content: '🌅 Good morning! Starting the day with positive energy.',
schedule: getScheduledTime(9, 0), // 9 AM
},
{
content: '☕ Midday motivation: Keep pushing towards your goals!',
schedule: getScheduledTime(12, 0), // 12 PM
},
{
content: '🌙 Evening reflection: What did you accomplish today?',
schedule: getScheduledTime(20, 0), // 8 PM
},
];
console.log('📝 Creating scheduled posts...');
for (let i = 0; i < posts.length; i++) {
const post = posts[i];
console.log(` ${i + 1}. Creating post scheduled for ${post.schedule}...`);
const command = `posts:create -c "${post.content}" -s "${post.schedule}"`;
const result = runPostizCommand(command);
console.log(` ✅ Post created with ID: ${result.id || 'unknown'}`);
}
console.log('\n📊 Checking created posts...');
const postsList = runPostizCommand('posts:list -l 5');
console.log(`Total recent posts: ${postsList.total || 0}\n`);
console.log('✅ AI Agent workflow completed successfully!');
} catch (error) {
console.error('\n❌ AI Agent workflow failed:', error.message);
process.exit(1);
}
}
/**
* Helper: Get ISO 8601 timestamp for today at specific time
*/
function getScheduledTime(hours, minutes) {
const date = new Date();
date.setHours(hours, minutes, 0, 0);
// If time already passed today, schedule for tomorrow
if (date < new Date()) {
date.setDate(date.getDate() + 1);
}
return date.toISOString();
}
// Run the agent
main().catch(console.error);

42
apps/cli/examples/basic-usage.sh Executable file
View file

@ -0,0 +1,42 @@
#!/bin/bash
# Basic Postiz CLI Usage Example
# Make sure to set your API key first: export POSTIZ_API_KEY=your_key
echo "🚀 Postiz CLI Example Workflow"
echo ""
# Check if API key is set
if [ -z "$POSTIZ_API_KEY" ]; then
echo "❌ POSTIZ_API_KEY is not set!"
echo "Set it with: export POSTIZ_API_KEY=your_api_key"
exit 1
fi
echo "✅ API key is set"
echo ""
# 1. List integrations
echo "📋 Step 1: Listing connected integrations..."
postiz integrations:list
echo ""
# 2. Create a post
echo "📝 Step 2: Creating a test post..."
postiz posts:create \
-c "Hello from Postiz CLI! This is an automated test post." \
-s "$(date -u -v+1H +%Y-%m-%dT%H:%M:%SZ)" # Schedule 1 hour from now
echo ""
# 3. List posts
echo "📋 Step 3: Listing recent posts..."
postiz posts:list -l 5
echo ""
echo "✅ Example workflow completed!"
echo ""
echo "💡 Tips:"
echo " - Use -i flag to specify integrations when creating posts"
echo " - Upload images with: postiz upload ./path/to/image.png"
echo " - Delete posts with: postiz posts:delete <post-id>"
echo " - Get help: postiz --help"

153
apps/cli/examples/command-line-examples.sh Executable file
View file

@ -0,0 +1,153 @@
#!/bin/bash
# Postiz CLI - Command Line Examples
# Demonstrating the new -c and -m flag syntax
echo "🚀 Postiz CLI Command Line Examples"
echo ""
# Make sure API key is set
if [ -z "$POSTIZ_API_KEY" ]; then
echo "❌ POSTIZ_API_KEY is not set!"
echo "Set it with: export POSTIZ_API_KEY=your_api_key"
exit 1
fi
echo "✅ API key is set"
echo ""
# Example 1: Simple post
echo "📝 Example 1: Simple post"
echo "Command:"
echo 'postiz posts:create -c "Hello World!" -i "twitter-123"'
echo ""
# Example 2: Post with multiple images
echo "📸 Example 2: Post with multiple images"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Check out these amazing photos!" \'
echo ' -m "photo1.jpg,photo2.jpg,photo3.jpg" \'
echo ' -i "twitter-123"'
echo ""
# Example 3: Post with comments, each having their own media
echo "💬 Example 3: Post with comments, each having different media"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Main post content 🚀" \'
echo ' -m "main-image1.jpg,main-image2.jpg" \'
echo ' -c "First comment with its own image 📸" \'
echo ' -m "comment1-image.jpg" \'
echo ' -c "Second comment with different images 🎨" \'
echo ' -m "comment2-image1.jpg,comment2-image2.jpg" \'
echo ' -i "twitter-123"'
echo ""
# Example 4: Comments with semicolons (no escaping needed!)
echo "🎯 Example 4: Comments can contain semicolons!"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Main post" \'
echo ' -c "First comment; notice the semicolon!" \'
echo ' -c "Second comment; with multiple; semicolons; works fine!" \'
echo ' -i "twitter-123"'
echo ""
# Example 5: Twitter thread with custom delay
echo "🧵 Example 5: Twitter thread with 2-second delays"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "🧵 How to use Postiz CLI (1/5)" \'
echo ' -m "thread-intro.jpg" \'
echo ' -c "Step 1: Install the CLI (2/5)" \'
echo ' -m "step1-screenshot.jpg" \'
echo ' -c "Step 2: Set your API key (3/5)" \'
echo ' -m "step2-screenshot.jpg" \'
echo ' -c "Step 3: Create your first post (4/5)" \'
echo ' -m "step3-screenshot.jpg" \'
echo ' -c "You'\''re all set! 🎉 (5/5)" \'
echo ' -m "done.jpg" \'
echo ' -d 2000 \'
echo ' -i "twitter-123"'
echo ""
# Example 6: Scheduled post with comments
echo "⏰ Example 6: Scheduled post with follow-up comments"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Product launch! 🚀" \'
echo ' -m "product-hero.jpg,product-features.jpg" \'
echo ' -c "Special launch offer - 50% off!" \'
echo ' -m "discount-banner.jpg" \'
echo ' -c "Limited time only!" \'
echo ' -s "2024-12-25T09:00:00Z" \'
echo ' -i "twitter-123,linkedin-456"'
echo ""
# Example 7: Multi-platform with same content
echo "🌐 Example 7: Multi-platform posting"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Exciting announcement! 🎉" \'
echo ' -m "announcement.jpg" \'
echo ' -c "More details in the comments..." \'
echo ' -m "details-infographic.jpg" \'
echo ' -i "twitter-123,linkedin-456,facebook-789"'
echo ""
# Example 8: Comments without media
echo "💭 Example 8: Main post with media, comments without media"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Check out this amazing view! 🏔️" \'
echo ' -m "mountain-photo.jpg" \'
echo ' -c "Taken at sunrise this morning" \'
echo ' -c "Location: Swiss Alps" \'
echo ' -i "twitter-123"'
echo ""
# Example 9: Product tutorial series
echo "📚 Example 9: Product tutorial series"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Tutorial: Getting Started with Our Product 📖" \'
echo ' -m "tutorial-cover.jpg" \'
echo ' -c "1. First, download and install the app" \'
echo ' -m "install-screen.jpg" \'
echo ' -c "2. Create your account and set up your profile" \'
echo ' -m "signup-screen.jpg" \'
echo ' -c "3. You'\''re ready to go! Start creating your first project" \'
echo ' -m "dashboard-screen.jpg" \'
echo ' -d 3000 \'
echo ' -i "twitter-123"'
echo ""
# Example 10: Event coverage
echo "📍 Example 10: Live event coverage"
echo "Command:"
echo 'postiz posts:create \'
echo ' -c "Conference 2024 is starting! 🎤" \'
echo ' -m "venue-photo.jpg" \'
echo ' -c "First speaker: Jane Doe talking about AI" \'
echo ' -m "speaker1-photo.jpg" \'
echo ' -c "Second speaker: John Smith on cloud architecture" \'
echo ' -m "speaker2-photo.jpg" \'
echo ' -c "Networking break! Great conversations happening" \'
echo ' -m "networking-photo.jpg" \'
echo ' -d 30000 \'
echo ' -i "twitter-123,linkedin-456"'
echo ""
echo "💡 Tips:"
echo " - Use multiple -c flags for main post + comments"
echo " - Use -m flags to specify media for each -c"
echo " - First -c is the main post, subsequent ones are comments"
echo " - -m is optional, can be omitted for text-only comments"
echo " - Use -d to set delay between comments (in milliseconds)"
echo " - Semicolons and special characters work fine in -c content!"
echo ""
echo "📖 For more examples, see:"
echo " - examples/EXAMPLES.md - Comprehensive guide"
echo " - examples/*.json - JSON file examples"
echo " - SKILL.md - AI agent patterns"

89
apps/cli/examples/multi-platform-post.json Normal file
View file

@ -0,0 +1,89 @@
{
"type": "schedule",
"date": "2024-12-25T12:00:00Z",
"shortLink": true,
"tags": [
{
"value": "holiday",
"label": "Holiday"
},
{
"value": "marketing",
"label": "Marketing"
}
],
"posts": [
{
"integration": {
"id": "twitter-integration-id"
},
"value": [
{
"content": "Happy Holidays! 🎄 Check out our special offers!",
"image": [
{
"id": "holiday1",
"path": "https://example.com/holiday-twitter.jpg"
}
]
},
{
"content": "Limited time offer - 50% off! 🎁",
"image": [],
"delay": 3600000
}
],
"settings": {
"__type": "EmptySettings"
}
},
{
"integration": {
"id": "linkedin-integration-id"
},
"value": [
{
"content": "Season's greetings from our team! We're offering exclusive holiday promotions.",
"image": [
{
"id": "holiday2",
"path": "https://example.com/holiday-linkedin.jpg"
}
]
}
],
"settings": {
"__type": "EmptySettings"
}
},
{
"integration": {
"id": "facebook-integration-id"
},
"value": [
{
"content": "🎅 Happy Holidays! Special announcement in the comments!",
"image": [
{
"id": "holiday3",
"path": "https://example.com/holiday-facebook-main.jpg"
}
]
},
{
"content": "Our holiday sale is now live! Visit our website for amazing deals 🎁",
"image": [
{
"id": "holiday4",
"path": "https://example.com/holiday-sale-banner.jpg"
}
],
"delay": 300000
}
],
"settings": {
"__type": "EmptySettings"
}
}
]
}

95
apps/cli/examples/multi-platform-with-settings.json Normal file
View file

@ -0,0 +1,95 @@
{
"type": "schedule",
"date": "2024-03-15T09:00:00Z",
"shortLink": true,
"tags": [
{ "value": "product-launch", "label": "Product Launch" }
],
"posts": [
{
"integration": { "id": "reddit-integration-id" },
"value": [{
"content": "We're launching our new CLI tool today!\n\nIt's designed to make social media scheduling effortless for developers and AI agents. Built with TypeScript, supports 28+ platforms, and has a clean, intuitive API.\n\nFeatures:\n- Multi-platform posting\n- Thread creation\n- Scheduled posts\n- Comments with media\n- Provider-specific settings\n\nTry it out and let us know what you think!",
"image": [
{ "id": "r1", "path": "https://cdn.example.com/reddit-screenshot.jpg" }
]
}],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Launching Postiz CLI - Social Media Automation for Developers",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}
},
{
"integration": { "id": "twitter-integration-id" },
"value": [
{
"content": "🚀 Launching Postiz CLI today!\n\nFinally, a developer-friendly way to automate social media. Built with TypeScript, supports 28+ platforms.\n\n✨ Features in thread below 👇",
"image": [
{ "id": "t1", "path": "https://cdn.example.com/twitter-banner.jpg" }
]
},
{
"content": "1⃣ Multi-platform posting\nPost to Twitter, LinkedIn, Reddit, TikTok, YouTube, and 23 more platforms with a single command",
"image": [
{ "id": "t2", "path": "https://cdn.example.com/multi-platform.jpg" }
],
"delay": 3000
},
{
"content": "2⃣ Thread creation\nEasily create Twitter threads, each tweet with its own media",
"image": [
{ "id": "t3", "path": "https://cdn.example.com/threads.jpg" }
],
"delay": 3000
},
{
"content": "3⃣ Provider-specific settings\nReddit subreddits, YouTube visibility, TikTok privacy - all configurable\n\nGet started: https://github.com/yourrepo",
"image": [],
"delay": 3000
}
],
"settings": {
"__type": "x",
"who_can_reply_post": "everyone"
}
},
{
"integration": { "id": "linkedin-integration-id" },
"value": [{
"content": "Excited to announce the launch of Postiz CLI! 🎉\n\nAs developers, we know how time-consuming social media management can be. That's why we built a powerful CLI tool that makes scheduling posts across 28+ platforms effortless.\n\nKey features:\n• Multi-platform support (Twitter, LinkedIn, Reddit, TikTok, YouTube, and more)\n• Thread and carousel creation\n• Scheduled posting with precise timing\n• Provider-specific settings and customization\n• Built for AI agents and automation\n\nWhether you're managing a personal brand, running marketing campaigns, or building AI-powered social media tools, Postiz CLI has you covered.\n\nCheck it out and let us know your thoughts!",
"image": [
{ "id": "l1", "path": "https://cdn.example.com/linkedin-slide1.jpg" },
{ "id": "l2", "path": "https://cdn.example.com/linkedin-slide2.jpg" },
{ "id": "l3", "path": "https://cdn.example.com/linkedin-slide3.jpg" }
]
}],
"settings": {
"__type": "linkedin",
"post_as_images_carousel": true,
"carousel_name": "Postiz CLI Launch"
}
},
{
"integration": { "id": "instagram-integration-id" },
"value": [{
"content": "🚀 New launch alert!\n\nPostiz CLI is here - automate your social media like a pro.\n\n✨ 28+ platforms\n📅 Scheduled posting\n🧵 Thread creation\n⚙ Full customization\n\nLink in bio! #developer #automation #socialmedia #tech",
"image": [
{ "id": "i1", "path": "https://cdn.example.com/instagram-post.jpg" }
]
}],
"settings": {
"__type": "instagram",
"post_type": "post",
"is_trial_reel": false
}
}
]
}

55
apps/cli/examples/post-with-comments.json Normal file
View file

@ -0,0 +1,55 @@
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [
{
"integration": {
"id": "your-integration-id-here"
},
"value": [
{
"content": "This is the main post content 🚀",
"image": [
{
"id": "img1",
"path": "https://example.com/main-image.jpg"
},
{
"id": "img2",
"path": "https://example.com/secondary-image.jpg"
}
]
},
{
"content": "This is the first comment with its own media 📸",
"image": [
{
"id": "img3",
"path": "https://example.com/comment1-image.jpg"
}
],
"delay": 5000
},
{
"content": "This is the second comment with different media 🎨",
"image": [
{
"id": "img4",
"path": "https://example.com/comment2-image1.jpg"
},
{
"id": "img5",
"path": "https://example.com/comment2-image2.jpg"
}
],
"delay": 10000
}
],
"settings": {
"__type": "EmptySettings"
}
}
]
}

27
apps/cli/examples/reddit-post.json Normal file
View file

@ -0,0 +1,27 @@
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [{
"integration": {
"id": "your-reddit-integration-id"
},
"value": [{
"content": "I built a CLI tool for Postiz that makes social media scheduling super easy!\n\nYou can create posts, schedule them, and even post to multiple platforms at once. It supports comments with their own media, threads, and much more.\n\nCheck it out and let me know what you think!",
"image": []
}],
"settings": {
"__type": "reddit",
"subreddit": [{
"value": {
"subreddit": "programming",
"title": "Built a CLI tool for social media scheduling with TypeScript",
"type": "text",
"url": "",
"is_flair_required": false
}
}]
}
}]
}

67
apps/cli/examples/thread-post.json Normal file
View file

@ -0,0 +1,67 @@
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [
{
"integration": {
"id": "twitter-integration-id"
},
"value": [
{
"content": "🧵 Thread: How to use Postiz CLI for automated social media posting (1/5)",
"image": [
{
"id": "tutorial1",
"path": "https://example.com/tutorial-intro.jpg"
}
]
},
{
"content": "Step 1: Install the CLI and set your API key\n\nexport POSTIZ_API_KEY=your_key\npnpm install -g postiz (2/5)",
"image": [
{
"id": "tutorial2",
"path": "https://example.com/tutorial-install.jpg"
}
],
"delay": 2000
},
{
"content": "Step 2: List your connected integrations to get their IDs\n\npostiz integrations:list (3/5)",
"image": [
{
"id": "tutorial3",
"path": "https://example.com/tutorial-integrations.jpg"
}
],
"delay": 2000
},
{
"content": "Step 3: Create your first post\n\npostiz posts:create -c \"Hello World!\" -i \"twitter-123\" (4/5)",
"image": [
{
"id": "tutorial4",
"path": "https://example.com/tutorial-create.jpg"
}
],
"delay": 2000
},
{
"content": "That's it! You can now automate your social media posts with ease. Check out our docs for more advanced features! 🚀 (5/5)",
"image": [
{
"id": "tutorial5",
"path": "https://example.com/tutorial-done.jpg"
}
],
"delay": 2000
}
],
"settings": {
"__type": "EmptySettings"
}
}
]
}

31
apps/cli/examples/tiktok-video.json Normal file
View file

@ -0,0 +1,31 @@
{
"type": "now",
"date": "2024-01-15T12:00:00Z",
"shortLink": true,
"tags": [],
"posts": [{
"integration": {
"id": "your-tiktok-integration-id"
},
"value": [{
"content": "Quick tip: Automate your social media with this CLI tool! 🚀\n\n#coding #programming #typescript #developer #tech",
"image": [{
"id": "video1",
"path": "https://cdn.example.com/tiktok-video.mp4"
}]
}],
"settings": {
"__type": "tiktok",
"title": "Automate Social Media with CLI",
"privacy_level": "PUBLIC_TO_EVERYONE",
"duet": true,
"stitch": true,
"comment": true,
"autoAddMusic": "no",
"brand_content_toggle": false,
"brand_organic_toggle": false,
"video_made_with_ai": false,
"content_posting_method": "DIRECT_POST"
}
}]
}

34
apps/cli/examples/youtube-video.json Normal file
View file

@ -0,0 +1,34 @@
{
"type": "schedule",
"date": "2024-12-25T09:00:00Z",
"shortLink": true,
"tags": [
{ "value": "tutorial", "label": "Tutorial" },
{ "value": "tech", "label": "Tech" }
],
"posts": [{
"integration": {
"id": "your-youtube-integration-id"
},
"value": [{
"content": "In this video, I'll show you how to build a powerful CLI tool for social media automation.\n\n⏱ Timestamps:\n0:00 - Introduction\n2:15 - Setting up the project\n5:30 - Building the API client\n10:45 - Creating commands\n15:20 - Testing and deployment\n\n📚 Resources:\n- GitHub: https://github.com/yourrepo\n- Documentation: https://docs.example.com\n\n🔔 Subscribe for more TypeScript tutorials!",
"image": [{
"id": "thumbnail1",
"path": "https://cdn.example.com/thumbnail.jpg"
}]
}],
"settings": {
"__type": "youtube",
"title": "Building a Social Media CLI Tool with TypeScript",
"type": "public",
"selfDeclaredMadeForKids": "no",
"tags": [
{ "value": "typescript", "label": "TypeScript" },
{ "value": "cli", "label": "CLI" },
{ "value": "tutorial", "label": "Tutorial" },
{ "value": "programming", "label": "Programming" },
{ "value": "nodejs", "label": "Node.js" }
]
}
}]
}

40
apps/cli/package.json Normal file
View file

@ -0,0 +1,40 @@
{
"name": "postiz",
"version": "2.0.5",
"description": "Postiz CLI - Command line interface for the Postiz social media scheduling API",
"main": "dist/index.js",
"bin": {
"postiz": "./dist/index.js"
},
"scripts": {
"dev": "tsup --watch",
"build": "tsup",
"start": "node ./dist/index.js",
"publish": "tsup && pnpm publish --access public --no-git-checks"
},
"files": [
"dist",
"README.md",
"SKILL.md"
],
"keywords": [
"postiz",
"cli",
"social media",
"scheduling",
"automation",
"ai-agent",
"command-line"
],
"author": "Nevo David",
"license": "AGPL-3.0",
"repository": {
"type": "git",
"url": "https://github.com/gitroomhq/postiz-app.git",
"directory": "apps/cli"
},
"homepage": "https://postiz.com",
"bugs": {
"url": "https://github.com/gitroomhq/postiz-app/issues"
}
}

162
apps/cli/src/api.ts Normal file
View file

@ -0,0 +1,162 @@
import fetch, { FormData } from 'node-fetch';
export interface PostizConfig {
apiKey: string;
apiUrl?: string;
}
export class PostizAPI {
private apiKey: string;
private apiUrl: string;
constructor(config: PostizConfig) {
this.apiKey = config.apiKey;
this.apiUrl = config.apiUrl || 'https://api.postiz.com';
}
private async request(endpoint: string, options: any = {}) {
const url = `${this.apiUrl}${endpoint}`;
const headers = {
'Content-Type': 'application/json',
Authorization: this.apiKey,
...options.headers,
};
try {
const response = await fetch(url, {
...options,
headers,
});
if (!response.ok) {
const error = await response.text();
throw new Error(`API Error (${response.status}): ${error}`);
}
return await response.json();
} catch (error: any) {
throw new Error(`Request failed: ${error.message}`);
}
}
async createPost(data: any) {
return this.request('/public/v1/posts', {
method: 'POST',
body: JSON.stringify(data),
});
}
async listPosts(filters: any = {}) {
const queryString = new URLSearchParams(
Object.entries(filters).reduce((acc, [key, value]) => {
if (value !== undefined && value !== null) {
acc[key] = String(value);
}
return acc;
}, {} as Record<string, string>)
).toString();
const endpoint = queryString
? `/public/v1/posts?${queryString}`
: '/public/v1/posts';
return this.request(endpoint, {
method: 'GET',
});
}
async deletePost(id: string) {
return this.request(`/public/v1/posts/${id}`, {
method: 'DELETE',
});
}
async upload(file: Buffer, filename: string) {
const formData = new FormData();
const extension = filename.split('.').pop()?.toLowerCase() || '';
// Determine MIME type based on file extension
const mimeTypes: Record<string, string> = {
// Images
'png': 'image/png',
'jpg': 'image/jpeg',
'jpeg': 'image/jpeg',
'gif': 'image/gif',
'webp': 'image/webp',
'svg': 'image/svg+xml',
'bmp': 'image/bmp',
'ico': 'image/x-icon',
// Videos
'mp4': 'video/mp4',
'mov': 'video/quicktime',
'avi': 'video/x-msvideo',
'mkv': 'video/x-matroska',
'webm': 'video/webm',
'flv': 'video/x-flv',
'wmv': 'video/x-ms-wmv',
'm4v': 'video/x-m4v',
'mpeg': 'video/mpeg',
'mpg': 'video/mpeg',
'3gp': 'video/3gpp',
// Audio
'mp3': 'audio/mpeg',
'wav': 'audio/wav',
'ogg': 'audio/ogg',
'aac': 'audio/aac',
'flac': 'audio/flac',
'm4a': 'audio/mp4',
// Documents
'pdf': 'application/pdf',
'doc': 'application/msword',
'docx': 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
};
const type = mimeTypes[extension] || 'application/octet-stream';
const blob = new Blob([file], { type });
formData.append('file', blob, filename);
const url = `${this.apiUrl}/public/v1/upload`;
const response = await fetch(url, {
method: 'POST',
// @ts-ignore
body: formData,
headers: {
Authorization: this.apiKey,
},
});
if (!response.ok) {
const error = await response.text();
throw new Error(`Upload failed (${response.status}): ${error}`);
}
return await response.json();
}
async listIntegrations() {
return this.request('/public/v1/integrations', {
method: 'GET',
});
}
async getIntegrationSettings(integrationId: string) {
return this.request(`/public/v1/integration-settings/${integrationId}`, {
method: 'GET',
});
}
async triggerIntegrationTool(
integrationId: string,
methodName: string,
data: Record<string, string>
) {
return this.request(`/public/v1/integration-trigger/${integrationId}`, {
method: 'POST',
body: JSON.stringify({ methodName, data }),
});
}
}

73
apps/cli/src/commands/integrations.ts Normal file
View file

@ -0,0 +1,73 @@
import { PostizAPI } from '../api';
import { getConfig } from '../config';
export async function listIntegrations() {
const config = getConfig();
const api = new PostizAPI(config);
try {
const result = await api.listIntegrations();
console.log('🔌 Connected Integrations:');
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to list integrations:', error.message);
process.exit(1);
}
}
export async function getIntegrationSettings(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
if (!args.id) {
console.error('❌ Integration ID is required');
process.exit(1);
}
try {
const result = await api.getIntegrationSettings(args.id);
console.log(`⚙️ Settings for integration: ${args.id}`);
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to get integration settings:', error.message);
process.exit(1);
}
}
export async function triggerIntegrationTool(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
if (!args.id) {
console.error('❌ Integration ID is required');
process.exit(1);
}
if (!args.method) {
console.error('❌ Method name is required');
process.exit(1);
}
// Parse data from JSON string or use empty object
let data: Record<string, string> = {};
if (args.data) {
try {
data = JSON.parse(args.data);
} catch (error: any) {
console.error('❌ Failed to parse data JSON:', error.message);
process.exit(1);
}
}
try {
const result = await api.triggerIntegrationTool(args.id, args.method, data);
console.log(`🔧 Tool result for ${args.method}:`);
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to trigger tool:', error.message);
process.exit(1);
}
}

155
apps/cli/src/commands/posts.ts Normal file
View file

@ -0,0 +1,155 @@
import { PostizAPI } from '../api';
import { getConfig } from '../config';
import { readFileSync, existsSync } from 'fs';
export async function createPost(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
// Support both simple and complex post creation
let postData: any;
if (args.json) {
// Load from JSON file for complex posts with comments and media
try {
const jsonPath = args.json;
if (!existsSync(jsonPath)) {
console.error(`❌ JSON file not found: ${jsonPath}`);
process.exit(1);
}
const jsonContent = readFileSync(jsonPath, 'utf-8');
postData = JSON.parse(jsonContent);
} catch (error: any) {
console.error('❌ Failed to parse JSON file:', error.message);
process.exit(1);
}
} else {
const integrations = args.integrations
? args.integrations.split(',').map((id: string) => id.trim())
: [];
if (integrations.length === 0) {
console.error('❌ At least one integration ID is required');
console.error('Use -i or --integrations to specify integration IDs');
console.error('Run "postiz integrations:list" to see available integrations');
process.exit(1);
}
// Support multiple -c and -m flags
// Normalize to arrays
const contents = Array.isArray(args.content) ? args.content : [args.content];
const medias = Array.isArray(args.media) ? args.media : (args.media ? [args.media] : []);
if (!contents[0]) {
console.error('❌ At least one -c/--content is required');
process.exit(1);
}
// Build value array by pairing contents with their media
const values = contents.map((content: string, index: number) => {
const mediaForThisContent = medias[index];
const images = mediaForThisContent
? mediaForThisContent.split(',').map((img: string) => ({
id: Math.random().toString(36).substring(7),
path: img.trim(),
}))
: [];
return {
content: content,
image: images,
// Add delay for all items except the first (main post)
...(index > 0 && { delay: args.delay || 5000 }),
};
});
// Parse provider-specific settings if provided
// Note: __type is automatically added by the backend based on integration ID
let settings: any = undefined;
if (args.settings) {
try {
settings = typeof args.settings === 'string'
? JSON.parse(args.settings)
: args.settings;
} catch (error: any) {
console.error('❌ Failed to parse settings JSON:', error.message);
process.exit(1);
}
}
// Build the proper post structure
postData = {
type: args.type || 'schedule', // 'schedule' or 'draft'
date: args.date, // Required date field
shortLink: args.shortLink !== false,
tags: [],
posts: integrations.map((integrationId: string) => ({
integration: { id: integrationId },
value: values,
settings: settings,
})),
};
}
try {
const result = await api.createPost(postData);
console.log('✅ Post created successfully!');
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to create post:', error.message);
process.exit(1);
}
}
export async function listPosts(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
// Set default date range: last 30 days to 30 days in the future
const defaultStartDate = new Date();
defaultStartDate.setDate(defaultStartDate.getDate() - 30);
const defaultEndDate = new Date();
defaultEndDate.setDate(defaultEndDate.getDate() + 30);
// Only send fields that are in GetPostsDto
const filters: any = {
startDate: args.startDate || defaultStartDate.toISOString(),
endDate: args.endDate || defaultEndDate.toISOString(),
};
// customer is optional in the DTO
if (args.customer) {
filters.customer = args.customer;
}
try {
const result = await api.listPosts(filters);
console.log('📋 Posts:');
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to list posts:', error.message);
process.exit(1);
}
}
export async function deletePost(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
if (!args.id) {
console.error('❌ Post ID is required');
process.exit(1);
}
try {
await api.deletePost(args.id);
console.log(`✅ Post ${args.id} deleted successfully!`);
} catch (error: any) {
console.error('❌ Failed to delete post:', error.message);
process.exit(1);
}
}

26
apps/cli/src/commands/upload.ts Normal file
View file

@ -0,0 +1,26 @@
import { PostizAPI } from '../api';
import { getConfig } from '../config';
import { readFileSync } from 'fs';
export async function uploadFile(args: any) {
const config = getConfig();
const api = new PostizAPI(config);
if (!args.file) {
console.error('❌ File path is required');
process.exit(1);
}
try {
const fileBuffer = readFileSync(args.file);
const filename = args.file.split('/').pop() || 'file';
const result = await api.upload(fileBuffer, filename);
console.log('✅ File uploaded successfully!');
console.log(JSON.stringify(result, null, 2));
return result;
} catch (error: any) {
console.error('❌ Failed to upload file:', error.message);
process.exit(1);
}
}

17
apps/cli/src/config.ts Normal file
View file

@ -0,0 +1,17 @@
import { PostizConfig } from './api';
export function getConfig(): PostizConfig {
const apiKey = process.env.POSTIZ_API_KEY;
const apiUrl = process.env.POSTIZ_API_URL;
if (!apiKey) {
console.error('❌ Error: POSTIZ_API_KEY environment variable is required');
console.error('Please set it using: export POSTIZ_API_KEY=your_api_key');
process.exit(1);
}
return {
apiKey,
apiUrl,
};
}

240
apps/cli/src/index.ts Normal file
View file

@ -0,0 +1,240 @@
import yargs from 'yargs';
import { hideBin } from 'yargs/helpers';
import { createPost, listPosts, deletePost } from './commands/posts';
import { listIntegrations, getIntegrationSettings, triggerIntegrationTool } from './commands/integrations';
import { uploadFile } from './commands/upload';
import type { Argv } from 'yargs';
yargs(hideBin(process.argv))
.scriptName('postiz')
.usage('$0 <command> [options]')
.command(
'posts:create',
'Create a new post',
(yargs: Argv) => {
return yargs
.option('content', {
alias: 'c',
describe: 'Post/comment content (can be used multiple times)',
type: 'string',
})
.option('media', {
alias: 'm',
describe: 'Comma-separated media URLs for the corresponding -c (can be used multiple times)',
type: 'string',
})
.option('integrations', {
alias: 'i',
describe: 'Comma-separated list of integration IDs',
type: 'string',
})
.option('date', {
alias: 's',
describe: 'Schedule date (ISO 8601 format) - REQUIRED',
type: 'string',
})
.option('type', {
alias: 't',
describe: 'Post type: "schedule" or "draft"',
type: 'string',
choices: ['schedule', 'draft'],
default: 'schedule',
})
.option('delay', {
alias: 'd',
describe: 'Delay in milliseconds between comments (default: 5000)',
type: 'number',
default: 5000,
})
.option('json', {
alias: 'j',
describe: 'Path to JSON file with full post structure',
type: 'string',
})
.option('shortLink', {
describe: 'Use short links',
type: 'boolean',
default: true,
})
.option('settings', {
describe: 'Platform-specific settings as JSON string',
type: 'string',
})
.check((argv) => {
if (!argv.json && !argv.content) {
throw new Error('Either --content or --json is required');
}
if (!argv.json && !argv.integrations) {
throw new Error('--integrations is required when not using --json');
}
if (!argv.json && !argv.date) {
throw new Error('--date is required when not using --json');
}
return true;
})
.example(
'$0 posts:create -c "Hello World!" -s "2024-12-31T12:00:00Z" -i "twitter-123"',
'Simple scheduled post'
)
.example(
'$0 posts:create -c "Draft post" -s "2024-12-31T12:00:00Z" -t draft -i "twitter-123"',
'Create draft post'
)
.example(
'$0 posts:create -c "Main post" -m "img1.jpg,img2.jpg" -s "2024-12-31T12:00:00Z" -i "twitter-123"',
'Post with multiple images'
)
.example(
'$0 posts:create -c "Main post" -m "img1.jpg" -c "First comment" -m "img2.jpg" -c "Second comment" -m "img3.jpg,img4.jpg" -s "2024-12-31T12:00:00Z" -i "twitter-123"',
'Post with comments, each having their own media'
)
.example(
'$0 posts:create -c "Main" -c "Comment with semicolon; see?" -c "Another!" -s "2024-12-31T12:00:00Z" -i "twitter-123"',
'Comments can contain semicolons'
)
.example(
'$0 posts:create -c "Thread 1/3" -c "Thread 2/3" -c "Thread 3/3" -d 2000 -s "2024-12-31T12:00:00Z" -i "twitter-123"',
'Twitter thread with 2s delay'
)
.example(
'$0 posts:create --json ./post.json',
'Complex post from JSON file'
)
.example(
'$0 posts:create -c "Post to subreddit" -s "2024-12-31T12:00:00Z" --settings \'{"subreddit":[{"value":{"subreddit":"programming","title":"My Title","type":"text","url":"","is_flair_required":false}}]}\' -i "reddit-123"',
'Reddit post with specific subreddit settings'
)
.example(
'$0 posts:create -c "Video description" -s "2024-12-31T12:00:00Z" --settings \'{"title":"My Video","type":"public","tags":[{"value":"tech","label":"Tech"}]}\' -i "youtube-123"',
'YouTube post with title and tags'
)
.example(
'$0 posts:create -c "Tweet content" -s "2024-12-31T12:00:00Z" --settings \'{"who_can_reply_post":"everyone"}\' -i "twitter-123"',
'X (Twitter) post with reply settings'
);
},
createPost as any
)
.command(
'posts:list',
'List all posts',
(yargs: Argv) => {
return yargs
.option('startDate', {
describe: 'Start date (ISO 8601 format). Default: 30 days ago',
type: 'string',
})
.option('endDate', {
describe: 'End date (ISO 8601 format). Default: 30 days from now',
type: 'string',
})
.option('customer', {
describe: 'Customer ID (optional)',
type: 'string',
})
.example('$0 posts:list', 'List all posts (last 30 days to next 30 days)')
.example(
'$0 posts:list --startDate "2024-01-01T00:00:00Z" --endDate "2024-12-31T23:59:59Z"',
'List posts for a specific date range'
)
.example(
'$0 posts:list --customer "customer-id"',
'List posts for a specific customer'
);
},
listPosts as any
)
.command(
'posts:delete <id>',
'Delete a post',
(yargs: Argv) => {
return yargs
.positional('id', {
describe: 'Post ID to delete',
type: 'string',
})
.example('$0 posts:delete abc123', 'Delete post with ID abc123');
},
deletePost as any
)
.command(
'integrations:list',
'List all connected integrations',
{},
listIntegrations as any
)
.command(
'integrations:settings <id>',
'Get settings schema for a specific integration',
(yargs: Argv) => {
return yargs
.positional('id', {
describe: 'Integration ID',
type: 'string',
})
.example(
'$0 integrations:settings reddit-123',
'Get settings schema for Reddit integration'
)
.example(
'$0 integrations:settings youtube-456',
'Get settings schema for YouTube integration'
);
},
getIntegrationSettings as any
)
.command(
'integrations:trigger <id> <method>',
'Trigger an integration tool to fetch additional data',
(yargs: Argv) => {
return yargs
.positional('id', {
describe: 'Integration ID',
type: 'string',
})
.positional('method', {
describe: 'Method name from the integration tools',
type: 'string',
})
.option('data', {
alias: 'd',
describe: 'Data to pass to the tool as JSON string',
type: 'string',
})
.example(
'$0 integrations:trigger reddit-123 getSubreddits',
'Get list of subreddits'
)
.example(
'$0 integrations:trigger reddit-123 searchSubreddits -d \'{"query":"programming"}\'',
'Search for subreddits'
)
.example(
'$0 integrations:trigger youtube-123 getPlaylists',
'Get YouTube playlists'
);
},
triggerIntegrationTool as any
)
.command(
'upload <file>',
'Upload a file',
(yargs: Argv) => {
return yargs
.positional('file', {
describe: 'File path to upload',
type: 'string',
})
.example('$0 upload ./image.png', 'Upload an image');
},
uploadFile as any
)
.demandCommand(1, 'You need at least one command')
.help()
.alias('h', 'help')
.version()
.alias('v', 'version')
.epilogue(
'For more information, visit: https://postiz.com\n\nSet your API key: export POSTIZ_API_KEY=your_api_key'
)
.parse();

15
apps/cli/tsconfig.json Normal file
View file

@ -0,0 +1,15 @@
{
"extends": "../../tsconfig.base.json",
"compilerOptions": {
"module": "commonjs",
"declaration": true,
"removeComments": true,
"allowSyntheticDefaultImports": true,
"target": "es2017",
"sourceMap": true,
"esModuleInterop": true,
"rootDir": "../../",
"incremental": false
},
"include": ["src"]
}

14
apps/cli/tsup.config.ts Normal file
View file

@ -0,0 +1,14 @@
import { defineConfig } from 'tsup';
export default defineConfig({
entry: ['src/index.ts'],
format: ['cjs'],
dts: false, // Disable DTS generation to avoid type issues
splitting: false,
sourcemap: true,
clean: true,
outDir: 'dist',
banner: {
js: '#!/usr/bin/env node',
},
});

18
apps/frontend/eslint.config.mjs
View file

@ -1,18 +0,0 @@
import nextCoreWebVitals from "eslint-config-next/core-web-vitals";
import nextTypescript from "eslint-config-next/typescript";
const eslintConfig = [
...nextCoreWebVitals,
...nextTypescript,
{
ignores: [
"node_modules/**",
".next/**",
"out/**",
"build/**",
"next-env.d.ts",
],
},
];
export default eslintConfig;

64
apps/frontend/next.config.js
View file

@ -8,32 +8,41 @@ const nextConfig = {
},
// Document-Policy header for browser profiling
async headers() {
return [
{
source: '/:path*',
headers: [
{
key: 'Document-Policy',
value: 'js-profiling',
},
],
},
];
return [{
source: "/:path*",
headers: [{
key: "Document-Policy",
value: "js-profiling",
}, ],
}, ];
},
reactStrictMode: false,
transpilePackages: ['crypto-hash'],
// Enable production sourcemaps for Sentry
productionBrowserSourceMaps: true,
// Custom webpack config to ensure sourcemaps are generated properly
webpack: (config, { buildId, dev, isServer, defaultLoaders }) => {
// Enable sourcemaps for both client and server in production
if (!dev) {
config.devtool = isServer ? 'source-map' : 'hidden-source-map';
}
return config;
},
images: {
remotePatterns: [
{
protocol: 'http',
hostname: '**',
},
{
protocol: 'https',
hostname: '**',
},
],
},
async redirects() {
return [
{
@ -67,18 +76,18 @@ export default withSentryConfig(nextConfig, {
disable: false,
// More comprehensive asset patterns for monorepo
assets: [
'.next/static/**/*.js',
'.next/static/**/*.js.map',
'.next/server/**/*.js',
'.next/server/**/*.js.map',
".next/static/**/*.js",
".next/static/**/*.js.map",
".next/server/**/*.js",
".next/server/**/*.js.map",
],
ignore: [
'**/node_modules/**',
'**/*hot-update*',
'**/_buildManifest.js',
'**/_ssgManifest.js',
'**/*.test.js',
'**/*.spec.js',
"**/node_modules/**",
"**/*hot-update*",
"**/_buildManifest.js",
"**/_ssgManifest.js",
"**/*.test.js",
"**/*.spec.js",
],
deleteSourcemapsAfterUpload: true,
},
@ -88,8 +97,7 @@ export default withSentryConfig(nextConfig, {
create: true,
finalize: true,
// Use git commit hash for releases in monorepo
name:
process.env.VERCEL_GIT_COMMIT_SHA || process.env.GITHUB_SHA || undefined,
name: process.env.VERCEL_GIT_COMMIT_SHA || process.env.GITHUB_SHA || undefined,
},
// NextJS specific optimizations for monorepo
@ -102,10 +110,8 @@ export default withSentryConfig(nextConfig, {
// Error handling for CI/CD
errorHandler: (error) => {
console.warn('Sentry build error occurred:', error.message);
console.warn(
'This might be due to missing Sentry environment variables or network issues'
);
console.warn("Sentry build error occurred:", error.message);
console.warn("This might be due to missing Sentry environment variables or network issues");
// Don't fail the build if Sentry upload fails in monorepo context
return;
},

2
apps/frontend/package.json
View file

@ -5,8 +5,6 @@
"type": "module",
"scripts": {
"dev": "dotenv -e ../../.env -- next dev -p 4200",
"fetch-gtm": "node scripts/fetch-gtm.mjs",
"postinstall": "node scripts/fetch-gtm.mjs",
"build": "next build",
"build:sentry": "dotenv -e ../../.env -- next build",
"start": "dotenv -e ../../.env -- next start -p 4200",

BIN
apps/frontend/public/icons/platforms/mewe.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 2.7 KiB

BIN
apps/frontend/public/icons/third-party/reelfarm.png vendored
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 4.6 KiB

50
apps/frontend/scripts/fetch-gtm.mjs
View file

@ -1,50 +0,0 @@
import { writeFile, mkdir, readFile } from 'node:fs/promises';
import { existsSync } from 'node:fs';
import { dirname, resolve } from 'node:path';
import { fileURLToPath } from 'node:url';
const __dirname = dirname(fileURLToPath(import.meta.url));
const envPath = resolve(__dirname, '..', '..', '..', '.env');
const outPath = resolve(__dirname, '..', 'public', 'g.js');
if (!process.env.NEXT_PUBLIC_GTM_ID && existsSync(envPath)) {
const content = await readFile(envPath, 'utf8');
for (const raw of content.split('\n')) {
const line = raw.trim();
if (!line || line.startsWith('#')) continue;
const eq = line.indexOf('=');
if (eq === -1) continue;
const key = line.slice(0, eq).trim();
let value = line.slice(eq + 1).trim();
if (
(value.startsWith('"') && value.endsWith('"')) ||
(value.startsWith("'") && value.endsWith("'"))
) {
value = value.slice(1, -1);
}
if (!process.env[key]) process.env[key] = value;
}
}
const id = process.env.NEXT_PUBLIC_GTM_ID;
if (!id) {
console.log('[fetch-gtm] NEXT_PUBLIC_GTM_ID not set, skipping');
process.exit(0);
}
const url = `https://www.googletagmanager.com/gtm.js?id=${encodeURIComponent(id)}`;
try {
console.log(`[fetch-gtm] fetching ${url}`);
const res = await fetch(url);
if (!res.ok) {
console.warn(`[fetch-gtm] non-OK response ${res.status}, skipping`);
process.exit(0);
}
const body = await res.text();
await mkdir(dirname(outPath), { recursive: true });
await writeFile(outPath, body, 'utf8');
console.log(`[fetch-gtm] wrote ${outPath} (${body.length} bytes)`);
} catch (err) {
console.warn(`[fetch-gtm] failed: ${err?.message || err}, skipping`);
process.exit(0);
}

54
apps/frontend/src/app/(app)/(preview)/p/[id]/page.tsx
View file

@ -1,9 +1,8 @@
import { internalFetch } from '@gitroom/helpers/utils/internal.fetch';
import { sanitizePostContent } from '@gitroom/helpers/utils/sanitize.post.content';
export const dynamic = 'force-dynamic';
import { Metadata } from 'next';
import { isGeneralServerSide } from '@gitroom/helpers/utils/is.general.server.side';
import SafeImage from '@gitroom/react/helpers/safe.image';
import Image from 'next/image';
import Link from 'next/link';
import { CommentsComponents } from '@gitroom/frontend/components/preview/comments.components';
import dayjs from 'dayjs';
@ -11,31 +10,32 @@ import utc from 'dayjs/plugin/utc';
import { VideoOrImage } from '@gitroom/react/helpers/video.or.image';
import { CopyClient } from '@gitroom/frontend/components/preview/copy.client';
import { getT } from '@gitroom/react/translation/get.translation.service.backend';
import { RenderPreviewDateClient } from '@gitroom/frontend/components/preview/render.preview.date.client';
import { CreationMethodBadge } from '@gitroom/frontend/components/launches/creation.method.badge';
import dynamicLoad from 'next/dynamic';
const RenderPreviewDate = dynamicLoad(
() =>
import('@gitroom/frontend/components/preview/render.preview.date').then(
(mod) => mod.RenderPreviewDate
),
{ ssr: false }
);
dayjs.extend(utc);
export const metadata: Metadata = {
title: `${isGeneralServerSide() ? 'Postiz' : 'Gitroom'} Preview`,
description: '',
};
export default async function Auth(
props: {
params: Promise<{
id: string;
}>;
searchParams?: Promise<{
share?: string;
}>;
}
) {
const searchParams = await props.searchParams;
const params = await props.params;
const {
id
} = params;
export default async function Auth({
params: { id },
searchParams,
}: {
params: {
id: string;
};
searchParams?: {
share?: string;
};
}) {
const post = await (await internalFetch(`/public/posts/${id}`)).json();
const t = await getT();
if (!post.length) {
@ -57,7 +57,7 @@ export default async function Auth(
className="text-2xl flex items-center justify-center gap-[10px] text-textColor order-1"
>
<div className="max-w-[55px]">
<SafeImage
<Image
src={'/postiz.svg'}
width={55}
height={55}
@ -102,7 +102,7 @@ export default async function Auth(
)}
<div className="flex-1">
{t('publication_date', 'Publication Date:')}{' '}
<RenderPreviewDateClient date={post[0].publishDate} />
<RenderPreviewDate date={post[0].publishDate} />
</div>
</div>
</div>
@ -143,18 +143,12 @@ export default async function Auth(
<span className="text-sm text-gray-500">
@{post[0].integration.profile}
</span>
{index === 0 && (
<CreationMethodBadge
creationMethod={p.creationMethod}
size="md"
/>
)}
</div>
<div className="flex flex-col gap-[20px]">
<div
className="text-sm whitespace-pre-wrap"
dangerouslySetInnerHTML={{
__html: sanitizePostContent(p.content),
__html: p.content,
}}
/>
<div className="flex w-full gap-[10px]">

17
apps/frontend/src/app/(app)/(site)/admin/errors/page.tsx
View file

@ -1,17 +0,0 @@
export const dynamic = 'force-dynamic';
import { AdminErrorsComponent } from '@gitroom/frontend/components/admin/admin-errors.component';
import { Metadata } from 'next';
import { isGeneralServerSide } from '@gitroom/helpers/utils/is.general.server.side';
export const metadata: Metadata = {
title: `${isGeneralServerSide() ? 'Postiz' : 'Gitroom'} Admin Errors`,
description: '',
};
export default async function Page() {
return (
<div className="bg-newBgColorInner flex-1 flex-col flex p-[20px] gap-[12px]">
<AdminErrorsComponent />
</div>
);
}

2
apps/frontend/src/app/(app)/(site)/agents/layout.tsx
View file

@ -2,7 +2,7 @@ import { Metadata } from 'next';
import { Agent } from '@gitroom/frontend/components/agents/agent';
export const metadata: Metadata = {
title: 'Postiz - Agent',
description: 'agents',
description: '',
};
export default async function Layout({
children,

9
apps/frontend/src/app/(app)/(site)/settings/page.tsx
View file

@ -6,11 +6,12 @@ export const metadata: Metadata = {
title: `${isGeneralServerSide() ? 'Postiz' : 'Gitroom'} Settings`,
description: '',
};
export default async function Index(props: {
searchParams: Promise<{
export default async function Index({
searchParams,
}: {
searchParams: {
code: string;
}>;
};
}) {
const searchParams = await props.searchParams;
return <SettingsPopup />;
}

11
apps/frontend/src/app/(app)/api/uploads/[[...path]]/route.ts
View file

@ -19,17 +19,16 @@ function iteratorToStream(iterator: any) {
},
});
}
export const GET = async (
export const GET = (
request: NextRequest,
context: {
params: Promise<{
path?: string[];
}>;
params: {
path: string[];
};
}
) => {
const { path } = await context.params;
const filePath =
process.env.UPLOAD_DIRECTORY + '/' + (path ?? []).join('/');
process.env.UPLOAD_DIRECTORY + '/' + context.params.path.join('/');
const response = createReadStream(filePath);
const fileStats = statSync(filePath);
const contentType = mime.getType(filePath) || 'application/octet-stream';

6
apps/frontend/src/app/(app)/auth/forgot/[token]/page.tsx
View file

@ -7,9 +7,9 @@ export const metadata: Metadata = {
description: '',
};
export default async function Auth(params: {
params: Promise<{
params: {
token: string;
}>;
};
}) {
return <ForgotReturn token={(await params.params).token} />;
return <ForgotReturn token={params.params.token} />;
}

1
apps/frontend/src/app/(app)/auth/layout.tsx
View file

@ -2,6 +2,7 @@ import { getT } from '@gitroom/react/translation/get.translation.service.backend
export const dynamic = 'force-dynamic';
import { ReactNode } from 'react';
import Image from 'next/image';
import loadDynamic from 'next/dynamic';
import { TestimonialComponent } from '@gitroom/frontend/components/auth/testimonial.component';
import { LogoTextComponent } from '@gitroom/frontend/components/ui/logo-text.component';

4
apps/frontend/src/app/(app)/auth/page.tsx
View file

@ -10,13 +10,13 @@ export const metadata: Metadata = {
title: `${isGeneralServerSide() ? 'Postiz' : 'Gitroom'} Register`,
description: '',
};
export default async function Auth(params: {searchParams: Promise<{provider: string}>}) {
export default async function Auth(params: {searchParams: {provider: string}}) {
const t = await getT();
if (process.env.DISABLE_REGISTRATION === 'true') {
const canRegister = (
await (await internalFetch('/auth/can-register')).json()
).register;
if (!canRegister && !(await params?.searchParams)?.provider) {
if (!canRegister && !params?.searchParams?.provider) {
return (
<>
<LoginWithOidc />

26
apps/frontend/src/app/(app)/integrations/social/[provider]/page.tsx
View file

@ -3,21 +3,15 @@ import { cookies } from 'next/headers';
export const dynamic = 'force-dynamic';
export default async function Page(
props: {
params: Promise<{
provider: string;
}>;
searchParams: Promise<any>;
}
) {
const searchParams = await props.searchParams;
const params = await props.params;
const {
provider
} = params;
const get = (await cookies()).get('auth');
export default async function Page({
params: { provider },
searchParams,
}: {
params: {
provider: string;
};
searchParams: any;
}) {
const get = cookies().get('auth');
return <ContinueIntegration searchParams={searchParams} provider={provider} logged={!!get?.name} />;
}

28
apps/frontend/src/app/(app)/layout.tsx
View file

@ -15,15 +15,17 @@ import { PHProvider } from '@gitroom/react/helpers/posthog';
import UtmSaver from '@gitroom/helpers/utils/utm.saver';
import { DubAnalytics } from '@gitroom/frontend/components/layout/dubAnalytics';
import { FacebookComponent } from '@gitroom/frontend/components/layout/facebook.component';
import { GoogleTagManagerComponent } from '@gitroom/frontend/components/layout/gtm.component';
import { cookies } from 'next/headers';
import {
cookieName,
fallbackLng,
} from '@gitroom/react/translation/i18n.config';
import { headers } from 'next/headers';
import { headerName } from '@gitroom/react/translation/i18n.config';
import { HtmlComponent } from '@gitroom/frontend/components/layout/html.component';
import Script from 'next/script';
import { ChangeDirClient } from '@gitroom/frontend/components/new-layout/change.dir.client';
// import dynamicLoad from 'next/dynamic';
// const SetTimezone = dynamicLoad(
// () => import('@gitroom/frontend/components/layout/set.timezone'),
// {
// ssr: false,
// }
// );
const jakartaSans = Plus_Jakarta_Sans({
weight: ['600', '500'],
@ -32,8 +34,7 @@ const jakartaSans = Plus_Jakarta_Sans({
});
export default async function AppLayout({ children }: { children: ReactNode }) {
const cookieStore = await cookies();
const language = cookieStore.get(cookieName)?.value || fallbackLng;
const allHeaders = headers();
const Plausible = !!process.env.STRIPE_PUBLISHABLE_KEY
? PlausibleProvider
: Fragment;
@ -50,7 +51,6 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
/>
)}
</head>
<ChangeDirClient />
<body
className={clsx(jakartaSans.className, 'dark text-primary !bg-primary')}
>
@ -70,9 +70,6 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
oauthLogoUrl={process.env.NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL!}
oauthDisplayName={process.env.NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME!}
uploadDirectory={process.env.NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY!}
cloudflareUrl={process.env.CLOUDFLARE_BUCKET_URL || ''}
mainUrl={process.env.MAIN_URL || ''}
mcpUrl={process.env.MCP_URL}
dub={!!process.env.STRIPE_PUBLISHABLE_KEY}
facebookPixel={process.env.NEXT_PUBLIC_FACEBOOK_PIXEL!}
telegramBotName={process.env.TELEGRAM_BOT_NAME!}
@ -82,9 +79,7 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
disableXAnalytics={!!process.env.DISABLE_X_ANALYTICS}
sentryDsn={process.env.NEXT_PUBLIC_SENTRY_DSN!}
extensionId={process.env.EXTENSION_ID || ''}
googleAdsId={process.env.NEXT_PUBLIC_GTM_ID}
googleAdsTrialTracking={process.env.NEXT_PUBLIC_TRACKING_TRIAL}
language={language}
language={allHeaders.get(headerName)}
transloadit={
process.env.TRANSLOADIT_AUTH && process.env.TRANSLOADIT_TEMPLATE
? [
@ -99,7 +94,6 @@ export default async function AppLayout({ children }: { children: ReactNode }) {
<HtmlComponent />
<DubAnalytics />
<FacebookComponent />
<GoogleTagManagerComponent gtmId={process.env.NEXT_PUBLIC_GTM_ID} />
<Plausible
domain={!!process.env.IS_GENERAL ? 'postiz.com' : 'gitroom.com'}
>

18
apps/frontend/src/app/(app)/oauth/authorize/layout.tsx
View file

@ -1,18 +0,0 @@
import { Metadata } from 'next';
import { ReactNode } from 'react';
export const metadata: Metadata = {
title: 'Authorize Application',
};
export default async function OAuthLayout({
children,
}: {
children: ReactNode;
}) {
return (
<div className="bg-[#0B0A0A] flex flex-1 min-h-screen w-screen">
{children}
</div>
);
}

Some files were not shown because too many files have changed in this diff Show more