remove gmail, improve links, README

Author: Thomas Stromberg

README.md

@@ -4,77 +4,99 @@
   <img src="media/logo.png" alt="ADVRider Notifier Logo" width="200">
 </p>
 
-A secure, minimal Go service that notifies subscribers about new ADVRider forum posts via email. Designed for Google Cloud Run.
-
-## Features
-
-- **Multi-subscription support** - Users can subscribe to multiple threads with one email
-- **Secure token-based authentication** - 64-char random tokens prevent enumeration attacks
-- **Efficient thread fetching** - Each thread is fetched only once per check cycle, regardless of subscriber count
-- **Smart URL normalization** - Handles page numbers and anchors automatically
-- **Rate limiting** - 5 subscriptions per IP per hour
-- **Thread verification** - Validates threads exist before creating subscriptions
-- **Constant-time token comparison** - Prevents timing attacks
-- **Comprehensive security headers** - CSP, X-Frame-Options, X-Content-Type-Options
-- **Retry logic** - Exponential backoff with jitter for HTTP and Gmail API calls
-- **Structured logging** - JSON logs for Cloud Run with slog
-- **Graceful degradation** - Continues monitoring despite individual failures
-- **HTML email formatting** - Clean, responsive email templates
-
-## Prerequisites
-
-- Go 1.23 or later
-- Google Cloud Project with:
-  - Cloud Run API enabled
-  - Cloud Storage API enabled
-  - Gmail API enabled
-- Service account with:
-  - Gmail API access (https://www.googleapis.com/auth/gmail.send)
-  - Cloud Storage access (Storage Object Admin role)
-- [ko](https://ko.build/) for deployment
+Email notifications for ADVRider threads. Built for Cloud Run, written in Go.
 
-## Environment Variables
+ADVRider's built-in notifications only email you once after your last visit to that thread. This keeps the party going by emailing every new post until you unsubscribe.
+
+## What it does
 
-| Variable | Description | Example |
-|----------|-------------|---------|
-| `STORAGE_BUCKET` | Cloud Storage bucket name for subscription data | `advrider-subscriptions` |
-| `BASE_URL` | Public URL of the deployed service | `https://advrider-notifier-xyz.run.app` |
-| `GOOGLE_CREDENTIALS_JSON` | Service account credentials JSON (optional, uses ADC if not set) | `{"type":"service_account",...}` |
-| `PORT` | HTTP server port (optional, defaults to 8080) | `8080` |
-| `LOCAL_STORAGE` | Local filesystem path for subscription data (optional, defaults to ./data) | `/var/tmp/advrider-notify` |
+Subscribe to ADVRider forum threads and get emails when new posts appear. That's it.
 
-## Local Development
+- Adaptive polling (5min to 4hr based on thread activity)
+- Multiple threads per email address
+- Handles login-required forums gracefully (reports 403, doesn't crash)
+- Exponential backoff with retry on transient failures
+- Local dev mode with mocked email
 
-### Build
+## Running it
 
+**Local (filesystem + mock email):**
 ```bash
-make build
+go run .
 ```
 
-### Run Tests
+Visit http://localhost:8080 and subscribe to a thread.
 
+**Cloud Run (GCS + Brevo):**
 ```bash
-make test
+export STORAGE_BUCKET=your-bucket-name
+export BASE_URL=https://your-service.run.app
+export BREVO_API_KEY=your-api-key
+ko apply -f service.yaml
 ```
 
-### Run Locally
+Requires a service account with Cloud Storage access and a Brevo API key.
 
-The service automatically runs in local development mode with mock email when no `STORAGE_BUCKET` is set:
-
-```bash
-# Simplest - just run it (uses ./data for storage, mocks email)
-go run .
+## Architecture
 
-# Trigger a poll manually (POST only)
-curl -X POST http://localhost:8080/pollz
 ```
+/                    Homepage (subscribe form)
+/subscribe           POST: Create subscription (verifies thread exists first)
+/manage?token=...    View/delete subscriptions
+/pollz               POST: Trigger immediate poll (no auth, rate limited by IP)
+```
+
+Storage is either local filesystem (`./data`) or GCS (`STORAGE_BUCKET`).
+
+Email via Brevo API. Falls back to mock in dev.
+
+Each thread is scraped once per poll cycle regardless of subscriber count. Polling interval calculated per-thread using exponential backoff: `5min × 2^(hours_since_post / 3)`, capped at 4 hours.
+
+## Security
 
-## Deployment
+- Rate limiting: 5 subscriptions/hour per IP
+- Token-based subscription management (64-char random, constant-time comparison)
+- Thread limit: 20 per user (prevents resource exhaustion)
+- Email limit: 10 posts per notification (prevents abuse)
+- CSP, X-Frame-Options, X-Content-Type-Options headers
+- Thread verification before subscription (validates URL is actually an ADVRider thread)
 
-The service uses [ko](https://ko.build/) for containerless deployment to Cloud Run.
+## Environment Variables
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `STORAGE_BUCKET` | Cloud only | GCS bucket for subscription data |
+| `BASE_URL` | Cloud only | Public URL (for manage links in emails) |
+| `BREVO_API_KEY` | Cloud only | Brevo API key for sending emails |
+| `SALT` | Required | Secret salt for token generation (set in GSM or env) |
+| `PORT` | Optional | HTTP port (default: 8080) |
+| `LOCAL_STORAGE` | Optional | Local storage path (default: ./data) |
+| `MAIL_FROM` | Optional | From email address (defaults to postmaster@domain) |
+| `MAIL_NAME` | Optional | From name (default: ADVRider Notifier) |
 
-### Deploy
+## Development
 
 ```bash
-make deploy
+make build      # Build binary
+make test       # Run tests
+make lint       # golangci-lint
+make deploy     # Deploy to Cloud Run via ko
 ```
+
+Tests use real ADVRider HTML parsing (no mocks for scraper). Exponential backoff algorithm is tested for correctness across all activity levels.
+
+## Email Templates
+
+Dark mode support via `prefers-color-scheme`. WCAG AA compliant. Post numbers are clickable anchors to specific posts on specific pages.
+
+Footer links: "View thread" (goes to last page + last post anchor) and "Manage" (token-authenticated subscription management).
+
+## Why Go?
+
+Fast cold starts on Cloud Run, trivial deploys with ko, stdlib has everything we need. No npm, no containers, no Dockerfile.
+
+## License
+
+Apache 2.0 - see LICENSE file
+
+Built by [codeGROOVE llc](https://codegroove.dev)

email/gmail.go

@@ -5,6 +5,7 @@ go 1.25.2
 require (
 	cloud.google.com/go/storage v1.48.0
 	github.com/PuerkitoBio/goquery v1.10.3
+	github.com/codeGROOVE-dev/gsm v0.0.0-20251007153111-74e7bbe21f47
 	github.com/codeGROOVE-dev/retry v1.2.0
 	google.golang.org/api v0.214.0
 )
@@ -24,7 +25,6 @@ require (
 	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 // indirect
-	github.com/codeGROOVE-dev/gsm v0.0.0-20251007153111-74e7bbe21f47 // indirect
 	github.com/envoyproxy/go-control-plane v0.13.0 // indirect
 	github.com/envoyproxy/protoc-gen-validate v1.1.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect

go.mod

@@ -21,8 +21,6 @@ import (
 
 	gcs "cloud.google.com/go/storage"
 	"github.com/codeGROOVE-dev/gsm"
-	"google.golang.org/api/gmail/v1"
-	"google.golang.org/api/option"
 )
 
 //go:embed media/*
@@ -248,68 +246,14 @@ func initEmailProvider(ctx context.Context, providerName string, logger *slog.Lo
 		logger.Info("Initializing Brevo email provider", "from", fromAddr, "name", fromName)
 		provider = email.NewBrevoProvider(apiKey, fromAddr, fromName, logger)
 
-	case "gmail":
-		gmailService, err := initGmailService(ctx, logger)
-		if err != nil {
-			return nil, fmt.Errorf("initialize Gmail service: %w", err)
-		}
-		logger.Info("Initializing Gmail email provider", "from", fromAddr)
-		provider = email.NewGmailProvider(gmailService, logger)
-
 	case "mock":
 		logger.Info("Initializing mock email provider (no emails will be sent)", "from", fromAddr)
 		provider = email.NewMockProvider(logger)
 
 	default:
-		return nil, fmt.Errorf("unknown email provider: %s (valid options: brevo, gmail, mock)", providerName)
+		return nil, fmt.Errorf("unknown email provider: %s (valid options: brevo, mock)", providerName)
 	}
 
 	return email.New(provider, logger, baseURL, fromAddr), nil
 }
 
-// isCloudRun checks if we're running in a GCP environment by querying the metadata server.
-func isCloudRun(ctx context.Context) bool {
-	ctx, cancel := context.WithTimeout(ctx, 2*time.Second)
-	defer cancel()
-
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, "http://metadata.google.internal/computeMetadata/v1/project/project-id", nil)
-	if err != nil {
-		return false
-	}
-	req.Header.Set("Metadata-Flavor", "Google")
-
-	client := &http.Client{Timeout: 2 * time.Second}
-	resp, err := client.Do(req)
-	if err != nil {
-		return false
-	}
-	defer func() {
-		if err := resp.Body.Close(); err != nil {
-			// Silently ignore close errors for metadata check
-		}
-	}()
-
-	return resp.StatusCode == http.StatusOK
-}
-
-func initGmailService(ctx context.Context, logger *slog.Logger) (*gmail.Service, error) {
-	// Use gmail.GmailSendScope for send-only access (principle of least privilege)
-	// This is more secure than using full Gmail access
-	scope := option.WithScopes(gmail.GmailSendScope)
-
-	// Try explicit credentials first (for local development or specific use cases)
-	credsJSON := secret(ctx, "GOOGLE_CREDENTIALS_JSON", logger)
-	if credsJSON != "" {
-		return gmail.NewService(ctx, option.WithCredentialsJSON([]byte(credsJSON)), scope)
-	}
-
-	// If running in Cloud Run, use Application Default Credentials (ADC)
-	// This automatically uses the service account
-	// The service account needs Gmail API access (gmail.send scope)
-	if isCloudRun(ctx) {
-		return gmail.NewService(ctx, scope)
-	}
-
-	// Not in Cloud Run and no explicit credentials
-	return nil, errors.New("GOOGLE_CREDENTIALS_JSON required when not running in Cloud Run (set in environment or GSM)")
-}

main.go

@@ -39,7 +39,7 @@
 			<button type="submit">Subscribe</button>
 		</form>
 		<div class="footer">
-			Made with 🪿 by <a href="https://codegroove.com">codeGROOVE llc</a> • <a href="https://github.com/codeGROOVE-dev/advrider-notifier/">GitHub</a> • Contact <a href="https://advrider.com/f/members/helixblue.21963/">helixblue</a> with questions
+			Made with 🪿 by <a href="https://codegroove.dev">codeGROOVE llc</a> • <a href="https://github.com/codeGROOVE-dev/advrider-notifier/">GitHub</a> • Contact <a href="https://advrider.com/f/members/helixblue.21963/">helixblue</a> with questions
 		</div>
 	</div>
 </body>

server/tmpl/index.tmpl

@@ -179,7 +179,7 @@
 			<button type="submit">Subscribe</button>
 		</form>
 		<div class="footer">
-			Made with 🪿 by <a href="https://codegroove.com">codeGROOVE llc</a> • Contact <a href="https://advrider.com/f/members/helixblue.21963/">helixblue</a> with questions
+			Made with 🪿 by <a href="https://codegroove.dev">codeGROOVE llc</a> • Contact <a href="https://advrider.com/f/members/helixblue.21963/">helixblue</a> with questions
 		</div>
 	</div>
 </body>