Add local server

48 files changed, 2983 insertions, 0 deletions

diff --git a/src/server/.editorconfig b/src/server/.editorconfig
new file mode 100644
index 000000000..914223976
--- /dev/null
+++ b/src/server/.editorconfig
@@ -0,0 +1,13 @@
+# editorconfig.org
+root = true
+
+[*]
+indent_size = 2
+indent_style = space
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.md]
+trim_trailing_whitespace = false
diff --git a/src/server/.eslintrc.js b/src/server/.eslintrc.js
new file mode 100644
index 000000000..d02f4890d
--- /dev/null
+++ b/src/server/.eslintrc.js
@@ -0,0 +1,22 @@
+module.exports = {
+  env: {
+    commonjs: true,
+    es6: true,
+    node: true,
+  },
+  extends: [
+    'airbnb-base',
+  ],
+  globals: {
+    Atomics: 'readonly',
+    SharedArrayBuffer: 'readonly',
+    use: 'readonly'
+  },
+  parserOptions: {
+    ecmaVersion: 2018,
+  },
+  rules: {
+    "class-methods-use-this": 'off',
+    "no-restricted-syntax": 'off',
+  },
+};
diff --git a/src/server/.gitattributes b/src/server/.gitattributes
new file mode 100644
index 000000000..dfe077042
--- /dev/null
+++ b/src/server/.gitattributes
@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto
diff --git a/src/server/.gitignore b/src/server/.gitignore
new file mode 100644
index 000000000..d84ffadd4
--- /dev/null
+++ b/src/server/.gitignore
@@ -0,0 +1,19 @@
+# Node modules
+node_modules
+
+# Adonis directory for storing tmp files
+tmp
+
+# Environment variables, never commit this file
+.env
+
+# The development sqlite file
+database/development.sqlite
+database/adonis.sqlite
+
+# Uploaded recipes
+recipes/
+
+.DS_Store
+public/terms.html
+public/privacy.html
diff --git a/src/server/README.md b/src/server/README.md
new file mode 100644
index 000000000..833d9643e
--- /dev/null
+++ b/src/server/README.md
@@ -0,0 +1,50 @@
+<p align="center">
+    <img src="./logo.png" alt="" width="300"/>  
+</p>
+
+# ferdi-internal-server
+Internal Ferdi Server used for storing settings without logging into an external server.
+
+npm i @adonisjs/ace @adonisjs/auth @adonisjs/bodyparser @adonisjs/cors @adonisjs/drive @adonisjs/fold @adonisjs/framework @adonisjs/ignitor @adonisjs/lucid @adonisjs/session @adonisjs/shield @adonisjs/validator atob btoa fs-extra  node-fetch sqlite3 uuid targz
+
+### Manual setup
+1. Clone this repository
+2. Install the [AdonisJS CLI](https://adonisjs.com/)
+3. Run the database migrations with
+    ```js
+    adonis migration:run
+    ```
+4. Start the server with
+    ```js
+    adonis serve --dev
+    ```
+
+## Configuration
+franz-server's configuration is saved inside the `.env` file. Besides AdonisJS's settings, ferdi-server has the following custom settings:
+- `IS_CREATION_ENABLED` (`true` or `false`, default: `true`): Whether to enable the [creation of custom recipes](#creating-and-using-custom-recipes)
+- `CONNECT_WITH_FRANZ` (`true` or `false`, default: `true`): Whether to enable connections to the Franz server. By enabling this option, ferdi-server can:
+  - Show the full Franz recipe library instead of only custom recipes
+  - Import Franz accounts
+
+## Importing your Franz account
+ferdi-server allows you to import your full Franz account, including all its settings.
+
+To import your Franz account, open `http://localhost:45569/import` in your browser and login using your Franz account details. ferdi-server will create a new user with the same credentials and copy your Franz settings, services and workspaces.
+
+## Creating and using custom recipes
+ferdi-server allows to extends the Franz recipe catalogue with custom Ferdi recipes.
+
+For documentation on how to create a recipe, please visit [the official guide by Franz](https://github.com/meetfranz/plugins/blob/master/docs/integration.md).
+
+To add your recipe to ferdi-server, open `http://localhost:45569/new` in your browser. You can now define the following settings:
+- `Author`: Author who created the recipe
+- `Name`: Name for your new service. Can contain spaces and unicode characters
+- `Service ID`: Unique ID for this recipe. Does not contain spaces or special characters (e.g. `google-drive`)
+- `Link to PNG/SVG image`: Direct link to a 1024x1024 PNG image and SVG that is used as a logo inside the store. Please use jsDelivr when using a file uploaded to GitHub as raw.githubusercontent files won't load
+- `Recipe files`: Recipe files that you created using the [Franz recipe creation guide](https://github.com/meetfranz/plugins/blob/master/docs/integration.md). Please do *not* package your files beforehand - upload the raw files (you can drag and drop multiple files). ferdi-server will automatically package and store the recipe in the right format. Please also do not drag and drop or select the whole folder, select the individual files.
+
+### Listing custom recipes
+Inside Ferdi, searching for `ferdi:custom` will list all your custom recipes.
+
+## License
+ferdi-server is licensed under the MIT License
diff --git a/src/server/ace b/src/server/ace
new file mode 100644
index 000000000..42f8f10d1
--- /dev/null
+++ b/src/server/ace
@@ -0,0 +1,21 @@
+'use strict'
+
+/*
+|--------------------------------------------------------------------------
+| Ace Commands
+|--------------------------------------------------------------------------
+|
+| The ace file is just a regular Javascript file but with no extension. You
+| can call `node ace` followed by the command name and it just works.
+|
+| Also you can use `adonis` followed by the command name, since the adonis
+| global proxies all the ace commands.
+|
+*/
+
+const { Ignitor } = require('@adonisjs/ignitor')
+
+new Ignitor(require('@adonisjs/fold'))
+  .appRoot(__dirname)
+  .fireAce()
+  .catch(console.error)
diff --git a/src/server/app/Controllers/Http/DashboardController.js b/src/server/app/Controllers/Http/DashboardController.js
new file mode 100644
index 000000000..69af16227
--- /dev/null
+++ b/src/server/app/Controllers/Http/DashboardController.js
@@ -0,0 +1,38 @@
+class DashboardController {
+  async data({
+    auth,
+    view,
+  }) {
+    const general = auth.user;
+    const services = (await auth.user.services().fetch()).toJSON();
+    const workspaces = (await auth.user.workspaces().fetch()).toJSON();
+
+    return view.render('dashboard.data', {
+      username: general.username,
+      mail: general.email,
+      created: general.created_at,
+      updated: general.updated_at,
+      services,
+      workspaces,
+    });
+  }
+
+  logout({
+    auth,
+    response,
+  }) {
+    auth.authenticator('session').logout();
+    return response.redirect('/user/login');
+  }
+
+  delete({
+    auth,
+    response,
+  }) {
+    auth.user.delete();
+    auth.authenticator('session').logout();
+    return response.redirect('/user/login');
+  }
+}
+
+module.exports = DashboardController;
diff --git a/src/server/app/Controllers/Http/RecipeController.js b/src/server/app/Controllers/Http/RecipeController.js
new file mode 100644
index 000000000..5ed21122a
--- /dev/null
+++ b/src/server/app/Controllers/Http/RecipeController.js
@@ -0,0 +1,207 @@
+
+const Recipe = use('App/Models/Recipe');
+const Helpers = use('Helpers');
+const Drive = use('Drive');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const fetch = require('node-fetch');
+const targz = require('targz');
+const path = require('path');
+const fs = require('fs-extra');
+
+const compress = (src, dest) => new Promise((resolve, reject) => {
+  targz.compress({
+    src,
+    dest,
+  }, (err) => {
+    if (err) {
+      reject(err);
+    } else {
+      resolve(dest);
+    }
+  });
+});
+
+class RecipeController {
+  // List official and custom recipes
+  async list({
+    response,
+  }) {
+    const officialRecipes = JSON.parse(await (await fetch('https://api.franzinfra.com/v1/recipes')).text());
+    const customRecipesArray = (await Recipe.all()).rows;
+    const customRecipes = customRecipesArray.map(recipe => ({
+      id: recipe.recipeId,
+      name: recipe.name,
+      ...JSON.parse(recipe.data),
+    }));
+
+    const recipes = [
+      ...officialRecipes,
+      ...customRecipes,
+    ];
+
+    return response.send(recipes);
+  }
+
+  // Create a new recipe using the new.html page
+  async create({
+    request,
+    response,
+  }) {
+    // Check if recipe creation is enabled
+    if (Env.get('IS_CREATION_ENABLED') == 'false') { // eslint-disable-line eqeqeq
+      return response.send('This server doesn\'t allow the creation of new recipes.');
+    }
+
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|string',
+      id: 'required|unique:recipes,recipeId',
+      author: 'required|accepted',
+      png: 'required|url',
+      svg: 'required|url',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    if (!data.id) {
+      return response.send('Please provide an ID');
+    }
+
+    // Check for invalid characters
+    if (/\.{1,}/.test(data.id) || /\/{1,}/.test(data.id)) {
+      return response.send('Invalid recipe name. Your recipe name may not contain "." or "/"');
+    }
+
+    // Clear temporary recipe folder
+    await fs.emptyDir(Helpers.tmpPath('recipe'));
+
+    // Move uploaded files to temporary path
+    const files = request.file('files');
+    await files.moveAll(Helpers.tmpPath('recipe'));
+
+    // Compress files to .tar.gz file
+    const source = Helpers.tmpPath('recipe');
+    const destination = path.join(Helpers.appRoot(), `/recipes/${data.id}.tar.gz`);
+
+    compress(
+      source,
+      destination,
+    );
+
+    // Create recipe in db
+    await Recipe.create({
+      name: data.name,
+      recipeId: data.id,
+      data: JSON.stringify({
+        author: data.author,
+        featured: false,
+        version: '1.0.0',
+        icons: {
+          png: data.png,
+          svg: data.svg,
+        },
+      }),
+    });
+
+    return response.send('Created new recipe');
+  }
+
+  // Search official and custom recipes
+  async search({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      needle: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a needle',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const needle = request.input('needle');
+
+    // Get results
+    let results;
+
+    if (needle === 'ferdi:custom') {
+      const dbResults = (await Recipe.all()).toJSON();
+      results = dbResults.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+    } else {
+      let remoteResults = [];
+      if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+        remoteResults = JSON.parse(await (await fetch(`https://api.franzinfra.com/v1/recipes/search?needle=${encodeURIComponent(needle)}`)).text());
+      }
+      const localResultsArray = (await Recipe.query().where('name', 'LIKE', `%${needle}%`).fetch()).toJSON();
+      const localResults = localResultsArray.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+
+      results = [
+        ...localResults,
+        ...remoteResults || [],
+      ];
+    }
+
+    return response.send(results);
+  }
+
+  // Download a recipe
+  async download({
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      recipe: 'required|accepted',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a recipe ID',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const service = params.recipe;
+
+    // Check for invalid characters
+    if (/\.{1,}/.test(service) || /\/{1,}/.test(service)) {
+      return response.send('Invalid recipe name');
+    }
+
+    // Check if recipe exists in recipes folder
+    if (await Drive.exists(`${service}.tar.gz`)) {
+      return response.send(await Drive.get(`${service}.tar.gz`));
+    } if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+      return response.redirect(`https://api.franzinfra.com/v1/recipes/download/${service}`);
+    }
+    return response.status(400).send({
+      message: 'Recipe not found',
+      code: 'recipe-not-found',
+    });
+  }
+}
+
+module.exports = RecipeController;
diff --git a/src/server/app/Controllers/Http/ServiceController.js b/src/server/app/Controllers/Http/ServiceController.js
new file mode 100644
index 000000000..ea7035ca1
--- /dev/null
+++ b/src/server/app/Controllers/Http/ServiceController.js
@@ -0,0 +1,211 @@
+const Service = use('App/Models/Service');
+const {
+  validateAll,
+} = use('Validator');
+
+const uuid = require('uuid/v4');
+
+class ServiceController {
+  // Create a new service for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|string',
+      recipeId: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let serviceId;
+    do {
+      serviceId = uuid();
+    } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    await Service.create({
+      serviceId,
+      name: data.name,
+      recipeId: data.recipeId,
+      settings: JSON.stringify(data),
+    });
+
+    return response.send({
+      data: {
+        userId: 1,
+        id: serviceId,
+        isEnabled: true,
+        isNotificationEnabled: true,
+        isBadgeEnabled: true,
+        isMuted: false,
+        isDarkModeEnabled: '',
+        spellcheckerLanguage: '',
+        order: 1,
+        customRecipe: false,
+        hasCustomIcon: false,
+        workspaces: [],
+        iconUrl: null,
+        ...data,
+      },
+      status: ['created'],
+    });
+  }
+
+  // List all services a user has created
+  async list({
+    response,
+  }) {
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map(service => ({
+      customRecipe: false,
+      hasCustomIcon: false,
+      isBadgeEnabled: true,
+      isDarkModeEnabled: '',
+      isEnabled: true,
+      isMuted: false,
+      isNotificationEnabled: true,
+      order: 1,
+      spellcheckerLanguage: '',
+      workspaces: [],
+      iconUrl: null,
+      ...JSON.parse(service.settings),
+      id: service.serviceId,
+      name: service.name,
+      recipeId: service.recipeId,
+      userId: 1,
+    }));
+
+    return response.send(servicesArray);
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Get current settings from db
+    const serviceData = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    const settings = {
+      ...JSON.parse(serviceData.settings),
+      ...data,
+    };
+
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', id)).update({
+      name: data.name,
+      settings: JSON.stringify(settings),
+    });
+
+    // Get updated row
+    const service = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    return response.send({
+      id: service.serviceId,
+      name: data.name,
+      ...settings,
+      userId: 1,
+    });
+  }
+
+  async reorder({
+    request,
+    response,
+  }) {
+    const data = request.all();
+
+    for (const service of Object.keys(data)) {
+      // Get current settings from db
+      const serviceData = (await Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service).fetch()).rows[0];
+
+      const settings = {
+        ...JSON.parse(serviceData.settings),
+        order: data[service],
+      };
+
+      // Update data in database
+      await (Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service))
+        .update({
+          settings: JSON.stringify(settings),
+        });
+    }
+
+    // Get new services
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map(service => ({
+      customRecipe: false,
+      hasCustomIcon: false,
+      isBadgeEnabled: true,
+      isDarkModeEnabled: '',
+      isEnabled: true,
+      isMuted: false,
+      isNotificationEnabled: true,
+      order: 1,
+      spellcheckerLanguage: '',
+      workspaces: [],
+      iconUrl: null,
+      ...JSON.parse(service.settings),
+      id: service.serviceId,
+      name: service.name,
+      recipeId: service.recipeId,
+      userId: 1,
+    }));
+
+    return response.send(servicesArray);
+  }
+
+  update({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  async delete({
+    params,
+    response,
+  }) {
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', params.id)).delete();
+
+    return response.send({
+      message: 'Sucessfully deleted service',
+      status: 200,
+    });
+  }
+}
+
+module.exports = ServiceController;
diff --git a/src/server/app/Controllers/Http/StaticController.js b/src/server/app/Controllers/Http/StaticController.js
new file mode 100644
index 000000000..b16e6cb6d
--- /dev/null
+++ b/src/server/app/Controllers/Http/StaticController.js
@@ -0,0 +1,224 @@
+
+/**
+ * Controller for routes with static responses
+ */
+
+class StaticController {
+  // Enable all features
+  features({
+    response,
+  }) {
+    return response.send({
+      needToWaitToProceed: false,
+      isSpellcheckerPremiumFeature: true,
+      isServiceProxyEnabled: true,
+      isServiceProxyPremiumFeature: true,
+      isWorkspacePremiumFeature: true,
+      isWorkspaceEnabled: true,
+      isAnnouncementsEnabled: true,
+      isSettingsWSEnabled: false,
+      isServiceLimitEnabled: false,
+      serviceLimitCount: 0,
+      isCommunityRecipesPremiumFeature: false,
+    });
+  }
+
+  // Return an empty array
+  emptyArray({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  // Payment plans availible
+  plans({
+    response,
+  }) {
+    return response.send({
+      month: {
+        id: 'franz-supporter-license',
+        price: 99,
+      },
+      year: {
+        id: 'franz-supporter-license-year-2019',
+        price: 99,
+      },
+    });
+  }
+
+  // Return list of popular recipes (copy of the response Franz's API is returning)
+  popularRecipes({
+    response,
+  }) {
+    return response.send([{
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'slack',
+      name: 'Slack',
+      version: '1.0.4',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'whatsapp',
+      name: 'WhatsApp',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'messenger',
+      name: 'Messenger',
+      version: '1.0.6',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'telegram',
+      name: 'Telegram',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmail',
+      name: 'Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'skype',
+      name: 'Skype',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hangouts',
+      name: 'Hangouts',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'discord',
+      name: 'Discord',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'tweetdeck',
+      name: 'Tweetdeck',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hipchat',
+      name: 'HipChat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmailinbox',
+      name: 'Inbox by Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'rocketchat',
+      name: 'Rocket.Chat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.svg',
+      },
+    }, {
+      author: 'Brian Gilbert <brian@briangilbert.net>',
+      featured: false,
+      id: 'gitter',
+      name: 'Gitter',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'mattermost',
+      name: 'Mattermost',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.svg',
+      },
+    }, {
+      author: 'Franz <recipe@meetfranz.com>',
+      featured: false,
+      id: 'toggl',
+      name: 'toggl',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.svg',
+      },
+    }, {
+      author: 'Stuart Clark <stuart@realityloop.com>',
+      featured: false,
+      id: 'twist',
+      name: 'twist',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.svg',
+      },
+    }]);
+  }
+
+  // Show announcements
+  announcement({
+    response,
+  }) {
+    return response.send('No announcement found.');
+  }
+}
+
+module.exports = StaticController;
diff --git a/src/server/app/Controllers/Http/UserController.js b/src/server/app/Controllers/Http/UserController.js
new file mode 100644
index 000000000..758250ec9
--- /dev/null
+++ b/src/server/app/Controllers/Http/UserController.js
@@ -0,0 +1,231 @@
+const Service = use('App/Models/Service');
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const btoa = require('btoa');
+const fetch = require('node-fetch');
+const uuid = require('uuid/v4');
+const crypto = require('crypto');
+
+const franzRequest = (route, method, auth) => new Promise((resolve, reject) => {
+  const base = 'https://api.franzinfra.com/v1/';
+  const user = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+  try {
+    fetch(base + route, {
+      method,
+      headers: {
+        Authorization: `Bearer ${auth}`,
+        'User-Agent': user,
+      },
+    })
+      .then(data => data.json())
+      .then(json => resolve(json));
+  } catch (e) {
+    reject();
+  }
+});
+
+class UserController {
+  // Register a new user
+  async signup({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      firstname: 'required',
+      email: 'required|email|unique:users,email',
+      password: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully created account',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Login using an existing user
+  async login({
+    request,
+    response,
+  }) {
+    if (!request.header('Authorization')) {
+      return response.status(401).send({
+        message: 'Please provide authorization',
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully logged in',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Return information about the current user
+  async me({
+    response,
+  }) {
+    return response.send({
+      accountType: 'individual',
+      beta: false,
+      donor: {},
+      email: '',
+      emailValidated: true,
+      features: {},
+      firstname: 'Ferdi',
+      id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+      isPremium: true,
+      isSubscriptionOwner: true,
+      lastname: 'Application',
+      locale: 'en-US',
+    });
+  }
+
+
+  async import({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      email: 'required|email|unique:users,email',
+      password: 'required',
+    });
+    if (validation.fails()) {
+      let errorMessage = 'There was an error while trying to import your account:\n';
+      for (const message of validation.messages()) {
+        if (message.validation === 'required') {
+          errorMessage += `- Please make sure to supply your ${message.field}\n`;
+        } else if (message.validation === 'unique') {
+          errorMessage += '- There is already a user with this email.\n';
+        } else {
+          errorMessage += `${message.message}\n`;
+        }
+      }
+      return response.status(401).send(errorMessage);
+    }
+
+    const {
+      email,
+      password,
+    } = request.all();
+
+    const hashedPassword = crypto.createHash('sha256').update(password).digest('base64');
+
+    if (Env.get('CONNECT_WITH_FRANZ') == 'false') { // eslint-disable-line eqeqeq
+      return response.send('Your account has been created but due to this server\'s configuration, we could not import your Franz account data.\n\nIf you are the server owner, please set CONNECT_WITH_FRANZ to true to enable account imports.');
+    }
+
+    const base = 'https://api.franzinfra.com/v1/';
+    const userAgent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    // Try to get an authentication token
+    let token;
+    try {
+      const basicToken = btoa(`${email}:${hashedPassword}`);
+
+      const rawResponse = await fetch(`${base}auth/login`, {
+        method: 'POST',
+        headers: {
+          Authorization: `Basic ${basicToken}`,
+          'User-Agent': userAgent,
+        },
+      });
+      const content = await rawResponse.json();
+
+      if (!content.message || content.message !== 'Successfully logged in') {
+        const errorMessage = 'Could not login into Franz with your supplied credentials. Please check and try again';
+        return response.status(401).send(errorMessage);
+      }
+
+      // eslint-disable-next-line prefer-destructuring
+      token = content.token;
+    } catch (e) {
+      return response.status(401).send({
+        message: 'Cannot login to Franz',
+        error: e,
+      });
+    }
+
+    // Get user information
+    let userInf = false;
+    try {
+      userInf = await franzRequest('me', 'GET', token);
+    } catch (e) {
+      const errorMessage = `Could not get your user info from Franz. Please check your credentials or try again later.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+    if (!userInf) {
+      const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later';
+      return response.status(401).send(errorMessage);
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      const services = await franzRequest('me/services', 'GET', token);
+
+      for (const service of services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      const workspaces = await franzRequest('workspace', 'GET', token);
+
+      for (const workspace of workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map(service => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify({}),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported. You can now use your Franz account in Ferdi.');
+  }
+}
+
+module.exports = UserController;
diff --git a/src/server/app/Controllers/Http/WorkspaceController.js b/src/server/app/Controllers/Http/WorkspaceController.js
new file mode 100644
index 000000000..7990b8434
--- /dev/null
+++ b/src/server/app/Controllers/Http/WorkspaceController.js
@@ -0,0 +1,148 @@
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const uuid = require('uuid/v4');
+
+class WorkspaceController {
+  // Create a new workspace for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|alpha',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let workspaceId;
+    do {
+      workspaceId = uuid();
+    } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    const order = (await Workspace.all()).rows.length;
+
+    await Workspace.create({
+      workspaceId,
+      name: data.name,
+      order,
+      services: JSON.stringify([]),
+      data: JSON.stringify(data),
+    });
+
+    return response.send({
+      userId: 1,
+      name: data.name,
+      id: workspaceId,
+      order,
+      workspaces: [],
+    });
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|alpha',
+      services: 'required|array',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).update({
+      name: data.name,
+      services: JSON.stringify(data.services),
+    });
+
+    // Get updated row
+    const workspace = (await Workspace.query()
+      .where('workspaceId', id).fetch()).rows[0];
+
+    return response.send({
+      id: workspace.workspaceId,
+      name: data.name,
+      order: workspace.order,
+      services: data.services,
+      userId: 1,
+    });
+  }
+
+  async delete({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      id: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).delete();
+
+    return response.send({
+      message: 'Successfully deleted workspace',
+    });
+  }
+
+  // List all workspaces a user has created
+  async list({
+    response,
+  }) {
+    const workspaces = (await Workspace.all()).rows;
+    // Convert to array with all data Franz wants
+    let workspacesArray = [];
+    if (workspaces) {
+      workspacesArray = workspaces.map(workspace => ({
+        id: workspace.workspaceId,
+        name: workspace.name,
+        order: workspace.order,
+        services: JSON.parse(workspace.services),
+        userId: 1,
+      }));
+    }
+
+
+    return response.send(workspacesArray);
+  }
+}
+
+module.exports = WorkspaceController;
diff --git a/src/server/app/Exceptions/Handler.js b/src/server/app/Exceptions/Handler.js
new file mode 100644
index 000000000..cb9e10bbe
--- /dev/null
+++ b/src/server/app/Exceptions/Handler.js
@@ -0,0 +1,47 @@
+
+const BaseExceptionHandler = use('BaseExceptionHandler');
+
+/**
+ * This class handles all exceptions thrown during
+ * the HTTP request lifecycle.
+ *
+ * @class ExceptionHandler
+ */
+class ExceptionHandler extends BaseExceptionHandler {
+  /**
+   * Handle exception thrown during the HTTP lifecycle
+   *
+   * @method handle
+   *
+   * @param  {Object} error
+   * @param  {Object} options.request
+   * @param  {Object} options.response
+   *
+   * @return {void}
+   */
+  async handle(error, { response }) {
+    if (error.name === 'ValidationException') {
+      return response.status(400).send('Invalid arguments');
+    } if (error.name === 'InvalidSessionException') {
+      return response.status(401).redirect('/user/login');
+    }
+
+    return response.status(error.status).send(error.message);
+  }
+
+  /**
+   * Report exception for logging or debugging.
+   *
+   * @method report
+   *
+   * @param  {Object} error
+   * @param  {Object} options.request
+   *
+   * @return {void}
+   */
+  async report() {
+    return true;
+  }
+}
+
+module.exports = ExceptionHandler;
diff --git a/src/server/app/Middleware/ConvertEmptyStringsToNull.js b/src/server/app/Middleware/ConvertEmptyStringsToNull.js
new file mode 100644
index 000000000..bc3079a7f
--- /dev/null
+++ b/src/server/app/Middleware/ConvertEmptyStringsToNull.js
@@ -0,0 +1,16 @@
+
+class ConvertEmptyStringsToNull {
+  async handle({ request }, next) {
+    if (Object.keys(request.body).length) {
+      request.body = Object.assign(
+        ...Object.keys(request.body).map(key => ({
+          [key]: request.body[key] !== '' ? request.body[key] : null,
+        })),
+      );
+    }
+
+    await next();
+  }
+}
+
+module.exports = ConvertEmptyStringsToNull;
diff --git a/src/server/app/Models/Recipe.js b/src/server/app/Models/Recipe.js
new file mode 100644
index 000000000..da3618bf7
--- /dev/null
+++ b/src/server/app/Models/Recipe.js
@@ -0,0 +1,8 @@
+
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Recipe extends Model {
+}
+
+module.exports = Recipe;
diff --git a/src/server/app/Models/Service.js b/src/server/app/Models/Service.js
new file mode 100644
index 000000000..20679feb1
--- /dev/null
+++ b/src/server/app/Models/Service.js
@@ -0,0 +1,8 @@
+
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Service extends Model {
+}
+
+module.exports = Service;
diff --git a/src/server/app/Models/Token.js b/src/server/app/Models/Token.js
new file mode 100644
index 000000000..f6bec0852
--- /dev/null
+++ b/src/server/app/Models/Token.js
@@ -0,0 +1,8 @@
+
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Token extends Model {
+}
+
+module.exports = Token;
diff --git a/src/server/app/Models/Traits/NoTimestamp.js b/src/server/app/Models/Traits/NoTimestamp.js
new file mode 100644
index 000000000..c647428b3
--- /dev/null
+++ b/src/server/app/Models/Traits/NoTimestamp.js
@@ -0,0 +1,15 @@
+
+class NoTimestamp {
+  register(Model) {
+    Object.defineProperties(Model, {
+      createdAtColumn: {
+        get: () => null,
+      },
+      updatedAtColumn: {
+        get: () => null,
+      },
+    });
+  }
+}
+
+module.exports = NoTimestamp;
diff --git a/src/server/app/Models/User.js b/src/server/app/Models/User.js
new file mode 100644
index 000000000..9783cbe45
--- /dev/null
+++ b/src/server/app/Models/User.js
@@ -0,0 +1,8 @@
+
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class User extends Model {
+}
+
+module.exports = User;
diff --git a/src/server/app/Models/Workspace.js b/src/server/app/Models/Workspace.js
new file mode 100644
index 000000000..3b73cbf33
--- /dev/null
+++ b/src/server/app/Models/Workspace.js
@@ -0,0 +1,8 @@
+
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Workspace extends Model {
+}
+
+module.exports = Workspace;
diff --git a/src/server/config/app.js b/src/server/config/app.js
new file mode 100644
index 000000000..7938b81df
--- /dev/null
+++ b/src/server/config/app.js
@@ -0,0 +1,242 @@
+
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+
+  /*
+  |--------------------------------------------------------------------------
+  | Application Name
+  |--------------------------------------------------------------------------
+  |
+  | This value is the name of your application and can used when you
+  | need to place the application's name in a email, view or
+  | other location.
+  |
+  */
+
+  name: Env.get('APP_NAME', 'Ferdi Internal Server'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | App Key
+  |--------------------------------------------------------------------------
+  |
+  | App key is a randomly generated 16 or 32 characters long string required
+  | to encrypt cookies, sessions and other sensitive data.
+  |
+  */
+  appKey: Env.getOrFail('APP_KEY'),
+
+  http: {
+    /*
+    |--------------------------------------------------------------------------
+    | Allow Method Spoofing
+    |--------------------------------------------------------------------------
+    |
+    | Method spoofing allows to make requests by spoofing the http verb.
+    | Which means you can make a GET request but instruct the server to
+    | treat as a POST or PUT request. If you want this feature, set the
+    | below value to true.
+    |
+    */
+    allowMethodSpoofing: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Trust Proxy
+    |--------------------------------------------------------------------------
+    |
+    | Trust proxy defines whether X-Forwarded-* headers should be trusted or not.
+    | When your application is behind a proxy server like nginx, these values
+    | are set automatically and should be trusted. Apart from setting it
+    | to true or false Adonis supports handful or ways to allow proxy
+    | values. Read documentation for that.
+    |
+    */
+    trustProxy: false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Subdomains
+    |--------------------------------------------------------------------------
+    |
+    | Offset to be used for returning subdomains for a given request.For
+    | majority of applications it will be 2, until you have nested
+    | sudomains.
+    | cheatsheet.adonisjs.com      - offset - 2
+    | virk.cheatsheet.adonisjs.com - offset - 3
+    |
+    */
+    subdomainOffset: 2,
+
+    /*
+    |--------------------------------------------------------------------------
+    | JSONP Callback
+    |--------------------------------------------------------------------------
+    |
+    | Default jsonp callback to be used when callback query string is missing
+    | in request url.
+    |
+    */
+    jsonpCallback: 'callback',
+
+
+    /*
+    |--------------------------------------------------------------------------
+    | Etag
+    |--------------------------------------------------------------------------
+    |
+    | Set etag on all HTTP response. In order to disable for selected routes,
+    | you can call the `response.send` with an options object as follows.
+    |
+    | response.send('Hello', { ignoreEtag: true })
+    |
+    */
+    etag: false,
+  },
+
+  views: {
+    /*
+    |--------------------------------------------------------------------------
+    | Cache Views
+    |--------------------------------------------------------------------------
+    |
+    | Define whether or not to cache the compiled view. Set it to true in
+    | production to optimize view loading time.
+    |
+    */
+    cache: Env.get('CACHE_VIEWS', true),
+  },
+
+  static: {
+    /*
+    |--------------------------------------------------------------------------
+    | Dot Files
+    |--------------------------------------------------------------------------
+    |
+    | Define how to treat dot files when trying to server static resources.
+    | By default it is set to ignore, which will pretend that dotfiles
+    | does not exists.
+    |
+    | Can be one of the following
+    | ignore, deny, allow
+    |
+    */
+    dotfiles: 'ignore',
+
+    /*
+    |--------------------------------------------------------------------------
+    | ETag
+    |--------------------------------------------------------------------------
+    |
+    | Enable or disable etag generation
+    |
+    */
+    etag: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Extensions
+    |--------------------------------------------------------------------------
+    |
+    | Set file extension fallbacks. When set, if a file is not found, the given
+    | extensions will be added to the file name and search for. The first
+    | that exists will be served. Example: ['html', 'htm'].
+    |
+    */
+    extensions: false,
+  },
+
+  locales: {
+    /*
+    |--------------------------------------------------------------------------
+    | Loader
+    |--------------------------------------------------------------------------
+    |
+    | The loader to be used for fetching and updating locales. Below is the
+    | list of available options.
+    |
+    | file, database
+    |
+    */
+    loader: 'file',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Default Locale
+    |--------------------------------------------------------------------------
+    |
+    | Default locale to be used by Antl provider. You can always switch drivers
+    | in runtime or use the official Antl middleware to detect the driver
+    | based on HTTP headers/query string.
+    |
+    */
+    locale: 'en',
+  },
+
+  logger: {
+    /*
+    |--------------------------------------------------------------------------
+    | Transport
+    |--------------------------------------------------------------------------
+    |
+    | Transport to be used for logging messages. You can have multiple
+    | transports using same driver.
+    |
+    | Available drivers are: `file` and `console`.
+    |
+    */
+    transport: 'console',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Console Transport
+    |--------------------------------------------------------------------------
+    |
+    | Using `console` driver for logging. This driver writes to `stdout`
+    | and `stderr`
+    |
+    */
+    console: {
+      driver: 'console',
+      name: 'adonis-app',
+      level: 'info',
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | File Transport
+    |--------------------------------------------------------------------------
+    |
+    | File transport uses file driver and writes log messages for a given
+    | file inside `tmp` directory for your app.
+    |
+    | For a different directory, set an absolute path for the filename.
+    |
+    */
+    file: {
+      driver: 'file',
+      name: 'adonis-app',
+      filename: 'adonis.log',
+      level: 'info',
+    },
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Generic Cookie Options
+  |--------------------------------------------------------------------------
+  |
+  | The following cookie options are generic settings used by AdonisJs to create
+  | cookies. However, some parts of the application like `sessions` can have
+  | separate settings for cookies inside `config/session.js`.
+  |
+  */
+  cookie: {
+    httpOnly: true,
+    sameSite: false,
+    path: '/',
+    maxAge: 7200,
+  },
+};
diff --git a/src/server/config/auth.js b/src/server/config/auth.js
new file mode 100644
index 000000000..b831b06c6
--- /dev/null
+++ b/src/server/config/auth.js
@@ -0,0 +1,93 @@
+
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Authenticator
+  |--------------------------------------------------------------------------
+  |
+  | Authentication is a combination of serializer and scheme with extra
+  | config to define on how to authenticate a user.
+  |
+  | Available Schemes - basic, session, jwt, api
+  | Available Serializers - lucid, database
+  |
+  */
+  authenticator: 'jwt',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Session
+  |--------------------------------------------------------------------------
+  |
+  | Session authenticator makes use of sessions to authenticate a user.
+  | Session authentication is always persistent.
+  |
+  */
+  session: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'session',
+    uid: 'email',
+    password: 'password',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Basic Auth
+  |--------------------------------------------------------------------------
+  |
+  | The basic auth authenticator uses basic auth header to authenticate a
+  | user.
+  |
+  | NOTE:
+  | This scheme is not persistent and users are supposed to pass
+  | login credentials on each request.
+  |
+  */
+  basic: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'basic',
+    uid: 'email',
+    password: 'password',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Jwt
+  |--------------------------------------------------------------------------
+  |
+  | The jwt authenticator works by passing a jwt token on each HTTP request
+  | via HTTP `Authorization` header.
+  |
+  */
+  jwt: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'jwt',
+    uid: 'email',
+    password: 'password',
+    options: {
+      secret: Env.get('APP_KEY'),
+    },
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Api
+  |--------------------------------------------------------------------------
+  |
+  | The Api scheme makes use of API personal tokens to authenticate a user.
+  |
+  */
+  api: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'api',
+    uid: 'email',
+    password: 'password',
+  },
+};
diff --git a/src/server/config/bodyParser.js b/src/server/config/bodyParser.js
new file mode 100644
index 000000000..c336e67d2
--- /dev/null
+++ b/src/server/config/bodyParser.js
@@ -0,0 +1,156 @@
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | JSON Parser
+  |--------------------------------------------------------------------------
+  |
+  | Below settings are applied when the request body contains a JSON payload.
+  | If you want body parser to ignore JSON payloads, then simply set `types`
+  | to an empty array.
+  */
+  json: {
+    /*
+    |--------------------------------------------------------------------------
+    | limit
+    |--------------------------------------------------------------------------
+    |
+    | Defines the limit of JSON that can be sent by the client. If payload
+    | is over 1mb it will not be processed.
+    |
+    */
+    limit: '50mb',
+
+    /*
+    |--------------------------------------------------------------------------
+    | strict
+    |--------------------------------------------------------------------------
+    |
+    | When `strict` is set to true, body parser will only parse Arrays and
+    | Object. Otherwise everything parseable by `JSON.parse` is parsed.
+    |
+    */
+    strict: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | types
+    |--------------------------------------------------------------------------
+    |
+    | Which content types are processed as JSON payloads. You are free to
+    | add your own types here, but the request body should be parseable
+    | by `JSON.parse` method.
+    |
+    */
+    types: [
+      'application/json',
+      'application/json-patch+json',
+      'application/vnd.api+json',
+      'application/csp-report',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Raw Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  raw: {
+    types: [
+      'text/*',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Form Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  form: {
+    types: [
+      'application/x-www-form-urlencoded',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Files Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  files: {
+    types: [
+      'multipart/form-data',
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Max Size
+    |--------------------------------------------------------------------------
+    |
+    | Below value is the max size of all the files uploaded to the server. It
+    | is validated even before files have been processed and hard exception
+    | is thrown.
+    |
+    | Consider setting a reasonable value here, otherwise people may upload GB's
+    | of files which will keep your server busy.
+    |
+    | Also this value is considered when `autoProcess` is set to true.
+    |
+    */
+    maxSize: '20mb',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Auto Process
+    |--------------------------------------------------------------------------
+    |
+    | Whether or not to auto-process files. Since HTTP servers handle files via
+    | couple of specific endpoints. It is better to set this value off and
+    | manually process the files when required.
+    |
+    | This value can contain a boolean or an array of route patterns
+    | to be autoprocessed.
+    */
+    autoProcess: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Process Manually
+    |--------------------------------------------------------------------------
+    |
+    | The list of routes that should not process files and instead rely on
+    | manual process. This list should only contain routes when autoProcess
+    | is to true. Otherwise everything is processed manually.
+    |
+    */
+    processManually: [],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Temporary file name
+    |--------------------------------------------------------------------------
+    |
+    | Define a function, which should return a string to be used as the
+    | tmp file name.
+    |
+    | If not defined, Bodyparser will use `uuid` as the tmp file name.
+    |
+    | To be defined as. If you are defining the function, then do make sure
+    | to return a value from it.
+    |
+    | tmpFileName () {
+    |   return 'some-unique-value'
+    | }
+    |
+    */
+  },
+};
diff --git a/src/server/config/cors.js b/src/server/config/cors.js
new file mode 100644
index 000000000..7ebbe3ffa
--- /dev/null
+++ b/src/server/config/cors.js
@@ -0,0 +1,86 @@
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Origin
+  |--------------------------------------------------------------------------
+  |
+  | Set a list of origins to be allowed. The value can be one of the following
+  |
+  | Boolean: true - Allow current request origin
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed origins
+  | Array - An array of allowed origins
+  | String: * - A wildcard to allow current request origin
+  | Function - Receives the current origin and should return one of the above values.
+  |
+  */
+  origin: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Methods
+  |--------------------------------------------------------------------------
+  |
+  | HTTP methods to be allowed. The value can be one of the following
+  |
+  | String - Comma separated list of allowed methods
+  | Array - An array of allowed methods
+  |
+  */
+  methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
+
+  /*
+  |--------------------------------------------------------------------------
+  | Headers
+  |--------------------------------------------------------------------------
+  |
+  | List of headers to be allowed via Access-Control-Request-Headers header.
+  | The value can be one of the following.
+  |
+  | Boolean: true - Allow current request headers
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  | String: * - A wildcard to allow current request headers
+  | Function - Receives the current header and should return one of the above values.
+  |
+  */
+  headers: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Expose Headers
+  |--------------------------------------------------------------------------
+  |
+  | A list of headers to be exposed via `Access-Control-Expose-Headers`
+  | header. The value can be one of the following.
+  |
+  | Boolean: false - Disallow all
+  | String: Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  |
+  */
+  exposeHeaders: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Credentials
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Credentials header. It should always be a
+  | boolean.
+  |
+  */
+  credentials: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | MaxAge
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Max-Age
+  |
+  */
+  maxAge: 90,
+};
diff --git a/src/server/config/database.js b/src/server/config/database.js
new file mode 100644
index 000000000..86f18dac5
--- /dev/null
+++ b/src/server/config/database.js
@@ -0,0 +1,87 @@
+
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+// eslint-disable-next-line import/no-extraneous-dependencies
+const { app } = require('electron');
+const path = require('path');
+
+const dbPath = path.join(app.getPath('userData'), 'server.sqlite');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Default Connection
+  |--------------------------------------------------------------------------
+  |
+  | Connection defines the default connection settings to be used while
+  | interacting with SQL databases.
+  |
+  */
+  connection: Env.get('DB_CONNECTION', 'sqlite'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Sqlite
+  |--------------------------------------------------------------------------
+  |
+  | Sqlite is a flat file database and can be a good choice for a development
+  | environment.
+  |
+  | npm i --save sqlite3
+  |
+  */
+  sqlite: {
+    client: 'sqlite3',
+    connection: {
+      // filename: Helpers.databasePath(`${Env.get('DB_DATABASE', 'development')}.sqlite`),
+      filename: dbPath,
+    },
+    useNullAsDefault: true,
+    debug: Env.get('DB_DEBUG', false),
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | MySQL
+  |--------------------------------------------------------------------------
+  |
+  | Here we define connection settings for MySQL database.
+  |
+  | npm i --save mysql
+  |
+  */
+  mysql: {
+    client: 'mysql',
+    connection: {
+      host: Env.get('DB_HOST', 'localhost'),
+      port: Env.get('DB_PORT', ''),
+      user: Env.get('DB_USER', 'root'),
+      password: Env.get('DB_PASSWORD', ''),
+      database: Env.get('DB_DATABASE', 'adonis'),
+    },
+    debug: Env.get('DB_DEBUG', false),
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | PostgreSQL
+  |--------------------------------------------------------------------------
+  |
+  | Here we define connection settings for PostgreSQL database.
+  |
+  | npm i --save pg
+  |
+  */
+  pg: {
+    client: 'pg',
+    connection: {
+      host: Env.get('DB_HOST', 'localhost'),
+      port: Env.get('DB_PORT', ''),
+      user: Env.get('DB_USER', 'root'),
+      password: Env.get('DB_PASSWORD', ''),
+      database: Env.get('DB_DATABASE', 'adonis'),
+    },
+    debug: Env.get('DB_DEBUG', false),
+  },
+};
diff --git a/src/server/config/drive.js b/src/server/config/drive.js
new file mode 100644
index 000000000..617ce470a
--- /dev/null
+++ b/src/server/config/drive.js
@@ -0,0 +1,45 @@
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Default disk
+  |--------------------------------------------------------------------------
+  |
+  | The default disk is used when you interact with the file system without
+  | defining a disk name
+  |
+  */
+  default: 'local',
+
+  disks: {
+    /*
+    |--------------------------------------------------------------------------
+    | Local
+    |--------------------------------------------------------------------------
+    |
+    | Local disk interacts with the a local folder inside your application
+    |
+    */
+    local: {
+      root: `${__dirname}/../recipes`,
+      driver: 'local',
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | S3
+    |--------------------------------------------------------------------------
+    |
+    | S3 disk interacts with a bucket on aws s3
+    |
+    */
+    s3: {
+      driver: 's3',
+      key: Env.get('S3_KEY'),
+      secret: Env.get('S3_SECRET'),
+      bucket: Env.get('S3_BUCKET'),
+      region: Env.get('S3_REGION'),
+    },
+  },
+};
diff --git a/src/server/config/hash.js b/src/server/config/hash.js
new file mode 100644
index 000000000..297c977fc
--- /dev/null
+++ b/src/server/config/hash.js
@@ -0,0 +1,48 @@
+
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Driver
+  |--------------------------------------------------------------------------
+  |
+  | Driver to be used for hashing values. The same driver is used by the
+  | auth module too.
+  |
+  */
+  driver: Env.get('HASH_DRIVER', 'bcrypt'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Bcrypt
+  |--------------------------------------------------------------------------
+  |
+  | Config related to bcrypt hashing. https://www.npmjs.com/package/bcrypt
+  | package is used internally.
+  |
+  */
+  bcrypt: {
+    rounds: 10,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Argon
+  |--------------------------------------------------------------------------
+  |
+  | Config related to argon. https://www.npmjs.com/package/argon2 package is
+  | used internally.
+  |
+  | Since argon is optional, you will have to install the dependency yourself
+  |
+  |============================================================================
+  | npm i argon2
+  |============================================================================
+  |
+  */
+  argon: {
+    type: 1,
+  },
+};
diff --git a/src/server/config/session.js b/src/server/config/session.js
new file mode 100644
index 000000000..bce28bdd9
--- /dev/null
+++ b/src/server/config/session.js
@@ -0,0 +1,98 @@
+
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Session Driver
+  |--------------------------------------------------------------------------
+  |
+  | The session driver to be used for storing session values. It can be
+  | cookie, file or redis.
+  |
+  | For `redis` driver, make sure to install and register `@adonisjs/redis`
+  |
+  */
+  driver: Env.get('SESSION_DRIVER', 'cookie'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Cookie Name
+  |--------------------------------------------------------------------------
+  |
+  | The name of the cookie to be used for saving session id. Session ids
+  | are signed and encrypted.
+  |
+  */
+  cookieName: 'adonis-session',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Clear session when browser closes
+  |--------------------------------------------------------------------------
+  |
+  | If this value is true, the session cookie will be temporary and will be
+  | removed when browser closes.
+  |
+  */
+  clearWithBrowser: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Session age
+  |--------------------------------------------------------------------------
+  |
+  | This value is only used when `clearWithBrowser` is set to false. The
+  | age must be a valid https://npmjs.org/package/ms string or should
+  | be in milliseconds.
+  |
+  | Valid values are:
+  |  '2h', '10d', '5y', '2.5 hrs'
+  |
+  */
+  age: '2h',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Cookie options
+  |--------------------------------------------------------------------------
+  |
+  | Cookie options defines the options to be used for setting up session
+  | cookie
+  |
+  */
+  cookie: {
+    httpOnly: true,
+    path: '/',
+    sameSite: false,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Sessions location
+  |--------------------------------------------------------------------------
+  |
+  | If driver is set to file, we need to define the relative location from
+  | the temporary path or absolute url to any location.
+  |
+  */
+  file: {
+    location: 'sessions',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Redis config
+  |--------------------------------------------------------------------------
+  |
+  | The configuration for the redis driver.
+  |
+  */
+  redis: {
+    host: '127.0.0.1',
+    port: 6379,
+    password: null,
+    db: 0,
+    keyPrefix: '',
+  },
+};
diff --git a/src/server/config/shield.js b/src/server/config/shield.js
new file mode 100644
index 000000000..5c1c5cd73
--- /dev/null
+++ b/src/server/config/shield.js
@@ -0,0 +1,144 @@
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Content Security Policy
+  |--------------------------------------------------------------------------
+  |
+  | Content security policy filters out the origins not allowed to execute
+  | and load resources like scripts, styles and fonts. There are wide
+  | variety of options to choose from.
+  */
+  csp: {
+    /*
+    |--------------------------------------------------------------------------
+    | Directives
+    |--------------------------------------------------------------------------
+    |
+    | All directives are defined in camelCase and here is the list of
+    | available directives and their possible values.
+    |
+    | https://content-security-policy.com
+    |
+    | @example
+    | directives: {
+    |   defaultSrc: ['self', '@nonce', 'cdnjs.cloudflare.com']
+    | }
+    |
+    */
+    directives: {
+    },
+    /*
+    |--------------------------------------------------------------------------
+    | Report only
+    |--------------------------------------------------------------------------
+    |
+    | Setting `reportOnly=true` will not block the scripts from running and
+    | instead report them to a URL.
+    |
+    */
+    reportOnly: false,
+    /*
+    |--------------------------------------------------------------------------
+    | Set all headers
+    |--------------------------------------------------------------------------
+    |
+    | Headers staring with `X` have been depreciated, since all major browsers
+    | supports the standard CSP header. So its better to disable deperciated
+    | headers, unless you want them to be set.
+    |
+    */
+    setAllHeaders: false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Disable on android
+    |--------------------------------------------------------------------------
+    |
+    | Certain versions of android are buggy with CSP policy. So you can set
+    | this value to true, to disable it for Android versions with buggy
+    | behavior.
+    |
+    | Here is an issue reported on a different package, but helpful to read
+    | if you want to know the behavior. https://github.com/helmetjs/helmet/pull/82
+    |
+    */
+    disableAndroid: true,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | X-XSS-Protection
+  |--------------------------------------------------------------------------
+  |
+  | X-XSS Protection saves from applications from XSS attacks. It is adopted
+  | by IE and later followed by some other browsers.
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+  |
+  */
+  xss: {
+    enabled: true,
+    enableOnOldIE: false,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Iframe Options
+  |--------------------------------------------------------------------------
+  |
+  | xframe defines whether or not your website can be embedded inside an
+  | iframe. Choose from one of the following options.
+  | @available options
+  | DENY, SAMEORIGIN, ALLOW-FROM http://example.com
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+  */
+  xframe: 'DENY',
+
+  /*
+  |--------------------------------------------------------------------------
+  | No Sniff
+  |--------------------------------------------------------------------------
+  |
+  | Browsers have a habit of sniffing content-type of a response. Which means
+  | files with .txt extension containing Javascript code will be executed as
+  | Javascript. You can disable this behavior by setting nosniff to false.
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+  |
+  */
+  nosniff: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | No Open
+  |--------------------------------------------------------------------------
+  |
+  | IE users can execute webpages in the context of your website, which is
+  | a serious security risk. Below option will manage this for you.
+  |
+  */
+  noopen: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | CSRF Protection
+  |--------------------------------------------------------------------------
+  |
+  | CSRF Protection adds another layer of security by making sure, actionable
+  | routes does have a valid token to execute an action.
+  |
+  */
+  csrf: {
+    enable: true,
+    methods: ['POST', 'PUT', 'DELETE'],
+    filterUris: [],
+    cookieOptions: {
+      httpOnly: false,
+      sameSite: true,
+      path: '/',
+      maxAge: 7200,
+    },
+  },
+};
diff --git a/src/server/database/factory.js b/src/server/database/factory.js
new file mode 100644
index 000000000..550c5e6ab
--- /dev/null
+++ b/src/server/database/factory.js
@@ -0,0 +1,20 @@
+
+/*
+|--------------------------------------------------------------------------
+| Factory
+|--------------------------------------------------------------------------
+|
+| Factories are used to define blueprints for database tables or Lucid
+| models. Later you can use these blueprints to seed your database
+| with dummy data.
+|
+*/
+
+/** @type {import('@adonisjs/lucid/src/Factory')} */
+// const Factory = use('Factory')
+
+// Factory.blueprint('App/Models/User', (faker) => {
+//   return {
+//     username: faker.username()
+//   }
+// })
diff --git a/src/server/database/ferdi.sqlite b/src/server/database/ferdi.sqlite
new file mode 100644
index 000000000..db5425ee6
--- /dev/null
+++ b/src/server/database/ferdi.sqlite
diff --git a/src/server/database/migrations/1566385379883_service_schema.js b/src/server/database/migrations/1566385379883_service_schema.js
new file mode 100644
index 000000000..1db95c19d
--- /dev/null
+++ b/src/server/database/migrations/1566385379883_service_schema.js
@@ -0,0 +1,22 @@
+
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class ServiceSchema extends Schema {
+  up() {
+    this.create('services', (table) => {
+      table.increments();
+      table.string('serviceId', 80).notNullable();
+      table.string('name', 80).notNullable();
+      table.string('recipeId', 254).notNullable();
+      table.json('settings');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('services');
+  }
+}
+
+module.exports = ServiceSchema;
diff --git a/src/server/database/migrations/1566554231482_recipe_schema.js b/src/server/database/migrations/1566554231482_recipe_schema.js
new file mode 100644
index 000000000..14fcb82e5
--- /dev/null
+++ b/src/server/database/migrations/1566554231482_recipe_schema.js
@@ -0,0 +1,21 @@
+
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class RecipeSchema extends Schema {
+  up() {
+    this.create('recipes', (table) => {
+      table.increments();
+      table.string('name', 80).notNullable();
+      table.string('recipeId', 254).notNullable().unique();
+      table.json('data');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('recipes');
+  }
+}
+
+module.exports = RecipeSchema;
diff --git a/src/server/database/migrations/1566554359294_workspace_schema.js b/src/server/database/migrations/1566554359294_workspace_schema.js
new file mode 100644
index 000000000..b53bbe656
--- /dev/null
+++ b/src/server/database/migrations/1566554359294_workspace_schema.js
@@ -0,0 +1,23 @@
+
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class WorkspaceSchema extends Schema {
+  up() {
+    this.create('workspaces', (table) => {
+      table.increments();
+      table.string('workspaceId', 80).notNullable().unique();
+      table.string('name', 80).notNullable();
+      table.integer('order');
+      table.json('services');
+      table.json('data');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('workspaces');
+  }
+}
+
+module.exports = WorkspaceSchema;
diff --git a/src/server/database/template.sqlite b/src/server/database/template.sqlite
new file mode 100644
index 000000000..db5425ee6
--- /dev/null
+++ b/src/server/database/template.sqlite
diff --git a/src/server/env.ini b/src/server/env.ini
new file mode 100644
index 000000000..902e8e4c8
--- /dev/null
+++ b/src/server/env.ini
@@ -0,0 +1,16 @@
+HOST=127.0.0.1
+PORT=45569
+NODE_ENV=development
+APP_NAME=Ferdi Internal Server
+APP_URL=http://${HOST}:${PORT}
+CACHE_VIEWS=false
+APP_KEY=FERDIINTERNALSERVER
+DB_CONNECTION=sqlite
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_USER=root
+DB_PASSWORD=
+DB_DATABASE=ferdi
+HASH_DRIVER=bcrypt
+IS_CREATION_ENABLED=true
+CONNECT_WITH_FRANZ=true
\ No newline at end of file
diff --git a/src/server/logo.png b/src/server/logo.png
new file mode 100644
index 000000000..587e0b86e
--- /dev/null
+++ b/src/server/logo.png
diff --git a/src/server/public/css/main.css b/src/server/public/css/main.css
new file mode 100644
index 000000000..a1c5653d7
--- /dev/null
+++ b/src/server/public/css/main.css
@@ -0,0 +1,69 @@
+input {
+  margin-bottom: 1rem;
+  width: 100%;
+  padding: 0.5rem;
+}
+
+button, .button {
+  display: flex;
+  overflow: hidden;
+  padding: 12px 12px;
+  cursor: pointer;
+  width: 100%;
+  -webkit-user-select: none;
+  -moz-user-select: none;
+  -ms-user-select: none;
+  user-select: none;
+  transition: all 150ms linear;
+  text-align: center;
+  white-space: nowrap;
+  text-decoration: none !important;
+  text-transform: none;
+  text-transform: capitalize;
+  color: #fff !important;
+  border: 0 none;
+  border-radius: 4px;
+  font-size: 13px;
+  font-weight: 500;
+  line-height: 1.3;
+  -webkit-appearance: none;
+  -moz-appearance: none;
+  appearance: none;
+  justify-content: center;
+  align-items: center;
+  flex: 0 0 160px;
+  box-shadow: 2px 5px 10px #e4e4e4;
+  color: #FFFFFF;
+  background: #161616;
+}
+
+#dropzone {
+  width: 100%;
+  height: 30vh;
+  background-color: #ebebeb;
+
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+
+  cursor: pointer;
+}
+
+#dropzone p {
+  font-size: 0.85rem;
+}
+
+#files {
+  display: none;
+}
+
+.alert {
+  background-color: #e7a8a6;
+  padding: 0.8rem;
+  margin-bottom: 1rem;
+}
+
+td {
+  word-break: break-all;
+}
\ No newline at end of file
diff --git a/src/server/public/css/vanilla.css b/src/server/public/css/vanilla.css
new file mode 100644
index 000000000..37bc051a2
--- /dev/null
+++ b/src/server/public/css/vanilla.css
@@ -0,0 +1,138 @@
+/* Reset */
+html, body, div, span, applet, object, iframe,
+h1, h2, h3, h4, h5, h6, p, blockquote, pre,
+a, abbr, acronym, address, big, cite, code,
+del, dfn, em, img, ins, kbd, q, s, samp,
+small, strike, strong, sub, sup, tt, var,
+b, u, i, center,
+dl, dt, dd, ol, ul, li,
+fieldset, form, label, legend,
+table, caption, tbody, tfoot, thead, tr, th, td,
+article, aside, canvas, details, embed, 
+figure, figcaption, footer, header, hgroup, 
+menu, nav, output, ruby, section, summary,
+time, mark, audio, video {
+    margin: 0;
+    padding: 0;
+    border: 0;
+    font-size: 100%;
+    font: inherit;
+    vertical-align: baseline;
+}
+* {
+    box-sizing: border-box;
+}
+
+
+
+/* Variables */
+:root {
+    --desktop-font-size: 1.3rem/1.5;
+    --mobile-font-size: 1.1rem/1.4;
+    --text-color: #2d2d2d;
+    --link-color: blue;
+    --primary-color: lightsteelblue;
+    --secondary-color: aliceblue;
+    --tertiary-color: whitesmoke;
+}
+
+
+
+
+/* Typography */
+body { 
+    color: var(--text-color);
+    padding: 3rem;
+    font: var(--desktop-font-size) -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto, Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji", "Segoe UI Symbol";
+}
+
+h1,h2,h3,h4,h5,h6,p,blockquote,dl,img,figure {
+    margin: 2rem 0;
+}
+
+h1,h2,h3,h4,h5,h6 { font-weight: bold; }
+h1 { font-size: 200%; }
+h2 { font-size: 150%; }
+h3 { font-size: 120%; }
+h4,h5,h6 { font-size: 100%; }
+h5, h6 { text-transform: uppercase; }
+
+header h1 { border-bottom: 1px solid; }
+
+p { margin: 2rem 0; }
+
+a,a:visited { color: var(--link-color); }
+
+strong, time, b { font-weight: bold; }
+em, dfn, i { font-style: italic; }
+sub { font-size: 60%; vertical-align: bottom; }
+small { font-size: 80%; }
+
+blockquote, q {
+    background: var(--secondary-color);
+    border-left: 10px solid var(--primary-color);
+    font-family: "Georgia", serif; 
+    padding: 1rem;
+}
+blockquote p:first-child { margin-top: 0; }
+cite { 
+    font-family: "Georgia", serif; 
+    font-style: italic;
+    font-weight: bold;
+}
+
+kbd,code,samp,pre,var { font-family: monospace; font-weight: bold; }
+code, pre {
+    background: var(--tertiary-color);
+    padding: 0.5rem 1rem;
+}
+code pre , pre code { padding: 0; }
+
+
+
+/* Elements */
+hr {
+    background: var(--text-color);
+    border: 0;
+    height: 1px;
+    margin: 4rem 0;
+}
+
+img { max-width: 100%; }
+
+figure { 
+    border: 1px solid var(--primary-color);
+    display: inline-block;
+    padding: 1rem; 
+    width: auto;
+}
+figure img { margin: 0; }
+figure figcaption { font-size: 80%; }
+
+ul, ol { margin: 2rem 0; padding: 0 0 0 4rem; }
+
+dl dd { padding-left: 2rem; }
+
+table {
+    border: 1px solid var(--primary-color);
+    border-collapse: collapse;
+    table-layout: fixed;
+    width: 100%; 
+}
+table caption { margin: 2rem 0; }
+table thead { text-align: center; }
+table tbody { text-align: right; }
+table tr { border-bottom: 1px solid var(--primary-color); }
+table tbody tr:nth-child(even) { background: var(--tertiary-color); }
+table th { background: var(--secondary-color); font-weight: bold; }
+table th, table td { padding: 1rem; }
+table th:not(last-of-type), table td:not(last-of-type) { border-right: 1px solid var(--primary-color); }
+
+
+
+/* Mobile Styling */
+@media screen and (max-width: 50rem) {
+    body {
+        font: var(--mobile-font-size) -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto, Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji", "Segoe UI Symbol"
+    }
+}
\ No newline at end of file
diff --git a/src/server/public/js/new.js b/src/server/public/js/new.js
new file mode 100644
index 000000000..beaa36da6
--- /dev/null
+++ b/src/server/public/js/new.js
@@ -0,0 +1,24 @@
+/* eslint-env browser */
+const elDrop = document.getElementById('dropzone');
+const submitBtn = document.getElementById('submitbutton');
+const fileInput = document.getElementById('files');
+
+elDrop.addEventListener('dragover', (event) => {
+  event.preventDefault();
+});
+
+elDrop.addEventListener('drop', async (event) => {
+  event.preventDefault();
+
+  submitBtn.disabled = true;
+
+  fileInput.files = event.dataTransfer.files;
+
+  elDrop.innerText = `✓ ${fileInput.files.length} files selected`;
+  elDrop.style.height = 'inherit';
+
+  submitBtn.disabled = false;
+});
+elDrop.addEventListener('click', () => {
+  fileInput.click();
+});
diff --git a/src/server/resources/views/layouts/main.edge b/src/server/resources/views/layouts/main.edge
new file mode 100644
index 000000000..b6cc8ca23
--- /dev/null
+++ b/src/server/resources/views/layouts/main.edge
@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta http-equiv="X-UA-Compatible" content="ie=edge">
+  <title>ferdi-server</title>
+
+  {{ style('css/vanilla') }}
+  {{ style('css/main') }}
+</head>
+
+<body>
+    @!section('content')
+</body>
+
+</html>
diff --git a/src/server/resources/views/others/import.edge b/src/server/resources/views/others/import.edge
new file mode 100644
index 000000000..b890bbb2a
--- /dev/null
+++ b/src/server/resources/views/others/import.edge
@@ -0,0 +1,19 @@
+@layout('layouts.main')
+
+@section('content')
+<h1>Import a Franz account</h1>
+<p>Please login using your Franz account. We will create a new Ferdi account with the same credentials.</p>
+<form action="import" method="post">
+  <label for="email">E-Mail address</label><br />
+  <input type="email" name="email" placeholder="joe@example.com" required><br />
+
+  <label for="password">Password</label><br />
+  <input type="password" name="password" placeholder="********" required><br />
+
+  <button type="submit" id="submitbutton">Import Franz account</button>
+  <small>
+    By importing your Franz account, you accept the <a href="/terms">Terms of service</a> and <a href="/privacy">Privacy
+      policy</a>
+  </small>
+</form>
+@endsection
diff --git a/src/server/resources/views/others/index.edge b/src/server/resources/views/others/index.edge
new file mode 100644
index 000000000..c594d3142
--- /dev/null
+++ b/src/server/resources/views/others/index.edge
@@ -0,0 +1,38 @@
+@layout('layouts.main')
+
+@section('content')
+<style>
+  ol,
+  p {
+    margin: 0.5rem 0;
+  }
+
+</style>
+<h1>ferdi-server</h1>
+<p>You are accessing a custom <a href="https://github.com/kytwb/ferdi">Ferdi</a> server.</p>
+<p>
+  To use this server in your Ferdi client, <a href="ferdi://settings/app">open Ferdi's settings</a> and as the
+  <code>server</code>, enter <code id="server"></code>
+</p>
+<p>
+  Alternatively, you can manage your account in the <a href="/user/account">account dashboard</a>.
+</p>
+
+<br />
+<small>
+  <a href="https://github.com/vantezzen/ferdi-server">ferdi-server</a> is a project by <a
+    href="https://vantezzen.io">vantezzen</a>.
+</small>
+
+<script>
+  // Get server URL for current location
+  let server = location.href.replace('/index.html', '');
+  if (server[server.length - 1] == '/') {
+    server = server.substr(0, server.length - 1)
+  }
+
+  // Show on page
+  document.getElementById('server').innerText = server;
+
+</script>
+@endsection
diff --git a/src/server/resources/views/others/new.edge b/src/server/resources/views/others/new.edge
new file mode 100644
index 000000000..1b54558fc
--- /dev/null
+++ b/src/server/resources/views/others/new.edge
@@ -0,0 +1,40 @@
+@layout('layouts.main')
+
+@section('content')
+<h1>Create a new recipe</h1>
+<p>Please create a recipe using <a href="https://github.com/meetfranz/plugins/blob/master/docs/integration.md">the
+    official Franz guide</a>, then publish it here.</p>
+<form action="new" method="post" enctype="multipart/form-data">
+  <label for="author">Author</label><br />
+  <input type="text" name="author" placeholder="Jon Doe" required><br />
+
+  <label for="name">Name</label><br />
+  <input type="text" name="name" placeholder="Sample Service" required><br />
+
+  <label for="id">Service ID</label><br />
+  <input type="text" name="id" placeholder="sample-service" required><br />
+
+  <label for="png">Link to PNG image*</label><br />
+  <input type="text" name="png" placeholder="https://.../logo.png" required><br />
+
+  <label for="svg">Link to SVG image*</label><br />
+  <input type="text" name="svg" placeholder="https://.../logo.svg" required><br />
+  *These images must be publicly availible and have CORS enabled in order to work.<br /><br />
+
+  <label for="package">Recipe files</label><br />
+  <div id="dropzone" effectAllowed="move">
+    <div>
+      Drop recipe files here<br />or click here to select files
+      <p>
+        Drag and drop your recipe files into this area.<br />
+        Please do not select the folder that contains the files but rather the files itself.
+      </p>
+    </div>
+  </div>
+  <input type="file" name="files[]" id="files" value="" multiple required><br /><br />
+
+  <button type="submit" id="submitbutton">Create recipe</button>
+</form>
+
+<script src="js/new.js"></script>
+@endsection
diff --git a/src/server/start.js b/src/server/start.js
new file mode 100644
index 000000000..8a8711a78
--- /dev/null
+++ b/src/server/start.js
@@ -0,0 +1,40 @@
+
+/*
+|--------------------------------------------------------------------------
+| Http server
+|--------------------------------------------------------------------------
+|
+| This file bootstraps Adonisjs to start the HTTP server. You are free to
+| customize the process of booting the http server.
+|
+| """ Loading ace commands """
+|     At times you may want to load ace commands when starting the HTTP server.
+|     Same can be done by chaining `loadCommands()` method after
+|
+| """ Preloading files """
+|     Also you can preload files by calling `preLoad('path/to/file')` method.
+|     Make sure to pass a relative path from the project root.
+*/
+const path = require('path');
+const fs = require('fs-extra');
+// eslint-disable-next-line import/no-extraneous-dependencies
+const { app } = require('electron');
+
+process.env.ENV_PATH = path.join(__dirname, 'env.ini');
+
+// Make sure local database exists
+const dbPath = path.join(app.getPath('userData'), 'server.sqlite');
+if (!fs.existsSync(dbPath)) {
+  fs.copySync(
+    path.join(__dirname, 'database', 'template.sqlite'),
+    dbPath,
+  );
+}
+
+const { Ignitor } = require('@adonisjs/ignitor');
+const fold = require('@adonisjs/fold');
+
+new Ignitor(fold)
+  .appRoot(__dirname)
+  .fireHttpServer()
+  .catch(console.error); // eslint-disable-line no-console
diff --git a/src/server/start/app.js b/src/server/start/app.js
new file mode 100644
index 000000000..a29ca6594
--- /dev/null
+++ b/src/server/start/app.js
@@ -0,0 +1,62 @@
+
+/*
+|--------------------------------------------------------------------------
+| Providers
+|--------------------------------------------------------------------------
+|
+| Providers are building blocks for your Adonis app. Anytime you install
+| a new Adonis specific package, chances are you will register the
+| provider here.
+|
+*/
+const providers = [
+  '@adonisjs/framework/providers/AppProvider',
+  '@adonisjs/bodyparser/providers/BodyParserProvider',
+  '@adonisjs/cors/providers/CorsProvider',
+  '@adonisjs/lucid/providers/LucidProvider',
+  '@adonisjs/drive/providers/DriveProvider',
+  '@adonisjs/validator/providers/ValidatorProvider',
+  '@adonisjs/framework/providers/ViewProvider',
+  '@adonisjs/shield/providers/ShieldProvider',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Ace Providers
+|--------------------------------------------------------------------------
+|
+| Ace providers are required only when running ace commands. For example
+| Providers for migrations, tests etc.
+|
+*/
+const aceProviders = [
+  '@adonisjs/lucid/providers/MigrationsProvider',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Aliases
+|--------------------------------------------------------------------------
+|
+| Aliases are short unique names for IoC container bindings. You are free
+| to create your own aliases.
+|
+| For example:
+|   { Route: 'Adonis/Src/Route' }
+|
+*/
+const aliases = {};
+
+/*
+|--------------------------------------------------------------------------
+| Commands
+|--------------------------------------------------------------------------
+|
+| Here you store ace commands for your package
+|
+*/
+const commands = [];
+
+module.exports = {
+  providers, aceProviders, aliases, commands,
+};
diff --git a/src/server/start/kernel.js b/src/server/start/kernel.js
new file mode 100644
index 000000000..54fe1f35d
--- /dev/null
+++ b/src/server/start/kernel.js
@@ -0,0 +1,56 @@
+
+/** @type {import('@adonisjs/framework/src/Server')} */
+const Server = use('Server');
+
+/*
+|--------------------------------------------------------------------------
+| Global Middleware
+|--------------------------------------------------------------------------
+|
+| Global middleware are executed on each http request only when the routes
+| match.
+|
+*/
+const globalMiddleware = [
+  'Adonis/Middleware/BodyParser',
+  'App/Middleware/ConvertEmptyStringsToNull',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Named Middleware
+|--------------------------------------------------------------------------
+|
+| Named middleware is key/value object to conditionally add middleware on
+| specific routes or group of routes.
+|
+| // define
+| {
+|   auth: 'Adonis/Middleware/Auth'
+| }
+|
+| // use
+| Route.get().middleware('auth')
+|
+*/
+const namedMiddleware = {
+};
+
+/*
+|--------------------------------------------------------------------------
+| Server Middleware
+|--------------------------------------------------------------------------
+|
+| Server level middleware are executed even when route for a given URL is
+| not registered. Features like `static assets` and `cors` needs better
+| control over request lifecycle.
+|
+*/
+const serverMiddleware = [
+  'Adonis/Middleware/Static',
+];
+
+Server
+  .registerGlobal(globalMiddleware)
+  .registerNamed(namedMiddleware)
+  .use(serverMiddleware);
diff --git a/src/server/start/routes.js b/src/server/start/routes.js
new file mode 100644
index 000000000..f3896bfa3
--- /dev/null
+++ b/src/server/start/routes.js
@@ -0,0 +1,74 @@
+
+/*
+|--------------------------------------------------------------------------
+| Routes
+|--------------------------------------------------------------------------
+|
+*/
+
+/** @type {typeof import('@adonisjs/framework/src/Route/Manager')} */
+const Route = use('Route');
+const Env = use('Env');
+
+// Health: Returning if all systems function correctly
+Route.get('health', ({
+  response,
+}) => response.send({
+  api: 'success',
+  db: 'success',
+}));
+
+// API is grouped under '/v1/' route
+Route.group(() => {
+  // User authentification
+  Route.post('auth/signup', 'UserController.signup');
+  Route.post('auth/login', 'UserController.login');
+
+  // User info
+  Route.get('me', 'UserController.me');
+
+  // Service info
+  Route.post('service', 'ServiceController.create');
+  Route.put('service/:id', 'ServiceController.edit');
+  Route.delete('service/:id', 'ServiceController.delete');
+  Route.get('me/services', 'ServiceController.list');
+  Route.put('service/reorder', 'ServiceController.reorder');
+  Route.get('recipe', 'ServiceController.list');
+  Route.post('recipes/update', 'ServiceController.update');
+
+  // Recipe store
+  Route.get('recipes', 'RecipeController.list');
+  Route.get('recipes/download/:recipe', 'RecipeController.download');
+  Route.get('recipes/search', 'RecipeController.search');
+  Route.get('recipes/popular', 'StaticController.popularRecipes');
+  Route.get('recipes/update', 'StaticController.emptyArray');
+
+  // Workspaces
+  Route.put('workspace/:id', 'WorkspaceController.edit');
+  Route.delete('workspace/:id', 'WorkspaceController.delete');
+  Route.post('workspace', 'WorkspaceController.create');
+  Route.get('workspace', 'WorkspaceController.list');
+
+  // Static responses
+  Route.get('features', 'StaticController.features');
+  Route.get('services', 'StaticController.emptyArray');
+  Route.get('news', 'StaticController.emptyArray');
+  Route.get('payment/plans', 'StaticController.plans');
+  Route.get('announcements/:version', 'StaticController.announcement');
+}).prefix('v1');
+
+// Recipe creation
+Route.post('new', 'RecipeController.create');
+Route.get('new', ({ response, view }) => {
+  if (Env.get('IS_CREATION_ENABLED') == 'false') { // eslint-disable-line eqeqeq
+    return response.send('This server doesn\'t allow the creation of new recipes.\n\nIf you are the server owner, please set IS_CREATION_ENABLED to true to enable recipe creation.');
+  }
+  return view.render('others.new');
+});
+
+// Franz account import
+Route.post('import', 'UserController.import');
+Route.get('import', ({ view }) => view.render('others.import'));
+
+// Index
+Route.get('/', ({ view }) => view.render('others.index'));