58 files changed, 3071 insertions, 20 deletions

diff --git a/.dockerignore b/.dockerignore
index 4b3cd60be..d1ed260c9 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -25,3 +25,11 @@ recipes/archives
 tmp-out/
 uidev/lib
 docs/
+src/internal-server/database/tmp/
+src/internal-server/database/development.sqlite
+src/internal-server/database/adonis.sqlite
+src/internal-server/recipes/
+src/internal-server/public/terms.html
+src/internal-server/public/privacy.html
+src/internal-server/user_data/
+**/.env
diff --git a/.eslintignore b/.eslintignore
index 5385bbb5f..9913d7272 100644
--- a/.eslintignore
+++ b/.eslintignore
@@ -2,5 +2,4 @@ build/
 out/
 packages/*/lib
 packages/**/*.test.*
-src/internal-server
 recipes/
diff --git a/.eslintrc b/.eslintrc
index 6b8fe42de..640e29aa6 100644
--- a/.eslintrc
+++ b/.eslintrc
@@ -88,7 +88,8 @@
     "FormData": true,
     "localStorage": true,
     "navigator": true,
-    "Element": true
+    "Element": true,
+    "use": true
   },
   "env": {
     "jest/globals": true
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 000000000..dfe077042
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto
diff --git a/.gitignore b/.gitignore
index 7be0f2a33..f05e9220c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,3 +13,23 @@ lerna-debug.log
 uidev/lib
 *.tsbuildinfo
 server*.log
+
+# These entries have been merged from the git submodule repo 'internal-server'
+
+# Adonis directory for storing tmp files
+/src/internal-server/tmp
+
+# Environment variables, never commit this file
+/src/internal-server/.env
+
+# The development sqlite file
+/src/internal-server/database/development.sqlite
+/src/internal-server/database/adonis.sqlite
+
+# Uploaded recipes
+/src/internal-server/recipes/
+
+/src/internal-server/public/terms.html
+/src/internal-server/public/privacy.html
+
+/src/internal-server/user_data/
diff --git a/.gitmodules b/.gitmodules
index 81b6b6246..02804b22f 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -3,8 +3,3 @@
         url = https://github.com/getferdi/recipes.git
         ignore = all
         branch = master
-[submodule "src/internal-server"]
-        path = src/internal-server
-        url = https://github.com/getferdi/internal-server.git
-        ignore = all
-        branch = master
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index a95dbbc8f..1c3fb977f 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -113,7 +113,7 @@ cd ferdi
 git submodule update --init --recursive
 ```
 
-It is important you execute the last command to get the required submodules (recipes, src/internal-server).
+It is important you execute the last command to get the required submodules (recipes).
 
 ### Local caching of dependencies
 
diff --git a/INTERNAL_SERVER.md b/INTERNAL_SERVER.md
new file mode 100644
index 000000000..66bb3fcb6
--- /dev/null
+++ b/INTERNAL_SERVER.md
@@ -0,0 +1,38 @@
+<p align="center">
+    <img src="./src/internal-server/public/images/logo.png" alt="" width="300"/>
+</p>
+
+# ferdi-internal-server
+Internal Ferdi Server used for storing settings/preferences without logging into an external server.
+
+## Differences to ferdi-server
+- Doesn't contain user management (only one user)
+- Doesn't require logging in
+- No recipe creation
+- Contains `start.js` script to allow starting the server via script
+- Uses `env.ini` instead of `.env` to stay compatible with Ferdi's build script
+- Only allows Ferdi clients to connect to the API
+
+## Configuration
+franz-server's configuration is saved inside the `env.ini` file. Besides AdonisJS's settings, `ferdi-internal-server` has the following custom settings:
+- `CONNECT_WITH_FRANZ` (`true` or `false`, default: `true`): Whether to enable connections to the Franz server. By enabling this option, ferdi-internal-server can:
+  - Show the full Franz recipe library instead of only custom recipes
+  - Import Franz accounts
+
+## Importing your Franz account
+`ferdi-internal-server` allows you to import your full Franz account, including all its settings.
+
+To import your Franz account, open `http://localhost:45569/import` in your browser and login using your Franz account details. `ferdi-internal-server` will create a new user with the same credentials and copy your Franz settings, services and workspaces.
+
+## Development
+
+You can locally develop `ferdi-internal-server` outside of Ferdi.
+
+1. Start the local server via
+  ```bash
+  npm run start:server
+  ```
+2. Change Ferdi's server to `http://localhost:45568` to start using the local test server.
+
+## Note For previous contributors
+For anyone who has *previously* setup Ferdi for development, you will need to unregister the `src/internal-server` from being a git submodule. You can do this by following the steps outlined [here](https://www.w3docs.com/snippets/git/how-to-remove-a-git-submodule.html)
diff --git a/jest.config.js b/jest.config.js
index cca24440f..406c9c6d1 100644
--- a/jest.config.js
+++ b/jest.config.js
@@ -3,6 +3,7 @@ module.exports = {
   testPathIgnorePatterns: [
     'node_modules/',
     'recipes/',
+    // TODO: Need to unignore tests
     'src/internal-server',
-  ]
+  ],
 };
diff --git a/package-lock.json b/package-lock.json
index 3c7da1de1..ff64c1610 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -27076,19 +27076,19 @@
       "dev": true
     },
     "sqlite3": {
-      "version": "5.0.2",
-      "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.0.2.tgz",
-      "integrity": "sha512-1SdTNo+BVU211Xj1csWa8lV6KM0CtucDwRyA0VHl91wEH1Mgh7RxUpI4rVvG7OhHrzCSGaVyW5g8vKvlrk9DJA==",
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/sqlite3/-/sqlite3-5.0.0.tgz",
+      "integrity": "sha512-rjvqHFUaSGnzxDy2AHCwhHy6Zp6MNJzCPGYju4kD8yi6bze4d1/zMTg6C7JI49b7/EM7jKMTvyfN/4ylBKdwfw==",
       "requires": {
-        "node-addon-api": "^3.0.0",
+        "node-addon-api": "2.0.0",
         "node-gyp": "3.x",
         "node-pre-gyp": "^0.11.0"
       },
       "dependencies": {
         "node-addon-api": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-3.2.1.tgz",
-          "integrity": "sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A=="
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-2.0.0.tgz",
+          "integrity": "sha512-ASCL5U13as7HhOExbT6OlWJJUV/lLzL2voOSP1UVehpRD8FbSrSDjfScK/KwAvVTI5AS6r4VwbOMlIqtvRidnA=="
         }
       }
     },
diff --git a/package.json b/package.json
index e03a2a4c6..6a012d250 100644
--- a/package.json
+++ b/package.json
@@ -42,7 +42,8 @@
     "prepare-code": "npm run lint && npm run reformat-files && npm run manage-translations && npm run apply-branding",
     "build-theme-info": "node src/scripts/build-theme-info.js",
     "link-readme": "node src/scripts/link-readme.js",
-    "minify-images": "./scripts/minify-images.sh"
+    "minify-images": "./scripts/minify-images.sh",
+    "start:server": "node src/internal-server/test.js"
   },
   "keywords": [],
   "author": "Amine Mouafik <amine@mouafik.fr>",
@@ -129,7 +130,7 @@
     "route-parser": "0.0.5",
     "semver": "7.3.5",
     "smoothscroll-polyfill": "0.4.4",
-    "sqlite3": "5.0.2",
+    "sqlite3": "5.0.0",
     "tar": "4.4.13",
     "targz": "1.0.1",
     "terser": "4.4.0",
@@ -214,5 +215,8 @@
   },
   "browserslist": [
     "last 2 Chrome versions"
-  ]
+  ],
+  "autoload": {
+    "App": "./src/internal-server/app"
+  }
 }
diff --git a/scripts/minify-images.sh b/scripts/minify-images.sh
index 25a761f0b..a6ec71045 100755
--- a/scripts/minify-images.sh
+++ b/scripts/minify-images.sh
@@ -2,7 +2,7 @@
 
 # Note: This script is needed due to this bug: https://github.com/imagemin/imagemin/issues/348
 # once the above is fixed, we should simply be able to specify the input directory where all image files are to be processed recursively
-FILES=`find . -name "*.jpg" -o -name "*.jpeg" -o -name "*.bmp" -o -name "*.png" -type f | GREP_OPTIONS= egrep -v "node_modules|internal-server|recipes"`
+FILES=`find . -name "*.jpg" -o -name "*.jpeg" -o -name "*.bmp" -o -name "*.png" -type f | GREP_OPTIONS= egrep -v "node_modules|recipes"`
 for file in $FILES; do
   echo "Minifying file: $file"
   size_before=`/usr/bin/du $file | cut -f1`
diff --git a/src/internal-server b/src/internal-server
deleted file mode 160000
-Subproject 1177bc275609804ff2fb9818c6404792e936f23
diff --git a/src/internal-server/ace b/src/internal-server/ace
new file mode 100644
index 000000000..42f8f10d1
--- /dev/null
+++ b/src/internal-server/ace
@@ -0,0 +1,21 @@
+'use strict'
+
+/*
+|--------------------------------------------------------------------------
+| Ace Commands
+|--------------------------------------------------------------------------
+|
+| The ace file is just a regular Javascript file but with no extension. You
+| can call `node ace` followed by the command name and it just works.
+|
+| Also you can use `adonis` followed by the command name, since the adonis
+| global proxies all the ace commands.
+|
+*/
+
+const { Ignitor } = require('@adonisjs/ignitor')
+
+new Ignitor(require('@adonisjs/fold'))
+  .appRoot(__dirname)
+  .fireAce()
+  .catch(console.error)
diff --git a/src/internal-server/app/Controllers/Http/RecipeController.js b/src/internal-server/app/Controllers/Http/RecipeController.js
new file mode 100644
index 000000000..8a6b4f684
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/RecipeController.js
@@ -0,0 +1,120 @@
+const Recipe = use('App/Models/Recipe');
+const Drive = use('Drive');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const fetch = require('node-fetch');
+
+const RECIPES_URL = 'https://api.getferdi.com/v1/recipes';
+
+class RecipeController {
+  // List official and custom recipes
+  async list({
+    response,
+  }) {
+    const officialRecipes = JSON.parse(await (await fetch(RECIPES_URL)).text());
+    const customRecipesArray = (await Recipe.all()).rows;
+    const customRecipes = customRecipesArray.map(recipe => ({
+      id: recipe.recipeId,
+      name: recipe.name,
+      ...JSON.parse(recipe.data),
+    }));
+
+    const recipes = [
+      ...officialRecipes,
+      ...customRecipes,
+    ];
+
+    return response.send(recipes);
+  }
+
+  // Search official and custom recipes
+  async search({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      needle: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a needle',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const needle = request.input('needle');
+
+    // Get results
+    let results;
+
+    if (needle === 'ferdi:custom') {
+      const dbResults = (await Recipe.all()).toJSON();
+      results = dbResults.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+    } else {
+      let remoteResults = [];
+      if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+        remoteResults = JSON.parse(await (await fetch(`${RECIPES_URL}/search?needle=${encodeURIComponent(needle)}`)).text());
+      }
+      const localResultsArray = (await Recipe.query().where('name', 'LIKE', `%${needle}%`).fetch()).toJSON();
+      const localResults = localResultsArray.map(recipe => ({
+        id: recipe.recipeId,
+        name: recipe.name,
+        ...JSON.parse(recipe.data),
+      }));
+
+      results = [
+        ...localResults,
+        ...remoteResults || [],
+      ];
+    }
+
+    return response.send(results);
+  }
+
+  // Download a recipe
+  async download({
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      recipe: 'required|accepted',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Please provide a recipe ID',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const service = params.recipe;
+
+    // Check for invalid characters
+    if (/\.{1,}/.test(service) || /\/{1,}/.test(service)) {
+      return response.send('Invalid recipe name');
+    }
+
+    // Check if recipe exists in recipes folder
+    if (await Drive.exists(`${service}.tar.gz`)) {
+      return response.send(await Drive.get(`${service}.tar.gz`));
+    } if (Env.get('CONNECT_WITH_FRANZ') == 'true') { // eslint-disable-line eqeqeq
+      return response.redirect(`${RECIPES_URL}/download/${service}`);
+    }
+    return response.status(400).send({
+      message: 'Recipe not found',
+      code: 'recipe-not-found',
+    });
+  }
+}
+
+module.exports = RecipeController;
diff --git a/src/internal-server/app/Controllers/Http/ServiceController.js b/src/internal-server/app/Controllers/Http/ServiceController.js
new file mode 100644
index 000000000..36d20c70c
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/ServiceController.js
@@ -0,0 +1,290 @@
+const Service = use('App/Models/Service');
+const {
+  validateAll,
+} = use('Validator');
+const Env = use('Env');
+
+const uuid = require('uuid/v4');
+const path = require('path');
+const fs = require('fs-extra');
+
+class ServiceController {
+  // Create a new service for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|string',
+      recipeId: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let serviceId;
+    do {
+      serviceId = uuid();
+    } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    await Service.create({
+      serviceId,
+      name: data.name,
+      recipeId: data.recipeId,
+      settings: JSON.stringify(data),
+    });
+
+    return response.send({
+      data: {
+        userId: 1,
+        id: serviceId,
+        isEnabled: true,
+        isNotificationEnabled: true,
+        isBadgeEnabled: true,
+        isMuted: false,
+        isDarkModeEnabled: '',
+        spellcheckerLanguage: '',
+        order: 1,
+        customRecipe: false,
+        hasCustomIcon: false,
+        workspaces: [],
+        iconUrl: null,
+        ...data,
+      },
+      status: ['created'],
+    });
+  }
+
+  // List all services a user has created
+  async list({
+    response,
+  }) {
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map((service) => {
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '',
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId ? `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${settings.iconId}` : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    if (request.file('icon')) {
+      // Upload custom service icon
+      await fs.ensureDir(path.join(Env.get('USER_PATH'), 'icons'));
+
+      const icon = request.file('icon', {
+        types: ['image'],
+        size: '2mb',
+      });
+      const {
+        id,
+      } = params;
+      const service = (await Service.query()
+        .where('serviceId', id).fetch()).rows[0];
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      // Generate new icon ID
+      let iconId;
+      do {
+        iconId = uuid() + uuid();
+      // eslint-disable-next-line no-await-in-loop
+      } while (await fs.exists(path.join(Env.get('USER_PATH'), 'icons', iconId)));
+
+      await icon.move(path.join(Env.get('USER_PATH'), 'icons'), {
+        name: iconId,
+        overwrite: true,
+      });
+
+      if (!icon.moved()) {
+        return response.status(500).send(icon.error());
+      }
+
+      const newSettings = {
+        ...settings,
+        ...{
+          iconId,
+          customIconVersion: settings && settings.customIconVersion ? settings.customIconVersion + 1 : 1,
+        },
+      };
+
+      // Update data in database
+      await (Service.query()
+        .where('serviceId', id)).update({
+        name: service.name,
+        settings: JSON.stringify(newSettings),
+      });
+
+      return response.send({
+        data: {
+          id,
+          name: service.name,
+          ...newSettings,
+          iconUrl: `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${newSettings.iconId}`,
+          userId: 1,
+        },
+        status: ['updated'],
+      });
+    }
+    // Update service info
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Get current settings from db
+    const serviceData = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    const settings = {
+      ...typeof serviceData.settings === 'string' ? JSON.parse(serviceData.settings) : serviceData.settings,
+      ...data,
+    };
+
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', id)).update({
+      name: data.name,
+      settings: JSON.stringify(settings),
+    });
+
+    // Get updated row
+    const service = (await Service.query()
+      .where('serviceId', id).fetch()).rows[0];
+
+    return response.send({
+      data: {
+        id,
+        name: service.name,
+        ...settings,
+        iconUrl: `${Env.get('APP_URL')}/v1/icon/${settings.iconId}`,
+        userId: 1,
+      },
+      status: ['updated'],
+    });
+  }
+
+  async icon({
+    params,
+    response,
+  }) {
+    const {
+      id,
+    } = params;
+
+    const iconPath = path.join(Env.get('USER_PATH'), 'icons', id);
+    if (!await fs.exists(iconPath)) {
+      return response.status(404).send({
+        status: 'Icon doesn\'t exist',
+      });
+    }
+
+    return response.download(iconPath);
+  }
+
+  async reorder({
+    request,
+    response,
+  }) {
+    const data = request.all();
+
+    for (const service of Object.keys(data)) {
+      // Get current settings from db
+      const serviceData = (await Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service).fetch()).rows[0];
+
+      const settings = {
+        ...JSON.parse(serviceData.settings),
+        order: data[service],
+      };
+
+      // Update data in database
+      await (Service.query() // eslint-disable-line no-await-in-loop
+        .where('serviceId', service))
+        .update({
+          settings: JSON.stringify(settings),
+        });
+    }
+
+    // Get new services
+    const services = (await Service.all()).rows;
+    // Convert to array with all data Franz wants
+    const servicesArray = services.map((service) => {
+      const settings = typeof service.settings === 'string' ? JSON.parse(service.settings) : service.settings;
+
+      return {
+        customRecipe: false,
+        hasCustomIcon: false,
+        isBadgeEnabled: true,
+        isDarkModeEnabled: '',
+        isEnabled: true,
+        isMuted: false,
+        isNotificationEnabled: true,
+        order: 1,
+        spellcheckerLanguage: '',
+        workspaces: [],
+        ...JSON.parse(service.settings),
+        iconUrl: settings.iconId ? `http://127.0.0.1:${Env.get('PORT')}/v1/icon/${settings.iconId}` : null,
+        id: service.serviceId,
+        name: service.name,
+        recipeId: service.recipeId,
+        userId: 1,
+      };
+    });
+
+    return response.send(servicesArray);
+  }
+
+  update({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  async delete({
+    params,
+    response,
+  }) {
+    // Update data in database
+    await (Service.query()
+      .where('serviceId', params.id)).delete();
+
+    return response.send({
+      message: 'Sucessfully deleted service',
+      status: 200,
+    });
+  }
+}
+
+module.exports = ServiceController;
diff --git a/src/internal-server/app/Controllers/Http/StaticController.js b/src/internal-server/app/Controllers/Http/StaticController.js
new file mode 100644
index 000000000..69dfee0a3
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/StaticController.js
@@ -0,0 +1,205 @@
+/**
+ * Controller for routes with static responses
+ */
+
+class StaticController {
+  // Enable all features
+  features({
+    response,
+  }) {
+    return response.send({
+      isServiceProxyEnabled: true,
+      isWorkspaceEnabled: true,
+      isAnnouncementsEnabled: true,
+      isSettingsWSEnabled: false,
+      isMagicBarEnabled: true,
+      isTodosEnabled: true,
+      subscribeURL: 'https://getferdi.com',
+      hasInlineCheckout: true,
+    });
+  }
+
+  // Return an empty array
+  emptyArray({
+    response,
+  }) {
+    return response.send([]);
+  }
+
+  // Return list of popular recipes (copy of the response Franz's API is returning)
+  popularRecipes({
+    response,
+  }) {
+    return response.send([{
+      // TODO: Why is this list hardcoded?
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'slack',
+      name: 'Slack',
+      version: '1.0.4',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/slack/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'whatsapp',
+      name: 'WhatsApp',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/whatsapp/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'messenger',
+      name: 'Messenger',
+      version: '1.0.6',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/messenger/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'telegram',
+      name: 'Telegram',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/telegram/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmail',
+      name: 'Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmail/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'skype',
+      name: 'Skype',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/skype/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hangouts',
+      name: 'Hangouts',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hangouts/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'discord',
+      name: 'Discord',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/discord/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'tweetdeck',
+      name: 'Tweetdeck',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/tweetdeck/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'hipchat',
+      name: 'HipChat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/hipchat/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'gmailinbox',
+      name: 'Inbox by Gmail',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gmailinbox/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'rocketchat',
+      name: 'Rocket.Chat',
+      version: '1.0.1',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/rocketchat/src/icon.svg',
+      },
+    }, {
+      author: 'Brian Gilbert <brian@briangilbert.net>',
+      featured: false,
+      id: 'gitter',
+      name: 'Gitter',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/gitter/src/icon.svg',
+      },
+    }, {
+      author: 'Stefan Malzner <stefan@adlk.io>',
+      featured: false,
+      id: 'mattermost',
+      name: 'Mattermost',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/mattermost/src/icon.svg',
+      },
+    }, {
+      author: 'Franz <recipe@meetfranz.com>',
+      featured: false,
+      id: 'toggl',
+      name: 'toggl',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/toggl/src/icon.svg',
+      },
+    }, {
+      author: 'Stuart Clark <stuart@realityloop.com>',
+      featured: false,
+      id: 'twist',
+      name: 'twist',
+      version: '1.0.0',
+      icons: {
+        png: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.png',
+        svg: 'https://cdn.franzinfra.com/recipes/dist/twist/src/icon.svg',
+      },
+    }]);
+  }
+
+  // Show announcements
+  announcement({
+    response,
+  }) {
+    return response.send({});
+  }
+}
+
+module.exports = StaticController;
diff --git a/src/internal-server/app/Controllers/Http/UserController.js b/src/internal-server/app/Controllers/Http/UserController.js
new file mode 100644
index 000000000..f7cdfc9c9
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/UserController.js
@@ -0,0 +1,367 @@
+const User = use('App/Models/User');
+const Service = use('App/Models/Service');
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const btoa = require('btoa');
+const fetch = require('node-fetch');
+const uuid = require('uuid/v4');
+const crypto = require('crypto');
+
+const apiRequest = (url, route, method, auth) => new Promise((resolve, reject) => {
+  const base = `${url}/v1/`;
+  const user = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+  try {
+    fetch(base + route, {
+      method,
+      headers: {
+        Authorization: `Bearer ${auth}`,
+        'User-Agent': user,
+      },
+    })
+      .then(data => data.json())
+      .then(json => resolve(json));
+  } catch (e) {
+    reject();
+  }
+});
+
+class UserController {
+  // Register a new user
+  async signup({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      firstname: 'required',
+      email: 'required|email',
+      password: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully created account',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Login using an existing user
+  async login({
+    request,
+    response,
+  }) {
+    if (!request.header('Authorization')) {
+      return response.status(401).send({
+        message: 'Please provide authorization',
+        status: 401,
+      });
+    }
+
+    return response.send({
+      message: 'Successfully logged in',
+      token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJGZXJkaSBJbnRlcm5hbCBTZXJ2ZXIiLCJpYXQiOjE1NzEwNDAyMTUsImV4cCI6MjUzMzk1NDE3ODQ0LCJhdWQiOiJnZXRmZXJkaS5jb20iLCJzdWIiOiJmZXJkaUBsb2NhbGhvc3QiLCJ1c2VySWQiOiIxIn0.9_TWFGp6HROv8Yg82Rt6i1-95jqWym40a-HmgrdMC6M',
+    });
+  }
+
+  // Return information about the current user
+  async me({
+    response,
+  }) {
+    const user = await User.find(1);
+
+    const settings = typeof user.settings === 'string' ? JSON.parse(user.settings) : user.settings;
+
+    return response.send({
+      accountType: 'individual',
+      beta: false,
+      donor: {},
+      email: '',
+      emailValidated: true,
+      features: {},
+      firstname: 'Ferdi',
+      id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+      isSubscriptionOwner: true,
+      lastname: 'Application',
+      locale: 'en-US',
+      ...settings || {},
+    });
+  }
+
+  async updateMe({
+    request,
+    response,
+  }) {
+    const user = await User.find(1);
+
+    let settings = user.settings || {};
+    if (typeof settings === 'string') {
+      settings = JSON.parse(settings);
+    }
+
+    const newSettings = {
+      ...settings,
+      ...request.all(),
+    };
+
+    user.settings = JSON.stringify(newSettings);
+    await user.save();
+
+    return response.send({
+      data: {
+        accountType: 'individual',
+        beta: false,
+        donor: {},
+        email: '',
+        emailValidated: true,
+        features: {},
+        firstname: 'Ferdi',
+        id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+        isSubscriptionOwner: true,
+        lastname: 'Application',
+        locale: 'en-US',
+        ...newSettings,
+      },
+      status: [
+        'data-updated',
+      ],
+    });
+  }
+
+  async import({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      email: 'required|email',
+      password: 'required',
+      server: 'required',
+    });
+    if (validation.fails()) {
+      let errorMessage = 'There was an error while trying to import your account:\n';
+      for (const message of validation.messages()) {
+        if (message.validation === 'required') {
+          errorMessage += `- Please make sure to supply your ${message.field}\n`;
+        } else if (message.validation === 'unique') {
+          errorMessage += '- There is already a user with this email.\n';
+        } else {
+          errorMessage += `${message.message}\n`;
+        }
+      }
+      return response.status(401).send(errorMessage);
+    }
+
+    const {
+      email,
+      password,
+      server,
+    } = request.all();
+
+    const hashedPassword = crypto.createHash('sha256').update(password).digest('base64');
+
+    const base = `${server}/v1/`;
+    const userAgent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Ferdi/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    // Try to get an authentication token
+    let token;
+    try {
+      const basicToken = btoa(`${email}:${hashedPassword}`);
+
+      const rawResponse = await fetch(`${base}auth/login`, {
+        method: 'POST',
+        headers: {
+          Authorization: `Basic ${basicToken}`,
+          'User-Agent': userAgent,
+        },
+      });
+      const content = await rawResponse.json();
+
+      if (!content.message || content.message !== 'Successfully logged in') {
+        const errorMessage = 'Could not login into Franz with your supplied credentials. Please check and try again';
+        return response.status(401).send(errorMessage);
+      }
+
+      // eslint-disable-next-line prefer-destructuring
+      token = content.token;
+    } catch (e) {
+      return response.status(401).send({
+        message: 'Cannot login to Franz',
+        error: e,
+      });
+    }
+
+    // Get user information
+    let userInf = false;
+    try {
+      userInf = await apiRequest(server, 'me', 'GET', token);
+    } catch (e) {
+      const errorMessage = `Could not get your user info from Franz. Please check your credentials or try again later.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+    if (!userInf) {
+      const errorMessage = 'Could not get your user info from Franz. Please check your credentials or try again later';
+      return response.status(401).send(errorMessage);
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      const services = await apiRequest(server, 'me/services', 'GET', token);
+
+      for (const service of services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      const workspaces = await apiRequest(server, 'workspace', 'GET', token);
+
+      for (const workspace of workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map(service => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify({}),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported. You can now use your Franz account in Ferdi.');
+  }
+
+  // Account import/export
+  async export({
+    // eslint-disable-next-line no-unused-vars
+    auth,
+    response,
+  }) {
+    const services = (await Service.all()).toJSON();
+    const workspaces = (await Workspace.all()).toJSON();
+
+    const exportData = {
+      username: 'Ferdi',
+      mail: 'internal@getferdi.com',
+      services,
+      workspaces,
+    };
+
+    return response
+      .header('Content-Type', 'application/force-download')
+      .header('Content-disposition', 'attachment; filename=export.ferdi-data')
+      .send(exportData);
+  }
+
+  async importFerdi({
+    request,
+    response,
+  }) {
+    const validation = await validateAll(request.all(), {
+      file: 'required',
+    });
+    if (validation.fails()) {
+      return response.send(validation.messages());
+    }
+
+    let file;
+    try {
+      file = JSON.parse(request.input('file'));
+    } catch (e) {
+      return response.send('Could not import: Invalid file, could not read file');
+    }
+
+    if (!file || !file.services || !file.workspaces) {
+      return response.send('Could not import: Invalid file (2)');
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      for (const service of file.services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while ((await Service.query().where('serviceId', serviceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        await Service.create({ // eslint-disable-line no-await-in-loop
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service.settings),
+        });
+
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your services into our system.\nError: ${e}`;
+      return response.send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      for (const workspace of file.workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+        const services = workspace.services.map((service) => serviceIdTranslation[service]);
+
+        await Workspace.create({ // eslint-disable-line no-await-in-loop
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify(workspace.data),
+        });
+      }
+    } catch (e) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${e}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send('Your account has been imported.');
+  }
+}
+
+module.exports = UserController;
diff --git a/src/internal-server/app/Controllers/Http/WorkspaceController.js b/src/internal-server/app/Controllers/Http/WorkspaceController.js
new file mode 100644
index 000000000..4189fbcdd
--- /dev/null
+++ b/src/internal-server/app/Controllers/Http/WorkspaceController.js
@@ -0,0 +1,148 @@
+const Workspace = use('App/Models/Workspace');
+const {
+  validateAll,
+} = use('Validator');
+
+const uuid = require('uuid/v4');
+
+class WorkspaceController {
+  // Create a new workspace for user
+  async create({
+    request,
+    response,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+
+    // Get new, unused uuid
+    let workspaceId;
+    do {
+      workspaceId = uuid();
+    } while ((await Workspace.query().where('workspaceId', workspaceId).fetch()).rows.length > 0); // eslint-disable-line no-await-in-loop
+
+    const order = (await Workspace.all()).rows.length;
+
+    await Workspace.create({
+      workspaceId,
+      name: data.name,
+      order,
+      services: JSON.stringify([]),
+      data: JSON.stringify(data),
+    });
+
+    return response.send({
+      userId: 1,
+      name: data.name,
+      id: workspaceId,
+      order,
+      workspaces: [],
+    });
+  }
+
+  async edit({
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required',
+      services: 'required|array',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const data = request.all();
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).update({
+      name: data.name,
+      services: JSON.stringify(data.services),
+    });
+
+    // Get updated row
+    const workspace = (await Workspace.query()
+      .where('workspaceId', id).fetch()).rows[0];
+
+    return response.send({
+      id: workspace.workspaceId,
+      name: data.name,
+      order: workspace.order,
+      services: data.services,
+      userId: 1,
+    });
+  }
+
+  async delete({
+    // eslint-disable-next-line no-unused-vars
+    request,
+    response,
+    params,
+  }) {
+    // Validate user input
+    const validation = await validateAll(params, {
+      id: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        message: 'Invalid arguments',
+        messages: validation.messages(),
+        status: 401,
+      });
+    }
+
+    const {
+      id,
+    } = params;
+
+    // Update data in database
+    await (Workspace.query()
+      .where('workspaceId', id)).delete();
+
+    return response.send({
+      message: 'Successfully deleted workspace',
+    });
+  }
+
+  // List all workspaces a user has created
+  async list({
+    response,
+  }) {
+    const workspaces = (await Workspace.all()).rows;
+    // Convert to array with all data Franz wants
+    let workspacesArray = [];
+    if (workspaces) {
+      workspacesArray = workspaces.map(workspace => ({
+        id: workspace.workspaceId,
+        name: workspace.name,
+        order: workspace.order,
+        services: typeof workspace.services === 'string' ? JSON.parse(workspace.services) : workspace.services,
+        userId: 1,
+      }));
+    }
+
+    return response.send(workspacesArray);
+  }
+}
+
+module.exports = WorkspaceController;
diff --git a/src/internal-server/app/Exceptions/Handler.js b/src/internal-server/app/Exceptions/Handler.js
new file mode 100644
index 000000000..111ef4e0e
--- /dev/null
+++ b/src/internal-server/app/Exceptions/Handler.js
@@ -0,0 +1,44 @@
+const BaseExceptionHandler = use('BaseExceptionHandler');
+
+/**
+ * This class handles all exceptions thrown during
+ * the HTTP request lifecycle.
+ *
+ * @class ExceptionHandler
+ */
+class ExceptionHandler extends BaseExceptionHandler {
+  /**
+   * Handle exception thrown during the HTTP lifecycle
+   *
+   * @method handle
+   *
+   * @param  {Object} error
+   * @param  {Object} options.request
+   * @param  {Object} options.response
+   *
+   * @return {void}
+   */
+  async handle(error, { response }) {
+    if (error.name === 'ValidationException') {
+      return response.status(400).send('Invalid arguments');
+    }
+
+    return response.status(error.status).send(error.message);
+  }
+
+  /**
+   * Report exception for logging or debugging.
+   *
+   * @method report
+   *
+   * @param  {Object} error
+   * @param  {Object} options.request
+   *
+   * @return {void}
+   */
+  async report() {
+    return true;
+  }
+}
+
+module.exports = ExceptionHandler;
diff --git a/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js b/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js
new file mode 100644
index 000000000..87f1f6c25
--- /dev/null
+++ b/src/internal-server/app/Middleware/ConvertEmptyStringsToNull.js
@@ -0,0 +1,15 @@
+class ConvertEmptyStringsToNull {
+  async handle({ request }, next) {
+    if (Object.keys(request.body).length) {
+      request.body = Object.assign(
+        ...Object.keys(request.body).map(key => ({
+          [key]: request.body[key] !== '' ? request.body[key] : null,
+        })),
+      );
+    }
+
+    await next();
+  }
+}
+
+module.exports = ConvertEmptyStringsToNull;
diff --git a/src/internal-server/app/Models/Recipe.js b/src/internal-server/app/Models/Recipe.js
new file mode 100644
index 000000000..bd9741114
--- /dev/null
+++ b/src/internal-server/app/Models/Recipe.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Recipe extends Model {
+}
+
+module.exports = Recipe;
diff --git a/src/internal-server/app/Models/Service.js b/src/internal-server/app/Models/Service.js
new file mode 100644
index 000000000..a2e5c981e
--- /dev/null
+++ b/src/internal-server/app/Models/Service.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Service extends Model {
+}
+
+module.exports = Service;
diff --git a/src/internal-server/app/Models/Token.js b/src/internal-server/app/Models/Token.js
new file mode 100644
index 000000000..83e989117
--- /dev/null
+++ b/src/internal-server/app/Models/Token.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Token extends Model {
+}
+
+module.exports = Token;
diff --git a/src/internal-server/app/Models/Traits/NoTimestamp.js b/src/internal-server/app/Models/Traits/NoTimestamp.js
new file mode 100644
index 000000000..914f542f0
--- /dev/null
+++ b/src/internal-server/app/Models/Traits/NoTimestamp.js
@@ -0,0 +1,14 @@
+class NoTimestamp {
+  register(Model) {
+    Object.defineProperties(Model, {
+      createdAtColumn: {
+        get: () => null,
+      },
+      updatedAtColumn: {
+        get: () => null,
+      },
+    });
+  }
+}
+
+module.exports = NoTimestamp;
diff --git a/src/internal-server/app/Models/User.js b/src/internal-server/app/Models/User.js
new file mode 100644
index 000000000..907710d8d
--- /dev/null
+++ b/src/internal-server/app/Models/User.js
@@ -0,0 +1,8 @@
+// File is required by AdonisJS but not used by the server
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class User extends Model {
+}
+
+module.exports = User;
diff --git a/src/internal-server/app/Models/Workspace.js b/src/internal-server/app/Models/Workspace.js
new file mode 100644
index 000000000..dcf39ac75
--- /dev/null
+++ b/src/internal-server/app/Models/Workspace.js
@@ -0,0 +1,7 @@
+/** @type {typeof import('@adonisjs/lucid/src/Lucid/Model')} */
+const Model = use('Model');
+
+class Workspace extends Model {
+}
+
+module.exports = Workspace;
diff --git a/src/internal-server/config/app.js b/src/internal-server/config/app.js
new file mode 100644
index 000000000..0a1644932
--- /dev/null
+++ b/src/internal-server/config/app.js
@@ -0,0 +1,240 @@
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+
+  /*
+  |--------------------------------------------------------------------------
+  | Application Name
+  |--------------------------------------------------------------------------
+  |
+  | This value is the name of your application and can used when you
+  | need to place the application's name in a email, view or
+  | other location.
+  |
+  */
+
+  name: Env.get('APP_NAME', 'Ferdi Internal Server'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | App Key
+  |--------------------------------------------------------------------------
+  |
+  | App key is a randomly generated 16 or 32 characters long string required
+  | to encrypt cookies, sessions and other sensitive data.
+  |
+  */
+  appKey: Env.getOrFail('APP_KEY'),
+
+  http: {
+    /*
+    |--------------------------------------------------------------------------
+    | Allow Method Spoofing
+    |--------------------------------------------------------------------------
+    |
+    | Method spoofing allows to make requests by spoofing the http verb.
+    | Which means you can make a GET request but instruct the server to
+    | treat as a POST or PUT request. If you want this feature, set the
+    | below value to true.
+    |
+    */
+    allowMethodSpoofing: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Trust Proxy
+    |--------------------------------------------------------------------------
+    |
+    | Trust proxy defines whether X-Forwarded-* headers should be trusted or not.
+    | When your application is behind a proxy server like nginx, these values
+    | are set automatically and should be trusted. Apart from setting it
+    | to true or false Adonis supports handful or ways to allow proxy
+    | values. Read documentation for that.
+    |
+    */
+    trustProxy: false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Subdomains
+    |--------------------------------------------------------------------------
+    |
+    | Offset to be used for returning subdomains for a given request.For
+    | majority of applications it will be 2, until you have nested
+    | sudomains.
+    | cheatsheet.adonisjs.com      - offset - 2
+    | virk.cheatsheet.adonisjs.com - offset - 3
+    |
+    */
+    subdomainOffset: 2,
+
+    /*
+    |--------------------------------------------------------------------------
+    | JSONP Callback
+    |--------------------------------------------------------------------------
+    |
+    | Default jsonp callback to be used when callback query string is missing
+    | in request url.
+    |
+    */
+    jsonpCallback: 'callback',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Etag
+    |--------------------------------------------------------------------------
+    |
+    | Set etag on all HTTP response. In order to disable for selected routes,
+    | you can call the `response.send` with an options object as follows.
+    |
+    | response.send('Hello', { ignoreEtag: true })
+    |
+    */
+    etag: false,
+  },
+
+  views: {
+    /*
+    |--------------------------------------------------------------------------
+    | Cache Views
+    |--------------------------------------------------------------------------
+    |
+    | Define whether or not to cache the compiled view. Set it to true in
+    | production to optimize view loading time.
+    |
+    */
+    cache: Env.get('CACHE_VIEWS', true),
+  },
+
+  static: {
+    /*
+    |--------------------------------------------------------------------------
+    | Dot Files
+    |--------------------------------------------------------------------------
+    |
+    | Define how to treat dot files when trying to server static resources.
+    | By default it is set to ignore, which will pretend that dotfiles
+    | does not exists.
+    |
+    | Can be one of the following
+    | ignore, deny, allow
+    |
+    */
+    dotfiles: 'ignore',
+
+    /*
+    |--------------------------------------------------------------------------
+    | ETag
+    |--------------------------------------------------------------------------
+    |
+    | Enable or disable etag generation
+    |
+    */
+    etag: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Extensions
+    |--------------------------------------------------------------------------
+    |
+    | Set file extension fallbacks. When set, if a file is not found, the given
+    | extensions will be added to the file name and search for. The first
+    | that exists will be served. Example: ['html', 'htm'].
+    |
+    */
+    extensions: false,
+  },
+
+  locales: {
+    /*
+    |--------------------------------------------------------------------------
+    | Loader
+    |--------------------------------------------------------------------------
+    |
+    | The loader to be used for fetching and updating locales. Below is the
+    | list of available options.
+    |
+    | file, database
+    |
+    */
+    loader: 'file',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Default Locale
+    |--------------------------------------------------------------------------
+    |
+    | Default locale to be used by Antl provider. You can always switch drivers
+    | in runtime or use the official Antl middleware to detect the driver
+    | based on HTTP headers/query string.
+    |
+    */
+    locale: 'en',
+  },
+
+  logger: {
+    /*
+    |--------------------------------------------------------------------------
+    | Transport
+    |--------------------------------------------------------------------------
+    |
+    | Transport to be used for logging messages. You can have multiple
+    | transports using same driver.
+    |
+    | Available drivers are: `file` and `console`.
+    |
+    */
+    transport: 'console',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Console Transport
+    |--------------------------------------------------------------------------
+    |
+    | Using `console` driver for logging. This driver writes to `stdout`
+    | and `stderr`
+    |
+    */
+    console: {
+      driver: 'console',
+      name: 'adonis-app',
+      level: 'info',
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | File Transport
+    |--------------------------------------------------------------------------
+    |
+    | File transport uses file driver and writes log messages for a given
+    | file inside `tmp` directory for your app.
+    |
+    | For a different directory, set an absolute path for the filename.
+    |
+    */
+    file: {
+      driver: 'file',
+      name: 'adonis-app',
+      filename: 'adonis.log',
+      level: 'info',
+    },
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Generic Cookie Options
+  |--------------------------------------------------------------------------
+  |
+  | The following cookie options are generic settings used by AdonisJs to create
+  | cookies. However, some parts of the application like `sessions` can have
+  | separate settings for cookies inside `config/session.js`.
+  |
+  */
+  cookie: {
+    httpOnly: true,
+    sameSite: false,
+    path: '/',
+    maxAge: 7200,
+  },
+};
diff --git a/src/internal-server/config/auth.js b/src/internal-server/config/auth.js
new file mode 100644
index 000000000..adb38126a
--- /dev/null
+++ b/src/internal-server/config/auth.js
@@ -0,0 +1,92 @@
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Authenticator
+  |--------------------------------------------------------------------------
+  |
+  | Authentication is a combination of serializer and scheme with extra
+  | config to define on how to authenticate a user.
+  |
+  | Available Schemes - basic, session, jwt, api
+  | Available Serializers - lucid, database
+  |
+  */
+  authenticator: 'jwt',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Session
+  |--------------------------------------------------------------------------
+  |
+  | Session authenticator makes use of sessions to authenticate a user.
+  | Session authentication is always persistent.
+  |
+  */
+  session: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'session',
+    uid: 'email',
+    password: 'password',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Basic Auth
+  |--------------------------------------------------------------------------
+  |
+  | The basic auth authenticator uses basic auth header to authenticate a
+  | user.
+  |
+  | NOTE:
+  | This scheme is not persistent and users are supposed to pass
+  | login credentials on each request.
+  |
+  */
+  basic: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'basic',
+    uid: 'email',
+    password: 'password',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Jwt
+  |--------------------------------------------------------------------------
+  |
+  | The jwt authenticator works by passing a jwt token on each HTTP request
+  | via HTTP `Authorization` header.
+  |
+  */
+  jwt: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'jwt',
+    uid: 'email',
+    password: 'password',
+    options: {
+      secret: Env.get('APP_KEY'),
+    },
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Api
+  |--------------------------------------------------------------------------
+  |
+  | The Api scheme makes use of API personal tokens to authenticate a user.
+  |
+  */
+  api: {
+    serializer: 'lucid',
+    model: 'App/Models/User',
+    scheme: 'api',
+    uid: 'email',
+    password: 'password',
+  },
+};
diff --git a/src/internal-server/config/bodyParser.js b/src/internal-server/config/bodyParser.js
new file mode 100644
index 000000000..8a5406f9e
--- /dev/null
+++ b/src/internal-server/config/bodyParser.js
@@ -0,0 +1,155 @@
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | JSON Parser
+  |--------------------------------------------------------------------------
+  |
+  | Below settings are applied when the request body contains a JSON payload.
+  | If you want body parser to ignore JSON payloads, then simply set `types`
+  | to an empty array.
+  */
+  json: {
+    /*
+    |--------------------------------------------------------------------------
+    | limit
+    |--------------------------------------------------------------------------
+    |
+    | Defines the limit of JSON that can be sent by the client. If payload
+    | is over 1mb it will not be processed.
+    |
+    */
+    limit: '50mb',
+
+    /*
+    |--------------------------------------------------------------------------
+    | strict
+    |--------------------------------------------------------------------------
+    |
+    | When `strict` is set to true, body parser will only parse Arrays and
+    | Object. Otherwise everything parseable by `JSON.parse` is parsed.
+    |
+    */
+    strict: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | types
+    |--------------------------------------------------------------------------
+    |
+    | Which content types are processed as JSON payloads. You are free to
+    | add your own types here, but the request body should be parseable
+    | by `JSON.parse` method.
+    |
+    */
+    types: [
+      'application/json',
+      'application/json-patch+json',
+      'application/vnd.api+json',
+      'application/csp-report',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Raw Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  raw: {
+    types: [
+      'text/*',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Form Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  form: {
+    types: [
+      'application/x-www-form-urlencoded',
+    ],
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Files Parser
+  |--------------------------------------------------------------------------
+  |
+  |
+  |
+  */
+  files: {
+    types: [
+      'multipart/form-data',
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Max Size
+    |--------------------------------------------------------------------------
+    |
+    | Below value is the max size of all the files uploaded to the server. It
+    | is validated even before files have been processed and hard exception
+    | is thrown.
+    |
+    | Consider setting a reasonable value here, otherwise people may upload GB's
+    | of files which will keep your server busy.
+    |
+    | Also this value is considered when `autoProcess` is set to true.
+    |
+    */
+    maxSize: '20mb',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Auto Process
+    |--------------------------------------------------------------------------
+    |
+    | Whether or not to auto-process files. Since HTTP servers handle files via
+    | couple of specific endpoints. It is better to set this value off and
+    | manually process the files when required.
+    |
+    | This value can contain a boolean or an array of route patterns
+    | to be autoprocessed.
+    */
+    autoProcess: true,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Process Manually
+    |--------------------------------------------------------------------------
+    |
+    | The list of routes that should not process files and instead rely on
+    | manual process. This list should only contain routes when autoProcess
+    | is to true. Otherwise everything is processed manually.
+    |
+    */
+    processManually: [],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Temporary file name
+    |--------------------------------------------------------------------------
+    |
+    | Define a function, which should return a string to be used as the
+    | tmp file name.
+    |
+    | If not defined, Bodyparser will use `uuid` as the tmp file name.
+    |
+    | To be defined as. If you are defining the function, then do make sure
+    | to return a value from it.
+    |
+    | tmpFileName () {
+    |   return 'some-unique-value'
+    | }
+    |
+    */
+  },
+};
diff --git a/src/internal-server/config/cors.js b/src/internal-server/config/cors.js
new file mode 100644
index 000000000..ca57dff0d
--- /dev/null
+++ b/src/internal-server/config/cors.js
@@ -0,0 +1,85 @@
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Origin
+  |--------------------------------------------------------------------------
+  |
+  | Set a list of origins to be allowed. The value can be one of the following
+  |
+  | Boolean: true - Allow current request origin
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed origins
+  | Array - An array of allowed origins
+  | String: * - A wildcard to allow current request origin
+  | Function - Receives the current origin and should return one of the above values.
+  |
+  */
+  origin: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Methods
+  |--------------------------------------------------------------------------
+  |
+  | HTTP methods to be allowed. The value can be one of the following
+  |
+  | String - Comma separated list of allowed methods
+  | Array - An array of allowed methods
+  |
+  */
+  methods: ['GET', 'PUT', 'PATCH', 'POST', 'DELETE'],
+
+  /*
+  |--------------------------------------------------------------------------
+  | Headers
+  |--------------------------------------------------------------------------
+  |
+  | List of headers to be allowed via Access-Control-Request-Headers header.
+  | The value can be one of the following.
+  |
+  | Boolean: true - Allow current request headers
+  | Boolean: false - Disallow all
+  | String - Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  | String: * - A wildcard to allow current request headers
+  | Function - Receives the current header and should return one of the above values.
+  |
+  */
+  headers: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Expose Headers
+  |--------------------------------------------------------------------------
+  |
+  | A list of headers to be exposed via `Access-Control-Expose-Headers`
+  | header. The value can be one of the following.
+  |
+  | Boolean: false - Disallow all
+  | String: Comma separated list of allowed headers
+  | Array - An array of allowed headers
+  |
+  */
+  exposeHeaders: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Credentials
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Credentials header. It should always be a
+  | boolean.
+  |
+  */
+  credentials: false,
+
+  /*
+  |--------------------------------------------------------------------------
+  | MaxAge
+  |--------------------------------------------------------------------------
+  |
+  | Define Access-Control-Allow-Max-Age
+  |
+  */
+  maxAge: 90,
+};
diff --git a/src/internal-server/config/database.js b/src/internal-server/config/database.js
new file mode 100644
index 000000000..1b5974359
--- /dev/null
+++ b/src/internal-server/config/database.js
@@ -0,0 +1,82 @@
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+const dbPath = process.env.DB_PATH;
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Default Connection
+  |--------------------------------------------------------------------------
+  |
+  | Connection defines the default connection settings to be used while
+  | interacting with SQL databases.
+  |
+  */
+  connection: Env.get('DB_CONNECTION', 'sqlite'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Sqlite
+  |--------------------------------------------------------------------------
+  |
+  | Sqlite is a flat file database and can be a good choice for a development
+  | environment.
+  |
+  | npm i --save sqlite3
+  |
+  */
+  sqlite: {
+    client: 'sqlite3',
+    connection: {
+      // filename: Helpers.databasePath(`${Env.get('DB_DATABASE', 'development')}.sqlite`),
+      filename: dbPath,
+    },
+    useNullAsDefault: true,
+    debug: Env.get('DB_DEBUG', false),
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | MySQL
+  |--------------------------------------------------------------------------
+  |
+  | Here we define connection settings for MySQL database.
+  |
+  | npm i --save mysql
+  |
+  */
+  mysql: {
+    client: 'mysql',
+    connection: {
+      host: Env.get('DB_HOST', 'localhost'),
+      port: Env.get('DB_PORT', ''),
+      user: Env.get('DB_USER', 'root'),
+      password: Env.get('DB_PASSWORD', ''),
+      database: Env.get('DB_DATABASE', 'adonis'),
+    },
+    debug: Env.get('DB_DEBUG', false),
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | PostgreSQL
+  |--------------------------------------------------------------------------
+  |
+  | Here we define connection settings for PostgreSQL database.
+  |
+  | npm i --save pg
+  |
+  */
+  pg: {
+    client: 'pg',
+    connection: {
+      host: Env.get('DB_HOST', 'localhost'),
+      port: Env.get('DB_PORT', ''),
+      user: Env.get('DB_USER', 'root'),
+      password: Env.get('DB_PASSWORD', ''),
+      database: Env.get('DB_DATABASE', 'adonis'),
+    },
+    debug: Env.get('DB_DEBUG', false),
+  },
+};
diff --git a/src/internal-server/config/drive.js b/src/internal-server/config/drive.js
new file mode 100644
index 000000000..617ce470a
--- /dev/null
+++ b/src/internal-server/config/drive.js
@@ -0,0 +1,45 @@
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Default disk
+  |--------------------------------------------------------------------------
+  |
+  | The default disk is used when you interact with the file system without
+  | defining a disk name
+  |
+  */
+  default: 'local',
+
+  disks: {
+    /*
+    |--------------------------------------------------------------------------
+    | Local
+    |--------------------------------------------------------------------------
+    |
+    | Local disk interacts with the a local folder inside your application
+    |
+    */
+    local: {
+      root: `${__dirname}/../recipes`,
+      driver: 'local',
+    },
+
+    /*
+    |--------------------------------------------------------------------------
+    | S3
+    |--------------------------------------------------------------------------
+    |
+    | S3 disk interacts with a bucket on aws s3
+    |
+    */
+    s3: {
+      driver: 's3',
+      key: Env.get('S3_KEY'),
+      secret: Env.get('S3_SECRET'),
+      bucket: Env.get('S3_BUCKET'),
+      region: Env.get('S3_REGION'),
+    },
+  },
+};
diff --git a/src/internal-server/config/hash.js b/src/internal-server/config/hash.js
new file mode 100644
index 000000000..bbf32f691
--- /dev/null
+++ b/src/internal-server/config/hash.js
@@ -0,0 +1,47 @@
+/** @type {import('@adonisjs/framework/src/Env')} */
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Driver
+  |--------------------------------------------------------------------------
+  |
+  | Driver to be used for hashing values. The same driver is used by the
+  | auth module too.
+  |
+  */
+  driver: Env.get('HASH_DRIVER', 'bcrypt'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Bcrypt
+  |--------------------------------------------------------------------------
+  |
+  | Config related to bcrypt hashing. https://www.npmjs.com/package/bcrypt
+  | package is used internally.
+  |
+  */
+  bcrypt: {
+    rounds: 10,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Argon
+  |--------------------------------------------------------------------------
+  |
+  | Config related to argon. https://www.npmjs.com/package/argon2 package is
+  | used internally.
+  |
+  | Since argon is optional, you will have to install the dependency yourself
+  |
+  |============================================================================
+  | npm i argon2
+  |============================================================================
+  |
+  */
+  argon: {
+    type: 1,
+  },
+};
diff --git a/src/internal-server/config/session.js b/src/internal-server/config/session.js
new file mode 100644
index 000000000..62c4f9cc8
--- /dev/null
+++ b/src/internal-server/config/session.js
@@ -0,0 +1,97 @@
+const Env = use('Env');
+
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Session Driver
+  |--------------------------------------------------------------------------
+  |
+  | The session driver to be used for storing session values. It can be
+  | cookie, file or redis.
+  |
+  | For `redis` driver, make sure to install and register `@adonisjs/redis`
+  |
+  */
+  driver: Env.get('SESSION_DRIVER', 'cookie'),
+
+  /*
+  |--------------------------------------------------------------------------
+  | Cookie Name
+  |--------------------------------------------------------------------------
+  |
+  | The name of the cookie to be used for saving session id. Session ids
+  | are signed and encrypted.
+  |
+  */
+  cookieName: 'adonis-session',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Clear session when browser closes
+  |--------------------------------------------------------------------------
+  |
+  | If this value is true, the session cookie will be temporary and will be
+  | removed when browser closes.
+  |
+  */
+  clearWithBrowser: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | Session age
+  |--------------------------------------------------------------------------
+  |
+  | This value is only used when `clearWithBrowser` is set to false. The
+  | age must be a valid https://npmjs.org/package/ms string or should
+  | be in milliseconds.
+  |
+  | Valid values are:
+  |  '2h', '10d', '5y', '2.5 hrs'
+  |
+  */
+  age: '2h',
+
+  /*
+  |--------------------------------------------------------------------------
+  | Cookie options
+  |--------------------------------------------------------------------------
+  |
+  | Cookie options defines the options to be used for setting up session
+  | cookie
+  |
+  */
+  cookie: {
+    httpOnly: true,
+    path: '/',
+    sameSite: false,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Sessions location
+  |--------------------------------------------------------------------------
+  |
+  | If driver is set to file, we need to define the relative location from
+  | the temporary path or absolute url to any location.
+  |
+  */
+  file: {
+    location: 'sessions',
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Redis config
+  |--------------------------------------------------------------------------
+  |
+  | The configuration for the redis driver.
+  |
+  */
+  redis: {
+    host: '127.0.0.1',
+    port: 6379,
+    password: null,
+    db: 0,
+    keyPrefix: '',
+  },
+};
diff --git a/src/internal-server/config/shield.js b/src/internal-server/config/shield.js
new file mode 100644
index 000000000..76f430e91
--- /dev/null
+++ b/src/internal-server/config/shield.js
@@ -0,0 +1,143 @@
+module.exports = {
+  /*
+  |--------------------------------------------------------------------------
+  | Content Security Policy
+  |--------------------------------------------------------------------------
+  |
+  | Content security policy filters out the origins not allowed to execute
+  | and load resources like scripts, styles and fonts. There are wide
+  | variety of options to choose from.
+  */
+  csp: {
+    /*
+    |--------------------------------------------------------------------------
+    | Directives
+    |--------------------------------------------------------------------------
+    |
+    | All directives are defined in camelCase and here is the list of
+    | available directives and their possible values.
+    |
+    | https://content-security-policy.com
+    |
+    | @example
+    | directives: {
+    |   defaultSrc: ['self', '@nonce', 'cdnjs.cloudflare.com']
+    | }
+    |
+    */
+    directives: {
+    },
+    /*
+    |--------------------------------------------------------------------------
+    | Report only
+    |--------------------------------------------------------------------------
+    |
+    | Setting `reportOnly=true` will not block the scripts from running and
+    | instead report them to a URL.
+    |
+    */
+    reportOnly: false,
+    /*
+    |--------------------------------------------------------------------------
+    | Set all headers
+    |--------------------------------------------------------------------------
+    |
+    | Headers staring with `X` have been depreciated, since all major browsers
+    | supports the standard CSP header. So its better to disable deperciated
+    | headers, unless you want them to be set.
+    |
+    */
+    setAllHeaders: false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Disable on android
+    |--------------------------------------------------------------------------
+    |
+    | Certain versions of android are buggy with CSP policy. So you can set
+    | this value to true, to disable it for Android versions with buggy
+    | behavior.
+    |
+    | Here is an issue reported on a different package, but helpful to read
+    | if you want to know the behavior. https://github.com/helmetjs/helmet/pull/82
+    |
+    */
+    disableAndroid: true,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | X-XSS-Protection
+  |--------------------------------------------------------------------------
+  |
+  | X-XSS Protection saves from applications from XSS attacks. It is adopted
+  | by IE and later followed by some other browsers.
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+  |
+  */
+  xss: {
+    enabled: true,
+    enableOnOldIE: false,
+  },
+
+  /*
+  |--------------------------------------------------------------------------
+  | Iframe Options
+  |--------------------------------------------------------------------------
+  |
+  | xframe defines whether or not your website can be embedded inside an
+  | iframe. Choose from one of the following options.
+  | @available options
+  | DENY, SAMEORIGIN, ALLOW-FROM http://example.com
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+  */
+  xframe: 'DENY',
+
+  /*
+  |--------------------------------------------------------------------------
+  | No Sniff
+  |--------------------------------------------------------------------------
+  |
+  | Browsers have a habit of sniffing content-type of a response. Which means
+  | files with .txt extension containing Javascript code will be executed as
+  | Javascript. You can disable this behavior by setting nosniff to false.
+  |
+  | Learn more at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+  |
+  */
+  nosniff: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | No Open
+  |--------------------------------------------------------------------------
+  |
+  | IE users can execute webpages in the context of your website, which is
+  | a serious security risk. Below option will manage this for you.
+  |
+  */
+  noopen: true,
+
+  /*
+  |--------------------------------------------------------------------------
+  | CSRF Protection
+  |--------------------------------------------------------------------------
+  |
+  | CSRF Protection adds another layer of security by making sure, actionable
+  | routes does have a valid token to execute an action.
+  |
+  */
+  csrf: {
+    enable: true,
+    methods: ['POST', 'PUT', 'DELETE'],
+    filterUris: [],
+    cookieOptions: {
+      httpOnly: false,
+      sameSite: true,
+      path: '/',
+      maxAge: 7200,
+    },
+  },
+};
diff --git a/src/internal-server/database/factory.js b/src/internal-server/database/factory.js
new file mode 100644
index 000000000..8534fc20a
--- /dev/null
+++ b/src/internal-server/database/factory.js
@@ -0,0 +1,19 @@
+/*
+|--------------------------------------------------------------------------
+| Factory
+|--------------------------------------------------------------------------
+|
+| Factories are used to define blueprints for database tables or Lucid
+| models. Later you can use these blueprints to seed your database
+| with dummy data.
+|
+*/
+
+/** @type {import('@adonisjs/lucid/src/Factory')} */
+// const Factory = use('Factory')
+
+// Factory.blueprint('App/Models/User', (faker) => {
+//   return {
+//     username: faker.username()
+//   }
+// })
diff --git a/src/internal-server/database/migrations/1503250034279_user.js b/src/internal-server/database/migrations/1503250034279_user.js
new file mode 100644
index 000000000..80b49020a
--- /dev/null
+++ b/src/internal-server/database/migrations/1503250034279_user.js
@@ -0,0 +1,18 @@
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class UserSchema extends Schema {
+  up() {
+    this.create('users', (table) => {
+      table.increments();
+      table.json('settings');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('users');
+  }
+}
+
+module.exports = UserSchema;
diff --git a/src/internal-server/database/migrations/1566385379883_service_schema.js b/src/internal-server/database/migrations/1566385379883_service_schema.js
new file mode 100644
index 000000000..d887ef193
--- /dev/null
+++ b/src/internal-server/database/migrations/1566385379883_service_schema.js
@@ -0,0 +1,21 @@
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class ServiceSchema extends Schema {
+  up() {
+    this.create('services', (table) => {
+      table.increments();
+      table.string('serviceId', 80).notNullable();
+      table.string('name', 80).notNullable();
+      table.string('recipeId', 254).notNullable();
+      table.json('settings');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('services');
+  }
+}
+
+module.exports = ServiceSchema;
diff --git a/src/internal-server/database/migrations/1566554231482_recipe_schema.js b/src/internal-server/database/migrations/1566554231482_recipe_schema.js
new file mode 100644
index 000000000..514d57600
--- /dev/null
+++ b/src/internal-server/database/migrations/1566554231482_recipe_schema.js
@@ -0,0 +1,20 @@
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class RecipeSchema extends Schema {
+  up() {
+    this.create('recipes', (table) => {
+      table.increments();
+      table.string('name', 80).notNullable();
+      table.string('recipeId', 254).notNullable().unique();
+      table.json('data');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('recipes');
+  }
+}
+
+module.exports = RecipeSchema;
diff --git a/src/internal-server/database/migrations/1566554359294_workspace_schema.js b/src/internal-server/database/migrations/1566554359294_workspace_schema.js
new file mode 100644
index 000000000..421a406b5
--- /dev/null
+++ b/src/internal-server/database/migrations/1566554359294_workspace_schema.js
@@ -0,0 +1,22 @@
+/** @type {import('@adonisjs/lucid/src/Schema')} */
+const Schema = use('Schema');
+
+class WorkspaceSchema extends Schema {
+  up() {
+    this.create('workspaces', (table) => {
+      table.increments();
+      table.string('workspaceId', 80).notNullable().unique();
+      table.string('name', 80).notNullable();
+      table.integer('order');
+      table.json('services');
+      table.json('data');
+      table.timestamps();
+    });
+  }
+
+  down() {
+    this.drop('workspaces');
+  }
+}
+
+module.exports = WorkspaceSchema;
diff --git a/src/internal-server/database/template.sqlite b/src/internal-server/database/template.sqlite
new file mode 100644
index 000000000..3750f92c7
--- /dev/null
+++ b/src/internal-server/database/template.sqlite
diff --git a/src/internal-server/env.ini b/src/internal-server/env.ini
new file mode 100644
index 000000000..902e8e4c8
--- /dev/null
+++ b/src/internal-server/env.ini
@@ -0,0 +1,16 @@
+HOST=127.0.0.1
+PORT=45569
+NODE_ENV=development
+APP_NAME=Ferdi Internal Server
+APP_URL=http://${HOST}:${PORT}
+CACHE_VIEWS=false
+APP_KEY=FERDIINTERNALSERVER
+DB_CONNECTION=sqlite
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_USER=root
+DB_PASSWORD=
+DB_DATABASE=ferdi
+HASH_DRIVER=bcrypt
+IS_CREATION_ENABLED=true
+CONNECT_WITH_FRANZ=true
\ No newline at end of file
diff --git a/src/internal-server/package.json b/src/internal-server/package.json
new file mode 100644
index 000000000..14ab704d8
--- /dev/null
+++ b/src/internal-server/package.json
@@ -0,0 +1,3 @@
+{
+  "main": "index.js"
+}
diff --git a/src/internal-server/public/css/main.css b/src/internal-server/public/css/main.css
new file mode 100644
index 000000000..a1c5653d7
--- /dev/null
+++ b/src/internal-server/public/css/main.css
@@ -0,0 +1,69 @@
+input {
+  margin-bottom: 1rem;
+  width: 100%;
+  padding: 0.5rem;
+}
+
+button, .button {
+  display: flex;
+  overflow: hidden;
+  padding: 12px 12px;
+  cursor: pointer;
+  width: 100%;
+  -webkit-user-select: none;
+  -moz-user-select: none;
+  -ms-user-select: none;
+  user-select: none;
+  transition: all 150ms linear;
+  text-align: center;
+  white-space: nowrap;
+  text-decoration: none !important;
+  text-transform: none;
+  text-transform: capitalize;
+  color: #fff !important;
+  border: 0 none;
+  border-radius: 4px;
+  font-size: 13px;
+  font-weight: 500;
+  line-height: 1.3;
+  -webkit-appearance: none;
+  -moz-appearance: none;
+  appearance: none;
+  justify-content: center;
+  align-items: center;
+  flex: 0 0 160px;
+  box-shadow: 2px 5px 10px #e4e4e4;
+  color: #FFFFFF;
+  background: #161616;
+}
+
+#dropzone {
+  width: 100%;
+  height: 30vh;
+  background-color: #ebebeb;
+
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+
+  cursor: pointer;
+}
+
+#dropzone p {
+  font-size: 0.85rem;
+}
+
+#files {
+  display: none;
+}
+
+.alert {
+  background-color: #e7a8a6;
+  padding: 0.8rem;
+  margin-bottom: 1rem;
+}
+
+td {
+  word-break: break-all;
+}
\ No newline at end of file
diff --git a/src/internal-server/public/css/vanilla.css b/src/internal-server/public/css/vanilla.css
new file mode 100644
index 000000000..37bc051a2
--- /dev/null
+++ b/src/internal-server/public/css/vanilla.css
@@ -0,0 +1,138 @@
+/* Reset */
+html, body, div, span, applet, object, iframe,
+h1, h2, h3, h4, h5, h6, p, blockquote, pre,
+a, abbr, acronym, address, big, cite, code,
+del, dfn, em, img, ins, kbd, q, s, samp,
+small, strike, strong, sub, sup, tt, var,
+b, u, i, center,
+dl, dt, dd, ol, ul, li,
+fieldset, form, label, legend,
+table, caption, tbody, tfoot, thead, tr, th, td,
+article, aside, canvas, details, embed, 
+figure, figcaption, footer, header, hgroup, 
+menu, nav, output, ruby, section, summary,
+time, mark, audio, video {
+    margin: 0;
+    padding: 0;
+    border: 0;
+    font-size: 100%;
+    font: inherit;
+    vertical-align: baseline;
+}
+* {
+    box-sizing: border-box;
+}
+
+
+
+/* Variables */
+:root {
+    --desktop-font-size: 1.3rem/1.5;
+    --mobile-font-size: 1.1rem/1.4;
+    --text-color: #2d2d2d;
+    --link-color: blue;
+    --primary-color: lightsteelblue;
+    --secondary-color: aliceblue;
+    --tertiary-color: whitesmoke;
+}
+
+
+
+
+/* Typography */
+body { 
+    color: var(--text-color);
+    padding: 3rem;
+    font: var(--desktop-font-size) -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto, Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji", "Segoe UI Symbol";
+}
+
+h1,h2,h3,h4,h5,h6,p,blockquote,dl,img,figure {
+    margin: 2rem 0;
+}
+
+h1,h2,h3,h4,h5,h6 { font-weight: bold; }
+h1 { font-size: 200%; }
+h2 { font-size: 150%; }
+h3 { font-size: 120%; }
+h4,h5,h6 { font-size: 100%; }
+h5, h6 { text-transform: uppercase; }
+
+header h1 { border-bottom: 1px solid; }
+
+p { margin: 2rem 0; }
+
+a,a:visited { color: var(--link-color); }
+
+strong, time, b { font-weight: bold; }
+em, dfn, i { font-style: italic; }
+sub { font-size: 60%; vertical-align: bottom; }
+small { font-size: 80%; }
+
+blockquote, q {
+    background: var(--secondary-color);
+    border-left: 10px solid var(--primary-color);
+    font-family: "Georgia", serif; 
+    padding: 1rem;
+}
+blockquote p:first-child { margin-top: 0; }
+cite { 
+    font-family: "Georgia", serif; 
+    font-style: italic;
+    font-weight: bold;
+}
+
+kbd,code,samp,pre,var { font-family: monospace; font-weight: bold; }
+code, pre {
+    background: var(--tertiary-color);
+    padding: 0.5rem 1rem;
+}
+code pre , pre code { padding: 0; }
+
+
+
+/* Elements */
+hr {
+    background: var(--text-color);
+    border: 0;
+    height: 1px;
+    margin: 4rem 0;
+}
+
+img { max-width: 100%; }
+
+figure { 
+    border: 1px solid var(--primary-color);
+    display: inline-block;
+    padding: 1rem; 
+    width: auto;
+}
+figure img { margin: 0; }
+figure figcaption { font-size: 80%; }
+
+ul, ol { margin: 2rem 0; padding: 0 0 0 4rem; }
+
+dl dd { padding-left: 2rem; }
+
+table {
+    border: 1px solid var(--primary-color);
+    border-collapse: collapse;
+    table-layout: fixed;
+    width: 100%; 
+}
+table caption { margin: 2rem 0; }
+table thead { text-align: center; }
+table tbody { text-align: right; }
+table tr { border-bottom: 1px solid var(--primary-color); }
+table tbody tr:nth-child(even) { background: var(--tertiary-color); }
+table th { background: var(--secondary-color); font-weight: bold; }
+table th, table td { padding: 1rem; }
+table th:not(last-of-type), table td:not(last-of-type) { border-right: 1px solid var(--primary-color); }
+
+
+
+/* Mobile Styling */
+@media screen and (max-width: 50rem) {
+    body {
+        font: var(--mobile-font-size) -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto, Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji", "Segoe UI Symbol"
+    }
+}
\ No newline at end of file
diff --git a/src/internal-server/public/images/logo.png b/src/internal-server/public/images/logo.png
new file mode 100644
index 000000000..4145a077a
--- /dev/null
+++ b/src/internal-server/public/images/logo.png
diff --git a/src/internal-server/public/js/transfer.js b/src/internal-server/public/js/transfer.js
new file mode 100644
index 000000000..c04a6d3b1
--- /dev/null
+++ b/src/internal-server/public/js/transfer.js
@@ -0,0 +1,14 @@
+/* eslint-env browser */
+const submitBtn = document.getElementById('submit');
+const fileInput = document.getElementById('file');
+const fileOutput = document.getElementById('fileoutput');
+
+fileInput.addEventListener('change', () => {
+  const reader = new FileReader();
+  reader.onload = function () {
+    const text = reader.result;
+    fileOutput.value = text;
+    submitBtn.disabled = false;
+  };
+  reader.readAsText(fileInput.files[0]);
+});
diff --git a/src/internal-server/resources/views/import.edge b/src/internal-server/resources/views/import.edge
new file mode 100644
index 000000000..561021a0c
--- /dev/null
+++ b/src/internal-server/resources/views/import.edge
@@ -0,0 +1,18 @@
+@layout('layouts.main')
+
+@section('content')
+<h1>Import a Franz account</h1>
+<p>Please login using your Franz account. We will import your services and workspaces.</p>
+<form action="import" method="post">
+  <label for="email">E-Mail address</label><br />
+  <input type="email" name="email" placeholder="joe@example.com" required><br />
+
+  <label for="password">Password</label><br />
+  <input type="password" name="password" placeholder="********" required><br />
+
+  <label for="server">API Server to import from</label><br />
+  <input type="text" name="server" value="https://api.franzinfra.com" required><br />
+
+  <button type="submit" id="submitbutton">Import Franz account</button>
+</form>
+@endsection
diff --git a/src/internal-server/resources/views/index.edge b/src/internal-server/resources/views/index.edge
new file mode 100644
index 000000000..b01bd7569
--- /dev/null
+++ b/src/internal-server/resources/views/index.edge
@@ -0,0 +1,19 @@
+@layout('layouts.main')
+
+@section('content')
+<style>
+  ol,
+  p {
+    margin: 0.5rem 0;
+  }
+
+</style>
+<h1>Internal Ferdi Server</h1>
+<p>You are accessing the local server instance of your Ferdi application. This server is used to enable Ferdi's "Use without an Account" feature.</p>
+<p>
+  To use Ferdi without an account, log out of your current account (if you are already logged in) and choose "Use Ferdi without an Account".
+</p>
+<p>
+  Alternatively, you can <a href="/import">import your account from a remote server</a> or <a href="/transfer">import your data from a ".ferdi-data" file</a> or <a href="/transfer">export your data to a ".ferdi-data" file</a>.
+</p>
+@endsection
diff --git a/src/internal-server/resources/views/layouts/main.edge b/src/internal-server/resources/views/layouts/main.edge
new file mode 100644
index 000000000..8856b5d1e
--- /dev/null
+++ b/src/internal-server/resources/views/layouts/main.edge
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <meta http-equiv="X-UA-Compatible" content="ie=edge">
+  <title>ferdi-internal-server</title>
+
+  {{ style('css/vanilla') }}
+  {{ style('css/main') }}
+</head>
+
+<body>
+    <img src='images/logo.png' width='300' />
+    @!section('content')
+</body>
+
+</html>
diff --git a/src/internal-server/resources/views/transfer.edge b/src/internal-server/resources/views/transfer.edge
new file mode 100644
index 000000000..58febb24b
--- /dev/null
+++ b/src/internal-server/resources/views/transfer.edge
@@ -0,0 +1,32 @@
+@layout('layouts.main')
+
+@section('content')
+<h2>Import/Export data from another Ferdi server</h2>
+@if(success === true)
+    <div class="alert" style="background-color:#28C76F;">
+        Sucessfully imported your account data
+    </div>
+@endif
+
+<h3>Import data</h3>
+<div>
+  <label>Account data</label>
+  <div>
+    <input type="file" name="file" id="file" value="" accept=".json,.ferdi-data" required>
+  </div>
+</div>
+
+<form action="/transfer" method="POST">
+    <input type="hidden" name="file" id="fileoutput" value="">
+    <div>
+        <button style="background-color:#28C76F;margin-bottom:1rem;" id="submit" disabled>Import data</button>
+    </div>
+</form>
+
+<h3>Export data</h3>
+<a class="button" style="background-color:#28C76F;margin-bottom:1rem;" href="/export">Export data</a>
+
+</div>
+<script src="/js/transfer.js"></script>
+
+@endsection
\ No newline at end of file
diff --git a/src/internal-server/start.js b/src/internal-server/start.js
new file mode 100644
index 000000000..adcac0bec
--- /dev/null
+++ b/src/internal-server/start.js
@@ -0,0 +1,53 @@
+/*
+|--------------------------------------------------------------------------
+| Http server
+|--------------------------------------------------------------------------
+|
+| This file bootstraps Adonisjs to start the HTTP server. You are free to
+| customize the process of booting the http server.
+|
+| """ Loading ace commands """
+|     At times you may want to load ace commands when starting the HTTP server.
+|     Same can be done by chaining `loadCommands()` method after
+|
+| """ Preloading files """
+|     Also you can preload files by calling `preLoad('path/to/file')` method.
+|     Make sure to pass a relative path from the project root.
+*/
+process.env.FERDI_VERSION = '5.4.0-beta.5';
+
+const path = require('path');
+const fs = require('fs-extra');
+const os = require('os');
+
+process.env.ENV_PATH = path.join(__dirname, 'env.ini');
+
+const { Ignitor } = require('@adonisjs/ignitor');
+const fold = require('@adonisjs/fold');
+
+module.exports = async (userPath, port) => {
+  const dbPath = path.join(userPath, 'server.sqlite');
+  const dbTemplatePath = path.join(__dirname, 'database', 'template.sqlite');
+
+  if (!await fs.exists(dbPath)) {
+    // Manually copy file
+    // We can't use copyFile here as it will cause the file to be readonly on Windows
+    const dbTemplate = await fs.readFile(dbTemplatePath);
+    await fs.writeFile(dbPath, dbTemplate);
+
+    // Change permissions to ensure to file is not read-only
+    if (os.platform() === 'win32') {
+      // eslint-disable-next-line no-bitwise
+      fs.chmodSync(dbPath, fs.statSync(dbPath).mode | 146);
+    }
+  }
+
+  process.env.DB_PATH = dbPath;
+  process.env.USER_PATH = userPath;
+  process.env.PORT = port;
+
+  new Ignitor(fold)
+    .appRoot(__dirname)
+    .fireHttpServer()
+    .catch(console.error); // eslint-disable-line no-console
+};
diff --git a/src/internal-server/start/app.js b/src/internal-server/start/app.js
new file mode 100644
index 000000000..8b1a49f57
--- /dev/null
+++ b/src/internal-server/start/app.js
@@ -0,0 +1,61 @@
+/*
+|--------------------------------------------------------------------------
+| Providers
+|--------------------------------------------------------------------------
+|
+| Providers are building blocks for your Adonis app. Anytime you install
+| a new Adonis specific package, chances are you will register the
+| provider here.
+|
+*/
+const providers = [
+  '@adonisjs/framework/providers/AppProvider',
+  '@adonisjs/bodyparser/providers/BodyParserProvider',
+  '@adonisjs/cors/providers/CorsProvider',
+  '@adonisjs/lucid/providers/LucidProvider',
+  '@adonisjs/drive/providers/DriveProvider',
+  '@adonisjs/validator/providers/ValidatorProvider',
+  '@adonisjs/framework/providers/ViewProvider',
+  '@adonisjs/shield/providers/ShieldProvider',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Ace Providers
+|--------------------------------------------------------------------------
+|
+| Ace providers are required only when running ace commands. For example
+| Providers for migrations, tests etc.
+|
+*/
+const aceProviders = [
+  '@adonisjs/lucid/providers/MigrationsProvider',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Aliases
+|--------------------------------------------------------------------------
+|
+| Aliases are short unique names for IoC container bindings. You are free
+| to create your own aliases.
+|
+| For example:
+|   { Route: 'Adonis/Src/Route' }
+|
+*/
+const aliases = {};
+
+/*
+|--------------------------------------------------------------------------
+| Commands
+|--------------------------------------------------------------------------
+|
+| Here you store ace commands for your package
+|
+*/
+const commands = [];
+
+module.exports = {
+  providers, aceProviders, aliases, commands,
+};
diff --git a/src/internal-server/start/kernel.js b/src/internal-server/start/kernel.js
new file mode 100644
index 000000000..7b540f829
--- /dev/null
+++ b/src/internal-server/start/kernel.js
@@ -0,0 +1,55 @@
+/** @type {import('@adonisjs/framework/src/Server')} */
+const Server = use('Server');
+
+/*
+|--------------------------------------------------------------------------
+| Global Middleware
+|--------------------------------------------------------------------------
+|
+| Global middleware are executed on each http request only when the routes
+| match.
+|
+*/
+const globalMiddleware = [
+  'Adonis/Middleware/BodyParser',
+  'App/Middleware/ConvertEmptyStringsToNull',
+];
+
+/*
+|--------------------------------------------------------------------------
+| Named Middleware
+|--------------------------------------------------------------------------
+|
+| Named middleware is key/value object to conditionally add middleware on
+| specific routes or group of routes.
+|
+| // define
+| {
+|   auth: 'Adonis/Middleware/Auth'
+| }
+|
+| // use
+| Route.get().middleware('auth')
+|
+*/
+const namedMiddleware = {
+};
+
+/*
+|--------------------------------------------------------------------------
+| Server Middleware
+|--------------------------------------------------------------------------
+|
+| Server level middleware are executed even when route for a given URL is
+| not registered. Features like `static assets` and `cors` needs better
+| control over request lifecycle.
+|
+*/
+const serverMiddleware = [
+  'Adonis/Middleware/Static',
+];
+
+Server
+  .registerGlobal(globalMiddleware)
+  .registerNamed(namedMiddleware)
+  .use(serverMiddleware);
diff --git a/src/internal-server/start/migrate.js b/src/internal-server/start/migrate.js
new file mode 100644
index 000000000..6846beef6
--- /dev/null
+++ b/src/internal-server/start/migrate.js
@@ -0,0 +1,44 @@
+/**
+ * Migrate server database to work with current Ferdi version
+ */
+const Database = use('Database');
+const User = use('App/Models/User');
+
+const migrateLog = (text) => {
+  console.log('\x1b[36m%s\x1b[0m', 'Ferdi Migration:', '\x1b[0m', text);
+};
+
+module.exports = async () => {
+  migrateLog('🧙‍  Running database migration wizard');
+
+  // Make sure user table exists
+  await Database.raw('CREATE TABLE IF NOT EXISTS `users` (`id` integer not null primary key autoincrement, `settings` text, `created_at` datetime, `updated_at` datetime);');
+
+  const user = await User.find(1);
+  let settings;
+  if (!user) {
+    migrateLog('🎩  Migrating from old Ferdi version as user doesn\'t exist');
+
+    // Create new user
+    await Database.raw('INSERT INTO  "users" ("id") VALUES (\'1\');');
+  } else {
+    settings = typeof user.settings === 'string' ? JSON.parse(user.settings) : user.settings;
+  }
+
+  if (!settings || !settings.db_version || settings.db_version !== process.env.FERDI_VERSION) {
+    const srcVersion = settings && settings.db_version ? settings.db_version : '5.4.0-beta.2';
+    migrateLog(`🔮  Migrating table from ${srcVersion} to ${process.env.FERDI_VERSION}`);
+
+    // Migrate database to current Ferdi version
+    // Currently no migrations
+
+    // Update version number in database
+    if (!settings) settings = {};
+    settings.db_version = process.env.FERDI_VERSION;
+    const newUser = await User.find(1); // Fetch user again as we might have only just created it
+    newUser.settings = JSON.stringify(settings);
+    await newUser.save();
+  } else {
+    migrateLog('🔧  Nothing to migrate, already on the newest version');
+  }
+};
diff --git a/src/internal-server/start/routes.js b/src/internal-server/start/routes.js
new file mode 100644
index 000000000..63ac42c47
--- /dev/null
+++ b/src/internal-server/start/routes.js
@@ -0,0 +1,87 @@
+/*
+|--------------------------------------------------------------------------
+| Routes
+|--------------------------------------------------------------------------
+|
+*/
+
+/** @type {typeof import('@adonisjs/framework/src/Route/Manager')} */
+const Route = use('Route');
+
+// Run latest database migration
+const migrate = require('./migrate');
+
+migrate();
+
+const OnlyAllowFerdi = async ({ request, response }, next) => {
+  const version = request.header('X-Franz-Version');
+  if (!version) {
+    return response.status(403).redirect('/');
+  }
+
+  await next();
+  return true;
+};
+
+// Health: Returning if all systems function correctly
+Route.get('health', ({
+  response,
+}) => response.send({
+  api: 'success',
+  db: 'success',
+})).middleware(OnlyAllowFerdi);
+
+// API is grouped under '/v1/' route
+Route.group(() => {
+  // User authentification
+  Route.post('auth/signup', 'UserController.signup');
+  Route.post('auth/login', 'UserController.login');
+
+  // User info
+  Route.get('me', 'UserController.me');
+  Route.put('me', 'UserController.updateMe');
+
+  // Service info
+  Route.post('service', 'ServiceController.create');
+  Route.put('service/reorder', 'ServiceController.reorder');
+  Route.put('service/:id', 'ServiceController.edit');
+  Route.delete('service/:id', 'ServiceController.delete');
+  Route.get('me/services', 'ServiceController.list');
+
+  // Recipe store
+  Route.get('recipe', 'ServiceController.list');
+  Route.post('recipes/update', 'ServiceController.update');
+  Route.get('recipes', 'RecipeController.list');
+  Route.get('recipes/download/:recipe', 'RecipeController.download');
+  Route.get('recipes/search', 'RecipeController.search');
+  Route.get('recipes/popular', 'StaticController.popularRecipes');
+  Route.get('recipes/update', 'StaticController.emptyArray');
+
+  // Workspaces
+  Route.put('workspace/:id', 'WorkspaceController.edit');
+  Route.delete('workspace/:id', 'WorkspaceController.delete');
+  Route.post('workspace', 'WorkspaceController.create');
+  Route.get('workspace', 'WorkspaceController.list');
+
+  // Static responses
+  Route.get('features/:mode?', 'StaticController.features');
+  Route.get('services', 'StaticController.emptyArray');
+  Route.get('news', 'StaticController.emptyArray');
+  Route.get('announcements/:version', 'StaticController.announcement');
+}).prefix('v1').middleware(OnlyAllowFerdi);
+
+Route.group(() => {
+  Route.get('icon/:id', 'ServiceController.icon');
+}).prefix('v1');
+
+// Franz account import
+Route.post('import', 'UserController.import');
+Route.get('import', ({ view }) => view.render('import'));
+
+// Account transfer
+Route.get('export', 'UserController.export');
+Route.post('transfer', 'UserController.importFerdi');
+Route.get('transfer', ({ view }) => view.render('transfer'));
+
+// Index
+Route.get('/', ({ view }) => view.render('index'));
diff --git a/src/internal-server/test.js b/src/internal-server/test.js
new file mode 100644
index 000000000..8d4807d06
--- /dev/null
+++ b/src/internal-server/test.js
@@ -0,0 +1,9 @@
+const path = require('path');
+const fs = require('fs-extra');
+const server = require('./start');
+
+const dummyUserFolder = path.join(__dirname, 'user_data');
+
+fs.ensureDirSync(dummyUserFolder);
+
+server(dummyUserFolder, 45568);