indifferentketchup
3c13e55dad
QUAL-004 handlers/messages.js — DM-on-customer-reply now reads guild.members.cache.get(claimerId) first and only falls back to guild.members.fetch on cache miss. Avoids a REST round-trip per non-staff reply on busy tickets. GuildMembers intent already keeps the cache warm. QUAL-005 handlers/buttons.js (runFinalClose) + handlers/commands/close.js (finalizeForceClose) — close paths now $unset welcomeMessageId alongside the status: 'closed' write. Stops a stale message-ID from carrying into a future reopen on the same Gmail thread, where escalation's "edit welcome buttons" path would silently fail trying to fetch a message in a deleted channel. QUAL-007 services/configPersistence.js — writeEnvFile mismatch error now includes the missing/extra key sets, not just count vs count. Saves the operator from guessing which key vanished after a partial write. QUAL-008 utils.js stripEmailQuotes — replaced order-dependent first-match loop with an earliest-match-across-all-markers scan. The previous code could truncate at a late "_____" signature underline even when an earlier "On X wrote:" reply header was the real cutoff. New test in tests/utils.test.js exercises the dual-marker case. QUAL-010 broccolini-discord.js — moved `let httpServer / internalServer / appReady` declarations from after the ready handler to before it. Same runtime behavior (module-load completes before ready fires asynchronously), but the read order now matches the assignment order. SEC-002 routes/internalApi.js — POST /restart now goes through a tighter 2/min limiter on top of the shared 10/min internalLimiter. Defense in depth in case INTERNAL_API_SECRET ever leaks; an attacker with the secret can no longer crash-loop the container. Skipped: QUAL-009 (re-checked the regex; ^\s*\n* → \n is already idempotent — the audit finding was incorrect). vitest run: 88/88 (one new test for QUAL-008).
Broccolini Bot
A Node.js Discord bot that bridges Gmail ↔ Discord for support ticketing, with MongoDB for state. Built for Indifferent Broccoli (game-server hosting).
- Inbound email → Discord ticket channel.
- Staff messages in that channel → Gmail reply (threaded).
- Discord-originated tickets (panel / context menu) live entirely in Discord.
For an architectural overview, see HOWITWORKS.md. For agent/contributor conventions, see CLAUDE.md.
Quick start
git clone <repo-url>
cd broccolini-bot
npm install
cp .env.example .env
# fill DISCORD_TOKEN, DISCORD_APPLICATION_ID, DISCORD_GUILD_ID, TICKET_CATEGORY_ID,
# ROLE_ID_TO_PING, MONGODB_URI, GOOGLE_CLIENT_ID/SECRET, REFRESH_TOKEN, MY_EMAIL
npm start
Need a Gmail refresh token? node get-refresh-token.js (redirect URI http://localhost:3000/oauth2callback). Probe Mongo with npm run test-mongodb.
Restart the bot after any .env change. Restart also re-registers slash commands.
Deploy (Docker)
docker compose up --build -d
docker logs broccolini --tail 50 -f
Host port 8892 → container 5000 (DISCORD_ONLY_PORT).
Configuration
All config is environment variables loaded by config.js into CONFIG. The full list — with descriptions and defaults — lives in .env.example. Highlights:
| Variable | Notes |
|---|---|
DISCORD_TOKEN / DISCORD_BOT_TOKEN |
Bot token. First non-empty after trim wins. |
DISCORD_APPLICATION_ID, DISCORD_GUILD_ID |
Required for slash command registration. |
TICKET_CATEGORY_ID |
Default category for email tickets. Validated at startup. |
DISCORD_TICKET_CATEGORY_ID |
Category for Discord panel/context tickets (falls back to TICKET_CATEGORY_ID). |
ROLE_ID_TO_PING |
Support role pinged on new tickets. |
MONGODB_URI |
Mongo connection string. |
GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET / REFRESH_TOKEN / MY_EMAIL |
Gmail OAuth + canonical inbox address. |
RENAMER_BOT |
Optional secondary token used for channel renames. |
INTERNAL_API_SECRET / INTERNAL_API_PORT |
Enable the internal config API used by the settings UI. |
Slash commands
| Command | Purpose |
|---|---|
/escalate, /deescalate |
Move ticket between tier 2/3 categories. |
/add, /remove |
Add/remove user from current ticket channel. |
/transfer |
Hand the claim to another staff member. |
/move |
Reparent the channel to another category. |
/force-close, /cancel-close, /closetimer |
Force-close flow with cancellable countdown. |
/topic |
Set channel topic. |
/response |
Saved reply templates (send, create, edit, delete, list). |
/panel |
Post an "Open ticket" panel button (thread / category / both). |
/notifydm |
Toggle DM alerts when a customer replies in your claimed ticket. |
/signature |
Personal email signature (valediction, display name, tagline). |
/staffthread |
Toggle / configure staff-only threads on tickets. |
/pinmessages |
Auto-pin welcome / escalation messages. |
/gmailpoll |
Set the Gmail poll interval at runtime. |
/help |
In-bot summary. |
Plus context menus: Create Ticket From Message, View User Tickets.
Settings UI (optional)
settings-site/ is a separate Express app that talks to the bot's internal config API over the broccoli-net Docker network using INTERNAL_API_SECRET. It is not part of this bot's process. See settings-site/CLAUDE.md.
Troubleshooting
| Symptom | Check |
|---|---|
| Slash commands missing | Correct DISCORD_APPLICATION_ID + DISCORD_GUILD_ID; restart; Discord can take a minute to sync. |
| Gmail not ingesting | REFRESH_TOKEN valid? Auth failure halts polling — re-auth and restart. |
| Mongo errors at startup | MONGODB_URI reachable? npm run test-mongodb to confirm. |
| Channel rename "too quickly" | Discord limit is 2 renames/10 min per channel — the queue serializes; wait it out. |
| Modal/button no response | Bot online + intents enabled; check DEBUGGING_CHANNEL_ID / container logs. |
License
ISC