Give people access to toot from an account with giving sharing the password.

Find a file

fleaz f83576665a All checks were successful Deployment / container (push) Successful in 2m32s Details Fix regex to validate authorized accounts		2025-08-26 00:23:30 +02:00
.forgejo/workflows	build container depending on branch	2025-08-25 23:44:07 +02:00
.gitignore	hacky POC	2025-08-15 00:28:45 +02:00
Dockerfile	Added Dockerfile and release pipeline	2025-08-25 23:32:29 +02:00
go.mod	Cleanup and restructure the code, added readme and more config options	2025-08-25 23:21:44 +02:00
go.sum	Cleanup and restructure the code, added readme and more config options	2025-08-25 23:21:44 +02:00
helper.go	Fix regex to validate authorized accounts	2025-08-26 00:23:30 +02:00
main.go	Cleanup and restructure the code, added readme and more config options	2025-08-25 23:21:44 +02:00
mastodon.go	Cleanup and restructure the code, added readme and more config options	2025-08-25 23:21:44 +02:00
README.md	Add docs about the docker containers to the readme	2025-08-25 23:56:22 +02:00

README.md

mastodon-dm-tooter

When running a shared account on Mastodon, like e.g. for an event or a club, you sometimes would like to give people access to toot, but don't want to give them the password to the account.

With this tool, you can simply maintain a list of authorized accounts that are allowed to use this tool and then everytime they send the account a private DM, this tool will take the DM and send it as a toot.

Limitations

Obviously this only gives the person the possibility to send a toot from the shared account. Anything else like follow someone, like a toot, reply to a toot, e.g. are not possible.

Application Keys

First you need to create an application inside the shared account with some permissions. Go to YOUR-INSTANCE.com/settings/applications and create a new app. Check the following scopes:

read:notifications
read:statuses
profile
write:notifications
write:statuses

Pick whatever you like for the name and use urn:ietf:wg:oauth:2.0:oob as the redirect URI.

Then save the page and save your client key, client secret and access token.

Usage

All options can either be set via a commandline argument, or via an environment variable. The name for the corresponding variable is in the sqaure brackets at the beginning of every option.

$ ./mastodon-dm-tooter --help
Usage of ./mastodon-dm-tooter:
  -access-token string
    	[ACCESS_TOKEN] Access token from app
  -authorized-accounts string
    	[AUTHORIZED_ACCOUNTS] A comma seperated list of authorized accounts
  -client-key string
    	[CLIENT_KEY] Client key from app
  -client-secret string
    	[CLIENT_SECRET] Client secret from app
  -instance string
    	[INSTANCE] URL of your instance (default "https://mastodon.de")
  -interval int
    	[INTERVAL] How often (in minutes) should the tool check for new DMs (default 5)
  -log-level string
    	[LOG_LEVEL] Log level (default "INFO")
  -toot-visibility string
    	[TOOT_VISIBILITY] Set the toot visibility (public, unlisted, private, direct) (default "public")

The three values for your app credentials and the list of authorized users are required.

Docker

This code also gets build and releases as a Docker container image at fleaz/mastodon-dm-tooter. The latest tag, is always the last commit on this repo, so use with caution!

The images that are tagged with a number, are only build on the main branch and I try my best not to break them ;)

To use the container it's probably the easiest to provide all settings as environment variables in a file and then pass it to docker run:

echo "KEY=value" > .env
echo "KEY2=value2" >> .env
echo "KEY3=value3" >> .env

docker run --rm --detach --env-file .env --name mastodon-dm-tooter fleaz/mastodon-dm-tooter

You can check the output with docker logs mastodon-dm-tooter.