A high-performance, full-stack Capture The Flag (CTF) platform built with Go (Gin) for the backend and Angular (v21) for the frontend. Designed for scalability with Redis caching and Turso DB (LibSQL) for high-performance data storage.
- Dynamic Scoring: Points for challenges decrease as more teams solve them (CTFd formula).
- Team-Based Competition: Create or join teams to solve challenges and climb the leaderboard together.
- Real-time Scoreboard: Cached global and team rankings.
- Admin Management: Dedicated dashboard for challenge creation, notification broadcasts, and user moderation.
- Robust Security:
- JWT authentication with HTTP-only cookies.
- Rate limiting on flag submissions.
- Email verification and secure password reset.
- Role-based access control (RBAC).
- Performance Optimized:
- Redis Caching (Upstash): Frequently accessed data like the scoreboard is cached in-memory.
- Turso DB (LibSQL): Edge database integration ensuring fast global reads and high concurrency.
The production deployment (rootaccess.live) uses a multi-cloud setup across OCI and AWS to remain entirely within always-free tiers:
- REST API β
ctfapis.rootaccess.liveβ Cloudflare Worker β OCI Functions (primary, 2M/month) or AWS Lambda Function URL (overflow, 1M/month) = 3M requests/month free - WebSocket β
ws.rootaccess.liveβ OCI Load Balancer β OCI VM running Go binary with RedisHub (Upstash pub/sub) - Quota switching β GitHub Actions daily cron flips a Cloudflare KV flag at 1.8M OCI invocations; monthly cron resets it on the 1st
See docs/architecture/MULTI_CLOUD_ARCHITECTURE.md for the full architecture diagram, DNS configuration, and deployment pipeline details.
- Language: Go 1.24
- Framework: Gin (HTTP web framework)
- Primary Database: MongoDB
- Cache: Upstash Redis (6 instances)
- Email: SMTP integration for verification and resets.
- Framework: Angular 21
- Styling: Tailwind CSS v4 & SCSS
- UX/UI: Material Design principles with custom dark/light theme support.
- Docker & Docker Compose (Recommended for production)
- Go: Version 1.24+ (For local development)
- Node.js: Version 22+ (For local development)
- Turso CLI: Optional (For DB management)
- Redis: Version 6.0+
-
Clone the repository:
git clone https://github.com/Uttam-Mahata/RootAccess.git cd RootAccess -
Configure Environment: Copy the example compose file and update your credentials:
cp docker-compose.prod.example.yml docker-compose.prod.yml # Edit docker-compose.prod.yml with your SMTP, DB, and JWT secrets
cd backendcp .env.example .env(Configure your Turso DB/Redis/SMTP)go mod downloadgo run cmd/api/main.go
cd frontendnpm installnpm start
Registered users are regular users by default. To create an initial admin:
POST /auth/register- User registrationPOST /auth/login- User login (Sets HTTP-only cookie)GET /scoreboard- Get cached leaderboardGET /notifications- View active admin broadcasts
POST /challenges/:id/submit- Submit flag (Rate limited)POST /teams- Create a teamPOST /teams/join/:code- Join a team via invite code
POST /admin/challenges- Create new challengePOST /admin/notifications- Broadcast an announcementPOST /admin/notifications/:id/toggle- Activate/Deactivate broadcasts
RootAccess/
βββ backend/
β βββ cmd/api/main.go # API Entry point
β βββ cmd/admin/main.go # Admin CLI tool
β βββ internal/
β β βββ database/ # Turso DB & Redis logic
β β βββ services/ # Business logic (Caching, Auth, etc.)
β β βββ handlers/ # HTTP Controllers
βββ frontend/
β βββ src/app/components/ # Angular UI Components
β βββ src/app/services/ # Frontend API services
βββ docker-compose.prod.yml # Production orchestration
βββ README.md
- Secrets: Never commit
.envordocker-compose.prod.ymlto version control. - JWT: In production, ensure
JWT_SECRETis a random 32+ character string. - SMTP: Port 25 is often blocked by ISPs; use port 587 (STARTTLS) or 465 (SSL).
Made with β€οΈ for the CTF community