DB conn to 25

message/store_postgres.go

@@ -110,6 +110,7 @@ func NewPostgresStore(dsn string, batchSize int, batchTimeout time.Duration) (St
 	if err != nil {
 		return nil, err
 	}
+	db.SetMaxOpenConns(25)
 	if err := db.Ping(); err != nil {
 		return nil, err
 	}

server/server_account_test.go

@@ -15,8 +15,8 @@ import (
 )
 
 func TestAccount_Signup_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 		defer s.closeDatabases()
@@ -54,8 +54,8 @@ func TestAccount_Signup_Success(t *testing.T) {
 }
 
 func TestAccount_Signup_UserExists(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 		defer s.closeDatabases()
@@ -70,8 +70,8 @@ func TestAccount_Signup_UserExists(t *testing.T) {
 }
 
 func TestAccount_Signup_LimitReached(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 		defer s.closeDatabases()
@@ -87,8 +87,8 @@ func TestAccount_Signup_LimitReached(t *testing.T) {
 }
 
 func TestAccount_Signup_AsUser(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 		defer s.closeDatabases()
@@ -111,8 +111,8 @@ func TestAccount_Signup_AsUser(t *testing.T) {
 }
 
 func TestAccount_Signup_Disabled(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = false
 		s := newTestServer(t, conf)
 		defer s.closeDatabases()
@@ -124,8 +124,8 @@ func TestAccount_Signup_Disabled(t *testing.T) {
 }
 
 func TestAccount_Signup_Rate_Limit(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 
@@ -140,8 +140,8 @@ func TestAccount_Signup_Rate_Limit(t *testing.T) {
 }
 
 func TestAccount_Get_Anonymous(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.VisitorRequestLimitReplenish = 86 * time.Second
 		conf.VisitorEmailLimitReplenish = time.Hour
 		conf.VisitorAttachmentTotalSizeLimit = 5123
@@ -185,8 +185,8 @@ func TestAccount_Get_Anonymous(t *testing.T) {
 }
 
 func TestAccount_ChangeSettings(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser, false))
@@ -216,8 +216,8 @@ func TestAccount_ChangeSettings(t *testing.T) {
 }
 
 func TestAccount_Subscription_AddUpdateDelete(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser, false))
@@ -269,8 +269,8 @@ func TestAccount_Subscription_AddUpdateDelete(t *testing.T) {
 }
 
 func TestAccount_ChangePassword(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.AuthUsers = []*user.User{
 			{Name: "philuser", Hash: "$2a$10$U4WSIYY6evyGmZaraavM2e2JeVG6EMGUKN1uUwufUeeRd4Jpg6cGC", Role: user.RoleUser}, // philuser:philpass
 		}
@@ -314,8 +314,8 @@ func TestAccount_ChangePassword(t *testing.T) {
 }
 
 func TestAccount_ChangePassword_NoAccount(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		rr := request(t, s, "POST", "/v1/account/password", `{"password": "new password"}`, nil)
@@ -324,9 +324,9 @@ func TestAccount_ChangePassword_NoAccount(t *testing.T) {
 }
 
 func TestAccount_ExtendToken(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		t.Parallel()
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser, false))
@@ -363,8 +363,8 @@ func TestAccount_ExtendToken(t *testing.T) {
 }
 
 func TestAccount_ExtendToken_NoTokenProvided(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser, false))
@@ -378,8 +378,8 @@ func TestAccount_ExtendToken_NoTokenProvided(t *testing.T) {
 }
 
 func TestAccount_DeleteToken(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser, false))
@@ -420,8 +420,8 @@ func TestAccount_DeleteToken(t *testing.T) {
 }
 
 func TestAccount_Delete_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 
@@ -451,8 +451,8 @@ func TestAccount_Delete_Success(t *testing.T) {
 }
 
 func TestAccount_Delete_Not_Allowed(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 
@@ -474,8 +474,8 @@ func TestAccount_Delete_Not_Allowed(t *testing.T) {
 }
 
 func TestAccount_Reservation_AddWithoutTierFails(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 
@@ -490,8 +490,8 @@ func TestAccount_Reservation_AddWithoutTierFails(t *testing.T) {
 }
 
 func TestAccount_Reservation_AddAdminSuccess(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
 
@@ -544,8 +544,8 @@ func TestAccount_Reservation_AddAdminSuccess(t *testing.T) {
 }
 
 func TestAccount_Reservation_AddRemoveUserWithTierSuccess(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.EnableSignup = true
 		conf.EnableReservations = true
 		conf.TwilioAccount = "dummy"
@@ -632,8 +632,8 @@ func TestAccount_Reservation_AddRemoveUserWithTierSuccess(t *testing.T) {
 }
 
 func TestAccount_Reservation_PublishByAnonymousFails(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.AuthDefault = user.PermissionReadWrite
 		conf.EnableSignup = true
 		s := newTestServer(t, conf)
@@ -668,9 +668,9 @@ func TestAccount_Reservation_PublishByAnonymousFails(t *testing.T) {
 }
 
 func TestAccount_Reservation_Delete_Messages_And_Attachments(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		t.Parallel()
-		conf := newTestConfigWithAuthFile(t)
+		conf := newTestConfigWithAuthFile(t, databaseURL)
 		conf.AuthDefault = user.PermissionReadWrite
 		s := newTestServer(t, conf)
 
@@ -760,7 +760,7 @@ func TestAccount_Reservation_Delete_Messages_And_Attachments(t *testing.T) {
 }
 
 /*func TestAccount_Persist_UserStats_After_Tier_Change(t *testing.T) {
-	conf := newTestConfigWithAuthFile(t)
+	conf := newTestConfigWithAuthFile(t, databaseURL)
 	conf.AuthDefault = user.PermissionReadWrite
 	conf.AuthStatsQueueWriterInterval = 300 * time.Millisecond
 	s := newTestServer(t, conf)

server/server_admin_test.go

@@ -11,8 +11,8 @@ import (
 )
 
 func TestVersion_Admin(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.BuildVersion = "1.2.3"
 		c.BuildCommit = "abcdef0"
 		c.BuildDate = "2026-02-08T00:00:00Z"
@@ -48,8 +48,8 @@ func TestVersion_Admin(t *testing.T) {
 }
 
 func TestUser_AddRemove(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin, tier
@@ -106,8 +106,8 @@ func TestUser_AddRemove(t *testing.T) {
 }
 
 func TestUser_AddWithPasswordHash(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin
@@ -137,8 +137,8 @@ func TestUser_AddWithPasswordHash(t *testing.T) {
 }
 
 func TestUser_ChangeUserPassword(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin
@@ -177,8 +177,8 @@ func TestUser_ChangeUserPassword(t *testing.T) {
 }
 
 func TestUser_ChangeUserTier(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin, tier
@@ -219,8 +219,8 @@ func TestUser_ChangeUserTier(t *testing.T) {
 }
 
 func TestUser_ChangeUserPasswordAndTier(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin, tier
@@ -273,8 +273,8 @@ func TestUser_ChangeUserPasswordAndTier(t *testing.T) {
 }
 
 func TestUser_ChangeUserPasswordWithHash(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin
@@ -307,8 +307,8 @@ func TestUser_ChangeUserPasswordWithHash(t *testing.T) {
 }
 
 func TestUser_DontChangeAdminPassword(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin
@@ -324,8 +324,8 @@ func TestUser_DontChangeAdminPassword(t *testing.T) {
 }
 
 func TestUser_AddRemove_Failures(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithAuthFile(t))
+		s := newTestServer(t, newTestConfigWithAuthFile(t, databaseURL))
 		defer s.closeDatabases()
 
 		// Create admin
@@ -365,8 +365,8 @@ func TestUser_AddRemove_Failures(t *testing.T) {
 }
 
 func TestAccess_AllowReset(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.AuthDefault = user.PermissionDenyAll
 		s := newTestServer(t, c)
 		defer s.closeDatabases()
@@ -408,8 +408,8 @@ func TestAccess_AllowReset(t *testing.T) {
 }
 
 func TestAccess_AllowReset_NonAdminAttempt(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.AuthDefault = user.PermissionDenyAll
 		s := newTestServer(t, c)
 		defer s.closeDatabases()
@@ -426,8 +426,8 @@ func TestAccess_AllowReset_NonAdminAttempt(t *testing.T) {
 }
 
 func TestAccess_AllowReset_KillConnection(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.AuthDefault = user.PermissionDenyAll
 		s := newTestServer(t, c)
 		defer s.closeDatabases()

server/server_firebase_test.go

@@ -345,7 +345,7 @@ func TestMaybeTruncateFCMMessage_NotTooLong(t *testing.T) {
 func TestToFirebaseSender_Abuse(t *testing.T) {
 	sender := &testFirebaseSender{allowed: 2}
 	client := newFirebaseClient(sender, &testAuther{})
-	visitor := newVisitor(newTestConfig(t), newMemTestCache(t), nil, netip.MustParseAddr("1.2.3.4"), nil)
+	visitor := newVisitor(newTestConfig(t, ""), newMemTestCache(t), nil, netip.MustParseAddr("1.2.3.4"), nil)
 
 	require.Nil(t, client.Send(visitor, &model.Message{Topic: "mytopic"}))
 	require.Equal(t, 1, len(sender.Messages()))

server/server_manager_test.go

@@ -6,9 +6,9 @@ import (
 )
 
 func TestServer_Manager_Prune_Messages_Without_Attachments_DoesNotPanic(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		// Tests that the manager runs without attachment-cache-dir set, see #617
-		c := newTestConfig(t)
+		c := newTestConfig(t, databaseURL)
 		c.AttachmentCacheDir = ""
 		s := newTestServer(t, c)
 

server/server_payments_test.go

@@ -21,11 +21,11 @@ import (
 )
 
 func TestPayments_Tiers(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		c.VisitorRequestLimitReplenish = 12 * time.Hour
@@ -133,11 +133,11 @@ func TestPayments_Tiers(t *testing.T) {
 }
 
 func TestPayments_SubscriptionCreate_NotAStripeCustomer_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -168,11 +168,11 @@ func TestPayments_SubscriptionCreate_NotAStripeCustomer_Success(t *testing.T) {
 }
 
 func TestPayments_SubscriptionCreate_StripeCustomer_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -214,11 +214,11 @@ func TestPayments_SubscriptionCreate_StripeCustomer_Success(t *testing.T) {
 }
 
 func TestPayments_AccountDelete_Cancels_Subscription(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.EnableSignup = true
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
@@ -261,7 +261,7 @@ func TestPayments_AccountDelete_Cancels_Subscription(t *testing.T) {
 }
 
 func TestPayments_Checkout_Success_And_Increase_Rate_Limits_Reset_Visitor(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		// This test is too overloaded, but it's also a great end-to-end a test.
 		//
 		// It tests:
@@ -273,7 +273,7 @@ func TestPayments_Checkout_Success_And_Increase_Rate_Limits_Reset_Visitor(t *tes
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		c.VisitorRequestLimitBurst = 5
@@ -428,7 +428,7 @@ func TestPayments_Checkout_Success_And_Increase_Rate_Limits_Reset_Visitor(t *tes
 }
 
 func TestPayments_Webhook_Subscription_Updated_Downgrade_From_PastDue_To_Active(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		t.Parallel()
 
 		// This tests incoming webhooks from Stripe to update a subscription:
@@ -439,7 +439,7 @@ func TestPayments_Webhook_Subscription_Updated_Downgrade_From_PastDue_To_Active(
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -559,7 +559,7 @@ func TestPayments_Webhook_Subscription_Updated_Downgrade_From_PastDue_To_Active(
 }
 
 func TestPayments_Webhook_Subscription_Deleted(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		// This tests incoming webhooks from Stripe to delete a subscription. It verifies that the database is
 		// updated (all Stripe fields are deleted, and the tier is removed).
 		//
@@ -568,7 +568,7 @@ func TestPayments_Webhook_Subscription_Deleted(t *testing.T) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -626,11 +626,11 @@ func TestPayments_Webhook_Subscription_Deleted(t *testing.T) {
 }
 
 func TestPayments_Subscription_Update_Different_Tier(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -692,11 +692,11 @@ func TestPayments_Subscription_Update_Different_Tier(t *testing.T) {
 }
 
 func TestPayments_Subscription_Delete_At_Period_End(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)
@@ -725,11 +725,11 @@ func TestPayments_Subscription_Delete_At_Period_End(t *testing.T) {
 }
 
 func TestPayments_CreatePortalSession(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		stripeMock := &testStripeAPI{}
 		defer stripeMock.AssertExpectations(t)
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.StripeSecretKey = "secret key"
 		c.StripeWebhookKey = "webhook key"
 		s := newTestServer(t, c)

server/server_twilio_test.go

@@ -14,7 +14,7 @@ import (
 )
 
 func TestServer_Twilio_Call_Add_Verify_Call_Delete_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		var called, verified atomic.Bool
 		var code atomic.Pointer[string]
 		twilioVerifyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -51,7 +51,7 @@ func TestServer_Twilio_Call_Add_Verify_Call_Delete_Success(t *testing.T) {
 		}))
 		defer twilioCallsServer.Close()
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioVerifyBaseURL = twilioVerifyServer.URL
 		c.TwilioCallsBaseURL = twilioCallsServer.URL
 		c.TwilioAccount = "AC1234567890"
@@ -117,7 +117,7 @@ func TestServer_Twilio_Call_Add_Verify_Call_Delete_Success(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_Success(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		var called atomic.Bool
 		twilioServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			if called.Load() {
@@ -132,7 +132,7 @@ func TestServer_Twilio_Call_Success(t *testing.T) {
 		}))
 		defer twilioServer.Close()
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = twilioServer.URL
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -164,7 +164,7 @@ func TestServer_Twilio_Call_Success(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_Success_With_Yes(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		var called atomic.Bool
 		twilioServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			if called.Load() {
@@ -179,7 +179,7 @@ func TestServer_Twilio_Call_Success_With_Yes(t *testing.T) {
 		}))
 		defer twilioServer.Close()
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = twilioServer.URL
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -211,7 +211,7 @@ func TestServer_Twilio_Call_Success_With_Yes(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_Success_with_custom_twiml(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
 		var called atomic.Bool
 		twilioServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			if called.Load() {
@@ -226,7 +226,7 @@ func TestServer_Twilio_Call_Success_with_custom_twiml(t *testing.T) {
 		}))
 		defer twilioServer.Close()
 
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = twilioServer.URL
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -274,8 +274,8 @@ func TestServer_Twilio_Call_Success_with_custom_twiml(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_UnverifiedNumber(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = "http://dummy.invalid"
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -301,8 +301,8 @@ func TestServer_Twilio_Call_UnverifiedNumber(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_InvalidNumber(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = "https://127.0.0.1"
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -317,8 +317,8 @@ func TestServer_Twilio_Call_InvalidNumber(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_Anonymous(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		c := newTestConfigWithAuthFile(t)
+		c := newTestConfigWithAuthFile(t, databaseURL)
 		c.TwilioCallsBaseURL = "https://127.0.0.1"
 		c.TwilioAccount = "AC1234567890"
 		c.TwilioAuthToken = "AAEAA1234567890"
@@ -333,8 +333,8 @@ func TestServer_Twilio_Call_Anonymous(t *testing.T) {
 }
 
 func TestServer_Twilio_Call_Unconfigured(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfig(t))
+		s := newTestServer(t, newTestConfig(t, databaseURL))
 		response := request(t, s, "POST", "/mytopic", "test", map[string]string{
 			"x-call": "+1234",
 		})

server/server_webpush_test.go

@@ -26,21 +26,21 @@ const (
 )
 
 func TestServer_WebPush_Enabled(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		conf := newTestConfig(t)
+		conf := newTestConfig(t, databaseURL)
 		conf.WebRoot = "" // Disable web app
 		s := newTestServer(t, conf)
 
 		rr := request(t, s, "GET", "/manifest.webmanifest", "", nil)
 		require.Equal(t, 404, rr.Code)
 
-		conf2 := newTestConfig(t)
+		conf2 := newTestConfig(t, databaseURL)
 		s2 := newTestServer(t, conf2)
 
 		rr = request(t, s2, "GET", "/manifest.webmanifest", "", nil)
 		require.Equal(t, 404, rr.Code)
 
-		conf3 := newTestConfigWithWebPush(t)
+		conf3 := newTestConfigWithWebPush(t, databaseURL)
 		s3 := newTestServer(t, conf3)
 
 		rr = request(t, s3, "GET", "/manifest.webmanifest", "", nil)
@@ -50,8 +50,8 @@ func TestServer_WebPush_Enabled(t *testing.T) {
 	})
 }
 func TestServer_WebPush_Disabled(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfig(t))
+		s := newTestServer(t, newTestConfig(t, databaseURL))
 
 		response := request(t, s, "POST", "/v1/webpush", payloadForTopics(t, []string{"test-topic"}, testWebPushEndpoint), nil)
 		require.Equal(t, 404, response.Code)
@@ -59,8 +59,8 @@ func TestServer_WebPush_Disabled(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicAdd(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		response := request(t, s, "POST", "/v1/webpush", payloadForTopics(t, []string{"test-topic"}, testWebPushEndpoint), nil)
 		require.Equal(t, 200, response.Code)
@@ -78,8 +78,8 @@ func TestServer_WebPush_TopicAdd(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicAdd_InvalidEndpoint(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		response := request(t, s, "POST", "/v1/webpush", payloadForTopics(t, []string{"test-topic"}, "https://ddos-target.example.com/webpush"), nil)
 		require.Equal(t, 400, response.Code)
@@ -88,8 +88,8 @@ func TestServer_WebPush_TopicAdd_InvalidEndpoint(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicAdd_TooManyTopics(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		topicList := make([]string, 51)
 		for i := range topicList {
@@ -103,8 +103,8 @@ func TestServer_WebPush_TopicAdd_TooManyTopics(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicUnsubscribe(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		addSubscription(t, s, testWebPushEndpoint, "test-topic")
 		requireSubscriptionCount(t, s, "test-topic", 1)
@@ -118,8 +118,8 @@ func TestServer_WebPush_TopicUnsubscribe(t *testing.T) {
 }
 
 func TestServer_WebPush_Delete(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		addSubscription(t, s, testWebPushEndpoint, "test-topic")
 		requireSubscriptionCount(t, s, "test-topic", 1)
@@ -133,8 +133,8 @@ func TestServer_WebPush_Delete(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicSubscribeProtected_Allowed(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		config := configureAuth(t, newTestConfigWithWebPush(t))
+		config := configureAuth(t, newTestConfigWithWebPush(t, databaseURL))
 		config.AuthDefault = user.PermissionDenyAll
 		s := newTestServer(t, config)
 
@@ -155,8 +155,8 @@ func TestServer_WebPush_TopicSubscribeProtected_Allowed(t *testing.T) {
 }
 
 func TestServer_WebPush_TopicSubscribeProtected_Denied(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		config := configureAuth(t, newTestConfigWithWebPush(t))
+		config := configureAuth(t, newTestConfigWithWebPush(t, databaseURL))
 		config.AuthDefault = user.PermissionDenyAll
 		s := newTestServer(t, config)
 
@@ -168,8 +168,8 @@ func TestServer_WebPush_TopicSubscribeProtected_Denied(t *testing.T) {
 }
 
 func TestServer_WebPush_DeleteAccountUnsubscribe(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		config := configureAuth(t, newTestConfigWithWebPush(t))
+		config := configureAuth(t, newTestConfigWithWebPush(t, databaseURL))
 		s := newTestServer(t, config)
 
 		require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser, false))
@@ -193,8 +193,8 @@ func TestServer_WebPush_DeleteAccountUnsubscribe(t *testing.T) {
 }
 
 func TestServer_WebPush_Publish(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		var received atomic.Bool
 		pushService := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -217,8 +217,8 @@ func TestServer_WebPush_Publish(t *testing.T) {
 }
 
 func TestServer_WebPush_Publish_RemoveOnError(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		var received atomic.Bool
 		pushService := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -247,8 +247,8 @@ func TestServer_WebPush_Publish_RemoveOnError(t *testing.T) {
 }
 
 func TestServer_WebPush_Expiry(t *testing.T) {
-	forEachBackend(t, func(t *testing.T) {
+	forEachBackend(t, func(t *testing.T, databaseURL string) {
-		s := newTestServer(t, newTestConfigWithWebPush(t))
+		s := newTestServer(t, newTestConfigWithWebPush(t, databaseURL))
 
 		var received atomic.Bool
 
@@ -307,8 +307,8 @@ func requireSubscriptionCount(t *testing.T, s *Server, topic string, expectedLen
 	require.Len(t, subs, expectedLength)
 }
 
-func newTestConfigWithWebPush(t *testing.T) *Config {
+func newTestConfigWithWebPush(t *testing.T, databaseURL string) *Config {
-	conf := newTestConfig(t)
+	conf := newTestConfig(t, databaseURL)
 	privateKey, publicKey, err := webpush.GenerateVAPIDKeys()
 	require.Nil(t, err)
 	if conf.DatabaseURL == "" {

server/smtp_server_test.go

@@ -1411,7 +1411,7 @@ what's up
 type smtpHandlerFunc func(http.ResponseWriter, *http.Request)
 
 func newTestSMTPServer(t *testing.T, handler smtpHandlerFunc) (s *smtp.Server, c net.Conn, conf *Config, scanner *bufio.Scanner) {
-	conf = newTestConfig(t)
+	conf = newTestConfig(t, "")
 	conf.SMTPServerListen = ":25"
 	conf.SMTPServerDomain = "ntfy.sh"
 	conf.SMTPServerAddrPrefix = "ntfy-"

user/store_postgres.go

@@ -212,6 +212,7 @@ func NewPostgresStore(dsn string) (Store, error) {
 	if err != nil {
 		return nil, err
 	}
+	db.SetMaxOpenConns(25)
 	if err := db.Ping(); err != nil {
 		return nil, err
 	}

webpush/store_postgres.go

@@ -76,6 +76,7 @@ func NewPostgresStore(dsn string) (Store, error) {
 	if err != nil {
 		return nil, err
 	}
+	db.SetMaxOpenConns(25)
 	if err := db.Ping(); err != nil {
 		return nil, err
 	}