nicholas-fedor
diff --git a/‎docs/services/signal/index.md‎
Lines changed: 125 additions & 0 deletions b/‎docs/services/signal/index.md‎
Lines changed: 125 additions & 0 deletions
diff --git a/‎pkg/router/servicemap.go‎
Lines changed: 2 additions & 0 deletions b/‎pkg/router/servicemap.go‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎pkg/services/signal/doc.go‎
Lines changed: 15 additions & 0 deletions b/‎pkg/services/signal/doc.go‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎pkg/services/signal/signal.go‎
Lines changed: 210 additions & 0 deletions b/‎pkg/services/signal/signal.go‎
Lines changed: 210 additions & 0 deletions
@@ -0,0 +1,125 @@
+# Signal
+
+## URL Format
+
+!!! info ""
+    signal://[__`user`__[:__`password`__]@]__`host`__[:__`port`__]/__`source_phone`__/__`recipient1`__[,__`recipient2`__,...]
+
+    signals://[__`user`__[:__`password`__]@]__`host`__[:__`port`__]/__`source_phone`__/__`recipient1`__[,__`recipient2`__,...]
+
+## Setting up Signal API Server
+
+Signal notifications require a Signal API server that can send messages on behalf of a registered Signal account. These implementations are built on top of __[signal-cli](https://github.com/AsamK/signal-cli)__, the unofficial command-line interface for Signal (3.8k+ stars).
+
+Popular open-source implementations include:
+
+- __[signal-cli-rest-api](https://github.com/bbernhard/signal-cli-rest-api)__: Dockerized REST API wrapper for signal-cli (2.1k+ stars)
+- __[secured-signal-api](https://github.com/codeshelldev/secured-signal-api)__: Security proxy for signal-cli-rest-api with authentication and access control
+
+Common setup involves:
+
+1. __Phone Number__: A dedicated phone number registered with Signal
+2. __API Server__: A server running signal-cli with REST API capabilities
+3. __Account Linking__: Linking the server as a secondary device to your Signal account
+4. __Optional Security Layer__: Authentication and endpoint restrictions via a proxy
+
+The server must be able to receive SMS verification codes during initial setup and maintain a persistent connection to Signal's servers.
+
+!!! tip "Setup Resources"
+    See the [signal-cli-rest-api documentation](https://github.com/bbernhard/signal-cli-rest-api) and [secured-signal-api documentation](https://github.com/codeshelldev/secured-signal-api) for detailed setup instructions.
+
+## URL Parameters
+
+### Host and Port
+
+- `host`: The hostname or IP address of your Signal API server (default: localhost)
+- `port`: The port number (default: 8080)
+
+### Authentication
+
+The Signal service supports multiple authentication methods:
+
+- `user`: Username for HTTP Basic Authentication (optional)
+- `password`: Password for HTTP Basic Authentication (optional)
+- `token` or `apikey`: API token for Bearer authentication (optional)
+
+!!! tip "Authentication Priority"
+    If both token and user/password are provided, the API token takes precedence and uses Bearer authentication. This is useful for [secured-signal-api](https://github.com/codeshelldev/secured-signal-api) which prefers Bearer tokens.
+
+### Source Phone Number
+
+The `source_phone` is your Signal phone number with country code (e.g., +1234567890) that is registered with the API server.
+
+### Recipients
+
+Recipients can be:
+
+- __Phone numbers__: With country code (e.g., +0987654321)
+- __Group IDs__: In the format `group.groupId`
+
+### TLS Configuration
+
+- Use `signal://` for HTTPS (default, recommended)
+- Use `signals://` for HTTP (insecure, for local testing only)
+
+## Examples
+
+### Send to a single phone number
+
+```
+signal://localhost:8080/+1234567890/+0987654321
+```
+
+### Send to multiple recipients
+
+```
+signal://localhost:8080/+1234567890/+0987654321/+1123456789/group.testgroup
+```
+
+### Send to a group
+
+```
+signal://localhost:8080/+1234567890/group.abcdefghijklmnop=
+```
+
+### With authentication
+
+```
+signal://user:password@localhost:8080/+1234567890/+0987654321
+```
+
+### With API token (Bearer auth)
+
+```
+signal://localhost:8080/+1234567890/+0987654321?token=YOUR_API_TOKEN
+```
+
+### Using HTTP instead of HTTPS
+
+```
+signals://localhost:8080/+1234567890/+0987654321
+```
+
+## Attachments
+
+The Signal service supports sending base64-encoded attachments. Use the `attachments` parameter with comma-separated base64 data:
+
+```bash
+# Send with attachments via CLI
+shoutrrr send "signal://localhost:8080/+1234567890/+0987654321" \
+  "Message with attachment" \
+  --attachments "base64data1,base64data2"
+```
+
+!!! note "Attachment Format"
+    Attachments must be provided as base64-encoded data. The API server handles the MIME type detection and file handling.
+
+## Optional Parameters
+
+You can specify additional parameters in the URL query string:
+
+- `disabletls=yes`: Force HTTP instead of HTTPS (same as using `signals://`)
+
+## Implementation Notes
+
+The Signal service sends messages using HTTP POST requests to the API server's send endpoint with JSON payloads containing the message, source number, and recipient list. The server handles the actual Signal protocol communication.
@@ -17,6 +17,7 @@ import (
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/pushbullet"
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/pushover"
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/rocketchat"
+	"github.com/nicholas-fedor/shoutrrr/pkg/services/signal"
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/slack"
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/smtp"
 	"github.com/nicholas-fedor/shoutrrr/pkg/services/teams"
@@ -44,6 +45,7 @@ var serviceMap = map[string]func() types.Service{
 	"pushbullet": func() types.Service { return &pushbullet.Service{} },
 	"pushover":   func() types.Service { return &pushover.Service{} },
 	"rocketchat": func() types.Service { return &rocketchat.Service{} },
+	"signal":     func() types.Service { return &signal.Service{} },
 	"slack":      func() types.Service { return &slack.Service{} },
 	"smtp":       func() types.Service { return &smtp.Service{} },
 	"teams":      func() types.Service { return &teams.Service{} },
 
@@ -0,0 +1,15 @@
+// Package signal provides functionality to send notifications via Signal Messenger
+// through REST API servers that wrap the signal-cli command-line interface.
+//
+// This service supports sending text messages and base64-encoded attachments to
+// individual phone numbers and Signal groups. Authentication supports both HTTP
+// Basic Auth and Bearer tokens for compatibility with different API servers.
+//
+// It requires a Signal API server (such as signal-cli-rest-api or secured-signal-api)
+// to be running and configured with a registered Signal account.
+//
+// URL format: signal://[user:pass@]host:port/source_phone/recipient1/recipient2
+// URL format: signal://host:port/source_phone/recipient1/recipient2?token=apikey
+//
+// For setup instructions and API server options, see the service documentation.
+package signal
@@ -0,0 +1,210 @@
+package signal
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/nicholas-fedor/shoutrrr/pkg/format"
+	"github.com/nicholas-fedor/shoutrrr/pkg/services/standard"
+	"github.com/nicholas-fedor/shoutrrr/pkg/types"
+)
+
+// HTTP request timeout duration.
+const (
+	defaultHTTPTimeout = 30 * time.Second
+)
+
+// ErrSendFailed indicates a failure to send a Signal message.
+var (
+	ErrSendFailed = errors.New("failed to send Signal message")
+)
+
+// Service sends notifications to Signal recipients via signal-cli-rest-api.
+type Service struct {
+	standard.Standard
+	Config *Config
+	pkr    format.PropKeyResolver
+}
+
+// Send delivers a notification message to Signal recipients.
+func (service *Service) Send(message string, params *types.Params) error {
+	config := *service.Config
+
+	// Separate config params from message params (like attachments)
+	var (
+		configParams  *types.Params
+		messageParams *types.Params
+	)
+
+	if params != nil {
+		configParams = &types.Params{}
+		messageParams = &types.Params{}
+
+		for key, value := range *params {
+			// Check if this is a config parameter
+			if _, err := service.pkr.Get(key); err == nil {
+				// It's a valid config key
+				(*configParams)[key] = value
+			} else {
+				// It's a message parameter (like attachments)
+				(*messageParams)[key] = value
+			}
+		}
+
+		if err := service.pkr.UpdateConfigFromParams(&config, configParams); err != nil {
+			return fmt.Errorf("updating config from params: %w", err)
+		}
+	}
+
+	return service.sendMessage(message, &config, messageParams)
+}
+
+// Initialize configures the service with a URL and logger.
+func (service *Service) Initialize(configURL *url.URL, logger types.StdLogger) error {
+	service.SetLogger(logger)
+	service.Config = &Config{}
+	service.pkr = format.NewPropKeyResolver(service.Config)
+
+	if err := service.Config.setURL(&service.pkr, configURL); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// GetID returns the identifier for this service.
+func (service *Service) GetID() string {
+	return Scheme
+}
+
+// sendMessage sends a message to all configured recipients.
+func (service *Service) sendMessage(message string, config *Config, params *types.Params) error {
+	if len(config.Recipients) == 0 {
+		return ErrNoRecipients
+	}
+
+	payload := service.createPayload(message, config, params)
+
+	req, cancel, err := service.createRequest(config, payload)
+	if err != nil {
+		return err
+	}
+	defer cancel()
+
+	return service.sendRequest(req)
+}
+
+// createPayload builds the JSON payload for the Signal API request.
+func (service *Service) createPayload(
+	message string,
+	config *Config,
+	params *types.Params,
+) sendMessagePayload {
+	payload := sendMessagePayload{
+		Message:    message,
+		Number:     config.Source,
+		Recipients: config.Recipients,
+	}
+
+	// Check for attachments in params (passed during Send call)
+	// Note: Shoutrrr doesn't have a standard attachment interface,
+	// so we check for "attachments" parameter with base64 data
+	if params != nil {
+		if attachments, ok := (*params)["attachments"]; ok && attachments != "" {
+			// Parse comma-separated base64 attachments
+			attachmentList := strings.Split(attachments, ",")
+			for i, attachment := range attachmentList {
+				attachmentList[i] = strings.TrimSpace(attachment)
+			}
+
+			payload.Base64Attachments = attachmentList
+		}
+	}
+
+	return payload
+}
+
+// createRequest builds the HTTP request for the Signal API.
+func (service *Service) createRequest(
+	config *Config,
+	payload sendMessagePayload,
+) (*http.Request, context.CancelFunc, error) {
+	apiURL := service.buildAPIURL(config)
+
+	jsonData, err := json.Marshal(payload)
+	if err != nil {
+		return nil, nil, fmt.Errorf("marshaling payload to JSON: %w", err)
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), defaultHTTPTimeout)
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, apiURL, bytes.NewBuffer(jsonData))
+	if err != nil {
+		cancel()
+
+		return nil, nil, fmt.Errorf("creating HTTP request: %w", err)
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	service.setAuthentication(req, config)
+
+	return req, cancel, nil
+}
+
+// buildAPIURL constructs the Signal API endpoint URL.
+func (service *Service) buildAPIURL(config *Config) string {
+	scheme := "https"
+	if config.DisableTLS {
+		scheme = "http"
+	}
+
+	return fmt.Sprintf("%s://%s:%d/v2/send", scheme, config.Host, config.Port)
+}
+
+// setAuthentication configures HTTP authentication headers.
+func (service *Service) setAuthentication(req *http.Request, config *Config) {
+	// Add authentication - prefer Bearer token over Basic Auth
+	if config.Token != "" {
+		req.Header.Set("Authorization", "Bearer "+config.Token)
+	} else if config.User != "" {
+		req.SetBasicAuth(config.User, config.Password)
+	}
+}
+
+// sendRequest executes the HTTP request and handles the response.
+func (service *Service) sendRequest(req *http.Request) error {
+	client := &http.Client{}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return fmt.Errorf("sending HTTP request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	// Check response status
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		return fmt.Errorf("%w: server returned status %d", ErrSendFailed, resp.StatusCode)
+	}
+
+	// Parse response (optional, for logging)
+	service.parseResponse(resp)
+
+	return nil
+}
+
+// parseResponse extracts and logs response information.
+func (service *Service) parseResponse(resp *http.Response) {
+	var response sendMessageResponse
+	if err := json.NewDecoder(resp.Body).Decode(&response); err != nil {
+		service.Logf("Warning: failed to parse response: %v", err)
+	} else {
+		service.Logf("Message sent successfully at timestamp %d", response.Timestamp)
+	}
+}