rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coolify/app/Livewire/Project/Database/Import.php

616 lines
24 KiB
PHP
Raw Normal View History

Added database import feature.
2024-01-06 05:24:57 +00:00
<?php
namespace App\Livewire\Project\Database;
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
use App\Models\S3Storage;
Added database import feature.
2024-01-06 05:24:57 +00:00
use App\Models\Server;
feat(auth): implement authorization checks for database management
2025-08-23 16:50:35 +00:00
use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
fix: use Auth(), add new db proxy stop event refactor clickhouse view
2024-11-04 13:18:16 +00:00
use Illuminate\Support\Facades\Auth;
feat: import backups
2024-01-10 14:42:54 +00:00
use Illuminate\Support\Facades\Storage;
Fix styling
2024-06-10 20:43:34 +00:00
use Livewire\Component;
Added database import feature.
2024-01-06 05:24:57 +00:00
class Import extends Component
{
feat(auth): implement authorization checks for database management
2025-08-23 16:50:35 +00:00
use AuthorizesRequests;
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
/**
* Validate that a string is safe for use as an S3 bucket name.
* Allows alphanumerics, dots, dashes, and underscores.
*/
private function validateBucketName(string $bucket): bool
{
return preg_match('/^[a-zA-Z0-9.\-_]+$/', $bucket) === 1;
}
/**
* Validate that a string is safe for use as an S3 path.
* Allows alphanumerics, dots, dashes, underscores, slashes, and common file characters.
*/
private function validateS3Path(string $path): bool
{
// Must not be empty
if (empty($path)) {
return false;
}
// Must not contain dangerous shell metacharacters or command injection patterns
$dangerousPatterns = [
'..', // Directory traversal
'$(', // Command substitution
'`', // Backtick command substitution
'|', // Pipe
';', // Command separator
'&', // Background/AND
'>', // Redirect
'<', // Redirect
"\n", // Newline
"\r", // Carriage return
"\0", // Null byte
"'", // Single quote
'"', // Double quote
'\\', // Backslash
];
foreach ($dangerousPatterns as $pattern) {
if (str_contains($path, $pattern)) {
return false;
}
}
// Allow alphanumerics, dots, dashes, underscores, slashes, spaces, plus, equals, at
return preg_match('/^[a-zA-Z0-9.\-_\/\s+@=]+$/', $path) === 1;
}
/**
* Validate that a string is safe for use as a file path on the server.
*/
private function validateServerPath(string $path): bool
{
// Must be an absolute path
if (! str_starts_with($path, '/')) {
return false;
}
// Must not contain dangerous shell metacharacters or command injection patterns
$dangerousPatterns = [
'..', // Directory traversal
'$(', // Command substitution
'`', // Backtick command substitution
'|', // Pipe
';', // Command separator
'&', // Background/AND
'>', // Redirect
'<', // Redirect
"\n", // Newline
"\r", // Carriage return
"\0", // Null byte
"'", // Single quote
'"', // Double quote
'\\', // Backslash
];
foreach ($dangerousPatterns as $pattern) {
if (str_contains($path, $pattern)) {
return false;
}
}
// Allow alphanumerics, dots, dashes, underscores, slashes, and spaces
return preg_match('/^[a-zA-Z0-9.\-_\/\s]+$/', $path) === 1;
}
Fix variable assignment in Import.php and ApplicationDeploymentJob.php
2024-04-11 11:20:46 +00:00
public bool $unsupported = false;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public $resource;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public $parameters;
Fix styling
2024-06-10 20:43:34 +00:00
feat: import backups
2024-01-10 14:42:54 +00:00
public $containers;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public bool $scpInProgress = false;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public bool $importRunning = false;
feat: upload large backups
2024-04-11 10:13:11 +00:00
public ?string $filename = null;
Fix styling
2024-06-10 20:43:34 +00:00
feat: upload large backups
2024-04-11 10:13:11 +00:00
public ?string $filesize = null;
Fix styling
2024-06-10 20:43:34 +00:00
feat: upload large backups
2024-04-11 10:13:11 +00:00
public bool $isUploading = false;
Fix styling
2024-06-10 20:43:34 +00:00
feat: upload large backups
2024-04-11 10:13:11 +00:00
public int $progress = 0;
Fix styling
2024-06-10 20:43:34 +00:00
feat: upload large backups
2024-04-11 10:13:11 +00:00
public bool $error = false;
Added database import feature.
2024-01-06 05:24:57 +00:00
public Server $server;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public string $container;
Fix styling
2024-06-10 20:43:34 +00:00
Added database import feature.
2024-01-06 05:24:57 +00:00
public array $importCommands = [];
Fix styling
2024-06-10 20:43:34 +00:00
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
public bool $dumpAll = false;
public string $restoreCommandText = '';
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
public string $customLocation = '';
fix: resolve uncloseable database restore modal on MariaDB import (#7335) Fixes the "Snapshot missing on Livewire component" error that occurs when toggling the "Backup includes all databases" checkbox during MariaDB database import operations. Root Cause: - ActivityMonitor component was initialized without proper lifecycle hooks - When parent Import component re-rendered (via checkbox toggle), the ActivityMonitor's Livewire snapshot became stale - Missing null checks caused errors when querying with undefined activityId - No state cleanup when slide-over closed, causing issues on subsequent opens Changes: - Add updatedActivityId() lifecycle hook to ActivityMonitor for proper hydration - Add defensive null check in hydrateActivity() to prevent query errors - Track activityId in Import component for state management - Add slideOverClosed event dispatch in slide-over component - Add event listener in Import component to reset activityId on close Testing: - Manually verify checkbox toggle doesn't trigger popup - Verify actual restore operations work correctly - Test both file-based and S3-based restore methods - Ensure X button properly closes the modal - Verify no console errors or Livewire warnings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 09:43:07 +00:00
public ?int $activityId = null;
feat: import backups
2024-01-10 14:42:54 +00:00
public string $postgresqlRestoreCommand = 'pg_restore -U $POSTGRES_USER -d $POSTGRES_DB';
Fix styling
2024-06-10 20:43:34 +00:00
fix: import to mysql and mariadb
2024-02-24 20:12:34 +00:00
public string $mysqlRestoreCommand = 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE';
Fix styling
2024-06-10 20:43:34 +00:00
fix: import to mysql and mariadb
2024-02-24 20:12:34 +00:00
public string $mariadbRestoreCommand = 'mariadb -u $MARIADB_USER -p$MARIADB_PASSWORD $MARIADB_DATABASE';
Fix styling
2024-06-10 20:43:34 +00:00
fix mongodb imports
2024-04-25 21:44:55 +00:00
public string $mongodbRestoreCommand = 'mongorestore --authenticationDatabase=admin --username $MONGO_INITDB_ROOT_USERNAME --password $MONGO_INITDB_ROOT_PASSWORD --uri mongodb://localhost:27017 --gzip --archive=';
Added database import feature.
2024-01-06 05:24:57 +00:00
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
// S3 Restore properties
public $availableS3Storages = [];
public ?int $s3StorageId = null;
public string $s3Path = '';
public ?int $s3FileSize = null;
feat: import backups
2024-01-10 14:42:54 +00:00
public function getListeners()
{
fix: use Auth(), add new db proxy stop event refactor clickhouse view
2024-11-04 13:18:16 +00:00
$userId = Auth::id();
Fix styling
2024-06-10 20:43:34 +00:00
feat: import backups
2024-01-10 14:42:54 +00:00
return [
"echo-private:user.{$userId},DatabaseStatusChanged" => '$refresh',
fix: resolve uncloseable database restore modal on MariaDB import (#7335) Fixes the "Snapshot missing on Livewire component" error that occurs when toggling the "Backup includes all databases" checkbox during MariaDB database import operations. Root Cause: - ActivityMonitor component was initialized without proper lifecycle hooks - When parent Import component re-rendered (via checkbox toggle), the ActivityMonitor's Livewire snapshot became stale - Missing null checks caused errors when querying with undefined activityId - No state cleanup when slide-over closed, causing issues on subsequent opens Changes: - Add updatedActivityId() lifecycle hook to ActivityMonitor for proper hydration - Add defensive null check in hydrateActivity() to prevent query errors - Track activityId in Import component for state management - Add slideOverClosed event dispatch in slide-over component - Add event listener in Import component to reset activityId on close Testing: - Manually verify checkbox toggle doesn't trigger popup - Verify actual restore operations work correctly - Test both file-based and S3-based restore methods - Ensure X button properly closes the modal - Verify no console errors or Livewire warnings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 09:43:07 +00:00
'slideOverClosed' => 'resetActivityId',
feat: import backups
2024-01-10 14:42:54 +00:00
];
}
Fix styling
2024-06-10 20:43:34 +00:00
fix: resolve uncloseable database restore modal on MariaDB import (#7335) Fixes the "Snapshot missing on Livewire component" error that occurs when toggling the "Backup includes all databases" checkbox during MariaDB database import operations. Root Cause: - ActivityMonitor component was initialized without proper lifecycle hooks - When parent Import component re-rendered (via checkbox toggle), the ActivityMonitor's Livewire snapshot became stale - Missing null checks caused errors when querying with undefined activityId - No state cleanup when slide-over closed, causing issues on subsequent opens Changes: - Add updatedActivityId() lifecycle hook to ActivityMonitor for proper hydration - Add defensive null check in hydrateActivity() to prevent query errors - Track activityId in Import component for state management - Add slideOverClosed event dispatch in slide-over component - Add event listener in Import component to reset activityId on close Testing: - Manually verify checkbox toggle doesn't trigger popup - Verify actual restore operations work correctly - Test both file-based and S3-based restore methods - Ensure X button properly closes the modal - Verify no console errors or Livewire warnings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 09:43:07 +00:00
public function resetActivityId()
{
$this->activityId = null;
}
Added database import feature.
2024-01-06 05:24:57 +00:00
public function mount()
{
$this->parameters = get_route_parameters();
$this->getContainers();
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$this->loadAvailableS3Storages();
Added database import feature.
2024-01-06 05:24:57 +00:00
}
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
public function updatedDumpAll($value)
{
switch ($this->resource->getMorphClass()) {
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
case \App\Models\StandaloneMariadb::class:
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
if ($value === true) {
$this->mariadbRestoreCommand = <<<'EOD'
for pid in $(mariadb -u root -p$MARIADB_ROOT_PASSWORD -N -e "SELECT id FROM information_schema.processlist WHERE user != 'root';"); do
mariadb -u root -p$MARIADB_ROOT_PASSWORD -e "KILL $pid" 2>/dev/null || true
done && \
mariadb -u root -p$MARIADB_ROOT_PASSWORD -N -e "SELECT CONCAT('DROP DATABASE IF EXISTS \`',schema_name,'\`;') FROM information_schema.schemata WHERE schema_name NOT IN ('information_schema','mysql','performance_schema','sys');" | mariadb -u root -p$MARIADB_ROOT_PASSWORD && \
mariadb -u root -p$MARIADB_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS \`default\`;" && \
(gunzip -cf $tmpPath 2>/dev/null || cat $tmpPath) | sed -e '/^CREATE DATABASE/d' -e '/^USE \`mysql\`/d' | mariadb -u root -p$MARIADB_ROOT_PASSWORD default
EOD;
$this->restoreCommandText = $this->mariadbRestoreCommand.' && (gunzip -cf <temp_backup_file> 2>/dev/null || cat <temp_backup_file>) | mariadb -u root -p$MARIADB_ROOT_PASSWORD default';
} else {
$this->mariadbRestoreCommand = 'mariadb -u $MARIADB_USER -p$MARIADB_PASSWORD $MARIADB_DATABASE';
}
break;
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
case \App\Models\StandaloneMysql::class:
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
if ($value === true) {
$this->mysqlRestoreCommand = <<<'EOD'
for pid in $(mysql -u root -p$MYSQL_ROOT_PASSWORD -N -e "SELECT id FROM information_schema.processlist WHERE user != 'root';"); do
mysql -u root -p$MYSQL_ROOT_PASSWORD -e "KILL $pid" 2>/dev/null || true
done && \
mysql -u root -p$MYSQL_ROOT_PASSWORD -N -e "SELECT CONCAT('DROP DATABASE IF EXISTS \`',schema_name,'\`;') FROM information_schema.schemata WHERE schema_name NOT IN ('information_schema','mysql','performance_schema','sys');" | mysql -u root -p$MYSQL_ROOT_PASSWORD && \
mysql -u root -p$MYSQL_ROOT_PASSWORD -e "CREATE DATABASE IF NOT EXISTS \`default\`;" && \
(gunzip -cf $tmpPath 2>/dev/null || cat $tmpPath) | sed -e '/^CREATE DATABASE/d' -e '/^USE \`mysql\`/d' | mysql -u root -p$MYSQL_ROOT_PASSWORD default
EOD;
$this->restoreCommandText = $this->mysqlRestoreCommand.' && (gunzip -cf <temp_backup_file> 2>/dev/null || cat <temp_backup_file>) | mysql -u root -p$MYSQL_ROOT_PASSWORD default';
} else {
$this->mysqlRestoreCommand = 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE';
}
break;
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
case \App\Models\StandalonePostgresql::class:
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
if ($value === true) {
$this->postgresqlRestoreCommand = <<<'EOD'
psql -U $POSTGRES_USER -c "SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname IS NOT NULL AND pid <> pg_backend_pid()" && \
psql -U $POSTGRES_USER -t -c "SELECT datname FROM pg_database WHERE NOT datistemplate" | xargs -I {} dropdb -U $POSTGRES_USER --if-exists {} && \
createdb -U $POSTGRES_USER postgres
EOD;
$this->restoreCommandText = $this->postgresqlRestoreCommand.' && (gunzip -cf <temp_backup_file> 2>/dev/null || cat <temp_backup_file>) | psql -U $POSTGRES_USER postgres';
} else {
$this->postgresqlRestoreCommand = 'pg_restore -U $POSTGRES_USER -d $POSTGRES_DB';
}
break;
}
}
Added database import feature.
2024-01-06 05:24:57 +00:00
public function getContainers()
{
$this->containers = collect();
Fix styling
2024-06-10 20:43:34 +00:00
if (! data_get($this->parameters, 'database_uuid')) {
Added database import feature.
2024-01-06 05:24:57 +00:00
abort(404);
}
feat: upload large backups
2024-04-11 10:13:11 +00:00
$resource = getResourceByUuid($this->parameters['database_uuid'], data_get(auth()->user()->currentTeam(), 'id'));
Added database import feature.
2024-01-06 05:24:57 +00:00
if (is_null($resource)) {
Add keydb, dragonfly and clickhouse
2024-04-10 13:00:46 +00:00
abort(404);
Added database import feature.
2024-01-06 05:24:57 +00:00
}
fix: add authorization checks to database Livewire components Added authorization checks to 11 database-related Livewire components that were loading sensitive database configuration without verifying user permissions. Changes: - Added authorize('view', $database) to all 8 database type General.php mount() methods - Added authorization to Configuration.php before loading database - Added authorization to BackupEdit.php before loading backup config - Added authorization to Import.php before loading database resource This prevents unauthorized users from accessing database credentials, connection strings, and configuration details. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-14 15:33:42 +00:00
$this->authorize('view', $resource);
Added database import feature.
2024-01-06 05:24:57 +00:00
$this->resource = $resource;
$this->server = $this->resource->destination->server;
$this->container = $this->resource->uuid;
feat: import backups
2024-01-10 14:42:54 +00:00
if (str(data_get($this, 'resource.status'))->startsWith('running')) {
Added database import feature.
2024-01-06 05:24:57 +00:00
$this->containers->push($this->container);
}
feat: import backups
2024-01-10 14:42:54 +00:00
if (
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
$this->resource->getMorphClass() === \App\Models\StandaloneRedis::class ||
$this->resource->getMorphClass() === \App\Models\StandaloneKeydb::class ||
$this->resource->getMorphClass() === \App\Models\StandaloneDragonfly::class ||
$this->resource->getMorphClass() === \App\Models\StandaloneClickhouse::class
feat: import backups
2024-01-10 14:42:54 +00:00
) {
Fix variable assignment in Import.php and ApplicationDeploymentJob.php
2024-04-11 11:20:46 +00:00
$this->unsupported = true;
Added database import feature.
2024-01-06 05:24:57 +00:00
}
}
feat: import backups
2024-01-10 14:42:54 +00:00
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
public function checkFile()
{
if (filled($this->customLocation)) {
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Validate the custom location to prevent command injection
if (! $this->validateServerPath($this->customLocation)) {
$this->dispatch('error', 'Invalid file path. Path must be absolute and contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).');
return;
}
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
try {
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
$escapedPath = escapeshellarg($this->customLocation);
$result = instant_remote_process(["ls -l {$escapedPath}"], $this->server, throwError: false);
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
if (blank($result)) {
$this->dispatch('error', 'The file does not exist or has been deleted.');
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
return;
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
}
$this->filename = $this->customLocation;
$this->dispatch('success', 'The file exists.');
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
} catch (\Throwable $e) {
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
return handleError($e, $this);
}
}
}
Added database import feature.
2024-01-06 05:24:57 +00:00
public function runImport()
{
feat(auth): implement authorization checks for database management
2025-08-23 16:50:35 +00:00
$this->authorize('update', $this->resource);
Always prefer stricter string comparisons.
2024-10-31 14:23:19 +00:00
if ($this->filename === '') {
feat: upload large backups
2024-04-11 10:13:11 +00:00
$this->dispatch('error', 'Please select a file to import.');
Fix styling
2024-06-10 20:43:34 +00:00
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
return;
feat: upload large backups
2024-04-11 10:13:11 +00:00
}
Added database import feature.
2024-01-06 05:24:57 +00:00
try {
feat(acl): Change views/backend code to able to use proper ACL's later on. Currently it is not enabled.
2025-08-26 08:27:31 +00:00
$this->importRunning = true;
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
$this->importCommands = [];
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
$backupFileName = "upload/{$this->resource->uuid}/restore";
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
// Check if an uploaded file exists first (takes priority over custom location)
if (Storage::exists($backupFileName)) {
$path = Storage::path($backupFileName);
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
$tmpPath = '/tmp/'.basename($backupFileName).'_'.$this->resource->uuid;
instant_scp($path, $tmpPath, $this->server);
Storage::delete($backupFileName);
$this->importCommands[] = "docker cp {$tmpPath} {$this->container}:{$tmpPath}";
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
} elseif (filled($this->customLocation)) {
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Validate the custom location to prevent command injection
if (! $this->validateServerPath($this->customLocation)) {
$this->dispatch('error', 'Invalid file path. Path must be absolute and contain only safe characters.');
return;
}
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
$tmpPath = '/tmp/restore_'.$this->resource->uuid;
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
$escapedCustomLocation = escapeshellarg($this->customLocation);
$this->importCommands[] = "docker cp {$escapedCustomLocation} {$this->container}:{$tmpPath}";
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
} else {
$this->dispatch('error', 'The file does not exist or has been deleted.');
return;
feat: upload large backups
2024-04-11 10:13:11 +00:00
}
Added database import feature.
2024-01-06 05:24:57 +00:00
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
// Copy the restore command to a script file
$scriptPath = "/tmp/restore_{$this->resource->uuid}.sh";
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
$restoreCommand = $this->buildRestoreCommand($tmpPath);
Added database import feature.
2024-01-06 05:24:57 +00:00
Revert "refactor(file-transfer): replace base64 encoding with direct file transfer method in various components for improved clarity and efficiency" This reverts commit feacedbb0427ace0154fca5d58e009931aeb2779.
2025-09-15 15:56:48 +00:00
$restoreCommandBase64 = base64_encode($restoreCommand);
$this->importCommands[] = "echo \"{$restoreCommandBase64}\" | base64 -d > {$scriptPath}";
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
$this->importCommands[] = "chmod +x {$scriptPath}";
$this->importCommands[] = "docker cp {$scriptPath} {$this->container}:{$scriptPath}";
$this->importCommands[] = "docker exec {$this->container} sh -c '{$scriptPath}'";
Added database import feature.
2024-01-06 05:24:57 +00:00
$this->importCommands[] = "docker exec {$this->container} sh -c 'echo \"Import finished with exit code $?\"'";
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
if (! empty($this->importCommands)) {
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
$activity = remote_process($this->importCommands, $this->server, ignore_errors: true, callEventOnFinish: 'RestoreJobFinished', callEventData: [
'scriptPath' => $scriptPath,
'tmpPath' => $tmpPath,
'container' => $this->container,
'serverId' => $this->server->id,
]);
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
fix: resolve uncloseable database restore modal on MariaDB import (#7335) Fixes the "Snapshot missing on Livewire component" error that occurs when toggling the "Backup includes all databases" checkbox during MariaDB database import operations. Root Cause: - ActivityMonitor component was initialized without proper lifecycle hooks - When parent Import component re-rendered (via checkbox toggle), the ActivityMonitor's Livewire snapshot became stale - Missing null checks caused errors when querying with undefined activityId - No state cleanup when slide-over closed, causing issues on subsequent opens Changes: - Add updatedActivityId() lifecycle hook to ActivityMonitor for proper hydration - Add defensive null check in hydrateActivity() to prevent query errors - Track activityId in Import component for state management - Add slideOverClosed event dispatch in slide-over component - Add event listener in Import component to reset activityId on close Testing: - Manually verify checkbox toggle doesn't trigger popup - Verify actual restore operations work correctly - Test both file-based and S3-based restore methods - Ensure X button properly closes the modal - Verify no console errors or Livewire warnings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 09:43:07 +00:00
// Track the activity ID
$this->activityId = $activity->id;
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Dispatch activity to the monitor and open slide-over
fix: revert to original dispatch approach with unique wire:key per monitor Root cause analysis: - Changed from dispatch to property binding broke the activity monitor completely - ActivityMonitor component expects activityMonitor event, not property binding - Original approach was correct: use dispatch + event listeners Solution: - Revert to original dispatch('activityMonitor', $activity->id) calls - Use @if conditionals to render only one monitor at a time (removes from DOM) - Add unique wire:key to each monitor instance to prevent conflicts - S3 download monitor: wire:key="s3-download-{{ $resource->uuid }}" - Database restore monitor: wire:key="database-restore-{{ $resource->uuid }}" This ensures: - Activity monitors display correctly when processes start - Only one monitor is rendered at a time (S3 download OR database restore) - Each monitor has unique identity via wire:key - Event listeners work as designed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 16:10:34 +00:00
$this->dispatch('activityMonitor', $activity->id);
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$this->dispatch('databaserestore');
Added database import feature.
2024-01-06 05:24:57 +00:00
}
Revert "rector: arrrrr" This reverts commit 16c0cd10d8913417ad709ba4e737ed1f12374f45.
2025-01-07 14:31:43 +00:00
} catch (\Throwable $e) {
feat: upload large backups
2024-04-11 10:13:11 +00:00
return handleError($e, $this);
feat/fix: able to import full db backups for pg/mysql/mariadb
2025-01-07 12:00:41 +00:00
} finally {
$this->filename = null;
feat: restore backup from server file
2025-01-07 13:02:19 +00:00
$this->importCommands = [];
Added database import feature.
2024-01-06 05:24:57 +00:00
}
}
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
public function loadAvailableS3Storages()
{
try {
$this->availableS3Storages = S3Storage::ownedByCurrentTeam(['id', 'name', 'description'])
->where('is_usable', true)
->get();
} catch (\Throwable $e) {
$this->availableS3Storages = collect();
}
}
feat: improve S3 restore path handling and validation state - Add path attribute mutator to S3Storage model ensuring paths start with / - Add updatedS3Path hook to normalize path and reset validation state on blur - Add updatedS3StorageId hook to reset validation state when storage changes - Add Enter key support to trigger file check from path input - Use wire:model.live for S3 storage select, wire:model.blur for path input - Improve shell escaping in restore job cleanup commands - Fix isSafeTmpPath helper logic for directory validation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-25 09:18:30 +00:00
public function updatedS3Path($value)
{
// Reset validation state when path changes
$this->s3FileSize = null;
// Ensure path starts with a slash
if ($value !== null && $value !== '') {
$this->s3Path = str($value)->trim()->start('/')->value();
}
}
public function updatedS3StorageId()
{
// Reset validation state when storage changes
$this->s3FileSize = null;
}
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
public function checkS3File()
{
if (! $this->s3StorageId) {
$this->dispatch('error', 'Please select an S3 storage.');
return;
}
if (blank($this->s3Path)) {
$this->dispatch('error', 'Please provide an S3 path.');
return;
}
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Clean the path (remove leading slash if present)
$cleanPath = ltrim($this->s3Path, '/');
// Validate the S3 path early to prevent command injection in subsequent operations
if (! $this->validateS3Path($cleanPath)) {
$this->dispatch('error', 'Invalid S3 path. Path must contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).');
return;
}
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
try {
fix: S3 restore button disabled state and security scopes - Add Alpine.js entangle bindings for s3StorageId and s3Path to enable reactive button state without server requests - Change button disabled binding from PHP :disabled to Alpine x-bind:disabled for client-side reactivity using deferred wire:model inputs - Replace S3Storage::findOrFail with ownedByCurrentTeam()->findOrFail in checkS3File() and downloadFromS3() methods - Remove redundant manual team verification since ownedByCurrentTeam scope automatically filters to current team 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 15:33:34 +00:00
$s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId);
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Validate bucket name early
if (! $this->validateBucketName($s3Storage->bucket)) {
$this->dispatch('error', 'Invalid S3 bucket name. Bucket name must contain only alphanumerics, dots, dashes, and underscores.');
return;
}
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
// Test connection
$s3Storage->testConnection();
// Build S3 disk configuration
$disk = Storage::build([
'driver' => 's3',
'region' => $s3Storage->region,
'key' => $s3Storage->key,
'secret' => $s3Storage->secret,
'bucket' => $s3Storage->bucket,
'endpoint' => $s3Storage->endpoint,
'use_path_style_endpoint' => true,
]);
// Check if file exists
if (! $disk->exists($cleanPath)) {
$this->dispatch('error', 'File not found in S3. Please check the path.');
return;
}
// Get file size
$this->s3FileSize = $disk->size($cleanPath);
$this->dispatch('success', 'File found in S3. Size: '.formatBytes($this->s3FileSize));
} catch (\Throwable $e) {
$this->s3FileSize = null;
return handleError($e, $this);
}
}
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
public function restoreFromS3()
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
{
$this->authorize('update', $this->resource);
if (! $this->s3StorageId || blank($this->s3Path)) {
$this->dispatch('error', 'Please select S3 storage and provide a path first.');
return;
}
if (is_null($this->s3FileSize)) {
$this->dispatch('error', 'Please check the file first by clicking "Check File".');
return;
}
try {
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$this->importRunning = true;
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
fix: S3 restore button disabled state and security scopes - Add Alpine.js entangle bindings for s3StorageId and s3Path to enable reactive button state without server requests - Change button disabled binding from PHP :disabled to Alpine x-bind:disabled for client-side reactivity using deferred wire:model inputs - Replace S3Storage::findOrFail with ownedByCurrentTeam()->findOrFail in checkS3File() and downloadFromS3() methods - Remove redundant manual team verification since ownedByCurrentTeam scope automatically filters to current team 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-02 15:33:34 +00:00
$s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId);
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$key = $s3Storage->key;
$secret = $s3Storage->secret;
$bucket = $s3Storage->bucket;
$endpoint = $s3Storage->endpoint;
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Validate bucket name to prevent command injection
if (! $this->validateBucketName($bucket)) {
$this->dispatch('error', 'Invalid S3 bucket name. Bucket name must contain only alphanumerics, dots, dashes, and underscores.');
return;
}
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Clean the S3 path
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$cleanPath = ltrim($this->s3Path, '/');
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// Validate the S3 path to prevent command injection
if (! $this->validateS3Path($cleanPath)) {
$this->dispatch('error', 'Invalid S3 path. Path must contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).');
return;
}
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
// Get helper image
$helperImage = config('constants.coolify.helper_image');
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$latestVersion = getHelperVersion();
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$fullImageName = "{$helperImage}:{$latestVersion}";
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Get the database destination network
$destinationNetwork = $this->resource->destination->network ?? 'coolify';
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Generate unique names for this operation
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$containerName = "s3-restore-{$this->resource->uuid}";
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$helperTmpPath = '/tmp/'.basename($cleanPath);
$serverTmpPath = "/tmp/s3-restore-{$this->resource->uuid}-".basename($cleanPath);
$containerTmpPath = "/tmp/restore_{$this->resource->uuid}-".basename($cleanPath);
$scriptPath = "/tmp/restore_{$this->resource->uuid}.sh";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Prepare all commands in sequence
$commands = [];
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// 1. Clean up any existing helper container and temp files from previous runs
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$commands[] = "docker rm -f {$containerName} 2>/dev/null || true";
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
$commands[] = "rm -f {$serverTmpPath} 2>/dev/null || true";
$commands[] = "docker exec {$this->container} rm -f {$containerTmpPath} {$scriptPath} 2>/dev/null || true";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// 2. Start helper container on the database network
fix: improve robustness and security in database restore flows - Add null checks for server instances in restore events to prevent errors - Escape S3 credentials to prevent command injection vulnerabilities - Fix file upload clearing custom location to prevent UI confusion - Optimize isSafeTmpPath helper by avoiding redundant dirname calls - Remove unnecessary --rm flag from long-running S3 restore container - Prioritize uploaded files over custom location in import logic - Add comprehensive unit tests for restore event null server handling 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:13:10 +00:00
$commands[] = "docker run -d --network {$destinationNetwork} --name {$containerName} {$fullImageName} sleep 3600";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// 3. Configure S3 access in helper container
$escapedEndpoint = escapeshellarg($endpoint);
$escapedKey = escapeshellarg($key);
$escapedSecret = escapeshellarg($secret);
$commands[] = "docker exec {$containerName} mc alias set s3temp {$escapedEndpoint} {$escapedKey} {$escapedSecret}";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
// 4. Check file exists in S3 (bucket and path already validated above)
$escapedBucket = escapeshellarg($bucket);
$escapedCleanPath = escapeshellarg($cleanPath);
$escapedS3Source = escapeshellarg("s3temp/{$bucket}/{$cleanPath}");
$commands[] = "docker exec {$containerName} mc stat {$escapedS3Source}";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// 5. Download from S3 to helper container (progress shown by default)
feat: add validation methods for S3 bucket names, paths, and server paths; update import logic to prevent command injection
2025-11-25 15:40:35 +00:00
$escapedHelperTmpPath = escapeshellarg($helperTmpPath);
$commands[] = "docker exec {$containerName} mc cp {$escapedS3Source} {$escapedHelperTmpPath}";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// 6. Copy from helper to server, then immediately to database container
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$commands[] = "docker cp {$containerName}:{$helperTmpPath} {$serverTmpPath}";
$commands[] = "docker cp {$serverTmpPath} {$this->container}:{$containerTmpPath}";
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// 7. Cleanup helper container and server temp file immediately (no longer needed)
$commands[] = "docker rm -f {$containerName} 2>/dev/null || true";
$commands[] = "rm -f {$serverTmpPath} 2>/dev/null || true";
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// 8. Build and execute restore command inside database container
$restoreCommand = $this->buildRestoreCommand($containerTmpPath);
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
$restoreCommandBase64 = base64_encode($restoreCommand);
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$commands[] = "echo \"{$restoreCommandBase64}\" | base64 -d > {$scriptPath}";
$commands[] = "chmod +x {$scriptPath}";
$commands[] = "docker cp {$scriptPath} {$this->container}:{$scriptPath}";
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// 9. Execute restore and cleanup temp files immediately after completion
$commands[] = "docker exec {$this->container} sh -c '{$scriptPath} && rm -f {$containerTmpPath} {$scriptPath}'";
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$commands[] = "docker exec {$this->container} sh -c 'echo \"Import finished with exit code $?\"'";
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
// Execute all commands with cleanup event (as safety net for edge cases)
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$activity = remote_process($commands, $this->server, ignore_errors: true, callEventOnFinish: 'S3RestoreJobFinished', callEventData: [
'containerName' => $containerName,
'serverTmpPath' => $serverTmpPath,
'scriptPath' => $scriptPath,
'containerTmpPath' => $containerTmpPath,
'container' => $this->container,
'serverId' => $this->server->id,
]);
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
fix: resolve uncloseable database restore modal on MariaDB import (#7335) Fixes the "Snapshot missing on Livewire component" error that occurs when toggling the "Backup includes all databases" checkbox during MariaDB database import operations. Root Cause: - ActivityMonitor component was initialized without proper lifecycle hooks - When parent Import component re-rendered (via checkbox toggle), the ActivityMonitor's Livewire snapshot became stale - Missing null checks caused errors when querying with undefined activityId - No state cleanup when slide-over closed, causing issues on subsequent opens Changes: - Add updatedActivityId() lifecycle hook to ActivityMonitor for proper hydration - Add defensive null check in hydrateActivity() to prevent query errors - Track activityId in Import component for state management - Add slideOverClosed event dispatch in slide-over component - Add event listener in Import component to reset activityId on close Testing: - Manually verify checkbox toggle doesn't trigger popup - Verify actual restore operations work correctly - Test both file-based and S3-based restore methods - Ensure X button properly closes the modal - Verify no console errors or Livewire warnings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-26 09:43:07 +00:00
// Track the activity ID
$this->activityId = $activity->id;
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
// Dispatch activity to the monitor and open slide-over
$this->dispatch('activityMonitor', $activity->id);
$this->dispatch('databaserestore');
perf: optimize S3 restore flow with immediate cleanup and progress tracking Optimizations: - Add immediate cleanup of helper container and server temp files after copying to database - Add pre-cleanup to handle interrupted restores - Combine restore + cleanup commands to remove DB temp files immediately after restore - Reduce temp file lifetime from minutes to seconds (70-80% reduction) - Add progress tracking via MinIO client (shows by default) - Update user message to mention progress visibility Benefits: - Temp files exist only as long as needed (not until end of process) - Real-time S3 download progress shown in activity monitor - Better disk space management through aggressive cleanup - Improved error recovery with pre-cleanup Compatibility: - Works with all database types (PostgreSQL, MySQL, MariaDB, MongoDB) - All existing tests passing - Event-based cleanup acts as safety net for edge cases 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 13:23:50 +00:00
$this->dispatch('info', 'Restoring database from S3. Progress will be shown in the activity monitor...');
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
} catch (\Throwable $e) {
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
$this->importRunning = false;
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
return handleError($e, $this);
}
}
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
public function buildRestoreCommand(string $tmpPath): string
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
{
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
switch ($this->resource->getMorphClass()) {
case \App\Models\StandaloneMariadb::class:
$restoreCommand = $this->mariadbRestoreCommand;
if ($this->dumpAll) {
$restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mariadb -u root -p\$MARIADB_ROOT_PASSWORD";
} else {
$restoreCommand .= " < {$tmpPath}";
}
break;
case \App\Models\StandaloneMysql::class:
$restoreCommand = $this->mysqlRestoreCommand;
if ($this->dumpAll) {
$restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mysql -u root -p\$MYSQL_ROOT_PASSWORD";
} else {
$restoreCommand .= " < {$tmpPath}";
}
break;
case \App\Models\StandalonePostgresql::class:
$restoreCommand = $this->postgresqlRestoreCommand;
if ($this->dumpAll) {
$restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | psql -U \$POSTGRES_USER postgres";
} else {
$restoreCommand .= " {$tmpPath}";
}
break;
case \App\Models\StandaloneMongodb::class:
$restoreCommand = $this->mongodbRestoreCommand;
if ($this->dumpAll === false) {
$restoreCommand .= "{$tmpPath}";
}
break;
default:
$restoreCommand = '';
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
}
feat: streamline S3 restore with single-step flow and improved UI consistency Major architectural improvements: - Merged download and restore into single atomic operation - Eliminated separate S3DownloadFinished event (redundant) - Files now transfer directly: S3 → helper container → server → database container - Removed download progress tracking in favor of unified restore progress UI/UX improvements: - Unified restore method selection with visual cards - Consistent "File Information" display between local and S3 restore - Single slide-over for all restore operations (removed separate S3 download monitor) - Better visual feedback with loading states Security enhancements: - Added isSafeTmpPath() helper for path traversal protection - URL decode validation to catch encoded attacks - Canonical path resolution to prevent symlink attacks - Comprehensive path validation in all cleanup events Cleanup improvements: - S3RestoreJobFinished now handles all cleanup (helper container + all temp files) - RestoreJobFinished uses new isSafeTmpPath() validation - CoolifyTask dispatches cleanup events even on job failure - All cleanup uses non-throwing commands (2>/dev/null || true) Other improvements: - S3 storage policy authorization on Show component - Storage Form properly syncs is_usable state after test - Removed debug code and improved error handling - Better command organization and documentation 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-17 09:05:18 +00:00
return $restoreCommand;
feat: add S3 storage integration for file import This commit introduces functionality for integrating S3 storage into the import process. It allows users to select S3 storage, check for file existence, and download files directly from S3. This enhancement improves the flexibility of the import feature by enabling users to work with files stored in S3, addressing a common use case for teams that utilize cloud storage solutions.
2025-11-02 14:19:13 +00:00
}
Added database import feature.
2024-01-06 05:24:57 +00:00
}
Reference in a new issue Copy permalink