rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14872 commits 1 branch 0 tags 63 MiB
Commit graph

35 commits

Author SHA1 Message Date
Andras Bacsai
096d4369e5 fix(sentinel): add token validation to prevent command injection 
Add validation to ensure sentinel tokens contain only safe characters
(alphanumeric, dots, hyphens, underscores, plus, forward slash, equals),
preventing OS command injection vulnerabilities when tokens are
interpolated into shell commands.

- Add ServerSetting::isValidSentinelToken() validation method
- Validate tokens in StartSentinel action and metrics queries
- Improve shell argument escaping with escapeshellarg()
- Add comprehensive test coverage for token validation
 2026-03-10 22:19:19 +01:00
Andras Bacsai
700550b26f
Fix: Concurrent builds ignored & add deployment queue limit (#7488) 2025-12-11 11:03:02 +01:00
Andras Bacsai
511415770a Add server-level toggle to disable application image retention 
Adds a new server-level setting that allows administrators to disable
per-application image retention globally for all applications on a server.
When enabled, Docker cleanup will only keep the currently running image
regardless of individual application retention settings.

Changes:
- Add migration for disable_application_image_retention boolean field
- Update ServerSetting model with cast
- Add checkbox in DockerCleanup page (Advanced section)
- Modify CleanupDocker action to check server-level setting
- Update Rollback page to show warning and disable inputs when server
  retention is disabled
- Add helper text noting server-level override capability

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-05 12:22:20 +01:00
Andras Bacsai
6d16f52143 Add deployment queue limit to prevent queue bombing 
- Add configurable deployment_queue_limit server setting (default: 25)
- Check queue size before accepting new deployments
- Return 429 status for webhooks/API when queue is full (allows retry)
- Show error toast in UI when queue limit reached
- Add UI control in Server Advanced settings

Fixes #6708

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-04 13:52:27 +01:00
Andras Bacsai
728f261316 Changes auto-committed by Conductor 2025-10-16 09:51:37 +02:00
Andras Bacsai
46b4cfac68 feat(terminal-access): implement terminal access control for servers and containers, including UI updates and backend logic 2025-05-29 14:09:05 +02:00
peaklabs-dev
f26853b576
fix: unreachable notifications 2024-12-23 16:51:34 +01:00
SierraJC
bbd7d8b567
fix: move servers API delete_unused_* properties 
correct location from API response is in server.settings
 2024-11-23 13:23:13 +11:00
Andras Bacsai
aa1e80ccae fix: start sentinel on seeder 2024-11-08 10:39:02 +01:00
Andras Bacsai
9d9ac5943e fix 2024-11-08 10:30:10 +01:00
Andras Bacsai
e7f2215652 fix: seeder should not start sentinel 2024-11-08 10:28:40 +01:00
Andras Bacsai
f1587d3302 cleanups 2024-11-06 12:39:37 +01:00
Andras Bacsai
96ca72fcdb refactor server view (phuuu) 2024-10-30 20:03:30 +01:00
Andras Bacsai
8c96ab52d7 feat: notification rate limiter 
fix: limit server up / down notification limits
 2024-10-25 15:13:23 +02:00
Andras Bacsai
7ed0ebf106 fix: generateSentinelUrl method 2024-10-25 11:41:52 +02:00
Andras Bacsai
6e305a33de Refactor server setting model to restart Sentinel on specific config changes 2024-10-22 14:10:52 +02:00
Andras Bacsai
1f221d9791 fix: sentinel config changes restarts sentinel 2024-10-22 14:10:36 +02:00
Andras Bacsai
e8854c3101 fix: sentinel start fixed 2024-10-22 08:31:53 +02:00
Andras Bacsai
b75c2dc604 pint 2024-10-17 22:08:23 +02:00
Andras Bacsai
2315bdb93f ui updates on server 2024-10-17 14:56:36 +02:00
Andras Bacsai
f600c1b37d fix: only enable Sentinel for new servers 2024-10-17 10:04:38 +02:00
Andras Bacsai
d446cd4f31 sentinel updates 2024-10-15 13:39:19 +02:00
Andras Bacsai
1f193d465d sentinel updates 2024-10-14 12:07:37 +02:00
Andras Bacsai
182ddeefcb refactor: Remove unused server timezone seeder and related code 2024-08-26 15:36:22 +02:00
Andras Bacsai
68169f75d1 refactor: Remove unused server timezone seeder and related code 2024-08-26 15:26:08 +02:00
ayntk-ai
012c23586d
rename to docker cleanup and and feedback implementation 2024-08-18 23:16:59 +02:00
ayntk-ai
f93fe75de9
new fields in server setttings 2024-08-14 21:54:28 +02:00
Andras Bacsai
2d3a6a4528 openapi work work 2024-07-09 10:45:10 +02:00
Andras Bacsai
65bfce43c0 fix: server settings guarded 2023-10-25 11:50:22 +02:00
Andras Bacsai
f2228cec7b testing php storm code cleanup and styling 2023-08-08 11:51:36 +02:00
Andras Bacsai
0d45d9980c fix 2023-06-15 13:51:31 +02:00
Andras Bacsai
cbfc490d95 fix 2023-06-15 13:28:16 +02:00
Andras Bacsai
f79b3841c7 fixes 2023-06-15 09:15:41 +02:00
Andras Bacsai
2487dde69e add new server 
add new private key
check server connection
 2023-04-26 15:38:50 +02:00
Andras Bacsai
da2f657342 wip 2023-03-30 15:52:19 +02:00