- Auto-select first SSH key when available instead of requiring explicit selection
- Remove disabled placeholder option from dropdown
- Prevents confusing error when user clicks "Use Selected Key" without changing dropdown
- Improves onboarding flow by having a sensible default selection
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add Hetzner Cloud server creation option to onboarding flow
- Change grid from 2 to 3 columns to accommodate all server options
- Mark both Hetzner and Remote Server as "Recommended"
- Fix Hetzner card height to match other cards
- Remove "select existing server" phase - onboarding always creates new servers
- Fix project loading on page refresh in Project Setup phase
- Fix browser back button navigation - remove aggressive restartBoarding() call
- Fix SSH key dropdown to not auto-select first key - require explicit selection
- Make checkpoint titles more prominent across all phases
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add centered, card-based layout with clean design
- Implement 3-step progress indicator component
- Add proper dark/light mode support following Coolify design system
- Implement Livewire URL state persistence for browser navigation
- Separate private key textareas for "Generate" vs "Add your own" modes
- Consistent checkpoint styling across all onboarding phases
- Enhanced typography with prominent titles (semibold, white in dark mode)
- Fixed state restoration on page refresh and browser back/forward navigation
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Enhanced the terminal server/container selection with a new searchable datalist component:
**Terminal View Changes:**
- Replaced `x-forms.select` with `x-forms.datalist` for server/container selection
- Added search functionality for filtering servers and containers
- Fixed form validation by adding hidden input for proper HTML5 validation
- Prevented error messages when clearing selection (sets to 'default')
**Datalist Component (Single Selection):**
- Implemented Alpine.js-powered dropdown with search functionality
- Added visual dropdown arrow that rotates when opened
- Proper entangle binding for wire:model support
- Keyboard support (Escape to close)
- Click outside to close behavior
- Disabled options filtering (skips disabled options)
- Consistent styling with input/textarea components
**Styling Improvements:**
- Explicit background colors: `bg-white` (light) and `dark:bg-coolgray-100` (dark)
- Proper ring border: `ring-1 ring-inset ring-neutral-200 dark:ring-coolgray-300`
- Focus states: `focus-within:ring-2 focus-within:ring-coollabs dark:focus-within:ring-warning`
- Text colors: `text-black dark:text-white`
- Added custom scrollbar styling for dropdown lists
- Wire:dirty state support for visual feedback
- Proper padding and spacing (`py-1.5`, `px-1`, `px-2`)
**Multiple Selection Mode:**
- Also updated for consistent styling and scrollbar support
- Added proper background colors and focus states
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add a 'Clear' button next to the cloud-init script dropdown that:
- Resets the dropdown to default (placeholder option)
- Clears the cloud-init script textarea
- Clears the script name input
- Unchecks the 'save script' checkbox
Improves UX by allowing users to quickly reset cloud-init fields
without manually clearing each field.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Remove debug sleep(4) statement from openSearchModal method.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add manual cache clearing command (search:clear) for testing
- Integrate cloud-init scripts into global search navigation
- Improve form UX by preventing field reset during edit operations
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changed backup_log_uuid property to nullable and removed eager initialization in constructor. This allows the ID to be generated when actually needed rather than upfront.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add a new artisan command for manually clearing the global search cache
during development and testing. This is useful when testing new navigation
entries or updates to searchable resources without waiting for the 5-minute
cache TTL.
Command: php artisan search:clear
Usage options:
- search:clear - Clear cache for current user's team
- search:clear --team=1 - Clear cache for specific team ID
- search:clear --all - Clear cache for all teams
This helps developers test global search changes immediately, especially
when adding new navigation routes like cloud-init scripts.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add cloud-init scripts to the global search navigation routes, making
them discoverable via the quick search (Cmd+K / Ctrl+K).
Changes:
- Added dedicated "Cloud-Init Scripts" navigation entry
- Searchable via: cloud-init, scripts, cloud init, cloudinit,
initialization, startup, server setup
- Updated Security entry to include cloud-init in search terms
- Links to /security/cloud-init-scripts route
Users can now quickly navigate to cloud-init script management by
typing "cloud-init" or related terms in global search.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fix multiple UI/UX issues with cloud-init scripts management:
1. Fix card styling - Remove purple box background, use simple border
- Changed from .box class to inline flex/border styling
- Matches cloud provider tokens styling pattern
2. Remove script preview section
- Preview was taking too much space and looked cluttered
- Users can edit to see full script content
3. Make edit modal full width
- Added fullWidth attribute to x-modal-input component
- Provides better editing experience for long scripts
4. Fix fields clearing after update
- Fields were being reset even in edit mode
- Now only reset fields when creating new script
- Edit mode preserves values after save
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add comprehensive cloud-init script management interface in the Security
section, allowing users to create, edit, delete, and reuse cloud-init
scripts across their team.
New Components:
- CloudInitScripts: Main listing page with grid view of scripts
- CloudInitScriptForm: Modal form for create/edit operations
Features:
- Create new cloud-init scripts with name and content
- Edit existing scripts
- Delete scripts with confirmation (requires typing script name)
- View script preview (first 200 characters)
- Scripts are encrypted in database
- Full authorization using CloudInitScriptPolicy
- Real-time updates via Livewire events
UI Location:
- Added to Security section nav: /security/cloud-init-scripts
- Positioned between Cloud Tokens and API Tokens
- Follows existing security UI patterns
Files Created:
- app/Livewire/Security/CloudInitScripts.php
- app/Livewire/Security/CloudInitScriptForm.php
- resources/views/livewire/security/cloud-init-scripts.blade.php
- resources/views/livewire/security/cloud-init-script-form.blade.php
Files Modified:
- routes/web.php - Added route
- resources/views/components/security/navbar.blade.php - Added nav link
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add cloud-init script fields to the resetSelection() method that's
called when the modal is closed. This ensures a clean slate when
reopening the "Connect a Hetzner Server" view.
Fields reset:
- cloud_init_script
- save_cloud_init_script
- cloud_init_script_name
- selected_cloud_init_script_id
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add detailed ray logging to track exactly what is being sent to Hetzner's
API and what response is received. This will help debug cloud-init script
integration and verify that user_data is properly included in the request.
Logs include:
- Request endpoint and full params object
- Complete API response
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Changes:
1. Remove description field from cloud-init scripts
- Updated migration to remove description column
- Updated model to remove description from fillable array
2. Redesign script name input layout
- Move script name input next to checkbox (always visible)
- Remove conditional rendering - input always shown
- Use placeholder instead of label for cleaner look
3. Fix dropdown type error
- Replace wire:change event with wire:model.live
- Use updatedSelectedCloudInitScriptId() lifecycle hook
- Add "disabled" attribute to placeholder option
- Properly handle empty string vs null in type casting
4. Improve validation
- Require both script content AND name for saving
- Remove description validation rule
- Add selected_cloud_init_script_id validation
5. Auto-populate name when loading saved script
- When user selects saved script, auto-fill the name field
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit adds the ability to use cloud-init scripts when creating Hetzner servers through the integration. Users can write custom scripts that will be executed during server initialization, and optionally save these scripts at the team level for future reuse.
Key features:
- Textarea field for entering cloud-init scripts (bash or cloud-config YAML)
- Checkbox to save scripts for later use at team level
- Dropdown to load previously saved scripts
- Scripts are encrypted in the database
- Full validation and authorization checks
- Comprehensive unit and feature tests
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Display the monthly cost on the "Buy & Create Server" button
to give users clear visibility of the price before purchasing.
- Add computed property to calculate selected server's monthly price
- Update button text to show price dynamically (e.g., "€12.99/mo")
- Add tests for price formatting and edge cases
- Price updates reactively when user changes server type
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add resource UUIDs (application_uuid, database_uuid, server_uuid, task_uuid) to all webhook notifications
- Standardize URL field naming from various formats (resource_url, task_url, server_url) to consistent 'url' field
- Include parent resource UUIDs for scheduled tasks (application_uuid or service_uuid)
- Add direct URLs to Coolify resources for all notification types
- Update UI to show "Webhook URL (POST)" label for clarity
This enables webhook consumers to:
- Uniquely identify resources using UUIDs used throughout Coolify UI
- Directly link back to Coolify resource pages via the url field
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add support for configuring IPv4 and IPv6 public network interfaces when creating servers through the Hetzner integration. Users can now enable or disable IPv4 and IPv6 independently, with both enabled by default.
Features:
- Added enable_ipv4 and enable_ipv6 checkboxes in the server creation form
- Both options are enabled by default as per Hetzner best practices
- IPv4 is preferred when both are enabled
- Fallback to IPv6 when only IPv6 is enabled
- Proper validation and error handling for network configuration
- Comprehensive test coverage for IP address selection logic
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Simplified webhook channel implementation to match TelegramChannel pattern without typed interface.
Changes:
- Removed SendsWebhook interface file
- Removed interface from Team model
- Removed routeNotificationForWebhook() method
- WebhookChannel now uses untyped $notifiable like TelegramChannel
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Added actual HTTP POST delivery for webhook notifications and comprehensive Ray debugging for development.
Changes:
- Updated Team model to implement SendsWebhook interface
- Added routeNotificationForWebhook() method to Team
- Enhanced SendWebhookJob with Ray logging for request/response
- Added Ray debugging to WebhookChannel for dispatch tracking
- Added Ray debugging to Webhook Livewire component
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add basic WebhookChannel infrastructure:
- Create SendsWebhook interface
- Create WebhookChannel with placeholder implementation (logs instead of sending)
- Update Test notification to support webhook channel
- Add WebhookChannel to HasNotificationSettings trait
- Add toWebhook() method to Test notification
This provides a working foundation that won't break test notifications.
The actual HTTP webhook delivery will be implemented in a follow-up.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add webhook case to the Test notification's via() method
to prepare for future WebhookChannel implementation.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add WebhookNotificationSettings to the policy mappings in
AuthServiceProvider to enable authorization checks for the
webhook notification settings.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add basic infrastructure for custom webhook notifications:
- Create webhook_notification_settings table with event toggles
- Add WebhookNotificationSettings model with encrypted URL
- Integrate webhook settings into Team model and HasNotificationSettings trait
- Create Livewire component and Blade view for webhook configuration
- Add webhook navigation route and UI
This provides the foundation for sending webhook notifications to custom HTTP/HTTPS endpoints when events occur in Coolify.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Replaced the inline query for fetching environments in GlobalSearch with a new static method `ownedByCurrentTeam` in the Environment model, enhancing code readability and maintainability.
- This change simplifies the logic for retrieving environments associated with the current team, promoting better organization of query logic within the model.
- Introduced a comprehensive set of navigation routes for quick access to key sections such as Dashboard, Servers, Projects, and more.
- Enhanced the search functionality to include a 'new' prefix for creating resources directly from the search input.
- Improved UI elements for search results, ensuring better visibility and interaction.
- Modified the redirect route after project resource creation to include the UUID of the production environment, ensuring users are directed to the correct resource index page.
- This change enhances navigation and improves user experience by providing direct access to the relevant environment resources.
- Introduced a new create mode in the global search component, allowing users to initiate the creation of resources directly from the search input.
- Implemented logic to detect specific resource types based on user input, enabling quick access to creation modals for projects, servers, teams, storage, private keys, and GitHub apps.
- Updated the UI to display a list of creatable items when in create mode, improving user experience and accessibility for resource management.
- Added necessary modals for each resource type to facilitate the creation process seamlessly.
- Added logic to determine if the user can create resources for each project and generate the corresponding route for adding resources based on the project's first environment.
- Updated the project index view to display the new resource creation option alongside existing project settings.
- Adjusted various views to include a margin-top adjustment for better layout consistency.
- Updated the build_logs_url to use the correct environment UUID instead of the environment name, ensuring accurate links to deployment logs.
- This change improves the reliability of the deployment notification system by directing users to the correct log location.
- Wrapped the storage settings submission process in a database transaction to ensure data integrity.
- Added connection testing within the transaction to verify settings before finalizing the save.
- Enhanced error handling by refreshing the model state after a rollback, ensuring the UI reflects the latest database values.
- Dispatch success event upon successful update and verification of storage settings.
- Introduced a new notification class, BackupSuccessWithS3Warning, to alert users when local backups succeed but S3 uploads fail.
- Updated DatabaseBackupJob to track local backup success and handle S3 upload errors, improving error reporting and user notifications.
- Modified ScheduledDatabaseBackupExecution model to include a new s3_uploaded boolean field for tracking S3 upload status.
- Adjusted views and validation logic to reflect changes in backup execution status and S3 handling.
- Added tests to ensure the new s3_uploaded column is correctly implemented and validated.
- Updated the should_skip_build method to save runtime environment variables even when the build step is skipped, ensuring that the latest environment settings are preserved.
- Enhanced logging in prepare_builder_image to differentiate between the first attempt and subsequent attempts, improving clarity in deployment logs.
- Implemented a check for the NIXPACKS_NODE_VERSION variable in the ApplicationDeploymentJob.
- Added log entries to notify users when NIXPACKS_NODE_VERSION is not set, indicating that Node.js 18 will be used by default, which is EOL.
- Provided guidance on how to override the default version by setting NIXPACKS_NODE_VERSION in environment variables.
- Updated the base_directory property to default to '/' for better compatibility with Docker setups.
- Included base_directory in the submit method's application array to ensure it is correctly passed during submission, enhancing the functionality of the GithubPrivateRepository component.
- Refactored the DatabaseBackupJob to replace instances of backup->uuid with backup_log_uuid for consistency in container naming.
- Ensured that all related Docker commands and processes reference the updated backup_log_uuid, improving clarity and reducing potential errors during backup operations.
- Added cache clearing for environment variables and their preview after a new variable is added to ensure the UI reflects the latest data.
- Updated the refreshEnvs method to include cache clearing, enhancing the responsiveness of the environment variable display.
- Added a new function to extract custom proxy commands from existing Traefik configurations before regenerating the proxy configuration.
- Updated the proxy configuration generation logic to include these custom commands, ensuring they are preserved during regeneration.
- Introduced unit tests to validate the extraction of custom commands and handle various scenarios, including invalid YAML and different proxy types.
- Changed the .env file reference to use a build-time .env file located in /artifacts, preventing it from being included in Docker images.
- Introduced a new method to wrap Docker build commands with environment variable exports, enhancing the handling of build-time variables.
- Updated logging messages for clarity regarding the creation and usage of the build-time .env file.
- Introduced logic to automatically create a default NIXPACKS_NODE_VERSION environment variable when an application uses the 'nixpacks' build pack.
- Ensured the environment variable is configured with appropriate attributes for build-time usage.
- Replaced the use of a dynamic env_filename with a consistent .env file reference across deployment methods.
- Simplified the generation and saving of build-time and runtime environment variables, ensuring they are always written to the .env file.
- Enhanced clarity in the deployment process by removing redundant logic and ensuring environment variables are handled uniformly.
- Updated the deployments method in DeploymentsIndicator to include application environment and project relationships for better data context.
- Refactored the application method in ApplicationDeploymentQueue to use Eloquent relationships instead of manual fetching, improving performance and readability.
- Enhanced the deployments indicator view to display application environment and project names, providing clearer deployment context.
- Removed redundant logic for merging COOLIFY_* variables into env_args.
- Simplified the process of adding environment variables by directly incorporating generated COOLIFY environment variables.
- Enhanced clarity and maintainability of the generate_env_variables method.
- Implemented logic to retrieve and display the default user password for Elasticsearch in the extraFields method of the Service model.
- Enhanced data collection for environment variables related to Elasticsearch, improving service configuration management.
- Introduced `isReadOnlyVolume` method in `LocalFileVolume` and `LocalPersistentVolume` models to determine if a volume is read-only based on Docker Compose configuration.
- Updated `FileStorage` and `Show` components to set `isReadOnly` state during mounting.
- Enhanced UI to display notifications for read-only volumes, preventing modification actions in the interface.
- Refactored file storage and directory management forms to conditionally enable or disable actions based on read-only status.
- Enhanced logic to process Docker image name and tag, including stripping 'sha256:' prefix and removing '@sha256' suffix.
- Implemented validation to check for valid SHA256 hashes and conditionally append '@sha256' to the image name.
- Defaulted the image tag to 'latest' if not provided, improving user experience and data integrity.
- Added logic to strip 'sha256:' prefix and remove '@sha256' suffix from user input for image SHA256 and name.
- Updated image name handling to append '@sha256' when using a digest, ensuring correct formatting.
- Enhanced validation and parsing for Docker images to improve user experience and data integrity.
- Refactored DockerImage component to use separate properties for image name, tag, and SHA256 digest.
- Introduced DockerImageFormat validation rule to enforce correct image format.
- Updated DockerImageParser to handle new parsing logic for image tags and SHA256 hashes.
- Enhanced UI to separate input fields for image name, tag, and SHA256 digest, improving user experience.
- Added comprehensive tests for DockerImageParser to ensure accurate parsing and validation of image formats.
- Updated the ordering logic in the environment_variables methods for both Application and Service models to prioritize required variables over service-prefixed keys.
- This change enhances the clarity and organization of environment variable retrieval, ensuring that essential variables are listed first.
- Added functionality to generate environment variables for each service defined in the Docker Compose file, transforming service names into uppercase and replacing special characters.
- Updated the service parser to merge these generated variables with existing environment variables, enhancing deployment configuration.
- Added a new method to restart the builder container with the actual commit value, ensuring accurate deployment.
- Improved the generation of environment variables by consolidating user-defined and Coolify-specific variables.
- Updated Dockerfile modification logic to handle environment variables more effectively, including support for multiline variables.
- Enhanced logging for better visibility during deployment processes.
- Introduced new helper functions to generate Docker build arguments and environment flags, accommodating multiline variables with proper escaping.
- Updated the ApplicationDeploymentJob to utilize these new functions, improving the handling of environment variables during deployment.
- Added comprehensive tests to ensure correct behavior for multiline variables and special characters.
- Introduced functionality to add Coolify variables as ARGs in the Dockerfile during the build process.
- Enhanced the existing method to handle both standard environment variables and Coolify-specific variables, improving deployment flexibility.
- Added ordering by ID to the deployments query to ensure consistent results.
- Removed unnecessary sorting after retrieval to streamline the data handling process.
- Merged the storage management functionalities into the Storage component, replacing the previous Add component.
- Introduced new methods for submitting persistent volumes, file mounts, and directory mounts, improving code organization and maintainability.
- Enhanced the UI with modals for adding volumes, files, and directories, providing a more intuitive user experience.
- Updated validation rules and error handling for improved robustness during storage submissions.
- Removed deprecated Add component and associated views to streamline the codebase.
- Changed the projects property in the Dashboard component from an array to a Collection for improved data handling.
- Added new color variables in CSS for better theming options.
- Updated button styles across various components for consistency and improved user experience.
- Refined dropdown and notification components for better visual alignment and usability.
- Added properties to manage file and directory counts, improving data handling in the Livewire component.
- Updated the file storage view to include a tabbed interface for volumes, files, and directories, enhancing user navigation.
- Improved UI layout for better readability and user experience, including consistent styling and informative messages.
- Removed the navigateToProject method from the Livewire component.
- Updated the dashboard view to use anchor tags for project navigation, enhancing user experience and simplifying the code structure.
- Added retrieval and mapping of projects and environments to the global search results.
- Enhanced search result structure to include resource counts and descriptions for projects and environments.
- Updated the UI to reflect the new search capabilities, improving user experience when searching for resources.
- Add automatic trimming in Application model's boot method for git_repository, git_branch, and git_commit_sha fields
- Add real-time trimming in Source Livewire component via updated{Property} methods
- Refresh component state after save to ensure UI displays trimmed values
- Prevents deployment issues caused by accidental whitespace in git configuration
- Replace OA\Schema with OA\Items for array items in DatabasesController
- Replace OA\Items with OA\Schema for array type properties in GithubController
- Update generated OpenAPI documentation files (openapi.json and openapi.yaml)
- Introduced logic to filter user-defined build time variables from the database based on the pull request context.
- Improved handling of build time variables to ensure only relevant variables are analyzed, enhancing the deployment process.
- Added logic to escape single quotes in build arguments to ensure proper execution in bash -c context used by executeInDocker, preventing potential command errors.
- Added retry configuration with a maximum of 3 attempts and backoff intervals of 10, 30, and 60 seconds to improve job resilience and handling of transient failures.
- Implemented a dispatch for 'refreshServerShow' after successfully updating the private key and validating the server connection.
- This enhancement improves the user experience by ensuring the server display is updated immediately following key changes and connection checks.
- Refactored the private key update logic to use a database transaction for associating the private key with the server, ensuring atomicity.
- Improved error handling by refreshing the server state upon failure and validating the connection after updates.
- Enhanced success and error dispatching for better user feedback during the update process.
- Updated the getTeamIdForCache method to differentiate team retrieval based on the instance type, ensuring correct access to the team property or method for Server models and other types.
- Deleted obsolete CloudCheckSubscription, CloudCleanupSubscriptions, and CloudDeleteUser commands to streamline the codebase.
- Introduced new CloudDeleteUser and CloudFixSubscription commands with improved functionality for user deletion and subscription management.
- Enhanced subscription handling with options for fixing canceled subscriptions and verifying active subscriptions against Stripe, improving overall command usability and control.
- Refactored the DatabaseBackupJob to generate a unique UUID for each database backup execution within the loop, improving clarity and ensuring uniqueness for each backup attempt.
- Removed redundant UUID generation logic from the initial part of the handle method.
- Updated the method call syntax in the analyzeBuildVariable function to use curly braces for dynamic method invocation, ensuring proper execution of the specified check function.
- Modified the update_by_uuid method to use only the specified allowed fields from the request for database updates, enhancing data integrity and security.
- Changed security scheme from 'api_token' to 'bearerAuth' for the update and delete GitHub app endpoints.
- Ensured consistent authentication handling across GitHub app operations.
- Updated StripeProcessJob to include detailed handling of subscription statuses during invoice payment events.
- Introduced VerifyStripeSubscriptionStatusJob to manage subscription status verification and updates, improving error handling and notification for various subscription states.
- Enhanced logic to handle cases where subscription IDs are missing, ensuring robust subscription management.
- Added options to the CloudCheckSubscription command for fixing canceled subscriptions in the database.
- Implemented a dry-run mode to preview changes without applying them.
- Introduced a flag to limit checks/fixes to the first found subscription, improving command usability and control.
- Added CSV output for active subscribers, including detailed information on subscription status and invoice status.
- Implemented checks for missing subscription IDs and provided appropriate logging in the CSV for visibility.
- Improved handling of non-active subscriptions with detailed output for better tracking and analysis.
- Enhanced the DatabaseBackupJob to generate a unique UUID for each backup execution attempt.
- Added logic to retry UUID generation up to three times if a duplicate is detected, ensuring uniqueness and preventing execution conflicts.
- Expanded the list of affected services in the EnvironmentVariableAnalyzer trait to include 'bun' and 'pnpm' alongside 'npm' and 'yarn'.
- Improved clarity on the impact of problematic environment variables during the build process.
- Added EnvironmentVariableAnalyzer trait to analyze and warn about problematic environment variables during the build process.
- Integrated analysis into ApplicationDeploymentJob and Livewire components to provide feedback on potential build issues.
- Introduced a new Blade component for displaying warnings related to environment variables in the UI.
- Added authorization checks for updating and deleting backups in DatabasesController.
- Implemented validation for S3 storage UUID when saving backups, ensuring it belongs to the current team.
- Improved error handling during backup deletion with transaction management for better data integrity.
- Modified backup retrieval logic in DatabasesController to utilize the new ownedByCurrentTeamAPI method for improved access control based on team ID.
- Enhanced code consistency and maintainability by centralizing team-based filtering in the ScheduledDatabaseBackup model.
- Updated backup retrieval logic in DatabasesController to utilize the new ownedByCurrentTeam method for improved access control.
- Enhanced code readability and maintainability by centralizing team-based filtering in the ScheduledDatabaseBackup model.
- Modified backup configuration queries in the DatabasesController to filter by team ID, ensuring proper access control.
- Enhanced S3 storage retrieval to use the current team context for better data integrity.
- Added a relationship method in ScheduledDatabaseBackup model to associate backups with teams.
- Removed obsolete backup-related parameters from the OpenAPI specification in the DatabasesController.
- Streamlined the API documentation to enhance clarity and focus on current functionality.
- Updated validation rules for 'custom_user' and 'custom_port' fields to be nullable in the GithubController.
- Refactored API request handling in GithubController, GithubPrivateRepository, and helper functions to use a consistent Http::GitHub method with timeout and retry logic.
- Improved error handling for repository and branch loading processes.
- Implemented endpoints to update and delete GitHub apps in the GithubController.
- Added OpenAPI annotations for the new endpoints, including request and response specifications.
- Removed the 'is_public' field from the app creation and update processes, defaulting it to false.
- Enhanced validation for update requests to ensure proper data handling.
- Implemented a new GithubController with endpoints to create GitHub apps, load repositories, and fetch branches for a given repository.
- Added OpenAPI annotations for API documentation.
- Included validation for incoming requests and error handling for various scenarios.
- Refactored backup configuration retrieval and update logic to use UUIDs instead of IDs.
- Added new endpoint to list backup executions for a specific backup configuration.
- Improved error handling and validation for backup operations.
- Updated API documentation to reflect changes in parameter names and descriptions.
- Add email normalization to TeamInvitation model using setEmailAttribute()
- Add HasFactory trait to Team model for testing support
- Create TeamFactory for testing
- Add tests to verify email normalization works correctly
- Fixes issue where mixed case emails in invitations would cause lookup failures
- Resolves#6291
The bug occurred because:
1. User model normalizes emails to lowercase
2. TeamInvitation model did not normalize emails
3. When invitation was created with mixed case, it was stored as-is
4. User lookup failed due to case mismatch during invitation acceptance
5. This caused users to not be able to see teams they were invited to
This fix ensures both models normalize emails consistently.
This change introduces automatically generated `SERVICE_NAME_<SERVICE>`
environment variables for each service within a Docker Compose deployment.
This allows services to reliably reference each other by name, which is particularly
useful in pull request environments where container names are dynamically suffixed.
- The application parser now generates and injects these `SERVICE_NAME` variables
into the environment of all services in the compose file.
- `ApplicationDeploymentJob` is updated to correctly handle and filter these
new variables during deployment.
- UI components and the `EnvironmentVariableProtection` trait have been updated
to make these generated variables read-only, preventing accidental modification.
This commit introduces two new helper functions to standardize resource naming
for pull request deployments:
- `addPreviewDeploymentSuffix()`: Generates a consistent suffix format (-pr-{id})
for resource names in preview deployments
- `generateDockerComposeServiceName()`: Creates SERVICE_NAME environment variables
for Docker Compose services
- Introduced `ValidGitRepositoryUrl` and `ValidGitBranch` validation rules to ensure safe and valid input for Git repository URLs and branch names.
- Updated relevant Livewire components and API controllers to utilize the new validation rules, enhancing security against command injection and invalid inputs.
- Refactored existing validation logic to improve consistency and maintainability across the application.
- Added authorization checks in Livewire components related to Docker and server management to ensure only authorized users can create, update, and manage Docker instances and server settings.
- Introduced new policies for StandaloneDocker and SwarmDocker to define access control rules based on user roles and team associations.
- Updated AuthServiceProvider to register the new policies, enhancing security and access control for Docker functionalities and server management operations.
- Added authorization checks in the Create and Show Livewire components to ensure only authorized users can create, update, and delete PrivateKey instances.
- Introduced a new PrivateKeyPolicy to define access control rules for viewing, creating, updating, and deleting PrivateKey models based on user roles and team associations.
- Updated AuthServiceProvider to register the new PrivateKeyPolicy, enhancing security and access control for PrivateKey functionalities.
- Added authorization checks using the `authorize` method in various Livewire components to ensure only authorized users can update server settings.
- Updated `ServerPolicy` to restrict update permissions to admin users and their respective teams.
- Enhanced security and access control for server management functionalities.
- Introduced a new boolean setting `is_git_shallow_clone_enabled` to the application settings model.
- Updated the `Advanced` component to include a checkbox for enabling shallow cloning.
- Modified the `setGitImportSettings` and `generateGitImportCommands` methods to handle shallow clone logic.
- Created a migration to add the new setting to the database schema.
- Enhanced the deployment process to utilize shallow cloning for improved performance.
- Introduced `ValidationPatterns` class to standardize validation rules and messages for various fields across multiple components.
- Updated components including `General`, `StackForm`, `Create`, and `Show` to utilize the new validation patterns, ensuring consistent validation logic.
- Enhanced error messages for required fields and added regex validation for names and descriptions to improve user feedback.
- Adjusted styling in the `create.blade.php` view for better visual hierarchy.
- Introduced `ValidationPatterns` class to standardize validation rules and messages for name and description fields across the application.
- Updated various components and models to utilize the new validation patterns, ensuring consistent sanitization and validation logic.
- Replaced the `HasSafeNameAttribute` trait with `HasSafeStringAttribute` to enhance attribute handling and maintain consistency in name sanitization.
- Enhanced the `CleanupNames` command to align with the new validation rules, allowing for a broader range of valid characters in names.
- Introduced `CleanupNames` command to sanitize name fields by removing invalid characters, ensuring only letters, numbers, spaces, dashes, underscores, and dots are retained.
- Implemented options for dry run, model-specific cleaning, database backup, and forced execution.
- Updated `Init` command to call the new `cleanup:names` command.
- Enhanced project and environment validation to enforce name sanitization rules.
- Added `HasSafeNameAttribute` trait to relevant models for consistent name handling.
- Added functionality for users to request an email change, including generating a verification code and setting an expiration time.
- Implemented methods in the User model to handle email change requests, code validation, and confirmation.
- Created a new job to update the user's email in Stripe after confirmation.
- Introduced rate limiting for email change requests and verification attempts to prevent abuse.
- Added a new notification for email change verification.
- Updated the profile component to manage email change requests and verification UI.
since the destionations relationship is not really needed, we could
remove it and avoid the issue with the missing eager constraint.
Co-authored-by: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
* chore(version): update coolify-realtime to version 1.0.9 in docker-compose and versions files
* feat(migration): add is_sentinel_enabled column to server_settings with default true
* fix(migration): update default value handling for is_sentinel_enabled column in server_settings
* feat(seeder): dispatch StartProxy action for each server in ProductionSeeder
* feat(seeder): add CheckAndStartSentinelJob dispatch for each server in ProductionSeeder
* fix(seeder): conditionally dispatch CheckAndStartSentinelJob based on server's sentinel status
* feat(seeder): conditionally dispatch StartProxy action based on proxy check result
* refactor(ui): terminal
* refactor(ui): remove terminal header from execute-container-command view
* refactor(ui): remove unnecessary padding from deployment, backup, and logs sections
* change db proxy to use volume mount for config
* fix(database-proxy): adjust configuration directory for development environment
---------
Co-authored-by: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
- Added a new job, ServerPatchCheckJob, to handle server patch checks and notifications.
- Introduced a new notification class, ServerPatchCheck, for sending updates via email, Discord, Slack, Pushover, and Telegram.
- Updated notification settings models to include server patch notification options for email, Discord, Slack, Pushover, and Telegram.
- Created a migration to add server patch notification fields to the respective settings tables.
- Enhanced the UI to allow users to enable/disable server patch notifications across different channels.
- Add checks to ensure docker_compose_raw is provided and correctly base64 encoded.
- Implement detailed error responses for validation failures to improve user feedback.
- Ensure docker_compose_raw is provided and base64 encoded before processing.
- Return appropriate validation error messages for missing or incorrectly formatted input.
- Add CheckUpdates and UpdatePackage actions for managing server updates.
- Create ServerPackageUpdated event for broadcasting update status.
- Introduce Patches Livewire component for user interface to check and apply updates.
- Update navigation and sidebar to include security patching options.
* feat(README): add InterviewPal sponsorship link and corresponding SVG icon
* chore(versions): update coolify version to 4.0.0-beta.413 and nightly version to 4.0.0-beta.414 in configuration files
* fix(terminal): enhance WebSocket client verification with authorized IPs in terminal server
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(docker): update soketi image version to 1.0.8 in production configuration files
* chore(versions): update coolify version to 4.0.0-beta.414 and nightly version to 4.0.0-beta.415 in configuration files
* fix(ApplicationDeploymentJob): ensure source is an object before checking GitHub app properties
* fix(ui): Disable livewire navigate feature (causing spam of setInterval())
* fix(ui): Remove required attribute from image input in service application view
* fix(ui): Change application image validation to be nullable in service application view
* fix(Server): Correct proxy path formatting for Traefik proxy type
* chore(versions): update coolify version to 4.0.0-beta.416 and nightly version to 4.0.0-beta.417 in configuration files; fix links in deployment view
* feat(Service): Add functionality to convert between applications and databases in docker-compose based applications
fix(ui): Fix service layout refresh on compose change
* fix(service): graceful shutdown of old container (#5731)
* refactor(Database): streamline container shutdown process and reduce timeout duration
* fix(ServerCheck): enhance proxy container check to ensure it is running before proceeding
* chore(seeder): update git branch from 'main' to 'v4.x' for multiple examples in ApplicationSeeder
* fix(applications): include pull_request_id in deployment queue check to prevent duplicate deployments
* refactor(core): streamline container stopping process and reduce timeout duration; update related methods for consistency
* fix(database): update label for image input field to improve clarity
* feat(migration): add 'is_migrated' and 'custom_type' columns to service_applications and service_databases tables
* feat(backup): implement custom database type selection and enhance scheduled backups management
* fix(ServerCheck): set default proxy status to 'exited' to handle missing container state
* fix(database): reduce container stop timeout from 300 to 30 seconds for improved responsiveness
* refactor(database): update DB facade usage for consistency across service files
* Update app/Livewire/Project/Service/Database.php
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* refactor(database): enhance application conversion logic and add existence checks for databases and applications
* refactor(actions): standardize method naming for network and configuration deletion across application and service classes
* refactor(logdrain): consolidate log drain stopping logic to reduce redundancy
* refactor(StandaloneMariadb): add type hint for destination method to improve code clarity
* refactor(DeleteResourceJob): streamline resource deletion logic and improve conditional checks for database types
* refactor(jobs): update middleware to prevent job release after expiration for CleanupInstanceStuffsJob, RestartProxyJob, and ServerCheckJob
* fix(ui): system theming for charts (#5740)
* chore(deps-dev): bump vite from 6.2.6 to 6.3.4 (#5743)
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.2.6 to 6.3.4.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.4/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 6.3.4
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix(dev): mount points?!
* fix(dev): proxy mount point
* fix(ui): allow adding scheduled backups for non-migrated databases
* fix(DatabaseBackupJob): escape PostgreSQL password in backup command (#5759)
* fix(ui): correct closing div tag in service index view
* Revert "fix(dev): mount points?!"
This reverts commit 365bf3cbf0.
* feat(README): add Gozunga and Macarne to sponsors list
* refactor(jobs): unify middleware configuration to prevent job release after expiration for DockerCleanupJob and PushServerUpdateJob
* chore(versions): update coolify version to 4.0.0-beta.417 and nightly version to 4.0.0-beta.418
* feat(redis): add scheduled cleanup command for Redis keys and enhance cleanup logic
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jérémy <jeremy.derdaele@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Best Codes <106822363+The-Best-Codes@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: busybox <29630035+busybox11@users.noreply.github.com>
* feat(README): add InterviewPal sponsorship link and corresponding SVG icon
* chore(versions): update coolify version to 4.0.0-beta.413 and nightly version to 4.0.0-beta.414 in configuration files
* fix(terminal): enhance WebSocket client verification with authorized IPs in terminal server
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(docker): update soketi image version to 1.0.8 in production configuration files
* chore(versions): update coolify version to 4.0.0-beta.414 and nightly version to 4.0.0-beta.415 in configuration files
* fix(ApplicationDeploymentJob): ensure source is an object before checking GitHub app properties
* fix(ui): Disable livewire navigate feature (causing spam of setInterval())
* fix(ui): Remove required attribute from image input in service application view
* fix(ui): Change application image validation to be nullable in service application view
* fix(Server): Correct proxy path formatting for Traefik proxy type
* chore(versions): update coolify version to 4.0.0-beta.416 and nightly version to 4.0.0-beta.417 in configuration files; fix links in deployment view
* feat(Service): Add functionality to convert between applications and databases in docker-compose based applications
fix(ui): Fix service layout refresh on compose change
* fix(service): graceful shutdown of old container (#5731)
* refactor(Database): streamline container shutdown process and reduce timeout duration
* fix(ServerCheck): enhance proxy container check to ensure it is running before proceeding
* chore(seeder): update git branch from 'main' to 'v4.x' for multiple examples in ApplicationSeeder
* fix(applications): include pull_request_id in deployment queue check to prevent duplicate deployments
* refactor(core): streamline container stopping process and reduce timeout duration; update related methods for consistency
* fix(database): update label for image input field to improve clarity
* feat(migration): add 'is_migrated' and 'custom_type' columns to service_applications and service_databases tables
* feat(backup): implement custom database type selection and enhance scheduled backups management
* fix(ServerCheck): set default proxy status to 'exited' to handle missing container state
* fix(database): reduce container stop timeout from 300 to 30 seconds for improved responsiveness
* refactor(database): update DB facade usage for consistency across service files
* Update app/Livewire/Project/Service/Database.php
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* refactor(database): enhance application conversion logic and add existence checks for databases and applications
* refactor(actions): standardize method naming for network and configuration deletion across application and service classes
* refactor(logdrain): consolidate log drain stopping logic to reduce redundancy
* refactor(StandaloneMariadb): add type hint for destination method to improve code clarity
* refactor(DeleteResourceJob): streamline resource deletion logic and improve conditional checks for database types
* refactor(jobs): update middleware to prevent job release after expiration for CleanupInstanceStuffsJob, RestartProxyJob, and ServerCheckJob
* fix(ui): system theming for charts (#5740)
* chore(deps-dev): bump vite from 6.2.6 to 6.3.4 (#5743)
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.2.6 to 6.3.4.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.3.4/packages/vite)
---
updated-dependencies:
- dependency-name: vite
dependency-version: 6.3.4
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix(dev): mount points?!
* fix(dev): proxy mount point
* fix(ui): allow adding scheduled backups for non-migrated databases
* fix(DatabaseBackupJob): escape PostgreSQL password in backup command (#5759)
* fix(ui): correct closing div tag in service index view
* Revert "fix(dev): mount points?!"
This reverts commit 365bf3cbf0.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jérémy <jeremy.derdaele@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Best Codes <106822363+The-Best-Codes@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: busybox <29630035+busybox11@users.noreply.github.com>
* feat(README): add InterviewPal sponsorship link and corresponding SVG icon
* chore(versions): update coolify version to 4.0.0-beta.413 and nightly version to 4.0.0-beta.414 in configuration files
* fix(terminal): enhance WebSocket client verification with authorized IPs in terminal server
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(docker): update soketi image version to 1.0.8 in production configuration files
* chore(versions): update coolify version to 4.0.0-beta.414 and nightly version to 4.0.0-beta.415 in configuration files
* fix(ApplicationDeploymentJob): ensure source is an object before checking GitHub app properties
* fix(ui): Disable livewire navigate feature (causing spam of setInterval())
* fix(ui): Remove required attribute from image input in service application view
* fix(ui): Change application image validation to be nullable in service application view
* fix(Server): Correct proxy path formatting for Traefik proxy type
* feat(README): add InterviewPal sponsorship link and corresponding SVG icon
* chore(versions): update coolify version to 4.0.0-beta.413 and nightly version to 4.0.0-beta.414 in configuration files
* fix(terminal): enhance WebSocket client verification with authorized IPs in terminal server
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(versions): update realtime version to 1.0.8 in versions.json
* chore(docker): update soketi image version to 1.0.8 in production configuration files
* chore(versions): update coolify version to 4.0.0-beta.414 and nightly version to 4.0.0-beta.415 in configuration files
* fix(ApplicationDeploymentJob): ensure source is an object before checking GitHub app properties
- When you restart the proxy on an instance domain, the proxy stops and is removed, but never restarted. So you loose access over the domain and have to go in over IP and Port.
This is because we are doing the restart directly in the UI instead of in the background via a job, and the proxy is serving the UI domain.
- Refactored proxy container name determination based on environment.
- Implemented a smart port checker that accurately identifies port conflicts, including dual-stack scenarios.
- Improved error handling and user feedback for port usage issues.
- fix(email): transactional emails are all not sent if `Use system wide (transactional) email settings` is disabled and no other email provide is setup on the Notifications page
- fix(email): no emails are sent if SMTP username and SMTP password are empty (which is the case in dev for example)
- fix(email): Wrong test email notification is used, causing the transactional email test notification to fail if no email provider is set up on the Notifications page.
Add separate API to create services with custom Docker compose instead
of oneclick services implement as a POST to /services/compose.
This is somewhat similar to /applications/dockercompose but that API is
the only one in ApplicationsController that actually works with the `Service` model.
Added functionality to automatically assign a default 'redis_username' of 'default' when a StandaloneRedis instance is retrieved without an existing username. This ensures that all instances have a valid username, improving consistency and reducing potential errors in subsequent operations. Additionally, updated the redisUsername method to create a runtime environment variable for 'REDIS_USERNAME' with a default value if it does not already exist, enhancing the robustness of the configuration management.
Implemented a new attribute to detect binary files in the LocalFileVolume model, enhancing the file handling capabilities. The isBinary method checks for binary content based on specific criteria, allowing for better management of file types. Additionally, updated the file storage UI to conditionally display conversion options based on the binary status of the file, improving user experience and preventing unintended actions on binary files. These changes contribute to a more robust and user-friendly file management system.
Added a default case to the switch statement in StartDatabaseProxy to throw an exception for unsupported database types. This change improves error handling and ensures that only valid database types are processed, enhancing the robustness of the database proxy functionality.
Updated the container name generation logic in StartDatabaseProxy to ensure the resulting name does not exceed 32 characters. This change prevents potential issues with container name length restrictions, enhancing the robustness of the database proxy setup.
Added a new delete method in the Database component that includes a two-step confirmation process requiring the user to enter their password. If two-step confirmation is disabled, the deletion proceeds without password verification. Additionally, a confirmation modal has been integrated into the database view to prompt users before deletion, enhancing the safety of this critical operation.
- Replace `! $type` checks with `blank($type)` for consistency
- Modify email settings configuration to handle null/disabled states
- Ensure proper fallback and configuration of email providers
- Add fallback for build server and deployment server selection
- Use `ownedByCurrentTeam()` scope when finding servers
- Handle cases where server IDs might be null
- fix(ui): system-wide GitHub Apps are not shown in the create a new Application dialog
- fix: query logic error that shows all system-wide apps, regardless of whether they are public or private.
- fix: clicking on a system-wide GitHub app from a team other than the one that created it resulted in a 404 error.
- set default country to XX
- fix array handling of the subjectAlternativeNames so that no indexes are added or skipped
- add extendedKeyUsage to server certs to make them more secure
- add keyAgreement to server certs
- remove authorityKeyIdentifier as it caused the following issue: unable to get local issuer certificate
- removed duplicated distinguished_name entries
- improved formatting
- rename some variables for better clarity
- format subjectAltNames correctly
- setup extensions more securely and improve them a lot
- use finally block to remove tempConfig
- If SSL is disabled, delete the SSL crt and file mounts in the DB
- If SSL is disabled, delete the SSL folder
- If SSL is enabled, make sure the file mounts are added inside the helper
- remove old file mounts first to make sure the ssl crt content is always up to date and no duplicates are added
- add default state and country
- rename parameters for more clarity
- set subjectAltName
- delete old certificate before creating new one
- Set CN and subjectAltNames in DB for automatic renewal
- fix: Volume and file mounts are unmounted if there are more than 1
- rename the crt and key to server key and crt to follow best practices
- move crt and key to a more standardized location
The repo:push payload lacks the destination branch name, using push.changes.0.new.name instead. While sufficient for updates, this causes failures in preview deployments when a PR receives new commits—Coolify looks for git_branch in the applications table but finds the source branch instead.
By also processing pullrequest:updated, we ensure preview deployments remain in sync. However, this event triggers on various actions (e.g., PR title changes, reviewer updates), causing extra redeploys. Since Coolify doesn’t store commit hashes for preview deployments, handling these extra redeploys is our best workaround for Bitbucket.
- improve function parameters
- set default validity to 1 year as resources need to be manually restarted to use the new certificates
- use the CA cert to sign certificates
- server_id is a foreign id
- server_id must be unique as each server can only have 1 CA cert
- resource_id must be unique as each resource can only have 1 SSL cert
- improve security by making certificates valid for only 90 days instead of 10 years
- add SubjectAltName
- remove unnecessary parameters
- use carbon immutable to make sure expiration date stays the same
- create ssl directory
- create a new certificate if one does not already exist
- add the certificates to the file store so that they are created as file mounts
- add SSL startup commands
