rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15434 commits 1 branch 0 tags 76 MiB
Commit graph

40 commits

Author SHA1 Message Date
Andras Bacsai
00d6e83e7f fix(sentinel): auto-regenerate invalid or undecryptable tokens 
Replace hard validation error with self-healing token logic. Tokens that
are null, empty, or fail decryption are now regenerated automatically
rather than crashing sentinel startup or metrics reads.

Token format changed from encrypted JSON payload to a plain 64-char
random string (Str::random), eliminating double-encryption issues and
simplifying the validation regex to cover the new character set.

New `ensureValidSentinelToken()` method on ServerSetting centralises
the get-or-regenerate contract; both StartSentinel and HasMetrics now
delegate to it. HasMetrics logs a warning when regeneration occurs so
operators know a sentinel container restart is required.

`isValidSentinelToken()` now accepts `?string` (null → false).

Adds feature tests covering: null/empty/undecryptable stored values,
idempotent return of valid tokens, RuntimeException only when
regeneration itself produces an invalid token, no double-encryption of
newly generated tokens, and cast round-trip consistency.
 2026-04-29 16:44:12 +02:00
Andras Bacsai
096d4369e5 fix(sentinel): add token validation to prevent command injection 
Add validation to ensure sentinel tokens contain only safe characters
(alphanumeric, dots, hyphens, underscores, plus, forward slash, equals),
preventing OS command injection vulnerabilities when tokens are
interpolated into shell commands.

- Add ServerSetting::isValidSentinelToken() validation method
- Validate tokens in StartSentinel action and metrics queries
- Improve shell argument escaping with escapeshellarg()
- Add comprehensive test coverage for token validation
 2026-03-10 22:19:19 +01:00
Andras Bacsai
4027c1426c feat(sentinel): add support for custom Docker images in StartSentinel and related methods 2025-09-14 19:21:55 +02:00
Andras Bacsai
83f2e856ec feat(sentinel): implement SentinelRestarted event and update Livewire components to handle server restart notifications 2025-08-26 10:27:38 +02:00
Andras Bacsai
c272a770e2 refactor(error-handling): change Exception to RuntimeException for clearer error reporting 2025-05-29 10:54:35 +02:00
Andras Bacsai
24b7b53973 Revert "fix(dev): mount points?!" 
This reverts commit 365bf3cbf0.
 2025-05-05 08:55:44 +02:00
Andras Bacsai
365bf3cbf0 fix(dev): mount points?! 2025-05-03 09:59:42 +02:00
Andras Bacsai
3f9fd1404b refactor(docker): update image references to use centralized registry URL 2025-03-25 08:17:13 +01:00
Andras Bacsai
1fe4dd722b Revert "rector: arrrrr" 
This reverts commit 16c0cd10d8.
 2025-01-07 15:31:43 +01:00
Andras Bacsai
16c0cd10d8 rector: arrrrr 2025-01-07 14:52:08 +01:00
Andras Bacsai
74411e89e6 feat: debug mode for sentinel 2024-10-29 10:48:49 +01:00
Andras Bacsai
c099936e76 Refactor StartSentinel handle method to use consistent variable naming conventions 2024-10-25 11:43:55 +02:00
Andras Bacsai
2bea26584a Refactor StartSentinel handle method to include latest version parameter 2024-10-25 11:41:25 +02:00
Andras Bacsai
b1d2914c08 Refactor function and configuration names for experimental features 2024-10-24 22:00:26 +02:00
Andras Bacsai
0c34e81b2b fix: add experimental flag 2024-10-24 21:48:51 +02:00
Andras Bacsai
96ea755a53 fix: Disable Sentinel temporarily for non-dev environments 2024-10-24 12:50:07 +02:00
Andras Bacsai
befdb71671 fix: Disable Sentinel temporarily 2024-10-24 11:35:38 +02:00
Andras Bacsai
1f221d9791 fix: sentinel config changes restarts sentinel 2024-10-22 14:10:36 +02:00
Andras Bacsai
b282c8412c Refactor StartSentinel to handle build servers 2024-10-22 11:40:44 +02:00
Andras Bacsai
d7efe8a6d1 fix: no sentinel for swarm yet 2024-10-22 11:29:43 +02:00
Andras Bacsai
b75c2dc604 pint 2024-10-17 22:08:23 +02:00
Andras Bacsai
2315bdb93f ui updates on server 2024-10-17 14:56:36 +02:00
Andras Bacsai
4c95647b96 feat: cleanup sentinel on server deletion 
fix: Sentinel should not be enabled on build servers
 2024-10-17 11:21:43 +02:00
Andras Bacsai
8c53af088e Refactor StartSentinel.php to use data_get() for retrieving server settings 2024-10-15 15:45:02 +02:00
Andras Bacsai
d446cd4f31 sentinel updates 2024-10-15 13:39:19 +02:00
Andras Bacsai
740419806e Refactor StartSentinel to ensure endpoint uses HTTPS 2024-10-14 22:35:18 +02:00
Andras Bacsai
bea492165f sentinel updates 2024-10-14 21:05:33 +02:00
Andras Bacsai
1f193d465d sentinel updates 2024-10-14 12:07:37 +02:00
Andras Bacsai
c81ad5cd03 feat: container metrics 2024-06-20 13:17:06 +02:00
Andras Bacsai
23ed697b98 feat: sentinel + charts 2024-06-18 16:42:42 +02:00
Andras Bacsai
1d0a1ab16a feat: charts 2024-06-17 14:21:27 +02:00
Thijmen
d86274cc37 Fix styling 2024-06-10 20:43:34 +00:00
Andras Bacsai
b5bef98a9b chore: Update permissions on metrics and logs directories 2024-05-09 12:35:49 +02:00
Andras Bacsai
1026f1efa5 refactor: add SCHEDULER environment variable to StartSentinel.php 2024-05-09 12:30:51 +02:00
Andras Bacsai
4b51f8251b fix: change permissions on newly created dirs 2024-05-09 12:22:49 +02:00
Andras Bacsai
e91a64b1cc Refactor GetContainersStatus.php for improved readability and maintainability 2024-05-09 12:10:06 +02:00
Andras Bacsai
1a152a5597 feat: pull new sentinel image and restart container 2024-05-08 19:19:32 +02:00
Andras Bacsai
76a5290351 Refactor StartSentinel.php for improved readability and maintainability 2024-05-08 15:29:59 +02:00
Andras Bacsai
5df443a016 Refactor StartSentinel.php for improved readability and maintainability 2024-05-08 14:48:04 +02:00
Andras Bacsai
c618e58a11 feat: start Sentinel on servers. 2024-05-08 14:22:35 +02:00