- Introduced a new `readLogs` procedure that allows users to retrieve logs for a specific deployment by providing the deployment ID and an optional tail parameter.
- Implemented permission checks to ensure users have access to the requested logs.
- Enhanced log retrieval for both cloud and non-cloud environments, utilizing appropriate commands based on the server context.
Resolve https://github.com/Dokploy/mcp/issues/14
Adds an "Import" option to the Create Service dropdown that lets users
paste a base64-encoded compose export, preview the template (compose YAML,
domains, envs, mounts) before confirming, and create the service only on
confirm. Adds a `previewTemplate` tRPC procedure that processes the base64
without touching the DB, with server access validation via session.
The empty-records branch of `main()` returned without calling
`process.exit(0)`, leaving the Drizzle Postgres connection pool
holding the event loop open. The `migrate-auth-secret` process
then hangs indefinitely after printing "No 2FA records found,
nothing to migrate." causing the upstream `0.29.3.sh` security
migration script (which calls this via `docker exec`) to never
reach its final `docker service update` step that mounts the new
Docker Secret. Operators end up with the new secret created but
the dokploy service still configured with the hardcoded
`BETTER_AUTH_SECRET`, while believing the migration completed.
Match the success branch a few lines below which already does
`process.exit(0)`, and the pattern used in sibling scripts
`reset-password.ts` and `reset-2fa.ts`.
Closes#4392
- Modified the regex pattern in the `readValidDirectory` function to allow for a wider range of characters, including colons, improving the validation of directory names.
- This change enhances input integrity by ensuring valid directory formats are accepted.
- Changed the path of the `migrate-auth-secret` script from the root directory to the `scripts` folder for better organization and clarity in the project structure.
- Added a regex validation for branch names in Bitbucket, Git, Gitea, GitHub, and GitLab provider schemas to ensure consistent and valid branch formats.
- Refactored the branch validation logic to improve readability and maintainability across the schemas.
- Enhanced input integrity by ensuring all provider schemas adhere to the same branch name validation rules.
- Added a new script `migrate-auth-secret.ts` to facilitate the migration of 2FA secrets when changing the BETTER_AUTH_SECRET.
- Updated `package.json` to include a command for running the migration script.
- Refactored the handling of BETTER_AUTH_SECRET to improve security by removing the hardcoded default and introducing a fallback mechanism using environment variables or Docker secrets.
- Updated the authentication logic to utilize the new `betterAuthSecret` function for retrieving the secret.
- Updated the `destinationPath` field in the upload file schema to include a regex validation, ensuring only alphanumeric characters, dots, dashes, underscores, and forward slashes are allowed.
- Added a corresponding regex check in the `uploadFileToContainer` function to validate the destination path before processing, improving input integrity and preventing errors.
- Updated the WebSocket server to encode the log path in base64 before executing the tail command on the remote server.
- Added validation to ensure the directory name adheres to a specified regex pattern, improving input integrity for directory paths.
- Introduced a regex validation for branch names in Bitbucket, Git, Gitea, GitHub, and GitLab provider schemas to ensure valid branch formats.
- Updated the corresponding schemas to include the new validation rule, enhancing input integrity and preventing potential errors.
- Added a utility for branch validation in the server utils.
- Updated the schedule form schema to include an optional 'description' field.
- Enhanced the form to allow users to input a description for each schedule.
- Modified the schedule display component to show the description if available.
- Added a database migration to include the 'description' column in the schedule table.
Introduced an optional 'isolated' boolean property in the CompleteTemplate interface to manage isolated deployment settings. Added tests to verify default behavior (isolated=true) and explicit settings (isolated=true/false) in the deployment configuration.
This change enhances template flexibility for deployment configurations.
Templates using network_mode: host (e.g. cloudflared) can now declare
isolated = false in their [config] section to prevent Dokploy from
injecting networks into the compose, which would cause a Docker error.
Default behavior (isolated = true) is unchanged for all existing templates.
Fixes#4366
Cards with descriptions appeared taller than those without, causing
the 'Created at' and service count text to be misaligned across cards
in the same row.
- Add flex-col and mt-auto to project cards so footer sticks to bottom
- Add h-full to service card Link and Card so they fill the grid cell
Three stray debug console.log calls had been left in production code paths:
- restore-backup.tsx: logged the full form payload on every backup restore
submission.
- add-database.tsx: logged the libsql `enableNamespaces` field value from
inside a `render` callback, firing on every re-render of the parent form.
- project.ts (duplicateProject mutation): logged the freshly-created
target project/environment row on the server on every duplicate.
No behaviour change; strictly removes log noise.
Add 10s AbortSignal timeout to all template fetch calls so they fail
cleanly instead of hanging indefinitely when templates.dokploy.com is
unreachable. Add try/catch to getTags endpoint which was missing error
handling, causing a 500 instead of returning an empty list.
Closes#4282
Replace permanent (301) redirects with temporary (302) redirects across
all pages that check authentication state in getServerSideProps.
Permanent redirects are cached by the browser indefinitely, causing a
bug where users had to manually refresh after login: the browser would
cache the unauthenticated redirect (dashboard → login page) and replay
it even after a successful login, preventing navigation to the dashboard.
Fixes#4220
- Added a maximum length constraint of 255 characters for the email input field.
- Updated validation schema to include a message for exceeding the maximum length.
- Added `sendInvitationEmail` function to send invitation emails when a new organization is created in the cloud environment.
- Updated email template to enhance the invitation message and included a direct link for users to accept the invitation.
- Refactored email sending logic in the user router to utilize the new invitation email rendering function.
- Improved organization invitation email design for better user experience.
