Commit Graph

470 Commits

Author SHA1 Message Date
Mauricio Siu
6ff2ca0173 fix: scope dokploy-server schedules to organization instead of user (#4526)
* fix: scope dokploy-server schedules to organization instead of user

Replaces userId with organizationId on the schedule table so that
global (dokploy-server) schedules are shared across all owners and
admins of the same organization, while remaining isolated between
different organizations.

Includes a data migration that backfills organizationId from the
owner membership record for any existing dokploy-server schedules.

Closes #4300

* [autofix.ci] apply automated fixes

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-05-31 15:29:05 -06:00
Mauricio Siu
4ba0f71220 fix: grant create and delete SSH key permissions when canAccessToSSHKeys is enabled for members (#4512) 2026-05-30 01:06:45 -06:00
autofix-ci[bot]
6270bad9af [autofix.ci] apply automated fixes 2026-05-09 08:08:34 +00:00
Mauricio Siu
547ba2d04b feat(validation): enhance registry URL validation in schema
- Introduced a new validation schema for registry URLs, ensuring they conform to a specific format (hostname[:port]) and disallow shell metacharacters.
- Updated the `createSchema`, `apiCreateRegistry`, and `apiTestRegistry` functions to utilize the new registry URL validation.
- Improved security and input integrity for registry URL fields.
- Updated the `removeRegistry` function to escape the registry URL during logout to prevent command injection vulnerabilities.
2026-05-09 01:09:50 -06:00
Mauricio Siu
b9e97eb321 feat(validation): enhance destination path validation in file upload schema
- Updated the `destinationPath` field in the upload file schema to include a regex validation, ensuring only alphanumeric characters, dots, dashes, underscores, and forward slashes are allowed.
- Added a corresponding regex check in the `uploadFileToContainer` function to validate the destination path before processing, improving input integrity and preventing errors.
2026-05-09 00:57:12 -06:00
Mauricio Siu
f5ddc36f24 fix: replace traefik.me with sslip.io for auto-generated domains
Fixes #4365 — traefik.me had availability issues. sslip.io uses the same
IP-in-subdomain format, supports both IPv4 and IPv6, and is more reliable.
2026-05-08 19:04:24 -06:00
Jack
54417ca8e7 fix: limit application columns in findPreviewDeploymentById to avoid postgres 100-arg limit
Closes #4256
2026-04-19 11:14:47 +01:00
autofix-ci[bot]
ddf570a807 [autofix.ci] apply automated fixes 2026-04-14 02:15:37 +00:00
Mauricio Siu
f8eb2ba4ba feat: add containers tab to compose services
Add a Containers tab to the compose service page that lists all
containers with their state, status, and container ID. Each container
has a dropdown menu with lifecycle actions: View Logs, Restart, Start,
Stop, and Kill.

- Add containerStart, containerStop, containerKill functions to docker service
- Add corresponding tRPC procedures with server ownership checks and audit logging
- Update containerRestart to support remote servers via serverId
- Create ShowComposeContainers component with table view and action menu
- Add Containers tab between Deployments and Backups, gated by docker.read permission
2026-04-13 20:11:21 -06:00
Mauricio Siu
825e6b654c fix: prevent orphaned containers when deleting compose services
Commands were chained with && so if the project directory was missing,
cd would fail and docker compose down would never execute — leaving
containers and volumes running. Use semicolons to run each command
independently, matching the existing stack deletion pattern.

Closes #4064
2026-04-09 16:25:36 -06:00
Mauricio Siu
b8db120432 refactor: enhance getContainerLogs function to support app name or ID
- Updated the `getContainerLogs` function to accept either an application name or container ID, improving flexibility in log retrieval.
- Simplified the command execution logic by consolidating the remote and local execution paths.
- Added a new parameter to directly use container IDs, streamlining the process for users.

These changes enhance the usability of the logging feature, allowing for more efficient access to container logs.
2026-04-09 11:41:01 -06:00
Mauricio Siu
7c10610a5a feat: add readLogs procedure to multiple routers for container log retrieval
- Implemented a new `readLogs` procedure across various routers (application, compose, libsql, mariadb, mongo, mysql, postgres, redis) to enable users to retrieve logs from containers.
- Each procedure includes input validation for parameters such as `tail`, `since`, and `search`, ensuring robust access control and authorization checks.
- Enhanced the `getContainerLogs` service to support fetching logs from both Docker containers and services, improving the logging capabilities of the application.

This feature enhances observability and troubleshooting for users by providing direct access to container logs.
2026-04-09 11:40:02 -06:00
Mauricio Siu
090c0226ed feat: add AI log analysis component and integrate into deployment views
- Introduced the AnalyzeLogs component for analyzing logs using AI, allowing users to select AI providers and view analysis results.
- Integrated AnalyzeLogs into the ShowDeployment and DockerLogsId components, enabling log analysis for both build and runtime contexts.
- Updated the AI router to include a new endpoint for log analysis, which processes logs and returns structured insights.
- Enhanced the AI provider selection logic to support new providers, including Z.AI and MiniMax.

This feature enhances the user experience by providing actionable insights from logs, improving troubleshooting and operational efficiency.
2026-04-09 09:27:31 -06:00
Mauricio Siu
19ae575fa8 fix: patches not applied to compose services
writeDomainsToCompose reads the compose file in Node.js before the
shell script runs, so patches applied as shell commands were being
overwritten by the stale pre-patch content.

Split patch execution into a separate step that runs before
getBuildComposeCommand, so the file is already patched when Node.js
reads it for domain injection.

Also added missing patch support to rebuildCompose which was skipping
patches entirely on redeploys.

Closes #4113
2026-04-05 13:28:18 -06:00
Mauricio Siu
bfa4ebc801 feat: add accessedServers permission handling and server access validation
- Introduced `accessedServers` field in user permissions schema and member table.
- Implemented server access validation across various API routers to ensure users can only access permitted servers.
- Added a new query to fetch accessible server IDs based on user roles and licenses.
- Updated UI components to support server selection in user permissions.
2026-04-05 00:06:27 -06:00
Mauricio Siu
2af420ef77 Merge branch 'canary' into invite-user-with-initial-credentials
Resolve conflicts:
- Integrate credentials-based user provisioning with canary changes
- Use withPermission("member", "create") instead of adminProcedure
- Adopt standardSchemaResolver, inviteMember mutation, and custom roles from canary
- Restrict credentials flow to non-cloud environments
2026-04-04 22:36:43 -06:00
Mauricio Siu
87c7305cb2 Merge branch 'canary' into invite-user-with-initial-credentials 2026-04-04 22:34:31 -06:00
Mauricio Siu
7e0fde8041 Merge branch 'canary' into claude/swarm-container-breakdown-VJhK7 2026-04-04 20:53:53 -06:00
Mauricio Siu
5a0ec2c9dc feat: integrate dompurify and simple-icons for enhanced icon management
- Added `dompurify` for sanitizing SVG icons to prevent XSS vulnerabilities.
- Introduced `simple-icons` for a collection of SVG icons, enhancing the icon selection feature.
- Updated the `ShowIconSettings` component to utilize the new icon management logic.
- Removed the obsolete `icons.json` file and replaced it with a new `bundled-icons.ts` file for better structure and maintainability.
- Adjusted related API and component files to accommodate the new icon handling approach.
2026-04-04 20:16:47 -06:00
Mauricio Siu
92caee5a77 refactor(certificate): remove auto-renew field from certificate handling
- Eliminated the `autoRenew` field from the certificate schema, API router, and related components to streamline certificate management.
- Updated form handling and validation logic accordingly to reflect the removal of the auto-renew feature.
2026-04-03 23:00:27 -06:00
Mauricio Siu
5c053777c5 Merge branch 'canary' into feat/3325-add-button-to-edit-certificates 2026-04-03 22:53:22 -06:00
Mauricio Siu
cfa60aa971 refactor(upload): simplify file upload process to Docker container
- Consolidated the file upload logic for both remote and local servers into a single command.
- Removed redundant temporary file handling and streamlined error management.
- Improved code readability by reducing complexity in the uploadFileToContainer function.
2026-04-03 17:29:24 -06:00
Mauricio Siu
13f1de5bd7 Merge branch 'canary' into Easier-Ways-to-Upload-Files-to-a-Docker-Container-#2920 2026-04-03 17:15:57 -06:00
Mauricio Siu
0e3bc444b9 Merge branch 'canary' into typo-fix 2026-04-03 15:26:54 -06:00
autofix-ci[bot]
4030049ee8 [autofix.ci] apply automated fixes 2026-04-03 20:30:20 +00:00
Mauricio Siu
06b18aca08 feat(git-provider): enhance sharing and permissions management
- Added functionality to toggle sharing of Git providers with the organization.
- Introduced a new column "sharedWithOrganization" in the git_provider table to track sharing status.
- Updated user permissions to include accessedGitProviders, allowing for more granular access control.
- Enhanced API routes to support fetching accessible Git providers based on user roles and permissions.
- Implemented UI components for managing Git provider sharing and permissions in the dashboard.
2026-04-03 14:29:48 -06:00
Mauricio Siu
365e055005 feat(notifications): integrate dokployBackup into notification handling
- Added dokployBackup parameter to various notification functions and schemas to support backup notifications.
- Updated HandleNotifications component to include dokployBackup in notification payloads.
- Enhanced notification utilities to accommodate new backup notification types across multiple channels.
2026-04-01 08:26:24 -06:00
Mauricio Siu
f9de42610c Merge branch 'canary' into feat/notifications/dokploy-backup 2026-03-30 16:48:00 -06:00
Tam Nguyen
f83ab2923d stlye: format and lint 2026-03-30 09:34:27 +11:00
autofix-ci[bot]
6d17f62942 [autofix.ci] apply automated fixes 2026-03-29 22:02:53 +00:00
Tam Nguyen
815b8136fa fix: further typos 2026-03-30 09:01:50 +11:00
Mauricio Siu
63aa60f7e2 feat(notification): add volumeBackup parameter to notification creation functions
- Updated createCustomNotification, createLarkNotification, createMattermostNotification, and updateMattermostNotification to include volumeBackup as a parameter, enhancing notification capabilities.
2026-03-29 09:08:46 -06:00
Mauricio Siu
b1ef5dc2c6 feat(docker): implement container removal functionality
- Added RemoveContainerDialog component for user confirmation before removing a Docker container.
- Integrated the dialog into the container management UI.
- Implemented server-side logic for container removal, including permission checks and error handling.
- Updated API router to include the new removeContainer mutation.
2026-03-24 12:56:25 -06:00
Mauricio Siu
d6056972f4 fix(notifications): update Mattermost notification handling
- Changed webhookUrl validation to ensure it is a valid URL.
- Updated input types for createMattermostNotification and updateMattermostNotification functions to use z.infer for better type inference.
- Refactored sendMattermostNotification to improve error handling and payload construction.
2026-03-24 12:39:38 -06:00
Mauricio Siu
76d6de5337 Merge branch 'canary' into feat/add-mattermost-notification-provider 2026-03-24 01:29:08 -06:00
Mauricio Siu
b8f069704c feat(libsql): extend support for 'libsql' in swarm forms and related components
- Updated various swarm form components to include 'libsql' as a valid service type.
- Enhanced query and mutation handling for 'libsql' across multiple forms, ensuring comprehensive integration.
- Adjusted form schemas and data handling to accommodate 'libsql' service requirements, improving overall functionality.
2026-03-23 21:08:18 -06:00
Mauricio Siu
4b6f2c84ac feat(libsql): introduce libsql service schema and update related tables
- Created a new SQL type for 'libsql' and added it to the serviceType enum.
- Established a 'libsql' table with necessary fields and constraints.
- Updated existing tables (backup, mount, volume_backup) to include foreign key references to 'libsql'.
- Adjusted the mount schema to incorporate 'libsql' as a valid service type, enhancing service management capabilities.
2026-03-23 16:14:37 -06:00
Mauricio Siu
116e9d85b7 refactor(mount): streamline service type handling and improve organization ID retrieval
- Updated service type checks in the getBaseFilesPath and getServerId functions to use application and service IDs for better clarity and reliability.
- Removed redundant service type checks and adjusted logic to enhance maintainability.
- Added 'libsql' to the server relations in the schema for improved service management.
2026-03-23 15:51:46 -06:00
Mauricio Siu
bb56a0bae8 feat(libsql): add support for libsql database backups and restores
- Updated backup and restore functionalities to include support for the 'libsql' database type.
- Enhanced the backup process with new methods for running and restoring libsql backups.
- Modified existing components and schemas to accommodate libsql, including updates to the database type enumerations and backup schemas.
- Removed obsolete bottomless replication features from the libsql schema.
- Updated related UI components to reflect changes in backup handling for libsql.
2026-03-19 16:00:39 -06:00
Mauricio Siu
9cc8231188 Merge branch 'canary' into feat/libsql 2026-03-19 11:20:22 -06:00
Mauricio Siu
43f9c114c8 Merge branch 'canary' into cucumber-sp/canary 2026-03-19 01:02:51 -06:00
Mauricio Siu
c2d37631ba Merge branch 'canary' into feat/quick-service-switcher 2026-03-19 00:43:03 -06:00
Mauricio Siu
a45d8ee8f4 feat: update apikey schema and relationships
- Modified the apikey table to drop the user_id column and replace it with reference_id, establishing a foreign key relationship with the user table.
- Added config_id column with a default value to the apikey table.
- Updated related code in the account schema and user service to reflect these changes.
- Enhanced the journal and snapshot files to include the latest schema updates.
2026-03-18 16:26:05 -06:00
Mauricio Siu
a4e9c6e890 feat: implement audit logs and custom role management components
- Added new components for displaying and managing audit logs, including a data table and filters for user actions.
- Introduced a custom roles management interface, allowing users to create and modify roles with specific permissions.
- Updated permission checks to ensure proper access control for audit logs and custom roles.
- Refactored existing components to integrate new functionality and improve user experience.
2026-03-16 11:13:24 -06:00
autofix-ci[bot]
5410a56638 [autofix.ci] apply automated fixes 2026-03-15 22:43:40 +00:00
Mauricio Siu
8127dc4536 feat: add comprehensive permission tests and enhance permission checks in components
- Introduced new test files for permission checks, including `check-permission.test.ts`, `enterprise-only-resources.test.ts`, `resolve-permissions.test.ts`, and `service-access.test.ts`.
- Implemented permission checks in various components to ensure actions are gated by user permissions, including `ShowTraefikConfig`, `UpdateTraefikConfig`, `ShowVolumes`, `ShowDomains`, and others.
- Enhanced the logic for displaying UI elements based on user permissions, ensuring that only authorized users can access or modify resources.
2026-03-15 16:42:48 -06:00
Mohammed Imran
5e6e5ba9d8 Merge branch 'Dokploy:canary' into feat/quick-service-switcher 2026-03-09 21:03:36 +05:30
Mauricio Siu
2102840bb9 fix: add error handling to trusted origins retrieval in admin service 2026-03-08 23:48:51 -06:00
Mauricio Siu
ce82e2322b fix: improve port conflict detection by enhancing error messages and adding host-level service checks 2026-03-08 03:08:38 -06:00
Mauricio Siu
b87f8cc5d8 refactor: streamline deployment cleanup by consolidating removeLastTenDeployments calls 2026-03-07 00:51:28 -06:00