- Added support for editing existing SAML providers, allowing users to update issuer, domains, entry point, and certificate.
- Introduced a new function to parse SAML configuration from JSON.
- Updated the UI to reflect changes in the registration dialog based on whether the user is adding or editing a provider.
- Improved user feedback with success messages tailored for registration and updates.
- Added a new column `created_at` to the `sso_provider` table for better tracking of provider creation times.
`docker stack rm` was chained after `cd` with `&&`, so if the compose
directory didn't exist the stack removal command never executed. This left
orphaned Docker services with occupied ports after deletion via the API.
Also removed a duplicate `execAsync` call that always ran outside the
`if/else` block regardless of `compose.serverId`.
Fixes#3691
- Updated the account linking configuration to include trusted providers fetched from the database, enhancing flexibility in managing SSO integrations.
- Implemented a function to convert IDNs to ASCII punycode format, ensuring compatibility with Traefik requirements.
- Added tests to verify the conversion of IDNs and the handling of ASCII domains in router configurations.
- Enhanced error handling in the addDomainToCompose function to provide more descriptive messages when a domain's service name is missing or when the service does not exist in the compose configuration. This improves debugging and user feedback.
- Added a new component for linking Google and GitHub accounts to user profiles.
- Integrated account linking functionality with the authentication client, allowing users to link and unlink their social accounts.
- Updated the profile settings page to conditionally display the linking account component based on cloud settings.
- Enhanced error handling and loading states for a better user experience.
When called with an empty array, `docker service ps` receives no
SERVICE argument and fails with "requires at least 1 argument".
Return early with [] when appNames is empty.
getSwarmNodes was changed to return [] on error, but the existing
SwarmMonitorCard checks `if (!nodes)` to detect failures. Since ![]
is false, the error state was silently skipped, breaking the Overview
tab for users without Docker Swarm initialized.
Reverted to return undefined on error (original behavior) so the
existing Overview tab error handling continues to work. The Containers
tab already handles nodes === undefined explicitly.
- Changed the default value of BETTER_AUTH_SECRET to ensure compatibility for users who enabled 2FA before the introduction of the new secret.
- This update maintains existing authentication functionality while transitioning to a more secure default.
close https://github.com/Dokploy/dokploy/issues/3645
- Updated the authentication configuration to conditionally include advanced cookie settings only when not in a cloud environment.
- This change enhances flexibility in cookie management while maintaining existing security practices.
- Introduced advanced cookie settings in the authentication configuration, including options for secure cookies and default cookie attributes.
- This enhancement aims to improve security practices related to cookie handling in the application.
- Deleted the SQL file that added a unique constraint on the combination of applicationId and pullRequestId in the preview_deployments table.
- Removed the corresponding entry from the _journal.json to reflect the deletion of the migration.
- Deleted the snapshot file for version 142, which is no longer needed.
- Updated the preview-deployments schema to remove the unique index, reverting to the previous state.
- Introduced a new SQL file to add a unique constraint on the combination of applicationId and pullRequestId in the preview_deployments table.
- Updated the _journal.json to include the new migration entry for version 142.
- Created a new snapshot file for version 142 to reflect the current database schema.
- Modified the preview-deployments schema to include a unique index for applicationId and pullRequestId, enhancing data integrity.
- Updated the ShowDockerLogs component to use optional chaining when accessing the error property of services, preventing potential runtime errors.
- Refactored the deployApplication function to create an applicationEntity object, ensuring consistent use of serverId across repository cloning functions.
- Removed unused createEnvFile function from utils, streamlining the codebase.
- Updated the cron schedule for Docker cleanup tasks across multiple files to use the new CLEANUP_CRON_JOB constant.
- This change enhances maintainability by centralizing the cron schedule configuration, ensuring consistency across the application.
- Added a locking mechanism to prevent concurrent volume backups, ensuring data integrity during backup operations.
- Introduced a `lockWrapper` function that manages the locking process using either `flock` or directory-based locking.
- Updated the `backupVolume` function to utilize the locking mechanism for both application and compose service types, enhancing the reliability of backup processes.
- Updated the database query in the `reconnectServicesToTraefik` function to remove optional chaining, ensuring proper execution of the query.
- This change enhances the reliability of service reconnections to Traefik by ensuring the database connection is correctly utilized.
- Added a new function `reconnectServicesToTraefik` to facilitate the reconnection of services to Traefik based on the server ID.
- The function queries the database for isolated deployments and constructs Docker network connect commands for each service.
- Enhanced the existing Traefik setup process by ensuring services are properly reconnected after setup.
TL;DR: New "Containers" tab on the Swarm page showing which containers
run on which nodes, with live CPU/Memory/Block I/O/Network I/O metrics
refreshing every 5 seconds. Comprehensive edge case handling guides
users through prerequisites (swarm init, registry, service deployment).
---
## New Files
- `apps/dokploy/components/dashboard/swarm/containers/show-swarm-containers.tsx`
Main component: data fetching, error/empty states, summary cards,
and the node-grouped container layout.
- `apps/dokploy/components/dashboard/swarm/containers/node-section.tsx`
Collapsible per-node section with container table, role badge,
and down-node indicator.
- `apps/dokploy/components/dashboard/swarm/containers/container-row.tsx`
Table row for a single container: state badge with error tooltip,
formatted CPU/memory/IO metrics.
- `apps/dokploy/components/dashboard/swarm/containers/utils.ts`
Formatting helpers for docker stats values (CPU %, memory, I/O).
- `apps/dokploy/components/dashboard/swarm/containers/types.ts`
Shared TypeScript interfaces (ContainerStat, ContainerInfo, SwarmNode,
NodeGroup).
## Modified Files
- `apps/dokploy/pages/dashboard/swarm.tsx`
Added Tabs (Overview / Containers) wrapping existing SwarmMonitorCard
and the new ShowSwarmContainers component.
- `apps/dokploy/server/api/routers/swarm.ts`
Added `getContainerStats` tRPC endpoint calling `getAllContainerStats`,
following existing auth/validation patterns.
- `packages/server/src/services/docker.ts`
- Added `getAllContainerStats()` — runs `docker stats --no-stream` for
cluster-wide container metrics.
- Fixed `getSwarmNodes`, `getNodeApplications`, `getApplicationInfo` to
return `[]` instead of `undefined` on errors (prevents tRPC
serialization crashes) and added `console.error` logging.
- Added empty stdout guard (`if (!stdout.trim()) return []`) to prevent
`JSON.parse("")` crashes when no services exist.
## Features
- Container table per node: name, image, state, CPU %, memory usage,
block I/O, and network I/O
- Resource formatting: values rounded to 1 decimal (2.711MiB → 2.7 MiB),
CPU to 1 decimal (0.00% → 0.0%)
- Node role badges (Leader / Reachable / Worker) on each section header
- Error tooltips: hover the status badge to see Docker error details
- Down/drained node detection with red indicator dot and warning banner
- Multi-node metrics banner explaining docker stats manager-only limitation
- Unscheduled services footer for services scaled to 0 replicas
- Contextual empty/error states with actionable guidance, doc links to
Dokploy docs and Docker Swarm guide, and links to Cluster Settings
## Edge Cases Handled
1. Swarm not initialized (tRPC error or undefined data)
2. Docker command failures (stderr / non-zero exit)
3. Swarm active but no services deployed
4. Services exist but no running containers
5. Containers with Docker errors (shown in tooltip + error alert)
6. Nodes down or drained (cross-referenced from node list)
7. Multi-node setups (metrics only from manager node)
8. Services scaled to 0 replicas (separated from running containers)
9. Empty stdout from docker commands (no JSON.parse crash)
- Introduced a new field `giteaInternalUrl` in the Gitea provider settings to allow users to specify an internal URL for OAuth token exchange when Gitea runs on the same instance as Dokploy.
- Updated the Gitea provider forms to include the new field with appropriate descriptions.
- Modified the token exchange logic to utilize the internal URL if provided, enhancing connectivity options for users.
- Updated database schema to accommodate the new field.
- Introduced a new field `gitlabInternalUrl` in the GitLab provider settings to allow users to specify an internal URL for OAuth token exchange when GitLab runs on the same instance as Dokploy.
- Updated the GitLab provider forms to include the new field with appropriate descriptions.
- Modified the token exchange logic to utilize the internal URL if provided, enhancing connectivity options for users.
- Added error message display for containers in both the application and stack log views when using the "swarm" option.
- Updated Docker command to include error information for containers, enhancing visibility into container issues.
- Added support for displaying "ready" state in badge color logic.
- Updated logs display to include container status and current state in the dashboard components.
- Modified Docker command outputs to include status and current state for better visibility of container health.
- Introduced a new column "created_at" with a default timestamp to the "invitation" table.
- Updated the account schema to reflect this change, ensuring consistency across the database structure.
- Added corresponding metadata in the snapshot and journal files for versioning.
- Updated the addDokployNetworkToService function to automatically include the "default" network when adding new networks.
- Modified test cases to reflect the new behavior, ensuring no duplicates of the default network are added.
- Improved handling of network addition for both arrays and objects.
- Eliminated the getDokployImage and pullLatestRelease functions to streamline the settings service.
- Updated the code to focus on dynamic image retrieval, enhancing clarity and maintainability.
- Introduced DriverOptsEntries to the network form schema, allowing users to specify driver options for networks.
- Updated the form UI to support adding, editing, and removing driver options dynamically.
- Adjusted the backend schema to accept driver options as a record of key-value pairs.
- Updated the backupVolume function to use `docker service update --replicas` instead of `docker service scale` for stopping and starting application replicas.
- This change enhances the backup process by ensuring proper handling of service updates with registry authentication.
- Added BETTER_AUTH_SECRET constant to manage authentication secret, defaulting to a predefined value if not set in the environment.
- Updated betterAuth configuration to utilize BETTER_AUTH_SECRET for enhanced security in authentication processes.
- Moved LICENSE_KEY_URL definition to a centralized location for better maintainability.
- Updated license validation function to utilize the new LICENSE_KEY_URL import, enhancing clarity and consistency in API calls.
- Upgraded @types/node from version ^18.19.104 to ^20.16.0 in package.json files for apps/api, apps/dokploy, apps/schedules, and packages/server.
- Adjusted pnpm-lock.yaml to reflect the updated @types/node version across all relevant dependencies.
- Added a new setup file for mock database interactions in the dokploy app to enhance testing capabilities.
- Updated drizzle-orm from version ^0.39.3 to ^0.41.0 for enhanced performance and features.
- Upgraded @better-auth/utils from version 0.2.4 to 0.3.0 to incorporate the latest improvements.
- Adjusted pnpm-lock.yaml to reflect these dependency updates.
- Added logic to retrieve and delete SSO providers, ensuring proper permission checks and error handling.
- Updated user trusted origins when adding or removing SSO providers, maintaining accurate origin lists.
- Refactored trusted origins retrieval to improve clarity and efficiency in the authentication process.
- Introduced utility functions for normalizing trusted origins and converting request headers.
- Added a condition to display the deprecation warning for legacy database credentials only in non-test environments.
- This change prevents unnecessary warnings during testing, improving the developer experience.
- Modified the database URL assignment logic to differentiate between production and development environments.
- Ensured that the correct database URL is used based on the NODE_ENV variable, improving deployment flexibility.
- Deleted the import statement for `getSSOProviders` and the associated logic for fetching issuer origins from SSO providers.
- This cleanup improves code clarity by removing unnecessary dependencies and streamlining the trusted origins configuration.
