Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-18 05:35:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Dokploy:v0.26.6
Branches Tags
Dokploy:canary Dokploy:feat/tailwind-v4-shadcn-update Dokploy:claude/suspicious-feynman-a8aaf1 Dokploy:claude/thirsty-pascal-5d64f2 Dokploy:claude/friendly-satoshi-01b3ad Dokploy:main Dokploy:fix/docker-permission-escalation Dokploy:dosu/doc-update-4534 Dokploy:fix/env-editor-comment-toggle-shortcut Dokploy:feature/managed-servers Dokploy:feat/scim-provisioning Dokploy:feat/add-telemetry-and-e2e-upgrades Dokploy:feat/service-transfer-migration Dokploy:feat/update-shadcn-colors Dokploy:feat/compose-containers-tab Dokploy:feat/add-network-management Dokploy:feat/add-chat Dokploy:fix/4091-verify-container-health-after-deploy Dokploy:feat/docker-cleanup-tooltip Dokploy:fix/webhook-empty-commits-crash Dokploy:2702-add-disk-usage-display-for-projects Dokploy:dosu/doc-update-4098 Dokploy:dosu/doc-update-4096 Dokploy:dosu/doc-update-4087 Dokploy:dosu/doc-update-4075 Dokploy:2779-implement-removing-unsuedexited-containers Dokploy:dosu/doc-update-2681 Dokploy:dosu/doc-update-3923 Dokploy:3973-daily-docker-cleanup-removes-images-built-by-dokploy-managed-compose-services Dokploy:3994-healthcheck-config-is-malformed-and-blocks-deployments Dokploy:dosu/doc-update-4013 Dokploy:dosu/doc-update-3962 Dokploy:dosu/doc-update-3959 Dokploy:feat/add-whitelabelling Dokploy:3905-isolated-deployment-swarm---network-error Dokploy:dosu/doc-update-3894 Dokploy:dosu/doc-update-3868 Dokploy:feat/add-custom-dokploy-loader Dokploy:3849-github-app-button-stays-disabled-when-sessionorg-hooks-lag-after-login Dokploy:feat/add-key-value-env Dokploy:fix/breaking-change-api-rever4t Dokploy:3321-allow-users-to-customize-or-increase-the-number-of-visible-deployments Dokploy:3673-dokploy-fails-with-bad-request-after-webui-triggered-update-and-does-not-recover-automatically Dokploy:feat/add-teams-notification-provider Dokploy:3722-deleted-an-environment-and-all-the-services-werent-deleted Dokploy:copilot/fix-organization-picker-scroll Dokploy:patches-impl Dokploy:copilot/fix-loading-placeholder-6cd351b6-a234-470d-be59-fda49ee84adb Dokploy:copilot/fix-loading-placeholder-ae0fb1cd-6026-42d6-a962-1156cfab3ec0 Dokploy:copilot/fix-loading-placeholder-issue Dokploy:copilot/fix-loading-placeholder-one-more-time Dokploy:copilot/fix-loading-placeholder-please-work Dokploy:copilot/fix-loading-placeholder-yet-again Dokploy:copilot/fix-loading-placeholder Dokploy:copilot/fix-loading-placeholder-again Dokploy:copilot/fix-loading-placeholder-another-one Dokploy:copilot/fix-loading-placeholder-display Dokploy:copilot/fix-loading-placeholder-ui Dokploy:ulimits Dokploy:3440-attempting-to-add-or-update-traefik-environment-variables-fails-with-status-520 Dokploy:feat/introduce-license-key-pay Dokploy:feat/add-white-labeling Dokploy:fix/security-issue-GHSA-wmqj-wr9q-327p Dokploy:fix/prevent-send-malicious-bash Dokploy:feat/add-license-key-enterprise Dokploy:copilot/fix-azure-openai-endpoint Dokploy:3454-subscribe-issue Dokploy:core-model Dokploy:copilot/add-deployment-id-to-job Dokploy:copilot/fix-mongodb-restore-error Dokploy:copilot/fix-s3-backup-failure Dokploy:copilot/fix-zombie-processes-issue Dokploy:3301-volume-restore-fails-without-explicit-log-error Dokploy:feat/add-admin-creation-projects Dokploy:copilot/fix-volume-backup-failures Dokploy:2326-add-support-for-envecample Dokploy:feat/add-concurrent-builds Dokploy:feat/add-form-based-swarm-settings Dokploy:2916-container-not-started-if-the-volume-contains-spaces Dokploy:2713-mongodb-restore-fails-for-large-backups-stderr-maxbuffer-length-exceeded Dokploy:feat/introduce-server-pay Dokploy:fix/delete-railpack-builder-when-finish Dokploy:feat/concurrent-builds Dokploy:2234-database-migration-fails-with-password-authentication-failed-when-using-a-custom-postgres_password Dokploy:2451-github-webhook-delivery-failing Dokploy:feat/label-previews Dokploy:1126-allow-multiserver-deployment-as-non-root-user Dokploy:2397-gitprovidergetall-endpoint-returns-500-error---undefined_value-undefined-values-are-not-allowed Dokploy:1495-setting-to-createadd-docker-network-to-container Dokploy:2263-swarm-containers-no-data-found Dokploy:2273-service-discovery-not-working-on-0240---0245-update Dokploy:1757-unable-to-access-api-endpoints---receiving-401-unauthorized Dokploy:1365-create-preview-deployment-using-api Dokploy:feat/add-admin-roles Dokploy:feat/add-port-application Dokploy:fix/dokploy-innacesible Dokploy:1888-docker-compose-preview-is-null Dokploy:1852-default-option-for-select-a-server-being-dokploy Dokploy:feat/introduce-monitoring-self-hosted-pay Dokploy:1730-pg_restore-continuously-retrying Dokploy:1766-cant-login-when-use-domain-name Dokploy:1761-unable-to-delete-remote-server Dokploy:feat/caddy Dokploy:1619-docker-self-hosted-registry-disable-tls-verification Dokploy:1659-environment-variable-parsing-issue-with-character-in-railpack-nuxt-app-or-other Dokploy:feat/backups-for-dokploy Dokploy:1481-traefik-configuration-with-alternative-ports-is-broken-after-020x Dokploy:1463-403-forbidden-when-attempting-to-save-build-type-of-application Dokploy:407-feature-docker-build-secrets Dokploy:fix/adjust-message Dokploy:feat/better-auth Dokploy:feat/better-auth-simple Dokploy:migration/templates Dokploy:635-the-registry-password-is-visible-when-calling-the-api-projectall Dokploy:481-when-adding-the-registry-the-parameters-were-not-escaped-leading-to-a-bug-and-security-vulnerability Dokploy:wip Dokploy:feat/multiple-destinations
Dokploy:v0.29.8 Dokploy:v0.29.7 Dokploy:v0.29.6 Dokploy:v0.29.5 Dokploy:v0.29.4 Dokploy:v0.29.3 Dokploy:v0.29.2 Dokploy:v0.29.1 Dokploy:v0.29.0 Dokploy:v0.28.8 Dokploy:v0.28.7 Dokploy:v0.28.6 Dokploy:v0.28.5 Dokploy:v0.28.4 Dokploy:v0.28.3 Dokploy:v0.28.2 Dokploy:v0.28.1 Dokploy:v0.28.0 Dokploy:v0.27.1 Dokploy:v0.27.0 Dokploy:v0.26.7 Dokploy:v0.26.6 Dokploy:v0.26.5 Dokploy:v0.26.4 Dokploy:v0.26.3 Dokploy:v0.26.2 Dokploy:v0.26.1 Dokploy:v0.26.0 Dokploy:v0.25.11 Dokploy:v0.25.10 Dokploy:v0.25.9 Dokploy:v0.25.8 Dokploy:v0.25.7 Dokploy:v0.25.6 Dokploy:v0.25.5 Dokploy:v0.25.4 Dokploy:v0.25.3 Dokploy:v0.25.2 Dokploy:v0.25.1 Dokploy:v0.25.0 Dokploy:v0.24.12 Dokploy:v0.24.11 Dokploy:v0.24.10 Dokploy:v0.24.9 Dokploy:v0.24.8 Dokploy:v0.24.7 Dokploy:v0.24.6 Dokploy:v0.24.5 Dokploy:v0.24.4 Dokploy:v0.24.3 Dokploy:v0.24.2 Dokploy:v0.24.1 Dokploy:v0.24.0 Dokploy:v0.23.7 Dokploy:v0.23.6 Dokploy:v0.23.5 Dokploy:v0.23.4 Dokploy:v0.23.3 Dokploy:v0.23.2 Dokploy:v0.23.1 Dokploy:v0.23.0 Dokploy:v0.22.7 Dokploy:v0.22.6 Dokploy:v0.22.5 Dokploy:v0.22.4 Dokploy:v0.22.3 Dokploy:v0.22.2 Dokploy:v0.22.1 Dokploy:v0.22.0 Dokploy:v0.21.8 Dokploy:v0.21.7 Dokploy:v0.21.6 Dokploy:v0.21.5 Dokploy:v0.21.4 Dokploy:v0.21.3 Dokploy:v0.21.2 Dokploy:v0.21.1 Dokploy:v0.21.0 Dokploy:v0.20.8 Dokploy:v0.20.7 Dokploy:v0.20.6 Dokploy:v0.20.5 Dokploy:v0.20.4 Dokploy:v0.20.3 Dokploy:v0.20.2 Dokploy:v0.20.1 Dokploy:v0.20.0 Dokploy:v0.19.1 Dokploy:v0.19.0 Dokploy:v0.18.4 Dokploy:v0.18.3 Dokploy:v0.18.2 Dokploy:v0.18.1 Dokploy:v0.18.0 Dokploy:v0.17.9 Dokploy:v0.17.8 Dokploy:v0.17.7 Dokploy:v0.17.6 Dokploy:v0.17.5 Dokploy:v0.17.4 Dokploy:v0.17.3 Dokploy:v0.17.2 Dokploy:v0.17.1 Dokploy:v0.17.0 Dokploy:v0.16.1 Dokploy:v0.16.0 Dokploy:v0.15.1 Dokploy:v0.15.0 Dokploy:v0.14.1 Dokploy:v0.14.0 Dokploy:v0.13.1 Dokploy:v0.13.0 Dokploy:v0.12.0 Dokploy:v0.11.2 Dokploy:v0.11.1 Dokploy:v0.11.0 Dokploy:v0.10.10 Dokploy:v0.10.9 Dokploy:v0.10.7 Dokploy:v0.10.6 Dokploy:v0.10.5 Dokploy:v0.10.4 Dokploy:v0.10.3 Dokploy:v0.10.2 Dokploy:v0.10.1 Dokploy:v0.10.0 Dokploy:v0.9.4 Dokploy:v0.9.3 Dokploy:v0.9.2 Dokploy:v0.9.1 Dokploy:v0.9.0 Dokploy:v0.8.3 Dokploy:v0.8.2 Dokploy:v0.8.1 Dokploy:v0.8.0 Dokploy:v0.7.3 Dokploy:v0.7.2 Dokploy:v0.7.1 Dokploy:v0.7.0 Dokploy:v0.6.3 Dokploy:v0.6.2 Dokploy:v0.6.1 Dokploy:v0.6.0 Dokploy:v0.5.1 Dokploy:v0.5.0 Dokploy:v0.4.0 Dokploy:v0.3.3 Dokploy:v0.3.2 Dokploy:v0.3.1 Dokploy:v0.3.0 Dokploy:v0.2.5 Dokploy:v0.2.4 Dokploy:v0.2.3 Dokploy:v0.2.2 Dokploy:v0.2.1 Dokploy:v0.2.0 Dokploy:v0.1.0 Dokploy:v0.0.4 Dokploy:v0.0.3 Dokploy:v0.0.2 Dokploy:v0.0.1
..
compare: Dokploy:feat/add-white-labeling
Branches Tags
Dokploy:feat/tailwind-v4-shadcn-update Dokploy:canary Dokploy:claude/suspicious-feynman-a8aaf1 Dokploy:claude/thirsty-pascal-5d64f2 Dokploy:claude/friendly-satoshi-01b3ad Dokploy:main Dokploy:fix/docker-permission-escalation Dokploy:dosu/doc-update-4534 Dokploy:fix/env-editor-comment-toggle-shortcut Dokploy:feature/managed-servers Dokploy:feat/scim-provisioning Dokploy:feat/add-telemetry-and-e2e-upgrades Dokploy:feat/service-transfer-migration Dokploy:feat/update-shadcn-colors Dokploy:feat/compose-containers-tab Dokploy:feat/add-network-management Dokploy:feat/add-chat Dokploy:fix/4091-verify-container-health-after-deploy Dokploy:feat/docker-cleanup-tooltip Dokploy:fix/webhook-empty-commits-crash Dokploy:2702-add-disk-usage-display-for-projects Dokploy:dosu/doc-update-4098 Dokploy:dosu/doc-update-4096 Dokploy:dosu/doc-update-4087 Dokploy:dosu/doc-update-4075 Dokploy:2779-implement-removing-unsuedexited-containers Dokploy:dosu/doc-update-2681 Dokploy:dosu/doc-update-3923 Dokploy:3973-daily-docker-cleanup-removes-images-built-by-dokploy-managed-compose-services Dokploy:3994-healthcheck-config-is-malformed-and-blocks-deployments Dokploy:dosu/doc-update-4013 Dokploy:dosu/doc-update-3962 Dokploy:dosu/doc-update-3959 Dokploy:feat/add-whitelabelling Dokploy:3905-isolated-deployment-swarm---network-error Dokploy:dosu/doc-update-3894 Dokploy:dosu/doc-update-3868 Dokploy:feat/add-custom-dokploy-loader Dokploy:3849-github-app-button-stays-disabled-when-sessionorg-hooks-lag-after-login Dokploy:feat/add-key-value-env Dokploy:fix/breaking-change-api-rever4t Dokploy:3321-allow-users-to-customize-or-increase-the-number-of-visible-deployments Dokploy:3673-dokploy-fails-with-bad-request-after-webui-triggered-update-and-does-not-recover-automatically Dokploy:feat/add-teams-notification-provider Dokploy:3722-deleted-an-environment-and-all-the-services-werent-deleted Dokploy:copilot/fix-organization-picker-scroll Dokploy:patches-impl Dokploy:copilot/fix-loading-placeholder-6cd351b6-a234-470d-be59-fda49ee84adb Dokploy:copilot/fix-loading-placeholder-ae0fb1cd-6026-42d6-a962-1156cfab3ec0 Dokploy:copilot/fix-loading-placeholder-issue Dokploy:copilot/fix-loading-placeholder-one-more-time Dokploy:copilot/fix-loading-placeholder-please-work Dokploy:copilot/fix-loading-placeholder-yet-again Dokploy:copilot/fix-loading-placeholder Dokploy:copilot/fix-loading-placeholder-again Dokploy:copilot/fix-loading-placeholder-another-one Dokploy:copilot/fix-loading-placeholder-display Dokploy:copilot/fix-loading-placeholder-ui Dokploy:ulimits Dokploy:3440-attempting-to-add-or-update-traefik-environment-variables-fails-with-status-520 Dokploy:feat/introduce-license-key-pay Dokploy:feat/add-white-labeling Dokploy:fix/security-issue-GHSA-wmqj-wr9q-327p Dokploy:fix/prevent-send-malicious-bash Dokploy:feat/add-license-key-enterprise Dokploy:copilot/fix-azure-openai-endpoint Dokploy:3454-subscribe-issue Dokploy:core-model Dokploy:copilot/add-deployment-id-to-job Dokploy:copilot/fix-mongodb-restore-error Dokploy:copilot/fix-s3-backup-failure Dokploy:copilot/fix-zombie-processes-issue Dokploy:3301-volume-restore-fails-without-explicit-log-error Dokploy:feat/add-admin-creation-projects Dokploy:copilot/fix-volume-backup-failures Dokploy:2326-add-support-for-envecample Dokploy:feat/add-concurrent-builds Dokploy:feat/add-form-based-swarm-settings Dokploy:2916-container-not-started-if-the-volume-contains-spaces Dokploy:2713-mongodb-restore-fails-for-large-backups-stderr-maxbuffer-length-exceeded Dokploy:feat/introduce-server-pay Dokploy:fix/delete-railpack-builder-when-finish Dokploy:feat/concurrent-builds Dokploy:2234-database-migration-fails-with-password-authentication-failed-when-using-a-custom-postgres_password Dokploy:2451-github-webhook-delivery-failing Dokploy:feat/label-previews Dokploy:1126-allow-multiserver-deployment-as-non-root-user Dokploy:2397-gitprovidergetall-endpoint-returns-500-error---undefined_value-undefined-values-are-not-allowed Dokploy:1495-setting-to-createadd-docker-network-to-container Dokploy:2263-swarm-containers-no-data-found Dokploy:2273-service-discovery-not-working-on-0240---0245-update Dokploy:1757-unable-to-access-api-endpoints---receiving-401-unauthorized Dokploy:1365-create-preview-deployment-using-api Dokploy:feat/add-admin-roles Dokploy:feat/add-port-application Dokploy:fix/dokploy-innacesible Dokploy:1888-docker-compose-preview-is-null Dokploy:1852-default-option-for-select-a-server-being-dokploy Dokploy:feat/introduce-monitoring-self-hosted-pay Dokploy:1730-pg_restore-continuously-retrying Dokploy:1766-cant-login-when-use-domain-name Dokploy:1761-unable-to-delete-remote-server Dokploy:feat/caddy Dokploy:1619-docker-self-hosted-registry-disable-tls-verification Dokploy:1659-environment-variable-parsing-issue-with-character-in-railpack-nuxt-app-or-other Dokploy:feat/backups-for-dokploy Dokploy:1481-traefik-configuration-with-alternative-ports-is-broken-after-020x Dokploy:1463-403-forbidden-when-attempting-to-save-build-type-of-application Dokploy:407-feature-docker-build-secrets Dokploy:fix/adjust-message Dokploy:feat/better-auth Dokploy:feat/better-auth-simple Dokploy:migration/templates Dokploy:635-the-registry-password-is-visible-when-calling-the-api-projectall Dokploy:481-when-adding-the-registry-the-parameters-were-not-escaped-leading-to-a-bug-and-security-vulnerability Dokploy:wip Dokploy:feat/multiple-destinations
Dokploy:v0.29.8 Dokploy:v0.29.7 Dokploy:v0.29.6 Dokploy:v0.29.5 Dokploy:v0.29.4 Dokploy:v0.29.3 Dokploy:v0.29.2 Dokploy:v0.29.1 Dokploy:v0.29.0 Dokploy:v0.28.8 Dokploy:v0.28.7 Dokploy:v0.28.6 Dokploy:v0.28.5 Dokploy:v0.28.4 Dokploy:v0.28.3 Dokploy:v0.28.2 Dokploy:v0.28.1 Dokploy:v0.28.0 Dokploy:v0.27.1 Dokploy:v0.27.0 Dokploy:v0.26.7 Dokploy:v0.26.6 Dokploy:v0.26.5 Dokploy:v0.26.4 Dokploy:v0.26.3 Dokploy:v0.26.2 Dokploy:v0.26.1 Dokploy:v0.26.0 Dokploy:v0.25.11 Dokploy:v0.25.10 Dokploy:v0.25.9 Dokploy:v0.25.8 Dokploy:v0.25.7 Dokploy:v0.25.6 Dokploy:v0.25.5 Dokploy:v0.25.4 Dokploy:v0.25.3 Dokploy:v0.25.2 Dokploy:v0.25.1 Dokploy:v0.25.0 Dokploy:v0.24.12 Dokploy:v0.24.11 Dokploy:v0.24.10 Dokploy:v0.24.9 Dokploy:v0.24.8 Dokploy:v0.24.7 Dokploy:v0.24.6 Dokploy:v0.24.5 Dokploy:v0.24.4 Dokploy:v0.24.3 Dokploy:v0.24.2 Dokploy:v0.24.1 Dokploy:v0.24.0 Dokploy:v0.23.7 Dokploy:v0.23.6 Dokploy:v0.23.5 Dokploy:v0.23.4 Dokploy:v0.23.3 Dokploy:v0.23.2 Dokploy:v0.23.1 Dokploy:v0.23.0 Dokploy:v0.22.7 Dokploy:v0.22.6 Dokploy:v0.22.5 Dokploy:v0.22.4 Dokploy:v0.22.3 Dokploy:v0.22.2 Dokploy:v0.22.1 Dokploy:v0.22.0 Dokploy:v0.21.8 Dokploy:v0.21.7 Dokploy:v0.21.6 Dokploy:v0.21.5 Dokploy:v0.21.4 Dokploy:v0.21.3 Dokploy:v0.21.2 Dokploy:v0.21.1 Dokploy:v0.21.0 Dokploy:v0.20.8 Dokploy:v0.20.7 Dokploy:v0.20.6 Dokploy:v0.20.5 Dokploy:v0.20.4 Dokploy:v0.20.3 Dokploy:v0.20.2 Dokploy:v0.20.1 Dokploy:v0.20.0 Dokploy:v0.19.1 Dokploy:v0.19.0 Dokploy:v0.18.4 Dokploy:v0.18.3 Dokploy:v0.18.2 Dokploy:v0.18.1 Dokploy:v0.18.0 Dokploy:v0.17.9 Dokploy:v0.17.8 Dokploy:v0.17.7 Dokploy:v0.17.6 Dokploy:v0.17.5 Dokploy:v0.17.4 Dokploy:v0.17.3 Dokploy:v0.17.2 Dokploy:v0.17.1 Dokploy:v0.17.0 Dokploy:v0.16.1 Dokploy:v0.16.0 Dokploy:v0.15.1 Dokploy:v0.15.0 Dokploy:v0.14.1 Dokploy:v0.14.0 Dokploy:v0.13.1 Dokploy:v0.13.0 Dokploy:v0.12.0 Dokploy:v0.11.2 Dokploy:v0.11.1 Dokploy:v0.11.0 Dokploy:v0.10.10 Dokploy:v0.10.9 Dokploy:v0.10.7 Dokploy:v0.10.6 Dokploy:v0.10.5 Dokploy:v0.10.4 Dokploy:v0.10.3 Dokploy:v0.10.2 Dokploy:v0.10.1 Dokploy:v0.10.0 Dokploy:v0.9.4 Dokploy:v0.9.3 Dokploy:v0.9.2 Dokploy:v0.9.1 Dokploy:v0.9.0 Dokploy:v0.8.3 Dokploy:v0.8.2 Dokploy:v0.8.1 Dokploy:v0.8.0 Dokploy:v0.7.3 Dokploy:v0.7.2 Dokploy:v0.7.1 Dokploy:v0.7.0 Dokploy:v0.6.3 Dokploy:v0.6.2 Dokploy:v0.6.1 Dokploy:v0.6.0 Dokploy:v0.5.1 Dokploy:v0.5.0 Dokploy:v0.4.0 Dokploy:v0.3.3 Dokploy:v0.3.2 Dokploy:v0.3.1 Dokploy:v0.3.0 Dokploy:v0.2.5 Dokploy:v0.2.4 Dokploy:v0.2.3 Dokploy:v0.2.2 Dokploy:v0.2.1 Dokploy:v0.2.0 Dokploy:v0.1.0 Dokploy:v0.0.4 Dokploy:v0.0.3 Dokploy:v0.0.2 Dokploy:v0.0.1

64 Commits
v0.26.6 ... feat/add-w

Author SHA1 Message Date
Mauricio Siu
1d266b0840 feat(whitelabel): implement whitelabeling features and settings 
- Added whitelabeling support, allowing customization of application name, logos, and login page.
- Introduced new WhitelabelSettings component for managing whitelabel configurations.
- Updated onboarding and sidebar layouts to reflect whitelabel settings dynamically.
- Created database schema changes to accommodate new whitelabel fields.
- Implemented API endpoints for retrieving and updating whitelabel settings.
 2026-01-31 05:29:41 -06:00
Mauricio Siu
54229b0dcd Merge branch 'canary' into feat/introduce-license-key-pay 2026-01-31 05:16:27 -06:00
Mauricio Siu
6b42c9d142 feat(auth): expand disabled paths for SSO registration and organization management 
- Added new disabled paths for organization creation, update, and deletion to enhance security in the authentication flow.
 2026-01-31 05:11:45 -06:00
Mauricio Siu
7665b38b79 feat(sso): refine provider query to include user ID for enhanced security 
- Updated the `listProviders` query to filter SSO providers by both organization ID and user ID.
- Modified the provider validation logic to ensure that only relevant providers are returned for the authenticated user.
 2026-01-31 04:46:57 -06:00
Mauricio Siu
d5de5b8ad7 feat(sso): implement SSO provider registration and update related components 
- Refactored SSO registration logic in `register-oidc-dialog` and `register-saml-dialog` to use a new mutation method.
- Removed unused imports and error handling for registration failures.
- Added foreign key constraint for `organization_id` in the `sso_provider` table.
- Introduced new SSO schema and updated user relations to include SSO providers.
- Enhanced authentication flow to support SSO provider registration.
 2026-01-31 04:43:47 -06:00
Mauricio Siu
fa201a5a96 Update package.json 2026-01-31 04:35:39 -06:00
Mauricio Siu
d22d96105c feat(auth): add SSO request handling and provider validation in authentication flow 2026-01-31 03:50:54 -06:00
Mauricio Siu
bc5c65b2d2 Merge branch 'canary' into feat/introduce-license-key-pay 2026-01-31 03:44:31 -06:00
Mauricio Siu
431ad914f8 Merge pull request #3568 from Dokploy/copilot/fix-swarm-settings-test-commands 
Fix swarm health check test commands not persisting
 2026-01-31 03:21:20 -06:00
Mauricio Siu
0575fabb0f Merge branch 'canary' into copilot/fix-swarm-settings-test-commands 2026-01-31 03:19:29 -06:00
Mauricio Siu
385a494c83 Merge pull request #3556 from vtomasr5/fix-saving-swarm-settings-placement-preferences 
fix: Save Placement button not working for Preferences in Swarm settings
 2026-01-31 03:18:41 -06:00
copilot-swe-agent[bot]
d3f0bf654b Fix TypeScript type annotations in health check form 
Co-authored-by: Siumauricio <47042324+Siumauricio@users.noreply.github.com>
 2026-01-31 09:16:49 +00:00
copilot-swe-agent[bot]
9e8dacfe06 Fix health check form to properly sync test commands with form state 
Co-authored-by: Siumauricio <47042324+Siumauricio@users.noreply.github.com>
 2026-01-31 09:14:40 +00:00
copilot-swe-agent[bot]
f450b13dc5 Initial plan 2026-01-31 09:10:37 +00:00
Mauricio Siu
9e80bf45d0 Merge pull request #3567 from Dokploy/fix/security-GHSA-wmqj-wr9q-327p 
feat(schema): enhance appName validation across database schemas with…
 2026-01-31 03:06:56 -06:00
Mauricio Siu
a635908e43 fix(mariadb): correct appName validation to use built appName for uniqueness check 2026-01-31 03:05:08 -06:00
Mauricio Siu
960892fd8d feat(schema): enhance appName validation across database schemas with regex and message 2026-01-31 03:01:49 -06:00
Mauricio Siu
acb3c1d238 Add Sign-In Options for Cloud Users: Integrate GitHub and Google sign-in components into the registration page, allowing cloud users to register using these methods. Update UI to present alternative registration options, enhancing user experience. 2026-01-31 01:23:30 -06:00
Mauricio Siu
68587c3c8b Add SSO Provider Integration: Introduce getSSOProviders function to fetch SSO provider details from the database. Update authentication logic to include SSO domains in the server settings, enhancing SSO functionality and user experience. 2026-01-31 01:04:22 -06:00
Mauricio Siu
cae7a92599 Refactor SSO Registration Dialogs: Update RegisterOidcDialog and RegisterSamlDialog components to use field arrays for managing multiple domains and scopes. Enhance validation logic to ensure at least one domain is provided. Improve UI for adding and removing domains and scopes dynamically, streamlining the user experience in SSO configuration. 2026-01-31 00:55:09 -06:00
Mauricio Siu
f3d9960b7f Implement SSO Sign-In Options: Add components for signing in with GitHub, Google, and SSO, enhancing user authentication methods. Update SSO settings to conditionally render based on enterprise features and improve the overall login experience on the homepage. 2026-01-30 22:28:17 -06:00
Mauricio Siu
66b4bf2c4e Comment out user, session, account, verification, and apikey table definitions in auth-schema2.ts for future refactoring and cleanup. 2026-01-30 20:38:13 -06:00
Mauricio Siu
c4515a2ca4 Fix admin creation check in authentication logic: Re-enable the check for existing admin presence before creating a new admin, ensuring proper error handling for duplicate admin creation. Update cloud condition to account for admin presence. 2026-01-30 20:37:39 -06:00
autofix-ci[bot]
1f33b0fd24 [autofix.ci] apply automated fixes 2026-01-31 02:35:36 +00:00
Mauricio Siu
3c2f675eb9 Enhance SSO Functionality: Add detailed view for SSO providers in SSOSettings, including OIDC and SAML configuration parsing. Implement loading states for SSO sign-in on the homepage and expose a public API for listing SSO providers. Update UI components for better user experience and maintainability. 2026-01-30 20:35:17 -06:00
autofix-ci[bot]
61f6bbfe1c [autofix.ci] apply automated fixes 2026-01-31 02:34:32 +00:00
Vicens Juan Tomas Monserrat
8caae549b2 fix(swarm): resolve Save Placement button not working for Preferences 
The button was unresponsive because the form's flat data structure
  ({ SpreadDescriptor }) didn't match the Zod schema's nested structure
  ({ Spread: { SpreadDescriptor } }), causing silent validation failure.

  Updated schema to match form state and transform to nested structure
  only when submitting to the API.
 2026-01-30 11:48:34 +01:00
Mauricio Siu
30c3e44422 Refactor SSO Registration Dialogs: Remove onSuccess prop from RegisterOidcDialog and RegisterSamlDialog components, replacing it with a call to invalidate the list of SSO providers after successful registration. Update SSOSettings to reflect these changes, enhancing the overall state management and consistency across the dialogs. 2026-01-29 22:56:25 -06:00
Mauricio Siu
f72bc28d70 Refactor enterprise backup cron job initialization: Simplified the cron job setup by consolidating user retrieval and validation logic into a single scheduled job. Updated the schedule to run every 3 days and removed redundant checks for user length. 2026-01-29 22:54:52 -06:00
Mauricio Siu
82c06a487a Remove refresh-license-validity API endpoint and integrate enterprise backup cron job initialization: Deleted the cron endpoint for refreshing license validity and added the initialization of enterprise backup cron jobs in the server setup. Updated the enterprise cron job logic to filter users based on license key and enterprise feature status. 2026-01-29 22:42:59 -06:00
Mauricio Siu
12a87f9f8b Enhance License Key Management and Enterprise Features: Update license key validation logic to ensure proper handling of enterprise licenses, including new cron job for refreshing license validity. Introduce new SQL migration for isValidEnterpriseLicense column and refactor related API procedures for better error handling and user feedback. 2026-01-29 22:37:10 -06:00
Mauricio Siu
9a8de9ae16 Add Enterprise Feature Gate Component: Introduce EnterpriseFeatureGate and EnterpriseFeatureLocked components to manage access to enterprise features based on license validation. Integrate the EnterpriseFeatureGate into the SSO settings page to conditionally render SSOSettings based on license status. 2026-01-29 22:16:23 -06:00
Mauricio Siu
6064b8ca48 Implement SAML Provider Registration and Enhance OIDC Dialog: Add a new SAML provider registration dialog with form validation using Zod, integrate it into the SSO settings page, and refactor the OIDC registration dialog to utilize React Hook Form for improved state management and validation. 2026-01-29 22:11:09 -06:00
Mauricio Siu
7f27601f7f Implement Single Sign-On (SSO) Feature: Add SSO settings page, integrate OIDC provider registration dialog, and update dependencies for better-auth to version 1.4.18. Enhance user interface with new SSO menu item and improve database schema for SSO providers. 2026-01-29 22:01:48 -06:00
Mauricio Siu
2e7f4dc1a2 Refactor License Key Settings UI: Simplify conditional rendering for license key management, update contact link to the official site, and enhance user feedback with improved loading states for activation and validation processes. 2026-01-29 08:14:35 -06:00
Mauricio Siu
2b52332e43 Enhance License Key Management: Add loading state for license key validation, implement query to check for valid license keys, and improve UI feedback during license key checks. 2026-01-29 07:58:50 -06:00
Mauricio Siu
346216fc71 Add License Settings Page: Introduce a new License settings page with server-side validation and layout integration, and update the sidebar menu to include a link for accessing the License settings. 2026-01-28 23:35:25 -06:00
Mauricio Siu
c9ffb99808 Refactor license key deactivation process: update API to retrieve the current user's license key and improve error handling for user validation and missing license keys. 2026-01-28 23:32:04 -06:00
Mauricio Siu
cbfa690a80 Improve error handling in license key management: update error logging to provide more informative messages for validation, activation, and deactivation processes. 2026-01-28 23:30:48 -06:00
Mauricio Siu
262960a59a Refactor license key management: remove legacy license key settings component, enhance license key validation and activation in the API, and implement new methods for activating and deactivating license keys. 2026-01-28 23:26:04 -06:00
Mauricio Siu
709ffddd4f Update better-auth dependency to version 1.2.8 and enhance license key validation in the API to require at least one of enableEnterpriseFeatures or licenseKey. 2026-01-28 22:50:10 -06:00
Mauricio Siu
0c299a3807 Refactor license key management: update API calls to use licenseKey router and clean up organization router by removing enterprise settings methods 2026-01-28 22:39:35 -06:00
Mauricio Siu
25fa362cdb Add enterprise features management: implement license key settings and update user schema 2026-01-28 22:34:17 -06:00
Mauricio Siu
f680818b56 Add enterprise features management: implement license key settings and update user schema 2026-01-28 11:03:00 -06:00
Mauricio Siu
20226a300c Merge pull request #3256 from luojiyin1987/fix/dockerfile-cmd-format 
Fix/dockerfile cmd format
 2026-01-28 09:57:07 -06:00
Mauricio Siu
5f5c4f0e18 Merge branch 'canary' into fix/dockerfile-cmd-format 2026-01-28 09:55:56 -06:00
Mauricio Siu
c579dbeb1c Merge pull request #3540 from Dokploy/3491-ssl-certificate-issuance-broken-with-inwx 
chore(traefik): update Traefik version to 3.6.7 in setup scripts
 2026-01-28 00:18:17 -06:00
Mauricio Siu
cee1dc97ba chore(traefik): update Traefik version to 3.6.7 in setup scripts 2026-01-28 00:16:06 -06:00
Mauricio Siu
b9419ed5f1 Merge pull request #3539 from Dokploy/3493-when-adding-a-git-repository-as-a-provider-spaces-in-the-repo-name-break-the-repo-selection 
feat(bitbucket): add optional slug field for repositories and update …
 2026-01-28 00:14:21 -06:00
Mauricio Siu
6bc07d7675 feat(drop): add optional bitbucketRepositorySlug field to baseApp configuration in tests 2026-01-28 00:12:42 -06:00
autofix-ci[bot]
f72dfb3fc7 [autofix.ci] apply automated fixes 2026-01-28 06:10:38 +00:00
Mauricio Siu
27a0490536 feat(bitbucket): add optional slug field for repositories and update related logic 2026-01-28 00:09:56 -06:00
Mauricio Siu
ec6849205a Merge pull request #3537 from Dokploy/3510-commit-message-is-wrong-when-using-remote-builder 
fix(application): update commit info extraction to include appName an…
 2026-01-27 21:47:19 -06:00
Mauricio Siu
9934346d8c fix(application): update commit info extraction to include appName and serverId 2026-01-27 21:46:54 -06:00
Mauricio Siu
5c89973cc2 Merge pull request #3385 from stripsior/chore/bump-postgres 
chore(databases): bump default postgres version while creating to 18
 2026-01-27 21:18:50 -06:00
Mauricio Siu
4e8cdfbc80 Merge pull request #3447 from pluisol/feature/pushover-notifications 
feat: add Pushover notification provider
 2026-01-27 21:16:36 -06:00
Plui Sol
7db1f3a69a feat: add Pushover notification provider 2026-01-12 21:35:07 -05:00
Plui Sol
67f0c93298 Merge remote-tracking branch 'origin/canary' into feature/pushover-notifications 2026-01-12 21:31:48 -05:00
Plui Sol
046c52529b feat: add Pushover notification provider 2026-01-12 21:31:12 -05:00
stripsior
27dd20b75d chore(databases): bump default postgres version while creating to 18 2026-01-03 15:16:11 +01:00
luojiyin
3142818cf2 fix(docker): use ENV for HOSTNAME and exec form CMD 2025-12-13 15:33:24 +08:00
luojiyin
d8465ac251 config: set port env 2025-12-13 12:36:15 +08:00
luojiyin
c33b41d082 fix(docker): use ENV for HOSTNAME and exec form CMD 2025-12-13 12:32:01 +08:00
luojiyin
3eea875932 code clear 2025-12-13 12:30:30 +08:00
92 changed files with 48521 additions and 544 deletions
Expand all files Collapse all files

3
Dockerfile.schedule
View File

@@ -35,4 +35,5 @@ COPY --from=build /prod/schedules/dist ./dist
COPY --from=build /prod/schedules/package.json ./package.json
COPY --from=build /prod/schedules/node_modules ./node_modules
CMD HOSTNAME=0.0.0.0 && pnpm start
ENV HOSTNAME=0.0.0.0
CMD ["pnpm", "start"]

3
Dockerfile.server
View File

@@ -35,4 +35,5 @@ COPY --from=build /prod/api/dist ./dist
COPY --from=build /prod/api/package.json ./package.json
COPY --from=build /prod/api/node_modules ./node_modules
CMD HOSTNAME=0.0.0.0 && pnpm start
ENV HOSTNAME=0.0.0.0
CMD ["pnpm", "start"]

1
apps/dokploy/__test__/drop/drop.test.ts
View File

@@ -29,6 +29,7 @@ const baseApp: ApplicationNested = {
applicationId: "",
previewLabels: [],
createEnvFile: true,
bitbucketRepositorySlug: "",
herokuVersion: "",
giteaBranch: "",
buildServerId: "",

1
apps/dokploy/__test__/traefik/traefik.test.ts
View File

@@ -8,6 +8,7 @@ const baseApp: ApplicationNested = {
applicationId: "",
previewLabels: [],
createEnvFile: true,
bitbucketRepositorySlug: "",
herokuVersion: "",
giteaRepository: "",
giteaOwner: "",

15
apps/dokploy/components/dashboard/application/advanced/cluster/swarm-forms/health-check-form.tsx
View File

@@ -31,7 +31,6 @@ interface HealthCheckFormProps {
export const HealthCheckForm = ({ id, type }: HealthCheckFormProps) => {
const [isLoading, setIsLoading] = useState(false);
const [testCommands, setTestCommands] = useState<string[]>([]);
const queryMap = {
postgres: () =>
@@ -72,6 +71,8 @@ export const HealthCheckForm = ({ id, type }: HealthCheckFormProps) => {
},
});
const testCommands = form.watch("Test") || [];
useEffect(() => {
if (data?.healthCheckSwarm) {
const hc = data.healthCheckSwarm;
@@ -82,7 +83,6 @@ export const HealthCheckForm = ({ id, type }: HealthCheckFormProps) => {
StartPeriod: hc.StartPeriod,
Retries: hc.Retries,
});
setTestCommands(hc.Test || []);
}
}, [data, form]);
@@ -117,17 +117,20 @@ export const HealthCheckForm = ({ id, type }: HealthCheckFormProps) => {
};
const addTestCommand = () => {
setTestCommands([...testCommands, ""]);
form.setValue("Test", [...testCommands, ""]);
};
const updateTestCommand = (index: number, value: string) => {
const newCommands = [...testCommands];
newCommands[index] = value;
setTestCommands(newCommands);
form.setValue("Test", newCommands);
};
const removeTestCommand = (index: number) => {
setTestCommands(testCommands.filter((_, i) => i !== index));
form.setValue(
"Test",
testCommands.filter((_: string, i: number) => i !== index),
);
};
return (
@@ -140,7 +143,7 @@ export const HealthCheckForm = ({ id, type }: HealthCheckFormProps) => {
http://localhost:3000/health"])
</FormDescription>
<div className="space-y-2 mt-2">
{testCommands.map((cmd, index) => (
{testCommands.map((cmd: string, index: number) => (
<div key={index} className="flex gap-2">
<Input
value={cmd}

16
apps/dokploy/components/dashboard/application/advanced/cluster/swarm-forms/index.ts
View File

@@ -1,10 +1,10 @@
export { HealthCheckForm } from "./health-check-form";
export { RestartPolicyForm } from "./restart-policy-form";
export { PlacementForm } from "./placement-form";
export { UpdateConfigForm } from "./update-config-form";
export { RollbackConfigForm } from "./rollback-config-form";
export { ModeForm } from "./mode-form";
export { LabelsForm } from "./labels-form";
export { StopGracePeriodForm } from "./stop-grace-period-form";
export { EndpointSpecForm } from "./endpoint-spec-form";
export { HealthCheckForm } from "./health-check-form";
export { LabelsForm } from "./labels-form";
export { ModeForm } from "./mode-form";
export { PlacementForm } from "./placement-form";
export { RestartPolicyForm } from "./restart-policy-form";
export { RollbackConfigForm } from "./rollback-config-form";
export { StopGracePeriodForm } from "./stop-grace-period-form";
export { UpdateConfigForm } from "./update-config-form";
export { filterEmptyValues, hasValues } from "./utils";

13
apps/dokploy/components/dashboard/application/advanced/cluster/swarm-forms/placement-form.tsx
View File

@@ -17,9 +17,7 @@ import { Input } from "@/components/ui/input";
import { api } from "@/utils/api";
const PreferenceSchema = z.object({
Spread: z.object({
SpreadDescriptor: z.string(),
}),
SpreadDescriptor: z.string(),
});
const PlatformSchema = z.object({
@@ -116,7 +114,14 @@ export const PlacementForm = ({ id, type }: PlacementFormProps) => {
mysqlId: id || "",
mariadbId: id || "",
mongoId: id || "",
placementSwarm: hasAnyValue ? formData : null,
placementSwarm: hasAnyValue
? {
...formData,
Preferences: formData.Preferences?.map((p) => ({
Spread: { SpreadDescriptor: p.SpreadDescriptor },
})),
}
: null,
});
toast.success("Placement updated successfully");

15
apps/dokploy/components/dashboard/application/general/generic/save-bitbucket-provider.tsx
View File

@@ -54,6 +54,7 @@ const BitbucketProviderSchema = z.object({
.object({
repo: z.string().min(1, "Repo is required"),
owner: z.string().min(1, "Owner is required"),
slug: z.string().optional(),
})
.required(),
branch: z.string().min(1, "Branch is required"),
@@ -82,6 +83,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
repository: {
owner: "",
repo: "",
slug: "",
},
bitbucketId: "",
branch: "",
@@ -114,11 +116,14 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
} = api.bitbucket.getBitbucketBranches.useQuery(
{
owner: repository?.owner,
repo: repository?.repo,
repo: repository?.slug || repository?.repo || "",
bitbucketId,
},
{
enabled: !!repository?.owner && !!repository?.repo && !!bitbucketId,
enabled:
!!repository?.owner &&
!!(repository?.slug || repository?.repo) &&
!!bitbucketId,
},
);
@@ -129,6 +134,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
repository: {
repo: data.bitbucketRepository || "",
owner: data.bitbucketOwner || "",
slug: data.bitbucketRepositorySlug || "",
},
buildPath: data.bitbucketBuildPath || "/",
bitbucketId: data.bitbucketId || "",
@@ -142,6 +148,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
await mutateAsync({
bitbucketBranch: data.branch,
bitbucketRepository: data.repository.repo,
bitbucketRepositorySlug: data.repository.slug || data.repository.repo,
bitbucketOwner: data.repository.owner,
bitbucketBuildPath: data.buildPath,
bitbucketId: data.bitbucketId,
@@ -181,6 +188,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
form.setValue("repository", {
owner: "",
repo: "",
slug: "",
});
form.setValue("branch", "");
}}
@@ -217,7 +225,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
<FormLabel>Repository</FormLabel>
{field.value.owner && field.value.repo && (
<Link
href={`https://bitbucket.org/${field.value.owner}/${field.value.repo}`}
href={`https://bitbucket.org/${field.value.owner}/${field.value.slug || field.value.repo}`}
target="_blank"
rel="noopener noreferrer"
className="flex items-center gap-1 text-sm text-muted-foreground hover:text-primary"
@@ -271,6 +279,7 @@ export const SaveBitbucketProvider = ({ applicationId }: Props) => {
form.setValue("repository", {
owner: repo.owner.username as string,
repo: repo.name,
slug: repo.slug,
});
form.setValue("branch", "");
}}

15
apps/dokploy/components/dashboard/compose/general/generic/save-bitbucket-provider-compose.tsx
View File

@@ -54,6 +54,7 @@ const BitbucketProviderSchema = z.object({
.object({
repo: z.string().min(1, "Repo is required"),
owner: z.string().min(1, "Owner is required"),
slug: z.string().optional(),
})
.required(),
branch: z.string().min(1, "Branch is required"),
@@ -82,6 +83,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
repository: {
owner: "",
repo: "",
slug: "",
},
bitbucketId: "",
branch: "",
@@ -114,11 +116,14 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
} = api.bitbucket.getBitbucketBranches.useQuery(
{
owner: repository?.owner,
repo: repository?.repo,
repo: repository?.slug || repository?.repo || "",
bitbucketId,
},
{
enabled: !!repository?.owner && !!repository?.repo && !!bitbucketId,
enabled:
!!repository?.owner &&
!!(repository?.slug || repository?.repo) &&
!!bitbucketId,
},
);
@@ -129,6 +134,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
repository: {
repo: data.bitbucketRepository || "",
owner: data.bitbucketOwner || "",
slug: data.bitbucketRepositorySlug || "",
},
composePath: data.composePath,
bitbucketId: data.bitbucketId || "",
@@ -142,6 +148,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
await mutateAsync({
bitbucketBranch: data.branch,
bitbucketRepository: data.repository.repo,
bitbucketRepositorySlug: data.repository.slug || data.repository.repo,
bitbucketOwner: data.repository.owner,
bitbucketId: data.bitbucketId,
composePath: data.composePath,
@@ -183,6 +190,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
form.setValue("repository", {
owner: "",
repo: "",
slug: "",
});
form.setValue("branch", "");
}}
@@ -219,7 +227,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
<FormLabel>Repository</FormLabel>
{field.value.owner && field.value.repo && (
<Link
href={`https://bitbucket.org/${field.value.owner}/${field.value.repo}`}
href={`https://bitbucket.org/${field.value.owner}/${field.value.slug || field.value.repo}`}
target="_blank"
rel="noopener noreferrer"
className="flex items-center gap-1 text-sm text-muted-foreground hover:text-primary"
@@ -273,6 +281,7 @@ export const SaveBitbucketProviderCompose = ({ composeId }: Props) => {
form.setValue("repository", {
owner: repo.owner.username as string,
repo: repo.name,
slug: repo.slug,
});
form.setValue("branch", "");
}}

2
apps/dokploy/components/dashboard/postgres/advanced/show-custom-command.tsx
View File

@@ -129,7 +129,7 @@ export const ShowCustomCommand = ({ id, type }: Props) => {
<FormItem>
<FormLabel>Docker Image</FormLabel>
<FormControl>
<Input placeholder="postgres:15" {...field} />
<Input placeholder="postgres:18" {...field} />
</FormControl>
<FormMessage />

2
apps/dokploy/components/dashboard/project/add-database.tsx
View File

@@ -58,7 +58,7 @@ const dockerImageDefaultPlaceholder: Record<DbType, string> = {
mongo: "mongo:7",
mariadb: "mariadb:11",
mysql: "mysql:8",
postgres: "postgres:15",
postgres: "postgres:18",
redis: "redis:7",
};

221
apps/dokploy/components/dashboard/settings/notifications/handle-notifications.tsx
View File

@@ -15,6 +15,7 @@ import {
GotifyIcon,
LarkIcon,
NtfyIcon,
PushoverIcon,
SlackIcon,
TelegramIcon,
} from "@/components/icons/notification-icons";
@@ -114,6 +115,16 @@ export const notificationSchema = z.discriminatedUnion("type", [
priority: z.number().min(1).max(5).default(3),
})
.merge(notificationBaseSchema),
z
.object({
type: z.literal("pushover"),
userKey: z.string().min(1, { message: "User Key is required" }),
apiToken: z.string().min(1, { message: "API Token is required" }),
priority: z.number().min(-2).max(2).default(0),
retry: z.number().min(30).nullish(),
expire: z.number().min(1).max(10800).nullish(),
})
.merge(notificationBaseSchema),
z
.object({
type: z.literal("custom"),
@@ -166,6 +177,10 @@ export const notificationsMap = {
icon: <NtfyIcon />,
label: "ntfy",
},
pushover: {
icon: <PushoverIcon />,
label: "Pushover",
},
custom: {
icon: <PenBoxIcon size={29} className="text-muted-foreground" />,
label: "Custom",
@@ -209,6 +224,9 @@ export const HandleNotifications = ({ notificationId }: Props) => {
const { mutateAsync: testCustomConnection, isLoading: isLoadingCustom } =
api.notification.testCustomConnection.useMutation();
const { mutateAsync: testPushoverConnection, isLoading: isLoadingPushover } =
api.notification.testPushoverConnection.useMutation();
const customMutation = notificationId
? api.notification.updateCustom.useMutation()
: api.notification.createCustom.useMutation();
@@ -233,6 +251,9 @@ export const HandleNotifications = ({ notificationId }: Props) => {
const larkMutation = notificationId
? api.notification.updateLark.useMutation()
: api.notification.createLark.useMutation();
const pushoverMutation = notificationId
? api.notification.updatePushover.useMutation()
: api.notification.createPushover.useMutation();
const form = useForm<NotificationSchema>({
defaultValues: {
@@ -393,6 +414,23 @@ export const HandleNotifications = ({ notificationId }: Props) => {
dockerCleanup: notification.dockerCleanup,
serverThreshold: notification.serverThreshold,
});
} else if (notification.notificationType === "pushover") {
form.reset({
appBuildError: notification.appBuildError,
appDeploy: notification.appDeploy,
dokployRestart: notification.dokployRestart,
databaseBackup: notification.databaseBackup,
volumeBackup: notification.volumeBackup,
type: notification.notificationType,
userKey: notification.pushover?.userKey,
apiToken: notification.pushover?.apiToken,
priority: notification.pushover?.priority,
retry: notification.pushover?.retry ?? undefined,
expire: notification.pushover?.expire ?? undefined,
name: notification.name,
dockerCleanup: notification.dockerCleanup,
serverThreshold: notification.serverThreshold,
});
}
} else {
form.reset();
@@ -408,6 +446,7 @@ export const HandleNotifications = ({ notificationId }: Props) => {
ntfy: ntfyMutation,
lark: larkMutation,
custom: customMutation,
pushover: pushoverMutation,
};
const onSubmit = async (data: NotificationSchema) => {
@@ -559,6 +598,28 @@ export const HandleNotifications = ({ notificationId }: Props) => {
notificationId: notificationId || "",
customId: notification?.customId || "",
});
} else if (data.type === "pushover") {
if (data.priority === 2 && (data.retry == null || data.expire == null)) {
toast.error("Retry and expire are required for emergency priority (2)");
return;
}
promise = pushoverMutation.mutateAsync({
appBuildError: appBuildError,
appDeploy: appDeploy,
dokployRestart: dokployRestart,
databaseBackup: databaseBackup,
volumeBackup: volumeBackup,
userKey: data.userKey,
apiToken: data.apiToken,
priority: data.priority,
retry: data.priority === 2 ? data.retry : undefined,
expire: data.priority === 2 ? data.expire : undefined,
name: data.name,
dockerCleanup: dockerCleanup,
serverThreshold: serverThreshold,
notificationId: notificationId || "",
pushoverId: notification?.pushoverId || "",
});
}
if (promise) {
@@ -1255,6 +1316,147 @@ export const HandleNotifications = ({ notificationId }: Props) => {
/>
</>
)}
{type === "pushover" && (
<>
<FormField
control={form.control}
name="userKey"
render={({ field }) => (
<FormItem>
<FormLabel>User Key</FormLabel>
<FormControl>
<Input placeholder="ub3de9kl2q..." {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="apiToken"
render={({ field }) => (
<FormItem>
<FormLabel>API Token</FormLabel>
<FormControl>
<Input placeholder="a3d9k2q7m4..." {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="priority"
defaultValue={0}
render={({ field }) => (
<FormItem className="w-full">
<FormLabel>Priority</FormLabel>
<FormControl>
<Input
placeholder="0"
value={field.value ?? 0}
onChange={(e) => {
const value = e.target.value;
if (value === "" || value === "-") {
field.onChange(0);
} else {
const priority = Number.parseInt(value);
if (
!Number.isNaN(priority) &&
priority >= -2 &&
priority <= 2
) {
field.onChange(priority);
}
}
}}
type="number"
min={-2}
max={2}
/>
</FormControl>
<FormDescription>
Message priority (-2 to 2, default: 0, emergency: 2)
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
{form.watch("priority") === 2 && (
<>
<FormField
control={form.control}
name="retry"
render={({ field }) => (
<FormItem className="w-full">
<FormLabel>Retry (seconds)</FormLabel>
<FormControl>
<Input
placeholder="30"
{...field}
value={field.value ?? ""}
onChange={(e) => {
const value = e.target.value;
if (value === "") {
field.onChange(undefined);
} else {
const retry = Number.parseInt(value);
if (!Number.isNaN(retry)) {
field.onChange(retry);
}
}
}}
type="number"
min={30}
/>
</FormControl>
<FormDescription>
How often (in seconds) to retry. Minimum 30
seconds.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="expire"
render={({ field }) => (
<FormItem className="w-full">
<FormLabel>Expire (seconds)</FormLabel>
<FormControl>
<Input
placeholder="3600"
{...field}
value={field.value ?? ""}
onChange={(e) => {
const value = e.target.value;
if (value === "") {
field.onChange(undefined);
} else {
const expire = Number.parseInt(value);
if (!Number.isNaN(expire)) {
field.onChange(expire);
}
}
}}
type="number"
min={1}
max={10800}
/>
</FormControl>
<FormDescription>
How long to keep retrying (max 10800 seconds / 3
hours).
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
</>
)}
</>
)}
</div>
</div>
<div className="flex flex-col gap-4">
@@ -1428,7 +1630,8 @@ export const HandleNotifications = ({ notificationId }: Props) => {
isLoadingGotify ||
isLoadingNtfy ||
isLoadingLark ||
isLoadingCustom
isLoadingCustom ||
isLoadingPushover
}
variant="secondary"
type="button"
@@ -1497,6 +1700,22 @@ export const HandleNotifications = ({ notificationId }: Props) => {
endpoint: data.endpoint,
headers: headersRecord,
});
} else if (data.type === "pushover") {
if (
data.priority === 2 &&
(data.retry == null || data.expire == null)
) {
throw new Error(
"Retry and expire are required for emergency priority (2)",
);
}
await testPushoverConnection({
userKey: data.userKey,
apiToken: data.apiToken,
priority: data.priority,
retry: data.priority === 2 ? data.retry : undefined,
expire: data.priority === 2 ? data.expire : undefined,
});
}
toast.success("Connection Success");
} catch (error) {

26
apps/dokploy/components/icons/notification-icons.tsx
View File

@@ -231,3 +231,29 @@ export const NtfyIcon = ({ className }: Props) => {
</svg>
);
};
export const PushoverIcon = ({ className }: Props) => {
return (
<svg
viewBox="0 0 600 600"
className={cn("size-8", className)}
xmlns="http://www.w3.org/2000/svg"
>
<g stroke="none" strokeWidth="1">
<ellipse
style={{ fillRule: "evenodd" }}
fill="#249DF1"
transform="matrix(-0.674571, 0.73821, -0.73821, -0.674571, 556.833239, 241.613465)"
cx="216.308"
cy="152.076"
rx="296.855"
ry="296.855"
/>
<path
fill="#FFFFFF"
d="M 280.949 172.514 L 355.429 162.714 L 282.909 326.374 L 282.909 326.374 C 295.649 325.394 308.142 321.067 320.389 313.394 L 320.389 313.394 L 320.389 313.394 C 332.642 305.714 343.916 296.077 354.209 284.484 L 354.209 284.484 L 354.209 284.484 C 364.496 272.884 373.396 259.981 380.909 245.774 L 380.909 245.774 L 380.909 245.774 C 388.422 231.561 393.812 217.594 397.079 203.874 L 397.079 203.874 L 397.079 203.874 C 399.039 195.381 399.939 187.214 399.779 179.374 L 399.779 179.374 L 399.779 179.374 C 399.612 171.534 397.569 164.674 393.649 158.794 L 393.649 158.794 L 393.649 158.794 C 389.729 152.914 383.766 148.177 375.759 144.584 L 375.759 144.584 L 375.759 144.584 C 367.759 140.991 356.899 139.194 343.179 139.194 L 343.179 139.194 L 343.179 139.194 C 327.172 139.194 311.409 141.807 295.889 147.034 L 295.889 147.034 L 295.889 147.034 C 280.376 152.261 266.002 159.857 252.769 169.824 L 252.769 169.824 L 252.769 169.824 C 239.542 179.784 228.029 192.197 218.229 207.064 L 218.229 207.064 L 218.229 207.064 C 208.429 221.924 201.406 238.827 197.159 257.774 L 197.159 257.774 L 197.159 257.774 C 195.526 263.981 194.546 268.961 194.219 272.714 L 194.219 272.714 L 194.219 272.714 C 193.892 276.474 193.812 279.577 193.979 282.024 L 193.979 282.024 L 193.979 282.024 C 194.139 284.477 194.462 286.357 194.949 287.664 L 194.949 287.664 L 194.949 287.664 C 195.442 288.971 195.852 290.277 196.179 291.584 L 196.179 291.584 L 196.179 291.584 C 179.519 291.584 167.349 288.234 159.669 281.534 L 159.669 281.534 L 159.669 281.534 C 151.996 274.841 150.119 263.164 154.039 246.504 L 154.039 246.504 L 154.039 246.504 C 157.959 229.191 166.862 212.694 180.749 197.014 L 180.749 197.014 L 180.749 197.014 C 194.629 181.334 211.122 167.531 230.229 155.604 L 230.229 155.604 L 230.229 155.604 C 249.342 143.684 270.249 134.214 292.949 127.194 L 292.949 127.194 L 292.949 127.194 C 315.656 120.167 337.789 116.654 359.349 116.654 L 359.349 116.654 L 359.349 116.654 C 378.296 116.654 394.219 119.347 407.119 124.734 L 407.119 124.734 L 407.119 124.734 C 420.026 130.127 430.072 137.234 437.259 146.054 L 437.259 146.054 L 437.259 146.054 C 444.446 154.874 448.936 165.164 450.729 176.924 L 450.729 176.924 L 450.729 176.924 C 452.529 188.684 451.959 200.934 449.019 213.674 L 449.019 213.674 L 449.019 213.674 C 445.426 229.027 438.646 244.464 428.679 259.984 L 428.679 259.984 L 428.679 259.984 C 418.719 275.497 406.226 289.544 391.199 302.124 L 391.199 302.124 L 391.199 302.124 C 376.172 314.697 358.939 324.904 339.499 332.744 L 339.499 332.744 L 339.499 332.744 C 320.066 340.584 299.406 344.504 277.519 344.504 L 277.519 344.504 L 275.069 344.504 L 212.839 484.154 L 142.279 484.154 L 280.949 172.514 Z"
/>
</g>
</svg>
);
};

18
apps/dokploy/components/layouts/onboarding-layout.tsx
View File

@@ -4,21 +4,35 @@ import { cn } from "@/lib/utils";
import { GithubIcon } from "../icons/data-tools-icons";
import { Logo } from "../shared/logo";
import { Button } from "../ui/button";
import { api } from "@/utils/api";
interface Props {
children: React.ReactNode;
}
export const OnboardingLayout = ({ children }: Props) => {
const { data: whitelabel } = api.settings.getWhitelabelSettings.useQuery();
const appName = whitelabel?.whitelabelAppName ?? "Dokploy";
const logoUrl =
whitelabel?.whitelabelLogoUrl ?? whitelabel?.whitelabelLoginLogoUrl;
return (
<div className="container relative min-h-svh flex-col items-center justify-center flex lg:max-w-none lg:grid lg:grid-cols-2 lg:px-0 w-full">
<div className="relative hidden h-full flex-col p-10 text-primary dark:border-r lg:flex">
<div className="absolute inset-0 bg-muted" />
{whitelabel?.whitelabelLoginBackgroundImageUrl && (
<div
className="absolute inset-0 bg-cover bg-center bg-no-repeat opacity-30"
style={{
backgroundImage: `url(${whitelabel.whitelabelLoginBackgroundImageUrl})`,
}}
/>
)}
<Link
href="https://dokploy.com"
className="relative z-20 flex items-center text-lg font-medium gap-4 text-primary"
>
<Logo className="size-10" />
Dokploy
<Logo className="size-10" logoUrl={logoUrl ?? undefined} />
{appName}
</Link>
<div className="relative z-20 mt-auto">
<blockquote className="space-y-2">

41
apps/dokploy/components/layouts/side.tsx
View File

@@ -18,10 +18,13 @@ import {
Forward,
GalleryVerticalEnd,
GitBranch,
Key,
KeyRound,
Loader2,
LogIn,
type LucideIcon,
Package,
Palette,
PieChart,
Server,
ShieldCheck,
@@ -396,6 +399,33 @@ const MENU: Menu = {
// Only enabled for admins in cloud environments
isEnabled: ({ auth, isCloud }) => !!(auth?.role === "owner" && isCloud),
},
{
isSingle: true,
title: "License",
url: "/dashboard/settings/license",
icon: Key,
// Only enabled for admins in non-cloud environments
isEnabled: ({ auth, isCloud }) =>
!!((auth?.role === "owner" || auth?.role === "admin") && !isCloud),
},
{
isSingle: true,
title: "SSO",
url: "/dashboard/settings/sso",
icon: LogIn,
// Enabled for admins in both cloud and self-hosted (enterprise)
isEnabled: ({ auth }) =>
!!(auth?.role === "owner" || auth?.role === "admin"),
},
{
isSingle: true,
title: "Whitelabeling",
url: "/dashboard/settings/whitelabelling",
icon: Palette,
// Enterprise only page shows gate if no license
isEnabled: ({ auth }) =>
!!(auth?.role === "owner" || auth?.role === "admin"),
},
],
help: [
@@ -526,6 +556,7 @@ function SidebarLogo() {
refetch,
isLoading,
} = api.organization.all.useQuery();
const { data: whitelabel } = api.settings.getWhitelabelSettings.useQuery();
const { mutateAsync: deleteOrganization, isLoading: isRemoving } =
api.organization.delete.useMutation();
const { mutateAsync: setDefaultOrganization, isLoading: isSettingDefault } =
@@ -591,7 +622,11 @@ function SidebarLogo() {
"transition-all",
state === "collapsed" ? "size-4" : "size-5",
)}
logoUrl={activeOrganization?.logo || undefined}
logoUrl={
activeOrganization?.logo ||
whitelabel?.whitelabelLogoUrl ||
undefined
}
/>
</div>
<div
@@ -601,7 +636,9 @@ function SidebarLogo() {
)}
>
<p className="text-sm font-medium leading-none">
{activeOrganization?.name ?? "Select Organization"}
{activeOrganization?.name ??
whitelabel?.whitelabelAppName ??
"Select Organization"}
</p>
</div>
</div>

47
apps/dokploy/components/proprietary/auth/sign-in-with-github.tsx Normal file
View File

@@ -0,0 +1,47 @@
"use client";
import { useState } from "react";
import { toast } from "sonner";
import { authClient } from "@/lib/auth-client";
import { Button } from "@/components/ui/button";
export function SignInWithGithub() {
const [isLoading, setIsLoading] = useState(false);
const handleClick = async () => {
setIsLoading(true);
try {
const { error } = await authClient.signIn.social({
provider: "github",
});
if (error) {
toast.error(error.message);
return;
}
} catch (err) {
toast.error("An error occurred while signing in with GitHub", {
description: err instanceof Error ? err.message : "Unknown error",
});
} finally {
setIsLoading(false);
}
};
return (
<Button
variant="outline"
type="button"
className="w-full mb-4"
onClick={handleClick}
isLoading={isLoading}
>
<svg viewBox="0 0 438.549 438.549" className="mr-2 size-4">
<path
fill="currentColor"
d="M409.132 114.573c-19.608-33.596-46.205-60.194-79.798-79.8-33.598-19.607-70.277-29.408-110.063-29.408-39.781 0-76.472 9.804-110.063 29.408-33.596 19.605-60.192 46.204-79.8 79.8C9.803 148.168 0 184.854 0 224.63c0 47.78 13.94 90.745 41.827 128.906 27.884 38.164 63.906 64.572 108.063 79.227 5.14.954 8.945.283 11.419-1.996 2.475-2.282 3.711-5.14 3.711-8.562 0-.571-.049-5.708-.144-15.417a2549.81 2549.81 0 01-.144-25.406l-6.567 1.136c-4.187.767-9.469 1.092-15.846 1-6.374-.089-12.991-.757-19.842-1.999-6.854-1.231-13.229-4.086-19.13-8.559-5.898-4.473-10.085-10.328-12.56-17.556l-2.855-6.57c-1.903-4.374-4.899-9.233-8.992-14.559-4.093-5.331-8.232-8.945-12.419-10.848l-1.999-1.431c-1.332-.951-2.568-2.098-3.711-3.429-1.142-1.331-1.997-2.663-2.568-3.997-.572-1.335-.098-2.43 1.427-3.289 1.525-.859 4.281-1.276 8.28-1.276l5.708.853c3.807.763 8.516 3.042 14.133 6.851 5.614 3.806 10.229 8.754 13.846 14.842 4.38 7.806 9.657 13.754 15.846 17.847 6.184 4.093 12.419 6.136 18.699 6.136 6.28 0 11.704-.476 16.274-1.423 4.565-.952 8.848-2.383 12.847-4.285 1.713-12.758 6.377-22.559 13.988-29.41-10.848-1.14-20.601-2.857-29.264-5.14-8.658-2.286-17.605-5.996-26.835-11.14-9.235-5.137-16.896-11.516-22.985-19.126-6.09-7.614-11.088-17.61-14.987-29.979-3.901-12.374-5.852-26.648-5.852-42.826 0-23.035 7.52-42.637 22.557-58.817-7.044-17.318-6.379-36.732 1.997-58.24 5.52-1.715 13.706-.428 24.554 3.853 10.85 4.283 18.794 7.952 23.84 10.994 5.046 3.041 9.089 5.618 12.135 7.708 17.705-4.947 35.976-7.421 54.818-7.421s37.117 2.474 54.823 7.421l10.849-6.849c7.419-4.57 16.18-8.758 26.262-12.565 10.088-3.805 17.802-4.853 23.134-3.138 8.562 21.509 9.325 40.922 2.279 58.24 15.036 16.18 22.559 35.787 22.559 58.817 0 16.178-1.958 30.497-5.853 42.966-3.9 12.471-8.941 22.457-15.125 29.979-6.191 7.521-13.901 13.85-23.131 18.986-9.232 5.14-18.182 8.85-26.84 11.136-8.662 2.286-18.415 4.004-29.263 5.146 9.894 8.562 14.842 22.077 14.842 40.539v60.237c0 3.422 1.19 6.279 3.572 8.562 2.379 2.279 6.136 2.95 11.276 1.995 44.163-14.653 80.185-41.062 108.068-79.226 27.88-38.161 41.825-81.126 41.825-128.906-.01-39.771-9.818-76.454-29.414-110.049z"
/>
</svg>
Sign in with GitHub
</Button>
);
}

59
apps/dokploy/components/proprietary/auth/sign-in-with-google.tsx Normal file
View File

@@ -0,0 +1,59 @@
"use client";
import { useState } from "react";
import { toast } from "sonner";
import { authClient } from "@/lib/auth-client";
import { Button } from "@/components/ui/button";
export function SignInWithGoogle() {
const [isLoading, setIsLoading] = useState(false);
const handleClick = async () => {
setIsLoading(true);
try {
const { error } = await authClient.signIn.social({
provider: "google",
});
if (error) {
toast.error(error.message);
return;
}
} catch (err) {
toast.error("An error occurred while signing in with Google", {
description: err instanceof Error ? err.message : "Unknown error",
});
} finally {
setIsLoading(false);
}
};
return (
<Button
variant="outline"
type="button"
className="w-full mb-4"
onClick={handleClick}
isLoading={isLoading}
>
<svg viewBox="0 0 24 24" className="mr-2 size-4">
<path
fill="currentColor"
d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z"
/>
<path
fill="currentColor"
d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"
/>
<path
fill="currentColor"
d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z"
/>
<path
fill="currentColor"
d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"
/>
</svg>
Sign in with Google
</Button>
);
}

114
apps/dokploy/components/proprietary/enterprise-feature-gate.tsx Normal file
View File

@@ -0,0 +1,114 @@
"use client";
import { Loader2, Lock } from "lucide-react";
import Link from "next/link";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardHeader,
CardTitle,
} from "@/components/ui/card";
import { api } from "@/utils/api";
interface EnterpriseFeatureLockedProps {
/** Optional title override */
title?: string;
/** Optional description override */
description?: string;
/** Optional custom CTA label */
ctaLabel?: string;
/** Optional CTA href (default: /dashboard/settings/license) */
ctaHref?: string;
/** Compact variant (less padding, smaller icon) */
compact?: boolean;
}
/**
* Displays a locked state for enterprise features when the user has no valid license.
* Use standalone or via EnterpriseFeatureGate.
*/
export function EnterpriseFeatureLocked({
title = "Enterprise feature",
description = "This feature is part of Dokploy Enterprise. Add a valid license to use it.",
ctaLabel = "Go to License",
ctaHref = "/dashboard/settings/license",
compact = false,
}: EnterpriseFeatureLockedProps) {
return (
<Card className="border-dashed bg-transparent">
<CardHeader className={compact ? "pb-2" : undefined}>
<div className="flex flex-col items-center gap-3 text-center">
<div
className={
compact
? "rounded-full bg-muted p-3"
: "rounded-full bg-muted p-4"
}
>
<Lock
className={
compact
? "size-6 text-muted-foreground"
: "size-8 text-muted-foreground"
}
/>
</div>
<div className="space-y-1">
<CardTitle className="text-lg">{title}</CardTitle>
<CardDescription className="max-w-sm mx-auto">
{description}
</CardDescription>
</div>
</div>
</CardHeader>
<CardContent className={compact ? "pt-0" : undefined}>
<div className="flex justify-center">
<Button asChild variant="secondary" size={compact ? "sm" : "default"}>
<Link href={ctaHref}>{ctaLabel}</Link>
</Button>
</div>
</CardContent>
</Card>
);
}
interface EnterpriseFeatureGateProps {
children: React.ReactNode;
/** Props for the locked state when license is invalid */
lockedProps?: Omit<EnterpriseFeatureLockedProps, "compact">;
/** Show loading spinner while checking license */
fallback?: React.ReactNode;
}
/**
* Renders children only when the instance has a valid enterprise license.
* Otherwise shows EnterpriseFeatureLocked.
*/
export function EnterpriseFeatureGate({
children,
lockedProps,
fallback,
}: EnterpriseFeatureGateProps) {
const { data: haveValidLicense, isLoading } =
api.licenseKey.haveValidLicenseKey.useQuery();
if (isLoading) {
if (fallback) return <>{fallback}</>;
return (
<div className="flex items-center gap-2 justify-center min-h-[25vh]">
<Loader2 className="size-6 text-muted-foreground animate-spin" />
<span className="text-sm text-muted-foreground">
Checking license...
</span>
</div>
);
}
if (!haveValidLicense) {
return <EnterpriseFeatureLocked {...lockedProps} />;
}
return <>{children}</>;
}

232
apps/dokploy/components/proprietary/license-keys/license-key.tsx Normal file
View File

@@ -0,0 +1,232 @@
import { Key, Loader2, ShieldCheck } from "lucide-react";
import Link from "next/link";
import { useEffect, useState } from "react";
import { toast } from "sonner";
import { DialogAction } from "@/components/shared/dialog-action";
import { Button } from "@/components/ui/button";
import { CardTitle } from "@/components/ui/card";
import { Input } from "@/components/ui/input";
import { Switch } from "@/components/ui/switch";
import { api } from "@/utils/api";
export function LicenseKeySettings() {
const utils = api.useUtils();
const { data, isLoading } = api.licenseKey.getEnterpriseSettings.useQuery();
const { mutateAsync: updateEnterpriseSettings, isLoading: isSaving } =
api.licenseKey.updateEnterpriseSettings.useMutation();
const { mutateAsync: activateLicenseKey, isLoading: isActivating } =
api.licenseKey.activate.useMutation();
const { mutateAsync: validateLicenseKey, isLoading: isValidating } =
api.licenseKey.validate.useMutation();
const { mutateAsync: deactivateLicenseKey, isLoading: isDeactivating } =
api.licenseKey.deactivate.useMutation();
const { data: haveValidLicenseKey, isLoading: isCheckingLicenseKey } =
api.licenseKey.haveValidLicenseKey.useQuery();
const [licenseKey, setLicenseKey] = useState("");
useEffect(() => {
if (data?.licenseKey) {
setLicenseKey(data.licenseKey);
}
}, [data?.licenseKey]);
const enabled = !!data?.enableEnterpriseFeatures;
return (
<div className="flex flex-col gap-4 rounded-lg border p-4">
{isCheckingLicenseKey ? (
<div className="flex items-center gap-2 justify-center min-h-[25vh]">
<Loader2 className="size-6 text-muted-foreground animate-spin" />
<span className="text-sm text-muted-foreground">
Checking license key...
</span>
</div>
) : (
<>
<div className="flex flex-col gap-2">
<div className="flex items-center justify-between gap-4">
<div className="flex items-center gap-2">
<Key className="size-6 text-muted-foreground" />
<CardTitle className="text-xl">License Key</CardTitle>
</div>
{enabled && (
<div className="flex items-center gap-2">
<span className="text-xs text-muted-foreground">
{enabled ? "Enabled" : "Disabled"}
</span>
<Switch
checked={enabled}
disabled={isLoading || isSaving || isDeactivating}
onCheckedChange={async (next) => {
try {
await updateEnterpriseSettings({
enableEnterpriseFeatures: next,
});
await utils.licenseKey.getEnterpriseSettings.invalidate();
toast.success("Enterprise features updated");
} catch (error) {
console.error(error);
toast.error("Failed to update enterprise features");
}
}}
/>
</div>
)}
</div>
<p className="text-sm text-muted-foreground">
To unlock extra features you need an enterprise license key.
Contact us{" "}
<Link
href="https://dokploy.com/contact"
target="_blank"
rel="noreferrer"
className="underline underline-offset-4"
>
here
</Link>
.
</p>
</div>
{enabled ? (
<>
<div className="grid gap-3 md:grid-cols-[1fr_auto] md:items-end">
<div className="space-y-2">
<label className="text-sm font-medium" htmlFor="licenseKey">
License Key
</label>
<Input
id="licenseKey"
placeholder="Enter your enterprise license key"
value={licenseKey}
onChange={(e) => setLicenseKey(e.target.value)}
/>
</div>
<div className="md:justify-self-end flex gap-2">
{haveValidLicenseKey && (
<DialogAction
title="Deactivate License Key"
description="Are you sure you want to deactivate this license key? This will disable enterprise features."
onClick={async () => {
try {
await deactivateLicenseKey();
await utils.licenseKey.getEnterpriseSettings.invalidate();
await utils.licenseKey.haveValidLicenseKey.invalidate();
setLicenseKey("");
toast.success("License key deactivated");
} catch (error) {
console.error(error);
toast.error(
error instanceof Error
? error.message
: "Failed to deactivate license key",
);
}
}}
disabled={isDeactivating || !haveValidLicenseKey}
>
<Button
variant="destructive"
disabled={isDeactivating || !haveValidLicenseKey}
isLoading={isDeactivating}
>
Deactivate
</Button>
</DialogAction>
)}
{haveValidLicenseKey && (
<Button
variant="outline"
disabled={
isSaving || isCheckingLicenseKey || isDeactivating
}
isLoading={isValidating}
onClick={async () => {
try {
const valid = await validateLicenseKey();
if (valid) {
toast.success("License key is valid");
} else {
toast.error("License key is invalid");
}
} catch (error) {
console.error(error);
toast.error(
error instanceof Error
? error.message
: "Failed to validate license key",
);
}
}}
>
Validate
</Button>
)}
{!haveValidLicenseKey && (
<Button
variant="secondary"
disabled={isSaving || isValidating || isDeactivating}
isLoading={isActivating}
onClick={async () => {
try {
await activateLicenseKey({ licenseKey });
await utils.licenseKey.getEnterpriseSettings.invalidate();
await utils.licenseKey.haveValidLicenseKey.invalidate();
toast.success("License key activated");
} catch (error) {
console.error(error);
toast.error(
error instanceof Error
? error.message
: "Failed to activate license key",
);
}
}}
>
Activate
</Button>
)}
</div>
</div>
</>
) : (
<div className="flex flex-col items-center gap-4 justify-center min-h-[30vh] text-center">
<div className="flex flex-col items-center gap-2 max-w-[400px]">
<div className="rounded-full bg-muted p-4">
<ShieldCheck className="size-8 text-muted-foreground" />
</div>
<div className="space-y-1">
<h3 className="text-lg font-semibold">Enterprise Features</h3>
<p className="text-sm text-muted-foreground">
Unlock advanced capabilities like SSO, Audit logs,
whitelabeling and more.
</p>
</div>
</div>
<Button
onClick={async () => {
try {
await updateEnterpriseSettings({
enableEnterpriseFeatures: true,
});
await utils.licenseKey.getEnterpriseSettings.invalidate();
toast.success("Enterprise features enabled");
} catch (error) {
console.error(error);
toast.error("Failed to enable enterprise features");
}
}}
isLoading={isSaving}
disabled={isLoading || isDeactivating}
>
Enable Enterprise Features
</Button>
</div>
)}
</>
)}
</div>
);
}

347
apps/dokploy/components/proprietary/sso/register-oidc-dialog.tsx Normal file
View File

@@ -0,0 +1,347 @@
"use client";
import { zodResolver } from "@hookform/resolvers/zod";
import { Plus, Trash2 } from "lucide-react";
import { useState } from "react";
import type { FieldArrayPath } from "react-hook-form";
import { useFieldArray, useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { Button } from "@/components/ui/button";
import {
Dialog,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
DialogTrigger,
} from "@/components/ui/dialog";
import {
Form,
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
FormMessage,
} from "@/components/ui/form";
import { Input } from "@/components/ui/input";
import { api } from "@/utils/api";
const DEFAULT_SCOPES = ["openid", "email", "profile"];
const domainsArraySchema = z
.array(z.string().trim())
.superRefine((arr, ctx) => {
const filled = arr.filter((s) => s.length > 0);
if (filled.length < 1) {
ctx.addIssue({
code: z.ZodIssueCode.custom,
message: "At least one domain is required",
path: [],
});
}
});
const scopesArraySchema = z.array(z.string().trim());
const oidcProviderSchema = z.object({
providerId: z.string().min(1, "Provider ID is required").trim(),
issuer: z.string().min(1, "Issuer URL is required").url("Invalid URL").trim(),
domains: domainsArraySchema,
clientId: z.string().min(1, "Client ID is required").trim(),
clientSecret: z.string().min(1, "Client secret is required"),
scopes: scopesArraySchema,
});
type OidcProviderForm = z.infer<typeof oidcProviderSchema>;
interface RegisterOidcDialogProps {
children: React.ReactNode;
}
const formDefaultValues = {
providerId: "",
issuer: "",
domains: [""],
clientId: "",
clientSecret: "",
scopes: [...DEFAULT_SCOPES],
};
export function RegisterOidcDialog({ children }: RegisterOidcDialogProps) {
const utils = api.useUtils();
const [open, setOpen] = useState(false);
const { mutateAsync, isLoading } = api.sso.register.useMutation();
const form = useForm<OidcProviderForm>({
resolver: zodResolver(oidcProviderSchema),
defaultValues: formDefaultValues,
});
const { fields, append, remove } = useFieldArray({
control: form.control,
name: "domains" as FieldArrayPath<OidcProviderForm>,
});
const {
fields: scopeFields,
append: appendScope,
remove: removeScope,
} = useFieldArray({
control: form.control,
name: "scopes" as FieldArrayPath<OidcProviderForm>,
});
const isSubmitting = form.formState.isSubmitting;
const onSubmit = async (data: OidcProviderForm) => {
try {
const scopes = data.scopes.filter(Boolean).length
? data.scopes.filter(Boolean)
: DEFAULT_SCOPES;
const domain = data.domains
.map((d) => d.trim())
.filter(Boolean)
.join(",");
await mutateAsync({
providerId: data.providerId,
issuer: data.issuer,
domain,
oidcConfig: {
clientId: data.clientId,
clientSecret: data.clientSecret,
scopes,
pkce: true,
// Keycloak (and many IdPs) send preferred_username; better-auth expects name
mapping: {
id: "sub",
email: "email",
emailVerified: "email_verified",
name: "preferred_username",
image: "picture",
},
},
});
toast.success("OIDC provider registered successfully");
form.reset(formDefaultValues);
setOpen(false);
await utils.sso.listProviders.invalidate();
} catch (err) {
toast.error(
err instanceof Error ? err.message : "Failed to register SSO provider",
);
}
};
return (
<Dialog open={open} onOpenChange={setOpen}>
<DialogTrigger asChild>{children}</DialogTrigger>
<DialogContent className="sm:max-w-[500px]">
<DialogHeader>
<DialogTitle>Register OIDC provider</DialogTitle>
<DialogDescription>
Add any OIDC-compliant identity provider (e.g. Okta, Azure AD,
Google Workspace, Auth0, Keycloak). Discovery will fill endpoints
from the issuer URL when possible.
</DialogDescription>
</DialogHeader>
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-4">
<FormField
control={form.control}
name="providerId"
render={({ field }) => (
<FormItem>
<FormLabel>Provider ID</FormLabel>
<FormControl>
<Input placeholder="e.g. okta or my-idp" {...field} />
</FormControl>
<FormDescription>
Unique identifier; used in callback URL path.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="issuer"
render={({ field }) => (
<FormItem>
<FormLabel>Issuer URL</FormLabel>
<FormControl>
<Input placeholder="https://idp.example.com" {...field} />
</FormControl>
<FormDescription>
Discovery document is fetched from{" "}
<code className="rounded bg-muted px-1">
{"{issuer}"}/.well-known/openid-configuration
</code>
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<div className="space-y-2">
<div className="flex items-center justify-between">
<FormLabel>Domains</FormLabel>
<Button
type="button"
variant="outline"
size="sm"
className="h-8"
onClick={() => (append as (value: string) => void)("")}
>
<Plus className="mr-1 size-4" />
Add domain
</Button>
</div>
<p className="text-xs text-muted-foreground">
Email domains that use this provider (sign-in by email and org
assignment; subdomains matched automatically).
</p>
{fields.map((field, index) => (
<FormField
key={field.id}
control={form.control}
name={`domains.${index}`}
render={({ field: inputField }) => (
<FormItem>
<FormControl>
<div className="flex gap-2">
<Input
placeholder="company.com"
className="flex-1"
{...inputField}
/>
<Button
type="button"
variant="ghost"
size="icon"
className="shrink-0 text-muted-foreground hover:text-destructive"
onClick={() => remove(index)}
disabled={fields.length <= 1}
>
<Trash2 className="size-4" />
</Button>
</div>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
))}
{(() => {
const err = form.formState.errors.domains;
const msg =
typeof err?.message === "string"
? err.message
: (err as { root?: { message?: string } } | undefined)?.root
?.message;
return msg ? (
<p className="text-sm font-medium text-destructive">{msg}</p>
) : null;
})()}
</div>
<FormField
control={form.control}
name="clientId"
render={({ field }) => (
<FormItem>
<FormLabel>Client ID</FormLabel>
<FormControl>
<Input placeholder="Client ID from IdP" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="clientSecret"
render={({ field }) => (
<FormItem>
<FormLabel>Client secret</FormLabel>
<FormControl>
<Input
type="password"
placeholder="Client secret from IdP"
{...field}
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<div className="space-y-2">
<div className="flex items-center justify-between">
<FormLabel>Scopes (optional)</FormLabel>
<Button
type="button"
variant="outline"
size="sm"
className="h-8"
onClick={() => (appendScope as (value: string) => void)("")}
>
<Plus className="mr-1 size-4" />
Add scope
</Button>
</div>
<FormDescription>
OIDC scopes to request (e.g. openid, email, profile). If empty,
openid, email and profile are used.
</FormDescription>
{scopeFields.map((field, index) => (
<FormField
key={field.id}
control={form.control}
name={`scopes.${index}`}
render={({ field: inputField }) => (
<FormItem>
<FormControl>
<div className="flex gap-2">
<Input
placeholder="openid"
className="flex-1"
{...inputField}
/>
<Button
type="button"
variant="ghost"
size="icon"
className="shrink-0 text-muted-foreground hover:text-destructive"
onClick={() => removeScope(index)}
disabled={scopeFields.length <= 1}
>
<Trash2 className="size-4" />
</Button>
</div>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
))}
</div>
<DialogFooter>
<Button
type="button"
variant="outline"
onClick={() => setOpen(false)}
disabled={isSubmitting}
>
Cancel
</Button>
<Button type="submit" isLoading={isLoading}>
Register provider
</Button>
</DialogFooter>
</form>
</Form>
</DialogContent>
</Dialog>
);
}

322
apps/dokploy/components/proprietary/sso/register-saml-dialog.tsx Normal file
View File

@@ -0,0 +1,322 @@
"use client";
import { zodResolver } from "@hookform/resolvers/zod";
import { Plus, Trash2 } from "lucide-react";
import { useState } from "react";
import { type FieldArrayPath, useFieldArray, useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { Button } from "@/components/ui/button";
import {
Dialog,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
DialogTrigger,
} from "@/components/ui/dialog";
import {
Form,
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
FormMessage,
} from "@/components/ui/form";
import { Input } from "@/components/ui/input";
import { Textarea } from "@/components/ui/textarea";
import { api } from "@/utils/api";
const domainsArraySchema = z
.array(z.string().trim())
.superRefine((arr, ctx) => {
const filled = arr.filter((s) => s.length > 0);
if (filled.length < 1) {
ctx.addIssue({
code: z.ZodIssueCode.custom,
message: "At least one domain is required",
path: [],
});
}
});
const samlProviderSchema = z.object({
providerId: z.string().min(1, "Provider ID is required").trim(),
issuer: z.string().min(1, "Issuer URL is required").url("Invalid URL").trim(),
domains: domainsArraySchema,
entryPoint: z
.string()
.min(1, "IdP SSO URL is required")
.url("Invalid URL")
.trim(),
cert: z.string().min(1, "IdP signing certificate is required"),
callbackUrl: z
.string()
.min(1, "Callback URL is required")
.url("Invalid URL")
.trim(),
audience: z.string().min(1, "Audience (Entity ID) is required").trim(),
});
type SamlProviderForm = z.infer<typeof samlProviderSchema>;
interface RegisterSamlDialogProps {
children: React.ReactNode;
}
const formDefaultValues: SamlProviderForm = {
providerId: "",
issuer: "",
domains: [""],
entryPoint: "",
cert: "",
callbackUrl: "",
audience: "",
};
export function RegisterSamlDialog({ children }: RegisterSamlDialogProps) {
const utils = api.useUtils();
const [open, setOpen] = useState(false);
const { mutateAsync, isLoading } = api.sso.register.useMutation();
const form = useForm<SamlProviderForm>({
resolver: zodResolver(samlProviderSchema),
defaultValues: formDefaultValues,
});
const { fields, append, remove } = useFieldArray({
control: form.control,
name: "domains" as FieldArrayPath<SamlProviderForm>,
});
const isSubmitting = form.formState.isSubmitting;
const onSubmit = async (data: SamlProviderForm) => {
try {
const domain = data.domains
.map((d) => d.trim())
.filter(Boolean)
.join(",");
await mutateAsync({
providerId: data.providerId,
issuer: data.issuer,
domain,
samlConfig: {
entryPoint: data.entryPoint,
cert: data.cert,
callbackUrl: data.callbackUrl,
audience: data.audience,
wantAssertionsSigned: true,
signatureAlgorithm: "sha256",
digestAlgorithm: "sha256",
spMetadata: {
entityID: data.audience,
},
},
});
toast.success("SAML provider registered successfully");
form.reset(formDefaultValues);
setOpen(false);
await utils.sso.listProviders.invalidate();
} catch (err) {
toast.error(
err instanceof Error ? err.message : "Failed to register SAML provider",
);
}
};
return (
<Dialog open={open} onOpenChange={setOpen}>
<DialogTrigger asChild>{children}</DialogTrigger>
<DialogContent className="sm:max-w-[500px] max-h-[90vh] overflow-y-auto">
<DialogHeader>
<DialogTitle>Register SAML provider</DialogTitle>
<DialogDescription>
Add a SAML 2.0 identity provider (e.g. Okta SAML, Azure AD SAML,
OneLogin). You need the IdP&apos;s SSO URL and signing certificate.
</DialogDescription>
</DialogHeader>
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-4">
<FormField
control={form.control}
name="providerId"
render={({ field }) => (
<FormItem>
<FormLabel>Provider ID</FormLabel>
<FormControl>
<Input
placeholder="e.g. okta-saml or azure-saml"
{...field}
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="issuer"
render={({ field }) => (
<FormItem>
<FormLabel>Issuer URL</FormLabel>
<FormControl>
<Input placeholder="https://idp.example.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<div className="space-y-2">
<div className="flex items-center justify-between">
<FormLabel>Domains</FormLabel>
<Button
type="button"
variant="outline"
size="sm"
className="h-8"
onClick={() => append("")}
>
<Plus className="mr-1 size-4" />
Add domain
</Button>
</div>
<FormDescription>
Email domains that use this provider (sign-in by email and org
assignment; subdomains matched automatically).
</FormDescription>
{fields.map((field, index) => (
<FormField
key={field.id}
control={form.control}
name={`domains.${index}`}
render={({ field: inputField }) => (
<FormItem>
<FormControl>
<div className="flex gap-2">
<Input
placeholder="company.com"
className="flex-1"
{...inputField}
/>
<Button
type="button"
variant="ghost"
size="icon"
className="shrink-0 text-muted-foreground hover:text-destructive"
onClick={() => remove(index)}
disabled={fields.length <= 1}
>
<Trash2 className="size-4" />
</Button>
</div>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
))}
{(() => {
const err = form.formState.errors.domains;
const msg =
typeof err?.message === "string"
? err.message
: (err as { root?: { message?: string } } | undefined)?.root
?.message;
return msg ? (
<p className="text-sm font-medium text-destructive">{msg}</p>
) : null;
})()}
</div>
<FormField
control={form.control}
name="entryPoint"
render={({ field }) => (
<FormItem>
<FormLabel>IdP SSO URL (Entry point)</FormLabel>
<FormControl>
<Input
placeholder="https://idp.example.com/sso"
{...field}
/>
</FormControl>
<FormDescription>
Single Sign-On URL from your IdP&apos;s SAML setup.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="cert"
render={({ field }) => (
<FormItem>
<FormLabel>IdP signing certificate (X.509)</FormLabel>
<FormControl>
<Textarea
placeholder="Paste IdP signing certificate (PEM, BEGIN CERTIFICATE / END CERTIFICATE)"
rows={4}
className="font-mono text-xs"
{...field}
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="callbackUrl"
render={({ field }) => (
<FormItem>
<FormLabel>Callback URL (ACS)</FormLabel>
<FormControl>
<Input
placeholder="https://yourapp.com/api/auth/sso/saml2/callback/my-provider"
{...field}
/>
</FormControl>
<FormDescription>
Use the callback URL shown in your IdP app config for this
provider.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="audience"
render={({ field }) => (
<FormItem>
<FormLabel>Audience (Entity ID)</FormLabel>
<FormControl>
<Input placeholder="https://yourapp.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<DialogFooter>
<Button
type="button"
variant="outline"
onClick={() => setOpen(false)}
disabled={isSubmitting}
>
Cancel
</Button>
<Button type="submit" isLoading={isLoading}>
Register provider
</Button>
</DialogFooter>
</form>
</Form>
</DialogContent>
</Dialog>
);
}

127
apps/dokploy/components/proprietary/sso/sign-in-with-sso.tsx Normal file
View File

@@ -0,0 +1,127 @@
"use client";
import { zodResolver } from "@hookform/resolvers/zod";
import { Loader2, LogIn } from "lucide-react";
import { useState } from "react";
import { useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { Button } from "@/components/ui/button";
import {
Form,
FormControl,
FormField,
FormItem,
FormMessage,
} from "@/components/ui/form";
import { Input } from "@/components/ui/input";
import { authClient } from "@/lib/auth-client";
const ssoEmailSchema = z.object({
email: z
.string()
.min(1, "Enter your work email")
.email("Enter a valid email address")
.transform((v) => v.trim()),
});
type SSOEmailForm = z.infer<typeof ssoEmailSchema>;
interface SignInWithSSOProps {
/** Content shown when SSO is collapsed (e.g. email/password form) */
children: React.ReactNode;
}
export function SignInWithSSO({ children }: SignInWithSSOProps) {
const [expanded, setExpanded] = useState(false);
const form = useForm<SSOEmailForm>({
resolver: zodResolver(ssoEmailSchema),
defaultValues: { email: "" },
});
const onSubmit = async (values: SSOEmailForm) => {
try {
const { data, error } = await authClient.signIn.sso({
email: values.email,
callbackURL: "/dashboard/projects",
});
if (error) {
toast.error(error.message ?? "Failed to sign in with SSO");
return;
}
if (data?.url) {
window.location.href = data.url;
}
} catch (err) {
toast.error(
err instanceof Error ? err.message : "Failed to sign in with SSO",
);
}
};
if (!expanded) {
return (
<div className="mb-4 space-y-2">
<Button
type="button"
variant="outline"
className="w-full"
onClick={() => setExpanded(true)}
>
<LogIn className="mr-2 size-4" />
Sign in with SSO
</Button>
{children}
</div>
);
}
return (
<div className="mb-4 space-y-2">
<Form {...form}>
<form onSubmit={form.handleSubmit(onSubmit)} className="space-y-2">
<FormField
control={form.control}
name="email"
render={({ field }) => (
<FormItem>
<FormControl>
<div className="flex gap-2">
<Input
type="email"
placeholder="you@company.com"
className="flex-1"
autoComplete="email"
disabled={form.formState.isSubmitting}
{...field}
/>
<Button
type="submit"
variant="outline"
disabled={form.formState.isSubmitting}
>
{form.formState.isSubmitting ? (
<Loader2 className="size-4 animate-spin" />
) : (
"Continue"
)}
</Button>
</div>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<button
type="button"
onClick={() => setExpanded(false)}
className="text-xs text-muted-foreground hover:underline"
>
Use email and password instead
</button>
</form>
</Form>
</div>
);
}

368
apps/dokploy/components/proprietary/sso/sso-settings.tsx Normal file
View File

@@ -0,0 +1,368 @@
"use client";
import { Eye, Loader2, LogIn, Trash2 } from "lucide-react";
import { useEffect, useState } from "react";
import { toast } from "sonner";
import { DialogAction } from "@/components/shared/dialog-action";
import { Badge } from "@/components/ui/badge";
import { Button } from "@/components/ui/button";
import {
Card,
CardContent,
CardDescription,
CardHeader,
CardTitle,
} from "@/components/ui/card";
import {
Dialog,
DialogContent,
DialogDescription,
DialogFooter,
DialogHeader,
DialogTitle,
} from "@/components/ui/dialog";
import { api } from "@/utils/api";
import { RegisterOidcDialog } from "./register-oidc-dialog";
import { RegisterSamlDialog } from "./register-saml-dialog";
type ProviderForDetails = {
id: string | null;
providerId: string;
issuer: string;
domain: string;
oidcConfig: string | null;
samlConfig: string | null;
organizationId: string | null;
};
function parseOidcConfig(config: string | null): {
clientId?: string;
scopes?: string[];
} | null {
if (!config) return null;
try {
const parsed = JSON.parse(config) as {
clientId?: string;
scopes?: string[];
};
return { clientId: parsed.clientId, scopes: parsed.scopes };
} catch {
return null;
}
}
function parseSamlConfig(
config: string | null,
): { entryPoint?: string } | null {
if (!config) return null;
try {
const parsed = JSON.parse(config) as { entryPoint?: string };
return { entryPoint: parsed.entryPoint };
} catch {
return null;
}
}
export const SSOSettings = () => {
const utils = api.useUtils();
const [detailsProvider, setDetailsProvider] =
useState<ProviderForDetails | null>(null);
const [baseURL, setBaseURL] = useState("");
useEffect(() => {
if (typeof window !== "undefined") {
setBaseURL(window.location.origin);
}
}, []);
const { data: providers, isLoading } = api.sso.listProviders.useQuery();
const { mutateAsync: deleteProvider, isLoading: isDeleting } =
api.sso.deleteProvider.useMutation();
return (
<div className="flex flex-col gap-4 rounded-lg border p-4">
<div className="flex flex-col gap-2">
<div className="flex items-center gap-2">
<LogIn className="size-6 text-muted-foreground" />
<CardTitle className="text-xl">Single Sign-On (SSO)</CardTitle>
</div>
<CardDescription>
Configure OIDC or SAML identity providers for enterprise sign-in.
Users can sign in with their organization&apos;s IdP.
</CardDescription>
</div>
{isLoading ? (
<div className="flex items-center gap-2 justify-center min-h-[25vh]">
<Loader2 className="size-6 text-muted-foreground animate-spin" />
<span className="text-sm text-muted-foreground">
Loading providers...
</span>
</div>
) : (
<>
{providers && providers.length > 0 && (
<div className="flex flex-wrap items-center gap-2">
<RegisterOidcDialog>
<Button variant="secondary" size="sm">
<LogIn className="mr-2 size-4" />
Add OIDC provider
</Button>
</RegisterOidcDialog>
<RegisterSamlDialog>
<Button variant="secondary" size="sm">
<LogIn className="mr-2 size-4" />
Add SAML provider
</Button>
</RegisterSamlDialog>
</div>
)}
{providers && providers.length > 0 ? (
<div className="space-y-3">
<span className="text-sm font-medium">Registered providers</span>
<div className="grid gap-3 sm:grid-cols-2">
{providers.map((provider) => {
const isOidc = !!provider.oidcConfig;
const isSaml = !!provider.samlConfig;
return (
<Card
key={provider.id}
className="overflow-hidden bg-background"
>
<CardHeader className="pb-2">
<div className="flex items-start justify-between gap-2">
<div className="flex flex-col gap-1">
<CardTitle className="text-base font-medium">
{provider.providerId}
</CardTitle>
<CardDescription className="text-xs">
{provider.issuer}
</CardDescription>
<div className="flex flex-wrap gap-1 mt-1">
<Badge variant="secondary" className="text-xs">
{provider.domain}
</Badge>
{isOidc && (
<Badge variant="outline" className="text-xs">
OIDC
</Badge>
)}
{isSaml && (
<Badge variant="outline" className="text-xs">
SAML
</Badge>
)}
</div>
</div>
</div>
</CardHeader>
<CardContent className="flex flex-wrap gap-2 pt-0">
<Button
variant="ghost"
size="sm"
onClick={() =>
setDetailsProvider({
id: provider.id,
providerId: provider.providerId,
issuer: provider.issuer,
domain: provider.domain,
oidcConfig: provider.oidcConfig,
samlConfig: provider.samlConfig,
organizationId: provider.organizationId,
})
}
>
<Eye className="mr-1 size-3" />
View details
</Button>
<DialogAction
title="Remove SSO provider"
description={`Remove provider "${provider.providerId}"? Users will no longer be able to sign in with this IdP.`}
type="destructive"
onClick={async () => {
try {
await deleteProvider({
providerId: provider.providerId,
});
toast.success("Provider removed");
await utils.sso.listProviders.invalidate();
} catch (err) {
toast.error(
err instanceof Error
? err.message
: "Failed to remove provider",
);
}
}}
>
<Button
variant="ghost"
size="sm"
className="text-destructive hover:text-destructive"
disabled={isDeleting}
>
<Trash2 className="mr-1 size-3" />
Remove
</Button>
</DialogAction>
</CardContent>
</Card>
);
})}
</div>
</div>
) : (
<div className="flex flex-col items-center gap-4 justify-center min-h-[30vh] text-center">
<div className="flex flex-col items-center gap-2 max-w-[400px]">
<div className="rounded-full bg-muted p-4">
<LogIn className="size-8 text-muted-foreground" />
</div>
<div className="space-y-1">
<h3 className="text-lg font-semibold">No SSO providers</h3>
<p className="text-sm text-muted-foreground">
Add an OIDC or SAML provider so users can sign in with their
organization&apos;s IdP (e.g. Okta, Azure AD).
</p>
</div>
</div>
<div className="flex flex-wrap gap-2 justify-center">
<RegisterOidcDialog>
<Button variant="secondary">
<LogIn className="mr-2 size-4" />
Add OIDC provider
</Button>
</RegisterOidcDialog>
<RegisterSamlDialog>
<Button variant="outline">
<LogIn className="mr-2 size-4" />
Add SAML provider
</Button>
</RegisterSamlDialog>
</div>
</div>
)}
</>
)}
<Dialog
open={!!detailsProvider}
onOpenChange={(open) => !open && setDetailsProvider(null)}
>
<DialogContent className="sm:max-w-[480px]">
{detailsProvider && (
<>
<DialogHeader>
<DialogTitle>SSO provider details</DialogTitle>
<DialogDescription>
View-only. To change settings, remove this provider and add it
again with the new values.
</DialogDescription>
</DialogHeader>
<div className="grid gap-3 py-2">
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Provider ID
</span>
<p className="rounded-md bg-muted px-2 py-1.5 font-mono text-sm">
{detailsProvider.providerId}
</p>
</div>
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Issuer URL
</span>
<p className="break-all rounded-md bg-muted px-2 py-1.5 text-sm">
{detailsProvider.issuer}
</p>
</div>
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Domain
</span>
<p className="rounded-md bg-muted px-2 py-1.5 text-sm">
{detailsProvider.domain}
</p>
</div>
{detailsProvider.oidcConfig && (
<>
{(() => {
const oidc = parseOidcConfig(detailsProvider.oidcConfig);
if (!oidc) return null;
return (
<>
{oidc.clientId && (
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Client ID
</span>
<p className="rounded-md bg-muted px-2 py-1.5 font-mono text-sm">
{oidc.clientId}
</p>
</div>
)}
{oidc.scopes && oidc.scopes.length > 0 && (
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Scopes
</span>
<p className="rounded-md bg-muted px-2 py-1.5 text-sm">
{oidc.scopes.join(" ")}
</p>
</div>
)}
</>
);
})()}
</>
)}
{detailsProvider.samlConfig && (
<>
{(() => {
const saml = parseSamlConfig(detailsProvider.samlConfig);
if (!saml?.entryPoint) return null;
return (
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Entry point
</span>
<p className="break-all rounded-md bg-muted px-2 py-1.5 text-sm">
{saml.entryPoint}
</p>
</div>
);
})()}
</>
)}
<div className="grid gap-1">
<span className="text-xs font-medium text-muted-foreground">
Callback URL (configure in your IdP)
</span>
<p className="break-all rounded-md bg-muted px-2 py-1.5 font-mono text-xs">
{baseURL || "{baseURL}"}/api/auth/sso/callback/
{detailsProvider.providerId}
</p>
{!baseURL && (
<p className="text-xs text-muted-foreground">
Replace {"{baseURL}"} with your Dokploy URL (e.g. https://
your-domain.com).
</p>
)}
</div>
</div>
<DialogFooter>
<Button
variant="outline"
onClick={() => setDetailsProvider(null)}
>
Close
</Button>
</DialogFooter>
</>
)}
</DialogContent>
</Dialog>
</div>
);
};

290
apps/dokploy/components/proprietary/whitelabelling/whitelabel-settings.tsx Normal file
View File

@@ -0,0 +1,290 @@
"use client";
import { zodResolver } from "@hookform/resolvers/zod";
import { Loader2, Palette } from "lucide-react";
import { useEffect } from "react";
import { useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { Button } from "@/components/ui/button";
import { CardDescription, CardTitle } from "@/components/ui/card";
import {
Form,
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
FormMessage,
} from "@/components/ui/form";
import { Input } from "@/components/ui/input";
import { api } from "@/utils/api";
const whitelabelSchema = z.object({
whitelabelAppName: z.string().min(1).max(100),
whitelabelLogoUrl: z.union([z.string().url(), z.literal("")]).optional(),
whitelabelLoginLogoUrl: z.union([z.string().url(), z.literal("")]).optional(),
whitelabelFaviconUrl: z.union([z.string().url(), z.literal("")]).optional(),
whitelabelLoginTitle: z.string().max(200).optional(),
whitelabelLoginSubtitle: z.string().max(500).optional(),
whitelabelLoginBackgroundImageUrl: z
.union([z.string().url(), z.literal("")])
.optional(),
});
type WhitelabelFormValues = z.infer<typeof whitelabelSchema>;
export function WhitelabelSettings() {
const { data: settings, isLoading } =
api.settings.getWebServerSettings.useQuery();
const { mutateAsync: updateWhitelabel, isLoading: isSaving } =
api.settings.updateWhitelabelSettings.useMutation();
const utils = api.useUtils();
const form = useForm<WhitelabelFormValues>({
resolver: zodResolver(whitelabelSchema),
defaultValues: {
whitelabelAppName: "Dokploy",
whitelabelLogoUrl: "",
whitelabelLoginLogoUrl: "",
whitelabelFaviconUrl: "",
whitelabelLoginTitle: "",
whitelabelLoginSubtitle: "",
whitelabelLoginBackgroundImageUrl: "",
},
});
useEffect(() => {
if (settings) {
form.reset({
whitelabelAppName: settings.whitelabelAppName ?? "Dokploy",
whitelabelLogoUrl: settings.whitelabelLogoUrl ?? "",
whitelabelLoginLogoUrl: settings.whitelabelLoginLogoUrl ?? "",
whitelabelFaviconUrl: settings.whitelabelFaviconUrl ?? "",
whitelabelLoginTitle: settings.whitelabelLoginTitle ?? "",
whitelabelLoginSubtitle: settings.whitelabelLoginSubtitle ?? "",
whitelabelLoginBackgroundImageUrl:
settings.whitelabelLoginBackgroundImageUrl ?? "",
});
}
}, [settings, form]);
const onSubmit = async (values: WhitelabelFormValues) => {
try {
await updateWhitelabel({
whitelabelAppName: values.whitelabelAppName || null,
whitelabelLogoUrl: values.whitelabelLogoUrl || undefined,
whitelabelLoginLogoUrl: values.whitelabelLoginLogoUrl || undefined,
whitelabelFaviconUrl: values.whitelabelFaviconUrl || undefined,
whitelabelLoginTitle: values.whitelabelLoginTitle || null,
whitelabelLoginSubtitle: values.whitelabelLoginSubtitle || null,
whitelabelLoginBackgroundImageUrl:
values.whitelabelLoginBackgroundImageUrl || undefined,
});
toast.success("Whitelabel settings saved");
utils.settings.getWebServerSettings.invalidate();
utils.settings.getWhitelabelSettings.invalidate();
} catch (e) {
toast.error("Failed to save whitelabel settings");
}
};
if (isLoading) {
return (
<div className="flex items-center gap-2 justify-center min-h-[25vh]">
<Loader2 className="size-6 text-muted-foreground animate-spin" />
<span className="text-sm text-muted-foreground">
Loading whitelabel settings...
</span>
</div>
);
}
return (
<div className="flex flex-col gap-4 rounded-lg ">
<div className="flex flex-col gap-2">
<div className="flex items-center gap-2">
<Palette className="size-6 text-muted-foreground" />
<CardTitle className="text-xl">Whitelabeling</CardTitle>
</div>
<CardDescription>
Customize the application name, logos, and login page for your brand.
Leave URLs empty to use defaults.
</CardDescription>
</div>
<Form {...form}>
<form
onSubmit={form.handleSubmit(onSubmit)}
className="flex flex-col gap-6"
>
<div className="space-y-4 pt-2 border-t">
<div>
<h3 className="text-sm font-medium">Brand</h3>
<p className="text-sm text-muted-foreground">
Application name and main logo (sidebar, header).
</p>
</div>
<FormField
control={form.control}
name="whitelabelAppName"
render={({ field }) => (
<FormItem>
<FormLabel>Application name</FormLabel>
<FormControl>
<Input
placeholder="Dokploy"
{...field}
className="max-w-md"
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="whitelabelLogoUrl"
render={({ field }) => (
<FormItem>
<FormLabel>Logo URL</FormLabel>
<FormControl>
<Input
placeholder="https://example.com/logo.png"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormDescription>
Logo shown in the sidebar and header.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="whitelabelFaviconUrl"
render={({ field }) => (
<FormItem>
<FormLabel>Favicon URL</FormLabel>
<FormControl>
<Input
placeholder="https://example.com/favicon.ico"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
</div>
<div className="space-y-4 pt-6 border-t">
<div>
<h3 className="text-sm font-medium">Login page</h3>
<p className="text-sm text-muted-foreground">
Customize the sign-in and registration screens.
</p>
</div>
<FormField
control={form.control}
name="whitelabelLoginLogoUrl"
render={({ field }) => (
<FormItem>
<FormLabel>Login logo URL</FormLabel>
<FormControl>
<Input
placeholder="https://example.com/login-logo.png"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormDescription>
Logo on the login and register pages. Falls back to the main
logo if empty.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="whitelabelLoginTitle"
render={({ field }) => (
<FormItem>
<FormLabel>Login title</FormLabel>
<FormControl>
<Input
placeholder="Sign in"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="whitelabelLoginSubtitle"
render={({ field }) => (
<FormItem>
<FormLabel>Login subtitle</FormLabel>
<FormControl>
<Input
placeholder="Enter your email and password to sign in"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={form.control}
name="whitelabelLoginBackgroundImageUrl"
render={({ field }) => (
<FormItem>
<FormLabel>Login background image URL</FormLabel>
<FormControl>
<Input
placeholder="https://example.com/background.jpg"
{...field}
value={field.value ?? ""}
className="max-w-md"
/>
</FormControl>
<FormDescription>
Optional background image for the login page.
</FormDescription>
<FormMessage />
</FormItem>
)}
/>
</div>
<div className="flex justify-end pt-4 border-t">
<Button type="submit" disabled={isSaving}>
{isSaving ? (
<>
<Loader2 className="mr-2 size-4 animate-spin" />
Saving...
</>
) : (
"Save changes"
)}
</Button>
</div>
</form>
</Form>
</div>
);
}

12
apps/dokploy/drizzle/0135_illegal_magik.sql Normal file
View File

@@ -0,0 +1,12 @@
ALTER TYPE "public"."notificationType" ADD VALUE 'pushover' BEFORE 'custom';--> statement-breakpoint
CREATE TABLE "pushover" (
"pushoverId" text PRIMARY KEY NOT NULL,
"userKey" text NOT NULL,
"apiToken" text NOT NULL,
"priority" integer DEFAULT 0 NOT NULL,
"retry" integer,
"expire" integer
);
--> statement-breakpoint
ALTER TABLE "notification" ADD COLUMN "pushoverId" text;--> statement-breakpoint
ALTER TABLE "notification" ADD CONSTRAINT "notification_pushoverId_pushover_pushoverId_fk" FOREIGN KEY ("pushoverId") REFERENCES "public"."pushover"("pushoverId") ON DELETE cascade ON UPDATE no action;

2
apps/dokploy/drizzle/0136_tidy_puff_adder.sql Normal file
View File

@@ -0,0 +1,2 @@
ALTER TABLE "application" ADD COLUMN "bitbucketRepositorySlug" text;--> statement-breakpoint
ALTER TABLE "compose" ADD COLUMN "bitbucketRepositorySlug" text;

2
apps/dokploy/drizzle/0137_naive_power_pack.sql Normal file
View File

@@ -0,0 +1,2 @@
ALTER TABLE "user" ADD COLUMN "enableEnterpriseFeatures" boolean DEFAULT false NOT NULL;--> statement-breakpoint
ALTER TABLE "user" ADD COLUMN "licenseKey" text;

13
apps/dokploy/drizzle/0138_common_mathemanic.sql Normal file
View File

@@ -0,0 +1,13 @@
CREATE TABLE "sso_provider" (
"id" text PRIMARY KEY NOT NULL,
"issuer" text NOT NULL,
"oidc_config" text,
"saml_config" text,
"user_id" text,
"provider_id" text NOT NULL,
"organization_id" text,
"domain" text NOT NULL,
CONSTRAINT "sso_provider_provider_id_unique" UNIQUE("provider_id")
);
--> statement-breakpoint
ALTER TABLE "sso_provider" ADD CONSTRAINT "sso_provider_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;

1
apps/dokploy/drizzle/0139_smiling_havok.sql Normal file
View File

@@ -0,0 +1 @@
ALTER TABLE "user" ADD COLUMN "isValidEnterpriseLicense" boolean DEFAULT false NOT NULL;

1
apps/dokploy/drizzle/0140_great_lightspeed.sql Normal file
View File

@@ -0,0 +1 @@
ALTER TABLE "sso_provider" ADD CONSTRAINT "sso_provider_organization_id_organization_id_fk" FOREIGN KEY ("organization_id") REFERENCES "public"."organization"("id") ON DELETE cascade ON UPDATE no action;

7038
apps/dokploy/drizzle/meta/0135_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

7050
apps/dokploy/drizzle/meta/0136_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

7063
apps/dokploy/drizzle/meta/0137_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

7146
apps/dokploy/drizzle/meta/0138_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

7153
apps/dokploy/drizzle/meta/0139_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

7166
apps/dokploy/drizzle/meta/0140_snapshot.json Normal file
View File

File diff suppressed because it is too large Load Diff

42
apps/dokploy/drizzle/meta/_journal.json
View File

@@ -946,6 +946,48 @@
"when": 1767871040249,
"tag": "0134_strong_hercules",
"breakpoints": true
},
{
"idx": 135,
"version": "7",
"when": 1768271617042,
"tag": "0135_illegal_magik",
"breakpoints": true
},
{
"idx": 136,
"version": "7",
"when": 1769580434296,
"tag": "0136_tidy_puff_adder",
"breakpoints": true
},
{
"idx": 137,
"version": "7",
"when": 1769616589728,
"tag": "0137_naive_power_pack",
"breakpoints": true
},
{
"idx": 138,
"version": "7",
"when": 1769745328628,
"tag": "0138_common_mathemanic",
"breakpoints": true
},
{
"idx": 139,
"version": "7",
"when": 1769746948088,
"tag": "0139_smiling_havok",
"breakpoints": true
},
{
"idx": 140,
"version": "7",
"when": 1769854977685,
"tag": "0140_great_lightspeed",
"breakpoints": true
}
]
}

2
apps/dokploy/lib/auth-client.ts
View File

@@ -1,3 +1,4 @@
import { ssoClient } from "@better-auth/sso/client";
import {
adminClient,
apiKeyClient,
@@ -13,6 +14,7 @@ export const authClient = createAuthClient({
organizationClient(),
twoFactorClient(),
apiKeyClient(),
ssoClient(),
adminClient(),
inferAdditionalFields({
user: {

5
apps/dokploy/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "dokploy",
"version": "v0.26.6",
"version": "v0.26.7",
"private": true,
"license": "Apache-2.0",
"type": "module",
@@ -37,6 +37,7 @@
"generate:openapi": "tsx -r dotenv/config scripts/generate-openapi.ts"
},
"dependencies": {
"@better-auth/sso": "1.4.18",
"@ai-sdk/anthropic": "^2.0.5",
"@ai-sdk/azure": "^2.0.16",
"@ai-sdk/cohere": "^2.0.4",
@@ -94,7 +95,7 @@
"ai": "^5.0.17",
"ai-sdk-ollama": "^0.5.1",
"bcrypt": "5.1.1",
"better-auth": "v1.2.8-beta.7",
"better-auth": "1.4.18",
"bl": "6.0.11",
"boxen": "^7.1.1",
"bullmq": "5.4.2",

4
apps/dokploy/pages/api/deploy/[refreshToken].ts
View File

@@ -195,7 +195,9 @@ export default async function handler(
const commitedPaths = await extractCommitedPaths(
req.body,
application.bitbucket,
application.bitbucketRepository || "",
application.bitbucketRepositorySlug ||
application.bitbucketRepository ||
"",
);
const shouldDeployPaths = shouldDeploy(

4
apps/dokploy/pages/api/deploy/compose/[refreshToken].ts
View File

@@ -100,7 +100,9 @@ export default async function handler(
const commitedPaths = await extractCommitedPaths(
req.body,
composeResult.bitbucket,
composeResult.bitbucketRepository || "",
composeResult.bitbucketRepositorySlug ||
composeResult.bitbucketRepository ||
"",
);
const shouldDeployPaths = shouldDeploy(

84
apps/dokploy/pages/dashboard/settings/license.tsx Normal file
View File

@@ -0,0 +1,84 @@
import { IS_CLOUD, validateRequest } from "@dokploy/server";
import { createServerSideHelpers } from "@trpc/react-query/server";
import type { GetServerSidePropsContext } from "next";
import type { ReactElement } from "react";
import superjson from "superjson";
import { DashboardLayout } from "@/components/layouts/dashboard-layout";
import { LicenseKeySettings } from "@/components/proprietary/license-keys/license-key";
import { Card } from "@/components/ui/card";
import { appRouter } from "@/server/api/root";
import { getLocale, serverSideTranslations } from "@/utils/i18n";
const Page = () => {
return (
<div className="w-full">
<div className="h-full rounded-xl max-w-5xl mx-auto flex flex-col gap-4">
<Card className="h-full bg-sidebar p-2.5 rounded-xl mx-auto w-full">
<div className="rounded-xl bg-background shadow-md">
<div className="p-6">
<LicenseKeySettings />
</div>
</div>
</Card>
</div>
</div>
);
};
export default Page;
Page.getLayout = (page: ReactElement) => {
return <DashboardLayout metaName="License">{page}</DashboardLayout>;
};
export async function getServerSideProps(
ctx: GetServerSidePropsContext<{ serviceId: string }>,
) {
const { req, res } = ctx;
const locale = await getLocale(req.cookies);
if (IS_CLOUD) {
return {
redirect: {
permanent: true,
destination: "/dashboard/projects",
},
};
}
const { user, session } = await validateRequest(ctx.req);
if (!user) {
return {
redirect: {
permanent: true,
destination: "/",
},
};
}
if (user.role === "member") {
return {
redirect: {
permanent: true,
destination: "/dashboard/settings/profile",
},
};
}
const helpers = createServerSideHelpers({
router: appRouter,
ctx: {
req: req as any,
res: res as any,
db: null as any,
session: session as any,
user: user as any,
},
transformer: superjson,
});
await helpers.user.get.prefetch();
return {
props: {
trpcState: helpers.dehydrate(),
...(await serverSideTranslations(locale, ["settings"])),
},
};
}

84
apps/dokploy/pages/dashboard/settings/sso.tsx Normal file
View File

@@ -0,0 +1,84 @@
import { validateRequest } from "@dokploy/server";
import { createServerSideHelpers } from "@trpc/react-query/server";
import type { GetServerSidePropsContext } from "next";
import type { ReactElement } from "react";
import superjson from "superjson";
import { DashboardLayout } from "@/components/layouts/dashboard-layout";
import { EnterpriseFeatureGate } from "@/components/proprietary/enterprise-feature-gate";
import { SSOSettings } from "@/components/proprietary/sso/sso-settings";
import { Card } from "@/components/ui/card";
import { appRouter } from "@/server/api/root";
import { getLocale, serverSideTranslations } from "@/utils/i18n";
const Page = () => {
return (
<div className="w-full">
<div className="h-full rounded-xl max-w-5xl mx-auto flex flex-col gap-4">
<Card className="h-full bg-sidebar p-2.5 rounded-xl mx-auto w-full">
<div className="rounded-xl bg-background shadow-md">
<div className="p-6">
<EnterpriseFeatureGate
lockedProps={{
title: "Enterprise SSO",
description:
"Single sign-on (SSO) with OIDC and SAML is part of Dokploy Enterprise. Add a valid license to configure it.",
ctaLabel: "Go to License",
}}
>
<SSOSettings />
</EnterpriseFeatureGate>
</div>
</div>
</Card>
</div>
</div>
);
};
export default Page;
Page.getLayout = (page: ReactElement) => {
return <DashboardLayout metaName="SSO">{page}</DashboardLayout>;
};
export async function getServerSideProps(ctx: GetServerSidePropsContext) {
const { req, res } = ctx;
const locale = await getLocale(req.cookies);
const { user, session } = await validateRequest(ctx.req);
if (!user) {
return {
redirect: {
permanent: true,
destination: "/",
},
};
}
if (user.role === "member") {
return {
redirect: {
permanent: true,
destination: "/dashboard/settings/profile",
},
};
}
const helpers = createServerSideHelpers({
router: appRouter,
ctx: {
req: req as any,
res: res as any,
db: null as any,
session: session as any,
user: user as any,
},
transformer: superjson,
});
await helpers.user.get.prefetch();
return {
props: {
trpcState: helpers.dehydrate(),
...(await serverSideTranslations(locale, ["settings"])),
},
};
}

84
apps/dokploy/pages/dashboard/settings/whitelabelling.tsx Normal file
View File

@@ -0,0 +1,84 @@
import { validateRequest } from "@dokploy/server";
import { createServerSideHelpers } from "@trpc/react-query/server";
import type { GetServerSidePropsContext } from "next";
import type { ReactElement } from "react";
import superjson from "superjson";
import { DashboardLayout } from "@/components/layouts/dashboard-layout";
import { EnterpriseFeatureGate } from "@/components/proprietary/enterprise-feature-gate";
import { WhitelabelSettings } from "@/components/proprietary/whitelabelling/whitelabel-settings";
import { Card } from "@/components/ui/card";
import { appRouter } from "@/server/api/root";
import { getLocale, serverSideTranslations } from "@/utils/i18n";
const Page = () => {
return (
<div className="w-full">
<div className="h-full rounded-xl max-w-5xl mx-auto flex flex-col gap-4">
<Card className="h-full bg-sidebar p-2.5 rounded-xl mx-auto w-full">
<div className="rounded-xl bg-background shadow-md">
<div className="p-6">
<EnterpriseFeatureGate
lockedProps={{
title: "Enterprise Whitelabeling",
description:
"Whitelabeling is part of Dokploy Enterprise. Add a valid license to customize logos, app name, and login page.",
ctaLabel: "Go to License",
}}
>
<WhitelabelSettings />
</EnterpriseFeatureGate>
</div>
</div>
</Card>
</div>
</div>
);
};
export default Page;
Page.getLayout = (page: ReactElement) => {
return <DashboardLayout metaName="Whitelabeling">{page}</DashboardLayout>;
};
export async function getServerSideProps(ctx: GetServerSidePropsContext) {
const { req } = ctx;
const locale = await getLocale(req.cookies);
const { user, session } = await validateRequest(ctx.req);
if (!user) {
return {
redirect: {
permanent: true,
destination: "/",
},
};
}
if (user.role === "member") {
return {
redirect: {
permanent: true,
destination: "/dashboard/settings/profile",
},
};
}
const helpers = createServerSideHelpers({
router: appRouter,
ctx: {
req: req as any,
res: ctx.res as any,
db: null as any,
session: session as any,
user: user as any,
},
transformer: superjson,
});
await helpers.user.get.prefetch();
return {
props: {
trpcState: helpers.dehydrate(),
...(await serverSideTranslations(locale, ["settings"])),
},
};
}

201
apps/dokploy/pages/index.tsx
View File

@@ -10,6 +10,9 @@ import { useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { OnboardingLayout } from "@/components/layouts/onboarding-layout";
import { SignInWithGithub } from "@/components/proprietary/auth/sign-in-with-github";
import { SignInWithGoogle } from "@/components/proprietary/auth/sign-in-with-google";
import { SignInWithSSO } from "@/components/proprietary/sso/sign-in-with-sso";
import { AlertBlock } from "@/components/shared/alert-block";
import { Logo } from "@/components/shared/logo";
import { Button } from "@/components/ui/button";
@@ -37,6 +40,7 @@ import {
} from "@/components/ui/input-otp";
import { Label } from "@/components/ui/label";
import { authClient } from "@/lib/auth-client";
import { api } from "@/utils/api";
const LoginSchema = z.object({
email: z.string().email(),
@@ -54,6 +58,8 @@ interface Props {
}
export default function Home({ IS_CLOUD }: Props) {
const router = useRouter();
const { data: showSignInWithSSO } = api.sso.showSignInWithSSO.useQuery();
const { data: whitelabel } = api.settings.getWhitelabelSettings.useQuery();
const [isLoginLoading, setIsLoginLoading] = useState(false);
const [isTwoFactorLoading, setIsTwoFactorLoading] = useState(false);
const [isBackupCodeLoading, setIsBackupCodeLoading] = useState(false);
@@ -62,8 +68,6 @@ export default function Home({ IS_CLOUD }: Props) {
const [twoFactorCode, setTwoFactorCode] = useState("");
const [isBackupCodeModalOpen, setIsBackupCodeModalOpen] = useState(false);
const [backupCode, setBackupCode] = useState("");
const [isGithubLoading, setIsGithubLoading] = useState(false);
const [isGoogleLoading, setIsGoogleLoading] = useState(false);
const loginForm = useForm<LoginForm>({
resolver: zodResolver(LoginSchema),
defaultValues: {
@@ -161,56 +165,75 @@ export default function Home({ IS_CLOUD }: Props) {
}
};
const handleGithubSignIn = async () => {
setIsGithubLoading(true);
try {
const { error } = await authClient.signIn.social({
provider: "github",
});
const loginContent = (
<>
{IS_CLOUD && <SignInWithGithub />}
{IS_CLOUD && <SignInWithGoogle />}
<Form {...loginForm}>
<form
onSubmit={loginForm.handleSubmit(onSubmit)}
className="space-y-4"
id="login-form"
>
<FormField
control={loginForm.control}
name="email"
render={({ field }) => (
<FormItem>
<FormLabel>Email</FormLabel>
<FormControl>
<Input placeholder="john@example.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={loginForm.control}
name="password"
render={({ field }) => (
<FormItem>
<FormLabel>Password</FormLabel>
<FormControl>
<Input
type="password"
placeholder="Enter your password"
{...field}
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<Button className="w-full" type="submit" isLoading={isLoginLoading}>
Login
</Button>
</form>
</Form>
</>
);
if (error) {
toast.error(error.message);
return;
}
} catch (error) {
toast.error("An error occurred while signing in with GitHub", {
description: error instanceof Error ? error.message : "Unknown error",
});
} finally {
setIsGithubLoading(false);
}
};
const loginLogoUrl =
whitelabel?.whitelabelLoginLogoUrl ?? whitelabel?.whitelabelLogoUrl;
const loginTitle = whitelabel?.whitelabelLoginTitle ?? "Sign in";
const loginSubtitle =
whitelabel?.whitelabelLoginSubtitle ??
"Enter your email and password to sign in";
const handleGoogleSignIn = async () => {
setIsGoogleLoading(true);
try {
const { error } = await authClient.signIn.social({
provider: "google",
});
if (error) {
toast.error(error.message);
return;
}
} catch (error) {
toast.error("An error occurred while signing in with Google", {
description: error instanceof Error ? error.message : "Unknown error",
});
} finally {
setIsGoogleLoading(false);
}
};
return (
<>
<div className="flex flex-col space-y-2 text-center">
<h1 className="text-2xl font-semibold tracking-tight">
<div className="flex flex-row items-center justify-center gap-2">
<Logo className="size-12" />
Sign in
<Logo
className="size-12"
logoUrl={loginLogoUrl ?? undefined}
/>
{loginTitle}
</div>
</h1>
<p className="text-sm text-muted-foreground">
Enter your email and password to sign in
{loginSubtitle}
</p>
</div>
{error && (
@@ -221,97 +244,11 @@ export default function Home({ IS_CLOUD }: Props) {
<CardContent className="p-0">
{!isTwoFactor ? (
<>
{IS_CLOUD && (
<Button
variant="outline"
type="button"
className="w-full mb-4"
onClick={handleGithubSignIn}
isLoading={isGithubLoading}
>
<svg viewBox="0 0 438.549 438.549" className="mr-2 size-4">
<path
fill="currentColor"
d="M409.132 114.573c-19.608-33.596-46.205-60.194-79.798-79.8-33.598-19.607-70.277-29.408-110.063-29.408-39.781 0-76.472 9.804-110.063 29.408-33.596 19.605-60.192 46.204-79.8 79.8C9.803 148.168 0 184.854 0 224.63c0 47.78 13.94 90.745 41.827 128.906 27.884 38.164 63.906 64.572 108.063 79.227 5.14.954 8.945.283 11.419-1.996 2.475-2.282 3.711-5.14 3.711-8.562 0-.571-.049-5.708-.144-15.417a2549.81 2549.81 0 01-.144-25.406l-6.567 1.136c-4.187.767-9.469 1.092-15.846 1-6.374-.089-12.991-.757-19.842-1.999-6.854-1.231-13.229-4.086-19.13-8.559-5.898-4.473-10.085-10.328-12.56-17.556l-2.855-6.57c-1.903-4.374-4.899-9.233-8.992-14.559-4.093-5.331-8.232-8.945-12.419-10.848l-1.999-1.431c-1.332-.951-2.568-2.098-3.711-3.429-1.142-1.331-1.997-2.663-2.568-3.997-.572-1.335-.098-2.43 1.427-3.289 1.525-.859 4.281-1.276 8.28-1.276l5.708.853c3.807.763 8.516 3.042 14.133 6.851 5.614 3.806 10.229 8.754 13.846 14.842 4.38 7.806 9.657 13.754 15.846 17.847 6.184 4.093 12.419 6.136 18.699 6.136 6.28 0 11.704-.476 16.274-1.423 4.565-.952 8.848-2.383 12.847-4.285 1.713-12.758 6.377-22.559 13.988-29.41-10.848-1.14-20.601-2.857-29.264-5.14-8.658-2.286-17.605-5.996-26.835-11.14-9.235-5.137-16.896-11.516-22.985-19.126-6.09-7.614-11.088-17.61-14.987-29.979-3.901-12.374-5.852-26.648-5.852-42.826 0-23.035 7.52-42.637 22.557-58.817-7.044-17.318-6.379-36.732 1.997-58.24 5.52-1.715 13.706-.428 24.554 3.853 10.85 4.283 18.794 7.952 23.84 10.994 5.046 3.041 9.089 5.618 12.135 7.708 17.705-4.947 35.976-7.421 54.818-7.421s37.117 2.474 54.823 7.421l10.849-6.849c7.419-4.57 16.18-8.758 26.262-12.565 10.088-3.805 17.802-4.853 23.134-3.138 8.562 21.509 9.325 40.922 2.279 58.24 15.036 16.18 22.559 35.787 22.559 58.817 0 16.178-1.958 30.497-5.853 42.966-3.9 12.471-8.941 22.457-15.125 29.979-6.191 7.521-13.901 13.85-23.131 18.986-9.232 5.14-18.182 8.85-26.84 11.136-8.662 2.286-18.415 4.004-29.263 5.146 9.894 8.562 14.842 22.077 14.842 40.539v60.237c0 3.422 1.19 6.279 3.572 8.562 2.379 2.279 6.136 2.95 11.276 1.995 44.163-14.653 80.185-41.062 108.068-79.226 27.88-38.161 41.825-81.126 41.825-128.906-.01-39.771-9.818-76.454-29.414-110.049z"
/>
</svg>
Sign in with GitHub
</Button>
{showSignInWithSSO ? (
<SignInWithSSO>{loginContent}</SignInWithSSO>
) : (
loginContent
)}
{IS_CLOUD && (
<Button
variant="outline"
type="button"
className="w-full mb-4"
onClick={handleGoogleSignIn}
isLoading={isGoogleLoading}
>
<svg viewBox="0 0 24 24" className="mr-2 size-4">
<path
fill="currentColor"
d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z"
/>
<path
fill="currentColor"
d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z"
/>
<path
fill="currentColor"
d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z"
/>
<path
fill="currentColor"
d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z"
/>
</svg>
Sign in with Google
</Button>
)}
<Form {...loginForm}>
<form
onSubmit={loginForm.handleSubmit(onSubmit)}
className="space-y-4"
id="login-form"
>
<FormField
control={loginForm.control}
name="email"
render={({ field }) => (
<FormItem>
<FormLabel>Email</FormLabel>
<FormControl>
<Input placeholder="john@example.com" {...field} />
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<FormField
control={loginForm.control}
name="password"
render={({ field }) => (
<FormItem>
<FormLabel>Password</FormLabel>
<FormControl>
<Input
type="password"
placeholder="Enter your password"
{...field}
/>
</FormControl>
<FormMessage />
</FormItem>
)}
/>
<Button
className="w-full"
type="submit"
isLoading={isLoginLoading}
>
Login
</Button>
</form>
</Form>
</>
) : (
<>

13
apps/dokploy/pages/register.tsx
View File

@@ -9,6 +9,8 @@ import { useForm } from "react-hook-form";
import { toast } from "sonner";
import { z } from "zod";
import { OnboardingLayout } from "@/components/layouts/onboarding-layout";
import { SignInWithGithub } from "@/components/proprietary/auth/sign-in-with-github";
import { SignInWithGoogle } from "@/components/proprietary/auth/sign-in-with-google";
import { AlertBlock } from "@/components/shared/alert-block";
import { Logo } from "@/components/shared/logo";
import { Button } from "@/components/ui/button";
@@ -152,6 +154,17 @@ const Register = ({ isCloud }: Props) => {
</AlertBlock>
)}
<CardContent className="p-0">
{isCloud && (
<div className="flex flex-col">
<SignInWithGithub />
<SignInWithGoogle />
</div>
)}
{isCloud && (
<p className="mb-4 text-center text-xs text-muted-foreground">
Or register with email
</p>
)}
<Form {...form}>
<form
onSubmit={form.handleSubmit(onSubmit)}

4
apps/dokploy/server/api/root.ts
View File

@@ -22,6 +22,8 @@ import { mountRouter } from "./routers/mount";
import { mysqlRouter } from "./routers/mysql";
import { notificationRouter } from "./routers/notification";
import { organizationRouter } from "./routers/organization";
import { licenseKeyRouter } from "./routers/proprietary/license-key";
import { ssoRouter } from "./routers/proprietary/sso";
import { portRouter } from "./routers/port";
import { postgresRouter } from "./routers/postgres";
import { previewDeploymentRouter } from "./routers/preview-deployment";
@@ -82,6 +84,8 @@ export const appRouter = createTRPCRouter({
swarm: swarmRouter,
ai: aiRouter,
organization: organizationRouter,
licenseKey: licenseKeyRouter,
sso: ssoRouter,
schedule: scheduleRouter,
rollback: rollbackRouter,
volumeBackups: volumeBackupsRouter,

1
apps/dokploy/server/api/routers/application.ts
View File

@@ -469,6 +469,7 @@ export const applicationRouter = createTRPCRouter({
}
await updateApplication(input.applicationId, {
bitbucketRepository: input.bitbucketRepository,
bitbucketRepositorySlug: input.bitbucketRepositorySlug,
bitbucketOwner: input.bitbucketOwner,
bitbucketBranch: input.bitbucketBranch,
bitbucketBuildPath: input.bitbucketBuildPath,

63
apps/dokploy/server/api/routers/notification.ts
View File

@@ -5,6 +5,7 @@ import {
createGotifyNotification,
createLarkNotification,
createNtfyNotification,
createPushoverNotification,
createSlackNotification,
createTelegramNotification,
findNotificationById,
@@ -17,6 +18,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendServerThresholdNotifications,
sendSlackNotification,
sendTelegramNotification,
@@ -26,6 +28,7 @@ import {
updateGotifyNotification,
updateLarkNotification,
updateNtfyNotification,
updatePushoverNotification,
updateSlackNotification,
updateTelegramNotification,
} from "@dokploy/server";
@@ -46,6 +49,7 @@ import {
apiCreateGotify,
apiCreateLark,
apiCreateNtfy,
apiCreatePushover,
apiCreateSlack,
apiCreateTelegram,
apiFindOneNotification,
@@ -55,6 +59,7 @@ import {
apiTestGotifyConnection,
apiTestLarkConnection,
apiTestNtfyConnection,
apiTestPushoverConnection,
apiTestSlackConnection,
apiTestTelegramConnection,
apiUpdateCustom,
@@ -63,6 +68,7 @@ import {
apiUpdateGotify,
apiUpdateLark,
apiUpdateNtfy,
apiUpdatePushover,
apiUpdateSlack,
apiUpdateTelegram,
notifications,
@@ -342,6 +348,7 @@ export const notificationRouter = createTRPCRouter({
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
orderBy: desc(notifications.createdAt),
where: eq(notifications.organizationId, ctx.session.activeOrganizationId),
@@ -634,6 +641,62 @@ export const notificationRouter = createTRPCRouter({
});
}
}),
createPushover: adminProcedure
.input(apiCreatePushover)
.mutation(async ({ input, ctx }) => {
try {
return await createPushoverNotification(
input,
ctx.session.activeOrganizationId,
);
} catch (error) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Error creating the notification",
cause: error,
});
}
}),
updatePushover: adminProcedure
.input(apiUpdatePushover)
.mutation(async ({ input, ctx }) => {
try {
const notification = await findNotificationById(input.notificationId);
if (
IS_CLOUD &&
notification.organizationId !== ctx.session.activeOrganizationId
) {
throw new TRPCError({
code: "UNAUTHORIZED",
message: "You are not authorized to update this notification",
});
}
return await updatePushoverNotification({
...input,
organizationId: ctx.session.activeOrganizationId,
});
} catch (error) {
throw error;
}
}),
testPushoverConnection: adminProcedure
.input(apiTestPushoverConnection)
.mutation(async ({ input }) => {
try {
await sendPushoverNotification(
input,
"Test Notification",
"Hi, From Dokploy 👋",
);
return true;
} catch (error) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Error testing the notification",
cause: error,
});
}
}),
getEmailProviders: adminProcedure.query(async ({ ctx }) => {
return await db.query.notifications.findMany({
where: eq(notifications.organizationId, ctx.session.activeOrganizationId),

206
apps/dokploy/server/api/routers/proprietary/license-key.ts Normal file
View File

@@ -0,0 +1,206 @@
import { user } from "@dokploy/server/db/schema";
import { validateLicenseKey } from "@dokploy/server/index";
import { TRPCError } from "@trpc/server";
import { eq } from "drizzle-orm";
import { z } from "zod";
import { adminProcedure, createTRPCRouter } from "@/server/api/trpc";
import { db } from "@/server/db";
import {
activateLicenseKey,
deactivateLicenseKey,
} from "@/server/utils/enterprise";
export const licenseKeyRouter = createTRPCRouter({
activate: adminProcedure
.input(z.object({ licenseKey: z.string() }))
.mutation(async ({ input, ctx }) => {
try {
const currentUserId = ctx.user.id;
const currentUser = await db.query.user.findFirst({
where: eq(user.id, currentUserId),
});
if (!currentUser) {
throw new TRPCError({
code: "NOT_FOUND",
message: "User not found",
});
}
if (!currentUser.enableEnterpriseFeatures) {
throw new TRPCError({
code: "BAD_REQUEST",
message:
"Please activate enterprise features to activate license key",
});
}
await activateLicenseKey(input.licenseKey);
await db
.update(user)
.set({
licenseKey: input.licenseKey,
isValidEnterpriseLicense: true,
})
.where(eq(user.id, currentUserId));
return { success: true };
} catch (error) {
throw new TRPCError({
code: "INTERNAL_SERVER_ERROR",
message:
error instanceof Error
? error.message
: "Failed to activate license key",
cause: error,
});
}
}),
validate: adminProcedure.mutation(async ({ ctx }) => {
try {
const currentUserId = ctx.user.id;
const currentUser = await db.query.user.findFirst({
where: eq(user.id, currentUserId),
});
if (!currentUser) {
throw new TRPCError({
code: "NOT_FOUND",
message: "User not found",
});
}
if (!currentUser.licenseKey) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "No license key found",
});
}
if (!currentUser.enableEnterpriseFeatures) {
throw new TRPCError({
code: "BAD_REQUEST",
message:
"Please activate enterprise features to validate license key",
});
}
const valid = await validateLicenseKey(currentUser.licenseKey);
if (valid) {
await db
.update(user)
.set({ isValidEnterpriseLicense: true })
.where(eq(user.id, currentUserId));
}
return valid;
} catch (error) {
throw new TRPCError({
code: "INTERNAL_SERVER_ERROR",
message:
error instanceof Error
? error.message
: "Failed to validate license key",
});
}
}),
deactivate: adminProcedure.mutation(async ({ ctx }) => {
try {
const currentUserId = ctx.user.id;
const currentUser = await db.query.user.findFirst({
where: eq(user.id, currentUserId),
});
if (!currentUser) {
throw new TRPCError({
code: "NOT_FOUND",
message: "User not found",
});
}
if (!currentUser.licenseKey) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "No license key found",
});
}
await deactivateLicenseKey(currentUser.licenseKey);
await db
.update(user)
.set({
licenseKey: null,
isValidEnterpriseLicense: false,
})
.where(eq(user.id, currentUserId));
return { success: true };
} catch (error) {
throw new TRPCError({
code: "INTERNAL_SERVER_ERROR",
message:
error instanceof Error
? error.message
: "Failed to deactivate license key",
});
}
}),
getEnterpriseSettings: adminProcedure.query(async ({ ctx }) => {
const currentUserId = ctx.user.id;
const currentUser = await db.query.user.findFirst({
where: eq(user.id, currentUserId),
});
if (!currentUser) {
throw new TRPCError({
code: "NOT_FOUND",
message: "User not found",
});
}
return {
enableEnterpriseFeatures: !!currentUser.enableEnterpriseFeatures,
licenseKey: currentUser.licenseKey ?? "",
};
}),
haveValidLicenseKey: adminProcedure.query(async ({ ctx }) => {
const currentUserId = ctx.user.id;
const currentUser = await db.query.user.findFirst({
where: eq(user.id, currentUserId),
columns: {
enableEnterpriseFeatures: true,
isValidEnterpriseLicense: true,
},
});
return !!(
currentUser?.enableEnterpriseFeatures &&
currentUser?.isValidEnterpriseLicense
);
}),
updateEnterpriseSettings: adminProcedure
.input(
z.object({
enableEnterpriseFeatures: z.boolean().optional(),
}),
)
.mutation(async ({ ctx, input }) => {
try {
const currentUserId = ctx.user.id;
if (input.enableEnterpriseFeatures === undefined) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "enableEnterpriseFeatures must be provided",
});
}
await db
.update(user)
.set({
enableEnterpriseFeatures: input.enableEnterpriseFeatures,
})
.where(eq(user.id, currentUserId));
return true;
} catch (error) {
throw new TRPCError({
code: "INTERNAL_SERVER_ERROR",
message:
error instanceof Error
? error.message
: "Failed to update enterprise settings",
});
}
}),
});

113
apps/dokploy/server/api/routers/proprietary/sso.ts Normal file
View File

@@ -0,0 +1,113 @@
import { IS_CLOUD } from "@dokploy/server/constants";
import { member, ssoProvider } from "@dokploy/server/db/schema";
import { ssoProviderBodySchema } from "@dokploy/server/db/schema/sso";
import { auth } from "@dokploy/server/lib/auth";
import { TRPCError } from "@trpc/server";
import { and, asc, eq } from "drizzle-orm";
import { z } from "zod";
import {
createTRPCRouter,
enterpriseProcedure,
publicProcedure,
} from "@/server/api/trpc";
import { db } from "@/server/db";
function requestToHeaders(req: {
headers?: Record<string, string | string[] | undefined>;
}): Headers {
const headers = new Headers();
if (req?.headers) {
for (const [key, value] of Object.entries(req.headers)) {
if (value !== undefined && key.toLowerCase() !== "host") {
headers.set(key, Array.isArray(value) ? value.join(", ") : value);
}
}
}
return headers;
}
export const ssoRouter = createTRPCRouter({
showSignInWithSSO: publicProcedure.query(async () => {
if (IS_CLOUD) {
return true;
}
const owner = await db.query.member.findFirst({
where: eq(member.role, "owner"),
with: {
user: {
columns: {
enableEnterpriseFeatures: true,
isValidEnterpriseLicense: true,
},
},
},
orderBy: [asc(member.createdAt)],
});
if (!owner) {
return false;
}
return (
owner.user.enableEnterpriseFeatures && owner.user.isValidEnterpriseLicense
);
}),
listProviders: enterpriseProcedure.query(async ({ ctx }) => {
const providers = await db.query.ssoProvider.findMany({
where: and(
eq(ssoProvider.organizationId, ctx.session.activeOrganizationId),
eq(ssoProvider.userId, ctx.session.userId),
),
columns: {
id: true,
providerId: true,
issuer: true,
domain: true,
oidcConfig: true,
samlConfig: true,
organizationId: true,
},
});
return providers;
}),
deleteProvider: enterpriseProcedure
.input(z.object({ providerId: z.string().min(1) }))
.mutation(async ({ ctx, input }) => {
const [deleted] = await db
.delete(ssoProvider)
.where(
and(
eq(ssoProvider.providerId, input.providerId),
eq(ssoProvider.organizationId, ctx.session.activeOrganizationId),
eq(ssoProvider.userId, ctx.session.userId),
),
)
.returning({ id: ssoProvider.id });
if (!deleted) {
throw new TRPCError({
code: "NOT_FOUND",
message:
"SSO provider not found or you do not have permission to delete it",
});
}
return { success: true };
}),
register: enterpriseProcedure
.input(ssoProviderBodySchema)
.mutation(async ({ ctx, input }) => {
const organizationId = ctx.session.activeOrganizationId;
const result = await auth.registerSSOProvider({
body: {
...input,
organizationId,
},
headers: requestToHeaders(ctx.req),
});
console.log(result);
return { success: true };
}),
});

53
apps/dokploy/server/api/routers/settings.ts
View File

@@ -63,6 +63,7 @@ import {
apiServerSchema,
apiTraefikConfig,
apiUpdateDockerCleanup,
apiUpdateWhitelabel,
projects,
server,
} from "@/server/db/schema";
@@ -72,6 +73,7 @@ import { appRouter } from "../root";
import {
adminProcedure,
createTRPCRouter,
enterpriseProcedure,
protectedProcedure,
publicProcedure,
} from "../trpc";
@@ -84,6 +86,57 @@ export const settingsRouter = createTRPCRouter({
const settings = await getWebServerSettings();
return settings;
}),
getWhitelabelSettings: publicProcedure.query(async () => {
if (IS_CLOUD) {
return null;
}
const settings = await getWebServerSettings();
if (!settings) return null;
return {
whitelabelAppName: settings.whitelabelAppName ?? "Dokploy",
whitelabelLogoUrl: settings.whitelabelLogoUrl ?? null,
whitelabelLoginLogoUrl: settings.whitelabelLoginLogoUrl ?? null,
whitelabelFaviconUrl: settings.whitelabelFaviconUrl ?? null,
whitelabelLoginTitle: settings.whitelabelLoginTitle ?? null,
whitelabelLoginSubtitle: settings.whitelabelLoginSubtitle ?? null,
whitelabelLoginBackgroundImageUrl:
settings.whitelabelLoginBackgroundImageUrl ?? null,
};
}),
updateWhitelabelSettings: enterpriseProcedure
.input(apiUpdateWhitelabel)
.mutation(async ({ input }) => {
if (IS_CLOUD) {
return null;
}
const updates: Record<string, unknown> = {};
if (input.whitelabelAppName !== undefined)
updates.whitelabelAppName = input.whitelabelAppName;
if (input.whitelabelLogoUrl !== undefined)
updates.whitelabelLogoUrl =
input.whitelabelLogoUrl === "" ? null : input.whitelabelLogoUrl;
if (input.whitelabelLoginLogoUrl !== undefined)
updates.whitelabelLoginLogoUrl =
input.whitelabelLoginLogoUrl === ""
? null
: input.whitelabelLoginLogoUrl;
if (input.whitelabelFaviconUrl !== undefined)
updates.whitelabelFaviconUrl =
input.whitelabelFaviconUrl === ""
? null
: input.whitelabelFaviconUrl;
if (input.whitelabelLoginTitle !== undefined)
updates.whitelabelLoginTitle = input.whitelabelLoginTitle;
if (input.whitelabelLoginSubtitle !== undefined)
updates.whitelabelLoginSubtitle = input.whitelabelLoginSubtitle;
if (input.whitelabelLoginBackgroundImageUrl !== undefined)
updates.whitelabelLoginBackgroundImageUrl =
input.whitelabelLoginBackgroundImageUrl === ""
? null
: input.whitelabelLoginBackgroundImageUrl;
const updated = await updateWebServerSettings(updates as any);
return updated;
}),
reloadServer: adminProcedure.mutation(async () => {
if (IS_CLOUD) {
return true;

42
apps/dokploy/server/api/trpc.ts
View File

@@ -7,8 +7,10 @@
* need to use are documented accordingly near the end.
*/
import { user as userSchema } from "@dokploy/server/db/schema";
import { validateRequest } from "@dokploy/server/lib/auth";
import type { OpenApiMeta } from "@dokploy/trpc-openapi";
import { eq } from "drizzle-orm";
import { initTRPC, TRPCError } from "@trpc/server";
import type { CreateNextContextOptions } from "@trpc/server/adapters/next";
import {
@@ -217,3 +219,43 @@ export const adminProcedure = t.procedure.use(({ ctx, next }) => {
},
});
});
/**
* Requires admin/owner role AND enterprise enabled with a license key in DB.
* Does NOT call the license server on every request; full validation (haveValidLicenseKey)
* is used in the UI gate and when activating/validating keys.
*/
export const enterpriseProcedure = t.procedure.use(async ({ ctx, next }) => {
if (
!ctx.session ||
!ctx.user ||
(ctx.user.role !== "owner" && ctx.user.role !== "admin")
) {
throw new TRPCError({ code: "UNAUTHORIZED" });
}
const currentUser = await ctx.db.query.user.findFirst({
where: eq(userSchema.id, ctx.user.id),
columns: {
enableEnterpriseFeatures: true,
isValidEnterpriseLicense: true,
},
});
if (
!currentUser?.enableEnterpriseFeatures ||
!currentUser.isValidEnterpriseLicense
) {
throw new TRPCError({
code: "FORBIDDEN",
message: "Valid enterprise license required",
});
}
return next({
ctx: {
session: ctx.session,
user: ctx.user,
},
});
});

7
apps/dokploy/server/server.ts
View File

@@ -6,6 +6,7 @@ import {
IS_CLOUD,
initCancelDeployments,
initCronJobs,
initEnterpriseBackupCronJobs,
initializeNetwork,
initSchedules,
initVolumeBackupsCronJobs,
@@ -15,6 +16,7 @@ import {
import { config } from "dotenv";
import next from "next";
import { migration } from "@/server/db/migration";
import packageInfo from "../package.json";
import { setupDockerContainerLogsWebSocketServer } from "./wss/docker-container-logs";
import { setupDockerContainerTerminalWebSocketServer } from "./wss/docker-container-terminal";
import { setupDockerStatsMonitoringSocketServer } from "./wss/docker-stats";
@@ -33,13 +35,14 @@ if (process.env.NODE_ENV === "production" && !IS_CLOUD) {
setupDirectories();
createDefaultTraefikConfig();
createDefaultServerTraefikConfig();
console.log("✅ Critical initialization complete");
console.log("✅ initialization complete");
}
const app = next({ dev, turbopack: process.env.TURBOPACK === "1" });
const handle = app.getRequestHandler();
void app.prepare().then(async () => {
try {
console.log("Running DokployVersion: ", packageInfo.version);
const server = http.createServer((req, res) => {
handle(req, res);
});
@@ -71,6 +74,8 @@ void app.prepare().then(async () => {
server.listen(PORT, HOST);
console.log(`Server Started on: http://${HOST}:${PORT}`);
await initEnterpriseBackupCronJobs();
if (!IS_CLOUD) {
console.log("Starting Deployment Worker");
const { deploymentWorker } = await import("./queues/deployments-queue");

83
apps/dokploy/server/utils/enterprise.ts Normal file
View File

@@ -0,0 +1,83 @@
import { getPublicIpWithFallback } from "@dokploy/server/index";
const LICENSE_KEY_URL = process.env.LICENSE_KEY_URL || "http://localhost:4002";
export const validateLicenseKey = async (licenseKey: string) => {
try {
const ip = await getPublicIpWithFallback();
const result = await fetch(`${LICENSE_KEY_URL}/licenses/validate`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ licenseKey, ip }),
});
if (!result.ok) {
const errorData = await result.json().catch(() => ({}));
throw new Error(errorData.message || "Failed to validate license key");
}
const data = await result.json();
return data.valid;
} catch (error) {
console.error(
error instanceof Error ? error.message : "Failed to validate license key",
);
throw error;
}
};
export const activateLicenseKey = async (licenseKey: string) => {
try {
const ip = await getPublicIpWithFallback();
const result = await fetch(`${LICENSE_KEY_URL}/licenses/activate`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ licenseKey, ip }),
});
if (!result.ok) {
const errorData = await result.json().catch(() => ({}));
throw new Error(errorData.message || "Failed to activate license key");
}
const data = await result.json();
return data;
} catch (error) {
console.error(
error instanceof Error ? error.message : "Failed to activate license key",
);
throw error;
}
};
export const deactivateLicenseKey = async (licenseKey: string) => {
try {
const ip = await getPublicIpWithFallback();
const result = await fetch(`${LICENSE_KEY_URL}/licenses/deactivate`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ licenseKey, ip }),
});
if (!result.ok) {
const errorData = await result.json().catch(() => ({}));
throw new Error(errorData.message || "Failed to deactivate license key");
}
const data = await result.json();
return data;
} catch (error) {
console.error(
error instanceof Error
? error.message
: "Failed to deactivate license key",
);
throw error;
}
};

2
apps/dokploy/setup.ts
View File

@@ -22,7 +22,7 @@ import {
await initializeNetwork();
createDefaultTraefikConfig();
createDefaultServerTraefikConfig();
await execAsync("docker pull traefik:v3.6.1");
await execAsync("docker pull traefik:v3.6.7");
await initializeStandaloneTraefik();
await initializeRedis();
await initializePostgres();

1
biome.json
View File

@@ -1,6 +1,7 @@
{
"$schema": "./node_modules/@biomejs/biome/configuration_schema.json",
"files": {
"ignoreUnknown": true,
"includes": [
"**",
"!**/.docker",

274
packages/server/auth-schema2.ts Normal file
View File

@@ -0,0 +1,274 @@
// import { relations } from "drizzle-orm";
// import {
// pgTable,
// text,
// timestamp,
// boolean,
// integer,
// index,
// uniqueIndex,
// } from "drizzle-orm/pg-core";
// export const user = pgTable("user", {
// id: text("id").primaryKey(),
// firstName: text("first_name").notNull(),
// email: text("email").notNull().unique(),
// emailVerified: boolean("email_verified").default(false).notNull(),
// image: text("image"),
// createdAt: timestamp("created_at").defaultNow().notNull(),
// updatedAt: timestamp("updated_at")
// .defaultNow()
// .$onUpdate(() => /* @__PURE__ */ new Date())
// .notNull(),
// twoFactorEnabled: boolean("two_factor_enabled").default(false),
// role: text("role"),
// ownerId: text("owner_id"),
// allowImpersonation: boolean("allow_impersonation").default(false),
// lastName: text("last_name").default(""),
// });
// export const session = pgTable(
// "session",
// {
// id: text("id").primaryKey(),
// expiresAt: timestamp("expires_at").notNull(),
// token: text("token").notNull().unique(),
// createdAt: timestamp("created_at").defaultNow().notNull(),
// updatedAt: timestamp("updated_at")
// .$onUpdate(() => /* @__PURE__ */ new Date())
// .notNull(),
// ipAddress: text("ip_address"),
// userAgent: text("user_agent"),
// userId: text("user_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// activeOrganizationId: text("active_organization_id"),
// },
// (table) => [index("session_userId_idx").on(table.userId)],
// );
// export const account = pgTable(
// "account",
// {
// id: text("id").primaryKey(),
// accountId: text("account_id").notNull(),
// providerId: text("provider_id").notNull(),
// userId: text("user_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// accessToken: text("access_token"),
// refreshToken: text("refresh_token"),
// idToken: text("id_token"),
// accessTokenExpiresAt: timestamp("access_token_expires_at"),
// refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
// scope: text("scope"),
// password: text("password"),
// createdAt: timestamp("created_at").defaultNow().notNull(),
// updatedAt: timestamp("updated_at")
// .$onUpdate(() => /* @__PURE__ */ new Date())
// .notNull(),
// },
// (table) => [index("account_userId_idx").on(table.userId)],
// );
// export const verification = pgTable(
// "verification",
// {
// id: text("id").primaryKey(),
// identifier: text("identifier").notNull(),
// value: text("value").notNull(),
// expiresAt: timestamp("expires_at").notNull(),
// createdAt: timestamp("created_at").defaultNow().notNull(),
// updatedAt: timestamp("updated_at")
// .defaultNow()
// .$onUpdate(() => /* @__PURE__ */ new Date())
// .notNull(),
// },
// (table) => [index("verification_identifier_idx").on(table.identifier)],
// );
// export const apikey = pgTable(
// "apikey",
// {
// id: text("id").primaryKey(),
// name: text("name"),
// start: text("start"),
// prefix: text("prefix"),
// key: text("key").notNull(),
// userId: text("user_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// refillInterval: integer("refill_interval"),
// refillAmount: integer("refill_amount"),
// lastRefillAt: timestamp("last_refill_at"),
// enabled: boolean("enabled").default(true),
// rateLimitEnabled: boolean("rate_limit_enabled").default(true),
// rateLimitTimeWindow: integer("rate_limit_time_window").default(86400000),
// rateLimitMax: integer("rate_limit_max").default(10),
// requestCount: integer("request_count").default(0),
// remaining: integer("remaining"),
// lastRequest: timestamp("last_request"),
// expiresAt: timestamp("expires_at"),
// createdAt: timestamp("created_at").notNull(),
// updatedAt: timestamp("updated_at").notNull(),
// permissions: text("permissions"),
// metadata: text("metadata"),
// },
// (table) => [
// index("apikey_key_idx").on(table.key),
// index("apikey_userId_idx").on(table.userId),
// ],
// );
// export const ssoProvider = pgTable("sso_provider", {
// id: text("id").primaryKey(),
// issuer: text("issuer").notNull(),
// oidcConfig: text("oidc_config"),
// samlConfig: text("saml_config"),
// userId: text("user_id").references(() => user.id, { onDelete: "cascade" }),
// providerId: text("provider_id").notNull().unique(),
// organizationId: text("organization_id"),
// domain: text("domain").notNull(),
// });
// export const twoFactor = pgTable(
// "two_factor",
// {
// id: text("id").primaryKey(),
// secret: text("secret").notNull(),
// backupCodes: text("backup_codes").notNull(),
// userId: text("user_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// },
// (table) => [
// index("twoFactor_secret_idx").on(table.secret),
// index("twoFactor_userId_idx").on(table.userId),
// ],
// );
// export const organization = pgTable(
// "organization",
// {
// id: text("id").primaryKey(),
// name: text("name").notNull(),
// slug: text("slug").notNull().unique(),
// logo: text("logo"),
// createdAt: timestamp("created_at").notNull(),
// metadata: text("metadata"),
// },
// (table) => [uniqueIndex("organization_slug_uidx").on(table.slug)],
// );
// export const member = pgTable(
// "member",
// {
// id: text("id").primaryKey(),
// organizationId: text("organization_id")
// .notNull()
// .references(() => organization.id, { onDelete: "cascade" }),
// userId: text("user_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// role: text("role").default("member").notNull(),
// createdAt: timestamp("created_at").notNull(),
// },
// (table) => [
// index("member_organizationId_idx").on(table.organizationId),
// index("member_userId_idx").on(table.userId),
// ],
// );
// export const invitation = pgTable(
// "invitation",
// {
// id: text("id").primaryKey(),
// organizationId: text("organization_id")
// .notNull()
// .references(() => organization.id, { onDelete: "cascade" }),
// email: text("email").notNull(),
// role: text("role"),
// status: text("status").default("pending").notNull(),
// expiresAt: timestamp("expires_at").notNull(),
// createdAt: timestamp("created_at").defaultNow().notNull(),
// inviterId: text("inviter_id")
// .notNull()
// .references(() => user.id, { onDelete: "cascade" }),
// },
// (table) => [
// index("invitation_organizationId_idx").on(table.organizationId),
// index("invitation_email_idx").on(table.email),
// ],
// );
// export const userRelations = relations(user, ({ many }) => ({
// sessions: many(session),
// accounts: many(account),
// apikeys: many(apikey),
// ssoProviders: many(ssoProvider),
// twoFactors: many(twoFactor),
// members: many(member),
// invitations: many(invitation),
// }));
// export const sessionRelations = relations(session, ({ one }) => ({
// user: one(user, {
// fields: [session.userId],
// references: [user.id],
// }),
// }));
// export const accountRelations = relations(account, ({ one }) => ({
// user: one(user, {
// fields: [account.userId],
// references: [user.id],
// }),
// }));
// export const apikeyRelations = relations(apikey, ({ one }) => ({
// user: one(user, {
// fields: [apikey.userId],
// references: [user.id],
// }),
// }));
// export const ssoProviderRelations = relations(ssoProvider, ({ one }) => ({
// user: one(user, {
// fields: [ssoProvider.userId],
// references: [user.id],
// }),
// }));
// export const twoFactorRelations = relations(twoFactor, ({ one }) => ({
// user: one(user, {
// fields: [twoFactor.userId],
// references: [user.id],
// }),
// }));
// export const organizationRelations = relations(organization, ({ many }) => ({
// members: many(member),
// invitations: many(invitation),
// }));
// export const memberRelations = relations(member, ({ one }) => ({
// organization: one(organization, {
// fields: [member.organizationId],
// references: [organization.id],
// }),
// user: one(user, {
// fields: [member.userId],
// references: [user.id],
// }),
// }));
// export const invitationRelations = relations(invitation, ({ one }) => ({
// organization: one(organization, {
// fields: [invitation.organizationId],
// references: [organization.id],
// }),
// user: one(user, {
// fields: [invitation.inviterId],
// references: [user.id],
// }),
// }));

7
packages/server/package.json
View File

@@ -26,7 +26,8 @@
"dev": "rm -rf ./dist && pnpm esbuild && tsc --emitDeclarationOnly --outDir dist -p tsconfig.server.json",
"esbuild": "tsx ./esbuild.config.ts && tsc --project tsconfig.server.json --emitDeclarationOnly ",
"typecheck": "tsc --noEmit",
"dbml:generate": "npx tsx src/db/schema/dbml.ts"
"dbml:generate": "npx tsx src/db/schema/dbml.ts",
"generate:drizzle": "pnpm dlx @better-auth/cli generate --output auth-schema2.ts --config src/lib/auth.ts"
},
"dependencies": {
"@ai-sdk/anthropic": "^2.0.5",
@@ -43,12 +44,13 @@
"@oslojs/crypto": "1.0.1",
"@oslojs/encoding": "1.1.0",
"@react-email/components": "^0.0.21",
"@better-auth/sso":"1.4.18",
"@trpc/server": "^10.45.2",
"adm-zip": "^0.5.16",
"ai": "^5.0.17",
"ai-sdk-ollama": "^0.5.1",
"bcrypt": "5.1.1",
"better-auth": "v1.2.8-beta.7",
"better-auth": "1.4.18",
"bl": "6.0.11",
"boxen": "^7.1.1",
"date-fns": "3.6.0",
@@ -82,6 +84,7 @@
"semver": "7.7.3"
},
"devDependencies": {
"@better-auth/cli": "1.4.18",
"@types/semver": "7.7.1",
"@types/adm-zip": "^0.5.7",
"@types/bcrypt": "5.0.2",

3
packages/server/src/db/constants.ts
View File

@@ -34,6 +34,5 @@ if (DATABASE_URL) {
Please migrate to Docker Secrets using POSTGRES_PASSWORD_FILE.
Please execute this command in your server: curl -sSL https://dokploy.com/security/0.26.6.sh | bash
`);
dbUrl =
"postgres://dokploy:amukds4wi9001583845717ad2@dokploy-postgres:5432/dokploy";
dbUrl = "postgres://dokploy:amukds4wi9001583845717ad2@localhost:5432/dokploy";
}

2
packages/server/src/db/schema/account.ts
View File

@@ -9,6 +9,7 @@ import {
import { nanoid } from "nanoid";
import { projects } from "./project";
import { server } from "./server";
import { ssoProvider } from "./sso";
import { user } from "./user";
export const account = pgTable("account", {
@@ -78,6 +79,7 @@ export const organizationRelations = relations(
servers: many(server),
projects: many(projects),
members: many(member),
ssoProviders: many(ssoProvider),
}),
);

11
packages/server/src/db/schema/application.ts
View File

@@ -47,7 +47,7 @@ import {
UpdateConfigSwarmSchema,
} from "./shared";
import { sshKeys } from "./ssh-key";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const sourceType = pgEnum("sourceType", [
"docker",
"git",
@@ -136,6 +136,7 @@ export const applications = pgTable("application", {
giteaBuildPath: text("giteaBuildPath").default("/"),
// Bitbucket
bitbucketRepository: text("bitbucketRepository"),
bitbucketRepositorySlug: text("bitbucketRepositorySlug"),
bitbucketOwner: text("bitbucketOwner"),
bitbucketBranch: text("bitbucketBranch"),
bitbucketBuildPath: text("bitbucketBuildPath").default("/"),
@@ -286,7 +287,12 @@ export const applicationsRelations = relations(
);
const createSchema = createInsertSchema(applications, {
appName: z.string(),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
createdAt: z.string(),
applicationId: z.string(),
autoDeploy: z.boolean(),
@@ -451,6 +457,7 @@ export const apiSaveBitbucketProvider = createSchema
bitbucketBuildPath: true,
bitbucketOwner: true,
bitbucketRepository: true,
bitbucketRepositorySlug: true,
bitbucketId: true,
applicationId: true,
watchPaths: true,

9
packages/server/src/db/schema/compose.ts
View File

@@ -16,7 +16,7 @@ import { schedules } from "./schedule";
import { server } from "./server";
import { applicationStatus, triggerType } from "./shared";
import { sshKeys } from "./ssh-key";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const sourceTypeCompose = pgEnum("sourceTypeCompose", [
"git",
"github",
@@ -56,6 +56,7 @@ export const compose = pgTable("compose", {
gitlabPathNamespace: text("gitlabPathNamespace"),
// Bitbucket
bitbucketRepository: text("bitbucketRepository"),
bitbucketRepositorySlug: text("bitbucketRepositorySlug"),
bitbucketOwner: text("bitbucketOwner"),
bitbucketBranch: text("bitbucketBranch"),
// Gitea
@@ -146,6 +147,12 @@ export const composeRelations = relations(compose, ({ one, many }) => ({
const createSchema = createInsertSchema(compose, {
name: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
description: z.string(),
env: z.string().optional(),
composeFile: z.string().optional(),

1
packages/server/src/db/schema/index.ts
View File

@@ -32,6 +32,7 @@ export * from "./server";
export * from "./session";
export * from "./shared";
export * from "./ssh-key";
export * from "./sso";
export * from "./user";
export * from "./utils";
export * from "./volume-backups";

35
packages/server/src/db/schema/mariadb.ts
View File

@@ -26,7 +26,7 @@ import {
type UpdateConfigSwarm,
UpdateConfigSwarmSchema,
} from "./shared";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const mariadb = pgTable("mariadb", {
mariadbId: text("mariadbId")
@@ -96,7 +96,12 @@ export const mariadbRelations = relations(mariadb, ({ one, many }) => ({
const createSchema = createInsertSchema(mariadb, {
mariadbId: z.string(),
name: z.string().min(1),
appName: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
createdAt: z.string(),
databaseName: z.string().min(1),
databaseUser: z.string().min(1),
@@ -138,20 +143,18 @@ const createSchema = createInsertSchema(mariadb, {
endpointSpecSwarm: EndpointSpecSwarmSchema.nullable(),
});
export const apiCreateMariaDB = createSchema
.pick({
name: true,
appName: true,
dockerImage: true,
databaseRootPassword: true,
environmentId: true,
description: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
serverId: true,
})
.required();
export const apiCreateMariaDB = createSchema.pick({
name: true,
appName: true,
dockerImage: true,
databaseRootPassword: true,
environmentId: true,
description: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
serverId: true,
});
export const apiFindOneMariaDB = createSchema
.pick({

33
packages/server/src/db/schema/mongo.ts
View File

@@ -33,7 +33,7 @@ import {
type UpdateConfigSwarm,
UpdateConfigSwarmSchema,
} from "./shared";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const mongo = pgTable("mongo", {
mongoId: text("mongoId")
@@ -98,7 +98,12 @@ export const mongoRelations = relations(mongo, ({ one, many }) => ({
}));
const createSchema = createInsertSchema(mongo, {
appName: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
createdAt: z.string(),
mongoId: z.string(),
name: z.string().min(1),
@@ -135,19 +140,17 @@ const createSchema = createInsertSchema(mongo, {
endpointSpecSwarm: EndpointSpecSwarmSchema.nullable(),
});
export const apiCreateMongo = createSchema
.pick({
name: true,
appName: true,
dockerImage: true,
environmentId: true,
description: true,
databaseUser: true,
databasePassword: true,
serverId: true,
replicaSets: true,
})
.required();
export const apiCreateMongo = createSchema.pick({
name: true,
appName: true,
dockerImage: true,
environmentId: true,
description: true,
databaseUser: true,
databasePassword: true,
serverId: true,
replicaSets: true,
});
export const apiFindOneMongo = createSchema
.pick({

35
packages/server/src/db/schema/mysql.ts
View File

@@ -26,7 +26,7 @@ import {
type UpdateConfigSwarm,
UpdateConfigSwarmSchema,
} from "./shared";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const mysql = pgTable("mysql", {
mysqlId: text("mysqlId")
@@ -93,7 +93,12 @@ export const mysqlRelations = relations(mysql, ({ one, many }) => ({
const createSchema = createInsertSchema(mysql, {
mysqlId: z.string(),
appName: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
createdAt: z.string(),
name: z.string().min(1),
databaseName: z.string().min(1),
@@ -135,20 +140,18 @@ const createSchema = createInsertSchema(mysql, {
endpointSpecSwarm: EndpointSpecSwarmSchema.nullable(),
});
export const apiCreateMySql = createSchema
.pick({
name: true,
appName: true,
dockerImage: true,
environmentId: true,
description: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
databaseRootPassword: true,
serverId: true,
})
.required();
export const apiCreateMySql = createSchema.pick({
name: true,
appName: true,
dockerImage: true,
environmentId: true,
description: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
databaseRootPassword: true,
serverId: true,
});
export const apiFindOneMySql = createSchema
.pick({

83
packages/server/src/db/schema/notification.ts
View File

@@ -19,6 +19,7 @@ export const notificationType = pgEnum("notificationType", [
"email",
"gotify",
"ntfy",
"pushover",
"custom",
"lark",
]);
@@ -64,6 +65,9 @@ export const notifications = pgTable("notification", {
larkId: text("larkId").references(() => lark.larkId, {
onDelete: "cascade",
}),
pushoverId: text("pushoverId").references(() => pushover.pushoverId, {
onDelete: "cascade",
}),
organizationId: text("organizationId")
.notNull()
.references(() => organization.id, { onDelete: "cascade" }),
@@ -149,6 +153,18 @@ export const lark = pgTable("lark", {
webhookUrl: text("webhookUrl").notNull(),
});
export const pushover = pgTable("pushover", {
pushoverId: text("pushoverId")
.notNull()
.primaryKey()
.$defaultFn(() => nanoid()),
userKey: text("userKey").notNull(),
apiToken: text("apiToken").notNull(),
priority: integer("priority").notNull().default(0),
retry: integer("retry"),
expire: integer("expire"),
});
export const notificationsRelations = relations(notifications, ({ one }) => ({
slack: one(slack, {
fields: [notifications.slackId],
@@ -182,6 +198,10 @@ export const notificationsRelations = relations(notifications, ({ one }) => ({
fields: [notifications.larkId],
references: [lark.larkId],
}),
pushover: one(pushover, {
fields: [notifications.pushoverId],
references: [pushover.pushoverId],
}),
organization: one(organization, {
fields: [notifications.organizationId],
references: [organization.id],
@@ -439,6 +459,69 @@ export const apiTestLarkConnection = apiCreateLark.pick({
webhookUrl: true,
});
export const apiCreatePushover = notificationsSchema
.pick({
appBuildError: true,
databaseBackup: true,
volumeBackup: true,
dokployRestart: true,
name: true,
appDeploy: true,
dockerCleanup: true,
serverThreshold: true,
})
.extend({
userKey: z.string().min(1),
apiToken: z.string().min(1),
priority: z.number().min(-2).max(2).default(0),
retry: z.number().min(30).nullish(),
expire: z.number().min(1).max(10800).nullish(),
})
.refine(
(data) =>
data.priority !== 2 || (data.retry != null && data.expire != null),
{
message: "Retry and expire are required for emergency priority (2)",
path: ["retry"],
},
);
export const apiUpdatePushover = z.object({
notificationId: z.string().min(1),
pushoverId: z.string().min(1),
organizationId: z.string().optional(),
userKey: z.string().min(1).optional(),
apiToken: z.string().min(1).optional(),
priority: z.number().min(-2).max(2).optional(),
retry: z.number().min(30).nullish(),
expire: z.number().min(1).max(10800).nullish(),
appBuildError: z.boolean().optional(),
databaseBackup: z.boolean().optional(),
volumeBackup: z.boolean().optional(),
dokployRestart: z.boolean().optional(),
name: z.string().optional(),
appDeploy: z.boolean().optional(),
dockerCleanup: z.boolean().optional(),
serverThreshold: z.boolean().optional(),
});
export const apiTestPushoverConnection = z
.object({
userKey: z.string().min(1),
apiToken: z.string().min(1),
priority: z.number().min(-2).max(2),
retry: z.number().min(30).nullish(),
expire: z.number().min(1).max(10800).nullish(),
})
.refine(
(data) =>
data.priority !== 2 || (data.retry != null && data.expire != null),
{
message: "Retry and expire are required for emergency priority (2)",
path: ["retry"],
},
);
export const apiSendTest = notificationsSchema
.extend({
botToken: z.string(),

34
packages/server/src/db/schema/postgres.ts
View File

@@ -26,7 +26,7 @@ import {
type UpdateConfigSwarm,
UpdateConfigSwarmSchema,
} from "./shared";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const postgres = pgTable("postgres", {
postgresId: text("postgresId")
@@ -94,6 +94,12 @@ export const postgresRelations = relations(postgres, ({ one, many }) => ({
const createSchema = createInsertSchema(postgres, {
postgresId: z.string(),
name: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
databasePassword: z
.string()
.regex(/^[a-zA-Z0-9@#%^&*()_+\-=[\]{}|;:,.<>?~`]*$/, {
@@ -102,7 +108,7 @@ const createSchema = createInsertSchema(postgres, {
}),
databaseName: z.string().min(1),
databaseUser: z.string().min(1),
dockerImage: z.string().default("postgres:15"),
dockerImage: z.string().default("postgres:18"),
command: z.string().optional(),
args: z.array(z.string()).optional(),
env: z.string().optional(),
@@ -128,19 +134,17 @@ const createSchema = createInsertSchema(postgres, {
endpointSpecSwarm: EndpointSpecSwarmSchema.nullable(),
});
export const apiCreatePostgres = createSchema
.pick({
name: true,
appName: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
dockerImage: true,
environmentId: true,
description: true,
serverId: true,
})
.required();
export const apiCreatePostgres = createSchema.pick({
name: true,
appName: true,
databaseName: true,
databaseUser: true,
databasePassword: true,
dockerImage: true,
environmentId: true,
description: true,
serverId: true,
});
export const apiFindOnePostgres = createSchema
.pick({

29
packages/server/src/db/schema/redis.ts
View File

@@ -25,7 +25,7 @@ import {
type UpdateConfigSwarm,
UpdateConfigSwarmSchema,
} from "./shared";
import { generateAppName } from "./utils";
import { APP_NAME_MESSAGE, APP_NAME_REGEX, generateAppName } from "./utils";
export const redis = pgTable("redis", {
redisId: text("redisId")
@@ -88,7 +88,12 @@ export const redisRelations = relations(redis, ({ one, many }) => ({
const createSchema = createInsertSchema(redis, {
redisId: z.string(),
appName: z.string().min(1),
appName: z
.string()
.min(1)
.max(63)
.regex(APP_NAME_REGEX, APP_NAME_MESSAGE)
.optional(),
createdAt: z.string(),
name: z.string().min(1),
databasePassword: z.string(),
@@ -117,17 +122,15 @@ const createSchema = createInsertSchema(redis, {
endpointSpecSwarm: EndpointSpecSwarmSchema.nullable(),
});
export const apiCreateRedis = createSchema
.pick({
name: true,
appName: true,
databasePassword: true,
dockerImage: true,
environmentId: true,
description: true,
serverId: true,
})
.required();
export const apiCreateRedis = createSchema.pick({
name: true,
appName: true,
databasePassword: true,
dockerImage: true,
environmentId: true,
description: true,
serverId: true,
});
export const apiFindOneRedis = createSchema
.pick({

121
packages/server/src/db/schema/sso.ts Normal file
View File

@@ -0,0 +1,121 @@
import { relations } from "drizzle-orm";
import { pgTable, text } from "drizzle-orm/pg-core";
import { z } from "zod";
import { organization } from "./account";
import { user } from "./user";
export const ssoProvider = pgTable("sso_provider", {
id: text("id").primaryKey(),
issuer: text("issuer").notNull(),
oidcConfig: text("oidc_config"),
samlConfig: text("saml_config"),
providerId: text("provider_id").notNull().unique(),
userId: text("user_id").references(() => user.id, { onDelete: "cascade" }),
organizationId: text("organization_id").references(() => organization.id, {
onDelete: "cascade",
}),
domain: text("domain").notNull(),
});
export const ssoProviderRelations = relations(ssoProvider, ({ one }) => ({
organization: one(organization, {
fields: [ssoProvider.organizationId],
references: [organization.id],
}),
user: one(user, {
fields: [ssoProvider.userId],
references: [user.id],
}),
}));
export const ssoProviderBodySchema = z.object({
providerId: z.string({}),
issuer: z.string({}),
domain: z.string({}),
oidcConfig: z
.object({
clientId: z.string({}),
clientSecret: z.string({}),
authorizationEndpoint: z.string({}).optional(),
tokenEndpoint: z.string({}).optional(),
userInfoEndpoint: z.string({}).optional(),
tokenEndpointAuthentication: z
.enum(["client_secret_post", "client_secret_basic"])
.optional(),
jwksEndpoint: z.string({}).optional(),
discoveryEndpoint: z.string().optional(),
skipDiscovery: z.boolean().optional(),
scopes: z.array(z.string()).optional(),
pkce: z.boolean().default(true).optional(),
mapping: z
.object({
id: z.string({}),
email: z.string({}),
emailVerified: z.string({}).optional(),
name: z.string({}),
image: z.string({}).optional(),
extraFields: z.record(z.string(), z.any()).optional(),
})
.optional(),
})
.optional(),
samlConfig: z
.object({
entryPoint: z.string({}),
cert: z.string({}),
callbackUrl: z.string({}),
audience: z.string().optional(),
idpMetadata: z
.object({
metadata: z.string().optional(),
entityID: z.string().optional(),
cert: z.string().optional(),
privateKey: z.string().optional(),
privateKeyPass: z.string().optional(),
isAssertionEncrypted: z.boolean().optional(),
encPrivateKey: z.string().optional(),
encPrivateKeyPass: z.string().optional(),
singleSignOnService: z
.array(
z.object({
Binding: z.string(),
Location: z.string(),
}),
)
.optional(),
})
.optional(),
spMetadata: z.object({
metadata: z.string().optional(),
entityID: z.string().optional(),
binding: z.string().optional(),
privateKey: z.string().optional(),
privateKeyPass: z.string().optional(),
isAssertionEncrypted: z.boolean().optional(),
encPrivateKey: z.string().optional(),
encPrivateKeyPass: z.string().optional(),
}),
wantAssertionsSigned: z.boolean().optional(),
authnRequestsSigned: z.boolean().optional(),
signatureAlgorithm: z.string().optional(),
digestAlgorithm: z.string().optional(),
identifierFormat: z.string().optional(),
privateKey: z.string().optional(),
decryptionPvk: z.string().optional(),
additionalParams: z.record(z.string(), z.any()).optional(),
mapping: z
.object({
id: z.string({}),
email: z.string({}),
emailVerified: z.string({}).optional(),
name: z.string({}),
firstName: z.string({}).optional(),
lastName: z.string({}).optional(),
extraFields: z.record(z.string(), z.any()).optional(),
})
.optional(),
})
.optional(),
organizationId: z.string({}).optional(),
overrideUserInfo: z.boolean({}).default(false).optional(),
});

10
packages/server/src/db/schema/user.ts
View File

@@ -14,6 +14,7 @@ import { account, apikey, organization } from "./account";
import { backups } from "./backups";
import { projects } from "./project";
import { schedules } from "./schedule";
import { ssoProvider } from "./sso";
/**
* This is an example of how to use the multi-project schema feature of Drizzle ORM. Use the same
* database instance for multiple projects.
@@ -53,6 +54,14 @@ export const user = pgTable("user", {
// Metrics
enablePaidFeatures: boolean("enablePaidFeatures").notNull().default(false),
allowImpersonation: boolean("allowImpersonation").notNull().default(false),
// Enterprise / proprietary features
enableEnterpriseFeatures: boolean("enableEnterpriseFeatures")
.notNull()
.default(false),
licenseKey: text("licenseKey"),
isValidEnterpriseLicense: boolean("isValidEnterpriseLicense")
.notNull()
.default(false),
stripeCustomerId: text("stripeCustomerId"),
stripeSubscriptionId: text("stripeSubscriptionId"),
serversQuantity: integer("serversQuantity").notNull().default(0),
@@ -66,6 +75,7 @@ export const usersRelations = relations(user, ({ one, many }) => ({
organizations: many(organization),
projects: many(projects),
apiKeys: many(apikey),
ssoProviders: many(ssoProvider),
backups: many(backups),
schedules: many(schedules),
}));

6
packages/server/src/db/schema/utils.ts
View File

@@ -6,6 +6,12 @@ const alphabet = "abcdefghijklmnopqrstuvwxyz123456789";
const customNanoid = customAlphabet(alphabet, 6);
/** App name: letters, numbers, dots, underscores, hyphens only (no spaces). Safe for shell/Docker. */
export const APP_NAME_REGEX = /^[a-zA-Z0-9._-]+$/;
export const APP_NAME_MESSAGE =
"App name can only contain letters, numbers, dots, underscores and hyphens";
export const generateAppName = (type: string) => {
const verb = faker.hacker.verb().replace(/ /g, "-");
const adjective = faker.hacker.adjective().replace(/ /g, "-");

35
packages/server/src/db/schema/web-server-settings.ts
View File

@@ -76,6 +76,14 @@ export const webServerSettings = pgTable("webServerSettings", {
cleanupCacheOnCompose: boolean("cleanupCacheOnCompose")
.notNull()
.default(false),
// Whitelabel (Enterprise)
whitelabelAppName: text("whitelabelAppName").default("Dokploy"),
whitelabelLogoUrl: text("whitelabelLogoUrl"),
whitelabelLoginLogoUrl: text("whitelabelLoginLogoUrl"),
whitelabelFaviconUrl: text("whitelabelFaviconUrl"),
whitelabelLoginTitle: text("whitelabelLoginTitle"),
whitelabelLoginSubtitle: text("whitelabelLoginSubtitle"),
whitelabelLoginBackgroundImageUrl: text("whitelabelLoginBackgroundImageUrl"),
createdAt: timestamp("created_at").defaultNow(),
updatedAt: timestamp("updated_at").notNull().defaultNow(),
});
@@ -125,6 +133,18 @@ export const apiUpdateWebServerSettings = createSchema.partial().extend({
cleanupCacheApplications: z.boolean().optional(),
cleanupCacheOnPreviews: z.boolean().optional(),
cleanupCacheOnCompose: z.boolean().optional(),
whitelabelAppName: z.string().optional().nullable(),
whitelabelLogoUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelLoginLogoUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelFaviconUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelLoginTitle: z.string().optional().nullable(),
whitelabelLoginSubtitle: z.string().optional().nullable(),
whitelabelLoginBackgroundImageUrl: z
.string()
.url()
.optional()
.nullable()
.or(z.literal("")),
});
export const apiAssignDomain = z
@@ -154,6 +174,21 @@ export const apiUpdateDockerCleanup = z.object({
serverId: z.string().optional(),
});
export const apiUpdateWhitelabel = z.object({
whitelabelAppName: z.string().min(1).max(100).optional().nullable(),
whitelabelLogoUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelLoginLogoUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelFaviconUrl: z.string().url().optional().nullable().or(z.literal("")),
whitelabelLoginTitle: z.string().max(200).optional().nullable(),
whitelabelLoginSubtitle: z.string().max(500).optional().nullable(),
whitelabelLoginBackgroundImageUrl: z
.string()
.url()
.optional()
.nullable()
.or(z.literal("")),
});
export const apiUpdateWebServerMonitoring = z.object({
metricsConfig: z
.object({

2
packages/server/src/index.ts
View File

@@ -31,6 +31,7 @@ export * from "./services/port";
export * from "./services/postgres";
export * from "./services/preview-deployment";
export * from "./services/project";
export * from "./services/proprietary/sso";
export * from "./services/redirect";
export * from "./services/redis";
export * from "./services/registry";
@@ -79,6 +80,7 @@ export * from "./utils/builders/paketo";
export * from "./utils/builders/static";
export * from "./utils/builders/utils";
export * from "./utils/cluster/upload";
export * from "./utils/crons/enterprise";
export * from "./utils/databases/rebuild";
export * from "./utils/docker/collision";
export * from "./utils/docker/compose";

45
packages/server/src/lib/auth.ts
View File

@@ -1,4 +1,5 @@
import type { IncomingMessage } from "node:http";
import { sso } from "@better-auth/sso";
import * as bcrypt from "bcrypt";
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
@@ -9,6 +10,7 @@ import { IS_CLOUD } from "../constants";
import { db } from "../db";
import * as schema from "../db/schema";
import { getUserByToken } from "../services/admin";
import { getSSOProviders } from "../services/proprietary/sso";
import {
getWebServerSettings,
updateWebServerSettings,
@@ -17,11 +19,17 @@ import { getHubSpotUTK, submitToHubSpot } from "../utils/tracking/hubspot";
import { sendEmail } from "../verification/send-verification-email";
import { getPublicIpWithFallback } from "../wss/utils";
const { handler, api } = betterAuth({
export const { handler, api } = betterAuth({
database: drizzleAdapter(db, {
provider: "pg",
schema: schema,
}),
disabledPaths: [
"/sso/register",
"/organization/create",
"/organization/update",
"/organization/delete",
],
appName: "Dokploy",
socialProviders: {
github: {
@@ -42,13 +50,18 @@ const { handler, api } = betterAuth({
if (!settings) {
return [];
}
const providers = await getSSOProviders();
const domains = providers.map((provider) => provider.issuer);
return [
...(settings?.serverIp ? [`http://${settings?.serverIp}:3000`] : []),
...(settings?.host ? [`https://${settings?.host}`] : []),
...domains.map((domain) => domain),
...(process.env.NODE_ENV === "development"
? [
"http://localhost:3000",
"https://absolutely-handy-falcon.ngrok-free.app",
"https://dev-pee8hhc3qbjlqedb.us.auth0.com",
]
: []),
];
@@ -106,6 +119,10 @@ const { handler, api } = betterAuth({
});
}
} else {
const isSSORequest = context?.path.includes("/sso/callback");
if (!isSSORequest) {
return;
}
const isAdminPresent = await db.query.member.findFirst({
where: eq(schema.member.role, "owner"),
});
@@ -118,6 +135,7 @@ const { handler, api } = betterAuth({
}
},
after: async (user, context) => {
const isSSORequest = context?.path.includes("/sso/callback");
const isAdminPresent = await db.query.member.findFirst({
where: eq(schema.member.role, "owner"),
});
@@ -173,6 +191,29 @@ const { handler, api } = betterAuth({
isDefault: true, // Mark first organization as default
});
});
} else if (isSSORequest) {
const providerId = context?.params?.providerId;
if (!providerId) {
throw new APIError("BAD_REQUEST", {
message: "Provider ID is required",
});
}
const provider = await db.query.ssoProvider.findFirst({
where: eq(schema.ssoProvider.providerId, providerId),
});
if (!provider) {
throw new APIError("BAD_REQUEST", {
message: "Provider not found",
});
}
await db.insert(schema.member).values({
userId: user.id,
organizationId: provider?.organizationId || "",
role: "member",
createdAt: new Date(),
isDefault: true,
});
}
},
},
@@ -240,6 +281,7 @@ const { handler, api } = betterAuth({
apiKey({
enableMetadata: true,
}),
sso(),
twoFactor(),
organization({
async sendInvitationEmail(data, _request) {
@@ -273,6 +315,7 @@ const { handler, api } = betterAuth({
export const auth = {
handler,
createApiKey: api.createApiKey,
registerSSOProvider: api.registerSSOProvider,
};
export const validateRequest = async (request: IncomingMessage) => {

6
packages/server/src/services/application.ts
View File

@@ -253,7 +253,11 @@ export const deployApplication = async ({
} finally {
// Only extract commit info for non-docker sources
if (application.sourceType !== "docker") {
const commitInfo = await getGitCommitInfo(application);
const commitInfo = await getGitCommitInfo({
appName: application.appName,
type: "application",
serverId: serverId,
});
if (commitInfo) {
await updateDeployment(deployment.deploymentId, {

2
packages/server/src/services/mariadb.ts
View File

@@ -18,7 +18,7 @@ export type Mariadb = typeof mariadb.$inferSelect;
export const createMariadb = async (input: typeof apiCreateMariaDB._type) => {
const appName = buildAppName("mariadb", input.appName);
const valid = await validUniqueServerAppName(input.appName);
const valid = await validUniqueServerAppName(appName);
if (!valid) {
throw new TRPCError({
code: "CONFLICT",

100
packages/server/src/services/notification.ts
View File

@@ -6,6 +6,7 @@ import {
type apiCreateGotify,
type apiCreateLark,
type apiCreateNtfy,
type apiCreatePushover,
type apiCreateSlack,
type apiCreateTelegram,
type apiUpdateCustom,
@@ -14,6 +15,7 @@ import {
type apiUpdateGotify,
type apiUpdateLark,
type apiUpdateNtfy,
type apiUpdatePushover,
type apiUpdateSlack,
type apiUpdateTelegram,
custom,
@@ -23,6 +25,7 @@ import {
lark,
notifications,
ntfy,
pushover,
slack,
telegram,
} from "@dokploy/server/db/schema";
@@ -694,6 +697,7 @@ export const findNotificationById = async (notificationId: string) => {
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
if (!notification) {
@@ -817,3 +821,99 @@ export const updateNotificationById = async (
return result[0];
};
export const createPushoverNotification = async (
input: typeof apiCreatePushover._type,
organizationId: string,
) => {
await db.transaction(async (tx) => {
const newPushover = await tx
.insert(pushover)
.values({
userKey: input.userKey,
apiToken: input.apiToken,
priority: input.priority,
retry: input.retry,
expire: input.expire,
})
.returning()
.then((value) => value[0]);
if (!newPushover) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Error input: Inserting pushover",
});
}
const newDestination = await tx
.insert(notifications)
.values({
pushoverId: newPushover.pushoverId,
name: input.name,
appDeploy: input.appDeploy,
appBuildError: input.appBuildError,
databaseBackup: input.databaseBackup,
volumeBackup: input.volumeBackup,
dokployRestart: input.dokployRestart,
dockerCleanup: input.dockerCleanup,
serverThreshold: input.serverThreshold,
notificationType: "pushover",
organizationId: organizationId,
})
.returning()
.then((value) => value[0]);
if (!newDestination) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Error input: Inserting notification",
});
}
return newDestination;
});
};
export const updatePushoverNotification = async (
input: typeof apiUpdatePushover._type,
) => {
await db.transaction(async (tx) => {
const newDestination = await tx
.update(notifications)
.set({
name: input.name,
appDeploy: input.appDeploy,
appBuildError: input.appBuildError,
databaseBackup: input.databaseBackup,
volumeBackup: input.volumeBackup,
dokployRestart: input.dokployRestart,
dockerCleanup: input.dockerCleanup,
organizationId: input.organizationId,
serverThreshold: input.serverThreshold,
})
.where(eq(notifications.notificationId, input.notificationId))
.returning()
.then((value) => value[0]);
if (!newDestination) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Error Updating notification",
});
}
await tx
.update(pushover)
.set({
userKey: input.userKey,
apiToken: input.apiToken,
priority: input.priority,
retry: input.retry,
expire: input.expire,
})
.where(eq(pushover.pushoverId, input.pushoverId));
return newDestination;
});
};

15
packages/server/src/services/proprietary/sso.tsx Normal file
View File

@@ -0,0 +1,15 @@
import { db } from "@dokploy/server/db";
export const getSSOProviders = async () => {
const providers = await db.query.ssoProvider.findMany({
columns: {
id: true,
providerId: true,
issuer: true,
domain: true,
oidcConfig: true,
samlConfig: true,
},
});
return providers;
};

2
packages/server/src/setup/traefik-setup.ts
View File

@@ -20,7 +20,7 @@ export const TRAEFIK_PORT =
Number.parseInt(process.env.TRAEFIK_PORT!, 10) || 80;
export const TRAEFIK_HTTP3_PORT =
Number.parseInt(process.env.TRAEFIK_HTTP3_PORT!, 10) || 443;
export const TRAEFIK_VERSION = process.env.TRAEFIK_VERSION || "3.6.1";
export const TRAEFIK_VERSION = process.env.TRAEFIK_VERSION || "3.6.4";
export interface TraefikOptions {
env?: string[];

66
packages/server/src/utils/crons/enterprise.ts Normal file
View File

@@ -0,0 +1,66 @@
import { getPublicIpWithFallback } from "@dokploy/server/wss/utils";
import { and, eq, isNotNull } from "drizzle-orm";
import { scheduleJob } from "node-schedule";
import { db } from "../../db/index";
import { user as userSchema } from "../../db/schema/user";
export const initEnterpriseBackupCronJobs = async () => {
scheduleJob("enterprise-check", "0 0 */3 * *", async () => {
const users = await db.query.user.findMany({
where: and(
isNotNull(userSchema.licenseKey),
isNotNull(userSchema.enableEnterpriseFeatures),
eq(userSchema.isValidEnterpriseLicense, true),
),
});
for (const user of users) {
if (user.isValidEnterpriseLicense) {
console.log(
"Validating license key....",
user.firstName,
user.lastName,
);
try {
const isValid = await validateLicenseKey(user.licenseKey || "");
if (!isValid) {
throw new Error("License key is invalid");
}
} catch (error) {
await db
.update(userSchema)
.set({ isValidEnterpriseLicense: false })
.where(eq(userSchema.id, user.id));
}
}
}
});
};
export const validateLicenseKey = async (licenseKey: string) => {
try {
const ip = await getPublicIpWithFallback();
const result = await fetch(
`${process.env.LICENSE_KEY_URL || "http://localhost:4002"}/licenses/validate`,
{
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({ licenseKey, ip }),
},
);
if (!result.ok) {
const errorData = await result.json().catch(() => ({}));
throw new Error(errorData.message || "Failed to validate license key");
}
const data = await result.json();
return data.valid;
} catch (error) {
console.error(
error instanceof Error ? error.message : "Failed to validate license key",
);
throw error;
}
};

23
packages/server/src/utils/notifications/build-error.ts
View File

@@ -11,6 +11,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -48,12 +49,22 @@ export const sendBuildErrorNotifications = async ({
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy, custom, lark } =
notification;
const {
email,
discord,
telegram,
slack,
gotify,
ntfy,
custom,
lark,
pushover,
} = notification;
try {
if (email) {
const template = await renderAsync(
@@ -349,6 +360,14 @@ export const sendBuildErrorNotifications = async ({
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
"Build Failed",
`Project: ${projectName}\nApplication: ${applicationName}\nType: ${applicationType}\nDate: ${date.toLocaleString()}\nError: ${errorMessage}`,
);
}
} catch (error) {
console.log(error);
}

23
packages/server/src/utils/notifications/build-success.ts
View File

@@ -12,6 +12,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -51,12 +52,22 @@ export const sendBuildSuccessNotifications = async ({
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy, custom, lark } =
notification;
const {
email,
discord,
telegram,
slack,
gotify,
ntfy,
custom,
lark,
pushover,
} = notification;
try {
if (email) {
const template = await renderAsync(
@@ -363,6 +374,14 @@ export const sendBuildSuccessNotifications = async ({
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
"Build Success",
`Project: ${projectName}\nApplication: ${applicationName}\nEnvironment: ${environmentName}\nType: ${applicationType}\nDate: ${date.toLocaleString()}`,
);
}
} catch (error) {
console.log(error);
}

23
packages/server/src/utils/notifications/database-backup.ts
View File

@@ -11,6 +11,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -48,12 +49,22 @@ export const sendDatabaseBackupNotifications = async ({
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy, custom, lark } =
notification;
const {
email,
discord,
telegram,
slack,
gotify,
ntfy,
custom,
lark,
pushover,
} = notification;
try {
if (email) {
const template = await renderAsync(
@@ -377,6 +388,14 @@ export const sendDatabaseBackupNotifications = async ({
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
`Database Backup ${type === "success" ? "Successful" : "Failed"}`,
`Project: ${projectName}\nApplication: ${applicationName}\nDatabase: ${databaseType}\nDatabase Name: ${databaseName}\nDate: ${date.toLocaleString()}${type === "error" && errorMessage ? `\nError: ${errorMessage}` : ""}`,
);
}
} catch (error) {
console.log(error);
}

23
packages/server/src/utils/notifications/docker-cleanup.ts
View File

@@ -11,6 +11,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -35,12 +36,22 @@ export const sendDockerCleanupNotifications = async (
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy, custom, lark } =
notification;
const {
email,
discord,
telegram,
slack,
gotify,
ntfy,
custom,
lark,
pushover,
} = notification;
try {
if (email) {
const template = await renderAsync(
@@ -230,6 +241,14 @@ export const sendDockerCleanupNotifications = async (
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
"Docker Cleanup",
`Date: ${date.toLocaleString()}\nMessage: ${message}`,
);
}
} catch (error) {
console.log(error);
}

23
packages/server/src/utils/notifications/dokploy-restart.ts
View File

@@ -11,6 +11,7 @@ import {
sendGotifyNotification,
sendLarkNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -29,12 +30,22 @@ export const sendDokployRestartNotifications = async () => {
ntfy: true,
custom: true,
lark: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy, custom, lark } =
notification;
const {
email,
discord,
telegram,
slack,
gotify,
ntfy,
custom,
lark,
pushover,
} = notification;
try {
if (email) {
@@ -219,6 +230,14 @@ export const sendDokployRestartNotifications = async () => {
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
"Dokploy Server Restarted",
`Date: ${date.toLocaleString()}`,
);
}
} catch (error) {
console.log(error);
}

12
packages/server/src/utils/notifications/server-threshold.ts
View File

@@ -5,6 +5,7 @@ import {
sendCustomNotification,
sendDiscordNotification,
sendLarkNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -38,6 +39,7 @@ export const sendServerThresholdNotifications = async (
slack: true,
custom: true,
lark: true,
pushover: true,
},
});
@@ -45,7 +47,7 @@ export const sendServerThresholdNotifications = async (
const typeColor = 0xff0000; // Rojo para indicar alerta
for (const notification of notificationList) {
const { discord, telegram, slack, custom, lark } = notification;
const { discord, telegram, slack, custom, lark, pushover } = notification;
if (discord) {
const decorate = (decoration: string, text: string) =>
@@ -266,5 +268,13 @@ export const sendServerThresholdNotifications = async (
},
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
`Server ${payload.Type} Alert`,
`Server: ${payload.ServerName}\nType: ${payload.Type}\nCurrent: ${payload.Value.toFixed(2)}%\nThreshold: ${payload.Threshold.toFixed(2)}%\nMessage: ${payload.Message}\nTime: ${date.toLocaleString()}`,
);
}
}
};

31
packages/server/src/utils/notifications/utils.ts
View File

@@ -5,6 +5,7 @@ import type {
gotify,
lark,
ntfy,
pushover,
slack,
telegram,
} from "@dokploy/server/db/schema";
@@ -223,3 +224,33 @@ export const sendLarkNotification = async (
console.log(err);
}
};
export const sendPushoverNotification = async (
connection: typeof pushover.$inferInsert,
title: string,
message: string,
) => {
const formData = new URLSearchParams();
formData.append("token", connection.apiToken);
formData.append("user", connection.userKey);
formData.append("title", title);
formData.append("message", message);
formData.append("priority", connection.priority?.toString() || "0");
// For emergency priority (2), retry and expire are required
if (connection.priority === 2) {
formData.append("retry", connection.retry?.toString() || "30");
formData.append("expire", connection.expire?.toString() || "3600");
}
const response = await fetch("https://api.pushover.net/1/messages.json", {
method: "POST",
body: formData,
});
if (!response.ok) {
throw new Error(
`Failed to send Pushover notification: ${response.statusText}`,
);
}
};

13
packages/server/src/utils/notifications/volume-backup.ts
View File

@@ -9,6 +9,7 @@ import {
sendEmailNotification,
sendGotifyNotification,
sendNtfyNotification,
sendPushoverNotification,
sendSlackNotification,
sendTelegramNotification,
} from "./utils";
@@ -53,11 +54,13 @@ export const sendVolumeBackupNotifications = async ({
slack: true,
gotify: true,
ntfy: true,
pushover: true,
},
});
for (const notification of notificationList) {
const { email, discord, telegram, slack, gotify, ntfy } = notification;
const { email, discord, telegram, slack, gotify, ntfy, pushover } =
notification;
if (email) {
const subject = `Volume Backup ${type === "success" ? "Successful" : "Failed"} - ${applicationName}`;
@@ -270,5 +273,13 @@ export const sendVolumeBackupNotifications = async ({
],
});
}
if (pushover) {
await sendPushoverNotification(
pushover,
`Volume Backup ${type === "success" ? "Successful" : "Failed"}`,
`Project: ${projectName}\nApplication: ${applicationName}\nVolume: ${volumeName}\nService Type: ${serviceType}${backupSize ? `\nBackup Size: ${backupSize}` : ""}\nDate: ${date.toLocaleString()}${type === "error" && errorMessage ? `\nError: ${errorMessage}` : ""}`,
);
}
}
};

6
packages/server/src/utils/providers/bitbucket.ts
View File

@@ -79,6 +79,7 @@ export const getBitbucketHeaders = (bitbucketProvider: Bitbucket) => {
interface CloneBitbucketRepository {
appName: string;
bitbucketRepository: string | null;
bitbucketRepositorySlug?: string | null;
bitbucketOwner: string | null;
bitbucketBranch: string | null;
bitbucketId: string | null;
@@ -117,7 +118,8 @@ export const cloneBitbucketRepository = async ({
const outputPath = join(basePath, appName, "code");
command += `rm -rf ${outputPath};`;
command += `mkdir -p ${outputPath};`;
const repoclone = `bitbucket.org/${bitbucketOwner}/${bitbucketRepository}.git`;
const repoToUse = entity.bitbucketRepositorySlug || bitbucketRepository;
const repoclone = `bitbucket.org/${bitbucketOwner}/${repoToUse}.git`;
const cloneUrl = getBitbucketCloneUrl(bitbucket, repoclone);
command += `echo "Cloning Repo ${repoclone} to ${outputPath}: ✅";`;
command += `git clone --branch ${bitbucketBranch} --depth 1 ${enableSubmodules ? "--recurse-submodules" : ""} ${cloneUrl} ${outputPath} --progress;`;
@@ -137,6 +139,7 @@ export const getBitbucketRepositories = async (bitbucketId?: string) => {
let repositories: {
name: string;
url: string;
slug: string;
owner: { username: string };
}[] = [];
@@ -159,6 +162,7 @@ export const getBitbucketRepositories = async (bitbucketId?: string) => {
const mappedData = data.values.map((repo: any) => ({
name: repo.name,
url: repo.links.html.href,
slug: repo.slug,
owner: {
username: repo.workspace.slug,
},

1879
pnpm-lock.yaml generated
View File

File diff suppressed because it is too large Load Diff