205hlab-mirrors/dockhand
2
0
Fork 0
mirror of https://github.com/Finsys/dockhand.git synced 2026-06-18 03:20:43 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: 205hlab-mirrors/dockhand:v1.0.28
Branches Tags
205hlab-mirrors/dockhand:main
205hlab-mirrors/dockhand:v1.0.34 205hlab-mirrors/dockhand:v1.0.33 205hlab-mirrors/dockhand:v1.0.32 205hlab-mirrors/dockhand:v1.0.31 205hlab-mirrors/dockhand:v1.0.30 205hlab-mirrors/dockhand:v1.0.29 205hlab-mirrors/dockhand:v1.0.28 205hlab-mirrors/dockhand:v1.0.27 205hlab-mirrors/dockhand:v1.0.26 205hlab-mirrors/dockhand:v1.0.25 205hlab-mirrors/dockhand:v1.0.24 205hlab-mirrors/dockhand:v1.0.2 205hlab-mirrors/dockhand:1.0.23 205hlab-mirrors/dockhand:v1.0.22 205hlab-mirrors/dockhand:v1.0.21 205hlab-mirrors/dockhand:v1.0.20 205hlab-mirrors/dockhand:v1.0.19 205hlab-mirrors/dockhand:v1.0.18 205hlab-mirrors/dockhand:v1.0.17 205hlab-mirrors/dockhand:v1.0.16 205hlab-mirrors/dockhand:v1.0.15 205hlab-mirrors/dockhand:v1.0.14 205hlab-mirrors/dockhand:1.0.12 205hlab-mirrors/dockhand:1.0.11 205hlab-mirrors/dockhand:1.0.10 205hlab-mirrors/dockhand:1.0.9 205hlab-mirrors/dockhand:1.0.8 205hlab-mirrors/dockhand:1.0.7 205hlab-mirrors/dockhand:1.0.5 205hlab-mirrors/dockhand:1.0.4
...
compare: 205hlab-mirrors/dockhand:1.0.5
Branches Tags
205hlab-mirrors/dockhand:main
205hlab-mirrors/dockhand:v1.0.34 205hlab-mirrors/dockhand:v1.0.33 205hlab-mirrors/dockhand:v1.0.32 205hlab-mirrors/dockhand:v1.0.31 205hlab-mirrors/dockhand:v1.0.30 205hlab-mirrors/dockhand:v1.0.29 205hlab-mirrors/dockhand:v1.0.28 205hlab-mirrors/dockhand:v1.0.27 205hlab-mirrors/dockhand:v1.0.26 205hlab-mirrors/dockhand:v1.0.25 205hlab-mirrors/dockhand:v1.0.24 205hlab-mirrors/dockhand:v1.0.2 205hlab-mirrors/dockhand:1.0.23 205hlab-mirrors/dockhand:v1.0.22 205hlab-mirrors/dockhand:v1.0.21 205hlab-mirrors/dockhand:v1.0.20 205hlab-mirrors/dockhand:v1.0.19 205hlab-mirrors/dockhand:v1.0.18 205hlab-mirrors/dockhand:v1.0.17 205hlab-mirrors/dockhand:v1.0.16 205hlab-mirrors/dockhand:v1.0.15 205hlab-mirrors/dockhand:v1.0.14 205hlab-mirrors/dockhand:1.0.12 205hlab-mirrors/dockhand:1.0.11 205hlab-mirrors/dockhand:1.0.10 205hlab-mirrors/dockhand:1.0.9 205hlab-mirrors/dockhand:1.0.8 205hlab-mirrors/dockhand:1.0.7 205hlab-mirrors/dockhand:1.0.5 205hlab-mirrors/dockhand:1.0.4

14 Commits
v1.0.28 ... 1.0.5

Author SHA1 Message Date
jarek cd6544aedb 1.0.5 2026-01-01 16:00:34 +01:00
jarek c60db2930c compose example 2025-12-29 15:29:33 +01:00
Jarek Krochmalski 695acd922e bmac 2025-12-29 13:46:13 +01:00
Jarek Krochmalski fcb36c4646 bmac 2025-12-29 13:39:36 +01:00
Jarek Krochmalski 53ca99ac77 Update README.md 2025-12-29 13:37:26 +01:00
Jarek Krochmalski 81fcc28d0b Update LICENSE.txt 2025-12-29 09:27:27 +01:00
jarek 522154cd68 ignore 2025-12-29 09:08:29 +01:00
jarek 9db6e67a61 drizzle config 2025-12-29 09:08:06 +01:00
Jarek Krochmalski ba05d16d79 cleanup .DS_Store 2025-12-29 08:55:55 +01:00
jarek f4a57ecfd3 proper src structure, dockerfile, entrypoint 2025-12-29 08:40:56 +01:00
jarek ab8743bdae proper src structure, dockerfile, entrypoint 2025-12-29 08:40:11 +01:00
Jarek Krochmalski e536388a7a Update README.md 2025-12-29 06:47:46 +01:00
Jarek Krochmalski 497fbdb635 Update README.md 2025-12-29 06:47:22 +01:00
Jarek Krochmalski 53d60fdddd Update README.md 2025-12-28 21:40:06 +01:00
584 changed files with 23076 additions and 3671 deletions
Expand all files Collapse all files
.github/FUNDING.yml
+3
View File
@@ -0,0 +1,3 @@
buy_me_a_coffee:
displayName: "Buy Me a Coffee"
account: dockhand
.gitignore
+2
View File
@@ -0,0 +1,2 @@
.idea/
.DS_Store
Dockerfile
+86
View File
@@ -0,0 +1,86 @@
# Build stage - using Debian to avoid Alpine musl thread creation issues
# Alpine's musl libc causes rayon/tokio thread pool panics during svelte-adapter-bun build
FROM oven/bun:1.3.5-debian AS builder
WORKDIR /app
# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends jq git && rm -rf /var/lib/apt/lists/*
# Copy package files and install ALL dependencies (needed for build)
COPY package.json bun.lock* bunfig.toml ./
RUN bun install --frozen-lockfile
# Copy source code and build
COPY . .
# Build with parallelism - dedicated build VM has 16 CPUs and 32GB RAM
# Increased memory limits for parallel compilation with larger semi-space for GC
RUN NODE_OPTIONS="--max-old-space-size=8192 --max-semi-space-size=128" bun run build
# Production stage - minimal Alpine with Bun runtime
FROM oven/bun:1.3.5-alpine
WORKDIR /app
# Install runtime dependencies, create user
# Add sqlite for emergency scripts, git for stack git operations, curl for healthchecks
# Add docker-cli and docker-cli-compose for stack management (uses host's docker socket)
# Add openssh-client for SSH key authentication with git repositories
# Upgrade all packages to latest versions for security patches
RUN apk upgrade --no-cache \
&& apk add --no-cache curl git tini su-exec sqlite docker-cli docker-cli-compose openssh-client iproute2 \
&& addgroup -g 1001 dockhand \
&& adduser -u 1001 -G dockhand -h /home/dockhand -D dockhand
# Copy package files and install production dependencies
# This is needed because svelte-adapter-bun externalizes some packages (croner, etc.)
# that need to be available at runtime. Installing at build time is more reliable
# than Bun's auto-install which requires network access and writable cache.
COPY package.json bun.lock* ./
RUN bun install --production --frozen-lockfile
# Copy built application (Bun adapter output)
COPY --from=builder /app/build ./build
# Copy bundled subprocess scripts (built by scripts/build-subprocesses.ts)
COPY --from=builder /app/build/subprocesses/ ./subprocesses/
# Copy database migrations
COPY drizzle/ ./drizzle/
COPY drizzle-pg/ ./drizzle-pg/
# Copy legal documents
COPY LICENSE.txt PRIVACY.txt ./
# Copy entrypoint script
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
# Copy emergency scripts (only the emergency subfolder, not license generation scripts)
COPY scripts/emergency/ ./scripts/
RUN chmod +x ./scripts/*.sh ./scripts/**/*.sh 2>/dev/null || true
# Create directories with proper ownership
RUN mkdir -p /home/dockhand/.dockhand/stacks /app/data \
&& chown -R dockhand:dockhand /app /home/dockhand
EXPOSE 3000
# Runtime configuration
ENV NODE_ENV=production
ENV PORT=3000
ENV HOST=0.0.0.0
ENV DATA_DIR=/app/data
ENV HOME=/home/dockhand
# User/group IDs - customize with -e PUID=1000 -e PGID=1000
# The entrypoint will recreate the dockhand user with these IDs
ENV PUID=1001
ENV PGID=1001
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD curl -f http://localhost:3000/ || exit 1
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
CMD ["bun", "run", "./build/index.js"]
LICENSE.txt
+1 -1
View File
@@ -123,6 +123,6 @@ under an Open Source License, as stated in this License.
For licensing inquiries, commercial licensing, or enterprise features:
Website: https://dockhand.io
Website: https://dockhand.pro
-----------------------------------------------------------------------------
README.md
+14 -6
View File
@@ -1,5 +1,5 @@
<p align="center">
<img src="images/logo.webp" alt="Dockhand" width="300">
<img src="src/images/logo.webp" alt="Dockhand" width="300">
</p>
<p align="center">
@@ -7,8 +7,8 @@
</p>
<p align="center">
<a href="https://dockhand.io">Website</a> •
<a href="https://dockhand.io/docs">Documentation</a> •
<a href="https://dockhand.pro">Website</a> •
<a href="https://dockhand.pro/manual">Documentation</a> •
<a href="#license">License</a>
</p>
@@ -33,7 +33,7 @@ Dockhand is a modern, efficient Docker management application providing real-tim
- **Frontend**: SvelteKit 2, Svelte 5, shadcn-svelte, TailwindCSS
- **Backend**: Bun runtime with SvelteKit API routes
- **Database**: SQLite or PostgreSQL via Drizzle ORM
- **Docker**: Dockerode library
- **Docker**: direct docker API calls.
## License
@@ -47,10 +47,18 @@ Dockhand is licensed under the [Business Source License 1.1](LICENSE.txt) (BSL 1
See [LICENSE.txt](LICENSE.txt) for full terms.
<a href="https://buymeacoffee.com/dockhand" target="_blank">
<img src="https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png"
alt="Buy Me A Coffee"
height="40">
</a>
## Links
- **Website**: [https://dockhand.io](https://dockhand.io)
- **Documentation**: [https://dockhand.io/docs](https://dockhand.io/docs)
- **Website**: [https://dockhand.pro](https://dockhand.pro)
- **Documentation**: [https://dockhand.pro/manual](https://dockhand.pro/manual)
---
bunfig.toml
+9
View File
@@ -0,0 +1,9 @@
# Bun configuration for Dockhand
[install]
# Use exact versions for reproducible builds
exact = true
[run]
# Enable source maps for better error messages
sourcemap = "external"
components.json
+16
View File
@@ -0,0 +1,16 @@
{
"$schema": "https://shadcn-svelte.com/schema.json",
"tailwind": {
"css": "src/app.css",
"baseColor": "slate"
},
"aliases": {
"components": "$lib/components",
"utils": "$lib/utils",
"ui": "$lib/components/ui",
"hooks": "$lib/hooks",
"lib": "$lib"
},
"typescript": true,
"registry": "https://shadcn-svelte.com/registry"
}
docker-compose-postgresql.yaml
+25
View File
@@ -0,0 +1,25 @@
services:
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: dockhand
POSTGRES_PASSWORD: changeme
POSTGRES_DB: dockhand
volumes:
- postgres_data:/var/lib/postgresql/data
dockhand:
image: fnsys/dockhand:latest
ports:
- 3000:3000
environment:
DATABASE_URL: postgres://dockhand:changeme@postgres:5432/dockhand
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- dockhand_data:/app/data
depends_on:
- postgres
volumes:
postgres_data:
dockhand_data:
docker-compose.yaml
+13
View File
@@ -0,0 +1,13 @@
services:
dockhand:
image: fnsys/dockhand:latest
container_name: dockhand
restart: unless-stopped
ports:
- 3000:3000
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- dockhand_data:/app/data
volumes:
dockhand_data:
docker-entrypoint.sh
+176
View File
@@ -0,0 +1,176 @@
#!/bin/sh
set -e
# Dockhand Docker Entrypoint
# === Configuration ===
PUID=${PUID:-1001}
PGID=${PGID:-1001}
# === Detect if running as root ===
RUNNING_AS_ROOT=false
if [ "$(id -u)" = "0" ]; then
RUNNING_AS_ROOT=true
fi
# === Non-root mode (user: directive in compose) ===
# If container started as non-root, skip all user management and run directly
if [ "$RUNNING_AS_ROOT" = "false" ]; then
echo "Running as user $(id -u):$(id -g) (set via container user directive)"
# Ensure data directories exist (user must have write access to DATA_DIR via volume mount)
DATA_DIR="${DATA_DIR:-/app/data}"
if [ ! -d "$DATA_DIR/db" ]; then
echo "Creating database directory at $DATA_DIR/db"
mkdir -p "$DATA_DIR/db" 2>/dev/null || {
echo "ERROR: Cannot create $DATA_DIR/db directory"
echo "Ensure the data volume is mounted with correct permissions for user $(id -u):$(id -g)"
echo ""
echo "Example docker-compose.yml:"
echo " volumes:"
echo " - ./data:/app/data # This directory must be writable by user $(id -u)"
exit 1
}
fi
if [ ! -d "$DATA_DIR/stacks" ]; then
mkdir -p "$DATA_DIR/stacks" 2>/dev/null || true
fi
# Check Docker socket access if mounted
SOCKET_PATH="/var/run/docker.sock"
if [ -S "$SOCKET_PATH" ]; then
if test -r "$SOCKET_PATH" 2>/dev/null; then
echo "Docker socket accessible at $SOCKET_PATH"
# Detect hostname from Docker if not set
if [ -z "$DOCKHAND_HOSTNAME" ]; then
DETECTED_HOSTNAME=$(curl -s --unix-socket "$SOCKET_PATH" http://localhost/info 2>/dev/null | sed -n 's/.*"Name":"\([^"]*\)".*/\1/p')
if [ -n "$DETECTED_HOSTNAME" ]; then
export DOCKHAND_HOSTNAME="$DETECTED_HOSTNAME"
echo "Detected Docker host hostname: $DOCKHAND_HOSTNAME"
fi
fi
else
SOCKET_GID=$(stat -c '%g' "$SOCKET_PATH" 2>/dev/null || echo "unknown")
echo "WARNING: Docker socket not readable by user $(id -u)"
echo "Add --group-add $SOCKET_GID to your docker run command"
fi
else
echo "No Docker socket found at $SOCKET_PATH"
echo "Configure Docker environments via the web UI (Settings > Environments)"
fi
# Run directly as current user (no su-exec needed)
if [ "$1" = "" ]; then
exec bun run ./build/index.js
else
exec "$@"
fi
fi
# === User Setup ===
# Root mode: PUID=0 requested OR already running as root with default PUID/PGID
if [ "$PUID" = "0" ]; then
echo "Running as root user (PUID=0)"
RUN_USER="root"
elif [ "$RUNNING_AS_ROOT" = "true" ] && [ "$PUID" = "1001" ] && [ "$PGID" = "1001" ]; then
echo "Running as root user"
RUN_USER="root"
else
RUN_USER="dockhand"
# Only modify if PUID/PGID differ from image defaults (1001:1001)
if [ "$PUID" != "1001" ] || [ "$PGID" != "1001" ]; then
echo "Configuring user with PUID=$PUID PGID=$PGID"
# Remove existing dockhand user/group (only dockhand, not others)
deluser dockhand 2>/dev/null || true
delgroup dockhand 2>/dev/null || true
# Check for UID conflicts - warn but don't delete other users
if getent passwd "$PUID" >/dev/null 2>&1; then
EXISTING=$(getent passwd "$PUID" | cut -d: -f1)
echo "WARNING: UID $PUID already in use by '$EXISTING'. Using default UID 1001."
PUID=1001
fi
# Handle GID - reuse existing group or create new
if getent group "$PGID" >/dev/null 2>&1; then
TARGET_GROUP=$(getent group "$PGID" | cut -d: -f1)
else
addgroup -g "$PGID" dockhand
TARGET_GROUP="dockhand"
fi
adduser -u "$PUID" -G "$TARGET_GROUP" -h /home/dockhand -D dockhand
fi
# === Directory Ownership ===
chown -R dockhand:dockhand /app/data /home/dockhand 2>/dev/null || true
if [ -n "$DATA_DIR" ] && [ "$DATA_DIR" != "/app/data" ] && [ "$DATA_DIR" != "./data" ]; then
mkdir -p "$DATA_DIR"
chown -R dockhand:dockhand "$DATA_DIR" 2>/dev/null || true
fi
fi
# === Docker Socket Access (Optional) ===
# Check if Docker socket is mounted and accessible
# Socket path can be configured via environment-specific settings in the app
SOCKET_PATH="/var/run/docker.sock"
if [ -S "$SOCKET_PATH" ]; then
# Socket exists - check if readable
if [ "$RUN_USER" != "root" ]; then
if ! su-exec "$RUN_USER" test -r "$SOCKET_PATH" 2>/dev/null; then
SOCKET_GID=$(stat -c '%g' "$SOCKET_PATH" 2>/dev/null || echo "unknown")
echo "WARNING: Docker socket at $SOCKET_PATH is not readable by dockhand user"
echo ""
echo "To use local Docker, fix with one of these options:"
echo ""
echo " 1. Add container to docker group (GID: $SOCKET_GID):"
echo " docker run --group-add $SOCKET_GID ..."
echo ""
echo " 2. Use a socket proxy:"
echo " Configure a 'direct' environment pointing to tcp://socket-proxy:2375"
echo ""
echo " 3. Make socket world-readable (less secure):"
echo " chmod 666 /var/run/docker.sock"
echo ""
echo "Continuing startup - configure environments via the web UI..."
else
echo "Docker socket accessible at $SOCKET_PATH"
fi
else
echo "Docker socket accessible at $SOCKET_PATH"
fi
# === Detect Docker Host Hostname (for license validation) ===
# Query Docker API to get the real host hostname (not container ID)
if [ -z "$DOCKHAND_HOSTNAME" ]; then
DETECTED_HOSTNAME=$(curl -s --unix-socket "$SOCKET_PATH" http://localhost/info 2>/dev/null | sed -n 's/.*"Name":"\([^"]*\)".*/\1/p')
if [ -n "$DETECTED_HOSTNAME" ]; then
export DOCKHAND_HOSTNAME="$DETECTED_HOSTNAME"
echo "Detected Docker host hostname: $DOCKHAND_HOSTNAME"
fi
else
echo "Using configured hostname: $DOCKHAND_HOSTNAME"
fi
else
echo "No Docker socket found at $SOCKET_PATH"
echo "Configure Docker environments via the web UI (Settings > Environments)"
fi
# === Run Application ===
if [ "$RUN_USER" = "root" ]; then
# Running as root - execute directly
if [ "$1" = "" ]; then
exec bun run ./build/index.js
else
exec "$@"
fi
else
# Running as dockhand user
if [ "$1" = "" ]; then
exec su-exec dockhand bun run ./build/index.js
else
exec su-exec dockhand "$@"
fi
fi
drizzle-pg/0000_initial_schema.sql
+401
View File
@@ -0,0 +1,401 @@
CREATE TABLE "audit_logs" (
"id" serial PRIMARY KEY NOT NULL,
"user_id" integer,
"username" text NOT NULL,
"action" text NOT NULL,
"entity_type" text NOT NULL,
"entity_id" text,
"entity_name" text,
"environment_id" integer,
"description" text,
"details" text,
"ip_address" text,
"user_agent" text,
"created_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "auth_settings" (
"id" serial PRIMARY KEY NOT NULL,
"auth_enabled" boolean DEFAULT false,
"default_provider" text DEFAULT 'local',
"session_timeout" integer DEFAULT 86400,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "auto_update_settings" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer,
"container_name" text NOT NULL,
"enabled" boolean DEFAULT false,
"schedule_type" text DEFAULT 'daily',
"cron_expression" text,
"vulnerability_criteria" text DEFAULT 'never',
"last_checked" timestamp,
"last_updated" timestamp,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "auto_update_settings_environment_id_container_name_unique" UNIQUE("environment_id","container_name")
);
--> statement-breakpoint
CREATE TABLE "config_sets" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"description" text,
"env_vars" text,
"labels" text,
"ports" text,
"volumes" text,
"network_mode" text DEFAULT 'bridge',
"restart_policy" text DEFAULT 'no',
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "config_sets_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "container_events" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer,
"container_id" text NOT NULL,
"container_name" text,
"image" text,
"action" text NOT NULL,
"actor_attributes" text,
"timestamp" timestamp NOT NULL,
"created_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "environment_notifications" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer NOT NULL,
"notification_id" integer NOT NULL,
"enabled" boolean DEFAULT true,
"event_types" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "environment_notifications_environment_id_notification_id_unique" UNIQUE("environment_id","notification_id")
);
--> statement-breakpoint
CREATE TABLE "environments" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"host" text,
"port" integer DEFAULT 2375,
"protocol" text DEFAULT 'http',
"tls_ca" text,
"tls_cert" text,
"tls_key" text,
"tls_skip_verify" boolean DEFAULT false,
"icon" text DEFAULT 'globe',
"collect_activity" boolean DEFAULT true,
"collect_metrics" boolean DEFAULT true,
"highlight_changes" boolean DEFAULT true,
"labels" text,
"connection_type" text DEFAULT 'socket',
"socket_path" text DEFAULT '/var/run/docker.sock',
"hawser_token" text,
"hawser_last_seen" timestamp,
"hawser_agent_id" text,
"hawser_agent_name" text,
"hawser_version" text,
"hawser_capabilities" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "environments_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "git_credentials" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"auth_type" text DEFAULT 'none' NOT NULL,
"username" text,
"password" text,
"ssh_private_key" text,
"ssh_passphrase" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "git_credentials_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "git_repositories" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"url" text NOT NULL,
"branch" text DEFAULT 'main',
"credential_id" integer,
"compose_path" text DEFAULT 'docker-compose.yml',
"environment_id" integer,
"auto_update" boolean DEFAULT false,
"auto_update_schedule" text DEFAULT 'daily',
"auto_update_cron" text DEFAULT '0 3 * * *',
"webhook_enabled" boolean DEFAULT false,
"webhook_secret" text,
"last_sync" timestamp,
"last_commit" text,
"sync_status" text DEFAULT 'pending',
"sync_error" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "git_repositories_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "git_stacks" (
"id" serial PRIMARY KEY NOT NULL,
"stack_name" text NOT NULL,
"environment_id" integer,
"repository_id" integer NOT NULL,
"compose_path" text DEFAULT 'docker-compose.yml',
"auto_update" boolean DEFAULT false,
"auto_update_schedule" text DEFAULT 'daily',
"auto_update_cron" text DEFAULT '0 3 * * *',
"webhook_enabled" boolean DEFAULT false,
"webhook_secret" text,
"last_sync" timestamp,
"last_commit" text,
"sync_status" text DEFAULT 'pending',
"sync_error" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "git_stacks_stack_name_environment_id_unique" UNIQUE("stack_name","environment_id")
);
--> statement-breakpoint
CREATE TABLE "hawser_tokens" (
"id" serial PRIMARY KEY NOT NULL,
"token" text NOT NULL,
"token_prefix" text NOT NULL,
"name" text NOT NULL,
"environment_id" integer,
"is_active" boolean DEFAULT true,
"last_used" timestamp,
"created_at" timestamp DEFAULT now(),
"expires_at" timestamp,
CONSTRAINT "hawser_tokens_token_unique" UNIQUE("token")
);
--> statement-breakpoint
CREATE TABLE "host_metrics" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer,
"cpu_percent" double precision NOT NULL,
"memory_percent" double precision NOT NULL,
"memory_used" bigint,
"memory_total" bigint,
"timestamp" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "ldap_config" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"enabled" boolean DEFAULT false,
"server_url" text NOT NULL,
"bind_dn" text,
"bind_password" text,
"base_dn" text NOT NULL,
"user_filter" text DEFAULT '(uid={{username}})',
"username_attribute" text DEFAULT 'uid',
"email_attribute" text DEFAULT 'mail',
"display_name_attribute" text DEFAULT 'cn',
"group_base_dn" text,
"group_filter" text,
"admin_group" text,
"role_mappings" text,
"tls_enabled" boolean DEFAULT false,
"tls_ca" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "notification_settings" (
"id" serial PRIMARY KEY NOT NULL,
"type" text NOT NULL,
"name" text NOT NULL,
"enabled" boolean DEFAULT true,
"config" text NOT NULL,
"event_types" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "oidc_config" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"enabled" boolean DEFAULT false,
"issuer_url" text NOT NULL,
"client_id" text NOT NULL,
"client_secret" text NOT NULL,
"redirect_uri" text NOT NULL,
"scopes" text DEFAULT 'openid profile email',
"username_claim" text DEFAULT 'preferred_username',
"email_claim" text DEFAULT 'email',
"display_name_claim" text DEFAULT 'name',
"admin_claim" text,
"admin_value" text,
"role_mappings_claim" text DEFAULT 'groups',
"role_mappings" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "registries" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"url" text NOT NULL,
"username" text,
"password" text,
"is_default" boolean DEFAULT false,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "registries_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "roles" (
"id" serial PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"description" text,
"is_system" boolean DEFAULT false,
"permissions" text NOT NULL,
"environment_ids" text,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "roles_name_unique" UNIQUE("name")
);
--> statement-breakpoint
CREATE TABLE "schedule_executions" (
"id" serial PRIMARY KEY NOT NULL,
"schedule_type" text NOT NULL,
"schedule_id" integer NOT NULL,
"environment_id" integer,
"entity_name" text NOT NULL,
"triggered_by" text NOT NULL,
"triggered_at" timestamp NOT NULL,
"started_at" timestamp,
"completed_at" timestamp,
"duration" integer,
"status" text NOT NULL,
"error_message" text,
"details" text,
"logs" text,
"created_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "sessions" (
"id" text PRIMARY KEY NOT NULL,
"user_id" integer NOT NULL,
"provider" text NOT NULL,
"expires_at" timestamp NOT NULL,
"created_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "settings" (
"key" text PRIMARY KEY NOT NULL,
"value" text NOT NULL,
"updated_at" timestamp DEFAULT now()
);
--> statement-breakpoint
CREATE TABLE "stack_events" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer,
"stack_name" text NOT NULL,
"event_type" text NOT NULL,
"timestamp" timestamp DEFAULT now(),
"metadata" text
);
--> statement-breakpoint
CREATE TABLE "stack_sources" (
"id" serial PRIMARY KEY NOT NULL,
"stack_name" text NOT NULL,
"environment_id" integer,
"source_type" text DEFAULT 'internal' NOT NULL,
"git_repository_id" integer,
"git_stack_id" integer,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "stack_sources_stack_name_environment_id_unique" UNIQUE("stack_name","environment_id")
);
--> statement-breakpoint
CREATE TABLE "user_preferences" (
"id" serial PRIMARY KEY NOT NULL,
"user_id" integer,
"environment_id" integer,
"key" text NOT NULL,
"value" text NOT NULL,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "user_preferences_user_id_environment_id_key_unique" UNIQUE("user_id","environment_id","key")
);
--> statement-breakpoint
CREATE TABLE "user_roles" (
"id" serial PRIMARY KEY NOT NULL,
"user_id" integer NOT NULL,
"role_id" integer NOT NULL,
"environment_id" integer,
"created_at" timestamp DEFAULT now(),
CONSTRAINT "user_roles_user_id_role_id_environment_id_unique" UNIQUE("user_id","role_id","environment_id")
);
--> statement-breakpoint
CREATE TABLE "users" (
"id" serial PRIMARY KEY NOT NULL,
"username" text NOT NULL,
"email" text,
"password_hash" text NOT NULL,
"display_name" text,
"avatar" text,
"auth_provider" text DEFAULT 'local',
"mfa_enabled" boolean DEFAULT false,
"mfa_secret" text,
"is_active" boolean DEFAULT true,
"last_login" timestamp,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "users_username_unique" UNIQUE("username")
);
--> statement-breakpoint
CREATE TABLE "vulnerability_scans" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer,
"image_id" text NOT NULL,
"image_name" text NOT NULL,
"scanner" text NOT NULL,
"scanned_at" timestamp NOT NULL,
"scan_duration" integer,
"critical_count" integer DEFAULT 0,
"high_count" integer DEFAULT 0,
"medium_count" integer DEFAULT 0,
"low_count" integer DEFAULT 0,
"negligible_count" integer DEFAULT 0,
"unknown_count" integer DEFAULT 0,
"vulnerabilities" text,
"error" text,
"created_at" timestamp DEFAULT now()
);
--> statement-breakpoint
ALTER TABLE "audit_logs" ADD CONSTRAINT "audit_logs_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "audit_logs" ADD CONSTRAINT "audit_logs_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "auto_update_settings" ADD CONSTRAINT "auto_update_settings_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "container_events" ADD CONSTRAINT "container_events_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "environment_notifications" ADD CONSTRAINT "environment_notifications_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "environment_notifications" ADD CONSTRAINT "environment_notifications_notification_id_notification_settings_id_fk" FOREIGN KEY ("notification_id") REFERENCES "public"."notification_settings"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "git_repositories" ADD CONSTRAINT "git_repositories_credential_id_git_credentials_id_fk" FOREIGN KEY ("credential_id") REFERENCES "public"."git_credentials"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "git_stacks" ADD CONSTRAINT "git_stacks_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "git_stacks" ADD CONSTRAINT "git_stacks_repository_id_git_repositories_id_fk" FOREIGN KEY ("repository_id") REFERENCES "public"."git_repositories"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "hawser_tokens" ADD CONSTRAINT "hawser_tokens_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "host_metrics" ADD CONSTRAINT "host_metrics_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "schedule_executions" ADD CONSTRAINT "schedule_executions_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "sessions" ADD CONSTRAINT "sessions_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "stack_events" ADD CONSTRAINT "stack_events_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "stack_sources" ADD CONSTRAINT "stack_sources_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "stack_sources" ADD CONSTRAINT "stack_sources_git_repository_id_git_repositories_id_fk" FOREIGN KEY ("git_repository_id") REFERENCES "public"."git_repositories"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "stack_sources" ADD CONSTRAINT "stack_sources_git_stack_id_git_stacks_id_fk" FOREIGN KEY ("git_stack_id") REFERENCES "public"."git_stacks"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_preferences" ADD CONSTRAINT "user_preferences_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_preferences" ADD CONSTRAINT "user_preferences_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_roles" ADD CONSTRAINT "user_roles_user_id_users_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."users"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_roles" ADD CONSTRAINT "user_roles_role_id_roles_id_fk" FOREIGN KEY ("role_id") REFERENCES "public"."roles"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_roles" ADD CONSTRAINT "user_roles_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "vulnerability_scans" ADD CONSTRAINT "vulnerability_scans_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
CREATE INDEX "audit_logs_user_id_idx" ON "audit_logs" USING btree ("user_id");--> statement-breakpoint
CREATE INDEX "audit_logs_created_at_idx" ON "audit_logs" USING btree ("created_at");--> statement-breakpoint
CREATE INDEX "container_events_env_timestamp_idx" ON "container_events" USING btree ("environment_id","timestamp");--> statement-breakpoint
CREATE INDEX "host_metrics_env_timestamp_idx" ON "host_metrics" USING btree ("environment_id","timestamp");--> statement-breakpoint
CREATE INDEX "schedule_executions_type_id_idx" ON "schedule_executions" USING btree ("schedule_type","schedule_id");--> statement-breakpoint
CREATE INDEX "sessions_user_id_idx" ON "sessions" USING btree ("user_id");--> statement-breakpoint
CREATE INDEX "sessions_expires_at_idx" ON "sessions" USING btree ("expires_at");--> statement-breakpoint
CREATE INDEX "vulnerability_scans_env_image_idx" ON "vulnerability_scans" USING btree ("environment_id","image_id");
drizzle-pg/0001_add_stack_env_vars.sql
+14
View File
@@ -0,0 +1,14 @@
CREATE TABLE "stack_environment_variables" (
"id" serial PRIMARY KEY NOT NULL,
"stack_name" text NOT NULL,
"environment_id" integer,
"key" text NOT NULL,
"value" text NOT NULL,
"is_secret" boolean DEFAULT false,
"created_at" timestamp DEFAULT now(),
"updated_at" timestamp DEFAULT now(),
CONSTRAINT "stack_environment_variables_stack_name_environment_id_key_unique" UNIQUE("stack_name","environment_id","key")
);
--> statement-breakpoint
ALTER TABLE "git_stacks" ADD COLUMN "env_file_path" text;--> statement-breakpoint
ALTER TABLE "stack_environment_variables" ADD CONSTRAINT "stack_environment_variables_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;
drizzle-pg/0002_add_pending_container_updates.sql
+12
View File
@@ -0,0 +1,12 @@
CREATE TABLE "pending_container_updates" (
"id" serial PRIMARY KEY NOT NULL,
"environment_id" integer NOT NULL,
"container_id" text NOT NULL,
"container_name" text NOT NULL,
"current_image" text NOT NULL,
"checked_at" timestamp DEFAULT now(),
"created_at" timestamp DEFAULT now(),
CONSTRAINT "pending_container_updates_environment_id_container_id_unique" UNIQUE("environment_id","container_id")
);
--> statement-breakpoint
ALTER TABLE "pending_container_updates" ADD CONSTRAINT "pending_container_updates_environment_id_environments_id_fk" FOREIGN KEY ("environment_id") REFERENCES "public"."environments"("id") ON DELETE cascade ON UPDATE no action;
drizzle-pg/meta/0000_snapshot.json
+2709
View File
File diff suppressed because it is too large Load Diff
drizzle-pg/meta/0001_snapshot.json
+2803
View File
File diff suppressed because it is too large Load Diff
drizzle-pg/meta/0002_snapshot.json
+2883
View File
File diff suppressed because it is too large Load Diff
drizzle-pg/meta/_journal.json
+27
View File
@@ -0,0 +1,27 @@
{
"version": "7",
"dialect": "postgresql",
"entries": [
{
"idx": 0,
"version": "7",
"when": 1765804022462,
"tag": "0000_initial_schema",
"breakpoints": true
},
{
"idx": 1,
"version": "7",
"when": 1766378770502,
"tag": "0001_add_stack_env_vars",
"breakpoints": true
},
{
"idx": 2,
"version": "7",
"when": 1766763867484,
"tag": "0002_add_pending_container_updates",
"breakpoints": true
}
]
}
drizzle.config.ts
+16
View File
@@ -0,0 +1,16 @@
import { defineConfig } from 'drizzle-kit';
const databaseUrl = process.env.DATABASE_URL;
const isPostgres = databaseUrl && (databaseUrl.startsWith('postgres://') || databaseUrl.startsWith('postgresql://'));
export default defineConfig({
// Use different schema files for SQLite vs PostgreSQL
schema: isPostgres
? './src/lib/server/db/schema/pg-schema.ts'
: './src/lib/server/db/schema/index.ts',
out: isPostgres ? './drizzle-pg' : './drizzle',
dialect: isPostgres ? 'postgresql' : 'sqlite',
dbCredentials: isPostgres
? { url: databaseUrl! }
: { url: `file:${process.env.DATA_DIR || './data'}/dockhand.db` }
});
drizzle/0000_initial_schema.sql
+401
View File
@@ -0,0 +1,401 @@
CREATE TABLE `audit_logs` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`user_id` integer,
`username` text NOT NULL,
`action` text NOT NULL,
`entity_type` text NOT NULL,
`entity_id` text,
`entity_name` text,
`environment_id` integer,
`description` text,
`details` text,
`ip_address` text,
`user_agent` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE set null,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE set null
);
--> statement-breakpoint
CREATE INDEX `audit_logs_user_id_idx` ON `audit_logs` (`user_id`);--> statement-breakpoint
CREATE INDEX `audit_logs_created_at_idx` ON `audit_logs` (`created_at`);--> statement-breakpoint
CREATE TABLE `auth_settings` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`auth_enabled` integer DEFAULT false,
`default_provider` text DEFAULT 'local',
`session_timeout` integer DEFAULT 86400,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE TABLE `auto_update_settings` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer,
`container_name` text NOT NULL,
`enabled` integer DEFAULT false,
`schedule_type` text DEFAULT 'daily',
`cron_expression` text,
`vulnerability_criteria` text DEFAULT 'never',
`last_checked` text,
`last_updated` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE no action
);
--> statement-breakpoint
CREATE UNIQUE INDEX `auto_update_settings_environment_id_container_name_unique` ON `auto_update_settings` (`environment_id`,`container_name`);--> statement-breakpoint
CREATE TABLE `config_sets` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`description` text,
`env_vars` text,
`labels` text,
`ports` text,
`volumes` text,
`network_mode` text DEFAULT 'bridge',
`restart_policy` text DEFAULT 'no',
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `config_sets_name_unique` ON `config_sets` (`name`);--> statement-breakpoint
CREATE TABLE `container_events` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer,
`container_id` text NOT NULL,
`container_name` text,
`image` text,
`action` text NOT NULL,
`actor_attributes` text,
`timestamp` text NOT NULL,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE INDEX `container_events_env_timestamp_idx` ON `container_events` (`environment_id`,`timestamp`);--> statement-breakpoint
CREATE TABLE `environment_notifications` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer NOT NULL,
`notification_id` integer NOT NULL,
`enabled` integer DEFAULT true,
`event_types` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`notification_id`) REFERENCES `notification_settings`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `environment_notifications_environment_id_notification_id_unique` ON `environment_notifications` (`environment_id`,`notification_id`);--> statement-breakpoint
CREATE TABLE `environments` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`host` text,
`port` integer DEFAULT 2375,
`protocol` text DEFAULT 'http',
`tls_ca` text,
`tls_cert` text,
`tls_key` text,
`tls_skip_verify` integer DEFAULT false,
`icon` text DEFAULT 'globe',
`collect_activity` integer DEFAULT true,
`collect_metrics` integer DEFAULT true,
`highlight_changes` integer DEFAULT true,
`labels` text,
`connection_type` text DEFAULT 'socket',
`socket_path` text DEFAULT '/var/run/docker.sock',
`hawser_token` text,
`hawser_last_seen` text,
`hawser_agent_id` text,
`hawser_agent_name` text,
`hawser_version` text,
`hawser_capabilities` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `environments_name_unique` ON `environments` (`name`);--> statement-breakpoint
CREATE TABLE `git_credentials` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`auth_type` text DEFAULT 'none' NOT NULL,
`username` text,
`password` text,
`ssh_private_key` text,
`ssh_passphrase` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `git_credentials_name_unique` ON `git_credentials` (`name`);--> statement-breakpoint
CREATE TABLE `git_repositories` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`url` text NOT NULL,
`branch` text DEFAULT 'main',
`credential_id` integer,
`compose_path` text DEFAULT 'docker-compose.yml',
`environment_id` integer,
`auto_update` integer DEFAULT false,
`auto_update_schedule` text DEFAULT 'daily',
`auto_update_cron` text DEFAULT '0 3 * * *',
`webhook_enabled` integer DEFAULT false,
`webhook_secret` text,
`last_sync` text,
`last_commit` text,
`sync_status` text DEFAULT 'pending',
`sync_error` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`credential_id`) REFERENCES `git_credentials`(`id`) ON UPDATE no action ON DELETE set null
);
--> statement-breakpoint
CREATE UNIQUE INDEX `git_repositories_name_unique` ON `git_repositories` (`name`);--> statement-breakpoint
CREATE TABLE `git_stacks` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`stack_name` text NOT NULL,
`environment_id` integer,
`repository_id` integer NOT NULL,
`compose_path` text DEFAULT 'docker-compose.yml',
`auto_update` integer DEFAULT false,
`auto_update_schedule` text DEFAULT 'daily',
`auto_update_cron` text DEFAULT '0 3 * * *',
`webhook_enabled` integer DEFAULT false,
`webhook_secret` text,
`last_sync` text,
`last_commit` text,
`sync_status` text DEFAULT 'pending',
`sync_error` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`repository_id`) REFERENCES `git_repositories`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `git_stacks_stack_name_environment_id_unique` ON `git_stacks` (`stack_name`,`environment_id`);--> statement-breakpoint
CREATE TABLE `hawser_tokens` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`token` text NOT NULL,
`token_prefix` text NOT NULL,
`name` text NOT NULL,
`environment_id` integer,
`is_active` integer DEFAULT true,
`last_used` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`expires_at` text,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `hawser_tokens_token_unique` ON `hawser_tokens` (`token`);--> statement-breakpoint
CREATE TABLE `host_metrics` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer,
`cpu_percent` real NOT NULL,
`memory_percent` real NOT NULL,
`memory_used` integer,
`memory_total` integer,
`timestamp` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE INDEX `host_metrics_env_timestamp_idx` ON `host_metrics` (`environment_id`,`timestamp`);--> statement-breakpoint
CREATE TABLE `ldap_config` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`enabled` integer DEFAULT false,
`server_url` text NOT NULL,
`bind_dn` text,
`bind_password` text,
`base_dn` text NOT NULL,
`user_filter` text DEFAULT '(uid={{username}})',
`username_attribute` text DEFAULT 'uid',
`email_attribute` text DEFAULT 'mail',
`display_name_attribute` text DEFAULT 'cn',
`group_base_dn` text,
`group_filter` text,
`admin_group` text,
`role_mappings` text,
`tls_enabled` integer DEFAULT false,
`tls_ca` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE TABLE `notification_settings` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`type` text NOT NULL,
`name` text NOT NULL,
`enabled` integer DEFAULT true,
`config` text NOT NULL,
`event_types` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE TABLE `oidc_config` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`enabled` integer DEFAULT false,
`issuer_url` text NOT NULL,
`client_id` text NOT NULL,
`client_secret` text NOT NULL,
`redirect_uri` text NOT NULL,
`scopes` text DEFAULT 'openid profile email',
`username_claim` text DEFAULT 'preferred_username',
`email_claim` text DEFAULT 'email',
`display_name_claim` text DEFAULT 'name',
`admin_claim` text,
`admin_value` text,
`role_mappings_claim` text DEFAULT 'groups',
`role_mappings` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE TABLE `registries` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`url` text NOT NULL,
`username` text,
`password` text,
`is_default` integer DEFAULT false,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `registries_name_unique` ON `registries` (`name`);--> statement-breakpoint
CREATE TABLE `roles` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`name` text NOT NULL,
`description` text,
`is_system` integer DEFAULT false,
`permissions` text NOT NULL,
`environment_ids` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `roles_name_unique` ON `roles` (`name`);--> statement-breakpoint
CREATE TABLE `schedule_executions` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`schedule_type` text NOT NULL,
`schedule_id` integer NOT NULL,
`environment_id` integer,
`entity_name` text NOT NULL,
`triggered_by` text NOT NULL,
`triggered_at` text NOT NULL,
`started_at` text,
`completed_at` text,
`duration` integer,
`status` text NOT NULL,
`error_message` text,
`details` text,
`logs` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE INDEX `schedule_executions_type_id_idx` ON `schedule_executions` (`schedule_type`,`schedule_id`);--> statement-breakpoint
CREATE TABLE `sessions` (
`id` text PRIMARY KEY NOT NULL,
`user_id` integer NOT NULL,
`provider` text NOT NULL,
`expires_at` text NOT NULL,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE INDEX `sessions_user_id_idx` ON `sessions` (`user_id`);--> statement-breakpoint
CREATE INDEX `sessions_expires_at_idx` ON `sessions` (`expires_at`);--> statement-breakpoint
CREATE TABLE `settings` (
`key` text PRIMARY KEY NOT NULL,
`value` text NOT NULL,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE TABLE `stack_events` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer,
`stack_name` text NOT NULL,
`event_type` text NOT NULL,
`timestamp` text DEFAULT CURRENT_TIMESTAMP,
`metadata` text,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE TABLE `stack_sources` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`stack_name` text NOT NULL,
`environment_id` integer,
`source_type` text DEFAULT 'internal' NOT NULL,
`git_repository_id` integer,
`git_stack_id` integer,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`git_repository_id`) REFERENCES `git_repositories`(`id`) ON UPDATE no action ON DELETE set null,
FOREIGN KEY (`git_stack_id`) REFERENCES `git_stacks`(`id`) ON UPDATE no action ON DELETE set null
);
--> statement-breakpoint
CREATE UNIQUE INDEX `stack_sources_stack_name_environment_id_unique` ON `stack_sources` (`stack_name`,`environment_id`);--> statement-breakpoint
CREATE TABLE `user_preferences` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`user_id` integer,
`environment_id` integer,
`key` text NOT NULL,
`value` text NOT NULL,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `user_preferences_user_id_environment_id_key_unique` ON `user_preferences` (`user_id`,`environment_id`,`key`);--> statement-breakpoint
CREATE TABLE `user_roles` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`user_id` integer NOT NULL,
`role_id` integer NOT NULL,
`environment_id` integer,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`role_id`) REFERENCES `roles`(`id`) ON UPDATE no action ON DELETE cascade,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `user_roles_user_id_role_id_environment_id_unique` ON `user_roles` (`user_id`,`role_id`,`environment_id`);--> statement-breakpoint
CREATE TABLE `users` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`username` text NOT NULL,
`email` text,
`password_hash` text NOT NULL,
`display_name` text,
`avatar` text,
`auth_provider` text DEFAULT 'local',
`mfa_enabled` integer DEFAULT false,
`mfa_secret` text,
`is_active` integer DEFAULT true,
`last_login` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP
);
--> statement-breakpoint
CREATE UNIQUE INDEX `users_username_unique` ON `users` (`username`);--> statement-breakpoint
CREATE TABLE `vulnerability_scans` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer,
`image_id` text NOT NULL,
`image_name` text NOT NULL,
`scanner` text NOT NULL,
`scanned_at` text NOT NULL,
`scan_duration` integer,
`critical_count` integer DEFAULT 0,
`high_count` integer DEFAULT 0,
`medium_count` integer DEFAULT 0,
`low_count` integer DEFAULT 0,
`negligible_count` integer DEFAULT 0,
`unknown_count` integer DEFAULT 0,
`vulnerabilities` text,
`error` text,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE INDEX `vulnerability_scans_env_image_idx` ON `vulnerability_scans` (`environment_id`,`image_id`);
drizzle/0001_add_stack_env_vars.sql
+14
View File
@@ -0,0 +1,14 @@
CREATE TABLE `stack_environment_variables` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`stack_name` text NOT NULL,
`environment_id` integer,
`key` text NOT NULL,
`value` text NOT NULL,
`is_secret` integer DEFAULT false,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
`updated_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `stack_environment_variables_stack_name_environment_id_key_unique` ON `stack_environment_variables` (`stack_name`,`environment_id`,`key`);--> statement-breakpoint
ALTER TABLE `git_stacks` ADD `env_file_path` text;
drizzle/0002_add_pending_container_updates.sql
+12
View File
@@ -0,0 +1,12 @@
CREATE TABLE `pending_container_updates` (
`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
`environment_id` integer NOT NULL,
`container_id` text NOT NULL,
`container_name` text NOT NULL,
`current_image` text NOT NULL,
`checked_at` text DEFAULT CURRENT_TIMESTAMP,
`created_at` text DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`environment_id`) REFERENCES `environments`(`id`) ON UPDATE no action ON DELETE cascade
);
--> statement-breakpoint
CREATE UNIQUE INDEX `pending_container_updates_environment_id_container_id_unique` ON `pending_container_updates` (`environment_id`,`container_id`);
drizzle/meta/0000_snapshot.json
+2824
View File
File diff suppressed because it is too large Load Diff
drizzle/meta/0001_snapshot.json
+2924
View File
File diff suppressed because it is too large Load Diff
drizzle/meta/0002_snapshot.json
+3008
View File
File diff suppressed because it is too large Load Diff
drizzle/meta/_journal.json
+27
View File
@@ -0,0 +1,27 @@
{
"version": "7",
"dialect": "sqlite",
"entries": [
{
"idx": 0,
"version": "6",
"when": 1765804016391,
"tag": "0000_initial_schema",
"breakpoints": true
},
{
"idx": 1,
"version": "6",
"when": 1766378754939,
"tag": "0001_add_stack_env_vars",
"breakpoints": true
},
{
"idx": 2,
"version": "6",
"when": 1766763860091,
"tag": "0002_add_pending_container_updates",
"breakpoints": true
}
]
}
images/logo.webp
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.7 KiB

lib/.DS_Store
Vendored
BIN
View File
Binary file not shown.
lib/components/StackEnvVarsPanel.svelte
-236
View File
@@ -1,236 +0,0 @@
<script lang="ts">
import { Button } from '$lib/components/ui/button';
import StackEnvVarsEditor, { type EnvVar, type ValidationResult } from '$lib/components/StackEnvVarsEditor.svelte';
import ConfirmPopover from '$lib/components/ConfirmPopover.svelte';
import { Plus, Info, Upload, Trash2 } from 'lucide-svelte';
import * as Tooltip from '$lib/components/ui/tooltip';
interface Props {
variables: EnvVar[];
validation?: ValidationResult | null;
readonly?: boolean;
showSource?: boolean;
sources?: Record<string, 'file' | 'override'>;
placeholder?: { key: string; value: string };
infoText?: string;
existingSecretKeys?: Set<string>;
class?: string;
onchange?: () => void;
}
let {
variables = $bindable(),
validation = null,
readonly = false,
showSource = false,
sources = {},
placeholder = { key: 'VARIABLE_NAME', value: 'value' },
infoText,
existingSecretKeys = new Set<string>(),
class: className = '',
onchange
}: Props = $props();
let fileInputRef: HTMLInputElement;
function addEnvVariable() {
variables = [...variables, { key: '', value: '', isSecret: false }];
}
function handleLoadFromFile() {
fileInputRef?.click();
}
function parseEnvFile(content: string): EnvVar[] {
const lines = content.split('\n');
const envVars: EnvVar[] = [];
for (const line of lines) {
// Skip empty lines and comments
const trimmed = line.trim();
if (!trimmed || trimmed.startsWith('#')) continue;
// Parse KEY=VALUE format
const eqIndex = trimmed.indexOf('=');
if (eqIndex === -1) continue;
const key = trimmed.slice(0, eqIndex).trim();
let value = trimmed.slice(eqIndex + 1).trim();
// Remove surrounding quotes if present
if ((value.startsWith('"') && value.endsWith('"')) ||
(value.startsWith("'") && value.endsWith("'"))) {
value = value.slice(1, -1);
}
if (key) {
envVars.push({ key, value, isSecret: false });
}
}
return envVars;
}
function handleFileSelect(event: Event) {
const input = event.target as HTMLInputElement;
const file = input.files?.[0];
if (!file) return;
const reader = new FileReader();
reader.onload = (e) => {
const content = e.target?.result as string;
const parsedVars = parseEnvFile(content);
if (parsedVars.length > 0) {
// Get existing keys to avoid duplicates
const existingKeys = new Set(variables.filter(v => v.key.trim()).map(v => v.key.trim()));
// Filter empty entries from current variables
const nonEmptyVars = variables.filter(v => v.key.trim());
// Add new variables, updating existing ones or appending new
for (const newVar of parsedVars) {
if (existingKeys.has(newVar.key)) {
// Update existing variable
const idx = nonEmptyVars.findIndex(v => v.key.trim() === newVar.key);
if (idx !== -1) {
nonEmptyVars[idx] = { ...nonEmptyVars[idx], value: newVar.value };
}
} else {
// Add new variable
nonEmptyVars.push(newVar);
existingKeys.add(newVar.key);
}
}
variables = nonEmptyVars;
// Notify parent of change (important for async file load)
onchange?.();
}
};
reader.readAsText(file);
// Reset input so the same file can be selected again
input.value = '';
}
function clearAllVariables() {
variables = [];
}
// Count of non-empty variables
const hasVariables = $derived(variables.some(v => v.key.trim()));
</script>
<div class="flex flex-col h-full {className}">
<!-- Header -->
<div class="px-4 py-2.5 border-b border-zinc-200 dark:border-zinc-700 flex flex-col gap-1.5">
<div class="flex items-center justify-between">
<div class="flex items-center gap-2">
<span class="text-xs text-zinc-500 dark:text-zinc-400">Environment variables</span>
{#if infoText}
<Tooltip.Root>
<Tooltip.Trigger>
<Info class="w-3.5 h-3.5 text-blue-400" />
</Tooltip.Trigger>
<Tooltip.Content class="max-w-md">
<p class="text-xs">{infoText}</p>
</Tooltip.Content>
</Tooltip.Root>
{/if}
</div>
{#if !readonly}
<div class="flex items-center gap-1">
<Button type="button" size="sm" variant="ghost" onclick={handleLoadFromFile} class="h-6 text-xs px-2">
<Upload class="w-3.5 h-3.5 mr-1" />
Load .env
</Button>
<Button type="button" size="sm" variant="ghost" onclick={addEnvVariable} class="h-6 text-xs px-2">
<Plus class="w-3.5 h-3.5 mr-1" />
Add
</Button>
{#if hasVariables}
<ConfirmPopover
title="Clear all variables"
description="This will remove all environment variables. This cannot be undone."
confirmText="Clear all"
onConfirm={clearAllVariables}
>
<Button type="button" size="sm" variant="ghost" class="h-6 text-xs px-2 text-destructive hover:text-destructive">
<Trash2 class="w-3.5 h-3.5 mr-1" />
Clear
</Button>
</ConfirmPopover>
{/if}
</div>
<input
bind:this={fileInputRef}
type="file"
accept=".env,.env.*,text/plain"
class="hidden"
onchange={handleFileSelect}
/>
{/if}
</div>
<!-- Variable syntax help -->
<div class="flex flex-wrap gap-x-3 gap-y-0.5 text-2xs text-zinc-400 dark:text-zinc-500 font-mono">
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR}`}</span> required</span>
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR:-default}`}</span> optional</span>
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR:?error}`}</span> required w/ error</span>
</div>
<!-- Validation status pills -->
{#if validation}
<div class="flex flex-wrap gap-1">
{#if validation.missing.length > 0}
<span class="inline-flex items-center px-1.5 py-0.5 rounded text-2xs font-medium bg-red-100 text-red-700 dark:bg-red-900/30 dark:text-red-300">
{validation.missing.length} missing
</span>
{/if}
{#if validation.required.length > 0}
<span class="inline-flex items-center px-1.5 py-0.5 rounded text-2xs font-medium bg-green-100 text-green-700 dark:bg-green-900/30 dark:text-green-300">
{validation.required.length - validation.missing.length} required
</span>
{/if}
{#if validation.optional.length > 0}
<span class="inline-flex items-center px-1.5 py-0.5 rounded text-2xs font-medium bg-blue-100 text-blue-700 dark:bg-blue-900/30 dark:text-blue-300">
{validation.optional.length} optional
</span>
{/if}
{#if validation.unused.length > 0}
<span class="inline-flex items-center px-1.5 py-0.5 rounded text-2xs font-medium bg-amber-100 text-amber-700 dark:bg-amber-900/30 dark:text-amber-300">
{validation.unused.length} unused
</span>
{/if}
</div>
{/if}
<!-- Add missing variables -->
{#if validation && validation.missing.length > 0 && !readonly}
<div class="flex flex-wrap gap-1 items-center">
<span class="text-xs text-muted-foreground mr-1">Add missing:</span>
{#each validation.missing as missing}
<button
type="button"
onclick={() => {
variables = [...variables, { key: missing, value: '', isSecret: false }];
}}
class="text-xs px-1.5 py-0.5 rounded bg-red-100 text-red-700 hover:bg-red-200 dark:bg-red-900/30 dark:text-red-300 dark:hover:bg-red-900/50 transition-colors"
>
{missing}
</button>
{/each}
</div>
{/if}
</div>
<!-- Variables list -->
<div class="flex-1 overflow-auto px-4 py-3">
<StackEnvVarsEditor
bind:variables
{validation}
{readonly}
{showSource}
{sources}
{placeholder}
{existingSecretKeys}
/>
</div>
</div>
lib/server/.DS_Store
Vendored
BIN
View File
Binary file not shown.
lib/server/db/.DS_Store
Vendored
BIN
View File
Binary file not shown.
package.json
+110
View File
@@ -0,0 +1,110 @@
{
"name": "dockhand",
"private": true,
"version": "1.0.4",
"type": "module",
"scripts": {
"dev": "bunx --bun vite dev",
"prebuild": "bunx license-checker --json --production | jq 'to_entries | map({name: (.key | split(\"@\")[0:-1] | join(\"@\")), version: (.key | split(\"@\")[-1]), license: .value.licenses, repository: .value.repository}) | sort_by(.name)' > src/lib/data/dependencies.json.tmp && mv src/lib/data/dependencies.json.tmp src/lib/data/dependencies.json || true",
"build": "bunx --bun vite build && bun scripts/patch-build.ts && bun scripts/build-subprocesses.ts",
"start": "bun ./build/index.js",
"preview": "bun ./build/index.js",
"prepare": "bunx --bun svelte-kit sync || echo ''",
"check": "bunx --bun svelte-kit sync && bunx --bun svelte-check --tsconfig ./tsconfig.json",
"check:watch": "bunx --bun svelte-kit sync && bunx --bun svelte-check --tsconfig ./tsconfig.json --watch",
"test": "bun test",
"test:smoke": "bun test tests/api-smoke.test.ts",
"test:containers": "bun test tests/container-lifecycle.test.ts",
"test:notifications": "bun test tests/notifications.test.ts",
"test:hawser": "bun test tests/hawser-connection.test.ts",
"test:build": "SKIP_BUILD_TEST=1 bun test tests/build.test.ts",
"test:postgres": "bun test tests/database-postgres.test.ts",
"test:crud": "bun test tests/crud-operations.test.ts",
"test:scheduling": "bun test tests/scheduling.test.ts",
"test:images": "bun test tests/images.test.ts",
"test:volumes": "bun test tests/volumes-networks.test.ts",
"test:stacks": "bun test tests/stacks.test.ts",
"test:stacks:matrix": "bun test tests/stack-matrix.test.ts",
"test:stacks:git": "bun test tests/stack-git-flow.test.ts",
"test:stacks:env": "bun test tests/stack-env-vars.test.ts",
"test:stacks:all": "bun test tests/stack-*.test.ts tests/stacks.test.ts",
"test:files": "bun test tests/container-files.test.ts",
"test:license": "bun test tests/license.test.ts",
"test:activity": "bun test tests/activity-dashboard.test.ts",
"test:all": "bun test tests/",
"test:quick": "bun test tests/api-smoke.test.ts tests/notifications.test.ts",
"test:integration": "bun test tests/api-smoke.test.ts tests/crud-operations.test.ts tests/scheduling.test.ts tests/hawser-connection.test.ts",
"test:e2e": "bunx playwright test tests/e2e/",
"generate:legal": "bun scripts/generate-legal-pages.ts"
},
"dependencies": {
"@codemirror/autocomplete": "6.20.0",
"@codemirror/commands": "6.10.0",
"@codemirror/lang-css": "6.3.1",
"@codemirror/lang-html": "6.4.11",
"@codemirror/lang-javascript": "6.2.4",
"@codemirror/lang-json": "6.0.2",
"@codemirror/lang-markdown": "6.5.0",
"@codemirror/lang-python": "6.2.1",
"@codemirror/lang-sql": "6.10.0",
"@codemirror/lang-xml": "6.1.0",
"@codemirror/language": "6.11.3",
"@codemirror/search": "6.5.11",
"@lezer/highlight": "1.2.3",
"@lucide/lab": "^0.1.2",
"croner": "9.1.0",
"cronstrue": "3.9.0",
"drizzle-orm": "0.45.0",
"js-yaml": "^4.1.1",
"ldapts": "^8.0.9",
"nodemailer": "^7.0.11",
"otpauth": "^9.4.1",
"postgres": "3.4.7",
"qrcode": "^1.5.4",
"svelte-dnd-action": "0.9.68",
"svelte-sonner": "1.0.7"
},
"devDependencies": {
"@codemirror/lang-yaml": "^6.1.2",
"@codemirror/state": "^6.5.2",
"@codemirror/theme-one-dark": "^6.1.3",
"@codemirror/view": "^6.38.8",
"@internationalized/date": "^3.10.0",
"@layerstack/tailwind": "^1.0.1",
"@lucide/svelte": "^0.544.0",
"@playwright/test": "1.57.0",
"@sveltejs/kit": "^2.48.5",
"@sveltejs/vite-plugin-svelte": "^6.2.1",
"@tailwindcss/vite": "^4.1.17",
"@types/bun": "^1.2.5",
"@types/js-yaml": "^4.0.9",
"@types/nodemailer": "^7.0.4",
"@types/qrcode": "^1.5.6",
"@xterm/addon-fit": "^0.10.0",
"@xterm/addon-web-links": "^0.11.0",
"@xterm/xterm": "^5.5.0",
"autoprefixer": "^10.4.22",
"bits-ui": "^2.14.4",
"clsx": "^2.1.1",
"codemirror": "^6.0.2",
"cytoscape": "^3.33.1",
"d3-scale": "^4.0.2",
"d3-shape": "^3.2.0",
"drizzle-kit": "0.31.8",
"layerchart": "^1.0.12",
"lucide-svelte": "^0.555.0",
"mode-watcher": "^1.1.0",
"postcss": "^8.5.6",
"svelte": "^5.43.8",
"svelte-adapter-bun": "1.0.1",
"svelte-check": "^4.3.4",
"svelte-easy-crop": "^5.0.0",
"svelte-virtual-scroll-list": "^1.3.0",
"tailwind-merge": "^3.4.0",
"tailwind-variants": "^3.2.2",
"tailwindcss": "^4.1.17",
"tw-animate-css": "^1.4.0",
"typescript": "^5.9.3",
"vite": "^7.2.2"
}
}
routes/api/stacks/[name]/env/+server.ts
Vendored
-122
View File
@@ -1,122 +0,0 @@
import { json } from '@sveltejs/kit';
import { getStackEnvVars, setStackEnvVars } from '$lib/server/db';
import { authorize } from '$lib/server/authorize';
import type { RequestHandler } from './$types';
/**
* GET /api/stacks/[name]/env?env=X
* Get all environment variables for a stack.
* Secrets are masked with '***' in the response.
*/
export const GET: RequestHandler = async ({ params, url, cookies }) => {
const auth = await authorize(cookies);
const envId = url.searchParams.get('env');
const envIdNum = envId ? parseInt(envId) : null;
// Permission check with environment context
if (auth.authEnabled && !await auth.can('stacks', 'view', envIdNum ?? undefined)) {
return json({ error: 'Permission denied' }, { status: 403 });
}
// Environment access check (enterprise only)
if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
return json({ error: 'Access denied to this environment' }, { status: 403 });
}
try {
const stackName = decodeURIComponent(params.name);
const variables = await getStackEnvVars(stackName, envIdNum, true);
return json({
variables: variables.map(v => ({
key: v.key,
value: v.value,
isSecret: v.isSecret
}))
});
} catch (error) {
console.error('Error getting stack env vars:', error);
return json({ error: 'Failed to get environment variables' }, { status: 500 });
}
};
/**
* PUT /api/stacks/[name]/env?env=X
* Set/replace all environment variables for a stack.
* Body: { variables: [{ key, value, isSecret? }] }
*
* Note: For secrets, if the value is '***' (the masked placeholder), the original
* secret value from the database is preserved instead of overwriting with '***'.
*/
export const PUT: RequestHandler = async ({ params, url, cookies, request }) => {
const auth = await authorize(cookies);
const envId = url.searchParams.get('env');
const envIdNum = envId ? parseInt(envId) : null;
// Permission check with environment context
if (auth.authEnabled && !await auth.can('stacks', 'edit', envIdNum ?? undefined)) {
return json({ error: 'Permission denied' }, { status: 403 });
}
// Environment access check (enterprise only)
if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
return json({ error: 'Access denied to this environment' }, { status: 403 });
}
try {
const stackName = decodeURIComponent(params.name);
const body = await request.json();
if (!body.variables || !Array.isArray(body.variables)) {
return json({ error: 'Invalid request body: variables array required' }, { status: 400 });
}
// Validate variables
for (const v of body.variables) {
if (!v.key || typeof v.key !== 'string') {
return json({ error: 'Invalid variable: key is required and must be a string' }, { status: 400 });
}
if (typeof v.value !== 'string') {
return json({ error: `Invalid variable "${v.key}": value must be a string` }, { status: 400 });
}
// Validate key format (env var naming convention)
if (!/^[A-Za-z_][A-Za-z0-9_]*$/.test(v.key)) {
return json({ error: `Invalid variable name "${v.key}": must start with a letter or underscore and contain only alphanumeric characters and underscores` }, { status: 400 });
}
}
// Check if any secrets have the masked placeholder '***'
// If so, we need to preserve their original values from the database
const secretsWithMaskedValue = body.variables.filter(
(v: { key: string; value: string; isSecret?: boolean }) =>
v.isSecret && v.value === '***'
);
let variablesToSave = body.variables;
if (secretsWithMaskedValue.length > 0) {
// Get existing variables (unmasked) to preserve secret values
const existingVars = await getStackEnvVars(stackName, envIdNum, false);
const existingByKey = new Map(existingVars.map(v => [v.key, v]));
// Replace masked secrets with their original values
variablesToSave = body.variables.map((v: { key: string; value: string; isSecret?: boolean }) => {
if (v.isSecret && v.value === '***') {
const existing = existingByKey.get(v.key);
if (existing && existing.isSecret) {
// Preserve the original secret value
return { ...v, value: existing.value };
}
}
return v;
});
}
await setStackEnvVars(stackName, envIdNum, variablesToSave);
return json({ success: true, count: variablesToSave.length });
} catch (error) {
console.error('Error setting stack env vars:', error);
return json({ error: 'Failed to set environment variables' }, { status: 500 });
}
};
routes/containers/CreateContainerModal.svelte
-1657
View File
File diff suppressed because it is too large Load Diff
routes/containers/EditContainerModal.svelte
-1299
View File
File diff suppressed because it is too large Load Diff
routes/profile/MfaSetupModal.svelte
-117
View File
@@ -1,117 +0,0 @@
<script lang="ts">
import { Button } from '$lib/components/ui/button';
import * as Dialog from '$lib/components/ui/dialog';
import { Label } from '$lib/components/ui/label';
import { Input } from '$lib/components/ui/input';
import { QrCode, RefreshCw, ShieldCheck, TriangleAlert } from 'lucide-svelte';
import * as Alert from '$lib/components/ui/alert';
import { focusFirstInput } from '$lib/utils';
interface Props {
open: boolean;
qrCode: string;
secret: string;
userId: number;
onClose: () => void;
onSuccess: () => void;
}
let { open = $bindable(), qrCode, secret, userId, onClose, onSuccess }: Props = $props();
let token = $state('');
let loading = $state(false);
let error = $state('');
function resetForm() {
token = '';
error = '';
}
async function verifyAndEnableMfa() {
if (!token) {
error = 'Please enter the verification code';
return;
}
loading = true;
error = '';
try {
const response = await fetch(`/api/users/${userId}/mfa`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ action: 'verify', token })
});
if (response.ok) {
onSuccess();
onClose();
} else {
const data = await response.json();
error = data.error || 'Invalid verification code';
}
} catch (e) {
error = 'Failed to verify MFA';
} finally {
loading = false;
}
}
</script>
<Dialog.Root bind:open onOpenChange={(o) => { if (o) { resetForm(); focusFirstInput(); } else onClose(); }}>
<Dialog.Content class="max-w-md">
<Dialog.Header>
<Dialog.Title class="flex items-center gap-2">
<QrCode class="w-5 h-5" />
Setup two-factor authentication
</Dialog.Title>
</Dialog.Header>
<div class="space-y-4">
{#if error}
<Alert.Root variant="destructive">
<TriangleAlert class="h-4 w-4" />
<Alert.Description>{error}</Alert.Description>
</Alert.Root>
{/if}
<p class="text-sm text-muted-foreground">
Scan this QR code with your authenticator app (Google Authenticator, Authy, etc.)
</p>
{#if qrCode}
<div class="flex justify-center p-4 bg-white rounded-lg">
<img src={qrCode} alt="MFA QR Code" class="w-48 h-48" />
</div>
{/if}
<div class="space-y-2">
<Label class="text-xs text-muted-foreground">Or enter this code manually:</Label>
<code class="block p-2 bg-muted rounded text-sm font-mono break-all">{secret}</code>
</div>
<div class="space-y-2">
<Label>Verification code</Label>
<Input
bind:value={token}
placeholder="Enter 6-digit code"
maxlength={6}
/>
<p class="text-xs text-muted-foreground">
Enter the code from your authenticator app to verify setup
</p>
</div>
</div>
<Dialog.Footer>
<Button variant="outline" onclick={onClose}>Cancel</Button>
<Button onclick={verifyAndEnableMfa} disabled={loading || !token}>
{#if loading}
<RefreshCw class="w-4 h-4 mr-1 animate-spin" />
{:else}
<ShieldCheck class="w-4 h-4 mr-1" />
{/if}
Enable MFA
</Button>
</Dialog.Footer>
</Dialog.Content>
</Dialog.Root>
app.css → src/app.css
View File
app.d.ts → src/app.d.ts
Vendored
View File
app.html → src/app.html
View File
hooks.server.ts → src/hooks.server.ts
View File
lib/actions/column-resize.ts → src/lib/actions/column-resize.ts
View File
lib/assets/favicon.svg → src/lib/assets/favicon.svg
View File
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.5 KiB

After

Width:  |  Height:  |  Size: 1.5 KiB

lib/components/AvatarCropper.svelte → src/lib/components/AvatarCropper.svelte
View File
lib/components/BatchOperationModal.svelte → src/lib/components/BatchOperationModal.svelte
View File
lib/components/CodeEditor.svelte → src/lib/components/CodeEditor.svelte
+101 -16
View File
@@ -3,11 +3,51 @@
import { EditorState, StateField, StateEffect, RangeSet } from '@codemirror/state';
import { EditorView, keymap, lineNumbers, highlightActiveLine, highlightActiveLineGutter, gutter, GutterMarker, Decoration, WidgetType, type DecorationSet } from '@codemirror/view';
import { defaultKeymap, history, historyKeymap, indentWithTab } from '@codemirror/commands';
import { syntaxHighlighting, defaultHighlightStyle, indentOnInput, bracketMatching } from '@codemirror/language';
import { syntaxHighlighting, defaultHighlightStyle, indentOnInput, bracketMatching, StreamLanguage, type StreamParser } from '@codemirror/language';
import { searchKeymap, highlightSelectionMatches } from '@codemirror/search';
import { autocompletion, completionKeymap, closeBrackets, closeBracketsKeymap, type CompletionContext, type CompletionResult } from '@codemirror/autocomplete';
import { oneDarkHighlightStyle } from '@codemirror/theme-one-dark';
// Simple dotenv/env file language parser
const dotenvParser: StreamParser<{ inValue: boolean }> = {
startState() {
return { inValue: false };
},
token(stream, state) {
// Start of line
if (stream.sol()) {
state.inValue = false;
// Skip leading whitespace
stream.eatSpace();
// Comment line
if (stream.peek() === '#') {
stream.skipToEnd();
return 'comment';
}
}
// If in value part, consume the rest
if (state.inValue) {
stream.skipToEnd();
return 'string';
}
// Variable name before =
if (stream.match(/^[a-zA-Z_][a-zA-Z0-9_]*/)) {
if (stream.peek() === '=') {
return 'variableName.definition';
}
return 'variableName';
}
// Equals sign - switch to value mode
if (stream.eat('=')) {
state.inValue = true;
return 'operator';
}
// Skip anything else
stream.next();
return null;
}
};
// Docker Compose keywords for autocomplete
const COMPOSE_TOP_LEVEL = ['services', 'networks', 'volumes', 'configs', 'secrets', 'name', 'version'];
@@ -453,6 +493,9 @@
case 'sh':
// No dedicated shell/dockerfile support, use basic highlighting
return [];
case 'dotenv':
case 'env':
return StreamLanguage.define(dotenvParser);
default:
return [];
}
@@ -542,6 +585,13 @@
// Track if we're initialized (prevents multiple createEditor calls)
let initialized = false;
// Debounce timer for marker updates (prevents flicker during fast typing)
let markerUpdateTimer: ReturnType<typeof setTimeout> | null = null;
const MARKER_UPDATE_DEBOUNCE_MS = 300;
// Track last applied markers to avoid redundant updates
let lastAppliedMarkersJson = '';
function createEditor() {
if (!container || view || initialized) return;
initialized = true;
@@ -551,12 +601,14 @@
: [dockhandLight, syntaxHighlighting(defaultHighlightStyle)];
// Build autocompletion config - add Docker Compose completions for YAML
// Note: activateOnTyping can interfere with key repeat, so we disable it
// Users can still trigger autocomplete manually with Ctrl+Space
const autocompletionConfig = language === 'yaml'
? autocompletion({
override: [composeCompletions, composeValueCompletions],
activateOnTyping: true
activateOnTyping: false
})
: autocompletion();
: autocompletion({ activateOnTyping: false });
const extensions = [
lineNumbers(),
@@ -594,18 +646,25 @@
extensions
});
// Custom transaction handler - this is SYNCHRONOUS and more reliable than updateListener
// Custom transaction handler - applies transactions synchronously but defers callback
// Based on the Svelte Playground pattern: https://svelte.dev/playground/91649ba3e0ce4122b3b34f3a95a00104
const dispatchTransactions = (trs: readonly import('@codemirror/state').Transaction[]) => {
if (!view) return;
// Apply all transactions
// Apply all transactions synchronously (required by CodeMirror)
view.update(trs);
// Check if any transaction changed the document
const lastChangingTr = trs.findLast(tr => tr.docChanged);
if (lastChangingTr && onchangeRef) {
onchangeRef(lastChangingTr.newDoc.toString());
// Defer callback to next microtask to avoid blocking input handling
// This allows key repeat to work properly
const newContent = lastChangingTr.newDoc.toString();
queueMicrotask(() => {
if (onchangeRef) {
onchangeRef(newContent);
}
});
}
};
@@ -615,7 +674,6 @@
dispatchTransactions
});
// Push initial markers if provided
if (variableMarkers.length > 0) {
view.dispatch({
@@ -625,11 +683,16 @@
}
function destroyEditor() {
if (markerUpdateTimer) {
clearTimeout(markerUpdateTimer);
markerUpdateTimer = null;
}
if (view) {
view.destroy();
view = null;
}
initialized = false;
lastAppliedMarkersJson = '';
}
// Get current editor content
@@ -656,11 +719,35 @@
}
// Update variable markers - this is the key method for parent to call
export function updateVariableMarkers(markers: VariableMarker[]) {
if (view) {
view.dispatch({
effects: updateMarkersEffect.of(markers)
});
// Debounced to prevent flicker during fast typing
export function updateVariableMarkers(markers: VariableMarker[], immediate = false) {
if (!view) return;
// Check if markers actually changed (compare by content, not reference)
const newJson = JSON.stringify(markers);
if (newJson === lastAppliedMarkersJson) {
return; // No change, skip update
}
// Clear any pending update
if (markerUpdateTimer) {
clearTimeout(markerUpdateTimer);
markerUpdateTimer = null;
}
const applyUpdate = () => {
if (view) {
lastAppliedMarkersJson = newJson;
view.dispatch({
effects: updateMarkersEffect.of(markers)
});
}
};
if (immediate) {
applyUpdate();
} else {
markerUpdateTimer = setTimeout(applyUpdate, MARKER_UPDATE_DEBOUNCE_MS);
}
}
@@ -693,12 +780,11 @@
});
// Update markers when prop changes (backup mechanism, parent should also call updateVariableMarkers)
// Uses the debounced update to prevent flicker during fast typing
$effect(() => {
const markers = variableMarkers;
if (view && markers) {
view.dispatch({
effects: updateMarkersEffect.of(markers)
});
updateVariableMarkers(markers);
}
});
</script>
@@ -706,7 +792,6 @@
<div
bind:this={container}
class="h-full w-full overflow-hidden {className}"
onkeydown={(e) => e.stopPropagation()}
></div>
<style>
lib/components/ColumnSettingsPopover.svelte → src/lib/components/ColumnSettingsPopover.svelte
View File
lib/components/CommandPalette.svelte → src/lib/components/CommandPalette.svelte
View File
lib/components/ConfirmPopover.svelte → src/lib/components/ConfirmPopover.svelte
View File
lib/components/ExecutionLogViewer.svelte → src/lib/components/ExecutionLogViewer.svelte
View File
lib/components/MultiSelectFilter.svelte → src/lib/components/MultiSelectFilter.svelte
View File
lib/components/PageHeader.svelte → src/lib/components/PageHeader.svelte
View File
lib/components/PasswordStrengthIndicator.svelte → src/lib/components/PasswordStrengthIndicator.svelte
View File
lib/components/PullTab.svelte → src/lib/components/PullTab.svelte
+6 -1
View File
@@ -46,6 +46,8 @@
let status = $state<PullStatus>('idle');
let image = $state(initialImageName);
let duration = $state(0);
// Track whether image was set from initial prop vs typed by user
let hasAutoStarted = $state(false);
// Notify parent of status changes
$effect(() => {
@@ -82,8 +84,10 @@
onImageChange?.(image);
});
// Auto-start only once for prefilled images, not when user is typing
$effect(() => {
if (autoStart && image && status === 'idle') {
if (autoStart && initialImageName && image === initialImageName && status === 'idle' && !hasAutoStarted) {
hasAutoStarted = true;
startPull();
}
});
@@ -133,6 +137,7 @@
layerOrder = 0;
outputLines = [];
duration = 0;
hasAutoStarted = false;
}
export function getImage() {
lib/components/PushTab.svelte → src/lib/components/PushTab.svelte
View File
lib/components/ScanTab.svelte → src/lib/components/ScanTab.svelte
View File
lib/components/ScannerSeverityPills.svelte → src/lib/components/ScannerSeverityPills.svelte
View File
lib/components/Sidebar.svelte → src/lib/components/Sidebar.svelte
View File
lib/components/StackEnvVarsEditor.svelte → src/lib/components/StackEnvVarsEditor.svelte
+1 -1
View File
@@ -99,7 +99,7 @@
<div class="space-y-3">
<!-- Variables List -->
<div class="space-y-3">
{#each variables as variable, index}
{#each variables as variable, index (index)}
{@const source = getSource(variable.key)}
{@const isVarRequired = isRequired(variable.key)}
{@const isVarOptional = isOptional(variable.key)}
src/lib/components/StackEnvVarsPanel.svelte
+398
View File
@@ -0,0 +1,398 @@
<script lang="ts">
import { tick, untrack } from 'svelte';
import { Button } from '$lib/components/ui/button';
import StackEnvVarsEditor, { type EnvVar, type ValidationResult } from '$lib/components/StackEnvVarsEditor.svelte';
import CodeEditor from '$lib/components/CodeEditor.svelte';
import ConfirmPopover from '$lib/components/ConfirmPopover.svelte';
import { Plus, Info, Upload, Trash2, List, FileText, AlertTriangle } from 'lucide-svelte';
import * as Tooltip from '$lib/components/ui/tooltip';
interface Props {
variables: EnvVar[]; // Bindable - kept in sync with rawContent
rawContent?: string; // The actual content saved to disk - source of truth
validation?: ValidationResult | null;
readonly?: boolean;
showSource?: boolean;
sources?: Record<string, 'file' | 'override'>;
placeholder?: { key: string; value: string };
infoText?: string;
existingSecretKeys?: Set<string>;
class?: string;
onchange?: () => void;
}
let {
variables = $bindable([]),
rawContent = $bindable(''),
validation = null,
readonly = false,
showSource = false,
sources = {},
placeholder = { key: 'VARIABLE_NAME', value: 'value' },
infoText,
existingSecretKeys = new Set<string>(),
class: className = '',
onchange
}: Props = $props();
const STORAGE_KEY_VIEW_MODE = 'dockhand-env-vars-view-mode';
let fileInputRef: HTMLInputElement;
let viewMode = $state<'form' | 'text'>(
(typeof localStorage !== 'undefined' && localStorage.getItem(STORAGE_KEY_VIEW_MODE) as 'form' | 'text') || 'form'
);
let confirmClearOpen = $state(false);
let contentAreaRef: HTMLDivElement;
let parseWarnings = $state<string[]>([]);
let editorTheme = $state<'light' | 'dark'>('dark');
// Track previous variables to detect form changes
let prevVariablesJson = $state('');
// Track if initial sync has been done (to distinguish initial load from user action)
let initialized = $state(false);
// Parse raw content to EnvVar array
function parseRawContent(content: string): { vars: EnvVar[], warnings: string[] } {
const result: EnvVar[] = [];
const warnings: string[] = [];
let lineNum = 0;
for (const line of content.split('\n')) {
lineNum++;
const trimmed = line.trim();
if (!trimmed || trimmed.startsWith('#')) continue;
const eqIndex = trimmed.indexOf('=');
if (eqIndex === -1) {
warnings.push(`Line ${lineNum}: "${trimmed.slice(0, 30)}${trimmed.length > 30 ? '...' : ''}" (no = found)`);
continue;
}
const key = trimmed.slice(0, eqIndex).trim();
let value = trimmed.slice(eqIndex + 1);
if ((value.startsWith('"') && value.endsWith('"')) ||
(value.startsWith("'") && value.endsWith("'"))) {
value = value.slice(1, -1);
}
if (key) {
if (!/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(key)) {
warnings.push(`Line ${lineNum}: "${key}" (invalid variable name)`);
continue;
}
result.push({
key,
value,
isSecret: existingSecretKeys.has(key) || false
});
}
}
return { vars: result, warnings };
}
// Update rawContent when variables change - replace var lines by position, preserve comments
function syncRawContentFromVariables(newVars: EnvVar[]) {
const lines = rawContent.split('\n');
const resultLines: string[] = [];
const varsWithKeys = newVars.filter(v => v.key.trim());
let varIdx = 0;
for (const line of lines) {
const trimmed = line.trim();
// Keep comments and blank lines
if (!trimmed || trimmed.startsWith('#')) {
resultLines.push(line);
continue;
}
const eqIndex = trimmed.indexOf('=');
if (eqIndex > 0) {
const key = trimmed.slice(0, eqIndex).trim();
if (/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(key)) {
// This is a valid variable line - replace with var at current index
if (varIdx < varsWithKeys.length) {
const v = varsWithKeys[varIdx];
resultLines.push(`${v.key.trim()}=${v.value}`);
varIdx++;
}
// If we have fewer vars, this line is deleted
continue;
}
}
// Keep invalid lines as-is
resultLines.push(line);
}
// Append any new variables
while (varIdx < varsWithKeys.length) {
const v = varsWithKeys[varIdx];
resultLines.push(`${v.key.trim()}=${v.value}`);
varIdx++;
}
let result = resultLines.join('\n');
if (result && !result.endsWith('\n')) {
result += '\n';
}
return result;
}
// When rawContent changes externally (text view, file load), update variables
$effect(() => {
const { vars, warnings } = parseRawContent(rawContent);
parseWarnings = warnings;
// Initial load with no .env file: don't overwrite DB-loaded variables
// Let the second $effect generate rawContent from the existing variables instead
if (!initialized && !rawContent.trim() && variables.length > 0) {
initialized = true;
return;
}
initialized = true;
// When rawContent has content, merge parsed vars with existing DB secrets
// This handles the case where .env file exists but DB has additional secrets
let finalVars = vars;
if (rawContent.trim()) {
const parsedKeys = new Set(vars.map(v => v.key));
const existingSecrets = untrack(() =>
variables.filter(v => v.isSecret && !parsedKeys.has(v.key))
);
if (existingSecrets.length > 0) {
finalVars = [...vars, ...existingSecrets];
}
}
const newJson = JSON.stringify(finalVars.map(v => ({ key: v.key, value: v.value })));
// Use untrack to read variables without creating a dependency on it
// This prevents the effect from running when variables changes (only rawContent should trigger it)
const currentNonEmptyJson = untrack(() =>
JSON.stringify(variables.filter(v => v.key.trim()).map(v => ({ key: v.key, value: v.value })))
);
if (newJson !== currentNonEmptyJson) {
variables = finalVars;
prevVariablesJson = newJson;
}
});
// When variables change from form edits, update rawContent
$effect(() => {
const currentJson = JSON.stringify(variables.map(v => ({ key: v.key, value: v.value })));
// Only sync if variables actually changed (not from parsing rawContent)
if (currentJson !== prevVariablesJson) {
prevVariablesJson = currentJson;
const newRaw = syncRawContentFromVariables(variables);
if (newRaw !== rawContent) {
rawContent = newRaw;
}
}
});
function handleTextChange(value: string) {
rawContent = value;
onchange?.();
}
function handleViewModeChange(newMode: 'form' | 'text') {
viewMode = newMode;
localStorage.setItem(STORAGE_KEY_VIEW_MODE, newMode);
}
async function addEnvVariable() {
variables = [...variables, { key: '', value: '', isSecret: false }];
onchange?.();
await tick();
if (contentAreaRef) {
contentAreaRef.scrollTop = contentAreaRef.scrollHeight;
}
}
async function addMissingVariable(key: string) {
variables = [...variables, { key, value: '', isSecret: false }];
onchange?.();
await tick();
if (contentAreaRef) {
contentAreaRef.scrollTop = contentAreaRef.scrollHeight;
}
}
function handleLoadFromFile() {
fileInputRef?.click();
}
function handleFileSelect(event: Event) {
const input = event.target as HTMLInputElement;
const file = input.files?.[0];
if (!file) return;
const reader = new FileReader();
reader.onload = (e) => {
rawContent = e.target?.result as string;
onchange?.();
};
reader.readAsText(file);
input.value = '';
}
function clearAll() {
rawContent = '';
variables = [];
onchange?.();
}
const hasContent = $derived(!!rawContent?.trim() || variables.some(v => v.key.trim()));
</script>
<div class="flex flex-col h-full {className}">
<!-- Header -->
<div class="px-4 py-2.5 border-b border-zinc-200 dark:border-zinc-700 flex flex-col gap-1.5">
<div class="flex items-center justify-between gap-2">
<div class="flex items-center gap-2 flex-nowrap min-w-0">
<span class="text-xs text-zinc-500 dark:text-zinc-400">Environment variables</span>
{#if infoText}
<Tooltip.Root>
<Tooltip.Trigger>
<Info class="w-3.5 h-3.5 text-blue-400" />
</Tooltip.Trigger>
<Tooltip.Portal>
<Tooltip.Content side="bottom" sideOffset={8} class="max-w-xs w-64 bg-white dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 border-zinc-200 dark:border-zinc-700">
<p class="text-xs text-left">{infoText}</p>
</Tooltip.Content>
</Tooltip.Portal>
</Tooltip.Root>
{/if}
<!-- View mode toggle -->
<div class="flex items-center gap-0.5 bg-zinc-100 dark:bg-zinc-800 rounded p-0.5 ml-1">
<button
type="button"
class="flex items-center gap-1 px-1.5 py-0.5 rounded text-2xs transition-colors {viewMode === 'form' ? 'bg-white dark:bg-zinc-700 text-zinc-800 dark:text-zinc-100 shadow-sm' : 'text-zinc-500 dark:text-zinc-400 hover:text-zinc-700 dark:hover:text-zinc-200'}"
onclick={() => handleViewModeChange('form')}
title="Form view"
>
<List class="w-3 h-3" />
</button>
<button
type="button"
class="flex items-center gap-1 px-1.5 py-0.5 rounded text-2xs transition-colors {viewMode === 'text' ? 'bg-white dark:bg-zinc-700 text-zinc-800 dark:text-zinc-100 shadow-sm' : 'text-zinc-500 dark:text-zinc-400 hover:text-zinc-700 dark:hover:text-zinc-200'}"
onclick={() => handleViewModeChange('text')}
title="Text view (raw .env file)"
>
<FileText class="w-3 h-3" />
</button>
</div>
</div>
{#if !readonly}
<div class="flex items-center gap-1 shrink-0 ml-4">
<Button type="button" size="sm" variant="ghost" onclick={handleLoadFromFile} class="h-6 text-xs px-2">
<Upload class="w-3.5 h-3.5 mr-1" />
Load .env
</Button>
{#if viewMode === 'form'}
<Button type="button" size="sm" variant="ghost" onclick={addEnvVariable} class="h-6 text-xs px-2">
<Plus class="w-3.5 h-3.5 mr-1" />
Add
</Button>
{/if}
<div class="{hasContent ? '' : 'invisible'}">
<ConfirmPopover
bind:open={confirmClearOpen}
title="Clear all variables?"
action="clear"
itemType="environment variables"
confirmText="Clear all"
onConfirm={clearAll}
onOpenChange={(o) => confirmClearOpen = o}
>
{#snippet children({ open })}
<Button type="button" size="sm" variant="ghost" class="h-6 text-xs px-2 text-destructive hover:text-destructive">
<Trash2 class="w-3.5 h-3.5 mr-1" />
Clear
</Button>
{/snippet}
</ConfirmPopover>
</div>
</div>
<input
bind:this={fileInputRef}
type="file"
accept=".env,.env.*,text/plain"
class="hidden"
onchange={handleFileSelect}
/>
{/if}
</div>
<!-- Help text -->
{#if viewMode === 'form'}
<div class="flex flex-wrap gap-x-3 gap-y-0.5 text-2xs text-zinc-400 dark:text-zinc-500 font-mono">
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR}`}</span> required</span>
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR:-default}`}</span> optional</span>
<span><span class="text-zinc-500 dark:text-zinc-400">${`{VAR:?error}`}</span> required w/ error</span>
</div>
{:else}
<div class="text-2xs text-zinc-400 dark:text-zinc-500">
Raw .env file (comments preserved, saved exactly as typed)
</div>
{/if}
<!-- Parse warnings (form mode only) -->
{#if viewMode === 'form' && parseWarnings.length > 0}
<div class="flex items-start gap-2 px-2 py-1.5 rounded bg-amber-50 dark:bg-amber-900/20 border border-amber-200 dark:border-amber-800/50">
<AlertTriangle class="w-3.5 h-3.5 text-amber-500 shrink-0 mt-0.5" />
<div class="text-2xs text-amber-700 dark:text-amber-300">
<span class="font-medium">Some lines couldn't be parsed:</span>
<ul class="mt-0.5 list-disc list-inside">
{#each parseWarnings.slice(0, 3) as warning}
<li>{warning}</li>
{/each}
{#if parseWarnings.length > 3}
<li>...and {parseWarnings.length - 3} more</li>
{/if}
</ul>
<p class="mt-1 text-amber-600 dark:text-amber-400">Switch to text view to edit these lines.</p>
</div>
</div>
{/if}
<!-- Add missing variables (form mode only) -->
{#if viewMode === 'form' && validation && validation.missing.length > 0 && !readonly}
<div class="flex flex-wrap gap-1 items-center">
<span class="text-xs text-muted-foreground mr-1">Add missing:</span>
{#each validation.missing as missing}
<button
type="button"
onclick={() => addMissingVariable(missing)}
class="text-xs px-1.5 py-0.5 rounded bg-red-100 text-red-700 hover:bg-red-200 dark:bg-red-900/30 dark:text-red-300 dark:hover:bg-red-900/50 transition-colors"
>
{missing}
</button>
{/each}
</div>
{/if}
</div>
<!-- Content area -->
<div bind:this={contentAreaRef} class="flex-1 overflow-auto px-4 py-3">
{#if viewMode === 'form'}
<StackEnvVarsEditor
bind:variables
{validation}
{readonly}
{showSource}
{sources}
{placeholder}
{existingSecretKeys}
/>
{:else}
<CodeEditor
value={rawContent}
language="dotenv"
theme={editorTheme}
readonly={readonly}
onchange={handleTextChange}
class="h-full min-h-[200px] rounded-md overflow-hidden border border-zinc-200 dark:border-zinc-700"
/>
{/if}
</div>
</div>
lib/components/ThemeSelector.svelte → src/lib/components/ThemeSelector.svelte
View File
lib/components/TimezoneSelector.svelte → src/lib/components/TimezoneSelector.svelte
View File
lib/components/UpdateContainerRow.svelte → src/lib/components/UpdateContainerRow.svelte
View File
lib/components/UpdateStepIndicator.svelte → src/lib/components/UpdateStepIndicator.svelte
View File
lib/components/UpdateSummaryStats.svelte → src/lib/components/UpdateSummaryStats.svelte
View File
lib/components/VulnerabilityCriteriaBadge.svelte → src/lib/components/VulnerabilityCriteriaBadge.svelte
View File
lib/components/VulnerabilityCriteriaSelector.svelte → src/lib/components/VulnerabilityCriteriaSelector.svelte
View File
lib/components/WhatsNewModal.svelte → src/lib/components/WhatsNewModal.svelte
View File
lib/components/app-sidebar.svelte → src/lib/components/app-sidebar.svelte
View File
lib/components/cron-editor.svelte → src/lib/components/cron-editor.svelte
View File
lib/components/data-grid/DataGrid.svelte → src/lib/components/data-grid/DataGrid.svelte
View File
lib/components/data-grid/context.ts → src/lib/components/data-grid/context.ts
View File
lib/components/data-grid/index.ts → src/lib/components/data-grid/index.ts
View File
lib/components/data-grid/types.ts → src/lib/components/data-grid/types.ts
View File
lib/components/host-info.svelte → src/lib/components/host-info.svelte
View File
lib/components/icon-picker.svelte → src/lib/components/icon-picker.svelte
View File
lib/components/main-content.svelte → src/lib/components/main-content.svelte
View File
lib/components/permission-guard.svelte → src/lib/components/permission-guard.svelte
View File
lib/components/theme-toggle.svelte → src/lib/components/theme-toggle.svelte
View File
lib/components/ui/accordion/accordion-content.svelte → src/lib/components/ui/accordion/accordion-content.svelte
View File
lib/components/ui/accordion/accordion-item.svelte → src/lib/components/ui/accordion/accordion-item.svelte
View File
lib/components/ui/accordion/accordion-trigger.svelte → src/lib/components/ui/accordion/accordion-trigger.svelte
View File
lib/components/ui/accordion/accordion.svelte → src/lib/components/ui/accordion/accordion.svelte
View File
lib/components/ui/accordion/index.ts → src/lib/components/ui/accordion/index.ts
View File
lib/components/ui/alert/alert-description.svelte → src/lib/components/ui/alert/alert-description.svelte
View File
lib/components/ui/alert/alert-title.svelte → src/lib/components/ui/alert/alert-title.svelte
View File
lib/components/ui/alert/alert.svelte → src/lib/components/ui/alert/alert.svelte
View File
lib/components/ui/alert/index.ts → src/lib/components/ui/alert/index.ts
View File
lib/components/ui/avatar/avatar-fallback.svelte → src/lib/components/ui/avatar/avatar-fallback.svelte
View File
lib/components/ui/avatar/avatar-image.svelte → src/lib/components/ui/avatar/avatar-image.svelte
View File
lib/components/ui/avatar/avatar.svelte → src/lib/components/ui/avatar/avatar.svelte
View File
lib/components/ui/avatar/index.ts → src/lib/components/ui/avatar/index.ts
View File
lib/components/ui/badge/badge.svelte → src/lib/components/ui/badge/badge.svelte
View File
lib/components/ui/badge/index.ts → src/lib/components/ui/badge/index.ts
View File
lib/components/ui/button/button.svelte → src/lib/components/ui/button/button.svelte
View File
lib/components/ui/button/index.ts → src/lib/components/ui/button/index.ts
View File
lib/components/ui/calendar/calendar-caption.svelte → src/lib/components/ui/calendar/calendar-caption.svelte
View File
lib/components/ui/calendar/calendar-cell.svelte → src/lib/components/ui/calendar/calendar-cell.svelte
View File
lib/components/ui/calendar/calendar-day.svelte → src/lib/components/ui/calendar/calendar-day.svelte
View File
lib/components/ui/calendar/calendar-grid-body.svelte → src/lib/components/ui/calendar/calendar-grid-body.svelte
View File
lib/components/ui/calendar/calendar-grid-head.svelte → src/lib/components/ui/calendar/calendar-grid-head.svelte
View File
lib/components/ui/calendar/calendar-grid-row.svelte → src/lib/components/ui/calendar/calendar-grid-row.svelte
View File

Some files were not shown because too many files have changed in this diff Show More