dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4067 from KaelWD/feat/deployment-token

Browse Source 
feat: add deploy-only token permission
This commit is contained in:
Andras Bacsai
2024-12-09 11:15:28 +01:00
committed by GitHub
parent 6aa87116e9 3fa7d03db7
commit 7744f46be6
39 changed files with 518 additions and 495 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/Http/Controllers/Api/ApplicationsController.php
View File

@@ -25,26 +25,24 @@ class ApplicationsController extends Controller
{
private function removeSensitiveData($application)
{
$token = auth()->user()->currentAccessToken();
$application->makeHidden([
'id',
]);
if ($token->can('view:sensitive')) {
return serializeApiResponse($application);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$application->makeHidden([
'custom_labels',
'dockerfile',
'docker_compose',
'docker_compose_raw',
'manual_webhook_secret_bitbucket',
'manual_webhook_secret_gitea',
'manual_webhook_secret_github',
'manual_webhook_secret_gitlab',
'private_key_id',
'value',
'real_value',
]);
}
$application->makeHidden([
'custom_labels',
'dockerfile',
'docker_compose',
'docker_compose_raw',
'manual_webhook_secret_bitbucket',
'manual_webhook_secret_gitea',
'manual_webhook_secret_github',
'manual_webhook_secret_gitlab',
'private_key_id',
'value',
'real_value',
]);
return serializeApiResponse($application);
}

25
app/Http/Controllers/Api/DatabasesController.php
View File

@@ -19,26 +19,23 @@ class DatabasesController extends Controller
{
private function removeSensitiveData($database)
{
$token = auth()->user()->currentAccessToken();
$database->makeHidden([
'id',
'laravel_through_key',
]);
if ($token->can('view:sensitive')) {
return serializeApiResponse($database);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$database->makeHidden([
'internal_db_url',
'external_db_url',
'postgres_password',
'dragonfly_password',
'redis_password',
'mongo_initdb_root_password',
'keydb_password',
'clickhouse_admin_password',
]);
}
$database->makeHidden([
'internal_db_url',
'external_db_url',
'postgres_password',
'dragonfly_password',
'redis_password',
'mongo_initdb_root_password',
'keydb_password',
'clickhouse_admin_password',
]);
return serializeApiResponse($database);
}

11
app/Http/Controllers/Api/DeployController.php
View File

@@ -16,15 +16,12 @@ class DeployController extends Controller
{
private function removeSensitiveData($deployment)
{
$token = auth()->user()->currentAccessToken();
if ($token->can('view:sensitive')) {
return serializeApiResponse($deployment);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$deployment->makeHidden([
'logs',
]);
}
$deployment->makeHidden([
'logs',
]);
return serializeApiResponse($deployment);
}

10
app/Http/Controllers/Api/SecurityController.php
View File

@@ -11,13 +11,11 @@ class SecurityController extends Controller
{
private function removeSensitiveData($team)
{
$token = auth()->user()->currentAccessToken();
if ($token->can('view:sensitive')) {
return serializeApiResponse($team);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$team->makeHidden([
'private_key',
]);
}
$team->makeHidden([
'private_key',
]);
return serializeApiResponse($team);
}

15
app/Http/Controllers/Api/ServersController.php
View File

@@ -19,25 +19,22 @@ class ServersController extends Controller
{
private function removeSensitiveDataFromSettings($settings)
{
$token = auth()->user()->currentAccessToken();
if ($token->can('view:sensitive')) {
return serializeApiResponse($settings);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$settings = $settings->makeHidden([
'sentinel_token',
]);
}
$settings = $settings->makeHidden([
'sentinel_token',
]);
return serializeApiResponse($settings);
}
private function removeSensitiveData($server)
{
$token = auth()->user()->currentAccessToken();
$server->makeHidden([
'id',
]);
if ($token->can('view:sensitive')) {
return serializeApiResponse($server);
if (request()->attributes->get('can_read_sensitive', false) === false) {
// Do nothing
}
return serializeApiResponse($server);

13
app/Http/Controllers/Api/ServicesController.php
View File

@@ -18,19 +18,16 @@ class ServicesController extends Controller
{
private function removeSensitiveData($service)
{
$token = auth()->user()->currentAccessToken();
$service->makeHidden([
'id',
]);
if ($token->can('view:sensitive')) {
return serializeApiResponse($service);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$service->makeHidden([
'docker_compose_raw',
'docker_compose',
]);
}
$service->makeHidden([
'docker_compose_raw',
'docker_compose',
]);
return serializeApiResponse($service);
}

16
app/Http/Controllers/Api/TeamController.php
View File

@@ -10,20 +10,18 @@ class TeamController extends Controller
{
private function removeSensitiveData($team)
{
$token = auth()->user()->currentAccessToken();
$team->makeHidden([
'custom_server_limit',
'pivot',
]);
if ($token->can('view:sensitive')) {
return serializeApiResponse($team);
if (request()->attributes->get('can_read_sensitive', false) === false) {
$team->makeHidden([
'smtp_username',
'smtp_password',
'resend_api_key',
'telegram_token',
]);
}
$team->makeHidden([
'smtp_username',
'smtp_password',
'resend_api_key',
'telegram_token',
]);
return serializeApiResponse($team);
}

2
app/Http/Kernel.php
View File

@@ -69,5 +69,7 @@ class Kernel extends HttpKernel
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'abilities' => \Laravel\Sanctum\Http\Middleware\CheckAbilities::class,
'ability' => \Laravel\Sanctum\Http\Middleware\CheckForAnyAbility::class,
'api.ability' => \App\Http\Middleware\ApiAbility::class,
'api.sensitive' => \App\Http\Middleware\ApiSensitiveData::class,
];
}

27
app/Http/Middleware/ApiAbility.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use Laravel\Sanctum\Http\Middleware\CheckForAnyAbility;
class ApiAbility extends CheckForAnyAbility
{
public function handle($request, $next, ...$abilities)
{
try {
if ($request->user()->tokenCan('root')) {
return $next($request);
}
return parent::handle($request, $next, ...$abilities);
} catch (\Illuminate\Auth\AuthenticationException $e) {
return response()->json([
'message' => 'Unauthenticated.',
], 401);
} catch (\Exception $e) {
return response()->json([
'message' => 'Missing required permissions: '.implode(', ', $abilities),
], 403);
}
}
}

21
app/Http/Middleware/ApiSensitiveData.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class ApiSensitiveData
{
public function handle(Request $request, Closure $next)
{
$token = $request->user()->currentAccessToken();
// Allow access to sensitive data if token has root or read:sensitive permission
$request->attributes->add([
'can_read_sensitive' => $token->can('root') || $token->can('read:sensitive'),
]);
return $next($request);
}
}

28
app/Http/Middleware/IgnoreReadOnlyApiToken.php
View File

@@ -1,28 +0,0 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class IgnoreReadOnlyApiToken
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$token = auth()->user()->currentAccessToken();
if ($token->can('*')) {
return $next($request);
}
if ($token->can('read-only')) {
return response()->json(['message' => 'You are not allowed to perform this action.'], 403);
}
return $next($request);
}
}

25
app/Http/Middleware/OnlyRootApiToken.php
View File

@@ -1,25 +0,0 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class OnlyRootApiToken
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$token = auth()->user()->currentAccessToken();
if ($token->can('*')) {
return $next($request);
}
return response()->json(['message' => 'You are not allowed to perform this action.'], 403);
}
}

1
app/Livewire/Notifications/Slack.php
View File

@@ -82,6 +82,7 @@ class Slack extends Component
$this->saveModel();
} catch (\Throwable $e) {
$this->slackEnabled = false;
return handleError($e, $this);
}
}

77
app/Livewire/Security/ApiTokens.php
View File

@@ -11,13 +11,7 @@ class ApiTokens extends Component
public $tokens = [];
public bool $viewSensitiveData = false;
public bool $readOnly = true;
public bool $rootAccess = false;
public array $permissions = ['read-only'];
public array $permissions = ['read'];
public $isApiEnabled;
@@ -29,51 +23,28 @@ class ApiTokens extends Component
public function mount()
{
$this->isApiEnabled = InstanceSettings::get()->is_api_enabled;
$this->getTokens();
}
private function getTokens()
{
$this->tokens = auth()->user()->tokens->sortByDesc('created_at');
}
public function updatedViewSensitiveData()
public function updatedPermissions($permissionToUpdate)
{
if ($this->viewSensitiveData) {
$this->permissions[] = 'view:sensitive';
$this->permissions = array_diff($this->permissions, ['*']);
$this->rootAccess = false;
if ($permissionToUpdate == 'root') {
$this->permissions = ['root'];
} elseif ($permissionToUpdate == 'read:sensitive' && ! in_array('read', $this->permissions)) {
$this->permissions[] = 'read';
} elseif ($permissionToUpdate == 'deploy') {
$this->permissions = ['deploy'];
} else {
$this->permissions = array_diff($this->permissions, ['view:sensitive']);
}
$this->makeSureOneIsSelected();
}
public function updatedReadOnly()
{
if ($this->readOnly) {
$this->permissions[] = 'read-only';
$this->permissions = array_diff($this->permissions, ['*']);
$this->rootAccess = false;
} else {
$this->permissions = array_diff($this->permissions, ['read-only']);
}
$this->makeSureOneIsSelected();
}
public function updatedRootAccess()
{
if ($this->rootAccess) {
$this->permissions = ['*'];
$this->readOnly = false;
$this->viewSensitiveData = false;
} else {
$this->readOnly = true;
$this->permissions = ['read-only'];
}
}
public function makeSureOneIsSelected()
{
if (count($this->permissions) == 0) {
$this->permissions = ['read-only'];
$this->readOnly = true;
if (count($this->permissions) == 0) {
$this->permissions = ['read'];
}
}
sort($this->permissions);
}
public function addNewToken()
@@ -82,8 +53,8 @@ class ApiTokens extends Component
$this->validate([
'description' => 'required|min:3|max:255',
]);
$token = auth()->user()->createToken($this->description, $this->permissions);
$this->tokens = auth()->user()->tokens;
$token = auth()->user()->createToken($this->description, array_values($this->permissions));
$this->getTokens();
session()->flash('token', $token->plainTextToken);
} catch (\Exception $e) {
return handleError($e, $this);
@@ -92,8 +63,12 @@ class ApiTokens extends Component
public function revoke(int $id)
{
$token = auth()->user()->tokens()->where('id', $id)->first();
$token->delete();
$this->tokens = auth()->user()->tokens;
try {
$token = auth()->user()->tokens()->where('id', $id)->firstOrFail();
$token->delete();
$this->getTokens();
} catch (\Exception $e) {
return handleError($e, $this);
}
}
}

2
app/Models/Team.php
View File

@@ -167,7 +167,7 @@ class Team extends Model implements SendsDiscord, SendsEmail, SendsSlack
return 9999999;
}
$team = Team::find(currentTeam()->id);
if (!$team) {
if (! $team) {
return 0;
}

22
app/Notifications/Application/DeploymentFailed.php
View File

@@ -40,7 +40,7 @@ class DeploymentFailed extends CustomEmailNotification
if (str($this->fqdn)->explode(',')->count() > 1) {
$this->fqdn = str($this->fqdn)->explode(',')->first();
}
$this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
$this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
}
public function via(object $notifiable): array
@@ -54,10 +54,10 @@ class DeploymentFailed extends CustomEmailNotification
$pull_request_id = data_get($this->preview, 'pull_request_id', 0);
$fqdn = $this->fqdn;
if ($pull_request_id === 0) {
$mail->subject('Coolify: Deployment failed of ' . $this->application_name . '.');
$mail->subject('Coolify: Deployment failed of '.$this->application_name.'.');
} else {
$fqdn = $this->preview->fqdn;
$mail->subject('Coolify: Deployment failed of pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . '.');
$mail->subject('Coolify: Deployment failed of pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.'.');
}
$mail->view('emails.application-deployment-failed', [
'name' => $this->application_name,
@@ -74,7 +74,7 @@ class DeploymentFailed extends CustomEmailNotification
if ($this->preview) {
$message = new DiscordMessage(
title: ':cross_mark: Deployment failed',
description: 'Pull request: ' . $this->preview->pull_request_id,
description: 'Pull request: '.$this->preview->pull_request_id,
color: DiscordMessage::errorColor(),
isCritical: true,
);
@@ -83,13 +83,13 @@ class DeploymentFailed extends CustomEmailNotification
$message->addField('Environment', $this->environment_name, true);
$message->addField('Name', $this->application_name, true);
$message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')');
$message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')');
if ($this->fqdn) {
$message->addField('Domain', $this->fqdn, true);
}
} else {
if ($this->fqdn) {
$description = '[Open application](' . $this->fqdn . ')';
$description = '[Open application]('.$this->fqdn.')';
} else {
$description = '';
}
@@ -104,7 +104,7 @@ class DeploymentFailed extends CustomEmailNotification
$message->addField('Environment', $this->environment_name, true);
$message->addField('Name', $this->application_name, true);
$message->addField('Deployment Logs', '[Link](' . $this->deployment_url . ')');
$message->addField('Deployment Logs', '[Link]('.$this->deployment_url.')');
}
return $message;
@@ -113,9 +113,9 @@ class DeploymentFailed extends CustomEmailNotification
public function toTelegram(): array
{
if ($this->preview) {
$message = 'Coolify: Pull request #' . $this->preview->pull_request_id . ' of ' . $this->application_name . ' (' . $this->preview->fqdn . ') deployment failed: ';
$message = 'Coolify: Pull request #'.$this->preview->pull_request_id.' of '.$this->application_name.' ('.$this->preview->fqdn.') deployment failed: ';
} else {
$message = 'Coolify: Deployment failed of ' . $this->application_name . ' (' . $this->fqdn . '): ';
$message = 'Coolify: Deployment failed of '.$this->application_name.' ('.$this->fqdn.'): ';
}
$buttons[] = [
'text' => 'Deployment logs',
@@ -139,14 +139,14 @@ class DeploymentFailed extends CustomEmailNotification
$description .= "\nPreview URL: {$this->preview->fqdn}";
}
} else {
$title = "Deployment failed";
$title = 'Deployment failed';
$description = "Deployment failed for {$this->application_name}";
if ($this->fqdn) {
$description .= "\nApplication URL: {$this->fqdn}";
}
}
$description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name');
$description .= "\n\n**Project:** ".data_get($this->application, 'environment.project.name');
$description .= "\n**Environment:** {$this->environment_name}";
$description .= "\n**Deployment Logs:** {$this->deployment_url}";

23
app/Notifications/Application/DeploymentSuccess.php
View File

@@ -6,8 +6,8 @@ use App\Models\Application;
use App\Models\ApplicationPreview;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class DeploymentSuccess extends CustomEmailNotification
{
@@ -40,7 +40,7 @@ class DeploymentSuccess extends CustomEmailNotification
if (str($this->fqdn)->explode(',')->count() > 1) {
$this->fqdn = str($this->fqdn)->explode(',')->first();
}
$this->deployment_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
$this->deployment_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->application->uuid}/deployment/{$this->deployment_uuid}";
}
public function via(object $notifiable): array
@@ -80,21 +80,21 @@ class DeploymentSuccess extends CustomEmailNotification
if ($this->preview) {
$message = new DiscordMessage(
title: ':white_check_mark: Preview deployment successful',
description: 'Pull request: ' . $this->preview->pull_request_id,
description: 'Pull request: '.$this->preview->pull_request_id,
color: DiscordMessage::successColor(),
);
if ($this->preview->fqdn) {
$message->addField('Application', '[Link](' . $this->preview->fqdn . ')');
$message->addField('Application', '[Link]('.$this->preview->fqdn.')');
}
$message->addField('Project', data_get($this->application, 'environment.project.name'), true);
$message->addField('Environment', $this->environment_name, true);
$message->addField('Name', $this->application_name, true);
$message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')');
$message->addField('Deployment logs', '[Link]('.$this->deployment_url.')');
} else {
if ($this->fqdn) {
$description = '[Open application](' . $this->fqdn . ')';
$description = '[Open application]('.$this->fqdn.')';
} else {
$description = '';
}
@@ -107,7 +107,7 @@ class DeploymentSuccess extends CustomEmailNotification
$message->addField('Environment', $this->environment_name, true);
$message->addField('Name', $this->application_name, true);
$message->addField('Deployment logs', '[Link](' . $this->deployment_url . ')');
$message->addField('Deployment logs', '[Link]('.$this->deployment_url.')');
}
return $message;
@@ -116,7 +116,7 @@ class DeploymentSuccess extends CustomEmailNotification
public function toTelegram(): array
{
if ($this->preview) {
$message = 'Coolify: New PR' . $this->preview->pull_request_id . ' version successfully deployed of ' . $this->application_name . '';
$message = 'Coolify: New PR'.$this->preview->pull_request_id.' version successfully deployed of '.$this->application_name.'';
if ($this->preview->fqdn) {
$buttons[] = [
'text' => 'Open Application',
@@ -124,7 +124,7 @@ class DeploymentSuccess extends CustomEmailNotification
];
}
} else {
$message = '✅ New version successfully deployed of ' . $this->application_name . '';
$message = '✅ New version successfully deployed of '.$this->application_name.'';
if ($this->fqdn) {
$buttons[] = [
'text' => 'Open Application',
@@ -145,7 +145,6 @@ class DeploymentSuccess extends CustomEmailNotification
];
}
public function toSlack(): SlackMessage
{
if ($this->preview) {
@@ -155,14 +154,14 @@ class DeploymentSuccess extends CustomEmailNotification
$description .= "\nPreview URL: {$this->preview->fqdn}";
}
} else {
$title = "New version successfully deployed";
$title = 'New version successfully deployed';
$description = "New version successfully deployed for {$this->application_name}";
if ($this->fqdn) {
$description .= "\nApplication URL: {$this->fqdn}";
}
}
$description .= "\n\n**Project:** " . data_get($this->application, 'environment.project.name');
$description .= "\n\n**Project:** ".data_get($this->application, 'environment.project.name');
$description .= "\n**Environment:** {$this->environment_name}";
$description .= "\n**Deployment Logs:** {$this->deployment_url}";

12
app/Notifications/Application/StatusChanged.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\Application;
use App\Models\Application;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class StatusChanged extends CustomEmailNotification
{
@@ -30,7 +30,7 @@ class StatusChanged extends CustomEmailNotification
if (str($this->fqdn)->explode(',')->count() > 1) {
$this->fqdn = str($this->fqdn)->explode(',')->first();
}
$this->resource_url = base_url() . "/project/{$this->project_uuid}/" . urlencode($this->environment_name) . "/application/{$this->resource->uuid}";
$this->resource_url = base_url()."/project/{$this->project_uuid}/".urlencode($this->environment_name)."/application/{$this->resource->uuid}";
}
public function via(object $notifiable): array
@@ -56,7 +56,7 @@ class StatusChanged extends CustomEmailNotification
{
return new DiscordMessage(
title: ':cross_mark: Application stopped',
description: '[Open Application in Coolify](' . $this->resource_url . ')',
description: '[Open Application in Coolify]('.$this->resource_url.')',
color: DiscordMessage::errorColor(),
isCritical: true,
);
@@ -64,7 +64,7 @@ class StatusChanged extends CustomEmailNotification
public function toTelegram(): array
{
$message = 'Coolify: ' . $this->resource_name . ' has been stopped.';
$message = 'Coolify: '.$this->resource_name.' has been stopped.';
return [
'message' => $message,
@@ -79,10 +79,10 @@ class StatusChanged extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Application stopped";
$title = 'Application stopped';
$description = "{$this->resource_name} has been stopped";
$description .= "\n\n**Project:** " . data_get($this->resource, 'environment.project.name');
$description .= "\n\n**Project:** ".data_get($this->resource, 'environment.project.name');
$description .= "\n**Environment:** {$this->environment_name}";
$description .= "\n**Application URL:** {$this->resource_url}";

6
app/Notifications/Container/ContainerRestarted.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\Container;
use App\Models\Server;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class ContainerRestarted extends CustomEmailNotification
{
@@ -42,7 +42,7 @@ class ContainerRestarted extends CustomEmailNotification
);
if ($this->url) {
$message->addField('Resource', '[Link](' . $this->url . ')');
$message->addField('Resource', '[Link]('.$this->url.')');
}
return $message;
@@ -70,7 +70,7 @@ class ContainerRestarted extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Resource restarted";
$title = 'Resource restarted';
$description = "A resource ({$this->name}) has been restarted automatically on {$this->server->name}";
if ($this->url) {

6
app/Notifications/Container/ContainerStopped.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\Container;
use App\Models\Server;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class ContainerStopped extends CustomEmailNotification
{
@@ -42,7 +42,7 @@ class ContainerStopped extends CustomEmailNotification
);
if ($this->url) {
$message->addField('Resource', '[Link](' . $this->url . ')');
$message->addField('Resource', '[Link]('.$this->url.')');
}
return $message;
@@ -70,7 +70,7 @@ class ContainerStopped extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Resource stopped";
$title = 'Resource stopped';
$description = "A resource ({$this->name}) has been stopped unexpectedly on {$this->server->name}";
if ($this->url) {

4
app/Notifications/Database/BackupFailed.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\Database;
use App\Models\ScheduledDatabaseBackup;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class BackupFailed extends CustomEmailNotification
{
@@ -66,7 +66,7 @@ class BackupFailed extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Database backup failed";
$title = 'Database backup failed';
$description = "Database backup for {$this->name} (db:{$this->database_name}) has FAILED.";
$description .= "\n\n**Frequency:** {$this->frequency}";

4
app/Notifications/Database/BackupSuccess.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\Database;
use App\Models\ScheduledDatabaseBackup;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class BackupSuccess extends CustomEmailNotification
{
@@ -64,7 +64,7 @@ class BackupSuccess extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Database backup successful";
$title = 'Database backup successful';
$description = "Database backup for {$this->name} (db:{$this->database_name}) was successful.";
$description .= "\n\n**Frequency:** {$this->frequency}";

3
app/Notifications/Dto/SlackMessage.php
View File

@@ -8,8 +8,7 @@ class SlackMessage
public string $title,
public string $description,
public string $color = '#0099ff'
) {
}
) {}
public static function infoColor(): string
{

2
app/Notifications/Internal/GeneralNotification.php
View File

@@ -3,8 +3,8 @@
namespace App\Notifications\Internal;
use App\Notifications\Channels\DiscordChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Channels\SlackChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Dto\DiscordMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Bus\Queueable;

6
app/Notifications/ScheduledTask/TaskFailed.php
View File

@@ -5,8 +5,8 @@ namespace App\Notifications\ScheduledTask;
use App\Models\ScheduledTask;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use Illuminate\Notifications\Messages\MailMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class TaskFailed extends CustomEmailNotification
{
@@ -49,7 +49,7 @@ class TaskFailed extends CustomEmailNotification
);
if ($this->url) {
$message->addField('Scheduled task', '[Link](' . $this->url . ')');
$message->addField('Scheduled task', '[Link]('.$this->url.')');
}
return $message;
@@ -72,7 +72,7 @@ class TaskFailed extends CustomEmailNotification
public function toSlack(): SlackMessage
{
$title = "Scheduled task failed";
$title = 'Scheduled task failed';
$description = "Scheduled task ({$this->task->name}) failed.";
if ($this->output) {

9
app/Notifications/Server/ForceDisabled.php
View File

@@ -5,11 +5,11 @@ namespace App\Notifications\Server;
use App\Models\Server;
use App\Notifications\Channels\DiscordChannel;
use App\Notifications\Channels\EmailChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Channels\SlackChannel;
use App\Notifications\Dto\SlackMessage;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class ForceDisabled extends CustomEmailNotification
@@ -73,13 +73,12 @@ class ForceDisabled extends CustomEmailNotification
];
}
public function toSlack(): SlackMessage
{
$title = "Server disabled";
$title = 'Server disabled';
$description = "Server ({$this->server->name}) disabled because it is not paid!\n";
$description .= "All automations and integrations are stopped.\n\n";
$description .= "Please update your subscription to enable the server again: https://app.coolify.io/subscriptions";
$description .= 'Please update your subscription to enable the server again: https://app.coolify.io/subscriptions';
return new SlackMessage(
title: $title,

6
app/Notifications/Server/ForceEnabled.php
View File

@@ -5,11 +5,11 @@ namespace App\Notifications\Server;
use App\Models\Server;
use App\Notifications\Channels\DiscordChannel;
use App\Notifications\Channels\EmailChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Channels\SlackChannel;
use App\Notifications\Dto\SlackMessage;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class ForceEnabled extends CustomEmailNotification
@@ -69,7 +69,6 @@ class ForceEnabled extends CustomEmailNotification
];
}
public function toSlack(): SlackMessage
{
return new SlackMessage(
@@ -78,5 +77,4 @@ class ForceEnabled extends CustomEmailNotification
color: SlackMessage::successColor()
);
}
}

6
app/Notifications/Server/HighDiskUsage.php
View File

@@ -45,7 +45,7 @@ class HighDiskUsage extends CustomEmailNotification
$message->addField('Disk usage', "{$this->disk_usage}%", true);
$message->addField('Threshold', "{$this->server_disk_usage_notification_threshold}%", true);
$message->addField('What to do?', '[Link](https://coolify.io/docs/knowledge-base/server/automated-cleanup)', true);
$message->addField('Change Settings', '[Threshold](' . base_url() . '/server/' . $this->server->uuid . '#advanced) | [Notification](' . base_url() . '/notifications/discord)');
$message->addField('Change Settings', '[Threshold]('.base_url().'/server/'.$this->server->uuid.'#advanced) | [Notification]('.base_url().'/notifications/discord)');
return $message;
}
@@ -65,8 +65,8 @@ class HighDiskUsage extends CustomEmailNotification
$description .= "Please cleanup your disk to prevent data-loss.\n";
$description .= "Tips for cleanup: https://coolify.io/docs/knowledge-base/server/automated-cleanup\n";
$description .= "Change settings:\n";
$description .= "- Threshold: " . base_url() . "/server/" . $this->server->uuid . "#advanced\n";
$description .= "- Notifications: " . base_url() . "/notifications/discord";
$description .= '- Threshold: '.base_url().'/server/'.$this->server->uuid."#advanced\n";
$description .= '- Notifications: '.base_url().'/notifications/discord';
return new SlackMessage(
title: 'High disk usage detected',

11
app/Notifications/Server/Reachable.php
View File

@@ -5,11 +5,11 @@ namespace App\Notifications\Server;
use App\Models\Server;
use App\Notifications\Channels\DiscordChannel;
use App\Notifications\Channels\EmailChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Channels\SlackChannel;
use App\Notifications\Dto\SlackMessage;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class Reachable extends CustomEmailNotification
@@ -20,7 +20,7 @@ class Reachable extends CustomEmailNotification
{
$this->onQueue('high');
$this->isRateLimited = isEmailRateLimited(
limiterKey: 'server-reachable:' . $this->server->id,
limiterKey: 'server-reachable:'.$this->server->id,
);
}
@@ -78,13 +78,10 @@ class Reachable extends CustomEmailNotification
];
}
public function toSlack(): SlackMessage
{
return new SlackMessage(
title: "Server revived",
title: 'Server revived',
description: "Server '{$this->server->name}' revived.\nAll automations & integrations are turned on again!",
color: SlackMessage::successColor()
);

9
app/Notifications/Server/Unreachable.php
View File

@@ -5,11 +5,11 @@ namespace App\Notifications\Server;
use App\Models\Server;
use App\Notifications\Channels\DiscordChannel;
use App\Notifications\Channels\EmailChannel;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\Channels\SlackChannel;
use App\Notifications\Dto\SlackMessage;
use App\Notifications\Channels\TelegramChannel;
use App\Notifications\CustomEmailNotification;
use App\Notifications\Dto\DiscordMessage;
use App\Notifications\Dto\SlackMessage;
use Illuminate\Notifications\Messages\MailMessage;
class Unreachable extends CustomEmailNotification
@@ -20,7 +20,7 @@ class Unreachable extends CustomEmailNotification
{
$this->onQueue('high');
$this->isRateLimited = isEmailRateLimited(
limiterKey: 'server-unreachable:' . $this->server->id,
limiterKey: 'server-unreachable:'.$this->server->id,
);
}
@@ -83,12 +83,11 @@ class Unreachable extends CustomEmailNotification
];
}
public function toSlack(): SlackMessage
{
$description = "Your server '{$this->server->name}' is unreachable.\n";
$description .= "All automations & integrations are turned off!\n\n";
$description .= "*IMPORTANT:* We automatically try to revive your server and turn on all automations & integrations.";
$description .= '*IMPORTANT:* We automatically try to revive your server and turn on all automations & integrations.';
return new SlackMessage(
title: 'Server unreachable',

1
app/View/Components/Forms/Checkbox.php
View File

@@ -15,6 +15,7 @@ class Checkbox extends Component
public ?string $id = null,
public ?string $name = null,
public ?string $value = null,
public ?string $domValue = null,
public ?string $label = null,
public ?string $helper = null,
public string|bool|null $checked = false,

262
bootstrap/helpers/shared.php
View File

@@ -68,27 +68,27 @@ function base_configuration_dir(): string
}
function application_configuration_dir(): string
{
return base_configuration_dir() . '/applications';
return base_configuration_dir().'/applications';
}
function service_configuration_dir(): string
{
return base_configuration_dir() . '/services';
return base_configuration_dir().'/services';
}
function database_configuration_dir(): string
{
return base_configuration_dir() . '/databases';
return base_configuration_dir().'/databases';
}
function database_proxy_dir($uuid): string
{
return base_configuration_dir() . "/databases/$uuid/proxy";
return base_configuration_dir()."/databases/$uuid/proxy";
}
function backup_dir(): string
{
return base_configuration_dir() . '/backups';
return base_configuration_dir().'/backups';
}
function metrics_dir(): string
{
return base_configuration_dir() . '/metrics';
return base_configuration_dir().'/metrics';
}
function sanitize_string(?string $input = null): ?string
@@ -139,15 +139,15 @@ function showBoarding(): bool
}
function refreshSession(?Team $team = null): void
{
if (!$team) {
if (! $team) {
if (Auth::user()->currentTeam()) {
$team = Team::find(Auth::user()->currentTeam()->id);
} else {
$team = User::find(Auth::id())->teams->first();
}
}
Cache::forget('team:' . Auth::id());
Cache::remember('team:' . Auth::id(), 3600, function () use ($team) {
Cache::forget('team:'.Auth::id());
Cache::remember('team:'.Auth::id(), 3600, function () use ($team) {
return $team;
});
session(['currentTeam' => $team]);
@@ -179,7 +179,7 @@ function handleError(?Throwable $error = null, ?Livewire\Component $livewire = n
$message = null;
}
if ($customErrorMessage) {
$message = $customErrorMessage . ' ' . $message;
$message = $customErrorMessage.' '.$message;
}
if (isset($livewire)) {
@@ -252,7 +252,7 @@ function generateSSHKey(string $type = 'rsa')
function formatPrivateKey(string $privateKey)
{
$privateKey = trim($privateKey);
if (!str_ends_with($privateKey, "\n")) {
if (! str_ends_with($privateKey, "\n")) {
$privateKey .= "\n";
}
@@ -274,7 +274,7 @@ function is_transactional_emails_active(): bool
function set_transanctional_email_settings(?InstanceSettings $settings = null): ?string
{
if (!$settings) {
if (! $settings) {
$settings = instanceSettings();
}
config()->set('mail.from.address', data_get($settings, 'smtp_from_address'));
@@ -374,7 +374,7 @@ function isSubscribed()
function isProduction(): bool
{
return !isDev();
return ! isDev();
}
function isDev(): bool
{
@@ -427,14 +427,14 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null
{
$settings = instanceSettings();
$type = set_transanctional_email_settings($settings);
if (!$type) {
if (! $type) {
throw new Exception('No email settings found.');
}
if ($cc) {
Mail::send(
[],
[],
fn(Message $message) => $message
fn (Message $message) => $message
->to($email)
->replyTo($email)
->cc($cc)
@@ -445,7 +445,7 @@ function send_user_an_email(MailMessage $mail, string $email, ?string $cc = null
Mail::send(
[],
[],
fn(Message $message) => $message
fn (Message $message) => $message
->to($email)
->subject($mail->subject)
->html((string) $mail->render())
@@ -594,7 +594,7 @@ function getResourceByUuid(string $uuid, ?int $teamId = null)
return null;
}
$resource = queryResourcesByUuid($uuid);
if (!is_null($resource) && $resource->environment->project->team_id === $teamId) {
if (! is_null($resource) && $resource->environment->project->team_id === $teamId) {
return $resource;
}
@@ -686,29 +686,29 @@ function queryResourcesByUuid(string $uuid)
function generateTagDeployWebhook($tag_name)
{
$baseUrl = base_url();
$api = Url::fromString($baseUrl) . '/api/v1';
$api = Url::fromString($baseUrl).'/api/v1';
$endpoint = "/deploy?tag=$tag_name";
return $api . $endpoint;
return $api.$endpoint;
}
function generateDeployWebhook($resource)
{
$baseUrl = base_url();
$api = Url::fromString($baseUrl) . '/api/v1';
$api = Url::fromString($baseUrl).'/api/v1';
$endpoint = '/deploy';
$uuid = data_get($resource, 'uuid');
return $api . $endpoint . "?uuid=$uuid&force=false";
return $api.$endpoint."?uuid=$uuid&force=false";
}
function generateGitManualWebhook($resource, $type)
{
if ($resource->source_id !== 0 && !is_null($resource->source_id)) {
if ($resource->source_id !== 0 && ! is_null($resource->source_id)) {
return null;
}
if ($resource->getMorphClass() === \App\Models\Application::class) {
$baseUrl = base_url();
return Url::fromString($baseUrl) . "/webhooks/source/$type/events/manual";
return Url::fromString($baseUrl)."/webhooks/source/$type/events/manual";
}
return null;
@@ -735,7 +735,7 @@ function getTopLevelNetworks(Service|Application $resource)
$hasHostNetworkMode = data_get($service, 'network_mode') === 'host' ? true : false;
// Only add 'networks' key if 'network_mode' is not 'host'
if (!$hasHostNetworkMode) {
if (! $hasHostNetworkMode) {
// Collect/create/update networks
if ($serviceNetworks->count() > 0) {
foreach ($serviceNetworks as $networkName => $networkDetails) {
@@ -749,7 +749,7 @@ function getTopLevelNetworks(Service|Application $resource)
$networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
return $value == $networkName || $key == $networkName;
});
if (!$networkExists) {
if (! $networkExists) {
if (is_string($networkDetails) || is_int($networkDetails)) {
$topLevelNetworks->put($networkDetails, null);
}
@@ -760,7 +760,7 @@ function getTopLevelNetworks(Service|Application $resource)
$definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
return $value == $definedNetwork;
});
if (!$definedNetworkExists) {
if (! $definedNetworkExists) {
foreach ($definedNetwork as $network) {
$topLevelNetworks->put($network, [
'name' => $network,
@@ -801,7 +801,7 @@ function getTopLevelNetworks(Service|Application $resource)
$networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
return $value == $networkName || $key == $networkName;
});
if (!$networkExists) {
if (! $networkExists) {
if (is_string($networkDetails) || is_int($networkDetails)) {
$topLevelNetworks->put($networkDetails, null);
}
@@ -811,7 +811,7 @@ function getTopLevelNetworks(Service|Application $resource)
$definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
return $value == $definedNetwork;
});
if (!$definedNetworkExists) {
if (! $definedNetworkExists) {
foreach ($definedNetwork as $network) {
$topLevelNetworks->put($network, [
'name' => $network,
@@ -947,7 +947,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n
case 'PASSWORD_64':
$generatedValue = Str::password(length: 64, symbols: false);
break;
// This is not base64, it's just a random string
// This is not base64, it's just a random string
case 'BASE64_64':
$generatedValue = Str::random(64);
break;
@@ -958,7 +958,7 @@ function generateEnvValue(string $command, Service|Application|null $service = n
case 'BASE64_32':
$generatedValue = Str::random(32);
break;
// This is base64,
// This is base64,
case 'REALBASE64_64':
$generatedValue = base64_encode(Str::random(64));
break;
@@ -1058,7 +1058,7 @@ function validate_dns_entry(string $fqdn, Server $server)
}
$settings = instanceSettings();
$is_dns_validation_enabled = data_get($settings, 'is_dns_validation_enabled');
if (!$is_dns_validation_enabled) {
if (! $is_dns_validation_enabled) {
return true;
}
$dns_servers = data_get($settings, 'custom_dns_servers');
@@ -1076,7 +1076,7 @@ function validate_dns_entry(string $fqdn, Server $server)
$query = new DNSQuery($dns_server);
$results = $query->query($host, $type);
if ($results === false || $query->hasError()) {
ray('Error: ' . $query->getLasterror());
ray('Error: '.$query->getLasterror());
} else {
foreach ($results as $result) {
if ($result->getType() == $type) {
@@ -1086,7 +1086,7 @@ function validate_dns_entry(string $fqdn, Server $server)
break;
}
if ($result->getData() === $ip) {
ray($host . ' has IP address ' . $result->getData());
ray($host.' has IP address '.$result->getData());
ray($result->getString());
$found_matching_ip = true;
break;
@@ -1134,15 +1134,15 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId =
$applications = Application::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']);
$serviceApplications = ServiceApplication::ownedByCurrentTeamAPI($teamId)->get(['fqdn', 'uuid']);
if ($uuid) {
$applications = $applications->filter(fn($app) => $app->uuid !== $uuid);
$serviceApplications = $serviceApplications->filter(fn($app) => $app->uuid !== $uuid);
$applications = $applications->filter(fn ($app) => $app->uuid !== $uuid);
$serviceApplications = $serviceApplications->filter(fn ($app) => $app->uuid !== $uuid);
}
$domainFound = false;
foreach ($applications as $app) {
if (is_null($app->fqdn)) {
continue;
}
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
foreach ($list_of_domains as $domain) {
if (str($domain)->endsWith('/')) {
$domain = str($domain)->beforeLast('/');
@@ -1161,7 +1161,7 @@ function checkIfDomainIsAlreadyUsed(Collection|array $domains, ?string $teamId =
if (str($app->fqdn)->isEmpty()) {
continue;
}
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
foreach ($list_of_domains as $domain) {
if (str($domain)->endsWith('/')) {
$domain = str($domain)->beforeLast('/');
@@ -1211,7 +1211,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null
});
$apps = Application::all();
foreach ($apps as $app) {
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
foreach ($list_of_domains as $domain) {
if (str($domain)->endsWith('/')) {
$domain = str($domain)->beforeLast('/');
@@ -1230,7 +1230,7 @@ function check_domain_usage(ServiceApplication|Application|null $resource = null
}
$apps = ServiceApplication::all();
foreach ($apps as $app) {
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn($fqdn) => $fqdn !== '');
$list_of_domains = collect(explode(',', $app->fqdn))->filter(fn ($fqdn) => $fqdn !== '');
foreach ($list_of_domains as $domain) {
if (str($domain)->endsWith('/')) {
$domain = str($domain)->beforeLast('/');
@@ -1266,7 +1266,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
{
$commands = $commands->map(function ($line) {
if (
!str(trim($line))->startsWith([
! str(trim($line))->startsWith([
'cd',
'command',
'echo',
@@ -1287,7 +1287,7 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
$commands = $commands->map(function ($line) use ($server) {
if (Str::startsWith($line, 'sudo mkdir -p')) {
return "$line && sudo chown -R $server->user:$server->user " . Str::after($line, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($line, 'sudo mkdir -p');
return "$line && sudo chown -R $server->user:$server->user ".Str::after($line, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($line, 'sudo mkdir -p');
}
return $line;
@@ -1315,11 +1315,11 @@ function parseCommandsByLineForSudo(Collection $commands, Server $server): array
}
function parseLineForSudo(string $command, Server $server): string
{
if (!str($command)->startSwith('cd') && !str($command)->startSwith('command')) {
if (! str($command)->startSwith('cd') && ! str($command)->startSwith('command')) {
$command = "sudo $command";
}
if (Str::startsWith($command, 'sudo mkdir -p')) {
$command = "$command && sudo chown -R $server->user:$server->user " . Str::after($command, 'sudo mkdir -p') . ' && sudo chmod -R o-rwx ' . Str::after($command, 'sudo mkdir -p');
$command = "$command && sudo chown -R $server->user:$server->user ".Str::after($command, 'sudo mkdir -p').' && sudo chmod -R o-rwx '.Str::after($command, 'sudo mkdir -p');
}
if (str($command)->contains('$(') || str($command)->contains('`')) {
$command = str($command)->replace('$(', '$(sudo ')->replace('`', '`sudo ')->value();
@@ -1441,7 +1441,7 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
$isDirectory = data_get($foundConfig, 'is_directory');
} else {
$isDirectory = (bool) data_get($volume, 'isDirectory', null) || (bool) data_get($volume, 'is_directory', null);
if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) {
if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) {
// if isDirectory is not set (or false) & content is also not set, we assume it is a directory
ray('setting isDirectory to true');
$isDirectory = true;
@@ -1456,9 +1456,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
return $volume;
}
if (get_class($resource) === \App\Models\Application::class) {
$dir = base_configuration_dir() . '/applications/' . $resource->uuid;
$dir = base_configuration_dir().'/applications/'.$resource->uuid;
} else {
$dir = base_configuration_dir() . '/services/' . $resource->service->uuid;
$dir = base_configuration_dir().'/services/'.$resource->service->uuid;
}
if ($source->startsWith('.')) {
@@ -1468,9 +1468,9 @@ function parseServiceVolumes($serviceVolumes, $resource, $topLevelVolumes, $pull
$source = $source->replaceFirst('~', $dir);
}
if ($pull_request_id !== 0) {
$source = $source . "-pr-$pull_request_id";
$source = $source."-pr-$pull_request_id";
}
if (!$resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) {
if (! $resource?->settings?->is_preserve_repository_enabled || $foundConfig?->is_based_on_git) {
LocalFileVolume::updateOrCreate(
[
'mount_path' => $target,
@@ -1599,7 +1599,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
if ($serviceLabels->count() > 0) {
$removedLabels = collect([]);
$serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) {
if (!str($serviceLabel)->contains('=')) {
if (! str($serviceLabel)->contains('=')) {
$removedLabels->put($serviceLabelName, $serviceLabel);
return false;
@@ -1681,7 +1681,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
return $value == $networkName || $key == $networkName;
});
if (!$networkExists) {
if (! $networkExists) {
if (is_string($networkDetails) || is_int($networkDetails)) {
$topLevelNetworks->put($networkDetails, null);
}
@@ -1707,12 +1707,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$savedService->ports = $collectedPorts->implode(',');
$savedService->save();
if (!$hasHostNetworkMode) {
if (! $hasHostNetworkMode) {
// Add Coolify specific networks
$definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
return $value == $definedNetwork;
});
if (!$definedNetworkExists) {
if (! $definedNetworkExists) {
foreach ($definedNetwork as $network) {
$topLevelNetworks->put($network, [
'name' => $network,
@@ -1924,9 +1924,9 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$fqdn = "$fqdn$path";
}
if (!$isDatabase) {
if (! $isDatabase) {
if ($savedService->fqdn) {
data_set($savedService, 'fqdn', $savedService->fqdn . ',' . $fqdn);
data_set($savedService, 'fqdn', $savedService->fqdn.','.$fqdn);
} else {
data_set($savedService, 'fqdn', $fqdn);
}
@@ -1941,7 +1941,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
]);
}
// Caddy needs exact port in some cases.
if ($predefinedPort && !$key->endsWith("_{$predefinedPort}")) {
if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}")) {
$fqdns_exploded = str($savedService->fqdn)->explode(',');
if ($fqdns_exploded->count() > 1) {
continue;
@@ -1981,12 +1981,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
'service_id' => $resource->id,
])->first();
['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value);
if (!is_null($command)) {
if (! is_null($command)) {
if ($command?->value() === 'FQDN' || $command?->value() === 'URL') {
if (Str::lower($forService) === $serviceName) {
$fqdn = generateFqdn($resource->server, $containerName);
} else {
$fqdn = generateFqdn($resource->server, Str::lower($forService) . '-' . $resource->uuid);
$fqdn = generateFqdn($resource->server, Str::lower($forService).'-'.$resource->uuid);
}
if ($port) {
$fqdn = "$fqdn:$port";
@@ -2016,13 +2016,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
'is_preview' => false,
]);
}
if (!$isDatabase) {
if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && !$foundEnv) {
if (! $isDatabase) {
if ($command->value() === 'FQDN' && is_null($savedService->fqdn) && ! $foundEnv) {
$savedService->fqdn = $fqdn;
$savedService->save();
}
// Caddy needs exact port in some cases.
if ($predefinedPort && !$key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') {
if ($predefinedPort && ! $key->endsWith("_{$predefinedPort}") && $command?->value() === 'FQDN' && $resource->server->proxyType() === 'CADDY') {
$fqdns_exploded = str($savedService->fqdn)->explode(',');
if ($fqdns_exploded->count() > 1) {
continue;
@@ -2044,7 +2044,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
} else {
$generatedValue = generateEnvValue($command, $resource);
if (!$foundEnv) {
if (! $foundEnv) {
EnvironmentVariable::create([
'key' => $key,
'value' => $generatedValue,
@@ -2099,7 +2099,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
$defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id);
$serviceLabels = $serviceLabels->merge($defaultLabels);
if (!$isDatabase && $fqdns->count() > 0) {
if (! $isDatabase && $fqdns->count() > 0) {
if ($fqdns) {
$shouldGenerateLabelsExactly = $resource->server->settings->generate_exact_labels;
if ($shouldGenerateLabelsExactly) {
@@ -2167,7 +2167,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
data_set($service, 'labels', $serviceLabels->toArray());
data_forget($service, 'is_database');
if (!data_get($service, 'restart')) {
if (! data_get($service, 'restart')) {
data_set($service, 'restart', RESTART_MODE);
}
if (data_get($service, 'restart') === 'no' || data_get($service, 'exclude_from_hc')) {
@@ -2206,21 +2206,21 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$parsedServiceVariables->put('COOLIFY_CONTAINER_NAME', "$serviceName-{$resource->uuid}");
// TODO: move this in a shared function
if (!$parsedServiceVariables->has('COOLIFY_APP_NAME')) {
if (! $parsedServiceVariables->has('COOLIFY_APP_NAME')) {
$parsedServiceVariables->put('COOLIFY_APP_NAME', "\"{$resource->name}\"");
}
if (!$parsedServiceVariables->has('COOLIFY_SERVER_IP')) {
if (! $parsedServiceVariables->has('COOLIFY_SERVER_IP')) {
$parsedServiceVariables->put('COOLIFY_SERVER_IP', "\"{$resource->destination->server->ip}\"");
}
if (!$parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) {
if (! $parsedServiceVariables->has('COOLIFY_ENVIRONMENT_NAME')) {
$parsedServiceVariables->put('COOLIFY_ENVIRONMENT_NAME', "\"{$resource->environment->name}\"");
}
if (!$parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) {
if (! $parsedServiceVariables->has('COOLIFY_PROJECT_NAME')) {
$parsedServiceVariables->put('COOLIFY_PROJECT_NAME', "\"{$resource->project()->name}\"");
}
$parsedServiceVariables = $parsedServiceVariables->map(function ($value, $key) use ($envs_from_coolify) {
if (!str($value)->startsWith('$')) {
if (! str($value)->startsWith('$')) {
$found_env = $envs_from_coolify->where('key', $key)->first();
if ($found_env) {
return $found_env->value;
@@ -2304,7 +2304,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
if ($serviceLabels->count() > 0) {
$removedLabels = collect([]);
$serviceLabels = $serviceLabels->filter(function ($serviceLabel, $serviceLabelName) use ($removedLabels) {
if (!str($serviceLabel)->contains('=')) {
if (! str($serviceLabel)->contains('=')) {
$removedLabels->put($serviceLabelName, $serviceLabel);
return false;
@@ -2324,11 +2324,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) {
if (is_string($volume)) {
$volume = str($volume);
if ($volume->contains(':') && !$volume->startsWith('/')) {
if ($volume->contains(':') && ! $volume->startsWith('/')) {
$name = $volume->before(':');
$mount = $volume->after(':');
if ($name->startsWith('.') || $name->startsWith('~')) {
$dir = base_configuration_dir() . '/applications/' . $resource->uuid;
$dir = base_configuration_dir().'/applications/'.$resource->uuid;
if ($name->startsWith('.')) {
$name = $name->replaceFirst('.', $dir);
}
@@ -2336,12 +2336,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$name = $name->replaceFirst('~', $dir);
}
if ($pull_request_id !== 0) {
$name = $name . "-pr-$pull_request_id";
$name = $name."-pr-$pull_request_id";
}
$volume = str("$name:$mount");
} else {
if ($pull_request_id !== 0) {
$name = $name . "-pr-$pull_request_id";
$name = $name."-pr-$pull_request_id";
$volume = str("$name:$mount");
if ($topLevelVolumes->has($name)) {
$v = $topLevelVolumes->get($name);
@@ -2380,7 +2380,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$name = $volume->before(':');
$mount = $volume->after(':');
if ($pull_request_id !== 0) {
$name = $name . "-pr-$pull_request_id";
$name = $name."-pr-$pull_request_id";
}
$volume = str("$name:$mount");
}
@@ -2391,7 +2391,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$read_only = data_get($volume, 'read_only');
if ($source && $target) {
if ((str($source)->startsWith('.') || str($source)->startsWith('~'))) {
$dir = base_configuration_dir() . '/applications/' . $resource->uuid;
$dir = base_configuration_dir().'/applications/'.$resource->uuid;
if (str($source, '.')) {
$source = str($source)->replaceFirst('.', $dir);
}
@@ -2399,23 +2399,23 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$source = str($source)->replaceFirst('~', $dir);
}
if ($pull_request_id !== 0) {
$source = $source . "-pr-$pull_request_id";
$source = $source."-pr-$pull_request_id";
}
if ($read_only) {
data_set($volume, 'source', $source . ':' . $target . ':ro');
data_set($volume, 'source', $source.':'.$target.':ro');
} else {
data_set($volume, 'source', $source . ':' . $target);
data_set($volume, 'source', $source.':'.$target);
}
} else {
if ($pull_request_id !== 0) {
$source = $source . "-pr-$pull_request_id";
$source = $source."-pr-$pull_request_id";
}
if ($read_only) {
data_set($volume, 'source', $source . ':' . $target . ':ro');
data_set($volume, 'source', $source.':'.$target.':ro');
} else {
data_set($volume, 'source', $source . ':' . $target);
data_set($volume, 'source', $source.':'.$target);
}
if (!str($source)->startsWith('/')) {
if (! str($source)->startsWith('/')) {
if ($topLevelVolumes->has($source)) {
$v = $topLevelVolumes->get($source);
if (data_get($v, 'driver_opts.type') === 'cifs') {
@@ -2448,11 +2448,11 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$serviceVolumes = $serviceVolumes->map(function ($volume) use ($resource, $topLevelVolumes, $pull_request_id) {
if (is_string($volume)) {
$volume = str($volume);
if ($volume->contains(':') && !$volume->startsWith('/')) {
if ($volume->contains(':') && ! $volume->startsWith('/')) {
$name = $volume->before(':');
$mount = $volume->after(':');
if ($name->startsWith('.') || $name->startsWith('~')) {
$dir = base_configuration_dir() . '/applications/' . $resource->uuid;
$dir = base_configuration_dir().'/applications/'.$resource->uuid;
if ($name->startsWith('.')) {
$name = $name->replaceFirst('.', $dir);
}
@@ -2460,13 +2460,13 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$name = $name->replaceFirst('~', $dir);
}
if ($pull_request_id !== 0) {
$name = $name . "-pr-$pull_request_id";
$name = $name."-pr-$pull_request_id";
}
$volume = str("$name:$mount");
} else {
if ($pull_request_id !== 0) {
$uuid = $resource->uuid;
$name = $uuid . "-$name-pr-$pull_request_id";
$name = $uuid."-$name-pr-$pull_request_id";
$volume = str("$name:$mount");
if ($topLevelVolumes->has($name)) {
$v = $topLevelVolumes->get($name);
@@ -2485,7 +2485,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
} else {
$uuid = $resource->uuid;
$name = str($uuid . "-$name");
$name = str($uuid."-$name");
$volume = str("$name:$mount");
if ($topLevelVolumes->has($name->value())) {
$v = $topLevelVolumes->get($name->value());
@@ -2508,7 +2508,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$name = $volume->before(':');
$mount = $volume->after(':');
if ($pull_request_id !== 0) {
$name = $name . "-pr-$pull_request_id";
$name = $name."-pr-$pull_request_id";
}
$volume = str("$name:$mount");
}
@@ -2520,7 +2520,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
if ($source && $target) {
$uuid = $resource->uuid;
if ((str($source)->startsWith('.') || str($source)->startsWith('~') || str($source)->startsWith('/'))) {
$dir = base_configuration_dir() . '/applications/' . $resource->uuid;
$dir = base_configuration_dir().'/applications/'.$resource->uuid;
if (str($source, '.')) {
$source = str($source)->replaceFirst('.', $dir);
}
@@ -2528,22 +2528,22 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$source = str($source)->replaceFirst('~', $dir);
}
if ($read_only) {
data_set($volume, 'source', $source . ':' . $target . ':ro');
data_set($volume, 'source', $source.':'.$target.':ro');
} else {
data_set($volume, 'source', $source . ':' . $target);
data_set($volume, 'source', $source.':'.$target);
}
} else {
if ($pull_request_id === 0) {
$source = $uuid . "-$source";
$source = $uuid."-$source";
} else {
$source = $uuid . "-$source-pr-$pull_request_id";
$source = $uuid."-$source-pr-$pull_request_id";
}
if ($read_only) {
data_set($volume, 'source', $source . ':' . $target . ':ro');
data_set($volume, 'source', $source.':'.$target.':ro');
} else {
data_set($volume, 'source', $source . ':' . $target);
data_set($volume, 'source', $source.':'.$target);
}
if (!str($source)->startsWith('/')) {
if (! str($source)->startsWith('/')) {
if ($topLevelVolumes->has($source)) {
$v = $topLevelVolumes->get($source);
if (data_get($v, 'driver_opts.type') === 'cifs') {
@@ -2576,7 +2576,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
if ($pull_request_id !== 0 && count($serviceDependencies) > 0) {
$serviceDependencies = $serviceDependencies->map(function ($dependency) use ($pull_request_id) {
return $dependency . "-pr-$pull_request_id";
return $dependency."-pr-$pull_request_id";
});
data_set($service, 'depends_on', $serviceDependencies->toArray());
}
@@ -2598,7 +2598,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$networkExists = $topLevelNetworks->contains(function ($value, $key) use ($networkName) {
return $value == $networkName || $key == $networkName;
});
if (!$networkExists) {
if (! $networkExists) {
if (is_string($networkDetails) || is_int($networkDetails)) {
$topLevelNetworks->put($networkDetails, null);
}
@@ -2626,7 +2626,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
$definedNetworkExists = $topLevelNetworks->contains(function ($value, $_) use ($definedNetwork) {
return $value == $definedNetwork;
});
if (!$definedNetworkExists) {
if (! $definedNetworkExists) {
foreach ($definedNetwork as $network) {
if ($pull_request_id !== 0) {
$topLevelNetworks->put($network, [
@@ -2744,12 +2744,12 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
'application_id' => $resource->id,
])->first();
['command' => $command, 'forService' => $forService, 'generatedValue' => $generatedValue, 'port' => $port] = parseEnvVariable($value);
if (!is_null($command)) {
if (! is_null($command)) {
if ($command?->value() === 'FQDN' || $command?->value() === 'URL') {
if (Str::lower($forService) === $serviceName) {
$fqdn = generateFqdn($server, $containerName);
} else {
$fqdn = generateFqdn($server, Str::lower($forService) . '-' . $resource->uuid);
$fqdn = generateFqdn($server, Str::lower($forService).'-'.$resource->uuid);
}
if ($port) {
$fqdn = "$fqdn:$port";
@@ -2770,7 +2770,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
} else {
$generatedValue = generateEnvValue($command);
if (!$foundEnv) {
if (! $foundEnv) {
EnvironmentVariable::create([
'key' => $key,
'value' => $generatedValue,
@@ -2942,7 +2942,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
}
data_set($service, 'labels', $serviceLabels->toArray());
data_forget($service, 'is_database');
if (!data_get($service, 'restart')) {
if (! data_get($service, 'restart')) {
data_set($service, 'restart', RESTART_MODE);
}
data_set($service, 'container_name', $containerName);
@@ -2953,7 +2953,7 @@ function parseDockerComposeFile(Service|Application $resource, bool $isNew = fal
});
if ($pull_request_id !== 0) {
$services->each(function ($service, $serviceName) use ($pull_request_id, $services) {
$services[$serviceName . "-pr-$pull_request_id"] = $service;
$services[$serviceName."-pr-$pull_request_id"] = $service;
data_forget($services, $serviceName);
});
}
@@ -2981,7 +2981,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$uuid = data_get($resource, 'uuid');
$compose = data_get($resource, 'docker_compose_raw');
if (!$compose) {
if (! $compose) {
return collect([]);
}
@@ -3374,29 +3374,29 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$isDirectory = data_get($foundConfig, 'is_directory');
} else {
// if isDirectory is not set (or false) & content is also not set, we assume it is a directory
if ((is_null($isDirectory) || !$isDirectory) && is_null($content)) {
if ((is_null($isDirectory) || ! $isDirectory) && is_null($content)) {
$isDirectory = true;
}
}
}
if ($type->value() === 'bind') {
if ($source->value() === '/var/run/docker.sock') {
$volume = $source->value() . ':' . $target->value();
$volume = $source->value().':'.$target->value();
} elseif ($source->value() === '/tmp' || $source->value() === '/tmp/') {
$volume = $source->value() . ':' . $target->value();
$volume = $source->value().':'.$target->value();
} else {
if ((int) $resource->compose_parsing_version >= 4) {
if ($isApplication) {
$mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid);
$mainDirectory = str(base_configuration_dir().'/applications/'.$uuid);
} elseif ($isService) {
$mainDirectory = str(base_configuration_dir() . '/services/' . $uuid);
$mainDirectory = str(base_configuration_dir().'/services/'.$uuid);
}
} else {
$mainDirectory = str(base_configuration_dir() . '/applications/' . $uuid);
$mainDirectory = str(base_configuration_dir().'/applications/'.$uuid);
}
$source = replaceLocalSource($source, $mainDirectory);
if ($isApplication && $isPullRequest) {
$source = $source . "-pr-$pullRequestId";
$source = $source."-pr-$pullRequestId";
}
LocalFileVolume::updateOrCreate(
[
@@ -3416,12 +3416,12 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
if (isDev()) {
if ((int) $resource->compose_parsing_version >= 4) {
if ($isApplication) {
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid);
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid);
} elseif ($isService) {
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/' . $uuid);
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/services/'.$uuid);
}
} else {
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/' . $uuid);
$source = $source->replace($mainDirectory, '/var/lib/docker/volumes/coolify_dev_coolify_data/_data/applications/'.$uuid);
}
}
$volume = "$source:$target";
@@ -3488,7 +3488,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$depends_on = $newDependsOn;
}
}
if (!$use_network_mode) {
if (! $use_network_mode) {
if ($topLevel->get('networks')?->count() > 0) {
foreach ($topLevel->get('networks') as $networkName => $network) {
if ($networkName === 'default') {
@@ -3501,7 +3501,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$networkExists = $networks->contains(function ($value, $key) use ($networkName) {
return $value == $networkName || $key == $networkName;
});
if (!$networkExists) {
if (! $networkExists) {
$networks->put($networkName, null);
}
}
@@ -3509,7 +3509,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$baseNetworkExists = $networks->contains(function ($value, $_) use ($baseNetwork) {
return $value == $baseNetwork;
});
if (!$baseNetworkExists) {
if (! $baseNetworkExists) {
foreach ($baseNetwork as $network) {
$topLevel->get('networks')->put($network, [
'name' => $network,
@@ -3541,7 +3541,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$networks_temp = collect();
if (!$use_network_mode) {
if (! $use_network_mode) {
foreach ($networks as $key => $network) {
if (gettype($network) === 'string') {
// networks:
@@ -3572,7 +3572,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$normalEnvironments = $environment->diffKeys($allMagicEnvironments);
$normalEnvironments = $normalEnvironments->filter(function ($value, $key) {
return !str($value)->startsWith('SERVICE_');
return ! str($value)->startsWith('SERVICE_');
});
foreach ($normalEnvironments as $key => $value) {
@@ -3592,7 +3592,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
continue;
}
if (!$value->startsWith('$')) {
if (! $value->startsWith('$')) {
continue;
}
if ($key->value() === $parsedValue->value()) {
@@ -3723,7 +3723,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
$defaultLabels = defaultLabels($resource->id, $containerName, type: 'service', subType: $isDatabase ? 'database' : 'application', subId: $savedService->id);
}
// Add COOLIFY_FQDN & COOLIFY_URL to environment
if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
$coolifyEnvironments->put('COOLIFY_URL', $fqdns->implode(','));
$urls = $fqdns->map(function ($fqdn) {
@@ -3735,7 +3735,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
if ($environment->count() > 0) {
$environment = $environment->filter(function ($value, $key) {
return !str($key)->startsWith('SERVICE_FQDN_');
return ! str($key)->startsWith('SERVICE_FQDN_');
})->map(function ($value, $key) use ($resource) {
// if value is empty, set it to null so if you set the environment variable in the .env file (Coolify's UI), it will used
if (str($value)->isEmpty()) {
@@ -3762,7 +3762,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
});
}
}
if (!$isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
if (! $isDatabase && $fqdns instanceof Collection && $fqdns->count() > 0) {
if ($isApplication) {
$shouldGenerateLabelsExactly = $resource->destination->server->settings->generate_exact_labels;
$uuid = $resource->uuid;
@@ -3855,7 +3855,7 @@ function newParser(Application|Service $resource, int $pull_request_id = 0, ?int
'restart' => $restart->value(),
'labels' => $serviceLabels,
]);
if (!$use_network_mode) {
if (! $use_network_mode) {
$payload['networks'] = $networks_temp;
}
if ($ports->count() > 0) {
@@ -3915,7 +3915,7 @@ function isAssociativeArray($array)
$array = $array->toArray();
}
if (!is_array($array)) {
if (! is_array($array)) {
throw new \InvalidArgumentException('Input must be an array or a Collection.');
}
@@ -4028,7 +4028,7 @@ function instanceSettings()
function loadConfigFromGit(string $repository, string $branch, string $base_directory, int $server_id, int $team_id)
{
$server = Server::find($server_id)->where('team_id', $team_id)->first();
if (!$server) {
if (! $server) {
return;
}
$uuid = new Cuid2;
@@ -4055,7 +4055,7 @@ function loadConfigFromGit(string $repository, string $branch, string $base_dire
function loggy($message = null, array $context = [])
{
if (!isDev()) {
if (! isDev()) {
return;
}
if (function_exists('ray') && config('app.debug')) {
@@ -4090,7 +4090,7 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla
$limiterKey,
$maxAttempts = 0,
function () use (&$rateLimited, &$limiterKey, $callbackOnSuccess) {
isDev() && loggy('Rate limit not reached for ' . $limiterKey);
isDev() && loggy('Rate limit not reached for '.$limiterKey);
$rateLimited = false;
if ($callbackOnSuccess) {
@@ -4099,8 +4099,8 @@ function isEmailRateLimited(string $limiterKey, int $decaySeconds = 3600, ?calla
},
$decaySeconds,
);
if (!$executed) {
isDev() && loggy('Rate limit reached for ' . $limiterKey . '. Rate limiter will be disabled for ' . $decaySeconds . ' seconds.');
if (! $executed) {
isDev() && loggy('Rate limit reached for '.$limiterKey.'. Rate limiter will be disabled for '.$decaySeconds.' seconds.');
$rateLimited = true;
}

60
database/migrations/2024_10_30_074601_rename_token_permissions.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
use App\Models\PersonalAccessToken;
use Illuminate\Database\Migrations\Migration;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
try {
$tokens = PersonalAccessToken::all();
foreach ($tokens as $token) {
$abilities = collect();
if (in_array('*', $token->abilities)) {
$abilities->push('root');
}
if (in_array('read-only', $token->abilities)) {
$abilities->push('read');
}
if (in_array('view:sensitive', $token->abilities)) {
$abilities->push('read', 'read:sensitive');
}
$token->abilities = $abilities->unique()->values()->all();
$token->save();
}
} catch (\Exception $e) {
\Log::error('Error renaming token permissions: '.$e->getMessage());
}
}
/**
* Reverse the migrations.
*/
public function down(): void
{
try {
$tokens = PersonalAccessToken::all();
foreach ($tokens as $token) {
$abilities = collect();
if (in_array('write', $token->abilities)) {
$abilities->push('*');
} else {
if (in_array('read', $token->abilities)) {
$abilities->push('read-only');
}
if (in_array('read:sensitive', $token->abilities)) {
$abilities->push('view:sensitive');
}
}
$token->abilities = $abilities->unique()->values()->all();
$token->save();
}
} catch (\Exception $e) {
\Log::error('Error renaming token permissions: '.$e->getMessage());
}
}
};

52
resources/views/components/forms/checkbox.blade.php
View File

@@ -5,8 +5,8 @@
'disabled' => false,
'instantSave' => false,
'value' => null,
'domValue' => null,
'checked' => false,
'hideLabel' => false,
'fullWidth' => false,
])
@@ -14,26 +14,32 @@
'flex flex-row items-center gap-4 pr-2 py-1 form-control min-w-fit dark:hover:bg-coolgray-100',
'w-full' => $fullWidth,
])>
@if (!$hideLabel)
<label @class([
'flex gap-4 items-center px-0 min-w-fit label w-full cursor-pointer',
])>
<span class="flex flex-grow gap-2">
@if ($label)
{!! $label !!}
@else
{{ $id }}
@endif
@if ($helper)
<x-helper :helper="$helper" />
@endif
</span>
@endif
<input @disabled($disabled) type="checkbox" {{ $attributes->merge(['class' => $defaultClass]) }}
@if ($instantSave) wire:loading.attr="disabled" wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
@if ($checked) checked @endif
wire:model={{ $id }} @else wire:model={{ $value ?? $id }} @endif />
@if (!$hideLabel)
</label>
@endif
<label @class([
'flex gap-4 items-center px-0 min-w-fit label w-full cursor-pointer',
])>
<span class="flex flex-grow gap-2">
@if ($label)
{!! $label !!}
@else
{{ $id }}
@endif
@if ($helper)
<x-helper :helper="$helper" />
@endif
</span>
@if ($instantSave)
<input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
wire:loading.attr="disabled"
wire:click='{{ $instantSave === 'instantSave' || $instantSave == '1' ? 'instantSave' : $instantSave }}'
wire:model={{ $id }} @if ($checked) checked @endif />
@else
@if ($domValue)
<input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
value={{ $domValue }} @if ($checked) checked @endif />
@else
<input type="checkbox" @disabled($disabled) {{ $attributes->merge(['class' => $defaultClass]) }}
wire:model={{ $value ?? $id }} @if ($checked) checked @endif />
@endif
@endif
</label>
</div>

31
resources/views/livewire/security/api-tokens.blade.php
View File

@@ -25,21 +25,31 @@
<div class="flex gap-1 font-bold dark:text-white">
@if ($permissions)
@foreach ($permissions as $permission)
@if ($permission === '*')
<div>Root access, be careful!</div>
@else
<div>{{ $permission }}</div>
@endif
<div>{{ $permission }}</div>
@endforeach
@endif
</div>
</div>
<h4>Token Permissions</h4>
<div class="w-64">
<x-forms.checkbox label="Root Access" wire:model.live="rootAccess"></x-forms.checkbox>
<x-forms.checkbox label="Read-only" wire:model.live="readOnly"></x-forms.checkbox>
<x-forms.checkbox label="View Sensitive Data" wire:model.live="viewSensitiveData"></x-forms.checkbox>
<x-forms.checkbox label="root" wire:model.live="permissions" domValue="root"
helper="Root access, be careful!" :checked="in_array('root', $permissions)"></x-forms.checkbox>
@if (!in_array('root', $permissions))
<x-forms.checkbox label="write" wire:model.live="permissions" domValue="write"
helper="Write access to all resources" :checked="in_array('write', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="deploy" wire:model.live="permissions" domValue="deploy"
helper="Can trigger deploy webhooks" :checked="in_array('deploy', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read" domValue="read" wire:model.live="permissions" domValue="read"
:checked="in_array('read', $permissions)"></x-forms.checkbox>
<x-forms.checkbox label="read:sensitive" wire:model.live="permissions" domValue="read:sensitive"
helper="Responses will include secrets, logs, passwords, and compose file contents"
:checked="in_array('read:sensitive', $permissions)"></x-forms.checkbox>
@endif
</div>
@if (in_array('root', $permissions))
<div class="font-bold text-warning">Root access, be careful!</div>
@endif
</form>
@if (session()->has('token'))
<div class="py-4 font-bold dark:text-warning">Please copy this token now. For your security, it won't be shown
@@ -50,12 +60,13 @@
<h3 class="py-4">Issued Tokens</h3>
<div class="grid gap-2 lg:grid-cols-1">
@forelse ($tokens as $token)
<div class="flex flex-col gap-1 p-2 border dark:border-coolgray-200 hover:no-underline">
<div wire:key="token-{{ $token->id }}"
class="flex flex-col gap-1 p-2 border dark:border-coolgray-200 hover:no-underline">
<div>Description: {{ $token->name }}</div>
<div>Last used: {{ $token->last_used_at ? $token->last_used_at->diffForHumans() : 'Never' }}</div>
<div class="flex gap-1">
@if ($token->abilities)
Abilities:
Permissions:
@foreach ($token->abilities as $ability)
<div class="font-bold dark:text-white">{{ $ability }}</div>
@endforeach

3
resources/views/livewire/team/admin-view.blade.php
View File

@@ -10,7 +10,8 @@
<h3 class="pt-4">Users</h3>
<div class="flex flex-col gap-2 ">
@forelse ($users as $user)
<div class="flex items-center justify-center gap-2 bg-white box-without-bg dark:bg-coolgray-100">
<div wire:key="user-{{ $user->id }}"
class="flex items-center justify-center gap-2 bg-white box-without-bg dark:bg-coolgray-100">
<div>{{ $user->name }}</div>
<div>{{ $user->email }}</div>
<div class="flex-1"></div>

158
routes/api.php
View File

@@ -11,8 +11,6 @@ use App\Http\Controllers\Api\ServersController;
use App\Http\Controllers\Api\ServicesController;
use App\Http\Controllers\Api\TeamController;
use App\Http\Middleware\ApiAllowed;
use App\Http\Middleware\IgnoreReadOnlyApiToken;
use App\Http\Middleware\OnlyRootApiToken;
use App\Jobs\PushServerUpdateJob;
use App\Models\Server;
use Illuminate\Support\Facades\Route;
@@ -21,113 +19,113 @@ Route::get('/health', [OtherController::class, 'healthcheck']);
Route::post('/feedback', [OtherController::class, 'feedback']);
Route::group([
'middleware' => ['auth:sanctum', OnlyRootApiToken::class],
'middleware' => ['auth:sanctum', 'api.ability:write'],
'prefix' => 'v1',
], function () {
Route::get('/enable', [OtherController::class, 'enable_api']);
Route::get('/disable', [OtherController::class, 'disable_api']);
});
Route::group([
'middleware' => ['auth:sanctum', ApiAllowed::class],
'middleware' => ['auth:sanctum', ApiAllowed::class, 'api.sensitive'],
'prefix' => 'v1',
], function () {
Route::get('/version', [OtherController::class, 'version']);
Route::get('/version', [OtherController::class, 'version'])->middleware(['api.ability:read']);
Route::get('/teams', [TeamController::class, 'teams']);
Route::get('/teams/current', [TeamController::class, 'current_team']);
Route::get('/teams/current/members', [TeamController::class, 'current_team_members']);
Route::get('/teams/{id}', [TeamController::class, 'team_by_id']);
Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id']);
Route::get('/teams', [TeamController::class, 'teams'])->middleware(['api.ability:read']);
Route::get('/teams/current', [TeamController::class, 'current_team'])->middleware(['api.ability:read']);
Route::get('/teams/current/members', [TeamController::class, 'current_team_members'])->middleware(['api.ability:read']);
Route::get('/teams/{id}', [TeamController::class, 'team_by_id'])->middleware(['api.ability:read']);
Route::get('/teams/{id}/members', [TeamController::class, 'members_by_id'])->middleware(['api.ability:read']);
Route::get('/projects', [ProjectController::class, 'projects']);
Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid']);
Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details']);
Route::get('/projects', [ProjectController::class, 'projects'])->middleware(['api.ability:read']);
Route::get('/projects/{uuid}', [ProjectController::class, 'project_by_uuid'])->middleware(['api.ability:read']);
Route::get('/projects/{uuid}/{environment_name}', [ProjectController::class, 'environment_details'])->middleware(['api.ability:read']);
Route::post('/projects', [ProjectController::class, 'create_project']);
Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project']);
Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project']);
Route::post('/projects', [ProjectController::class, 'create_project'])->middleware(['api.ability:read']);
Route::patch('/projects/{uuid}', [ProjectController::class, 'update_project'])->middleware(['api.ability:write']);
Route::delete('/projects/{uuid}', [ProjectController::class, 'delete_project'])->middleware(['api.ability:write']);
Route::get('/security/keys', [SecurityController::class, 'keys']);
Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/security/keys', [SecurityController::class, 'keys'])->middleware(['api.ability:read']);
Route::post('/security/keys', [SecurityController::class, 'create_key'])->middleware(['api.ability:write']);
Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid']);
Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/security/keys/{uuid}', [SecurityController::class, 'key_by_uuid'])->middleware(['api.ability:read']);
Route::patch('/security/keys/{uuid}', [SecurityController::class, 'update_key'])->middleware(['api.ability:write']);
Route::delete('/security/keys/{uuid}', [SecurityController::class, 'delete_key'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/deployments', [DeployController::class, 'deployments']);
Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid']);
Route::match(['get', 'post'], '/deploy', [DeployController::class, 'deploy'])->middleware(['api.ability:write,deploy']);
Route::get('/deployments', [DeployController::class, 'deployments'])->middleware(['api.ability:read']);
Route::get('/deployments/{uuid}', [DeployController::class, 'deployment_by_uuid'])->middleware(['api.ability:read']);
Route::get('/servers', [ServersController::class, 'servers']);
Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid']);
Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server']);
Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server']);
Route::get('/servers', [ServersController::class, 'servers'])->middleware(['api.ability:read']);
Route::get('/servers/{uuid}', [ServersController::class, 'server_by_uuid'])->middleware(['api.ability:read']);
Route::get('/servers/{uuid}/domains', [ServersController::class, 'domains_by_server'])->middleware(['api.ability:read']);
Route::get('/servers/{uuid}/resources', [ServersController::class, 'resources_by_server'])->middleware(['api.ability:read']);
Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server']);
Route::get('/servers/{uuid}/validate', [ServersController::class, 'validate_server'])->middleware(['api.ability:read']);
Route::post('/servers', [ServersController::class, 'create_server']);
Route::patch('/servers/{uuid}', [ServersController::class, 'update_server']);
Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server']);
Route::post('/servers', [ServersController::class, 'create_server'])->middleware(['api.ability:read']);
Route::patch('/servers/{uuid}', [ServersController::class, 'update_server'])->middleware(['api.ability:write']);
Route::delete('/servers/{uuid}', [ServersController::class, 'delete_server'])->middleware(['api.ability:write']);
Route::get('/resources', [ResourcesController::class, 'resources']);
Route::get('/resources', [ResourcesController::class, 'resources'])->middleware(['api.ability:read']);
Route::get('/applications', [ApplicationsController::class, 'applications']);
Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/applications', [ApplicationsController::class, 'applications'])->middleware(['api.ability:read']);
Route::post('/applications/public', [ApplicationsController::class, 'create_public_application'])->middleware(['api.ability:write']);
Route::post('/applications/private-github-app', [ApplicationsController::class, 'create_private_gh_app_application'])->middleware(['api.ability:write']);
Route::post('/applications/private-deploy-key', [ApplicationsController::class, 'create_private_deploy_key_application'])->middleware(['api.ability:write']);
Route::post('/applications/dockerfile', [ApplicationsController::class, 'create_dockerfile_application'])->middleware(['api.ability:write']);
Route::post('/applications/dockerimage', [ApplicationsController::class, 'create_dockerimage_application'])->middleware(['api.ability:write']);
Route::post('/applications/dockercompose', [ApplicationsController::class, 'create_dockercompose_application'])->middleware(['api.ability:write']);
Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid']);
Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/applications/{uuid}', [ApplicationsController::class, 'application_by_uuid'])->middleware(['api.ability:read']);
Route::patch('/applications/{uuid}', [ApplicationsController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
Route::delete('/applications/{uuid}', [ApplicationsController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs']);
Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
// Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware([OnlyRootApiToken::class]);
Route::get('/applications/{uuid}/envs', [ApplicationsController::class, 'envs'])->middleware(['api.ability:read']);
Route::post('/applications/{uuid}/envs', [ApplicationsController::class, 'create_env'])->middleware(['api.ability:write']);
Route::patch('/applications/{uuid}/envs/bulk', [ApplicationsController::class, 'create_bulk_envs'])->middleware(['api.ability:write']);
Route::patch('/applications/{uuid}/envs', [ApplicationsController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']);
Route::delete('/applications/{uuid}/envs/{env_uuid}', [ApplicationsController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']);
// Route::post('/applications/{uuid}/execute', [ApplicationsController::class, 'execute_command_by_uuid'])->middleware(['ability:write']);
Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/applications/{uuid}/start', [ApplicationsController::class, 'action_deploy'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/applications/{uuid}/restart', [ApplicationsController::class, 'action_restart'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/applications/{uuid}/stop', [ApplicationsController::class, 'action_stop'])->middleware(['api.ability:write']);
Route::get('/databases', [DatabasesController::class, 'databases']);
Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/databases', [DatabasesController::class, 'databases'])->middleware(['api.ability:read']);
Route::post('/databases/postgresql', [DatabasesController::class, 'create_database_postgresql'])->middleware(['api.ability:write']);
Route::post('/databases/mysql', [DatabasesController::class, 'create_database_mysql'])->middleware(['api.ability:write']);
Route::post('/databases/mariadb', [DatabasesController::class, 'create_database_mariadb'])->middleware(['api.ability:write']);
Route::post('/databases/mongodb', [DatabasesController::class, 'create_database_mongodb'])->middleware(['api.ability:write']);
Route::post('/databases/redis', [DatabasesController::class, 'create_database_redis'])->middleware(['api.ability:write']);
Route::post('/databases/clickhouse', [DatabasesController::class, 'create_database_clickhouse'])->middleware(['api.ability:write']);
Route::post('/databases/dragonfly', [DatabasesController::class, 'create_database_dragonfly'])->middleware(['api.ability:write']);
Route::post('/databases/keydb', [DatabasesController::class, 'create_database_keydb'])->middleware(['api.ability:write']);
Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid']);
Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/databases/{uuid}', [DatabasesController::class, 'database_by_uuid'])->middleware(['api.ability:read']);
Route::patch('/databases/{uuid}', [DatabasesController::class, 'update_by_uuid'])->middleware(['api.ability:write']);
Route::delete('/databases/{uuid}', [DatabasesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/databases/{uuid}/start', [DatabasesController::class, 'action_deploy'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/databases/{uuid}/restart', [DatabasesController::class, 'action_restart'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/databases/{uuid}/stop', [DatabasesController::class, 'action_stop'])->middleware(['api.ability:write']);
Route::get('/services', [ServicesController::class, 'services']);
Route::post('/services', [ServicesController::class, 'create_service'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/services', [ServicesController::class, 'services'])->middleware(['api.ability:read']);
Route::post('/services', [ServicesController::class, 'create_service'])->middleware(['api.ability:write']);
Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid']);
// Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/services/{uuid}', [ServicesController::class, 'service_by_uuid'])->middleware(['api.ability:read']);
// Route::patch('/services/{uuid}', [ServicesController::class, 'update_by_uuid'])->middleware(['ability:write']);
Route::delete('/services/{uuid}', [ServicesController::class, 'delete_by_uuid'])->middleware(['api.ability:write']);
Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs']);
Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::get('/services/{uuid}/envs', [ServicesController::class, 'envs'])->middleware(['api.ability:read']);
Route::post('/services/{uuid}/envs', [ServicesController::class, 'create_env'])->middleware(['api.ability:write']);
Route::patch('/services/{uuid}/envs/bulk', [ServicesController::class, 'create_bulk_envs'])->middleware(['api.ability:write']);
Route::patch('/services/{uuid}/envs', [ServicesController::class, 'update_env_by_uuid'])->middleware(['api.ability:write']);
Route::delete('/services/{uuid}/envs/{env_uuid}', [ServicesController::class, 'delete_env_by_uuid'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware([IgnoreReadOnlyApiToken::class]);
Route::match(['get', 'post'], '/services/{uuid}/start', [ServicesController::class, 'action_deploy'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/services/{uuid}/restart', [ServicesController::class, 'action_restart'])->middleware(['api.ability:write']);
Route::match(['get', 'post'], '/services/{uuid}/stop', [ServicesController::class, 'action_stop'])->middleware(['api.ability:write']);
});
Route::group([

8
routes/web.php
View File

@@ -12,8 +12,8 @@ use App\Livewire\Destination\Show as DestinationShow;
use App\Livewire\ForcePasswordReset;
use App\Livewire\Notifications\Discord as NotificationDiscord;
use App\Livewire\Notifications\Email as NotificationEmail;
use App\Livewire\Notifications\Telegram as NotificationTelegram;
use App\Livewire\Notifications\Slack as NotificationSlack;
use App\Livewire\Notifications\Telegram as NotificationTelegram;
use App\Livewire\Profile\Index as ProfileIndex;
use App\Livewire\Project\Application\Configuration as ApplicationConfiguration;
use App\Livewire\Project\Application\Deployment\Index as DeploymentIndex;
@@ -287,7 +287,7 @@ Route::middleware(['auth'])->group(function () {
'privateKey' => $privateKeyLocation,
'root' => '/',
]);
if (!$disk->exists($filename)) {
if (! $disk->exists($filename)) {
return response()->json(['message' => 'Backup not found.'], 404);
}
@@ -299,7 +299,7 @@ Route::middleware(['auth'])->group(function () {
if ($stream === false || is_null($stream)) {
abort(500, 'Failed to open stream for the requested file.');
}
while (!feof($stream)) {
while (! feof($stream)) {
echo fread($stream, 2048);
flush();
}
@@ -307,7 +307,7 @@ Route::middleware(['auth'])->group(function () {
fclose($stream);
}, 200, [
'Content-Type' => 'application/octet-stream',
'Content-Disposition' => 'attachment; filename="' . basename($filename) . '"',
'Content-Disposition' => 'attachment; filename="'.basename($filename).'"',
]);
} catch (\Throwable $e) {
return response()->json(['message' => $e->getMessage()], 500);