- Pre-generate domain + secret field values when deploy page loads,
so user sees actual domain and masked passwords (with reveal button)
before deploying. Same values submitted as hidden inputs → saved to app.yaml.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Debug-mode-only dashboard (/debug) with 8 collapsible sections:
system diagnostics, notification testing, backup triggers, storage
simulation, hub & connectivity, self-update dry-run, DR/setup wizard,
and in-memory log viewer. Migrates debug dump from API router to web
server. Adds ring buffer log capture, storage disconnect simulation,
event history tracking, and cross-drive/self-update test methods.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
dashboardHandler, stacksHandler, monitoringHandler used blank identifier
for the request param but now call executeTemplate(w, r, ...).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add internal/assets package that downloads and caches app assets from
Hub API with SHA-256 change detection. Assets resolve from synced cache
first, falling back to baked-in directory. Daily sync schedule +
on-demand POST /api/assets/sync endpoint.
Config: assets.sync_enabled + assets.sync_schedule (default 05:00)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The logo handler tried os.ReadFile() on a non-existent filesystem path.
The SVG only exists as an embedded string constant in the web package.
Export FelhomLogoSVG and serve it directly in the setup handler.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- NeedsSetup: only check for empty customer.id (not "demo-felhom")
- renderError: pass *http.Request to ensureCSRFToken (was nil → panic)
- Welcome template: remove redundant "v" prefix from version display
- IP detection: read HOST_IP env var for Docker container awareness
- docker-setup.sh: inject HOST_IP into generated docker-compose.yml
- Add logging for Hub config download in setup wizard
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New controller features:
- Web-based setup wizard replaces docker-setup.sh interactive config
- Dual listener: :8080 (Traefik) + :8081 (direct HTTP for LAN)
- Drive scanner finds .felhom-infra-backup/ on all block devices
- Hub recovery pull (GET /api/v1/recovery/{id}) with retrieval password
- Fresh install: Hub config download or manual wizard
- CSRF protection, state persistence, Hungarian UI
- Local infra backup written to all connected drives after each backup cycle
- .felhom-infra-backup/backup.json + metadata.json with SHA256 checksum
- Hub verification: parse customer_blocked from report push response
- Limited mode after 7 days without verification
- Recovery info page on Settings + recovery-info.txt file generation
- Pending events queue: DR events sent to Hub on next report push
- docker-setup.sh v6.0.0: removed interactive wizard, minimal controller.yaml only
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After successful config apply, immediately push infra backup to Hub
so the config sync status updates right away. Also fix startup event
message that showed "vv0.21.2" instead of "v0.21.3".
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
os.Rename() fails with "device or resource busy" on bind-mounted files.
Fall back to direct os.WriteFile when rename fails.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Comment out ping_uuids section in controller.yaml.example (deprecated)
- Architecture diagram: remove status.felhom.eu, update to Hub event system
- Mark Healthchecks references as deprecated throughout README
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New endpoint returns raw controller.yaml content (text/yaml) for Hub
live diff and pull operations. Same auth as other config endpoints.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add config apply endpoint and config hash in reports to REST API
section, roadmap, and changelog.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- POST /api/config/apply: accepts YAML body from Hub, validates and
writes controller.yaml atomically (tmp+rename)
- GET /api/config/hash: returns SHA256 hash of current config file
- Report payload now includes config_hash field for Hub comparison
- Config endpoints use same dual auth as self-update (session OR Bearer)
- config.LoadFromBytes() for validation without file I/O
- config.FileHash() helper for SHA256 computation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add "Eltávolítás" to remove deployed (non-orphaned) stacks — reverts
them to "Nincs telepítve" while preserving templates for redeploy.
Modal offers HDD data and backup data cleanup choices.
Auto-inject missing deploy fields (secrets, domains) into existing
app.yaml when templates are updated via sync or on controller startup.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Phase 1: Deprecate restic as Tier 2 method (rsync only), auto-migrate on startup
Phase 2: Enhanced per-app migration with backup awareness, DB dump copy, auto-cleanup
Phase 3: Full drive migration with decommissioned state, rollback support, wizard UI
Phase 4: Hub report includes decommissioned drive state
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The selfupdate routes were placed after the generic hasSuffix(path, "/update")
stack case, which was catching /selfupdate/update before the specific case
could match it. Moving the selfupdate cases to before all hasSuffix-based
cases fixes the routing.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Controller now includes its external URL in periodic hub reports so the
hub can trigger self-updates remotely via the /api/selfupdate/update endpoint.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add StorageBars to backupsHandler so all registered storage paths appear
- Update backups.html to use StorageBars loop (replacing single HDDConfigured block)
- Rename "SSD (/)" → "Rendszer (/)" on backup, monitoring, and dashboard pages
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace bufio.Scanner with bufio.Reader.ReadLine() which gracefully
skips lines exceeding the buffer (isPrefix=true) instead of failing.
Fixes validation of Immich's PostgreSQL dump which contains COPY lines
with binary-encoded image data exceeding the 256KB scanner limit.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
FileBrowser reads config.yaml from its working directory
(/home/filebrowser/), not from the data subdirectory.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add server.database to generated config.yaml pointing to the
persistent data volume. Previously the database was at
/home/filebrowser/database.db (outside the volume) and was lost
on every container recreation.
- Call syncFileBrowserMounts after manual storage path add, so newly
registered drives (like sys_drive) also appear in FileBrowser.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Ensures config.yaml and docker-compose.yml are regenerated on
controller startup, so new drives added while the controller was
down still get their FileBrowser sources configured.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Generate config.yaml with a separate source per registered storage path.
Each source uses the drive's label as its display name, making it appear
automatically in FileBrowser's sidebar. The config.yaml is bind-mounted
into the container (read-only) alongside the data volume.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CreateDirectory now returns an error when the folder already exists
instead of silently succeeding. JS validates folder name format
(alphanumeric + underscore, max 32 chars) before sending the request.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After an interrupted attach wizard, the raw mount stays behind,
causing the device to appear as "mounted" in scan results. Now the
scan button calls cancel first, which unmounts any stale raw mounts
that have no bind mount in fstab.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Document the new v0.15.0 attach wizard: bind-mount approach,
API endpoints, file tree, and roadmap entry.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
rename() fails with EBUSY on Docker bind-mounted files. Add safeWriteFile()
helper that tries atomic rename first, falls back to direct write. Fixes
both init wizard and attach wizard fstab operations.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New Settings wizard to attach drives with existing filesystems without
formatting. Mounts partition at staging path, lets user browse and pick
a subfolder, then bind-mounts it at /mnt/<name> with fstab entries.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bug 1 (HIGH): add --exclude _* to rsync --delete so _db/ and _config/
directories are never deleted between backup runs (crossdrive.go)
Bug 2 (MEDIUM): refactor RunDBDumps/RunBackup/RunFullBackup to use
acquireRunning/releaseRunning helpers; extract runDBDumpsInternal and
runBackupInternal so all three public entry points set m.running and
RunFullBackup no longer deadlocks calling the public methods (backup.go)
Bug 3 (MEDIUM): log [WARN] when GetDiskUsage returns nil in
ValidateDestination instead of silently skipping space checks (crossdrive.go)
Bug 4 (MEDIUM): add [WARN] on empty SystemDataPath in NewManager; add
[ERROR] in GetAppDrivePath; guard DumpStackDB against empty/relative paths
(backup.go)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Auto-enable daily rsync Tier 2 for apps without HDD mounts when ≥2
storage paths exist (AutoEnableSmallApps)
- Sync infrastructure config (stacks dir + controller.yaml) to all
secondary destinations via _infra/ directory (syncInfraConfig)
- Include infra paths in cross-drive restic snapshots
- Add SecondaryInfraPath() helper to paths.go
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
admin