aa84cb0079
Actually make multiplart also optional
2026-01-28 14:17:22 +01:00
70476bd168
Use jsonOrMultipart instead of jsonOptional and multipart
2026-01-27 22:01:18 +01:00
a7929e142f
Build local image for updates in apptask
2026-01-27 22:01:18 +01:00
280f628746
Accept json body or formdata in app install route
2026-01-27 22:01:18 +01:00
f714cd66f7
rework mail domain stats
...
We can now show list count, alias count as well in the mail domains UI
2025-12-05 13:32:07 +01:00
0dd6446f3e
apps: add route to list sites for operators
...
the main backup listing route is only available for admins
2025-10-14 14:22:41 +02:00
43962c4a5a
add route to list backups by site
2025-10-06 14:52:29 +02:00
f7c85d8aa2
mail: add api to list domains
2025-09-30 17:11:10 +02:00
98d4d99c1b
appstore: add unlink account route
2025-09-24 21:49:24 +02:00
5157789774
backups: add per site enabledForUpdates flag
...
previously, we had a singleton 'main' flag to indicate a site can
be used for updates. with this new approach, we can get rid of the
'primary' concept. each site can be used for updates or not.
2025-09-22 18:03:01 +02:00
4c3a8e1fd7
backup site: add contents
...
it is a json that can be one of the three:
* null - include everything
* include - only include these ids
* exclude - everything except these ids
2025-09-22 13:28:16 +02:00
c5b7264f1a
rename backupTargets to backupSites
2025-09-12 10:32:37 +02:00
bbc5217c81
Remove unused variable
2025-08-22 16:46:45 +02:00
19682ec21b
tgz: integrity check
2025-08-15 21:23:39 +05:30
12e073e8cf
use node: prefix for requires
...
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
2025-08-14 12:55:35 +05:30
2a90a0a278
backup target: add password hint and encryption route
2025-08-05 11:26:02 +02:00
132132307f
backuptarget: rename label to name
2025-08-04 14:28:37 +02:00
7ef9e7eb51
storage: add getStatus hook
2025-08-04 11:01:20 +02:00
59aaabecc7
backups: the get route was accidentally removed
2025-07-25 11:56:31 +02:00
3f07bb5c3a
backup targets: add test for all routes
2025-07-25 11:29:00 +02:00
94dd1eb0c2
backups: add setPrimary route
2025-07-25 09:43:26 +02:00
ef5631bff4
backups: setPolicy is gone
2025-07-25 01:42:25 +02:00
62017b3ff5
backup: rename back backuplisting.js to backups.js
...
this was a transitional rename till I figured out how to split
it in backuptargets.js
2025-07-25 01:37:19 +02:00
3aafbd2ccb
backups: add backup multiple targets
2025-07-25 01:30:27 +02:00
931311f11f
rename backups to backuptargets
2025-07-24 18:54:10 +02:00
5e456f378b
backups: split listing and targets
2025-07-24 18:21:48 +02:00
8bf8c278f0
system: add tests for fs usage route
2025-07-17 01:42:28 +02:00
5539f74bea
system: add disk usage task
2025-07-17 00:09:50 +02:00
7214ce2ede
support: remove ssh manipulation routes
...
this is now moved entirely to cloudron-support --enable-remote-access.
this emphasizes more that users have to get ssh access to the server before
we can do anything about it. it's far too simple for people to click this
button.
we have now also added clear terms to understand what remote access entails.
(what happens if support personnel makes a mistake. who is liable? etc)
2025-07-16 17:53:19 +02:00
4b79881472
system: route to get filesystem
2025-07-16 17:20:28 +02:00
622aecfd6d
users: add unset route for avatar
...
also add missing tests for avatar and profile locking
2025-07-15 10:06:26 +02:00
7adae569f5
Remove last usage of auth/branding route
2025-07-14 11:12:05 +02:00
04de621e37
Fix crash when req.query handling
...
https://expressjs.com/en/5x/api.html#req.query
"As req.query’s shape is based on user-controlled input, all properties and values in this object
are untrusted and should be validated before trusting"
In essence, req.query.xx can be an array OR an array of strings.
2025-07-13 13:21:38 +02:00
e1433cbf2a
Always share the same meta info headers in dashboard views
2025-07-11 15:29:46 +02:00
66d1de0821
Add initial dashboard entrypoint server side rendering routes
2025-07-11 12:28:02 +02:00
bba48f455e
use @connect-lastmile
2025-07-10 11:00:31 +02:00
3bd41013c0
profile: avatar cannot be changed when profile locked
...
admins can now upload user avatars
2025-07-02 13:03:15 +02:00
a357f5a1b8
apps: add live metrics route
2025-07-01 12:23:38 +02:00
713f1239c6
Allow admins to set users avatars
2025-06-30 22:44:59 +02:00
2486aee24d
AppsView: updateInfo is now part of app object
2025-06-26 16:57:55 +02:00
19c9d7d59d
updateInfo: move updateInfo into apps table
...
this has many advantages:
* easy to deliver the updateInfo via the apps object
* after updating, the task can clear it
* when apps are deleted, the info is automatically gone
otherwise, it's a mess of deps between apps/updater/apptask/rest routes
box update info is still in a file
2025-06-26 15:47:15 +02:00
4d94700375
remove dead comment
2025-06-19 16:12:46 +02:00
1ca8eeeb50
split oidc into server and clients
2025-06-11 22:26:23 +02:00
2e4bc5e218
Start using req.resources = { app, volume, ...} pattern
...
Reason was that req.app was clashing with expressjs v5 which
stores the main expressjs app object there
2025-06-10 11:02:43 +02:00
a93c85ebc9
profile: drop gravatar support
...
gravatar is owned by an external entity (Automattic) and we have an
unnecessary dep to this service. users can just upload a profile pic
2025-06-08 18:12:40 +02:00
344782099f
add explicit unset for the image routes
...
the initial motivation was to fix up the profile avatar rule which
had a mix of json or multipart. this style does not work well with
express 5
2025-06-06 18:58:49 +02:00
dffa3b7986
do not mix multipart and json
2025-06-06 17:18:39 +02:00
0f7bc9be52
GET requests should not use json middleware
2025-06-06 17:18:39 +02:00
05fc8ed5db
Fix crash with express 5
...
express.json does not enforce json. this means it will pass it through
but let req.body be undefined. this causes all our asserts to crash
2025-06-06 16:30:43 +02:00
40631a753f
Fix express 5 crashes
2025-06-06 16:23:07 +02:00
Johannes Zellner