jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
19,579 Commits 33 Branches 583 Tags
7dd40eccf3a6895a449ffc6c20506b75f1a4e62a
Commit Graph

62 Commits

Author SHA1 Message Date
Girish Ramakrishnan
b71e503a01 more ESM cleanups 2026-02-14 16:52:16 +01:00
Girish Ramakrishnan
36aa641cb9 migrate to "export default" 
also, set no-use-before-define in linter
 2026-02-14 15:43:24 +01:00
Girish Ramakrishnan
96dc79cfe6 Migrate codebase from CommonJS to ES Modules 
- Convert all require()/module.exports to import/export across 260+ files
- Add "type": "module" to package.json to enable ESM by default
- Add migrations/package.json with "type": "commonjs" to keep db-migrate compatible
- Convert eslint.config.js to ESM with sourceType: "module"
- Replace __dirname/__filename with import.meta.dirname/import.meta.filename
- Replace require.main === module with process.argv[1] === import.meta.filename
- Remove 'use strict' directives (implicit in ESM)
- Convert dynamic require() in switch statements to static import lookup maps
  (dns.js, domains.js, backupformats.js, backupsites.js, network.js)
- Extract self-referencing exports.CONSTANT patterns into standalone const
  declarations (apps.js, services.js, locks.js, users.js, mail.js, etc.)
- Lazify SERVICES object in services.js to avoid circular dependency TDZ issues
- Add clearMailQueue() to mailer.js for ESM-safe queue clearing in tests
- Add _setMockApp() to ldapserver.js for ESM-safe test mocking
- Add _setMockResolve() wrapper to dig.js for ESM-safe DNS mocking in tests
- Convert backupupload.js to use dynamic imports so --check exits before
  loading the module graph (which requires BOX_ENV)
- Update check-install to use ESM import for infra_version.js
- Convert scripts/ (hotfix, release, remote_hotfix.js, find-unused-translations)
- All 1315 tests passing

Migration stats (AI-assisted using Cursor with Claude):
- Wall clock time: ~3-4 hours
- Assistant completions: ~80-100
- Estimated token usage: ~1-2M tokens

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-14 15:11:45 +01:00
Girish Ramakrishnan
12e073e8cf use node: prefix for requires 
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
 2025-08-14 12:55:35 +05:30
Johannes Zellner
a0d96d5a74 Do not swallow original error stack trace in box.js 2025-06-30 17:34:55 +02:00
Girish Ramakrishnan
bbe1350f7d better logs on actual quit 2025-06-17 22:28:11 +02:00
Girish Ramakrishnan
1ca8eeeb50 split oidc into server and clients 2025-06-11 22:26:23 +02:00
Girish Ramakrishnan
40631a753f Fix express 5 crashes 2025-06-06 16:23:07 +02:00
Girish Ramakrishnan
4a207395ca middleground in timeout 
DO BLR droplets still fail with 1s timeout!
 2024-10-31 10:22:55 +01:00
Girish Ramakrishnan
2df983a1cf lower timeout 2024-10-31 09:50:20 +01:00
Girish Ramakrishnan
aefa481c43 network: fix premature connection closures with node 20 and above 
the happy eyeballs implementation in node is buggy. ipv4 and ipv6 connections
are made in parallel and whichever responds first is chosen. when there is no
ipv6 (immediately errors with ENETUNREACH/EHOSTUNREACH) and when ipv4 is > 250ms,
the code erroneously times out.

see also https://github.com/nodejs/node/issues/54359

reproduction for those servers:

const options = {
  hostname: 'www.cloudron.io', port: 80, path: '/', method: 'HEAD',
  // family: 4, // uncomment to make it work
};

const req = require('http').request(options, (res) => {
  console.log('statusCode:', res.statusCode);
  res.on('data', () => {}); // drain
});

req.on('socket', (socket) => console.log('Socket assigned to request', socket););
req.on('error', (e) => console.error(e));
req.end();
 2024-10-31 09:38:40 +01:00
Girish Ramakrishnan
1abbe43785 log exception with timestamp prefixed 2024-10-14 16:21:25 +02:00
Girish Ramakrishnan
7bb68ea6b5 rename ldap.js to ldapserver.js 
this makes it clearer it is server module and not some generic ldap thing
 2024-01-06 13:31:32 +01:00
Girish Ramakrishnan
ceb908bee7 Use constants.TEST 2023-10-01 13:52:19 +05:30
Girish Ramakrishnan
f2e56cbdd8 Fix crash on startup 2023-08-03 06:39:35 +05:30
Girish Ramakrishnan
f505b1a553 remove log line which ends up in log file 2023-05-07 20:53:04 +02:00
Johannes Zellner
119c987837 oidc is started on onActivated hook 2023-03-26 17:14:17 +02:00
Girish Ramakrishnan
1f8b907bf1 tests: stop the auto-started oidc server 2023-03-26 16:34:14 +02:00
Johannes Zellner
2315cf330f Carefully (re)start oidc server depending on dashboardFqdn 2023-03-21 14:59:28 +01:00
Johannes Zellner
e9fc355ac5 Move openid provider into its own express server 2023-03-21 14:39:58 +01:00
Girish Ramakrishnan
f27847950c reverseproxy: notify cert change only in cron job 
notifying this in ensureCertificate does not work if provider changed in the middle anyway.
might as well get them to be in sync in the cronjob.

this change also resulted in tls addon getting restarted non-stop if you change from wildcard
to non-wildcard since ensureCertificate notifies the change.
 2022-11-30 15:55:32 +01:00
Girish Ramakrishnan
89127e1df7 reverseproxy: rework cert logic 
9c8f78a059 already fixed many of the cert issues.

However, some issues were caught in the CI:

* The TLS addon has to be rebuilt and not just restarted. For this reason, we now
  move things to a directory instead of mounting files. This way the container is just restarted.

* Cleanups must be driven by the database and not the filesystem . Deleting files on disk or after a restore,
  the certs are left dangling forever in the db.

* Separate the db cert logic and disk cert logic. This way we can sync as many times as we want and whenever we want.
 2022-11-29 11:07:23 +01:00
Girish Ramakrishnan
f82f533f36 Add SIGHUP handler to reload certs 
we have to reload directory server certs out of process
 2022-11-16 08:24:42 +01:00
Girish Ramakrishnan
1c18c16e38 typo 2022-08-15 21:09:25 +02:00
Girish Ramakrishnan
edd284fe0b rename user directory to directory server 2022-08-15 20:45:51 +02:00
Girish Ramakrishnan
ba5c2f623c remove supererror, not really used 2022-02-21 17:34:51 -08:00
Girish Ramakrishnan
852eebac4d move cloudron network creation to platform code 
this gives us more control on re-creating the network with different
arguments/options when needed.
 2022-02-09 23:15:37 -08:00
Johannes Zellner
52385fcc9c Rename exposed ldap to user directory 2022-01-07 14:06:13 +01:00
Johannes Zellner
c51a4514f4 start/stop exposed LDAP depending on settings 2021-11-26 09:50:21 +01:00
Johannes Zellner
3a8aaf72ba Expose LDAP via iptables 2021-11-23 12:37:03 +01:00
Girish Ramakrishnan
fefd4abf33 Fix logger to log exceptions 
this is similar to the fix in taskworker
 2021-09-07 11:23:57 -07:00
Girish Ramakrishnan
7709e155e0 more async'ification 2021-09-07 11:21:06 -07:00
Girish Ramakrishnan
f927b9b5b2 make taskworker console.* log to file and not stdout 
this is similar to code in box.js
 2021-05-13 22:49:47 -07:00
Girish Ramakrishnan
625dc7c49b Add proxyAuth as an addon 2020-11-10 16:50:36 -08:00
Girish Ramakrishnan
71666a028b add support for protected sites 
https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/
https://gock.net/blog/2020/nginx-subrequest-authentication-server/
https://github.com/andygock/auth-server
 2020-11-10 01:06:39 -08:00
Johannes Zellner
2d2270a337 Ensure stderr and exceptions also go to logfile 
Bring back supererror for stacktraces when no Error object is throwing
 2020-08-21 10:40:32 +02:00
Girish Ramakrishnan
e04871f79f pass log file as argument to task worker 
initially, i thought i can hardcode the log file into taskworker.js
depending on the task type but for apptask, it's not easy to get the
appId from the taskId unless we introspect task arguments as well.
it's easier for now to pass it as an argument.
 2020-08-05 00:46:34 -07:00
Girish Ramakrishnan
182c162dc4 hardcode logging of box code to box.log 2020-08-04 13:30:18 -07:00
Girish Ramakrishnan
1b307632ab Use debug instead of console.* everywhere 
No need to patch up console.* anymore

also removes supererror
 2020-08-02 12:04:55 -07:00
Girish Ramakrishnan
02f195b25c typo 2019-07-26 15:02:03 -07:00
Girish Ramakrishnan
9b74bb73aa config.js is dead, long live config.js 
we use settings now
 2019-07-26 14:51:51 -07:00
Girish Ramakrishnan
ee9636b496 move use of TEST and CLOUDRON to constants 2019-07-26 10:13:20 -07:00
Girish Ramakrishnan
c32718b164 Make ldap and docker proxy port as constants 2019-07-25 16:08:54 -07:00
Girish Ramakrishnan
2d260eb0d5 Make sysadminPort a constant 2019-07-25 16:08:51 -07:00
Girish Ramakrishnan
d7dd069ae0 Use constants.version instead of config.version 2019-07-25 15:02:14 -07:00
Johannes Zellner
ac25477cd7 Ensure we prefix all output with a timestamp 
note that debug() already does this now on its own in the same format
it does not use console.log but process.stderr
 2018-11-16 13:02:37 +01:00
Johannes Zellner
9fe91cf9cb Log if we receive SIGINT or SIGTERM 2018-11-08 14:35:22 +01:00
Girish Ramakrishnan
a49969f2be Move apphealthmonitor into a cron job 
This makes sure that it only runs post activation

See also a9c1af50f7
 2018-10-22 20:08:49 -07:00
Johannes Zellner
441fdb81f8 Move docker proxy into its own file 2018-08-13 21:14:17 +02:00
Girish Ramakrishnan
b421866bf5 Remove simpleauth 
Simple Auth used to provide auth over HTTP. The original motivation
behind this was this was a simple way to add Cloudron Auth integration.
Back in the day, Cloudron Auth was a requirement for apps but this is
not the case anymore.

This is currently not used by any app and having this might encourage
people to make Cloudron specific un-upstreamable changes.
 2017-03-19 01:31:38 -07:00