Replaced sudo-based updater with a cleaner directory-based approach:
- Pulse binary now installs to /opt/pulse/bin/pulse (owned by pulse user)
- Symlink created at /usr/local/bin/pulse for PATH convenience
- Pulse user has full write access to /opt/pulse, enabling self-updates
- Removed sudo dependency and security risks
- Simplified update logic - no special scripts or permissions needed
This is more secure, simpler, and works in all environments (containers, VMs, bare metal)
- Created pulse-updater script that runs with sudo to update root-owned binary
- Modified install.sh to set up sudoers permissions for pulse user
- Updated build-release.sh to include scripts directory in releases
- Install script now installs sudo (if missing) and configures NOPASSWD access
This fixes the 'Failed to apply update' error when Pulse runs as non-root user
and needs to update the binary at /usr/local/bin/pulse
Changed the default authentication method from username/password to API token when clicking on auto-discovered servers. API tokens are more secure and the recommended approach for most users.
Token names now include both Pulse server IP and Unix timestamp (e.g. pulse-192-168-0-176-1754816525) ensuring each script run creates a unique token. This completely eliminates 'token already exists' errors when running setup scripts multiple times.
When running the setup script multiple times from different Pulse servers, tokens now include the Pulse server's IP address in the name (e.g. pulse-192-168-0-176) to avoid conflicts. This prevents 'token already exists' errors when managing multiple Pulse instances.
- Frontend-modern directory is now copied to /usr/local/bin during installation
- Fixes ERR_TOO_MANY_REDIRECTS issue (#268)
- Ensures UI is accessible after binary installation
- Fixed Docker entrypoint to properly handle running as root (PUID=0)
- Improved alert history loading to handle permission errors gracefully
- Container now correctly runs as root when PUID=0 is set
- Alert history continues loading even if backup file has permission issues
Addresses #266 and #262
- PBS instances now show as online when datastores are accessible even if version endpoint fails
- Email sending now uses proper STARTTLS support for compatibility with providers like SMTP2GO
- Email recipient input no longer filters entries while typing
- Auto-update setting now properly persists and loads from config
- Fixed CPU usage alerts for offline VMs (already addressed in previous commits)
- Use actual verified field from backend for PBS backups through PVE storage
- Was incorrectly hardcoded to null causing verified checkmarks not to show
- Added format field checking for pbs-ct and pbs-vm
- Changed unknown type fallback from VM to LXC (more common)
- Fixes issue where all backups showed as VM type
- Added service field to WebhookConfig to identify Discord webhooks
- Use Discord-specific template when sending Discord webhooks
- Fixed backup type detection for PBS backups (vm/ct)
- Fixed shared storage duplicate IDs across instances
- Fixed alert acknowledge/clear response format to match frontend expectations
- Fix CPU core display to show for all guests with CPU data
- Previously only showed cores when CPU > 0 (truthy)
- Now shows "(0.0/X cores)" consistently for all running/stopped guests
- Improve code organization with new helper utilities
- Clean up import statements and remove debug logs
- System.json settings now take priority over environment variables
- Fixed issue where POLLING_INTERVAL env var would override saved settings
- Polling interval changes in UI now persist correctly after restart
- Remove token logging - tokens were being logged in plaintext
- Add client IP logging for security auditing
- Add HTTPS warning when tokens sent over HTTP
- Remove debug output that exposed tokens in console
- Add optional auth requirement via REQUIRE_AUTH_FOR_AUTO_REGISTER env var
- Prevent token exposure in error messages
- Already has duplicate node prevention
Security improvements:
- Tokens no longer logged anywhere
- Source IPs tracked for audit trail
- Optional authentication for high-security environments
- HTTPS enforcement warnings
- Remove sessionStorage for API tokens - it clears on tab close
- localStorage is correct for persistent auth tokens
- sessionStorage would log users out every time they close the tab
- Keep other security improvements from previous commit
- Fix unsafe JSON parsing in WebSocket with proper error handling
- Fix unsafe JSON parsing in Settings import with validation
- Improve API token security by using sessionStorage as primary storage
- Remove debug console statements from production code
- Fix race conditions in WebSocket alert handling with atomic updates
- Add NaN validation for parseFloat operations in search queries
- Add safer error handling alternatives in generics utility
- Improve graceful shutdown in Settings API with proper timing
- All changes verified with successful frontend and backend builds
- Fix XSS vulnerabilities in Tooltip component by replacing innerHTML with textContent and adding content sanitization
- Fix XSS vulnerability in UnifiedBackups by replacing innerHTML with safe DOM manipulation
- Add proper null checks for props.guest.cpu in GuestRow to prevent NaN errors
- Replace unsafe non-null assertions with proper conditional rendering
- Fix memory leak in Settings component by improving interval cleanup
- Fix WebSocket reconnection race condition by adding proper timeout cleanup
- Create standardized error handler utility for consistent error handling
- Enable VM state support in monitoring (resolves TODO)
- Improve type safety throughout the codebase
- All changes verified with successful frontend and backend builds
- Updated README to show env vars instead of .env editing
- Updated FAQ with correct port change instructions
- Updated .env.example header to clarify it's for deployment overrides
- Made it clear UI is primary configuration method
- Environment variables are for deployment-time overrides only
- Remove .env syncing - UI no longer writes to .env file
- system.json is the single source for UI-managed settings
- .env files are read-only for deployment overrides
- Environment variables still override everything (Docker/systemd)
- Cleaner separation: env vars for deployment, JSON for runtime
- Updated documentation to clarify configuration hierarchy
- Simpler code with less failure points
- UI settings now automatically update .env file when changed
- .env file and system.json stay in sync
- Settings hierarchy preserved: env vars > .env > UI
- .env file is auto-generated/updated when UI saves settings
- Improved user experience - changes in UI reflect in .env and vice versa
- Fix release channel not saving when changed in UI
- Add system settings persistence for update-related config
- Expand .env file support to include all non-sensitive settings:
- UPDATE_CHANNEL, AUTO_UPDATE_ENABLED, AUTO_UPDATE_CHECK_INTERVAL, AUTO_UPDATE_TIME
- POLLING_INTERVAL, CONNECTION_TIMEOUT, ALLOWED_ORIGINS, LOG_LEVEL
- Update documentation with all available .env settings
- Settings now properly persist across restarts
- Environment variables override saved settings at startup
- Fix bug where RC channel always returned first release without proper comparison
- Ensure RC channel returns the latest release (newest by creation date)
- Stable channel correctly returns first non-prerelease
- Add manual update instructions for users stuck on rc.1
- Update Go from 1.19 to 1.23.4 for latest security patches
- Update golang.org/x/crypto from v0.23.0 to v0.41.0 (critical security fixes)
- Update golang.org/x/net from v0.21.0 to v0.43.0 (security updates)
- Update golang.org/x/sys from v0.20.0 to v0.35.0
- Update golang.org/x/term from v0.20.0 to v0.34.0
- Update golang.org/x/text from v0.15.0 to v0.28.0
- Update other dependencies to latest versions
This addresses the critical and high severity vulnerabilities reported by GitHub Dependabot
- Fix Export/Import API token authentication (wasn't sending X-API-Token header)
- Add client-side passphrase validation (12+ chars with visual feedback)
- Fix settings persistence for AllowedOrigins field
- Fix hardcoded port display in diagnostics (now shows actual port)
- Add .env file support for non-sensitive configuration (ports, logging, etc)
- Keep sensitive data (API tokens, passwords) using secure methods (systemd env vars)
- Update documentation with configuration guide and latest features
- Document auto-discovery, cluster detection, and export/import features
- Badges should be for statuses/counts, not descriptive properties
- Cluster information is already shown in dedicated section below
- Keeps only functional badges (VMs, Containers, Storage, Backups)
- Cleaner, less cluttered interface
- Both badges now use gray color scheme (bg-gray-200/700, text-gray-600/400)
- Removes the blue coloring from cluster badge that made it inconsistent
- Better visual hierarchy - badges are informational, not action items
