Remove bloated multi-step wizard pattern and localStorage token storage in favor of a clean inline flow:
- Remove token generation modal and multi-step confirmation UI
- Remove localStorage persistence (useScopedTokenManager hook)
- Remove showTokenReveal popup - token goes directly into command
- Remove summary stat cards and redundant info cards
- Add simple inline input for optional token naming
- Token generation now instantly inserts into install command
The new flow: enter optional name → generate → copy command. No modals, no stored tokens, no extra steps.
- Hide Docker host sidebar when only 1 host is configured to save horizontal space
- Add keyboard auto-focus for search fields - typing anywhere on the page automatically focuses search
- Add ESC key support to clear search and unfocus input
- Fix vertical alignment of "+" icon in Docker Add Host button
The external guest link icon was fading in/out on every WebSocket update,
creating a distracting visual effect. Now the fade-in animation only plays
when the URL first becomes available (initial load or when saving a new URL),
rather than re-triggering on every state update.
- Add fadeIn keyframe animation to Tailwind config
- Track animation state with shouldAnimateIcon signal
- Only animate on transition from no URL to having a URL
- Clear animation flag after 200ms to prevent re-triggering
Replace the misleading "Step 1/Step 2" wizard pattern with a cleaner
dashboard-style layout. This better reflects the actual user flow of
selecting and configuring integrations.
Changes:
- Remove AgentStepSection wrapper and numbered badges
- Replace with standard SectionHeader for consistent typography
- Wrap PVE/PBS/PMG tables in Card components for better visual hierarchy
- Group action buttons (Discovery, Refresh, Add Node) in card headers
- Enhance empty states with icons and better messaging
- Fix spacing between integration selector and configuration sections
- Remove unused AgentStepSection import
All agent types (PVE, PBS, PMG, Docker, Host) now have consistent
presentation and improved visual clarity.
Changed MetricBar type prop from conditional (value > 80 ? 'danger' : 'primary')
to semantic types ('cpu', 'memory', 'disk') for better maintainability and
consistency with the component's design system.
This allows MetricBar to handle threshold logic internally based on metric
type, rather than duplicating threshold conditions at each call site.
The checksum URL was incorrectly constructed by appending .sha256
to the entire download URL including query parameters, resulting in:
/download/pulse-host-agent?platform=linux&arch=amd64.sha256
This caused .sha256 to be part of the arch parameter, which prevented
the checksum endpoint from being reached correctly.
Fixed to construct checksum URL with .sha256 as part of the path:
/download/pulse-host-agent.sha256?platform=linux&arch=amd64
Tested on Proxmox VE host (delly):
- Installation: ✓ Binary downloaded and installed successfully
- Service: ✓ systemd service created, enabled, and started
- Validation: ✓ Service running and attempting to report
- Logs: ✓ JSON logs writing to /var/log/pulse/host-agent.log
- Uninstallation: ✓ Complete cleanup (binary, service, logs)
- Colors: ✓ ANSI colored output working properly
Note: Checksum validation gracefully handled when endpoint
unavailable (server doesn't provide checksums yet)
API Enhancements:
- Add SHA256 checksum endpoint for binary downloads
- Computes checksum on-the-fly when .sha256 suffix is requested
- Example: /download/pulse-host-agent?platform=linux&arch=amd64.sha256
- Enables installer scripts to verify binary integrity
- Add /uninstall-host-agent.sh endpoint for Linux/macOS uninstall script
- Add endpoint to public paths (no auth required)
Checksum Implementation:
- New serveChecksum() function computes SHA256 hash using crypto/sha256
- Returns plain text checksum in hex format
- Supports all binary download endpoints
- Zero performance impact (only computed when requested)
Install Script Updates:
- Add --force/-f flag to skip all interactive prompts
- URL/token prompts skipped with --force
- Reinstall confirmation skipped with --force
- Checksum mismatch still aborts (security first)
- Force mode auto-accepts updates and reinstalls
- Usage: ./install-host-agent.sh --url $URL --token $TOKEN --force
Security Notes:
- Checksum verification protects against:
- Corrupted downloads due to network issues
- Man-in-the-middle binary tampering
- Storage corruption on server
- Force mode maintains security by aborting on checksum mismatch
- No bypass for security-critical validations
These improvements enable:
- Automated deployments (--force flag)
- Binary integrity verification (checksums)
- Better security posture (tamper detection)
- Standardized uninstall process (endpoint)
The /api/version endpoint already exists and returns version info
for update checks (no changes needed).
Major improvements to the host agent installation experience:
Installation Enhancements:
- Add interactive mode with prompts for URL/token if not provided
- Add colored output with ANSI codes (✓ ℹ ⚠ ✗) matching Windows style
- Add professional header/footer with bordered sections
- Display masked configuration before installation
- Add version detection and update notifications
- Add reinstall confirmation for existing installations
Security Improvements:
- Store tokens in macOS Keychain instead of plaintext plist
- Create wrapper script to read token from Keychain at runtime
- Add SHA256 checksum verification for downloaded binaries
- Set restrictive permissions (chmod 600) on service configs
- Graceful fallback if Keychain access denied
Validation & Verification:
- Wait 10 seconds and verify service is running
- Query /api/hosts endpoint to confirm agent registered
- Verify hostname appears in Pulse server
- Provide detailed troubleshooting if validation fails
Error Handling:
- Comprehensive error messages with actionable guidance
- Platform-specific install instructions for missing dependencies
- 4-step troubleshooting guide for download failures
- Build-from-source fallback instructions
- Service failure diagnostics with log viewing commands
Logging Improvements:
- Use persistent log directories (no more /tmp)
- macOS: ~/Library/Logs/Pulse/host-agent.log
- Linux: /var/log/pulse/host-agent.log
- Automatically create log directories
Post-Install:
- Display service management commands (start/stop/restart/logs)
- Show installed file locations
- Provide uninstall instructions
- Link to Pulse dashboard
Uninstall Script:
- New dedicated uninstall script with colored output
- Comprehensive cleanup (service, binary, logs, Keychain)
- Platform detection and appropriate cleanup steps
- Remove macOS Keychain entries and wrapper scripts
- Remove temporary logs from old /tmp location
- Retry logic for file locking issues
Progress Indicators:
- Better download progress with curl --progress-bar
- Clear status messages for each installation step
- Visual feedback throughout installation
These changes bring the macOS/Linux installation experience to parity
with Windows and add several features that exceed Windows quality:
- API endpoint verification (Windows doesn't have)
- Checksum verification (Windows doesn't have)
- macOS Keychain integration (more secure than Windows config)
- Update detection (Windows doesn't have)
Windows Host Agent Enhancements:
- Implement native Windows service support using golang.org/x/sys/windows/svc
- Add Windows Event Log integration for troubleshooting
- Create professional PowerShell installation/uninstallation scripts
- Add process termination and retry logic to handle Windows file locking
- Register uninstall endpoint at /uninstall-host-agent.ps1
Host Agent UI Improvements:
- Add expandable drawer to Hosts page (click row to view details)
- Display system info, network interfaces, disks, and temperatures in cards
- Replace status badges with subtle colored indicators
- Remove redundant master-detail sidebar layout
- Add search filtering for hosts
Technical Details:
- service_windows.go: Windows service lifecycle management with graceful shutdown
- service_stub.go: Cross-platform compatibility for non-Windows builds
- install-host-agent.ps1: Full Windows installation with validation
- uninstall-host-agent.ps1: Clean removal with process termination and retries
- HostsOverview.tsx: Expandable row pattern matching Docker/Proxmox pages
Files Added:
- cmd/pulse-host-agent/service_windows.go
- cmd/pulse-host-agent/service_stub.go
- scripts/install-host-agent.ps1
- scripts/uninstall-host-agent.ps1
- frontend-modern/src/components/Hosts/HostsOverview.tsx
- frontend-modern/src/components/Hosts/HostsFilter.tsx
The Windows service now starts reliably with automatic restart on failure,
and the uninstall script handles file locking gracefully without requiring reboots.
- Add double-checks in global click handlers to prevent race conditions
- Add isCurrentlyMounted flag to prevent cleanup during re-renders
- Remove onBlur handler that was causing premature editor closure
- Simplify conditional logic in click handlers
These changes improve the robustness of the inline editor when
websocket updates occur during editing sessions.
The AnimatedMetric wrapper was causing distracting slide-up/slide-down
animations on every websocket update. While visually interesting, the
high-frequency updates made the dashboard feel too busy. Replaced with
direct value display while maintaining color-coded speed indicators.
Critical fixes to prevent the inline URL editor from closing during API updates:
1. Implement stable guest store with reconcile:
- Use createStore with reconcile() to maintain stable object references
- Key function ensures each guest keeps same proxy instance across updates
- Prevents <For> loop from remounting rows during websocket updates
2. Allow switching between guest editors:
- Mark guest name spans with data-guest-name-editable attribute
- Click handler allows clicking another guest name to switch editors
- Prevents click consumption when opening a different guest's editor
This ensures the inline editor stays open and preserves user input even when
websocket updates arrive, while still allowing seamless switching between
editing different guests.
Redesigned guest URL management from a bulky settings table to streamlined
inline editing directly on the dashboard:
Features:
- Single-click guest name to edit custom URL
- Text cursor indicates editability
- Inline editor with save (✓) and delete (✕) buttons
- Auto-focus and text selection on edit start
- Tag badges hidden during editing to maximize input space
- Click-away closes editor without activating underlying elements
Technical improvements:
- Global editing state prevents multiple simultaneous edits
- Smart click capture intercepts mousedown/click events when editor is open
- Prevents accidental row expansion or other actions during editing
- Delete button (✕) removes URL and icon entirely
- Escape key closes without saving
- Enter key saves and closes
Restructure the API token management interface with a focus on
information density and modern design patterns:
- Replace large card layouts with compact table view for token list
- Add visual statistics cards for total, scoped, and wildcard tokens
- Implement toggle button controls instead of checkboxes for scope selection
- Streamline token creation form with collapsible custom scopes
- Improve visual hierarchy with SectionHeader and ApiIcon components
- Add gradient backgrounds and refined spacing throughout
- Maintain accessibility while reducing overall page footprint
The new design presents all critical information at a glance while
preserving functionality and reducing visual clutter.
Adds polished gradient banner headers to all configuration pages:
- System > General, Network, Updates, Backups
- Security > Authentication (updated from gray to blue/indigo gradient)
- API Access
Resource management pages (PVE, PBS, Docker, etc.) intentionally left
without banners to keep focus on node tables and operational content.
The toggle-mock-pure.sh script was unused and redundant:
- Not referenced in any documentation or code
- Its PULSE_DISABLE_REAL_NODES variable is not used anywhere
- toggle-mock.sh already provides all necessary mock mode functionality
Consolidating to a single mock toggle script reduces confusion.
Introduces granular permission scopes for API tokens (docker:report, docker:manage, host-agent:report, monitoring:read/write, settings:read/write) allowing tokens to be restricted to minimum required access. Legacy tokens default to full access until scopes are explicitly configured.
Adds standalone host agent for monitoring Linux, macOS, and Windows servers outside Proxmox/Docker estates. New Servers workspace in UI displays uptime, OS metadata, and capacity metrics from enrolled agents.
Includes comprehensive token management UI overhaul with scope presets, inline editing, and visual scope indicators.
