The password change endpoint now handles both scenarios:
- Direct auth: Uses Authorization header when it contains Pulse credentials
- Proxy auth: Uses currentPassword from JSON body when behind proxy Basic Auth
- Prevents proxy auth from interfering with Pulse's own authentication
- Maintains security by always requiring current password verification
- Fixed issue where QEMU guest agent errors incorrectly marked nodes as unhealthy
- Nodes with VMs missing guest agents no longer affect cluster health status
- Reduced health check retry interval from 30s to 5s for faster recovery
- Storage and backup polling now works correctly even when some VMs lack guest agents
- Form now properly closes after clicking 'Add Webhook'
- Prevents confusing UX where form stays open after saving
- User can click '+ Add Webhook' again if they want to add another
- Fixed undefined 'alert' variable in sendWebhookRequest function
- Dynamic ntfy headers are properly handled in sendWebhook where alert exists
- Cleared corrupted webhooks.enc file
- Webhook testing should now work without JSON parsing errors
- Fixed SendEnhancedWebhook to use service-specific payload generation
- Test webhooks now properly skip template-syntax headers
- ntfy and other plain text services correctly skip JSON validation
- Prevents 'invalid character' errors when testing webhooks
- All webhook payload generation now respects service type
- Replaced emoji indicators with plain text (CRITICAL, WARNING, INFO)
- Cleaned up ntfy, Gotify, and Telegram templates
- Removed decorative emojis from alert details
- Updated dynamic header generation to use plain text
- Maintains professional tone appropriate for monitoring software
- TestEnhancedWebhook now uses generatePayloadFromTemplateWithService to handle service-specific formatting
- ntfy webhooks correctly skip JSON validation since they use plain text
- Dynamic ntfy headers (Title, Priority, Tags) are properly set during testing
- Template-syntax headers with emojis no longer break webhook tests
- Fixes 'invalid character looking for beginning of value' error
- Users can now test webhook configurations before saving them
- Test button appears in the add/edit form when URL and name are provided
- Shows 'Testing...' feedback during test execution
- Helps users validate webhook settings immediately during setup
- Improves UX by catching configuration issues before saving
- Fixed webhook ID extraction in UpdateWebhook and DeleteWebhook handlers
- Previous code expected 5 URL parts but path only had 2 after prefix stripping
- Now correctly extracts webhook ID from /api/notifications/webhooks/{id}
- Resolves frontend error when saving webhook changes
- ntfy template headers contained Go template syntax that wasn't being processed
- Added special handling for ntfy webhooks to set Title, Priority, and Tags dynamically
- Headers are now set based on actual alert level and details
- Ignores template-syntax headers from webhook config to prevent errors
- Fixes issue where ntfy webhooks with preset headers would fail to send
- Automatically detects the machine's IP address for webhook 'View in Pulse' links
- Checks multiple methods: Proxmox container, outbound IP, Docker, network interfaces
- Falls back through detection methods to find the best IP
- Users no longer need to manually set PULSE_PUBLIC_URL in most cases
- Manual configuration still takes precedence if set
When a VM doesn't have QEMU guest agent configured, Proxmox returns a 500 error.
This was incorrectly marking the entire cluster node as unhealthy, preventing
all operations on that node. Now we treat these as VM-specific errors that
don't affect node health status.
- Storage queries can timeout on large clusters or slow storage backends
- Extended timeout specifically for GetStorage, GetStorageContent, and GetAllStorage
- Preserves existing context deadlines if they're shorter than 120s
- Should resolve 'context deadline exceeded' errors during storage polling
Critical fix: Local storage (local, local-zfs) should NEVER be deduplicated
as each node has its own physical storage with different capacities and usage.
Only shared storage (like PBS) should be deduplicated. Each node's local
storage now correctly appears as a separate entry.
PBS storage should respect Proxmox's shared configuration. When PBS
storage is configured without node restrictions in Proxmox, it appears
as shared storage accessible by all nodes. Updated mock data to match
real cluster behavior where PBS entries appear under 'cluster' group.
PBS storage entries pointing to the same server (same capacity) are now
truly deduplicated. Instead of showing 3 entries for pbs-pve1, pbs-pve2,
and pbs-pve3, it now shows a single 'PBS Storage' entry with all namespaces
listed. This provides actual deduplication for identical storage resources.
The storage view now deduplicates identical storage entries (like PBS
storage that appears on multiple nodes). Instead of showing pbs-pve1
three times, it shows it once with all nodes listed (pve1, pve2, pve3).
This provides a cleaner view of actual storage resources.
Mock data now accurately replicates production PBS storage where:
- Each node sees ALL PBS storage entries (pbs-pve1, pbs-pve2, pbs-pve3)
- Storage sizes and usage match production (~950GB, 14% used)
- Each PBS entry has a node-specific namespace but appears on all nodes
- PBS storage is correctly marked as not shared
Mock data now properly simulates PBS storage behavior where each node
reports all PBS namespaces (pbs-pve1, pbs-pve2, pbs-pve3). This accurately
replicates real cluster behavior where each node has access to all PBS
namespaces but they're node-specific and not shared.
PBS storage was being marked as shared when it shouldn't be. Each PBS
namespace is node-specific even when connecting to the same PBS server.
Now PBS storage correctly shows under its respective node instead of
all being assigned to the last node.
Mock cluster nodes now correctly show degraded state (yellow) when
some nodes are offline. This properly demonstrates the degraded cluster
functionality for issue #379.
Mock cluster endpoints were showing grey dots because the Online field
wasn't being set based on the node status. Now properly reflects the
node's online/offline status with green/grey indicators.
When some cluster nodes are offline but the main node can still reach others,
show a yellow status dot instead of red to indicate partial connectivity.
This better represents the actual cluster health state.
Added built-in Pushover template alongside Discord, Telegram, Gotify, and ntfy. Users can now select Pushover from the service dropdown instead of manually configuring it as a generic webhook.
PMG host configuration backups (VMID=0) are now correctly shown as "Host" type
in the backup list instead of being incorrectly labeled as "LXC" containers.
Also added mock data for testing VMID 0 host backups.
The acknowledge/unacknowledge/clear endpoints were returning 404 due to incorrect path trimming in HandleAlerts. The router was registered with /api/alerts/ but the handler was trimming /api/alerts, causing path parsing to be off by one character.
- Added migration to automatically enable MonitorBackups for PBS instances
- This fixes the issue where PBS backups weren't showing for some users
- The migration runs on startup and persists the changes
- All new PBS instances already have MonitorBackups enabled by default
- Added to CONFIGURATION.md environment variables section
- Added to WEBHOOKS.md for Gotify and ntfy services
- Added to DOCKER.md environment variables reference and compose example
- Explains how to configure the full Pulse URL for webhook notification links
- Added PULSE_PUBLIC_URL config option to specify the full URL to access Pulse
- Updated notification manager to use publicURL when constructing webhook payloads
- Modified prepareWebhookData to construct full URLs instead of just paths
- Fixed test webhooks to use configured publicURL instead of hardcoded values
- Gotify and ntfy notifications now include clickable links that work properly
- Windows System Reserved partitions now excluded from disk usage
- Added better handling for filesystems with zero total bytes
- Improved debug logging for skipped filesystems
- Prevents incorrect disk usage display for Windows VMs
- Added storage permission errors (403) to exception list
- Permission denied errors no longer mark nodes as unhealthy
- Storage polling can now continue even with permission issues
- Prevents cascading failures when storage permissions are missing
- Nodes remain healthy for VM/container operations even if storage fails
- Removed all complex recovery mechanisms from documentation
- Clear stance: forgotten password = start fresh (takes 2 minutes)
- No recovery mechanisms = no security vulnerabilities
- Pulse's simplicity is a feature, not a bug
- Updated both TROUBLESHOOTING.md and SECURITY.md
- Addresses GitHub discussion #413 with security-first approach
- Changed cluster client initialization to be optimistic (assume healthy)
- Nodes now start as healthy and are marked unhealthy only on actual failures
- This prevents the issue where all nodes were marked unhealthy during init
- Storage operations can now proceed even if initial health checks fail
- Allows recovery from temporary network or auth issues during startup
- Added Custom Headers section explaining the new UI feature
- Updated ntfy instructions with security note about topic names
- Added common header examples table for authentication
- Clarified how to add Bearer tokens and API keys
- Added custom headers section to webhook configuration UI
- Users can now add, edit, and remove custom headers for authentication
- Updated ntfy instructions to be clearer about adding Authorization headers
- Supports Bearer tokens, API keys, and other custom headers
